2
* SSL/TLS transport layer over SOCK_STREAM sockets
4
* Copyright (C) 2012 EXCELIANCE, Emeric Brun <ebrun@exceliance.fr>
6
* This program is free software; you can redistribute it and/or
7
* modify it under the terms of the GNU General Public License
8
* as published by the Free Software Foundation; either version
9
* 2 of the License, or (at your option) any later version.
12
* We'd like to specially thank the Stud project authors for a very clean
13
* and well documented code which helped us understand how the OpenSSL API
14
* ought to be used in non-blocking mode. This is one difficult part which
15
* is not easy to get from the OpenSSL doc, and reading the Stud code made
16
* it much more obvious than the examples in the OpenSSL package. Keep up
17
* the good works, guys !
19
* Stud is an extremely efficient and scalable SSL/TLS proxy which combines
20
* particularly well with haproxy. For more info about this project, visit :
21
* https://github.com/bumptech/stud
35
#include <sys/socket.h>
37
#include <sys/types.h>
39
#include <netinet/tcp.h>
41
#include <openssl/ssl.h>
42
#include <openssl/x509.h>
43
#include <openssl/x509v3.h>
44
#include <openssl/x509.h>
45
#include <openssl/err.h>
46
#include <openssl/rand.h>
47
#ifdef SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
48
#include <openssl/ocsp.h>
51
#include <common/buffer.h>
52
#include <common/compat.h>
53
#include <common/config.h>
54
#include <common/debug.h>
55
#include <common/errors.h>
56
#include <common/standard.h>
57
#include <common/ticks.h>
58
#include <common/time.h>
59
#include <common/cfgparse.h>
63
#include <types/global.h>
64
#include <types/ssl_sock.h>
66
#include <proto/acl.h>
67
#include <proto/arg.h>
68
#include <proto/connection.h>
70
#include <proto/freq_ctr.h>
71
#include <proto/frontend.h>
72
#include <proto/listener.h>
73
#include <proto/pattern.h>
74
#include <proto/server.h>
75
#include <proto/log.h>
76
#include <proto/proxy.h>
77
#include <proto/shctx.h>
78
#include <proto/ssl_sock.h>
79
#include <proto/task.h>
81
/* Warning, these are bits, not integers! */
82
#define SSL_SOCK_ST_FL_VERIFY_DONE 0x00000001
83
#define SSL_SOCK_ST_FL_16K_WBFSIZE 0x00000002
84
#define SSL_SOCK_SEND_UNLIMITED 0x00000004
85
#define SSL_SOCK_RECV_HEARTBEAT 0x00000008
87
/* bits 0xFFFF0000 are reserved to store verify errors */
89
/* Verify errors macros */
90
#define SSL_SOCK_CA_ERROR_TO_ST(e) (((e > 63) ? 63 : e) << (16))
91
#define SSL_SOCK_CAEDEPTH_TO_ST(d) (((d > 15) ? 15 : d) << (6+16))
92
#define SSL_SOCK_CRTERROR_TO_ST(e) (((e > 63) ? 63 : e) << (4+6+16))
94
#define SSL_SOCK_ST_TO_CA_ERROR(s) ((s >> (16)) & 63)
95
#define SSL_SOCK_ST_TO_CAEDEPTH(s) ((s >> (6+16)) & 15)
96
#define SSL_SOCK_ST_TO_CRTERROR(s) ((s >> (4+6+16)) & 63)
98
/* server and bind verify method, it uses a global value as default */
100
SSL_SOCK_VERIFY_DEFAULT = 0,
101
SSL_SOCK_VERIFY_REQUIRED = 1,
102
SSL_SOCK_VERIFY_OPTIONAL = 2,
103
SSL_SOCK_VERIFY_NONE = 3,
107
int totalsslconns = 0;
109
#ifndef OPENSSL_NO_DH
110
static DH *local_dh_1024 = NULL;
111
static DH *local_dh_2048 = NULL;
112
static DH *local_dh_4096 = NULL;
113
static DH *local_dh_8192 = NULL;
114
#endif /* OPENSSL_NO_DH */
116
#ifdef SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
117
struct certificate_ocsp {
118
struct ebmb_node key;
119
unsigned char key_data[OCSP_MAX_CERTID_ASN1_LENGTH];
120
struct chunk response;
125
* This function returns the number of seconds elapsed
126
* since the Epoch, 1970-01-01 00:00:00 +0000 (UTC) and the
127
* date presented un ASN1_GENERALIZEDTIME.
129
* In parsing error case, it returns -1.
131
static long asn1_generalizedtime_to_epoch(ASN1_GENERALIZEDTIME *d)
135
const unsigned short month_offset[12] = {
136
0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334
140
if (!d || (d->type != V_ASN1_GENERALIZEDTIME)) return -1;
145
if (end - p < 4) return -1;
146
year = 1000 * (p[0] - '0') + 100 * (p[1] - '0') + 10 * (p[2] - '0') + p[3] - '0';
148
if (end - p < 2) return -1;
149
month = 10 * (p[0] - '0') + p[1] - '0';
150
if (month < 1 || month > 12) return -1;
151
/* Compute the number of seconds since 1 jan 1970 and the beginning of current month
152
We consider leap years and the current month (<marsh or not) */
153
epoch = ( ((year - 1970) * 365)
154
+ ((year - (month < 3)) / 4 - (year - (month < 3)) / 100 + (year - (month < 3)) / 400)
155
- ((1970 - 1) / 4 - (1970 - 1) / 100 + (1970 - 1) / 400)
156
+ month_offset[month-1]
159
if (end - p < 2) return -1;
160
/* Add the number of seconds of completed days of current month */
161
epoch += (10 * (p[0] - '0') + p[1] - '0' - 1) * 24 * 60 * 60;
163
if (end - p < 2) return -1;
164
/* Add the completed hours of the current day */
165
epoch += (10 * (p[0] - '0') + p[1] - '0') * 60 * 60;
167
if (end - p < 2) return -1;
168
/* Add the completed minutes of the current hour */
169
epoch += (10 * (p[0] - '0') + p[1] - '0') * 60;
171
if (p == end) return -1;
172
/* Test if there is available seconds */
173
if (p[0] < '0' || p[0] > '9')
175
if (end - p < 2) return -1;
176
/* Add the seconds of the current minute */
177
epoch += 10 * (p[0] - '0') + p[1] - '0';
179
if (p == end) return -1;
180
/* Ignore seconds float part if present */
183
if (++p == end) return -1;
184
} while (p[0] >= '0' && p[0] <= '9');
189
if (end - p != 1) return -1;
192
else if (p[0] == '+') {
193
if (end - p != 5) return -1;
194
/* Apply timezone offset */
195
return epoch - ((10 * (p[1] - '0') + p[2] - '0') * 60 + (10 * (p[3] - '0') + p[4] - '0')) * 60;
197
else if (p[0] == '-') {
198
if (end - p != 5) return -1;
199
/* Apply timezone offset */
200
return epoch + ((10 * (p[1] - '0') + p[2] - '0') * 60 + (10 * (p[3] - '0') + p[4] - '0')) * 60;
206
static struct eb_root cert_ocsp_tree = EB_ROOT_UNIQUE;
208
/* This function starts to check if the OCSP response (in DER format) contained
209
* in chunk 'ocsp_response' is valid (else exits on error).
210
* If 'cid' is not NULL, it will be compared to the OCSP certificate ID
211
* contained in the OCSP Response and exits on error if no match.
212
* If it's a valid OCSP Response:
213
* If 'ocsp' is not NULL, the chunk is copied in the OCSP response's container
215
* If 'ocsp' is NULL, the function looks up into the OCSP response's
216
* containers tree (using as index the ASN1 form of the OCSP Certificate ID extracted
217
* from the response) and exits on error if not found. Finally, If an OCSP response is
218
* already present in the container, it will be overwritten.
220
* Note: OCSP response containing more than one OCSP Single response is not
223
* Returns 0 on success, 1 in error case.
225
static int ssl_sock_load_ocsp_response(struct chunk *ocsp_response, struct certificate_ocsp *ocsp, OCSP_CERTID *cid, char **err)
228
OCSP_BASICRESP *bs = NULL;
230
unsigned char *p = (unsigned char *)ocsp_response->str;
232
ASN1_GENERALIZEDTIME *revtime, *thisupd, *nextupd = NULL;
236
resp = d2i_OCSP_RESPONSE(NULL, (const unsigned char **)&p, ocsp_response->len);
238
memprintf(err, "Unable to parse OCSP response");
242
rc = OCSP_response_status(resp);
243
if (rc != OCSP_RESPONSE_STATUS_SUCCESSFUL) {
244
memprintf(err, "OCSP response status not successful");
248
bs = OCSP_response_get1_basic(resp);
250
memprintf(err, "Failed to get basic response from OCSP Response");
254
count_sr = OCSP_resp_count(bs);
256
memprintf(err, "OCSP response ignored because contains multiple single responses (%d)", count_sr);
260
sr = OCSP_resp_get0(bs, 0);
262
memprintf(err, "Failed to get OCSP single response");
266
rc = OCSP_single_get0_status(sr, &reason, &revtime, &thisupd, &nextupd);
267
if (rc != V_OCSP_CERTSTATUS_GOOD) {
268
memprintf(err, "OCSP single response: certificate status not good");
273
memprintf(err, "OCSP single response: missing nextupdate");
277
rc = OCSP_check_validity(thisupd, nextupd, OCSP_MAX_RESPONSE_TIME_SKEW, -1);
279
memprintf(err, "OCSP single response: no longer valid.");
284
if (OCSP_id_cmp(sr->certId, cid)) {
285
memprintf(err, "OCSP single response: Certificate ID does not match certificate and issuer");
291
unsigned char key[OCSP_MAX_CERTID_ASN1_LENGTH];
294
rc = i2d_OCSP_CERTID(sr->certId, NULL);
296
memprintf(err, "OCSP single response: Unable to encode Certificate ID");
300
if (rc > OCSP_MAX_CERTID_ASN1_LENGTH) {
301
memprintf(err, "OCSP single response: Certificate ID too long");
306
memset(key, 0, OCSP_MAX_CERTID_ASN1_LENGTH);
307
i2d_OCSP_CERTID(sr->certId, &p);
308
ocsp = (struct certificate_ocsp *)ebmb_lookup(&cert_ocsp_tree, key, OCSP_MAX_CERTID_ASN1_LENGTH);
310
memprintf(err, "OCSP single response: Certificate ID does not match any certificate or issuer");
315
/* According to comments on "chunk_dup", the
316
previous chunk buffer will be freed */
317
if (!chunk_dup(&ocsp->response, ocsp_response)) {
318
memprintf(err, "OCSP response: Memory allocation error");
322
ocsp->expire = asn1_generalizedtime_to_epoch(nextupd) - OCSP_MAX_RESPONSE_TIME_SKEW;
327
OCSP_BASICRESP_free(bs);
330
OCSP_RESPONSE_free(resp);
335
* External function use to update the OCSP response in the OCSP response's
336
* containers tree. The chunk 'ocsp_response' must contain the OCSP response
337
* to update in DER format.
339
* Returns 0 on success, 1 in error case.
341
int ssl_sock_update_ocsp_response(struct chunk *ocsp_response, char **err)
343
return ssl_sock_load_ocsp_response(ocsp_response, NULL, NULL, err);
347
* This function load the OCSP Resonse in DER format contained in file at
348
* path 'ocsp_path' and call 'ssl_sock_load_ocsp_response'
350
* Returns 0 on success, 1 in error case.
352
static int ssl_sock_load_ocsp_response_from_file(const char *ocsp_path, struct certificate_ocsp *ocsp, OCSP_CERTID *cid, char **err)
358
fd = open(ocsp_path, O_RDONLY);
360
memprintf(err, "Error opening OCSP response file");
365
while (trash.len < trash.size) {
366
r = read(fd, trash.str + trash.len, trash.size - trash.len);
371
memprintf(err, "Error reading OCSP response from file");
383
ret = ssl_sock_load_ocsp_response(&trash, ocsp, cid, err);
392
* Callback used to set OCSP status extension content in server hello.
394
int ssl_sock_ocsp_stapling_cbk(SSL *ssl, void *arg)
396
struct certificate_ocsp *ocsp = (struct certificate_ocsp *)arg;
400
!ocsp->response.str ||
401
!ocsp->response.len ||
402
(ocsp->expire < now.tv_sec))
403
return SSL_TLSEXT_ERR_NOACK;
405
ssl_buf = OPENSSL_malloc(ocsp->response.len);
407
return SSL_TLSEXT_ERR_NOACK;
409
memcpy(ssl_buf, ocsp->response.str, ocsp->response.len);
410
SSL_set_tlsext_status_ocsp_resp(ssl, ssl_buf, ocsp->response.len);
412
return SSL_TLSEXT_ERR_OK;
416
* This function enables the handling of OCSP status extension on 'ctx' if a
417
* file name 'cert_path' suffixed using ".ocsp" is present.
418
* To enable OCSP status extension, the issuer's certificate is mandatory.
419
* It should be present in the certificate's extra chain builded from file
420
* 'cert_path'. If not found, the issuer certificate is loaded from a file
421
* named 'cert_path' suffixed using '.issuer'.
423
* In addition, ".ocsp" file content is loaded as a DER format of an OCSP
424
* response. If file is empty or content is not a valid OCSP response,
425
* OCSP status extension is enabled but OCSP response is ignored (a warning
428
* Returns 1 if no ".ocsp" file found, 0 if OCSP status extension is
429
* succesfully enabled, or -1 in other error case.
431
static int ssl_sock_load_ocsp(SSL_CTX *ctx, const char *cert_path)
435
X509 *x, *xi = NULL, *issuer = NULL;
436
STACK_OF(X509) *chain = NULL;
437
OCSP_CERTID *cid = NULL;
439
char ocsp_path[MAXPATHLEN+1];
442
struct certificate_ocsp *ocsp = NULL, *iocsp;
446
snprintf(ocsp_path, MAXPATHLEN+1, "%s.ocsp", cert_path);
448
if (stat(ocsp_path, &st))
455
x = SSL_get_certificate(ssl);
459
/* Try to lookup for issuer in certificate extra chain */
460
#ifdef SSL_CTRL_GET_EXTRA_CHAIN_CERTS
461
SSL_CTX_get_extra_chain_certs(ctx, &chain);
463
chain = ctx->extra_certs;
465
for (i = 0; i < sk_X509_num(chain); i++) {
466
issuer = sk_X509_value(chain, i);
467
if (X509_check_issued(issuer, x) == X509_V_OK)
473
/* If not found try to load issuer from a suffixed file */
475
char issuer_path[MAXPATHLEN+1];
477
in = BIO_new(BIO_s_file());
481
snprintf(issuer_path, MAXPATHLEN+1, "%s.issuer", cert_path);
482
if (BIO_read_filename(in, issuer_path) <= 0)
485
xi = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
489
if (X509_check_issued(xi, x) != X509_V_OK)
495
cid = OCSP_cert_to_id(0, x, issuer);
499
i = i2d_OCSP_CERTID(cid, NULL);
500
if (!i || (i > OCSP_MAX_CERTID_ASN1_LENGTH))
503
ocsp = calloc(1, sizeof(struct certificate_ocsp));
508
i2d_OCSP_CERTID(cid, &p);
510
iocsp = (struct certificate_ocsp *)ebmb_insert(&cert_ocsp_tree, &ocsp->key, OCSP_MAX_CERTID_ASN1_LENGTH);
514
SSL_CTX_set_tlsext_status_cb(ctx, ssl_sock_ocsp_stapling_cbk);
515
SSL_CTX_set_tlsext_status_arg(ctx, iocsp);
520
if (ssl_sock_load_ocsp_response_from_file(ocsp_path, iocsp, cid, &warn)) {
521
memprintf(&warn, "Loading '%s': %s. Content will be ignored", ocsp_path, warn ? warn : "failure");
522
Warning("%s.\n", warn);
536
OCSP_CERTID_free(cid);
550
void ssl_sock_infocbk(const SSL *ssl, int where, int ret)
552
struct connection *conn = (struct connection *)SSL_get_app_data(ssl);
553
(void)ret; /* shut gcc stupid warning */
556
if (where & SSL_CB_HANDSHAKE_START) {
557
/* Disable renegotiation (CVE-2009-3555) */
558
if (conn->flags & CO_FL_CONNECTED) {
559
conn->flags |= CO_FL_ERROR;
560
conn->err_code = CO_ER_SSL_RENEG;
564
if ((where & SSL_CB_ACCEPT_LOOP) == SSL_CB_ACCEPT_LOOP) {
565
if (!(conn->xprt_st & SSL_SOCK_ST_FL_16K_WBFSIZE)) {
566
/* Long certificate chains optimz
567
If write and read bios are differents, we
568
consider that the buffering was activated,
569
so we rise the output buffer size from 4k
571
write_bio = SSL_get_wbio(ssl);
572
if (write_bio != SSL_get_rbio(ssl)) {
573
BIO_set_write_buffer_size(write_bio, 16384);
574
conn->xprt_st |= SSL_SOCK_ST_FL_16K_WBFSIZE;
580
/* Callback is called for each certificate of the chain during a verify
581
ok is set to 1 if preverify detect no error on current certificate.
582
Returns 0 to break the handshake, 1 otherwise. */
583
int ssl_sock_bind_verifycbk(int ok, X509_STORE_CTX *x_store)
586
struct connection *conn;
589
ssl = X509_STORE_CTX_get_ex_data(x_store, SSL_get_ex_data_X509_STORE_CTX_idx());
590
conn = (struct connection *)SSL_get_app_data(ssl);
592
conn->xprt_st |= SSL_SOCK_ST_FL_VERIFY_DONE;
594
if (ok) /* no errors */
597
depth = X509_STORE_CTX_get_error_depth(x_store);
598
err = X509_STORE_CTX_get_error(x_store);
600
/* check if CA error needs to be ignored */
602
if (!SSL_SOCK_ST_TO_CA_ERROR(conn->xprt_st)) {
603
conn->xprt_st |= SSL_SOCK_CA_ERROR_TO_ST(err);
604
conn->xprt_st |= SSL_SOCK_CAEDEPTH_TO_ST(depth);
607
if (objt_listener(conn->target)->bind_conf->ca_ignerr & (1ULL << err)) {
612
conn->err_code = CO_ER_SSL_CA_FAIL;
616
if (!SSL_SOCK_ST_TO_CRTERROR(conn->xprt_st))
617
conn->xprt_st |= SSL_SOCK_CRTERROR_TO_ST(err);
619
/* check if certificate error needs to be ignored */
620
if (objt_listener(conn->target)->bind_conf->crt_ignerr & (1ULL << err)) {
625
conn->err_code = CO_ER_SSL_CRT_FAIL;
629
/* Callback is called for ssl protocol analyse */
630
void ssl_sock_msgcbk(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
632
#ifdef TLS1_RT_HEARTBEAT
633
/* test heartbeat received (write_p is set to 0
634
for a received record) */
635
if ((content_type == TLS1_RT_HEARTBEAT) && (write_p == 0)) {
636
struct connection *conn = (struct connection *)SSL_get_app_data(ssl);
637
const unsigned char *p = buf;
638
unsigned int payload;
640
conn->xprt_st |= SSL_SOCK_RECV_HEARTBEAT;
642
/* Check if this is a CVE-2014-0160 exploitation attempt. */
643
if (*p != TLS1_HB_REQUEST)
646
if (len < 1 + 2 + 16) /* 1 type + 2 size + 0 payload + 16 padding */
649
payload = (p[1] * 256) + p[2];
650
if (3 + payload + 16 <= len)
651
return; /* OK no problem */
653
/* We have a clear heartbleed attack (CVE-2014-0160), the
654
* advertised payload is larger than the advertised packet
655
* length, so we have garbage in the buffer between the
656
* payload and the end of the buffer (p+len). We can't know
657
* if the SSL stack is patched, and we don't know if we can
658
* safely wipe out the area between p+3+len and payload.
659
* So instead, we prevent the response from being sent by
660
* setting the max_send_fragment to 0 and we report an SSL
661
* error, which will kill this connection. It will be reported
662
* above as SSL_ERROR_SSL while an other handshake failure with
663
* a heartbeat message will be reported as SSL_ERROR_SYSCALL.
665
ssl->max_send_fragment = 0;
666
SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_SSL_HANDSHAKE_FAILURE);
672
#ifdef OPENSSL_NPN_NEGOTIATED
673
/* This callback is used so that the server advertises the list of
674
* negociable protocols for NPN.
676
static int ssl_sock_advertise_npn_protos(SSL *s, const unsigned char **data,
677
unsigned int *len, void *arg)
679
struct bind_conf *conf = arg;
681
*data = (const unsigned char *)conf->npn_str;
682
*len = conf->npn_len;
683
return SSL_TLSEXT_ERR_OK;
687
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
688
/* This callback is used so that the server advertises the list of
689
* negociable protocols for ALPN.
691
static int ssl_sock_advertise_alpn_protos(SSL *s, const unsigned char **out,
692
unsigned char *outlen,
693
const unsigned char *server,
694
unsigned int server_len, void *arg)
696
struct bind_conf *conf = arg;
698
if (SSL_select_next_proto((unsigned char**) out, outlen, (const unsigned char *)conf->alpn_str,
699
conf->alpn_len, server, server_len) != OPENSSL_NPN_NEGOTIATED) {
700
return SSL_TLSEXT_ERR_NOACK;
702
return SSL_TLSEXT_ERR_OK;
706
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
707
/* Sets the SSL ctx of <ssl> to match the advertised server name. Returns a
708
* warning when no match is found, which implies the default (first) cert
709
* will keep being used.
711
static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, struct bind_conf *s)
713
const char *servername;
714
const char *wildp = NULL;
715
struct ebmb_node *node, *n;
717
(void)al; /* shut gcc stupid warning */
719
servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
721
return (s->strict_sni ?
722
SSL_TLSEXT_ERR_ALERT_FATAL :
723
SSL_TLSEXT_ERR_NOACK);
726
for (i = 0; i < trash.size; i++) {
729
trash.str[i] = tolower(servername[i]);
730
if (!wildp && (trash.str[i] == '.'))
731
wildp = &trash.str[i];
735
/* lookup in full qualified names */
736
node = ebst_lookup(&s->sni_ctx, trash.str);
738
/* lookup a not neg filter */
739
for (n = node; n; n = ebmb_next_dup(n)) {
740
if (!container_of(n, struct sni_ctx, name)->neg) {
745
if (!node && wildp) {
746
/* lookup in wildcards names */
747
node = ebst_lookup(&s->sni_w_ctx, wildp);
749
if (!node || container_of(node, struct sni_ctx, name)->neg) {
750
return (s->strict_sni ?
751
SSL_TLSEXT_ERR_ALERT_FATAL :
752
SSL_TLSEXT_ERR_ALERT_WARNING);
756
SSL_set_SSL_CTX(ssl, container_of(node, struct sni_ctx, name)->ctx);
757
return SSL_TLSEXT_ERR_OK;
759
#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
761
#ifndef OPENSSL_NO_DH
763
static DH * ssl_get_dh_1024(void)
765
#if OPENSSL_VERSION_NUMBER < 0x0090801fL
766
static const unsigned char rfc_2409_prime_1024[] = {
767
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
768
0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
769
0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
770
0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
771
0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
772
0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
773
0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
774
0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
775
0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
776
0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE6,0x53,0x81,
777
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
782
#if OPENSSL_VERSION_NUMBER >= 0x0090801fL
783
dh->p = get_rfc2409_prime_1024(NULL);
785
dh->p = BN_bin2bn(rfc_2409_prime_1024, sizeof rfc_2409_prime_1024, NULL);
787
/* See RFC 2409, Section 6 "Oakley Groups"
788
for the reason why 2 is used as generator.
790
BN_dec2bn(&dh->g, "2");
791
if (!dh->p || !dh->g) {
799
static DH *ssl_get_dh_2048(void)
801
#if OPENSSL_VERSION_NUMBER < 0x0090801fL
802
static const unsigned char rfc_3526_prime_2048[] = {
803
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
804
0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
805
0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
806
0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
807
0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
808
0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
809
0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
810
0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
811
0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
812
0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
813
0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
814
0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
815
0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
816
0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
817
0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
818
0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
819
0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
820
0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
821
0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
822
0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
823
0x15,0x72,0x8E,0x5A,0x8A,0xAC,0xAA,0x68,0xFF,0xFF,0xFF,0xFF,
829
#if OPENSSL_VERSION_NUMBER >= 0x0090801fL
830
dh->p = get_rfc3526_prime_2048(NULL);
832
dh->p = BN_bin2bn(rfc_3526_prime_2048, sizeof rfc_3526_prime_2048, NULL);
834
/* See RFC 3526, Section 3 "2048-bit MODP Group"
835
for the reason why 2 is used as generator.
837
BN_dec2bn(&dh->g, "2");
838
if (!dh->p || !dh->g) {
846
static DH *ssl_get_dh_4096(void)
848
#if OPENSSL_VERSION_NUMBER < 0x0090801fL
849
static const unsigned char rfc_3526_prime_4096[] = {
850
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
851
0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
852
0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
853
0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
854
0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
855
0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
856
0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
857
0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
858
0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
859
0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
860
0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
861
0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
862
0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
863
0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
864
0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
865
0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
866
0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
867
0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
868
0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
869
0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
870
0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,
871
0x04,0x50,0x7A,0x33,0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,
872
0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,0x8A,0xEA,0x71,0x57,
873
0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
874
0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,
875
0x4A,0x25,0x61,0x9D,0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,
876
0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,0xD8,0x76,0x02,0x73,
877
0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
878
0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,
879
0xBA,0xD9,0x46,0xE2,0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,
880
0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,0x4B,0x82,0xD1,0x20,
881
0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
882
0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,
883
0x6A,0xF4,0xE2,0x3C,0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,
884
0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,0xDB,0xBB,0xC2,0xDB,
885
0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
886
0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,
887
0xA0,0x90,0xC3,0xA2,0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,
888
0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,0xB8,0x1B,0xDD,0x76,
889
0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
890
0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,
891
0x90,0xA6,0xC0,0x8F,0x4D,0xF4,0x35,0xC9,0x34,0x06,0x31,0x99,
892
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
897
#if OPENSSL_VERSION_NUMBER >= 0x0090801fL
898
dh->p = get_rfc3526_prime_4096(NULL);
900
dh->p = BN_bin2bn(rfc_3526_prime_4096, sizeof rfc_3526_prime_4096, NULL);
902
/* See RFC 3526, Section 5 "4096-bit MODP Group"
903
for the reason why 2 is used as generator.
905
BN_dec2bn(&dh->g, "2");
906
if (!dh->p || !dh->g) {
914
static DH *ssl_get_dh_8192(void)
916
#if OPENSSL_VERSION_NUMBER < 0x0090801fL
917
static const unsigned char rfc_3526_prime_8192[] = {
918
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
919
0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
920
0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
921
0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
922
0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
923
0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
924
0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
925
0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
926
0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
927
0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
928
0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
929
0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
930
0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
931
0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
932
0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
933
0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
934
0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
935
0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
936
0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
937
0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
938
0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,
939
0x04,0x50,0x7A,0x33,0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,
940
0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,0x8A,0xEA,0x71,0x57,
941
0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
942
0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,
943
0x4A,0x25,0x61,0x9D,0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,
944
0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,0xD8,0x76,0x02,0x73,
945
0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
946
0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,
947
0xBA,0xD9,0x46,0xE2,0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,
948
0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,0x4B,0x82,0xD1,0x20,
949
0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
950
0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,
951
0x6A,0xF4,0xE2,0x3C,0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,
952
0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,0xDB,0xBB,0xC2,0xDB,
953
0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
954
0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,
955
0xA0,0x90,0xC3,0xA2,0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,
956
0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,0xB8,0x1B,0xDD,0x76,
957
0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
958
0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,
959
0x90,0xA6,0xC0,0x8F,0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,
960
0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,0xC1,0xD4,0xDC,0xB2,
961
0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
962
0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,
963
0x41,0x30,0x01,0xAE,0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,
964
0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,0xDA,0x3E,0xDB,0xEB,
965
0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
966
0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,
967
0x2B,0xD7,0xAF,0x42,0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,
968
0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,0xF0,0x32,0xEA,0x15,
969
0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
970
0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,
971
0x90,0x0B,0x1C,0x9E,0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,
972
0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,0x0F,0x1D,0x45,0xB7,
973
0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
974
0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,
975
0x0F,0x80,0x37,0xE0,0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,
976
0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,0xF5,0x50,0xAA,0x3D,
977
0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
978
0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,
979
0x6E,0x3C,0x04,0x68,0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,
980
0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,0xE6,0x94,0xF9,0x1E,
981
0x6D,0xBE,0x11,0x59,0x74,0xA3,0x92,0x6F,0x12,0xFE,0xE5,0xE4,
982
0x38,0x77,0x7C,0xB6,0xA9,0x32,0xDF,0x8C,0xD8,0xBE,0xC4,0xD0,
983
0x73,0xB9,0x31,0xBA,0x3B,0xC8,0x32,0xB6,0x8D,0x9D,0xD3,0x00,
984
0x74,0x1F,0xA7,0xBF,0x8A,0xFC,0x47,0xED,0x25,0x76,0xF6,0x93,
985
0x6B,0xA4,0x24,0x66,0x3A,0xAB,0x63,0x9C,0x5A,0xE4,0xF5,0x68,
986
0x34,0x23,0xB4,0x74,0x2B,0xF1,0xC9,0x78,0x23,0x8F,0x16,0xCB,
987
0xE3,0x9D,0x65,0x2D,0xE3,0xFD,0xB8,0xBE,0xFC,0x84,0x8A,0xD9,
988
0x22,0x22,0x2E,0x04,0xA4,0x03,0x7C,0x07,0x13,0xEB,0x57,0xA8,
989
0x1A,0x23,0xF0,0xC7,0x34,0x73,0xFC,0x64,0x6C,0xEA,0x30,0x6B,
990
0x4B,0xCB,0xC8,0x86,0x2F,0x83,0x85,0xDD,0xFA,0x9D,0x4B,0x7F,
991
0xA2,0xC0,0x87,0xE8,0x79,0x68,0x33,0x03,0xED,0x5B,0xDD,0x3A,
992
0x06,0x2B,0x3C,0xF5,0xB3,0xA2,0x78,0xA6,0x6D,0x2A,0x13,0xF8,
993
0x3F,0x44,0xF8,0x2D,0xDF,0x31,0x0E,0xE0,0x74,0xAB,0x6A,0x36,
994
0x45,0x97,0xE8,0x99,0xA0,0x25,0x5D,0xC1,0x64,0xF3,0x1C,0xC5,
995
0x08,0x46,0x85,0x1D,0xF9,0xAB,0x48,0x19,0x5D,0xED,0x7E,0xA1,
996
0xB1,0xD5,0x10,0xBD,0x7E,0xE7,0x4D,0x73,0xFA,0xF3,0x6B,0xC3,
997
0x1E,0xCF,0xA2,0x68,0x35,0x90,0x46,0xF4,0xEB,0x87,0x9F,0x92,
998
0x40,0x09,0x43,0x8B,0x48,0x1C,0x6C,0xD7,0x88,0x9A,0x00,0x2E,
999
0xD5,0xEE,0x38,0x2B,0xC9,0x19,0x0D,0xA6,0xFC,0x02,0x6E,0x47,
1000
0x95,0x58,0xE4,0x47,0x56,0x77,0xE9,0xAA,0x9E,0x30,0x50,0xE2,
1001
0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71,
1002
0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,
1003
0xFF,0xFF,0xFF,0xFF,
1008
#if OPENSSL_VERSION_NUMBER >= 0x0090801fL
1009
dh->p = get_rfc3526_prime_8192(NULL);
1011
dh->p = BN_bin2bn(rfc_3526_prime_8192, sizeof rfc_3526_prime_8192, NULL);
1013
/* See RFC 3526, Section 7 "8192-bit MODP Group"
1014
for the reason why 2 is used as generator.
1016
BN_dec2bn(&dh->g, "2");
1017
if (!dh->p || !dh->g) {
1025
/* Returns Diffie-Hellman parameters matching the private key length
1026
but not exceeding global.tune.ssl_default_dh_param */
1027
static DH *ssl_get_tmp_dh(SSL *ssl, int export, int keylen)
1030
EVP_PKEY *pkey = SSL_get_privatekey(ssl);
1031
int type = pkey ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;
1033
/* The keylen supplied by OpenSSL can only be 512 or 1024.
1034
See ssl3_send_server_key_exchange() in ssl/s3_srvr.c
1036
if (type == EVP_PKEY_RSA || type == EVP_PKEY_DSA) {
1037
keylen = EVP_PKEY_bits(pkey);
1040
if (keylen > global.tune.ssl_default_dh_param) {
1041
keylen = global.tune.ssl_default_dh_param;
1044
if (keylen >= 8192) {
1047
else if (keylen >= 4096) {
1050
else if (keylen >= 2048) {
1060
/* Loads Diffie-Hellman parameter from a file. Returns 1 if loaded, else -1
1061
if an error occured, and 0 if parameter not found. */
1062
int ssl_sock_load_dh_params(SSL_CTX *ctx, const char *file)
1068
in = BIO_new(BIO_s_file());
1072
if (BIO_read_filename(in, file) <= 0)
1075
dh = PEM_read_bio_DHparams(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
1078
SSL_CTX_set_tmp_dh(ctx, dh);
1079
/* Setting ssl default dh param to the size of the static DH params
1080
found in the file. This way we know that there is no use
1081
complaining later about ssl-default-dh-param not being set. */
1082
global.tune.ssl_default_dh_param = DH_size(dh) * 8;
1085
/* Clear openssl global errors stack */
1088
if (global.tune.ssl_default_dh_param <= 1024) {
1089
/* we are limited to DH parameter of 1024 bits anyway */
1090
local_dh_1024 = ssl_get_dh_1024();
1091
if (local_dh_1024 == NULL)
1094
SSL_CTX_set_tmp_dh(ctx, local_dh_1024);
1097
SSL_CTX_set_tmp_dh_callback(ctx, ssl_get_tmp_dh);
1100
ret = 0; /* DH params not found */
1114
static int ssl_sock_add_cert_sni(SSL_CTX *ctx, struct bind_conf *s, char *name, int order)
1117
int wild = 0, neg = 0;
1127
/* !* filter is a nop */
1133
sc = malloc(sizeof(struct sni_ctx) + len + 1);
1134
for (j = 0; j < len; j++)
1135
sc->name.key[j] = tolower(name[j]);
1136
sc->name.key[len] = 0;
1138
sc->order = order++;
1141
ebst_insert(&s->sni_w_ctx, &sc->name);
1143
ebst_insert(&s->sni_ctx, &sc->name);
1148
/* Loads a certificate key and CA chain from a file. Returns 0 on error, -1 if
1149
* an early error happens and the caller must call SSL_CTX_free() by itelf.
1151
static int ssl_sock_load_cert_chain_file(SSL_CTX *ctx, const char *file, struct bind_conf *s, char **sni_filter, int fcount)
1154
X509 *x = NULL, *ca;
1160
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
1161
STACK_OF(GENERAL_NAME) *names;
1164
in = BIO_new(BIO_s_file());
1168
if (BIO_read_filename(in, file) <= 0)
1171
x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
1177
order = ssl_sock_add_cert_sni(ctx, s, sni_filter[fcount], order);
1180
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
1181
names = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
1183
for (i = 0; i < sk_GENERAL_NAME_num(names); i++) {
1184
GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
1185
if (name->type == GEN_DNS) {
1186
if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
1187
order = ssl_sock_add_cert_sni(ctx, s, str, order);
1192
sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
1194
#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
1195
xname = X509_get_subject_name(x);
1197
while ((i = X509_NAME_get_index_by_NID(xname, NID_commonName, i)) != -1) {
1198
X509_NAME_ENTRY *entry = X509_NAME_get_entry(xname, i);
1199
if (ASN1_STRING_to_UTF8((unsigned char **)&str, entry->value) >= 0) {
1200
order = ssl_sock_add_cert_sni(ctx, s, str, order);
1206
ret = 0; /* the caller must not free the SSL_CTX argument anymore */
1207
if (!SSL_CTX_use_certificate(ctx, x))
1210
if (ctx->extra_certs != NULL) {
1211
sk_X509_pop_free(ctx->extra_certs, X509_free);
1212
ctx->extra_certs = NULL;
1215
while ((ca = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata))) {
1216
if (!SSL_CTX_add_extra_chain_cert(ctx, ca)) {
1222
err = ERR_get_error();
1223
if (!err || (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)) {
1224
/* we successfully reached the last cert in the file */
1239
static int ssl_sock_load_cert_file(const char *path, struct bind_conf *bind_conf, struct proxy *curproxy, char **sni_filter, int fcount, char **err)
1244
ctx = SSL_CTX_new(SSLv23_server_method());
1246
memprintf(err, "%sunable to allocate SSL context for cert '%s'.\n",
1247
err && *err ? *err : "", path);
1251
if (SSL_CTX_use_PrivateKey_file(ctx, path, SSL_FILETYPE_PEM) <= 0) {
1252
memprintf(err, "%sunable to load SSL private key from PEM file '%s'.\n",
1253
err && *err ? *err : "", path);
1258
ret = ssl_sock_load_cert_chain_file(ctx, path, bind_conf, sni_filter, fcount);
1260
memprintf(err, "%sunable to load SSL certificate from PEM file '%s'.\n",
1261
err && *err ? *err : "", path);
1262
if (ret < 0) /* serious error, must do that ourselves */
1267
if (SSL_CTX_check_private_key(ctx) <= 0) {
1268
memprintf(err, "%sinconsistencies between private key and certificate loaded from PEM file '%s'.\n",
1269
err && *err ? *err : "", path);
1273
/* we must not free the SSL_CTX anymore below, since it's already in
1274
* the tree, so it will be discovered and cleaned in time.
1276
#ifndef OPENSSL_NO_DH
1277
ret = ssl_sock_load_dh_params(ctx, path);
1280
memprintf(err, "%sunable to load DH parameters from file '%s'.\n",
1281
*err ? *err : "", path);
1286
#ifdef SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
1287
ret = ssl_sock_load_ocsp(ctx, path);
1290
memprintf(err, "%s '%s.ocsp' is present and activates OCSP but it is impossible to compute the OCSP certificate ID (maybe the issuer could not be found)'.\n",
1291
*err ? *err : "", path);
1296
#ifndef SSL_CTRL_SET_TLSEXT_HOSTNAME
1297
if (bind_conf->default_ctx) {
1298
memprintf(err, "%sthis version of openssl cannot load multiple SSL certificates.\n",
1299
err && *err ? *err : "");
1303
if (!bind_conf->default_ctx)
1304
bind_conf->default_ctx = ctx;
1309
int ssl_sock_load_cert(char *path, struct bind_conf *bind_conf, struct proxy *curproxy, char **err)
1315
char fp[MAXPATHLEN+1];
1318
if (!(dir = opendir(path)))
1319
return ssl_sock_load_cert_file(path, bind_conf, curproxy, NULL, 0, err);
1321
/* strip trailing slashes, including first one */
1322
for (end = path + strlen(path) - 1; end >= path && *end == '/'; end--)
1325
while ((de = readdir(dir))) {
1326
end = strrchr(de->d_name, '.');
1327
if (end && (!strcmp(end, ".issuer") || !strcmp(end, ".ocsp")))
1330
snprintf(fp, sizeof(fp), "%s/%s", path, de->d_name);
1331
if (stat(fp, &buf) != 0) {
1332
memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
1333
err && *err ? *err : "", fp, strerror(errno));
1337
if (!S_ISREG(buf.st_mode))
1339
cfgerr += ssl_sock_load_cert_file(fp, bind_conf, curproxy, NULL, 0, err);
1345
/* Make sure openssl opens /dev/urandom before the chroot. The work is only
1346
* done once. Zero is returned if the operation fails. No error is returned
1347
* if the random is said as not implemented, because we expect that openssl
1348
* will use another method once needed.
1350
static int ssl_initialize_random()
1352
unsigned char random;
1353
static int random_initialized = 0;
1355
if (!random_initialized && RAND_bytes(&random, 1) != 0)
1356
random_initialized = 1;
1358
return random_initialized;
1361
int ssl_sock_load_cert_list_file(char *file, struct bind_conf *bind_conf, struct proxy *curproxy, char **err)
1363
char thisline[LINESIZE];
1368
if ((f = fopen(file, "r")) == NULL) {
1369
memprintf(err, "cannot open file '%s' : %s", file, strerror(errno));
1373
while (fgets(thisline, sizeof(thisline), f) != NULL) {
1377
char *args[MAX_LINE_ARGS + 1];
1378
char *line = thisline;
1381
end = line + strlen(line);
1382
if (end-line == sizeof(thisline)-1 && *(end-1) != '\n') {
1383
/* Check if we reached the limit and the last char is not \n.
1384
* Watch out for the last line without the terminating '\n'!
1386
memprintf(err, "line %d too long in file '%s', limit is %d characters",
1387
linenum, file, (int)sizeof(thisline)-1);
1395
if (*line == '#' || *line == '\n' || *line == '\r') {
1396
/* end of string, end of loop */
1400
else if (isspace(*line)) {
1405
if (arg == MAX_LINE_ARGS) {
1406
memprintf(err, "too many args on line %d in file '%s'.",
1423
cfgerr = ssl_sock_load_cert_file(args[0], bind_conf, curproxy, &args[1], arg-1, err);
1425
memprintf(err, "error processing line %d in file '%s' : %s", linenum, file, *err);
1433
#ifndef SSL_OP_CIPHER_SERVER_PREFERENCE /* needs OpenSSL >= 0.9.7 */
1434
#define SSL_OP_CIPHER_SERVER_PREFERENCE 0
1437
#ifndef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION /* needs OpenSSL >= 0.9.7 */
1438
#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0
1439
#define SSL_renegotiate_pending(arg) 0
1441
#ifndef SSL_OP_SINGLE_ECDH_USE /* needs OpenSSL >= 0.9.8 */
1442
#define SSL_OP_SINGLE_ECDH_USE 0
1444
#ifndef SSL_OP_NO_TICKET /* needs OpenSSL >= 0.9.8 */
1445
#define SSL_OP_NO_TICKET 0
1447
#ifndef SSL_OP_NO_COMPRESSION /* needs OpenSSL >= 0.9.9 */
1448
#define SSL_OP_NO_COMPRESSION 0
1450
#ifndef SSL_OP_NO_TLSv1_1 /* needs OpenSSL >= 1.0.1 */
1451
#define SSL_OP_NO_TLSv1_1 0
1453
#ifndef SSL_OP_NO_TLSv1_2 /* needs OpenSSL >= 1.0.1 */
1454
#define SSL_OP_NO_TLSv1_2 0
1456
#ifndef SSL_OP_SINGLE_DH_USE /* needs OpenSSL >= 0.9.6 */
1457
#define SSL_OP_SINGLE_DH_USE 0
1459
#ifndef SSL_OP_SINGLE_ECDH_USE /* needs OpenSSL >= 1.0.0 */
1460
#define SSL_OP_SINGLE_ECDH_USE 0
1462
#ifndef SSL_MODE_RELEASE_BUFFERS /* needs OpenSSL >= 1.0.0 */
1463
#define SSL_MODE_RELEASE_BUFFERS 0
1466
int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, SSL_CTX *ctx, struct proxy *curproxy)
1469
int verify = SSL_VERIFY_NONE;
1471
SSL_OP_ALL | /* all known workarounds for bugs */
1473
SSL_OP_NO_COMPRESSION |
1474
SSL_OP_SINGLE_DH_USE |
1475
SSL_OP_SINGLE_ECDH_USE |
1476
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION |
1477
SSL_OP_CIPHER_SERVER_PREFERENCE;
1479
SSL_MODE_ENABLE_PARTIAL_WRITE |
1480
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
1481
SSL_MODE_RELEASE_BUFFERS;
1482
STACK_OF(SSL_CIPHER) * ciphers = NULL;
1483
SSL_CIPHER * cipher = NULL;
1484
char cipher_description[128];
1485
/* The description of ciphers using an Ephemeral Diffie Hellman key exchange
1486
contains " Kx=DH " or " Kx=DH(". Beware of " Kx=DH/",
1487
which is not ephemeral DH. */
1488
const char dhe_description[] = " Kx=DH ";
1489
const char dhe_export_description[] = " Kx=DH(";
1493
/* Make sure openssl opens /dev/urandom before the chroot */
1494
if (!ssl_initialize_random()) {
1495
Alert("OpenSSL random data generator initialization failed.\n");
1499
if (bind_conf->ssl_options & BC_SSL_O_NO_SSLV3)
1500
ssloptions |= SSL_OP_NO_SSLv3;
1501
if (bind_conf->ssl_options & BC_SSL_O_NO_TLSV10)
1502
ssloptions |= SSL_OP_NO_TLSv1;
1503
if (bind_conf->ssl_options & BC_SSL_O_NO_TLSV11)
1504
ssloptions |= SSL_OP_NO_TLSv1_1;
1505
if (bind_conf->ssl_options & BC_SSL_O_NO_TLSV12)
1506
ssloptions |= SSL_OP_NO_TLSv1_2;
1507
if (bind_conf->ssl_options & BC_SSL_O_NO_TLS_TICKETS)
1508
ssloptions |= SSL_OP_NO_TICKET;
1509
if (bind_conf->ssl_options & BC_SSL_O_USE_SSLV3)
1510
SSL_CTX_set_ssl_version(ctx, SSLv3_server_method());
1511
if (bind_conf->ssl_options & BC_SSL_O_USE_TLSV10)
1512
SSL_CTX_set_ssl_version(ctx, TLSv1_server_method());
1513
#if SSL_OP_NO_TLSv1_1
1514
if (bind_conf->ssl_options & BC_SSL_O_USE_TLSV11)
1515
SSL_CTX_set_ssl_version(ctx, TLSv1_1_server_method());
1517
#if SSL_OP_NO_TLSv1_2
1518
if (bind_conf->ssl_options & BC_SSL_O_USE_TLSV12)
1519
SSL_CTX_set_ssl_version(ctx, TLSv1_2_server_method());
1522
SSL_CTX_set_options(ctx, ssloptions);
1523
SSL_CTX_set_mode(ctx, sslmode);
1524
switch (bind_conf->verify) {
1525
case SSL_SOCK_VERIFY_NONE:
1526
verify = SSL_VERIFY_NONE;
1528
case SSL_SOCK_VERIFY_OPTIONAL:
1529
verify = SSL_VERIFY_PEER;
1531
case SSL_SOCK_VERIFY_REQUIRED:
1532
verify = SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
1535
SSL_CTX_set_verify(ctx, verify, ssl_sock_bind_verifycbk);
1536
if (verify & SSL_VERIFY_PEER) {
1537
if (bind_conf->ca_file) {
1538
/* load CAfile to verify */
1539
if (!SSL_CTX_load_verify_locations(ctx, bind_conf->ca_file, NULL)) {
1540
Alert("Proxy '%s': unable to load CA file '%s' for bind '%s' at [%s:%d].\n",
1541
curproxy->id, bind_conf->ca_file, bind_conf->arg, bind_conf->file, bind_conf->line);
1544
/* set CA names fo client cert request, function returns void */
1545
SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(bind_conf->ca_file));
1548
Alert("Proxy '%s': verify is enabled but no CA file specified for bind '%s' at [%s:%d].\n",
1549
curproxy->id, bind_conf->arg, bind_conf->file, bind_conf->line);
1552
#ifdef X509_V_FLAG_CRL_CHECK
1553
if (bind_conf->crl_file) {
1554
X509_STORE *store = SSL_CTX_get_cert_store(ctx);
1556
if (!store || !X509_STORE_load_locations(store, bind_conf->crl_file, NULL)) {
1557
Alert("Proxy '%s': unable to configure CRL file '%s' for bind '%s' at [%s:%d].\n",
1558
curproxy->id, bind_conf->ca_file, bind_conf->arg, bind_conf->file, bind_conf->line);
1562
X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
1569
if (global.tune.ssllifetime)
1570
SSL_CTX_set_timeout(ctx, global.tune.ssllifetime);
1572
shared_context_set_cache(ctx);
1573
if (bind_conf->ciphers &&
1574
!SSL_CTX_set_cipher_list(ctx, bind_conf->ciphers)) {
1575
Alert("Proxy '%s': unable to set SSL cipher list to '%s' for bind '%s' at [%s:%d].\n",
1576
curproxy->id, bind_conf->ciphers, bind_conf->arg, bind_conf->file, bind_conf->line);
1580
/* If tune.ssl.default-dh-param has not been set and
1581
no static DH params were in the certificate file. */
1582
if (global.tune.ssl_default_dh_param == 0) {
1583
ciphers = ctx->cipher_list;
1586
for (idx = 0; idx < sk_SSL_CIPHER_num(ciphers); idx++) {
1587
cipher = sk_SSL_CIPHER_value(ciphers, idx);
1588
if (SSL_CIPHER_description(cipher, cipher_description, sizeof (cipher_description)) == cipher_description) {
1589
if (strstr(cipher_description, dhe_description) != NULL ||
1590
strstr(cipher_description, dhe_export_description) != NULL) {
1598
Warning("Setting tune.ssl.default-dh-param to 1024 by default, if your workload permits it you should set it to at least 2048. Please set a value >= 1024 to make this warning disappear.\n");
1602
global.tune.ssl_default_dh_param = 1024;
1605
#ifndef OPENSSL_NO_DH
1606
if (global.tune.ssl_default_dh_param >= 1024) {
1607
if (local_dh_1024 == NULL) {
1608
local_dh_1024 = ssl_get_dh_1024();
1610
if (global.tune.ssl_default_dh_param >= 2048) {
1611
if (local_dh_2048 == NULL) {
1612
local_dh_2048 = ssl_get_dh_2048();
1614
if (global.tune.ssl_default_dh_param >= 4096) {
1615
if (local_dh_4096 == NULL) {
1616
local_dh_4096 = ssl_get_dh_4096();
1618
if (global.tune.ssl_default_dh_param >= 8192 &&
1619
local_dh_8192 == NULL) {
1620
local_dh_8192 = ssl_get_dh_8192();
1625
#endif /* OPENSSL_NO_DH */
1627
SSL_CTX_set_info_callback(ctx, ssl_sock_infocbk);
1628
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
1629
SSL_CTX_set_msg_callback(ctx, ssl_sock_msgcbk);
1632
#ifdef OPENSSL_NPN_NEGOTIATED
1633
if (bind_conf->npn_str)
1634
SSL_CTX_set_next_protos_advertised_cb(ctx, ssl_sock_advertise_npn_protos, bind_conf);
1636
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
1637
if (bind_conf->alpn_str)
1638
SSL_CTX_set_alpn_select_cb(ctx, ssl_sock_advertise_alpn_protos, bind_conf);
1641
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
1642
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_cbk);
1643
SSL_CTX_set_tlsext_servername_arg(ctx, bind_conf);
1645
#if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)
1650
i = OBJ_sn2nid(bind_conf->ecdhe ? bind_conf->ecdhe : ECDHE_DEFAULT_CURVE);
1651
if (!i || ((ecdh = EC_KEY_new_by_curve_name(i)) == NULL)) {
1652
Alert("Proxy '%s': unable to set elliptic named curve to '%s' for bind '%s' at [%s:%d].\n",
1653
curproxy->id, bind_conf->ecdhe ? bind_conf->ecdhe : ECDHE_DEFAULT_CURVE,
1654
bind_conf->arg, bind_conf->file, bind_conf->line);
1658
SSL_CTX_set_tmp_ecdh(ctx, ecdh);
1667
static int ssl_sock_srv_hostcheck(const char *pattern, const char *hostname)
1669
const char *pattern_wildcard, *pattern_left_label_end, *hostname_left_label_end;
1670
size_t prefixlen, suffixlen;
1673
if (strcmp(pattern, hostname) == 0)
1676
/* The rest of this logic is based on RFC 6125, section 6.4.3
1677
* (http://tools.ietf.org/html/rfc6125#section-6.4.3) */
1679
pattern_wildcard = NULL;
1680
pattern_left_label_end = pattern;
1681
while (*pattern_left_label_end != '.') {
1682
switch (*pattern_left_label_end) {
1684
/* End of label not found */
1687
/* If there is more than one wildcards */
1688
if (pattern_wildcard)
1690
pattern_wildcard = pattern_left_label_end;
1693
pattern_left_label_end++;
1696
/* If it's not trivial and there is no wildcard, it can't
1698
if (!pattern_wildcard)
1701
/* Make sure all labels match except the leftmost */
1702
hostname_left_label_end = strchr(hostname, '.');
1703
if (!hostname_left_label_end
1704
|| strcmp(pattern_left_label_end, hostname_left_label_end) != 0)
1707
/* Make sure the leftmost label of the hostname is long enough
1708
* that the wildcard can match */
1709
if (hostname_left_label_end - hostname < (pattern_left_label_end - pattern) - 1)
1712
/* Finally compare the string on either side of the
1714
prefixlen = pattern_wildcard - pattern;
1715
suffixlen = pattern_left_label_end - (pattern_wildcard + 1);
1716
if ((prefixlen && (memcmp(pattern, hostname, prefixlen) != 0))
1717
|| (suffixlen && (memcmp(pattern_wildcard + 1, hostname_left_label_end - suffixlen, suffixlen) != 0)))
1723
static int ssl_sock_srv_verifycbk(int ok, X509_STORE_CTX *ctx)
1726
struct connection *conn;
1731
STACK_OF(GENERAL_NAME) *alt_names;
1733
X509_NAME *cert_subject;
1739
ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
1740
conn = (struct connection *)SSL_get_app_data(ssl);
1742
servername = objt_server(conn->target)->ssl_ctx.verify_host;
1744
/* We only need to verify the CN on the actual server cert,
1745
* not the indirect CAs */
1746
depth = X509_STORE_CTX_get_error_depth(ctx);
1750
/* At this point, the cert is *not* OK unless we can find a
1754
cert = X509_STORE_CTX_get_current_cert(ctx);
1755
/* It seems like this might happen if verify peer isn't set */
1759
alt_names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
1761
for (i = 0; !ok && i < sk_GENERAL_NAME_num(alt_names); i++) {
1762
GENERAL_NAME *name = sk_GENERAL_NAME_value(alt_names, i);
1763
if (name->type == GEN_DNS) {
1764
#if OPENSSL_VERSION_NUMBER < 0x00907000L
1765
if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.ia5) >= 0) {
1767
if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
1769
ok = ssl_sock_srv_hostcheck(str, servername);
1774
sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
1777
cert_subject = X509_get_subject_name(cert);
1779
while (!ok && (i = X509_NAME_get_index_by_NID(cert_subject, NID_commonName, i)) != -1) {
1780
X509_NAME_ENTRY *entry = X509_NAME_get_entry(cert_subject, i);
1781
if (ASN1_STRING_to_UTF8((unsigned char **)&str, entry->value) >= 0) {
1782
ok = ssl_sock_srv_hostcheck(str, servername);
1790
/* prepare ssl context from servers options. Returns an error count */
1791
int ssl_sock_prepare_srv_ctx(struct server *srv, struct proxy *curproxy)
1795
SSL_OP_ALL | /* all known workarounds for bugs */
1797
SSL_OP_NO_COMPRESSION;
1799
SSL_MODE_ENABLE_PARTIAL_WRITE |
1800
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
1801
SSL_MODE_RELEASE_BUFFERS;
1802
int verify = SSL_VERIFY_NONE;
1804
/* Make sure openssl opens /dev/urandom before the chroot */
1805
if (!ssl_initialize_random()) {
1806
Alert("OpenSSL random data generator initialization failed.\n");
1810
/* Initiate SSL context for current server */
1811
srv->ssl_ctx.reused_sess = NULL;
1813
srv->xprt = &ssl_sock;
1814
if (srv->check.use_ssl)
1815
srv->check_common.xprt = &ssl_sock;
1817
srv->ssl_ctx.ctx = SSL_CTX_new(SSLv23_client_method());
1818
if (!srv->ssl_ctx.ctx) {
1819
Alert("config : %s '%s', server '%s': unable to allocate ssl context.\n",
1820
proxy_type_str(curproxy), curproxy->id,
1825
if (srv->ssl_ctx.client_crt) {
1826
if (SSL_CTX_use_PrivateKey_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt, SSL_FILETYPE_PEM) <= 0) {
1827
Alert("config : %s '%s', server '%s': unable to load SSL private key from PEM file '%s'.\n",
1828
proxy_type_str(curproxy), curproxy->id,
1829
srv->id, srv->ssl_ctx.client_crt);
1832
else if (SSL_CTX_use_certificate_chain_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt) <= 0) {
1833
Alert("config : %s '%s', server '%s': unable to load ssl certificate from PEM file '%s'.\n",
1834
proxy_type_str(curproxy), curproxy->id,
1835
srv->id, srv->ssl_ctx.client_crt);
1838
else if (SSL_CTX_check_private_key(srv->ssl_ctx.ctx) <= 0) {
1839
Alert("config : %s '%s', server '%s': inconsistencies between private key and certificate loaded from PEM file '%s'.\n",
1840
proxy_type_str(curproxy), curproxy->id,
1841
srv->id, srv->ssl_ctx.client_crt);
1846
if (srv->ssl_ctx.options & SRV_SSL_O_NO_SSLV3)
1847
options |= SSL_OP_NO_SSLv3;
1848
if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLSV10)
1849
options |= SSL_OP_NO_TLSv1;
1850
if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLSV11)
1851
options |= SSL_OP_NO_TLSv1_1;
1852
if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLSV12)
1853
options |= SSL_OP_NO_TLSv1_2;
1854
if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLS_TICKETS)
1855
options |= SSL_OP_NO_TICKET;
1856
if (srv->ssl_ctx.options & SRV_SSL_O_USE_SSLV3)
1857
SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, SSLv3_client_method());
1858
if (srv->ssl_ctx.options & SRV_SSL_O_USE_TLSV10)
1859
SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, TLSv1_client_method());
1860
#if SSL_OP_NO_TLSv1_1
1861
if (srv->ssl_ctx.options & SRV_SSL_O_USE_TLSV11)
1862
SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, TLSv1_1_client_method());
1864
#if SSL_OP_NO_TLSv1_2
1865
if (srv->ssl_ctx.options & SRV_SSL_O_USE_TLSV12)
1866
SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, TLSv1_2_client_method());
1869
SSL_CTX_set_options(srv->ssl_ctx.ctx, options);
1870
SSL_CTX_set_mode(srv->ssl_ctx.ctx, mode);
1872
if (global.ssl_server_verify == SSL_SERVER_VERIFY_REQUIRED)
1873
verify = SSL_VERIFY_PEER;
1875
switch (srv->ssl_ctx.verify) {
1876
case SSL_SOCK_VERIFY_NONE:
1877
verify = SSL_VERIFY_NONE;
1879
case SSL_SOCK_VERIFY_REQUIRED:
1880
verify = SSL_VERIFY_PEER;
1883
SSL_CTX_set_verify(srv->ssl_ctx.ctx,
1885
srv->ssl_ctx.verify_host ? ssl_sock_srv_verifycbk : NULL);
1886
if (verify & SSL_VERIFY_PEER) {
1887
if (srv->ssl_ctx.ca_file) {
1888
/* load CAfile to verify */
1889
if (!SSL_CTX_load_verify_locations(srv->ssl_ctx.ctx, srv->ssl_ctx.ca_file, NULL)) {
1890
Alert("Proxy '%s', server '%s' [%s:%d] unable to load CA file '%s'.\n",
1891
curproxy->id, srv->id,
1892
srv->conf.file, srv->conf.line, srv->ssl_ctx.ca_file);
1897
if (global.ssl_server_verify == SSL_SERVER_VERIFY_REQUIRED)
1898
Alert("Proxy '%s', server '%s' [%s:%d] verify is enabled by default but no CA file specified. If you're running on a LAN where you're certain to trust the server's certificate, please set an explicit 'verify none' statement on the 'server' line, or use 'ssl-server-verify none' in the global section to disable server-side verifications by default.\n",
1899
curproxy->id, srv->id,
1900
srv->conf.file, srv->conf.line);
1902
Alert("Proxy '%s', server '%s' [%s:%d] verify is enabled but no CA file specified.\n",
1903
curproxy->id, srv->id,
1904
srv->conf.file, srv->conf.line);
1907
#ifdef X509_V_FLAG_CRL_CHECK
1908
if (srv->ssl_ctx.crl_file) {
1909
X509_STORE *store = SSL_CTX_get_cert_store(srv->ssl_ctx.ctx);
1911
if (!store || !X509_STORE_load_locations(store, srv->ssl_ctx.crl_file, NULL)) {
1912
Alert("Proxy '%s', server '%s' [%s:%d] unable to configure CRL file '%s'.\n",
1913
curproxy->id, srv->id,
1914
srv->conf.file, srv->conf.line, srv->ssl_ctx.crl_file);
1918
X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
1924
if (global.tune.ssllifetime)
1925
SSL_CTX_set_timeout(srv->ssl_ctx.ctx, global.tune.ssllifetime);
1927
SSL_CTX_set_session_cache_mode(srv->ssl_ctx.ctx, SSL_SESS_CACHE_OFF);
1928
if (srv->ssl_ctx.ciphers &&
1929
!SSL_CTX_set_cipher_list(srv->ssl_ctx.ctx, srv->ssl_ctx.ciphers)) {
1930
Alert("Proxy '%s', server '%s' [%s:%d] : unable to set SSL cipher list to '%s'.\n",
1931
curproxy->id, srv->id,
1932
srv->conf.file, srv->conf.line, srv->ssl_ctx.ciphers);
1939
/* Walks down the two trees in bind_conf and prepares all certs. The pointer may
1940
* be NULL, in which case nothing is done. Returns the number of errors
1943
int ssl_sock_prepare_all_ctx(struct bind_conf *bind_conf, struct proxy *px)
1945
struct ebmb_node *node;
1946
struct sni_ctx *sni;
1949
if (!bind_conf || !bind_conf->is_ssl)
1952
if (bind_conf->default_ctx)
1953
err += ssl_sock_prepare_ctx(bind_conf, bind_conf->default_ctx, px);
1955
node = ebmb_first(&bind_conf->sni_ctx);
1957
sni = ebmb_entry(node, struct sni_ctx, name);
1958
if (!sni->order && sni->ctx != bind_conf->default_ctx)
1959
/* only initialize the CTX on its first occurrence and
1960
if it is not the default_ctx */
1961
err += ssl_sock_prepare_ctx(bind_conf, sni->ctx, px);
1962
node = ebmb_next(node);
1965
node = ebmb_first(&bind_conf->sni_w_ctx);
1967
sni = ebmb_entry(node, struct sni_ctx, name);
1968
if (!sni->order && sni->ctx != bind_conf->default_ctx)
1969
/* only initialize the CTX on its first occurrence and
1970
if it is not the default_ctx */
1971
err += ssl_sock_prepare_ctx(bind_conf, sni->ctx, px);
1972
node = ebmb_next(node);
1977
/* Walks down the two trees in bind_conf and frees all the certs. The pointer may
1978
* be NULL, in which case nothing is done. The default_ctx is nullified too.
1980
void ssl_sock_free_all_ctx(struct bind_conf *bind_conf)
1982
struct ebmb_node *node, *back;
1983
struct sni_ctx *sni;
1985
if (!bind_conf || !bind_conf->is_ssl)
1988
node = ebmb_first(&bind_conf->sni_ctx);
1990
sni = ebmb_entry(node, struct sni_ctx, name);
1991
back = ebmb_next(node);
1993
if (!sni->order) /* only free the CTX on its first occurrence */
1994
SSL_CTX_free(sni->ctx);
1999
node = ebmb_first(&bind_conf->sni_w_ctx);
2001
sni = ebmb_entry(node, struct sni_ctx, name);
2002
back = ebmb_next(node);
2004
if (!sni->order) /* only free the CTX on its first occurrence */
2005
SSL_CTX_free(sni->ctx);
2010
bind_conf->default_ctx = NULL;
2014
* This function is called if SSL * context is not yet allocated. The function
2015
* is designed to be called before any other data-layer operation and sets the
2016
* handshake flag on the connection. It is safe to call it multiple times.
2017
* It returns 0 on success and -1 in error case.
2019
static int ssl_sock_init(struct connection *conn)
2021
/* already initialized */
2025
if (!conn_ctrl_ready(conn))
2028
if (global.maxsslconn && sslconns >= global.maxsslconn) {
2029
conn->err_code = CO_ER_SSL_TOO_MANY;
2033
/* If it is in client mode initiate SSL session
2034
in connect state otherwise accept state */
2035
if (objt_server(conn->target)) {
2036
/* Alloc a new SSL session ctx */
2037
conn->xprt_ctx = SSL_new(objt_server(conn->target)->ssl_ctx.ctx);
2038
if (!conn->xprt_ctx) {
2039
conn->err_code = CO_ER_SSL_NO_MEM;
2043
/* set fd on SSL session context */
2044
if (!SSL_set_fd(conn->xprt_ctx, conn->t.sock.fd)) {
2045
SSL_free(conn->xprt_ctx);
2046
conn->xprt_ctx = NULL;
2047
conn->err_code = CO_ER_SSL_NO_MEM;
2051
/* set connection pointer */
2052
if (!SSL_set_app_data(conn->xprt_ctx, conn)) {
2053
SSL_free(conn->xprt_ctx);
2054
conn->xprt_ctx = NULL;
2055
conn->err_code = CO_ER_SSL_NO_MEM;
2059
SSL_set_connect_state(conn->xprt_ctx);
2060
if (objt_server(conn->target)->ssl_ctx.reused_sess) {
2061
if(!SSL_set_session(conn->xprt_ctx, objt_server(conn->target)->ssl_ctx.reused_sess)) {
2062
SSL_SESSION_free(objt_server(conn->target)->ssl_ctx.reused_sess);
2063
objt_server(conn->target)->ssl_ctx.reused_sess = NULL;
2067
/* leave init state and start handshake */
2068
conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
2074
else if (objt_listener(conn->target)) {
2075
/* Alloc a new SSL session ctx */
2076
conn->xprt_ctx = SSL_new(objt_listener(conn->target)->bind_conf->default_ctx);
2077
if (!conn->xprt_ctx) {
2078
conn->err_code = CO_ER_SSL_NO_MEM;
2082
/* set fd on SSL session context */
2083
if (!SSL_set_fd(conn->xprt_ctx, conn->t.sock.fd)) {
2084
SSL_free(conn->xprt_ctx);
2085
conn->xprt_ctx = NULL;
2086
conn->err_code = CO_ER_SSL_NO_MEM;
2090
/* set connection pointer */
2091
if (!SSL_set_app_data(conn->xprt_ctx, conn)) {
2092
SSL_free(conn->xprt_ctx);
2093
conn->xprt_ctx = NULL;
2094
conn->err_code = CO_ER_SSL_NO_MEM;
2098
SSL_set_accept_state(conn->xprt_ctx);
2100
/* leave init state and start handshake */
2101
conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
2107
/* don't know how to handle such a target */
2108
conn->err_code = CO_ER_SSL_NO_TARGET;
2113
/* This is the callback which is used when an SSL handshake is pending. It
2114
* updates the FD status if it wants some polling before being called again.
2115
* It returns 0 if it fails in a fatal way or needs to poll to go further,
2116
* otherwise it returns non-zero and removes itself from the connection's
2117
* flags (the bit is provided in <flag> by the caller).
2119
int ssl_sock_handshake(struct connection *conn, unsigned int flag)
2123
if (!conn_ctrl_ready(conn))
2126
if (!conn->xprt_ctx)
2129
/* If we use SSL_do_handshake to process a reneg initiated by
2130
* the remote peer, it sometimes returns SSL_ERROR_SSL.
2131
* Usually SSL_write and SSL_read are used and process implicitly
2132
* the reneg handshake.
2133
* Here we use SSL_peek as a workaround for reneg.
2135
if ((conn->flags & CO_FL_CONNECTED) && SSL_renegotiate_pending(conn->xprt_ctx)) {
2138
ret = SSL_peek(conn->xprt_ctx, &c, 1);
2140
/* handshake may have not been completed, let's find why */
2141
ret = SSL_get_error(conn->xprt_ctx, ret);
2142
if (ret == SSL_ERROR_WANT_WRITE) {
2143
/* SSL handshake needs to write, L4 connection may not be ready */
2144
__conn_sock_stop_recv(conn);
2145
__conn_sock_want_send(conn);
2146
fd_cant_send(conn->t.sock.fd);
2149
else if (ret == SSL_ERROR_WANT_READ) {
2150
/* handshake may have been completed but we have
2151
* no more data to read.
2153
if (!SSL_renegotiate_pending(conn->xprt_ctx)) {
2157
/* SSL handshake needs to read, L4 connection is ready */
2158
if (conn->flags & CO_FL_WAIT_L4_CONN)
2159
conn->flags &= ~CO_FL_WAIT_L4_CONN;
2160
__conn_sock_stop_send(conn);
2161
__conn_sock_want_recv(conn);
2162
fd_cant_recv(conn->t.sock.fd);
2165
else if (ret == SSL_ERROR_SYSCALL) {
2166
/* if errno is null, then connection was successfully established */
2167
if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
2168
conn->flags &= ~CO_FL_WAIT_L4_CONN;
2169
if (!conn->err_code) {
2170
if (!((SSL *)conn->xprt_ctx)->packet_length) {
2172
if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2173
conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2175
conn->err_code = CO_ER_SSL_EMPTY;
2178
if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2179
conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2181
conn->err_code = CO_ER_SSL_ABORT;
2185
if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2186
conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2188
conn->err_code = CO_ER_SSL_HANDSHAKE;
2194
/* Fail on all other handshake errors */
2195
/* Note: OpenSSL may leave unread bytes in the socket's
2196
* buffer, causing an RST to be emitted upon close() on
2197
* TCP sockets. We first try to drain possibly pending
2198
* data to avoid this as much as possible.
2201
if (!conn->err_code)
2202
conn->err_code = (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT) ?
2203
CO_ER_SSL_KILLED_HB : CO_ER_SSL_HANDSHAKE;
2207
/* read some data: consider handshake completed */
2211
ret = SSL_do_handshake(conn->xprt_ctx);
2213
/* handshake did not complete, let's find why */
2214
ret = SSL_get_error(conn->xprt_ctx, ret);
2216
if (ret == SSL_ERROR_WANT_WRITE) {
2217
/* SSL handshake needs to write, L4 connection may not be ready */
2218
__conn_sock_stop_recv(conn);
2219
__conn_sock_want_send(conn);
2220
fd_cant_send(conn->t.sock.fd);
2223
else if (ret == SSL_ERROR_WANT_READ) {
2224
/* SSL handshake needs to read, L4 connection is ready */
2225
if (conn->flags & CO_FL_WAIT_L4_CONN)
2226
conn->flags &= ~CO_FL_WAIT_L4_CONN;
2227
__conn_sock_stop_send(conn);
2228
__conn_sock_want_recv(conn);
2229
fd_cant_recv(conn->t.sock.fd);
2232
else if (ret == SSL_ERROR_SYSCALL) {
2233
/* if errno is null, then connection was successfully established */
2234
if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
2235
conn->flags &= ~CO_FL_WAIT_L4_CONN;
2237
if (!((SSL *)conn->xprt_ctx)->packet_length) {
2239
if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2240
conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2242
conn->err_code = CO_ER_SSL_EMPTY;
2245
if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2246
conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2248
conn->err_code = CO_ER_SSL_ABORT;
2252
if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2253
conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2255
conn->err_code = CO_ER_SSL_HANDSHAKE;
2260
/* Fail on all other handshake errors */
2261
/* Note: OpenSSL may leave unread bytes in the socket's
2262
* buffer, causing an RST to be emitted upon close() on
2263
* TCP sockets. We first try to drain possibly pending
2264
* data to avoid this as much as possible.
2267
if (!conn->err_code)
2268
conn->err_code = (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT) ?
2269
CO_ER_SSL_KILLED_HB : CO_ER_SSL_HANDSHAKE;
2276
/* Handshake succeeded */
2277
if (!SSL_session_reused(conn->xprt_ctx)) {
2278
if (objt_server(conn->target)) {
2279
update_freq_ctr(&global.ssl_be_keys_per_sec, 1);
2280
if (global.ssl_be_keys_per_sec.curr_ctr > global.ssl_be_keys_max)
2281
global.ssl_be_keys_max = global.ssl_be_keys_per_sec.curr_ctr;
2283
/* check if session was reused, if not store current session on server for reuse */
2284
if (objt_server(conn->target)->ssl_ctx.reused_sess)
2285
SSL_SESSION_free(objt_server(conn->target)->ssl_ctx.reused_sess);
2287
objt_server(conn->target)->ssl_ctx.reused_sess = SSL_get1_session(conn->xprt_ctx);
2290
update_freq_ctr(&global.ssl_fe_keys_per_sec, 1);
2291
if (global.ssl_fe_keys_per_sec.curr_ctr > global.ssl_fe_keys_max)
2292
global.ssl_fe_keys_max = global.ssl_fe_keys_per_sec.curr_ctr;
2296
/* The connection is now established at both layers, it's time to leave */
2297
conn->flags &= ~(flag | CO_FL_WAIT_L4_CONN | CO_FL_WAIT_L6_CONN);
2301
/* Clear openssl global errors stack */
2304
/* free resumed session if exists */
2305
if (objt_server(conn->target) && objt_server(conn->target)->ssl_ctx.reused_sess) {
2306
SSL_SESSION_free(objt_server(conn->target)->ssl_ctx.reused_sess);
2307
objt_server(conn->target)->ssl_ctx.reused_sess = NULL;
2310
/* Fail on all other handshake errors */
2311
conn->flags |= CO_FL_ERROR;
2312
if (!conn->err_code)
2313
conn->err_code = CO_ER_SSL_HANDSHAKE;
2317
/* Receive up to <count> bytes from connection <conn>'s socket and store them
2318
* into buffer <buf>. Only one call to recv() is performed, unless the
2319
* buffer wraps, in which case a second call may be performed. The connection's
2320
* flags are updated with whatever special event is detected (error, read0,
2321
* empty). The caller is responsible for taking care of those events and
2322
* avoiding the call if inappropriate. The function does not call the
2323
* connection's polling update function, so the caller is responsible for this.
2325
static int ssl_sock_to_buf(struct connection *conn, struct buffer *buf, int count)
2330
if (!conn->xprt_ctx)
2333
if (conn->flags & CO_FL_HANDSHAKE)
2334
/* a handshake was requested */
2337
/* let's realign the buffer to optimize I/O */
2338
if (buffer_empty(buf))
2341
/* read the largest possible block. For this, we perform only one call
2342
* to recv() unless the buffer wraps and we exactly fill the first hunk,
2343
* in which case we accept to do it once again. A new attempt is made on
2347
/* first check if we have some room after p+i */
2348
try = buf->data + buf->size - (buf->p + buf->i);
2349
/* otherwise continue between data and p-o */
2351
try = buf->p - (buf->data + buf->o);
2358
ret = SSL_read(conn->xprt_ctx, bi_end(buf), try);
2359
if (conn->flags & CO_FL_ERROR) {
2360
/* CO_FL_ERROR may be set by ssl_sock_infocbk */
2370
else if (ret == 0) {
2371
ret = SSL_get_error(conn->xprt_ctx, ret);
2372
if (ret != SSL_ERROR_ZERO_RETURN) {
2373
/* error on protocol or underlying transport */
2374
if ((ret != SSL_ERROR_SYSCALL)
2375
|| (errno && (errno != EAGAIN)))
2376
conn->flags |= CO_FL_ERROR;
2378
/* Clear openssl global errors stack */
2384
ret = SSL_get_error(conn->xprt_ctx, ret);
2385
if (ret == SSL_ERROR_WANT_WRITE) {
2386
/* handshake is running, and it needs to enable write */
2387
conn->flags |= CO_FL_SSL_WAIT_HS;
2388
__conn_sock_want_send(conn);
2391
else if (ret == SSL_ERROR_WANT_READ) {
2392
if (SSL_renegotiate_pending(conn->xprt_ctx)) {
2393
/* handshake is running, and it may need to re-enable read */
2394
conn->flags |= CO_FL_SSL_WAIT_HS;
2395
__conn_sock_want_recv(conn);
2398
/* we need to poll for retry a read later */
2399
fd_cant_recv(conn->t.sock.fd);
2402
/* otherwise it's a real error */
2409
conn_sock_read0(conn);
2412
/* Clear openssl global errors stack */
2415
conn->flags |= CO_FL_ERROR;
2420
/* Send all pending bytes from buffer <buf> to connection <conn>'s socket.
2421
* <flags> may contain some CO_SFL_* flags to hint the system about other
2422
* pending data for example, but this flag is ignored at the moment.
2423
* Only one call to send() is performed, unless the buffer wraps, in which case
2424
* a second call may be performed. The connection's flags are updated with
2425
* whatever special event is detected (error, empty). The caller is responsible
2426
* for taking care of those events and avoiding the call if inappropriate. The
2427
* function does not call the connection's polling update function, so the caller
2428
* is responsible for this.
2430
static int ssl_sock_from_buf(struct connection *conn, struct buffer *buf, int flags)
2436
if (!conn->xprt_ctx)
2439
if (conn->flags & CO_FL_HANDSHAKE)
2440
/* a handshake was requested */
2443
/* send the largest possible block. For this we perform only one call
2444
* to send() unless the buffer wraps and we exactly fill the first hunk,
2445
* in which case we accept to do it once again.
2448
try = bo_contig_data(buf);
2450
if (!(flags & CO_SFL_STREAMER) &&
2451
!(conn->xprt_st & SSL_SOCK_SEND_UNLIMITED) &&
2452
global.tune.ssl_max_record && try > global.tune.ssl_max_record) {
2453
try = global.tune.ssl_max_record;
2456
/* we need to keep the information about the fact that
2457
* we're not limiting the upcoming send(), because if it
2458
* fails, we'll have to retry with at least as many data.
2460
conn->xprt_st |= SSL_SOCK_SEND_UNLIMITED;
2463
ret = SSL_write(conn->xprt_ctx, bo_ptr(buf), try);
2465
if (conn->flags & CO_FL_ERROR) {
2466
/* CO_FL_ERROR may be set by ssl_sock_infocbk */
2470
conn->xprt_st &= ~SSL_SOCK_SEND_UNLIMITED;
2475
if (likely(buffer_empty(buf)))
2476
/* optimize data alignment in the buffer */
2479
/* if the system buffer is full, don't insist */
2484
ret = SSL_get_error(conn->xprt_ctx, ret);
2485
if (ret == SSL_ERROR_WANT_WRITE) {
2486
if (SSL_renegotiate_pending(conn->xprt_ctx)) {
2487
/* handshake is running, and it may need to re-enable write */
2488
conn->flags |= CO_FL_SSL_WAIT_HS;
2489
__conn_sock_want_send(conn);
2492
/* we need to poll to retry a write later */
2493
fd_cant_send(conn->t.sock.fd);
2496
else if (ret == SSL_ERROR_WANT_READ) {
2497
/* handshake is running, and it needs to enable read */
2498
conn->flags |= CO_FL_SSL_WAIT_HS;
2499
__conn_sock_want_recv(conn);
2508
/* Clear openssl global errors stack */
2511
conn->flags |= CO_FL_ERROR;
2515
static void ssl_sock_close(struct connection *conn) {
2517
if (conn->xprt_ctx) {
2518
SSL_free(conn->xprt_ctx);
2519
conn->xprt_ctx = NULL;
2524
/* This function tries to perform a clean shutdown on an SSL connection, and in
2525
* any case, flags the connection as reusable if no handshake was in progress.
2527
static void ssl_sock_shutw(struct connection *conn, int clean)
2529
if (conn->flags & CO_FL_HANDSHAKE)
2531
/* no handshake was in progress, try a clean ssl shutdown */
2532
if (clean && (SSL_shutdown(conn->xprt_ctx) <= 0)) {
2533
/* Clear openssl global errors stack */
2537
/* force flag on ssl to keep session in cache regardless shutdown result */
2538
SSL_set_shutdown(conn->xprt_ctx, SSL_SENT_SHUTDOWN);
2541
/* used for logging, may be changed for a sample fetch later */
2542
const char *ssl_sock_get_cipher_name(struct connection *conn)
2544
if (!conn->xprt && !conn->xprt_ctx)
2546
return SSL_get_cipher_name(conn->xprt_ctx);
2549
/* used for logging, may be changed for a sample fetch later */
2550
const char *ssl_sock_get_proto_version(struct connection *conn)
2552
if (!conn->xprt && !conn->xprt_ctx)
2554
return SSL_get_version(conn->xprt_ctx);
2557
/* Extract a serial from a cert, and copy it to a chunk.
2558
* Returns 1 if serial is found and copied, 0 if no serial found and
2559
* -1 if output is not large enough.
2562
ssl_sock_get_serial(X509 *crt, struct chunk *out)
2564
ASN1_INTEGER *serial;
2566
serial = X509_get_serialNumber(crt);
2570
if (out->size < serial->length)
2573
memcpy(out->str, serial->data, serial->length);
2574
out->len = serial->length;
2578
/* Extract a cert to der, and copy it to a chunk.
2579
* Returns 1 if cert is found and copied, 0 on der convertion failure and
2580
* -1 if output is not large enough.
2583
ssl_sock_crt2der(X509 *crt, struct chunk *out)
2586
unsigned char *p = (unsigned char *)out->str;;
2588
len =i2d_X509(crt, NULL);
2592
if (out->size < len)
2601
/* Copy Date in ASN1_UTCTIME format in struct chunk out.
2602
* Returns 1 if serial is found and copied, 0 if no valid time found
2603
* and -1 if output is not large enough.
2606
ssl_sock_get_time(ASN1_TIME *tm, struct chunk *out)
2608
if (tm->type == V_ASN1_GENERALIZEDTIME) {
2609
ASN1_GENERALIZEDTIME *gentm = (ASN1_GENERALIZEDTIME *)tm;
2611
if (gentm->length < 12)
2613
if (gentm->data[0] != 0x32 || gentm->data[1] != 0x30)
2615
if (out->size < gentm->length-2)
2618
memcpy(out->str, gentm->data+2, gentm->length-2);
2619
out->len = gentm->length-2;
2622
else if (tm->type == V_ASN1_UTCTIME) {
2623
ASN1_UTCTIME *utctm = (ASN1_UTCTIME *)tm;
2625
if (utctm->length < 10)
2627
if (utctm->data[0] >= 0x35)
2629
if (out->size < utctm->length)
2632
memcpy(out->str, utctm->data, utctm->length);
2633
out->len = utctm->length;
2640
/* Extract an entry from a X509_NAME and copy its value to an output chunk.
2641
* Returns 1 if entry found, 0 if entry not found, or -1 if output not large enough.
2644
ssl_sock_get_dn_entry(X509_NAME *a, const struct chunk *entry, int pos, struct chunk *out)
2646
X509_NAME_ENTRY *ne;
2653
for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
2655
j = (sk_X509_NAME_ENTRY_num(a->entries)-1) - i;
2659
ne = sk_X509_NAME_ENTRY_value(a->entries, j);
2660
n = OBJ_obj2nid(ne->object);
2661
if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
2662
i2t_ASN1_OBJECT(tmp, sizeof(tmp), ne->object);
2666
if (chunk_strcasecmp(entry, s) != 0)
2677
if (ne->value->length > out->size)
2680
memcpy(out->str, ne->value->data, ne->value->length);
2681
out->len = ne->value->length;
2689
/* Extract and format full DN from a X509_NAME and copy result into a chunk
2690
* Returns 1 if dn entries exits, 0 if no dn entry found or -1 if output is not large enough.
2693
ssl_sock_get_dn_oneline(X509_NAME *a, struct chunk *out)
2695
X509_NAME_ENTRY *ne;
2704
for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
2705
ne = sk_X509_NAME_ENTRY_value(a->entries, i);
2706
n = OBJ_obj2nid(ne->object);
2707
if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
2708
i2t_ASN1_OBJECT(tmp, sizeof(tmp), ne->object);
2713
l += 1 + ln + 1 + ne->value->length;
2722
memcpy(p, ne->value->data, ne->value->length);
2723
p += ne->value->length;
2732
char *ssl_sock_get_version(struct connection *conn)
2734
if (!ssl_sock_is_ssl(conn))
2737
return (char *)SSL_get_version(conn->xprt_ctx);
2740
/* Extract peer certificate's common name into the chunk dest
2742
* the len of the extracted common name
2743
* or 0 if no CN found in DN
2744
* or -1 on error case (i.e. no peer certificate)
2746
int ssl_sock_get_remote_common_name(struct connection *conn, struct chunk *dest)
2750
const char find_cn[] = "CN";
2751
const struct chunk find_cn_chunk = {
2752
.str = (char *)&find_cn,
2753
.len = sizeof(find_cn)-1
2757
if (!ssl_sock_is_ssl(conn))
2760
/* SSL_get_peer_certificate, it increase X509 * ref count */
2761
crt = SSL_get_peer_certificate(conn->xprt_ctx);
2765
name = X509_get_subject_name(crt);
2769
result = ssl_sock_get_dn_entry(name, &find_cn_chunk, 1, dest);
2777
/* returns 1 if client passed a certificate for this session, 0 if not */
2778
int ssl_sock_get_cert_used_sess(struct connection *conn)
2782
if (!ssl_sock_is_ssl(conn))
2785
/* SSL_get_peer_certificate, it increase X509 * ref count */
2786
crt = SSL_get_peer_certificate(conn->xprt_ctx);
2794
/* returns 1 if client passed a certificate for this connection, 0 if not */
2795
int ssl_sock_get_cert_used_conn(struct connection *conn)
2797
if (!ssl_sock_is_ssl(conn))
2800
return SSL_SOCK_ST_FL_VERIFY_DONE & conn->xprt_st ? 1 : 0;
2803
/* returns result from SSL verify */
2804
unsigned int ssl_sock_get_verify_result(struct connection *conn)
2806
if (!ssl_sock_is_ssl(conn))
2807
return (unsigned int)X509_V_ERR_APPLICATION_VERIFICATION;
2809
return (unsigned int)SSL_get_verify_result(conn->xprt_ctx);
2812
/***** Below are some sample fetching functions for ACL/patterns *****/
2814
/* boolean, returns true if client cert was present */
2816
smp_fetch_ssl_fc_has_crt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
2817
const struct arg *args, struct sample *smp, const char *kw)
2819
struct connection *conn;
2824
conn = objt_conn(l4->si[0].end);
2825
if (!conn || conn->xprt != &ssl_sock)
2828
if (!(conn->flags & CO_FL_CONNECTED)) {
2829
smp->flags |= SMP_F_MAY_CHANGE;
2834
smp->type = SMP_T_BOOL;
2835
smp->data.uint = SSL_SOCK_ST_FL_VERIFY_DONE & conn->xprt_st ? 1 : 0;
2840
/* binary, returns a certificate in a binary chunk (der/raw).
2841
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
2845
smp_fetch_ssl_x_der(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
2846
const struct arg *args, struct sample *smp, const char *kw)
2848
int cert_peer = (kw[4] == 'c') ? 1 : 0;
2851
struct chunk *smp_trash;
2852
struct connection *conn;
2857
conn = objt_conn(l4->si[0].end);
2858
if (!conn || conn->xprt != &ssl_sock)
2861
if (!(conn->flags & CO_FL_CONNECTED)) {
2862
smp->flags |= SMP_F_MAY_CHANGE;
2867
crt = SSL_get_peer_certificate(conn->xprt_ctx);
2869
crt = SSL_get_certificate(conn->xprt_ctx);
2874
smp_trash = get_trash_chunk();
2875
if (ssl_sock_crt2der(crt, smp_trash) <= 0)
2878
smp->data.str = *smp_trash;
2879
smp->type = SMP_T_BIN;
2882
/* SSL_get_peer_certificate, it increase X509 * ref count */
2883
if (cert_peer && crt)
2888
/* binary, returns serial of certificate in a binary chunk.
2889
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
2893
smp_fetch_ssl_x_serial(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
2894
const struct arg *args, struct sample *smp, const char *kw)
2896
int cert_peer = (kw[4] == 'c') ? 1 : 0;
2899
struct chunk *smp_trash;
2900
struct connection *conn;
2905
conn = objt_conn(l4->si[0].end);
2906
if (!conn || conn->xprt != &ssl_sock)
2909
if (!(conn->flags & CO_FL_CONNECTED)) {
2910
smp->flags |= SMP_F_MAY_CHANGE;
2915
crt = SSL_get_peer_certificate(conn->xprt_ctx);
2917
crt = SSL_get_certificate(conn->xprt_ctx);
2922
smp_trash = get_trash_chunk();
2923
if (ssl_sock_get_serial(crt, smp_trash) <= 0)
2926
smp->data.str = *smp_trash;
2927
smp->type = SMP_T_BIN;
2930
/* SSL_get_peer_certificate, it increase X509 * ref count */
2931
if (cert_peer && crt)
2936
/* binary, returns the client certificate's SHA-1 fingerprint (SHA-1 hash of DER-encoded certificate) in a binary chunk.
2937
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
2941
smp_fetch_ssl_x_sha1(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
2942
const struct arg *args, struct sample *smp, const char *kw)
2944
int cert_peer = (kw[4] == 'c') ? 1 : 0;
2946
const EVP_MD *digest;
2948
struct chunk *smp_trash;
2949
struct connection *conn;
2954
conn = objt_conn(l4->si[0].end);
2955
if (!conn || conn->xprt != &ssl_sock)
2958
if (!(conn->flags & CO_FL_CONNECTED)) {
2959
smp->flags |= SMP_F_MAY_CHANGE;
2964
crt = SSL_get_peer_certificate(conn->xprt_ctx);
2966
crt = SSL_get_certificate(conn->xprt_ctx);
2970
smp_trash = get_trash_chunk();
2971
digest = EVP_sha1();
2972
X509_digest(crt, digest, (unsigned char *)smp_trash->str, (unsigned int *)&smp_trash->len);
2974
smp->data.str = *smp_trash;
2975
smp->type = SMP_T_BIN;
2978
/* SSL_get_peer_certificate, it increase X509 * ref count */
2979
if (cert_peer && crt)
2984
/* string, returns certificate's notafter date in ASN1_UTCTIME format.
2985
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
2989
smp_fetch_ssl_x_notafter(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
2990
const struct arg *args, struct sample *smp, const char *kw)
2992
int cert_peer = (kw[4] == 'c') ? 1 : 0;
2995
struct chunk *smp_trash;
2996
struct connection *conn;
3001
conn = objt_conn(l4->si[0].end);
3002
if (!conn || conn->xprt != &ssl_sock)
3005
if (!(conn->flags & CO_FL_CONNECTED)) {
3006
smp->flags |= SMP_F_MAY_CHANGE;
3011
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3013
crt = SSL_get_certificate(conn->xprt_ctx);
3017
smp_trash = get_trash_chunk();
3018
if (ssl_sock_get_time(X509_get_notAfter(crt), smp_trash) <= 0)
3021
smp->data.str = *smp_trash;
3022
smp->type = SMP_T_STR;
3025
/* SSL_get_peer_certificate, it increase X509 * ref count */
3026
if (cert_peer && crt)
3031
/* string, returns a string of a formatted full dn \C=..\O=..\OU=.. \CN=.. of certificate's issuer
3032
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3036
smp_fetch_ssl_x_i_dn(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3037
const struct arg *args, struct sample *smp, const char *kw)
3039
int cert_peer = (kw[4] == 'c') ? 1 : 0;
3043
struct chunk *smp_trash;
3044
struct connection *conn;
3049
conn = objt_conn(l4->si[0].end);
3050
if (!conn || conn->xprt != &ssl_sock)
3053
if (!(conn->flags & CO_FL_CONNECTED)) {
3054
smp->flags |= SMP_F_MAY_CHANGE;
3059
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3061
crt = SSL_get_certificate(conn->xprt_ctx);
3065
name = X509_get_issuer_name(crt);
3069
smp_trash = get_trash_chunk();
3070
if (args && args[0].type == ARGT_STR) {
3073
if (args[1].type == ARGT_SINT)
3074
pos = args[1].data.sint;
3075
else if (args[1].type == ARGT_UINT)
3076
pos =(int)args[1].data.uint;
3078
if (ssl_sock_get_dn_entry(name, &args[0].data.str, pos, smp_trash) <= 0)
3081
else if (ssl_sock_get_dn_oneline(name, smp_trash) <= 0)
3084
smp->type = SMP_T_STR;
3085
smp->data.str = *smp_trash;
3088
/* SSL_get_peer_certificate, it increase X509 * ref count */
3089
if (cert_peer && crt)
3094
/* string, returns notbefore date in ASN1_UTCTIME format.
3095
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3099
smp_fetch_ssl_x_notbefore(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3100
const struct arg *args, struct sample *smp, const char *kw)
3102
int cert_peer = (kw[4] == 'c') ? 1 : 0;
3105
struct chunk *smp_trash;
3106
struct connection *conn;
3111
conn = objt_conn(l4->si[0].end);
3112
if (!conn || conn->xprt != &ssl_sock)
3115
if (!(conn->flags & CO_FL_CONNECTED)) {
3116
smp->flags |= SMP_F_MAY_CHANGE;
3121
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3123
crt = SSL_get_certificate(conn->xprt_ctx);
3127
smp_trash = get_trash_chunk();
3128
if (ssl_sock_get_time(X509_get_notBefore(crt), smp_trash) <= 0)
3131
smp->data.str = *smp_trash;
3132
smp->type = SMP_T_STR;
3135
/* SSL_get_peer_certificate, it increase X509 * ref count */
3136
if (cert_peer && crt)
3141
/* string, returns a string of a formatted full dn \C=..\O=..\OU=.. \CN=.. of certificate's subject
3142
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3146
smp_fetch_ssl_x_s_dn(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3147
const struct arg *args, struct sample *smp, const char *kw)
3149
int cert_peer = (kw[4] == 'c') ? 1 : 0;
3153
struct chunk *smp_trash;
3154
struct connection *conn;
3159
conn = objt_conn(l4->si[0].end);
3160
if (!conn || conn->xprt != &ssl_sock)
3163
if (!(conn->flags & CO_FL_CONNECTED)) {
3164
smp->flags |= SMP_F_MAY_CHANGE;
3169
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3171
crt = SSL_get_certificate(conn->xprt_ctx);
3175
name = X509_get_subject_name(crt);
3179
smp_trash = get_trash_chunk();
3180
if (args && args[0].type == ARGT_STR) {
3183
if (args[1].type == ARGT_SINT)
3184
pos = args[1].data.sint;
3185
else if (args[1].type == ARGT_UINT)
3186
pos =(int)args[1].data.uint;
3188
if (ssl_sock_get_dn_entry(name, &args[0].data.str, pos, smp_trash) <= 0)
3191
else if (ssl_sock_get_dn_oneline(name, smp_trash) <= 0)
3194
smp->type = SMP_T_STR;
3195
smp->data.str = *smp_trash;
3198
/* SSL_get_peer_certificate, it increase X509 * ref count */
3199
if (cert_peer && crt)
3204
/* integer, returns true if current session use a client certificate */
3206
smp_fetch_ssl_c_used(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3207
const struct arg *args, struct sample *smp, const char *kw)
3210
struct connection *conn;
3215
conn = objt_conn(l4->si[0].end);
3216
if (!conn || conn->xprt != &ssl_sock)
3219
if (!(conn->flags & CO_FL_CONNECTED)) {
3220
smp->flags |= SMP_F_MAY_CHANGE;
3224
/* SSL_get_peer_certificate returns a ptr on allocated X509 struct */
3225
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3230
smp->type = SMP_T_BOOL;
3231
smp->data.uint = (crt != NULL);
3235
/* integer, returns the certificate version
3236
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3240
smp_fetch_ssl_x_version(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3241
const struct arg *args, struct sample *smp, const char *kw)
3243
int cert_peer = (kw[4] == 'c') ? 1 : 0;
3245
struct connection *conn;
3250
conn = objt_conn(l4->si[0].end);
3251
if (!conn || conn->xprt != &ssl_sock)
3254
if (!(conn->flags & CO_FL_CONNECTED)) {
3255
smp->flags |= SMP_F_MAY_CHANGE;
3260
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3262
crt = SSL_get_certificate(conn->xprt_ctx);
3266
smp->data.uint = (unsigned int)(1 + X509_get_version(crt));
3267
/* SSL_get_peer_certificate increase X509 * ref count */
3270
smp->type = SMP_T_UINT;
3275
/* string, returns the certificate's signature algorithm.
3276
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3280
smp_fetch_ssl_x_sig_alg(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3281
const struct arg *args, struct sample *smp, const char *kw)
3283
int cert_peer = (kw[4] == 'c') ? 1 : 0;
3286
struct connection *conn;
3291
conn = objt_conn(l4->si[0].end);
3292
if (!conn || conn->xprt != &ssl_sock)
3295
if (!(conn->flags & CO_FL_CONNECTED)) {
3296
smp->flags |= SMP_F_MAY_CHANGE;
3301
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3303
crt = SSL_get_certificate(conn->xprt_ctx);
3307
nid = OBJ_obj2nid((ASN1_OBJECT *)(crt->cert_info->signature->algorithm));
3309
smp->data.str.str = (char *)OBJ_nid2sn(nid);
3310
if (!smp->data.str.str) {
3311
/* SSL_get_peer_certificate increase X509 * ref count */
3317
smp->type = SMP_T_STR;
3318
smp->flags |= SMP_F_CONST;
3319
smp->data.str.len = strlen(smp->data.str.str);
3320
/* SSL_get_peer_certificate increase X509 * ref count */
3327
/* string, returns the certificate's key algorithm.
3328
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3332
smp_fetch_ssl_x_key_alg(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3333
const struct arg *args, struct sample *smp, const char *kw)
3335
int cert_peer = (kw[4] == 'c') ? 1 : 0;
3338
struct connection *conn;
3343
conn = objt_conn(l4->si[0].end);
3344
if (!conn || conn->xprt != &ssl_sock)
3347
if (!(conn->flags & CO_FL_CONNECTED)) {
3348
smp->flags |= SMP_F_MAY_CHANGE;
3353
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3355
crt = SSL_get_certificate(conn->xprt_ctx);
3359
nid = OBJ_obj2nid((ASN1_OBJECT *)(crt->cert_info->key->algor->algorithm));
3361
smp->data.str.str = (char *)OBJ_nid2sn(nid);
3362
if (!smp->data.str.str) {
3363
/* SSL_get_peer_certificate increase X509 * ref count */
3369
smp->type = SMP_T_STR;
3370
smp->flags |= SMP_F_CONST;
3371
smp->data.str.len = strlen(smp->data.str.str);
3378
/* boolean, returns true if front conn. transport layer is SSL.
3379
* This function is also usable on backend conn if the fetch keyword 5th
3383
smp_fetch_ssl_fc(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3384
const struct arg *args, struct sample *smp, const char *kw)
3386
int back_conn = (kw[4] == 'b') ? 1 : 0;
3387
struct connection *conn = objt_conn(l4->si[back_conn].end);
3389
smp->type = SMP_T_BOOL;
3390
smp->data.uint = (conn && conn->xprt == &ssl_sock);
3394
/* boolean, returns true if client present a SNI */
3396
smp_fetch_ssl_fc_has_sni(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3397
const struct arg *args, struct sample *smp, const char *kw)
3399
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
3400
struct connection *conn = objt_conn(l4->si[0].end);
3402
smp->type = SMP_T_BOOL;
3403
smp->data.uint = (conn && conn->xprt == &ssl_sock) &&
3405
SSL_get_servername(conn->xprt_ctx, TLSEXT_NAMETYPE_host_name) != NULL;
3412
/* string, returns the used cipher if front conn. transport layer is SSL.
3413
* This function is also usable on backend conn if the fetch keyword 5th
3417
smp_fetch_ssl_fc_cipher(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3418
const struct arg *args, struct sample *smp, const char *kw)
3420
int back_conn = (kw[4] == 'b') ? 1 : 0;
3421
struct connection *conn;
3428
conn = objt_conn(l4->si[back_conn].end);
3429
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3432
smp->data.str.str = (char *)SSL_get_cipher_name(conn->xprt_ctx);
3433
if (!smp->data.str.str)
3436
smp->type = SMP_T_STR;
3437
smp->flags |= SMP_F_CONST;
3438
smp->data.str.len = strlen(smp->data.str.str);
3443
/* integer, returns the algoritm's keysize if front conn. transport layer
3445
* This function is also usable on backend conn if the fetch keyword 5th
3449
smp_fetch_ssl_fc_alg_keysize(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3450
const struct arg *args, struct sample *smp, const char *kw)
3452
int back_conn = (kw[4] == 'b') ? 1 : 0;
3453
struct connection *conn;
3460
conn = objt_conn(l4->si[back_conn].end);
3461
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3464
if (!SSL_get_cipher_bits(conn->xprt_ctx, (int *)&smp->data.uint))
3467
smp->type = SMP_T_UINT;
3472
/* integer, returns the used keysize if front conn. transport layer is SSL.
3473
* This function is also usable on backend conn if the fetch keyword 5th
3477
smp_fetch_ssl_fc_use_keysize(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3478
const struct arg *args, struct sample *smp, const char *kw)
3480
int back_conn = (kw[4] == 'b') ? 1 : 0;
3481
struct connection *conn;
3488
conn = objt_conn(l4->si[back_conn].end);
3489
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3492
smp->data.uint = (unsigned int)SSL_get_cipher_bits(conn->xprt_ctx, NULL);
3493
if (!smp->data.uint)
3496
smp->type = SMP_T_UINT;
3501
#ifdef OPENSSL_NPN_NEGOTIATED
3503
smp_fetch_ssl_fc_npn(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3504
const struct arg *args, struct sample *smp, const char *kw)
3506
struct connection *conn;
3508
smp->flags = SMP_F_CONST;
3509
smp->type = SMP_T_STR;
3514
conn = objt_conn(l4->si[0].end);
3515
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3518
smp->data.str.str = NULL;
3519
SSL_get0_next_proto_negotiated(conn->xprt_ctx,
3520
(const unsigned char **)&smp->data.str.str, (unsigned *)&smp->data.str.len);
3522
if (!smp->data.str.str)
3529
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
3531
smp_fetch_ssl_fc_alpn(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3532
const struct arg *args, struct sample *smp, const char *kw)
3534
struct connection *conn;
3536
smp->flags = SMP_F_CONST;
3537
smp->type = SMP_T_STR;
3542
conn = objt_conn(l4->si[0].end);
3543
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3546
smp->data.str.str = NULL;
3547
SSL_get0_alpn_selected(conn->xprt_ctx,
3548
(const unsigned char **)&smp->data.str.str, (unsigned *)&smp->data.str.len);
3550
if (!smp->data.str.str)
3557
/* string, returns the used protocol if front conn. transport layer is SSL.
3558
* This function is also usable on backend conn if the fetch keyword 5th
3562
smp_fetch_ssl_fc_protocol(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3563
const struct arg *args, struct sample *smp, const char *kw)
3565
int back_conn = (kw[4] == 'b') ? 1 : 0;
3566
struct connection *conn;
3573
conn = objt_conn(l4->si[back_conn].end);
3574
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3577
smp->data.str.str = (char *)SSL_get_version(conn->xprt_ctx);
3578
if (!smp->data.str.str)
3581
smp->type = SMP_T_STR;
3582
smp->flags = SMP_F_CONST;
3583
smp->data.str.len = strlen(smp->data.str.str);
3588
/* binary, returns the SSL session id if front conn. transport layer is SSL.
3589
* This function is also usable on backend conn if the fetch keyword 5th
3593
smp_fetch_ssl_fc_session_id(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3594
const struct arg *args, struct sample *smp, const char *kw)
3596
#if OPENSSL_VERSION_NUMBER > 0x0090800fL
3597
int back_conn = (kw[4] == 'b') ? 1 : 0;
3599
struct connection *conn;
3601
smp->flags = SMP_F_CONST;
3602
smp->type = SMP_T_BIN;
3607
conn = objt_conn(l4->si[back_conn].end);
3608
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3611
sess = SSL_get_session(conn->xprt_ctx);
3615
smp->data.str.str = (char *)SSL_SESSION_get_id(sess, (unsigned int *)&smp->data.str.len);
3616
if (!smp->data.str.str || !&smp->data.str.len)
3626
smp_fetch_ssl_fc_sni(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3627
const struct arg *args, struct sample *smp, const char *kw)
3629
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
3630
struct connection *conn;
3632
smp->flags = SMP_F_CONST;
3633
smp->type = SMP_T_STR;
3638
conn = objt_conn(l4->si[0].end);
3639
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3642
smp->data.str.str = (char *)SSL_get_servername(conn->xprt_ctx, TLSEXT_NAMETYPE_host_name);
3643
if (!smp->data.str.str)
3646
smp->data.str.len = strlen(smp->data.str.str);
3654
smp_fetch_ssl_fc_unique_id(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3655
const struct arg *args, struct sample *smp, const char *kw)
3657
#if OPENSSL_VERSION_NUMBER > 0x0090800fL
3658
int back_conn = (kw[4] == 'b') ? 1 : 0;
3659
struct connection *conn;
3661
struct chunk *finished_trash;
3668
conn = objt_conn(l4->si[back_conn].end);
3669
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3672
if (!(conn->flags & CO_FL_CONNECTED)) {
3673
smp->flags |= SMP_F_MAY_CHANGE;
3677
finished_trash = get_trash_chunk();
3678
if (!SSL_session_reused(conn->xprt_ctx))
3679
finished_len = SSL_get_peer_finished(conn->xprt_ctx, finished_trash->str, finished_trash->size);
3681
finished_len = SSL_get_finished(conn->xprt_ctx, finished_trash->str, finished_trash->size);
3686
finished_trash->len = finished_len;
3687
smp->data.str = *finished_trash;
3688
smp->type = SMP_T_BIN;
3696
/* integer, returns the first verify error in CA chain of client certificate chain. */
3698
smp_fetch_ssl_c_ca_err(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3699
const struct arg *args, struct sample *smp, const char *kw)
3701
struct connection *conn;
3706
conn = objt_conn(l4->si[0].end);
3707
if (!conn || conn->xprt != &ssl_sock)
3710
if (!(conn->flags & CO_FL_CONNECTED)) {
3711
smp->flags = SMP_F_MAY_CHANGE;
3715
smp->type = SMP_T_UINT;
3716
smp->data.uint = (unsigned int)SSL_SOCK_ST_TO_CA_ERROR(conn->xprt_st);
3722
/* integer, returns the depth of the first verify error in CA chain of client certificate chain. */
3724
smp_fetch_ssl_c_ca_err_depth(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3725
const struct arg *args, struct sample *smp, const char *kw)
3727
struct connection *conn;
3732
conn = objt_conn(l4->si[0].end);
3733
if (!conn || conn->xprt != &ssl_sock)
3736
if (!(conn->flags & CO_FL_CONNECTED)) {
3737
smp->flags = SMP_F_MAY_CHANGE;
3741
smp->type = SMP_T_UINT;
3742
smp->data.uint = (unsigned int)SSL_SOCK_ST_TO_CAEDEPTH(conn->xprt_st);
3748
/* integer, returns the first verify error on client certificate */
3750
smp_fetch_ssl_c_err(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3751
const struct arg *args, struct sample *smp, const char *kw)
3753
struct connection *conn;
3758
conn = objt_conn(l4->si[0].end);
3759
if (!conn || conn->xprt != &ssl_sock)
3762
if (!(conn->flags & CO_FL_CONNECTED)) {
3763
smp->flags = SMP_F_MAY_CHANGE;
3767
smp->type = SMP_T_UINT;
3768
smp->data.uint = (unsigned int)SSL_SOCK_ST_TO_CRTERROR(conn->xprt_st);
3774
/* integer, returns the verify result on client cert */
3776
smp_fetch_ssl_c_verify(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3777
const struct arg *args, struct sample *smp, const char *kw)
3779
struct connection *conn;
3784
conn = objt_conn(l4->si[0].end);
3785
if (!conn || conn->xprt != &ssl_sock)
3788
if (!(conn->flags & CO_FL_CONNECTED)) {
3789
smp->flags = SMP_F_MAY_CHANGE;
3793
if (!conn->xprt_ctx)
3796
smp->type = SMP_T_UINT;
3797
smp->data.uint = (unsigned int)SSL_get_verify_result(conn->xprt_ctx);
3803
/* parse the "ca-file" bind keyword */
3804
static int bind_parse_ca_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3806
if (!*args[cur_arg + 1]) {
3808
memprintf(err, "'%s' : missing CAfile path", args[cur_arg]);
3809
return ERR_ALERT | ERR_FATAL;
3812
if ((*args[cur_arg + 1] != '/') && global.ca_base)
3813
memprintf(&conf->ca_file, "%s/%s", global.ca_base, args[cur_arg + 1]);
3815
memprintf(&conf->ca_file, "%s", args[cur_arg + 1]);
3820
/* parse the "ciphers" bind keyword */
3821
static int bind_parse_ciphers(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3823
if (!*args[cur_arg + 1]) {
3824
memprintf(err, "'%s' : missing cipher suite", args[cur_arg]);
3825
return ERR_ALERT | ERR_FATAL;
3828
free(conf->ciphers);
3829
conf->ciphers = strdup(args[cur_arg + 1]);
3833
/* parse the "crt" bind keyword */
3834
static int bind_parse_crt(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3836
char path[MAXPATHLEN];
3838
if (!*args[cur_arg + 1]) {
3839
memprintf(err, "'%s' : missing certificate location", args[cur_arg]);
3840
return ERR_ALERT | ERR_FATAL;
3843
if ((*args[cur_arg + 1] != '/' ) && global.crt_base) {
3844
if ((strlen(global.crt_base) + 1 + strlen(args[cur_arg + 1]) + 1) > MAXPATHLEN) {
3845
memprintf(err, "'%s' : path too long", args[cur_arg]);
3846
return ERR_ALERT | ERR_FATAL;
3848
snprintf(path, sizeof(path), "%s/%s", global.crt_base, args[cur_arg + 1]);
3849
if (ssl_sock_load_cert(path, conf, px, err) > 0)
3850
return ERR_ALERT | ERR_FATAL;
3855
if (ssl_sock_load_cert(args[cur_arg + 1], conf, px, err) > 0)
3856
return ERR_ALERT | ERR_FATAL;
3861
/* parse the "crt-list" bind keyword */
3862
static int bind_parse_crt_list(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3864
if (!*args[cur_arg + 1]) {
3865
memprintf(err, "'%s' : missing certificate location", args[cur_arg]);
3866
return ERR_ALERT | ERR_FATAL;
3869
if (ssl_sock_load_cert_list_file(args[cur_arg + 1], conf, px, err) > 0) {
3870
memprintf(err, "'%s' : %s", args[cur_arg], *err);
3871
return ERR_ALERT | ERR_FATAL;
3877
/* parse the "crl-file" bind keyword */
3878
static int bind_parse_crl_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3880
#ifndef X509_V_FLAG_CRL_CHECK
3882
memprintf(err, "'%s' : library does not support CRL verify", args[cur_arg]);
3883
return ERR_ALERT | ERR_FATAL;
3885
if (!*args[cur_arg + 1]) {
3887
memprintf(err, "'%s' : missing CRLfile path", args[cur_arg]);
3888
return ERR_ALERT | ERR_FATAL;
3891
if ((*args[cur_arg + 1] != '/') && global.ca_base)
3892
memprintf(&conf->crl_file, "%s/%s", global.ca_base, args[cur_arg + 1]);
3894
memprintf(&conf->crl_file, "%s", args[cur_arg + 1]);
3900
/* parse the "ecdhe" bind keyword keywords */
3901
static int bind_parse_ecdhe(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3903
#if OPENSSL_VERSION_NUMBER < 0x0090800fL
3905
memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (too old)", args[cur_arg]);
3906
return ERR_ALERT | ERR_FATAL;
3907
#elif defined(OPENSSL_NO_ECDH)
3909
memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (disabled via OPENSSL_NO_ECDH)", args[cur_arg]);
3910
return ERR_ALERT | ERR_FATAL;
3912
if (!*args[cur_arg + 1]) {
3914
memprintf(err, "'%s' : missing named curve", args[cur_arg]);
3915
return ERR_ALERT | ERR_FATAL;
3918
conf->ecdhe = strdup(args[cur_arg + 1]);
3924
/* parse the "crt_ignerr" and "ca_ignerr" bind keywords */
3925
static int bind_parse_ignore_err(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3928
char *p = args[cur_arg + 1];
3929
unsigned long long *ignerr = &conf->crt_ignerr;
3933
memprintf(err, "'%s' : missing error IDs list", args[cur_arg]);
3934
return ERR_ALERT | ERR_FATAL;
3937
if (strcmp(args[cur_arg], "ca-ignore-err") == 0)
3938
ignerr = &conf->ca_ignerr;
3940
if (strcmp(p, "all") == 0) {
3947
if ((code <= 0) || (code > 63)) {
3949
memprintf(err, "'%s' : ID '%d' out of range (1..63) in error IDs list '%s'",
3950
args[cur_arg], code, args[cur_arg + 1]);
3951
return ERR_ALERT | ERR_FATAL;
3953
*ignerr |= 1ULL << code;
3962
/* parse the "force-sslv3" bind keyword */
3963
static int bind_parse_force_sslv3(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3965
conf->ssl_options |= BC_SSL_O_USE_SSLV3;
3969
/* parse the "force-tlsv10" bind keyword */
3970
static int bind_parse_force_tlsv10(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3972
conf->ssl_options |= BC_SSL_O_USE_TLSV10;
3976
/* parse the "force-tlsv11" bind keyword */
3977
static int bind_parse_force_tlsv11(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3979
#if SSL_OP_NO_TLSv1_1
3980
conf->ssl_options |= BC_SSL_O_USE_TLSV11;
3984
memprintf(err, "'%s' : library does not support protocol TLSv1.1", args[cur_arg]);
3985
return ERR_ALERT | ERR_FATAL;
3989
/* parse the "force-tlsv12" bind keyword */
3990
static int bind_parse_force_tlsv12(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3992
#if SSL_OP_NO_TLSv1_2
3993
conf->ssl_options |= BC_SSL_O_USE_TLSV12;
3997
memprintf(err, "'%s' : library does not support protocol TLSv1.2", args[cur_arg]);
3998
return ERR_ALERT | ERR_FATAL;
4003
/* parse the "no-tls-tickets" bind keyword */
4004
static int bind_parse_no_tls_tickets(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4006
conf->ssl_options |= BC_SSL_O_NO_TLS_TICKETS;
4011
/* parse the "no-sslv3" bind keyword */
4012
static int bind_parse_no_sslv3(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4014
conf->ssl_options |= BC_SSL_O_NO_SSLV3;
4018
/* parse the "no-tlsv10" bind keyword */
4019
static int bind_parse_no_tlsv10(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4021
conf->ssl_options |= BC_SSL_O_NO_TLSV10;
4025
/* parse the "no-tlsv11" bind keyword */
4026
static int bind_parse_no_tlsv11(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4028
conf->ssl_options |= BC_SSL_O_NO_TLSV11;
4032
/* parse the "no-tlsv12" bind keyword */
4033
static int bind_parse_no_tlsv12(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4035
conf->ssl_options |= BC_SSL_O_NO_TLSV12;
4039
/* parse the "npn" bind keyword */
4040
static int bind_parse_npn(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4042
#ifdef OPENSSL_NPN_NEGOTIATED
4045
if (!*args[cur_arg + 1]) {
4046
memprintf(err, "'%s' : missing the comma-delimited NPN protocol suite", args[cur_arg]);
4047
return ERR_ALERT | ERR_FATAL;
4050
free(conf->npn_str);
4052
/* the NPN string is built as a suite of (<len> <name>)* */
4053
conf->npn_len = strlen(args[cur_arg + 1]) + 1;
4054
conf->npn_str = calloc(1, conf->npn_len);
4055
memcpy(conf->npn_str + 1, args[cur_arg + 1], conf->npn_len);
4057
/* replace commas with the name length */
4061
p2 = memchr(p1 + 1, ',', conf->npn_str + conf->npn_len - (p1 + 1));
4063
p2 = p1 + 1 + strlen(p1 + 1);
4065
if (p2 - (p1 + 1) > 255) {
4067
memprintf(err, "'%s' : NPN protocol name too long : '%s'", args[cur_arg], p1 + 1);
4068
return ERR_ALERT | ERR_FATAL;
4071
*p1 = p2 - (p1 + 1);
4082
memprintf(err, "'%s' : library does not support TLS NPN extension", args[cur_arg]);
4083
return ERR_ALERT | ERR_FATAL;
4087
/* parse the "alpn" bind keyword */
4088
static int bind_parse_alpn(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4090
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
4093
if (!*args[cur_arg + 1]) {
4094
memprintf(err, "'%s' : missing the comma-delimited ALPN protocol suite", args[cur_arg]);
4095
return ERR_ALERT | ERR_FATAL;
4098
free(conf->alpn_str);
4100
/* the ALPN string is built as a suite of (<len> <name>)* */
4101
conf->alpn_len = strlen(args[cur_arg + 1]) + 1;
4102
conf->alpn_str = calloc(1, conf->alpn_len);
4103
memcpy(conf->alpn_str + 1, args[cur_arg + 1], conf->alpn_len);
4105
/* replace commas with the name length */
4106
p1 = conf->alpn_str;
4109
p2 = memchr(p1 + 1, ',', conf->alpn_str + conf->alpn_len - (p1 + 1));
4111
p2 = p1 + 1 + strlen(p1 + 1);
4113
if (p2 - (p1 + 1) > 255) {
4115
memprintf(err, "'%s' : ALPN protocol name too long : '%s'", args[cur_arg], p1 + 1);
4116
return ERR_ALERT | ERR_FATAL;
4119
*p1 = p2 - (p1 + 1);
4130
memprintf(err, "'%s' : library does not support TLS ALPN extension", args[cur_arg]);
4131
return ERR_ALERT | ERR_FATAL;
4135
/* parse the "ssl" bind keyword */
4136
static int bind_parse_ssl(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4142
if (global.listen_default_ciphers && !conf->ciphers)
4143
conf->ciphers = strdup(global.listen_default_ciphers);
4144
conf->ssl_options |= global.listen_default_ssloptions;
4146
list_for_each_entry(l, &conf->listeners, by_bind)
4147
l->xprt = &ssl_sock;
4152
/* parse the "strict-sni" bind keyword */
4153
static int bind_parse_strict_sni(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4155
conf->strict_sni = 1;
4159
/* parse the "verify" bind keyword */
4160
static int bind_parse_verify(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4162
if (!*args[cur_arg + 1]) {
4164
memprintf(err, "'%s' : missing verify method", args[cur_arg]);
4165
return ERR_ALERT | ERR_FATAL;
4168
if (strcmp(args[cur_arg + 1], "none") == 0)
4169
conf->verify = SSL_SOCK_VERIFY_NONE;
4170
else if (strcmp(args[cur_arg + 1], "optional") == 0)
4171
conf->verify = SSL_SOCK_VERIFY_OPTIONAL;
4172
else if (strcmp(args[cur_arg + 1], "required") == 0)
4173
conf->verify = SSL_SOCK_VERIFY_REQUIRED;
4176
memprintf(err, "'%s' : unknown verify method '%s', only 'none', 'optional', and 'required' are supported\n",
4177
args[cur_arg], args[cur_arg + 1]);
4178
return ERR_ALERT | ERR_FATAL;
4184
/************** "server" keywords ****************/
4186
/* parse the "ca-file" server keyword */
4187
static int srv_parse_ca_file(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4189
if (!*args[*cur_arg + 1]) {
4191
memprintf(err, "'%s' : missing CAfile path", args[*cur_arg]);
4192
return ERR_ALERT | ERR_FATAL;
4195
if ((*args[*cur_arg + 1] != '/') && global.ca_base)
4196
memprintf(&newsrv->ssl_ctx.ca_file, "%s/%s", global.ca_base, args[*cur_arg + 1]);
4198
memprintf(&newsrv->ssl_ctx.ca_file, "%s", args[*cur_arg + 1]);
4203
/* parse the "check-ssl" server keyword */
4204
static int srv_parse_check_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4206
newsrv->check.use_ssl = 1;
4207
if (global.connect_default_ciphers && !newsrv->ssl_ctx.ciphers)
4208
newsrv->ssl_ctx.ciphers = strdup(global.connect_default_ciphers);
4209
newsrv->ssl_ctx.options |= global.connect_default_ssloptions;
4213
/* parse the "ciphers" server keyword */
4214
static int srv_parse_ciphers(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4216
if (!*args[*cur_arg + 1]) {
4217
memprintf(err, "'%s' : missing cipher suite", args[*cur_arg]);
4218
return ERR_ALERT | ERR_FATAL;
4221
free(newsrv->ssl_ctx.ciphers);
4222
newsrv->ssl_ctx.ciphers = strdup(args[*cur_arg + 1]);
4226
/* parse the "crl-file" server keyword */
4227
static int srv_parse_crl_file(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4229
#ifndef X509_V_FLAG_CRL_CHECK
4231
memprintf(err, "'%s' : library does not support CRL verify", args[*cur_arg]);
4232
return ERR_ALERT | ERR_FATAL;
4234
if (!*args[*cur_arg + 1]) {
4236
memprintf(err, "'%s' : missing CRLfile path", args[*cur_arg]);
4237
return ERR_ALERT | ERR_FATAL;
4240
if ((*args[*cur_arg + 1] != '/') && global.ca_base)
4241
memprintf(&newsrv->ssl_ctx.crl_file, "%s/%s", global.ca_base, args[*cur_arg + 1]);
4243
memprintf(&newsrv->ssl_ctx.crl_file, "%s", args[*cur_arg + 1]);
4249
/* parse the "crt" server keyword */
4250
static int srv_parse_crt(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4252
if (!*args[*cur_arg + 1]) {
4254
memprintf(err, "'%s' : missing certificate file path", args[*cur_arg]);
4255
return ERR_ALERT | ERR_FATAL;
4258
if ((*args[*cur_arg + 1] != '/') && global.crt_base)
4259
memprintf(&newsrv->ssl_ctx.client_crt, "%s/%s", global.ca_base, args[*cur_arg + 1]);
4261
memprintf(&newsrv->ssl_ctx.client_crt, "%s", args[*cur_arg + 1]);
4266
/* parse the "force-sslv3" server keyword */
4267
static int srv_parse_force_sslv3(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4269
newsrv->ssl_ctx.options |= SRV_SSL_O_USE_SSLV3;
4273
/* parse the "force-tlsv10" server keyword */
4274
static int srv_parse_force_tlsv10(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4276
newsrv->ssl_ctx.options |= SRV_SSL_O_USE_TLSV10;
4280
/* parse the "force-tlsv11" server keyword */
4281
static int srv_parse_force_tlsv11(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4283
#if SSL_OP_NO_TLSv1_1
4284
newsrv->ssl_ctx.options |= SRV_SSL_O_USE_TLSV11;
4288
memprintf(err, "'%s' : library does not support protocol TLSv1.1", args[*cur_arg]);
4289
return ERR_ALERT | ERR_FATAL;
4293
/* parse the "force-tlsv12" server keyword */
4294
static int srv_parse_force_tlsv12(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4296
#if SSL_OP_NO_TLSv1_2
4297
newsrv->ssl_ctx.options |= SRV_SSL_O_USE_TLSV12;
4301
memprintf(err, "'%s' : library does not support protocol TLSv1.2", args[*cur_arg]);
4302
return ERR_ALERT | ERR_FATAL;
4306
/* parse the "no-sslv3" server keyword */
4307
static int srv_parse_no_sslv3(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4309
newsrv->ssl_ctx.options |= SRV_SSL_O_NO_SSLV3;
4313
/* parse the "no-tlsv10" server keyword */
4314
static int srv_parse_no_tlsv10(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4316
newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLSV10;
4320
/* parse the "no-tlsv11" server keyword */
4321
static int srv_parse_no_tlsv11(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4323
newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLSV11;
4327
/* parse the "no-tlsv12" server keyword */
4328
static int srv_parse_no_tlsv12(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4330
newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLSV12;
4334
/* parse the "no-tls-tickets" server keyword */
4335
static int srv_parse_no_tls_tickets(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4337
newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLS_TICKETS;
4340
/* parse the "send-proxy-v2-ssl" server keyword */
4341
static int srv_parse_send_proxy_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4343
newsrv->pp_opts |= SRV_PP_V2;
4344
newsrv->pp_opts |= SRV_PP_V2_SSL;
4348
/* parse the "send-proxy-v2-ssl-cn" server keyword */
4349
static int srv_parse_send_proxy_cn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4351
newsrv->pp_opts |= SRV_PP_V2;
4352
newsrv->pp_opts |= SRV_PP_V2_SSL;
4353
newsrv->pp_opts |= SRV_PP_V2_SSL_CN;
4357
/* parse the "ssl" server keyword */
4358
static int srv_parse_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4360
newsrv->use_ssl = 1;
4361
if (global.connect_default_ciphers && !newsrv->ssl_ctx.ciphers)
4362
newsrv->ssl_ctx.ciphers = strdup(global.connect_default_ciphers);
4366
/* parse the "verify" server keyword */
4367
static int srv_parse_verify(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4369
if (!*args[*cur_arg + 1]) {
4371
memprintf(err, "'%s' : missing verify method", args[*cur_arg]);
4372
return ERR_ALERT | ERR_FATAL;
4375
if (strcmp(args[*cur_arg + 1], "none") == 0)
4376
newsrv->ssl_ctx.verify = SSL_SOCK_VERIFY_NONE;
4377
else if (strcmp(args[*cur_arg + 1], "required") == 0)
4378
newsrv->ssl_ctx.verify = SSL_SOCK_VERIFY_REQUIRED;
4381
memprintf(err, "'%s' : unknown verify method '%s', only 'none' and 'required' are supported\n",
4382
args[*cur_arg], args[*cur_arg + 1]);
4383
return ERR_ALERT | ERR_FATAL;
4389
/* parse the "verifyhost" server keyword */
4390
static int srv_parse_verifyhost(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4392
if (!*args[*cur_arg + 1]) {
4394
memprintf(err, "'%s' : missing hostname to verify against", args[*cur_arg]);
4395
return ERR_ALERT | ERR_FATAL;
4398
newsrv->ssl_ctx.verify_host = strdup(args[*cur_arg + 1]);
4403
/* parse the "ssl-default-bind-options" keyword in global section */
4404
static int ssl_parse_default_bind_options(char **args, int section_type, struct proxy *curpx,
4405
struct proxy *defpx, const char *file, int line,
4409
if (*(args[i]) == 0) {
4410
memprintf(err, "global statement '%s' expects an option as an argument.", args[0]);
4413
while (*(args[i])) {
4414
if (!strcmp(args[i], "no-sslv3"))
4415
global.listen_default_ssloptions |= BC_SSL_O_NO_SSLV3;
4416
else if (!strcmp(args[i], "no-tlsv10"))
4417
global.listen_default_ssloptions |= BC_SSL_O_NO_TLSV10;
4418
else if (!strcmp(args[i], "no-tlsv11"))
4419
global.listen_default_ssloptions |= BC_SSL_O_NO_TLSV11;
4420
else if (!strcmp(args[i], "no-tlsv12"))
4421
global.listen_default_ssloptions |= BC_SSL_O_NO_TLSV12;
4422
else if (!strcmp(args[i], "force-sslv3"))
4423
global.listen_default_ssloptions |= BC_SSL_O_USE_SSLV3;
4424
else if (!strcmp(args[i], "force-tlsv10"))
4425
global.listen_default_ssloptions |= BC_SSL_O_USE_TLSV10;
4426
else if (!strcmp(args[i], "force-tlsv11")) {
4427
#if SSL_OP_NO_TLSv1_1
4428
global.listen_default_ssloptions |= BC_SSL_O_USE_TLSV11;
4430
memprintf(err, "'%s' '%s': library does not support protocol TLSv1.1", args[0], args[i]);
4434
else if (!strcmp(args[i], "force-tlsv12")) {
4435
#if SSL_OP_NO_TLSv1_2
4436
global.listen_default_ssloptions |= BC_SSL_O_USE_TLSV12;
4438
memprintf(err, "'%s' '%s': library does not support protocol TLSv1.2", args[0], args[i]);
4442
else if (!strcmp(args[i], "no-tls-tickets"))
4443
global.listen_default_ssloptions |= BC_SSL_O_NO_TLS_TICKETS;
4445
memprintf(err, "unknown option '%s' on global statement '%s'.", args[i], args[0]);
4453
/* parse the "ssl-default-server-options" keyword in global section */
4454
static int ssl_parse_default_server_options(char **args, int section_type, struct proxy *curpx,
4455
struct proxy *defpx, const char *file, int line,
4459
if (*(args[i]) == 0) {
4460
memprintf(err, "global statement '%s' expects an option as an argument.", args[0]);
4463
while (*(args[i])) {
4464
if (!strcmp(args[i], "no-sslv3"))
4465
global.connect_default_ssloptions |= SRV_SSL_O_NO_SSLV3;
4466
else if (!strcmp(args[i], "no-tlsv10"))
4467
global.connect_default_ssloptions |= SRV_SSL_O_NO_TLSV10;
4468
else if (!strcmp(args[i], "no-tlsv11"))
4469
global.connect_default_ssloptions |= SRV_SSL_O_NO_TLSV11;
4470
else if (!strcmp(args[i], "no-tlsv12"))
4471
global.connect_default_ssloptions |= SRV_SSL_O_NO_TLSV12;
4472
else if (!strcmp(args[i], "force-sslv3"))
4473
global.connect_default_ssloptions |= SRV_SSL_O_USE_SSLV3;
4474
else if (!strcmp(args[i], "force-tlsv10"))
4475
global.connect_default_ssloptions |= SRV_SSL_O_USE_TLSV10;
4476
else if (!strcmp(args[i], "force-tlsv11")) {
4477
#if SSL_OP_NO_TLSv1_1
4478
global.connect_default_ssloptions |= SRV_SSL_O_USE_TLSV11;
4480
memprintf(err, "'%s' '%s': library does not support protocol TLSv1.1", args[0], args[i]);
4484
else if (!strcmp(args[i], "force-tlsv12")) {
4485
#if SSL_OP_NO_TLSv1_2
4486
global.connect_default_ssloptions |= SRV_SSL_O_USE_TLSV12;
4488
memprintf(err, "'%s' '%s': library does not support protocol TLSv1.2", args[0], args[i]);
4492
else if (!strcmp(args[i], "no-tls-tickets"))
4493
global.connect_default_ssloptions |= SRV_SSL_O_NO_TLS_TICKETS;
4495
memprintf(err, "unknown option '%s' on global statement '%s'.", args[i], args[0]);
4503
/* Note: must not be declared <const> as its list will be overwritten.
4504
* Please take care of keeping this list alphabetically sorted.
4506
static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
4507
{ "ssl_bc", smp_fetch_ssl_fc, 0, NULL, SMP_T_BOOL, SMP_USE_L5SRV },
4508
{ "ssl_bc_alg_keysize", smp_fetch_ssl_fc_alg_keysize, 0, NULL, SMP_T_UINT, SMP_USE_L5SRV },
4509
{ "ssl_bc_cipher", smp_fetch_ssl_fc_cipher, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
4510
{ "ssl_bc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
4511
{ "ssl_bc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
4512
{ "ssl_bc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_UINT, SMP_USE_L5SRV },
4513
{ "ssl_bc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
4514
{ "ssl_c_ca_err", smp_fetch_ssl_c_ca_err, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4515
{ "ssl_c_ca_err_depth", smp_fetch_ssl_c_ca_err_depth, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4516
{ "ssl_c_der", smp_fetch_ssl_x_der, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4517
{ "ssl_c_err", smp_fetch_ssl_c_err, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4518
{ "ssl_c_i_dn", smp_fetch_ssl_x_i_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
4519
{ "ssl_c_key_alg", smp_fetch_ssl_x_key_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4520
{ "ssl_c_notafter", smp_fetch_ssl_x_notafter, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4521
{ "ssl_c_notbefore", smp_fetch_ssl_x_notbefore, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4522
{ "ssl_c_sig_alg", smp_fetch_ssl_x_sig_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4523
{ "ssl_c_s_dn", smp_fetch_ssl_x_s_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
4524
{ "ssl_c_serial", smp_fetch_ssl_x_serial, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4525
{ "ssl_c_sha1", smp_fetch_ssl_x_sha1, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4526
{ "ssl_c_used", smp_fetch_ssl_c_used, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
4527
{ "ssl_c_verify", smp_fetch_ssl_c_verify, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4528
{ "ssl_c_version", smp_fetch_ssl_x_version, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4529
{ "ssl_f_der", smp_fetch_ssl_x_der, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4530
{ "ssl_f_i_dn", smp_fetch_ssl_x_i_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
4531
{ "ssl_f_key_alg", smp_fetch_ssl_x_key_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4532
{ "ssl_f_notafter", smp_fetch_ssl_x_notafter, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4533
{ "ssl_f_notbefore", smp_fetch_ssl_x_notbefore, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4534
{ "ssl_f_sig_alg", smp_fetch_ssl_x_sig_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4535
{ "ssl_f_s_dn", smp_fetch_ssl_x_s_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
4536
{ "ssl_f_serial", smp_fetch_ssl_x_serial, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4537
{ "ssl_f_sha1", smp_fetch_ssl_x_sha1, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4538
{ "ssl_f_version", smp_fetch_ssl_x_version, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4539
{ "ssl_fc", smp_fetch_ssl_fc, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
4540
{ "ssl_fc_alg_keysize", smp_fetch_ssl_fc_alg_keysize, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4541
{ "ssl_fc_cipher", smp_fetch_ssl_fc_cipher, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4542
{ "ssl_fc_has_crt", smp_fetch_ssl_fc_has_crt, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
4543
{ "ssl_fc_has_sni", smp_fetch_ssl_fc_has_sni, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
4544
#ifdef OPENSSL_NPN_NEGOTIATED
4545
{ "ssl_fc_npn", smp_fetch_ssl_fc_npn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4547
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
4548
{ "ssl_fc_alpn", smp_fetch_ssl_fc_alpn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4550
{ "ssl_fc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4551
{ "ssl_fc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4552
{ "ssl_fc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4553
{ "ssl_fc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4554
{ "ssl_fc_sni", smp_fetch_ssl_fc_sni, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4555
{ NULL, NULL, 0, 0, 0 },
4558
/* Note: must not be declared <const> as its list will be overwritten.
4559
* Please take care of keeping this list alphabetically sorted.
4561
static struct acl_kw_list acl_kws = {ILH, {
4562
{ "ssl_fc_sni_end", "ssl_fc_sni", PAT_MATCH_END },
4563
{ "ssl_fc_sni_reg", "ssl_fc_sni", PAT_MATCH_REG },
4567
/* Note: must not be declared <const> as its list will be overwritten.
4568
* Please take care of keeping this list alphabetically sorted, doing so helps
4569
* all code contributors.
4570
* Optional keywords are also declared with a NULL ->parse() function so that
4571
* the config parser can report an appropriate error when a known keyword was
4574
static struct bind_kw_list bind_kws = { "SSL", { }, {
4575
{ "alpn", bind_parse_alpn, 1 }, /* set ALPN supported protocols */
4576
{ "ca-file", bind_parse_ca_file, 1 }, /* set CAfile to process verify on client cert */
4577
{ "ca-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ignore on verify depth > 0 */
4578
{ "ciphers", bind_parse_ciphers, 1 }, /* set SSL cipher suite */
4579
{ "crl-file", bind_parse_crl_file, 1 }, /* set certificat revocation list file use on client cert verify */
4580
{ "crt", bind_parse_crt, 1 }, /* load SSL certificates from this location */
4581
{ "crt-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ingore on verify depth == 0 */
4582
{ "crt-list", bind_parse_crt_list, 1 }, /* load a list of crt from this location */
4583
{ "ecdhe", bind_parse_ecdhe, 1 }, /* defines named curve for elliptic curve Diffie-Hellman */
4584
{ "force-sslv3", bind_parse_force_sslv3, 0 }, /* force SSLv3 */
4585
{ "force-tlsv10", bind_parse_force_tlsv10, 0 }, /* force TLSv10 */
4586
{ "force-tlsv11", bind_parse_force_tlsv11, 0 }, /* force TLSv11 */
4587
{ "force-tlsv12", bind_parse_force_tlsv12, 0 }, /* force TLSv12 */
4588
{ "no-sslv3", bind_parse_no_sslv3, 0 }, /* disable SSLv3 */
4589
{ "no-tlsv10", bind_parse_no_tlsv10, 0 }, /* disable TLSv10 */
4590
{ "no-tlsv11", bind_parse_no_tlsv11, 0 }, /* disable TLSv11 */
4591
{ "no-tlsv12", bind_parse_no_tlsv12, 0 }, /* disable TLSv12 */
4592
{ "no-tls-tickets", bind_parse_no_tls_tickets, 0 }, /* disable session resumption tickets */
4593
{ "ssl", bind_parse_ssl, 0 }, /* enable SSL processing */
4594
{ "strict-sni", bind_parse_strict_sni, 0 }, /* refuse negotiation if sni doesn't match a certificate */
4595
{ "verify", bind_parse_verify, 1 }, /* set SSL verify method */
4596
{ "npn", bind_parse_npn, 1 }, /* set NPN supported protocols */
4600
/* Note: must not be declared <const> as its list will be overwritten.
4601
* Please take care of keeping this list alphabetically sorted, doing so helps
4602
* all code contributors.
4603
* Optional keywords are also declared with a NULL ->parse() function so that
4604
* the config parser can report an appropriate error when a known keyword was
4607
static struct srv_kw_list srv_kws = { "SSL", { }, {
4608
{ "ca-file", srv_parse_ca_file, 1, 0 }, /* set CAfile to process verify server cert */
4609
{ "check-ssl", srv_parse_check_ssl, 0, 0 }, /* enable SSL for health checks */
4610
{ "ciphers", srv_parse_ciphers, 1, 0 }, /* select the cipher suite */
4611
{ "crl-file", srv_parse_crl_file, 1, 0 }, /* set certificate revocation list file use on server cert verify */
4612
{ "crt", srv_parse_crt, 1, 0 }, /* set client certificate */
4613
{ "force-sslv3", srv_parse_force_sslv3, 0, 0 }, /* force SSLv3 */
4614
{ "force-tlsv10", srv_parse_force_tlsv10, 0, 0 }, /* force TLSv10 */
4615
{ "force-tlsv11", srv_parse_force_tlsv11, 0, 0 }, /* force TLSv11 */
4616
{ "force-tlsv12", srv_parse_force_tlsv12, 0, 0 }, /* force TLSv12 */
4617
{ "no-sslv3", srv_parse_no_sslv3, 0, 0 }, /* disable SSLv3 */
4618
{ "no-tlsv10", srv_parse_no_tlsv10, 0, 0 }, /* disable TLSv10 */
4619
{ "no-tlsv11", srv_parse_no_tlsv11, 0, 0 }, /* disable TLSv11 */
4620
{ "no-tlsv12", srv_parse_no_tlsv12, 0, 0 }, /* disable TLSv12 */
4621
{ "no-tls-tickets", srv_parse_no_tls_tickets, 0, 0 }, /* disable session resumption tickets */
4622
{ "send-proxy-v2-ssl", srv_parse_send_proxy_ssl, 0, 0 }, /* send PROXY protocol header v2 with SSL info */
4623
{ "send-proxy-v2-ssl-cn", srv_parse_send_proxy_cn, 0, 0 }, /* send PROXY protocol header v2 with CN */
4624
{ "ssl", srv_parse_ssl, 0, 0 }, /* enable SSL processing */
4625
{ "verify", srv_parse_verify, 1, 0 }, /* set SSL verify method */
4626
{ "verifyhost", srv_parse_verifyhost, 1, 0 }, /* require that SSL cert verifies for hostname */
4627
{ NULL, NULL, 0, 0 },
4630
static struct cfg_kw_list cfg_kws = {ILH, {
4631
{ CFG_GLOBAL, "ssl-default-bind-options", ssl_parse_default_bind_options },
4632
{ CFG_GLOBAL, "ssl-default-server-options", ssl_parse_default_server_options },
4636
/* transport-layer operations for SSL sockets */
4637
struct xprt_ops ssl_sock = {
4638
.snd_buf = ssl_sock_from_buf,
4639
.rcv_buf = ssl_sock_to_buf,
4643
.shutw = ssl_sock_shutw,
4644
.close = ssl_sock_close,
4645
.init = ssl_sock_init,
4648
__attribute__((constructor))
4649
static void __ssl_sock_init(void)
4651
STACK_OF(SSL_COMP)* cm;
4653
#ifdef LISTEN_DEFAULT_CIPHERS
4654
global.listen_default_ciphers = LISTEN_DEFAULT_CIPHERS;
4656
#ifdef CONNECT_DEFAULT_CIPHERS
4657
global.connect_default_ciphers = CONNECT_DEFAULT_CIPHERS;
4659
if (global.listen_default_ciphers)
4660
global.listen_default_ciphers = strdup(global.listen_default_ciphers);
4661
if (global.connect_default_ciphers)
4662
global.connect_default_ciphers = strdup(global.connect_default_ciphers);
4663
global.listen_default_ssloptions = BC_SSL_O_NONE;
4664
global.connect_default_ssloptions = SRV_SSL_O_NONE;
4667
cm = SSL_COMP_get_compression_methods();
4668
sk_SSL_COMP_zero(cm);
4669
sample_register_fetches(&sample_fetch_keywords);
4670
acl_register_keywords(&acl_kws);
4671
bind_register_keywords(&bind_kws);
4672
srv_register_keywords(&srv_kws);
4673
cfg_register_keywords(&cfg_kws);