~ubuntu-branches/debian/sid/haproxy/sid
» Revision
27
: .pc/from-upstream/0002-BUG-MEDIUM-ssl-force-a-full-GC-in-case-of-memory-sho.patch/src/ssl_sock.c
« back to all changes in this revision
Viewing changes to .pc/from-upstream/0002-BUG-MEDIUM-ssl-force-a-full-GC-in-case-of-memory-sho.patch/src/ssl_sock.c
- browse files at revision 27
- compare with another revision
- download diff
- download tarball
- view history from revision 27
- Committer: Package Import Robot
- Author(s): Vincent Bernat
- Date: 2014-12-07 11:11:21 UTC
- Revision ID: package-import@ubuntu.com-20141207111121-qgifv7nl6eoi3lek
Tags: 1.5.8-2
* Cherry-pick the following patches from 1.5.9 release:
- 8a0b93bde77e BUG/MAJOR: sessions: unlink session from list on out
of memory
- bae03eaad40a BUG/MEDIUM: pattern: don't load more than once a pattern
list.
- 93637b6e8503 BUG/MEDIUM: connection: sanitize PPv2 header length before
parsing address information
- 8ba50128832b BUG/MAJOR: frontend: initialize capture pointers earlier
- 1f96a87c4e14 BUG/MEDIUM: checks: fix conflicts between agent checks and
ssl healthchecks
- 9bcc01ae2598 BUG/MEDIUM: ssl: force a full GC in case of memory shortage
- 909514970089 BUG/MEDIUM: ssl: fix bad ssl context init can cause
segfault in case of OOM.
* Cherry-pick the following patches from future 1.5.10 release:
- 1e89acb6be9b BUG/MEDIUM: payload: ensure that a request channel is
available
- bad3c6f1b6d7 BUG/MEDIUM: patterns: previous fix was incomplete
- 8a0b93bde77e BUG/MAJOR: sessions: unlink session from list on out
of memory
- bae03eaad40a BUG/MEDIUM: pattern: don't load more than once a pattern
list.
- 93637b6e8503 BUG/MEDIUM: connection: sanitize PPv2 header length before
parsing address information
- 8ba50128832b BUG/MAJOR: frontend: initialize capture pointers earlier
- 1f96a87c4e14 BUG/MEDIUM: checks: fix conflicts between agent checks and
ssl healthchecks
- 9bcc01ae2598 BUG/MEDIUM: ssl: force a full GC in case of memory shortage
- 909514970089 BUG/MEDIUM: ssl: fix bad ssl context init can cause
segfault in case of OOM.
* Cherry-pick the following patches from future 1.5.10 release:
- 1e89acb6be9b BUG/MEDIUM: payload: ensure that a request channel is
available
- bad3c6f1b6d7 BUG/MEDIUM: patterns: previous fix was incomplete
- files added:
- .pc/from-upstream
- .pc/from-upstream/0001-BUG-MEDIUM-ssl-fix-bad-ssl-context-init-can-cause-se.patch
- .pc/from-upstream/0001-BUG-MEDIUM-ssl-fix-bad-ssl-context-init-can-cause-se.patch/src
- .pc/from-upstream/0002-BUG-MEDIUM-ssl-force-a-full-GC-in-case-of-memory-sho.patch
- .pc/from-upstream/0002-BUG-MEDIUM-ssl-force-a-full-GC-in-case-of-memory-sho.patch/src
- .pc/from-upstream/0003-BUG-MEDIUM-checks-fix-conflicts-between-agent-checks.patch
- .pc/from-upstream/0003-BUG-MEDIUM-checks-fix-conflicts-between-agent-checks.patch/include
- .pc/from-upstream/0003-BUG-MEDIUM-checks-fix-conflicts-between-agent-checks.patch/include/types
- .pc/from-upstream/0003-BUG-MEDIUM-checks-fix-conflicts-between-agent-checks.patch/src
- .pc/from-upstream/0004-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch
- .pc/from-upstream/0004-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch/src
- .pc/from-upstream/0005-BUG-MEDIUM-connection-sanitize-PPv2-header-length-be.patch
- .pc/from-upstream/0005-BUG-MEDIUM-connection-sanitize-PPv2-header-length-be.patch/src
- .pc/from-upstream/0006-BUG-MEDIUM-pattern-don-t-load-more-than-once-a-patte.patch
- .pc/from-upstream/0006-BUG-MEDIUM-pattern-don-t-load-more-than-once-a-patte.patch/include
- .pc/from-upstream/0006-BUG-MEDIUM-pattern-don-t-load-more-than-once-a-patte.patch/include/proto
- .pc/from-upstream/0006-BUG-MEDIUM-pattern-don-t-load-more-than-once-a-patte.patch/src
- .pc/from-upstream/0007-BUG-MAJOR-sessions-unlink-session-from-list-on-out-o.patch
- .pc/from-upstream/0007-BUG-MAJOR-sessions-unlink-session-from-list-on-out-o.patch/src
- .pc/from-upstream/0008-BUG-MEDIUM-patterns-previous-fix-was-incomplete.patch
- .pc/from-upstream/0008-BUG-MEDIUM-patterns-previous-fix-was-incomplete.patch/src
- .pc/from-upstream/0009-BUG-MEDIUM-payload-ensure-that-a-request-channel-is-.patch
- .pc/from-upstream/0009-BUG-MEDIUM-payload-ensure-that-a-request-channel-is-.patch/src
- debian/patches/from-upstream
- files modified:
- .pc/applied-patches
added
removed
.pc/from-upstream/0002-BUG-MEDIUM-ssl-force-a-full-GC-in-case-of-memory-sho.patch/src/ssl_sock.c
1
/*
2
* SSL/TLS transport layer over SOCK_STREAM sockets
3
*
4
* Copyright (C) 2012 EXCELIANCE, Emeric Brun <ebrun@exceliance.fr>
5
*
6
* This program is free software; you can redistribute it and/or
7
* modify it under the terms of the GNU General Public License
8
* as published by the Free Software Foundation; either version
9
* 2 of the License, or (at your option) any later version.
10
*
11
* Acknowledgement:
12
* We'd like to specially thank the Stud project authors for a very clean
13
* and well documented code which helped us understand how the OpenSSL API
14
* ought to be used in non-blocking mode. This is one difficult part which
15
* is not easy to get from the OpenSSL doc, and reading the Stud code made
16
* it much more obvious than the examples in the OpenSSL package. Keep up
17
* the good works, guys !
18
*
19
* Stud is an extremely efficient and scalable SSL/TLS proxy which combines
20
* particularly well with haproxy. For more info about this project, visit :
21
* https://github.com/bumptech/stud
22
*
23
*/
24
25
#define _GNU_SOURCE
26
#include <ctype.h>
27
#include <dirent.h>
28
#include <errno.h>
29
#include <fcntl.h>
30
#include <stdio.h>
31
#include <stdlib.h>
32
#include <string.h>
33
#include <unistd.h>
34
35
#include <sys/socket.h>
36
#include <sys/stat.h>
37
#include <sys/types.h>
38
39
#include <netinet/tcp.h>
40
41
#include <openssl/ssl.h>
42
#include <openssl/x509.h>
43
#include <openssl/x509v3.h>
44
#include <openssl/x509.h>
45
#include <openssl/err.h>
46
#include <openssl/rand.h>
47
#ifdef SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
48
#include <openssl/ocsp.h>
49
#endif
50
51
#include <common/buffer.h>
52
#include <common/compat.h>
53
#include <common/config.h>
54
#include <common/debug.h>
55
#include <common/errors.h>
56
#include <common/standard.h>
57
#include <common/ticks.h>
58
#include <common/time.h>
59
#include <common/cfgparse.h>
60
61
#include <ebsttree.h>
62
63
#include <types/global.h>
64
#include <types/ssl_sock.h>
65
66
#include <proto/acl.h>
67
#include <proto/arg.h>
68
#include <proto/connection.h>
69
#include <proto/fd.h>
70
#include <proto/freq_ctr.h>
71
#include <proto/frontend.h>
72
#include <proto/listener.h>
73
#include <proto/pattern.h>
74
#include <proto/server.h>
75
#include <proto/log.h>
76
#include <proto/proxy.h>
77
#include <proto/shctx.h>
78
#include <proto/ssl_sock.h>
79
#include <proto/task.h>
80
81
/* Warning, these are bits, not integers! */
82
#define SSL_SOCK_ST_FL_VERIFY_DONE 0x00000001
83
#define SSL_SOCK_ST_FL_16K_WBFSIZE 0x00000002
84
#define SSL_SOCK_SEND_UNLIMITED 0x00000004
85
#define SSL_SOCK_RECV_HEARTBEAT 0x00000008
86
87
/* bits 0xFFFF0000 are reserved to store verify errors */
88
89
/* Verify errors macros */
90
#define SSL_SOCK_CA_ERROR_TO_ST(e) (((e > 63) ? 63 : e) << (16))
91
#define SSL_SOCK_CAEDEPTH_TO_ST(d) (((d > 15) ? 15 : d) << (6+16))
92
#define SSL_SOCK_CRTERROR_TO_ST(e) (((e > 63) ? 63 : e) << (4+6+16))
93
94
#define SSL_SOCK_ST_TO_CA_ERROR(s) ((s >> (16)) & 63)
95
#define SSL_SOCK_ST_TO_CAEDEPTH(s) ((s >> (6+16)) & 15)
96
#define SSL_SOCK_ST_TO_CRTERROR(s) ((s >> (4+6+16)) & 63)
97
98
/* server and bind verify method, it uses a global value as default */
99
enum {
100
SSL_SOCK_VERIFY_DEFAULT = 0,
101
SSL_SOCK_VERIFY_REQUIRED = 1,
102
SSL_SOCK_VERIFY_OPTIONAL = 2,
103
SSL_SOCK_VERIFY_NONE = 3,
104
};
105
106
int sslconns = 0;
107
int totalsslconns = 0;
108
109
#ifndef OPENSSL_NO_DH
110
static DH *local_dh_1024 = NULL;
111
static DH *local_dh_2048 = NULL;
112
static DH *local_dh_4096 = NULL;
113
static DH *local_dh_8192 = NULL;
114
#endif /* OPENSSL_NO_DH */
115
116
#ifdef SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
117
struct certificate_ocsp {
118
struct ebmb_node key;
119
unsigned char key_data[OCSP_MAX_CERTID_ASN1_LENGTH];
120
struct chunk response;
121
long expire;
122
};
123
124
/*
125
* This function returns the number of seconds elapsed
126
* since the Epoch, 1970-01-01 00:00:00 +0000 (UTC) and the
127
* date presented un ASN1_GENERALIZEDTIME.
128
*
129
* In parsing error case, it returns -1.
130
*/
131
static long asn1_generalizedtime_to_epoch(ASN1_GENERALIZEDTIME *d)
132
{
133
long epoch;
134
char *p, *end;
135
const unsigned short month_offset[12] = {
136
0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334
137
};
138
int year, month;
139
140
if (!d || (d->type != V_ASN1_GENERALIZEDTIME)) return -1;
141
142
p = (char *)d->data;
143
end = p + d->length;
144
145
if (end - p < 4) return -1;
146
year = 1000 * (p[0] - '0') + 100 * (p[1] - '0') + 10 * (p[2] - '0') + p[3] - '0';
147
p += 4;
148
if (end - p < 2) return -1;
149
month = 10 * (p[0] - '0') + p[1] - '0';
150
if (month < 1 || month > 12) return -1;
151
/* Compute the number of seconds since 1 jan 1970 and the beginning of current month
152
We consider leap years and the current month (<marsh or not) */
153
epoch = ( ((year - 1970) * 365)
154
+ ((year - (month < 3)) / 4 - (year - (month < 3)) / 100 + (year - (month < 3)) / 400)
155
- ((1970 - 1) / 4 - (1970 - 1) / 100 + (1970 - 1) / 400)
156
+ month_offset[month-1]
157
) * 24 * 60 * 60;
158
p += 2;
159
if (end - p < 2) return -1;
160
/* Add the number of seconds of completed days of current month */
161
epoch += (10 * (p[0] - '0') + p[1] - '0' - 1) * 24 * 60 * 60;
162
p += 2;
163
if (end - p < 2) return -1;
164
/* Add the completed hours of the current day */
165
epoch += (10 * (p[0] - '0') + p[1] - '0') * 60 * 60;
166
p += 2;
167
if (end - p < 2) return -1;
168
/* Add the completed minutes of the current hour */
169
epoch += (10 * (p[0] - '0') + p[1] - '0') * 60;
170
p += 2;
171
if (p == end) return -1;
172
/* Test if there is available seconds */
173
if (p[0] < '0' || p[0] > '9')
174
goto nosec;
175
if (end - p < 2) return -1;
176
/* Add the seconds of the current minute */
177
epoch += 10 * (p[0] - '0') + p[1] - '0';
178
p += 2;
179
if (p == end) return -1;
180
/* Ignore seconds float part if present */
181
if (p[0] == '.') {
182
do {
183
if (++p == end) return -1;
184
} while (p[0] >= '0' && p[0] <= '9');
185
}
186
187
nosec:
188
if (p[0] == 'Z') {
189
if (end - p != 1) return -1;
190
return epoch;
191
}
192
else if (p[0] == '+') {
193
if (end - p != 5) return -1;
194
/* Apply timezone offset */
195
return epoch - ((10 * (p[1] - '0') + p[2] - '0') * 60 + (10 * (p[3] - '0') + p[4] - '0')) * 60;
196
}
197
else if (p[0] == '-') {
198
if (end - p != 5) return -1;
199
/* Apply timezone offset */
200
return epoch + ((10 * (p[1] - '0') + p[2] - '0') * 60 + (10 * (p[3] - '0') + p[4] - '0')) * 60;
201
}
202
203
return -1;
204
}
205
206
static struct eb_root cert_ocsp_tree = EB_ROOT_UNIQUE;
207
208
/* This function starts to check if the OCSP response (in DER format) contained
209
* in chunk 'ocsp_response' is valid (else exits on error).
210
* If 'cid' is not NULL, it will be compared to the OCSP certificate ID
211
* contained in the OCSP Response and exits on error if no match.
212
* If it's a valid OCSP Response:
213
* If 'ocsp' is not NULL, the chunk is copied in the OCSP response's container
214
* pointed by 'ocsp'.
215
* If 'ocsp' is NULL, the function looks up into the OCSP response's
216
* containers tree (using as index the ASN1 form of the OCSP Certificate ID extracted
217
* from the response) and exits on error if not found. Finally, If an OCSP response is
218
* already present in the container, it will be overwritten.
219
*
220
* Note: OCSP response containing more than one OCSP Single response is not
221
* considered valid.
222
*
223
* Returns 0 on success, 1 in error case.
224
*/
225
static int ssl_sock_load_ocsp_response(struct chunk *ocsp_response, struct certificate_ocsp *ocsp, OCSP_CERTID *cid, char **err)
226
{
227
OCSP_RESPONSE *resp;
228
OCSP_BASICRESP *bs = NULL;
229
OCSP_SINGLERESP *sr;
230
unsigned char *p = (unsigned char *)ocsp_response->str;
231
int rc , count_sr;
232
ASN1_GENERALIZEDTIME *revtime, *thisupd, *nextupd = NULL;
233
int reason;
234
int ret = 1;
235
236
resp = d2i_OCSP_RESPONSE(NULL, (const unsigned char **)&p, ocsp_response->len);
237
if (!resp) {
238
memprintf(err, "Unable to parse OCSP response");
239
goto out;
240
}
241
242
rc = OCSP_response_status(resp);
243
if (rc != OCSP_RESPONSE_STATUS_SUCCESSFUL) {
244
memprintf(err, "OCSP response status not successful");
245
goto out;
246
}
247
248
bs = OCSP_response_get1_basic(resp);
249
if (!bs) {
250
memprintf(err, "Failed to get basic response from OCSP Response");
251
goto out;
252
}
253
254
count_sr = OCSP_resp_count(bs);
255
if (count_sr > 1) {
256
memprintf(err, "OCSP response ignored because contains multiple single responses (%d)", count_sr);
257
goto out;
258
}
259
260
sr = OCSP_resp_get0(bs, 0);
261
if (!sr) {
262
memprintf(err, "Failed to get OCSP single response");
263
goto out;
264
}
265
266
rc = OCSP_single_get0_status(sr, &reason, &revtime, &thisupd, &nextupd);
267
if (rc != V_OCSP_CERTSTATUS_GOOD) {
268
memprintf(err, "OCSP single response: certificate status not good");
269
goto out;
270
}
271
272
if (!nextupd) {
273
memprintf(err, "OCSP single response: missing nextupdate");
274
goto out;
275
}
276
277
rc = OCSP_check_validity(thisupd, nextupd, OCSP_MAX_RESPONSE_TIME_SKEW, -1);
278
if (!rc) {
279
memprintf(err, "OCSP single response: no longer valid.");
280
goto out;
281
}
282
283
if (cid) {
284
if (OCSP_id_cmp(sr->certId, cid)) {
285
memprintf(err, "OCSP single response: Certificate ID does not match certificate and issuer");
286
goto out;
287
}
288
}
289
290
if (!ocsp) {
291
unsigned char key[OCSP_MAX_CERTID_ASN1_LENGTH];
292
unsigned char *p;
293
294
rc = i2d_OCSP_CERTID(sr->certId, NULL);
295
if (!rc) {
296
memprintf(err, "OCSP single response: Unable to encode Certificate ID");
297
goto out;
298
}
299
300
if (rc > OCSP_MAX_CERTID_ASN1_LENGTH) {
301
memprintf(err, "OCSP single response: Certificate ID too long");
302
goto out;
303
}
304
305
p = key;
306
memset(key, 0, OCSP_MAX_CERTID_ASN1_LENGTH);
307
i2d_OCSP_CERTID(sr->certId, &p);
308
ocsp = (struct certificate_ocsp *)ebmb_lookup(&cert_ocsp_tree, key, OCSP_MAX_CERTID_ASN1_LENGTH);
309
if (!ocsp) {
310
memprintf(err, "OCSP single response: Certificate ID does not match any certificate or issuer");
311
goto out;
312
}
313
}
314
315
/* According to comments on "chunk_dup", the
316
previous chunk buffer will be freed */
317
if (!chunk_dup(&ocsp->response, ocsp_response)) {
318
memprintf(err, "OCSP response: Memory allocation error");
319
goto out;
320
}
321
322
ocsp->expire = asn1_generalizedtime_to_epoch(nextupd) - OCSP_MAX_RESPONSE_TIME_SKEW;
323
324
ret = 0;
325
out:
326
if (bs)
327
OCSP_BASICRESP_free(bs);
328
329
if (resp)
330
OCSP_RESPONSE_free(resp);
331
332
return ret;
333
}
334
/*
335
* External function use to update the OCSP response in the OCSP response's
336
* containers tree. The chunk 'ocsp_response' must contain the OCSP response
337
* to update in DER format.
338
*
339
* Returns 0 on success, 1 in error case.
340
*/
341
int ssl_sock_update_ocsp_response(struct chunk *ocsp_response, char **err)
342
{
343
return ssl_sock_load_ocsp_response(ocsp_response, NULL, NULL, err);
344
}
345
346
/*
347
* This function load the OCSP Resonse in DER format contained in file at
348
* path 'ocsp_path' and call 'ssl_sock_load_ocsp_response'
349
*
350
* Returns 0 on success, 1 in error case.
351
*/
352
static int ssl_sock_load_ocsp_response_from_file(const char *ocsp_path, struct certificate_ocsp *ocsp, OCSP_CERTID *cid, char **err)
353
{
354
int fd = -1;
355
int r = 0;
356
int ret = 1;
357
358
fd = open(ocsp_path, O_RDONLY);
359
if (fd == -1) {
360
memprintf(err, "Error opening OCSP response file");
361
goto end;
362
}
363
364
trash.len = 0;
365
while (trash.len < trash.size) {
366
r = read(fd, trash.str + trash.len, trash.size - trash.len);
367
if (r < 0) {
368
if (errno == EINTR)
369
continue;
370
371
memprintf(err, "Error reading OCSP response from file");
372
goto end;
373
}
374
else if (r == 0) {
375
break;
376
}
377
trash.len += r;
378
}
379
380
close(fd);
381
fd = -1;
382
383
ret = ssl_sock_load_ocsp_response(&trash, ocsp, cid, err);
384
end:
385
if (fd != -1)
386
close(fd);
387
388
return ret;
389
}
390
391
/*
392
* Callback used to set OCSP status extension content in server hello.
393
*/
394
int ssl_sock_ocsp_stapling_cbk(SSL *ssl, void *arg)
395
{
396
struct certificate_ocsp *ocsp = (struct certificate_ocsp *)arg;
397
char* ssl_buf;
398
399
if (!ocsp ||
400
!ocsp->response.str ||
401
!ocsp->response.len ||
402
(ocsp->expire < now.tv_sec))
403
return SSL_TLSEXT_ERR_NOACK;
404
405
ssl_buf = OPENSSL_malloc(ocsp->response.len);
406
if (!ssl_buf)
407
return SSL_TLSEXT_ERR_NOACK;
408
409
memcpy(ssl_buf, ocsp->response.str, ocsp->response.len);
410
SSL_set_tlsext_status_ocsp_resp(ssl, ssl_buf, ocsp->response.len);
411
412
return SSL_TLSEXT_ERR_OK;
413
}
414
415
/*
416
* This function enables the handling of OCSP status extension on 'ctx' if a
417
* file name 'cert_path' suffixed using ".ocsp" is present.
418
* To enable OCSP status extension, the issuer's certificate is mandatory.
419
* It should be present in the certificate's extra chain builded from file
420
* 'cert_path'. If not found, the issuer certificate is loaded from a file
421
* named 'cert_path' suffixed using '.issuer'.
422
*
423
* In addition, ".ocsp" file content is loaded as a DER format of an OCSP
424
* response. If file is empty or content is not a valid OCSP response,
425
* OCSP status extension is enabled but OCSP response is ignored (a warning
426
* is displayed).
427
*
428
* Returns 1 if no ".ocsp" file found, 0 if OCSP status extension is
429
* succesfully enabled, or -1 in other error case.
430
*/
431
static int ssl_sock_load_ocsp(SSL_CTX *ctx, const char *cert_path)
432
{
433
434
BIO *in = NULL;
435
X509 *x, *xi = NULL, *issuer = NULL;
436
STACK_OF(X509) *chain = NULL;
437
OCSP_CERTID *cid = NULL;
438
SSL *ssl;
439
char ocsp_path[MAXPATHLEN+1];
440
int i, ret = -1;
441
struct stat st;
442
struct certificate_ocsp *ocsp = NULL, *iocsp;
443
char *warn = NULL;
444
unsigned char *p;
445
446
snprintf(ocsp_path, MAXPATHLEN+1, "%s.ocsp", cert_path);
447
448
if (stat(ocsp_path, &st))
449
return 1;
450
451
ssl = SSL_new(ctx);
452
if (!ssl)
453
goto out;
454
455
x = SSL_get_certificate(ssl);
456
if (!x)
457
goto out;
458
459
/* Try to lookup for issuer in certificate extra chain */
460
#ifdef SSL_CTRL_GET_EXTRA_CHAIN_CERTS
461
SSL_CTX_get_extra_chain_certs(ctx, &chain);
462
#else
463
chain = ctx->extra_certs;
464
#endif
465
for (i = 0; i < sk_X509_num(chain); i++) {
466
issuer = sk_X509_value(chain, i);
467
if (X509_check_issued(issuer, x) == X509_V_OK)
468
break;
469
else
470
issuer = NULL;
471
}
472
473
/* If not found try to load issuer from a suffixed file */
474
if (!issuer) {
475
char issuer_path[MAXPATHLEN+1];
476
477
in = BIO_new(BIO_s_file());
478
if (!in)
479
goto out;
480
481
snprintf(issuer_path, MAXPATHLEN+1, "%s.issuer", cert_path);
482
if (BIO_read_filename(in, issuer_path) <= 0)
483
goto out;
484
485
xi = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
486
if (!xi)
487
goto out;
488
489
if (X509_check_issued(xi, x) != X509_V_OK)
490
goto out;
491
492
issuer = xi;
493
}
494
495
cid = OCSP_cert_to_id(0, x, issuer);
496
if (!cid)
497
goto out;
498
499
i = i2d_OCSP_CERTID(cid, NULL);
500
if (!i || (i > OCSP_MAX_CERTID_ASN1_LENGTH))
501
goto out;
502
503
ocsp = calloc(1, sizeof(struct certificate_ocsp));
504
if (!ocsp)
505
goto out;
506
507
p = ocsp->key_data;
508
i2d_OCSP_CERTID(cid, &p);
509
510
iocsp = (struct certificate_ocsp *)ebmb_insert(&cert_ocsp_tree, &ocsp->key, OCSP_MAX_CERTID_ASN1_LENGTH);
511
if (iocsp == ocsp)
512
ocsp = NULL;
513
514
SSL_CTX_set_tlsext_status_cb(ctx, ssl_sock_ocsp_stapling_cbk);
515
SSL_CTX_set_tlsext_status_arg(ctx, iocsp);
516
517
ret = 0;
518
519
warn = NULL;
520
if (ssl_sock_load_ocsp_response_from_file(ocsp_path, iocsp, cid, &warn)) {
521
memprintf(&warn, "Loading '%s': %s. Content will be ignored", ocsp_path, warn ? warn : "failure");
522
Warning("%s.\n", warn);
523
}
524
525
out:
526
if (ssl)
527
SSL_free(ssl);
528
529
if (in)
530
BIO_free(in);
531
532
if (xi)
533
X509_free(xi);
534
535
if (cid)
536
OCSP_CERTID_free(cid);
537
538
if (ocsp)
539
free(ocsp);
540
541
if (warn)
542
free(warn);
543
544
545
return ret;
546
}
547
548
#endif
549
550
void ssl_sock_infocbk(const SSL *ssl, int where, int ret)
551
{
552
struct connection *conn = (struct connection *)SSL_get_app_data(ssl);
553
(void)ret; /* shut gcc stupid warning */
554
BIO *write_bio;
555
556
if (where & SSL_CB_HANDSHAKE_START) {
557
/* Disable renegotiation (CVE-2009-3555) */
558
if (conn->flags & CO_FL_CONNECTED) {
559
conn->flags |= CO_FL_ERROR;
560
conn->err_code = CO_ER_SSL_RENEG;
561
}
562
}
563
564
if ((where & SSL_CB_ACCEPT_LOOP) == SSL_CB_ACCEPT_LOOP) {
565
if (!(conn->xprt_st & SSL_SOCK_ST_FL_16K_WBFSIZE)) {
566
/* Long certificate chains optimz
567
If write and read bios are differents, we
568
consider that the buffering was activated,
569
so we rise the output buffer size from 4k
570
to 16k */
571
write_bio = SSL_get_wbio(ssl);
572
if (write_bio != SSL_get_rbio(ssl)) {
573
BIO_set_write_buffer_size(write_bio, 16384);
574
conn->xprt_st |= SSL_SOCK_ST_FL_16K_WBFSIZE;
575
}
576
}
577
}
578
}
579
580
/* Callback is called for each certificate of the chain during a verify
581
ok is set to 1 if preverify detect no error on current certificate.
582
Returns 0 to break the handshake, 1 otherwise. */
583
int ssl_sock_bind_verifycbk(int ok, X509_STORE_CTX *x_store)
584
{
585
SSL *ssl;
586
struct connection *conn;
587
int err, depth;
588
589
ssl = X509_STORE_CTX_get_ex_data(x_store, SSL_get_ex_data_X509_STORE_CTX_idx());
590
conn = (struct connection *)SSL_get_app_data(ssl);
591
592
conn->xprt_st |= SSL_SOCK_ST_FL_VERIFY_DONE;
593
594
if (ok) /* no errors */
595
return ok;
596
597
depth = X509_STORE_CTX_get_error_depth(x_store);
598
err = X509_STORE_CTX_get_error(x_store);
599
600
/* check if CA error needs to be ignored */
601
if (depth > 0) {
602
if (!SSL_SOCK_ST_TO_CA_ERROR(conn->xprt_st)) {
603
conn->xprt_st |= SSL_SOCK_CA_ERROR_TO_ST(err);
604
conn->xprt_st |= SSL_SOCK_CAEDEPTH_TO_ST(depth);
605
}
606
607
if (objt_listener(conn->target)->bind_conf->ca_ignerr & (1ULL << err)) {
608
ERR_clear_error();
609
return 1;
610
}
611
612
conn->err_code = CO_ER_SSL_CA_FAIL;
613
return 0;
614
}
615
616
if (!SSL_SOCK_ST_TO_CRTERROR(conn->xprt_st))
617
conn->xprt_st |= SSL_SOCK_CRTERROR_TO_ST(err);
618
619
/* check if certificate error needs to be ignored */
620
if (objt_listener(conn->target)->bind_conf->crt_ignerr & (1ULL << err)) {
621
ERR_clear_error();
622
return 1;
623
}
624
625
conn->err_code = CO_ER_SSL_CRT_FAIL;
626
return 0;
627
}
628
629
/* Callback is called for ssl protocol analyse */
630
void ssl_sock_msgcbk(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
631
{
632
#ifdef TLS1_RT_HEARTBEAT
633
/* test heartbeat received (write_p is set to 0
634
for a received record) */
635
if ((content_type == TLS1_RT_HEARTBEAT) && (write_p == 0)) {
636
struct connection *conn = (struct connection *)SSL_get_app_data(ssl);
637
const unsigned char *p = buf;
638
unsigned int payload;
639
640
conn->xprt_st |= SSL_SOCK_RECV_HEARTBEAT;
641
642
/* Check if this is a CVE-2014-0160 exploitation attempt. */
643
if (*p != TLS1_HB_REQUEST)
644
return;
645
646
if (len < 1 + 2 + 16) /* 1 type + 2 size + 0 payload + 16 padding */
647
goto kill_it;
648
649
payload = (p[1] * 256) + p[2];
650
if (3 + payload + 16 <= len)
651
return; /* OK no problem */
652
kill_it:
653
/* We have a clear heartbleed attack (CVE-2014-0160), the
654
* advertised payload is larger than the advertised packet
655
* length, so we have garbage in the buffer between the
656
* payload and the end of the buffer (p+len). We can't know
657
* if the SSL stack is patched, and we don't know if we can
658
* safely wipe out the area between p+3+len and payload.
659
* So instead, we prevent the response from being sent by
660
* setting the max_send_fragment to 0 and we report an SSL
661
* error, which will kill this connection. It will be reported
662
* above as SSL_ERROR_SSL while an other handshake failure with
663
* a heartbeat message will be reported as SSL_ERROR_SYSCALL.
664
*/
665
ssl->max_send_fragment = 0;
666
SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_SSL_HANDSHAKE_FAILURE);
667
return;
668
}
669
#endif
670
}
671
672
#ifdef OPENSSL_NPN_NEGOTIATED
673
/* This callback is used so that the server advertises the list of
674
* negociable protocols for NPN.
675
*/
676
static int ssl_sock_advertise_npn_protos(SSL *s, const unsigned char **data,
677
unsigned int *len, void *arg)
678
{
679
struct bind_conf *conf = arg;
680
681
*data = (const unsigned char *)conf->npn_str;
682
*len = conf->npn_len;
683
return SSL_TLSEXT_ERR_OK;
684
}
685
#endif
686
687
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
688
/* This callback is used so that the server advertises the list of
689
* negociable protocols for ALPN.
690
*/
691
static int ssl_sock_advertise_alpn_protos(SSL *s, const unsigned char **out,
692
unsigned char *outlen,
693
const unsigned char *server,
694
unsigned int server_len, void *arg)
695
{
696
struct bind_conf *conf = arg;
697
698
if (SSL_select_next_proto((unsigned char**) out, outlen, (const unsigned char *)conf->alpn_str,
699
conf->alpn_len, server, server_len) != OPENSSL_NPN_NEGOTIATED) {
700
return SSL_TLSEXT_ERR_NOACK;
701
}
702
return SSL_TLSEXT_ERR_OK;
703
}
704
#endif
705
706
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
707
/* Sets the SSL ctx of <ssl> to match the advertised server name. Returns a
708
* warning when no match is found, which implies the default (first) cert
709
* will keep being used.
710
*/
711
static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, struct bind_conf *s)
712
{
713
const char *servername;
714
const char *wildp = NULL;
715
struct ebmb_node *node, *n;
716
int i;
717
(void)al; /* shut gcc stupid warning */
718
719
servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
720
if (!servername) {
721
return (s->strict_sni ?
722
SSL_TLSEXT_ERR_ALERT_FATAL :
723
SSL_TLSEXT_ERR_NOACK);
724
}
725
726
for (i = 0; i < trash.size; i++) {
727
if (!servername[i])
728
break;
729
trash.str[i] = tolower(servername[i]);
730
if (!wildp && (trash.str[i] == '.'))
731
wildp = &trash.str[i];
732
}
733
trash.str[i] = 0;
734
735
/* lookup in full qualified names */
736
node = ebst_lookup(&s->sni_ctx, trash.str);
737
738
/* lookup a not neg filter */
739
for (n = node; n; n = ebmb_next_dup(n)) {
740
if (!container_of(n, struct sni_ctx, name)->neg) {
741
node = n;
742
break;
743
}
744
}
745
if (!node && wildp) {
746
/* lookup in wildcards names */
747
node = ebst_lookup(&s->sni_w_ctx, wildp);
748
}
749
if (!node || container_of(node, struct sni_ctx, name)->neg) {
750
return (s->strict_sni ?
751
SSL_TLSEXT_ERR_ALERT_FATAL :
752
SSL_TLSEXT_ERR_ALERT_WARNING);
753
}
754
755
/* switch ctx */
756
SSL_set_SSL_CTX(ssl, container_of(node, struct sni_ctx, name)->ctx);
757
return SSL_TLSEXT_ERR_OK;
758
}
759
#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
760
761
#ifndef OPENSSL_NO_DH
762
763
static DH * ssl_get_dh_1024(void)
764
{
765
#if OPENSSL_VERSION_NUMBER < 0x0090801fL
766
static const unsigned char rfc_2409_prime_1024[] = {
767
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
768
0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
769
0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
770
0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
771
0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
772
0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
773
0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
774
0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
775
0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
776
0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE6,0x53,0x81,
777
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
778
};
779
#endif
780
DH *dh = DH_new();
781
if (dh) {
782
#if OPENSSL_VERSION_NUMBER >= 0x0090801fL
783
dh->p = get_rfc2409_prime_1024(NULL);
784
#else
785
dh->p = BN_bin2bn(rfc_2409_prime_1024, sizeof rfc_2409_prime_1024, NULL);
786
#endif
787
/* See RFC 2409, Section 6 "Oakley Groups"
788
for the reason why 2 is used as generator.
789
*/
790
BN_dec2bn(&dh->g, "2");
791
if (!dh->p || !dh->g) {
792
DH_free(dh);
793
dh = NULL;
794
}
795
}
796
return dh;
797
}
798
799
static DH *ssl_get_dh_2048(void)
800
{
801
#if OPENSSL_VERSION_NUMBER < 0x0090801fL
802
static const unsigned char rfc_3526_prime_2048[] = {
803
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
804
0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
805
0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
806
0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
807
0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
808
0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
809
0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
810
0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
811
0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
812
0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
813
0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
814
0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
815
0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
816
0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
817
0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
818
0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
819
0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
820
0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
821
0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
822
0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
823
0x15,0x72,0x8E,0x5A,0x8A,0xAC,0xAA,0x68,0xFF,0xFF,0xFF,0xFF,
824
0xFF,0xFF,0xFF,0xFF,
825
};
826
#endif
827
DH *dh = DH_new();
828
if (dh) {
829
#if OPENSSL_VERSION_NUMBER >= 0x0090801fL
830
dh->p = get_rfc3526_prime_2048(NULL);
831
#else
832
dh->p = BN_bin2bn(rfc_3526_prime_2048, sizeof rfc_3526_prime_2048, NULL);
833
#endif
834
/* See RFC 3526, Section 3 "2048-bit MODP Group"
835
for the reason why 2 is used as generator.
836
*/
837
BN_dec2bn(&dh->g, "2");
838
if (!dh->p || !dh->g) {
839
DH_free(dh);
840
dh = NULL;
841
}
842
}
843
return dh;
844
}
845
846
static DH *ssl_get_dh_4096(void)
847
{
848
#if OPENSSL_VERSION_NUMBER < 0x0090801fL
849
static const unsigned char rfc_3526_prime_4096[] = {
850
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
851
0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
852
0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
853
0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
854
0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
855
0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
856
0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
857
0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
858
0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
859
0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
860
0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
861
0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
862
0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
863
0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
864
0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
865
0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
866
0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
867
0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
868
0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
869
0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
870
0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,
871
0x04,0x50,0x7A,0x33,0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,
872
0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,0x8A,0xEA,0x71,0x57,
873
0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
874
0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,
875
0x4A,0x25,0x61,0x9D,0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,
876
0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,0xD8,0x76,0x02,0x73,
877
0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
878
0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,
879
0xBA,0xD9,0x46,0xE2,0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,
880
0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,0x4B,0x82,0xD1,0x20,
881
0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
882
0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,
883
0x6A,0xF4,0xE2,0x3C,0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,
884
0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,0xDB,0xBB,0xC2,0xDB,
885
0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
886
0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,
887
0xA0,0x90,0xC3,0xA2,0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,
888
0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,0xB8,0x1B,0xDD,0x76,
889
0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
890
0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,
891
0x90,0xA6,0xC0,0x8F,0x4D,0xF4,0x35,0xC9,0x34,0x06,0x31,0x99,
892
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
893
};
894
#endif
895
DH *dh = DH_new();
896
if (dh) {
897
#if OPENSSL_VERSION_NUMBER >= 0x0090801fL
898
dh->p = get_rfc3526_prime_4096(NULL);
899
#else
900
dh->p = BN_bin2bn(rfc_3526_prime_4096, sizeof rfc_3526_prime_4096, NULL);
901
#endif
902
/* See RFC 3526, Section 5 "4096-bit MODP Group"
903
for the reason why 2 is used as generator.
904
*/
905
BN_dec2bn(&dh->g, "2");
906
if (!dh->p || !dh->g) {
907
DH_free(dh);
908
dh = NULL;
909
}
910
}
911
return dh;
912
}
913
914
static DH *ssl_get_dh_8192(void)
915
{
916
#if OPENSSL_VERSION_NUMBER < 0x0090801fL
917
static const unsigned char rfc_3526_prime_8192[] = {
918
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
919
0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
920
0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
921
0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
922
0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
923
0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
924
0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
925
0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
926
0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
927
0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
928
0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
929
0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
930
0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
931
0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
932
0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
933
0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
934
0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
935
0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
936
0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
937
0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
938
0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,
939
0x04,0x50,0x7A,0x33,0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,
940
0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,0x8A,0xEA,0x71,0x57,
941
0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
942
0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,
943
0x4A,0x25,0x61,0x9D,0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,
944
0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,0xD8,0x76,0x02,0x73,
945
0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
946
0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,
947
0xBA,0xD9,0x46,0xE2,0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,
948
0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,0x4B,0x82,0xD1,0x20,
949
0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
950
0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,
951
0x6A,0xF4,0xE2,0x3C,0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,
952
0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,0xDB,0xBB,0xC2,0xDB,
953
0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
954
0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,
955
0xA0,0x90,0xC3,0xA2,0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,
956
0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,0xB8,0x1B,0xDD,0x76,
957
0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
958
0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,
959
0x90,0xA6,0xC0,0x8F,0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,
960
0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,0xC1,0xD4,0xDC,0xB2,
961
0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
962
0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,
963
0x41,0x30,0x01,0xAE,0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,
964
0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,0xDA,0x3E,0xDB,0xEB,
965
0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
966
0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,
967
0x2B,0xD7,0xAF,0x42,0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,
968
0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,0xF0,0x32,0xEA,0x15,
969
0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
970
0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,
971
0x90,0x0B,0x1C,0x9E,0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,
972
0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,0x0F,0x1D,0x45,0xB7,
973
0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
974
0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,
975
0x0F,0x80,0x37,0xE0,0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,
976
0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,0xF5,0x50,0xAA,0x3D,
977
0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
978
0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,
979
0x6E,0x3C,0x04,0x68,0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,
980
0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,0xE6,0x94,0xF9,0x1E,
981
0x6D,0xBE,0x11,0x59,0x74,0xA3,0x92,0x6F,0x12,0xFE,0xE5,0xE4,
982
0x38,0x77,0x7C,0xB6,0xA9,0x32,0xDF,0x8C,0xD8,0xBE,0xC4,0xD0,
983
0x73,0xB9,0x31,0xBA,0x3B,0xC8,0x32,0xB6,0x8D,0x9D,0xD3,0x00,
984
0x74,0x1F,0xA7,0xBF,0x8A,0xFC,0x47,0xED,0x25,0x76,0xF6,0x93,
985
0x6B,0xA4,0x24,0x66,0x3A,0xAB,0x63,0x9C,0x5A,0xE4,0xF5,0x68,
986
0x34,0x23,0xB4,0x74,0x2B,0xF1,0xC9,0x78,0x23,0x8F,0x16,0xCB,
987
0xE3,0x9D,0x65,0x2D,0xE3,0xFD,0xB8,0xBE,0xFC,0x84,0x8A,0xD9,
988
0x22,0x22,0x2E,0x04,0xA4,0x03,0x7C,0x07,0x13,0xEB,0x57,0xA8,
989
0x1A,0x23,0xF0,0xC7,0x34,0x73,0xFC,0x64,0x6C,0xEA,0x30,0x6B,
990
0x4B,0xCB,0xC8,0x86,0x2F,0x83,0x85,0xDD,0xFA,0x9D,0x4B,0x7F,
991
0xA2,0xC0,0x87,0xE8,0x79,0x68,0x33,0x03,0xED,0x5B,0xDD,0x3A,
992
0x06,0x2B,0x3C,0xF5,0xB3,0xA2,0x78,0xA6,0x6D,0x2A,0x13,0xF8,
993
0x3F,0x44,0xF8,0x2D,0xDF,0x31,0x0E,0xE0,0x74,0xAB,0x6A,0x36,
994
0x45,0x97,0xE8,0x99,0xA0,0x25,0x5D,0xC1,0x64,0xF3,0x1C,0xC5,
995
0x08,0x46,0x85,0x1D,0xF9,0xAB,0x48,0x19,0x5D,0xED,0x7E,0xA1,
996
0xB1,0xD5,0x10,0xBD,0x7E,0xE7,0x4D,0x73,0xFA,0xF3,0x6B,0xC3,
997
0x1E,0xCF,0xA2,0x68,0x35,0x90,0x46,0xF4,0xEB,0x87,0x9F,0x92,
998
0x40,0x09,0x43,0x8B,0x48,0x1C,0x6C,0xD7,0x88,0x9A,0x00,0x2E,
999
0xD5,0xEE,0x38,0x2B,0xC9,0x19,0x0D,0xA6,0xFC,0x02,0x6E,0x47,
1000
0x95,0x58,0xE4,0x47,0x56,0x77,0xE9,0xAA,0x9E,0x30,0x50,0xE2,
1001
0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71,
1002
0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,
1003
0xFF,0xFF,0xFF,0xFF,
1004
};
1005
#endif
1006
DH *dh = DH_new();
1007
if (dh) {
1008
#if OPENSSL_VERSION_NUMBER >= 0x0090801fL
1009
dh->p = get_rfc3526_prime_8192(NULL);
1010
#else
1011
dh->p = BN_bin2bn(rfc_3526_prime_8192, sizeof rfc_3526_prime_8192, NULL);
1012
#endif
1013
/* See RFC 3526, Section 7 "8192-bit MODP Group"
1014
for the reason why 2 is used as generator.
1015
*/
1016
BN_dec2bn(&dh->g, "2");
1017
if (!dh->p || !dh->g) {
1018
DH_free(dh);
1019
dh = NULL;
1020
}
1021
}
1022
return dh;
1023
}
1024
1025
/* Returns Diffie-Hellman parameters matching the private key length
1026
but not exceeding global.tune.ssl_default_dh_param */
1027
static DH *ssl_get_tmp_dh(SSL *ssl, int export, int keylen)
1028
{
1029
DH *dh = NULL;
1030
EVP_PKEY *pkey = SSL_get_privatekey(ssl);
1031
int type = pkey ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;
1032
1033
/* The keylen supplied by OpenSSL can only be 512 or 1024.
1034
See ssl3_send_server_key_exchange() in ssl/s3_srvr.c
1035
*/
1036
if (type == EVP_PKEY_RSA || type == EVP_PKEY_DSA) {
1037
keylen = EVP_PKEY_bits(pkey);
1038
}
1039
1040
if (keylen > global.tune.ssl_default_dh_param) {
1041
keylen = global.tune.ssl_default_dh_param;
1042
}
1043
1044
if (keylen >= 8192) {
1045
dh = local_dh_8192;
1046
}
1047
else if (keylen >= 4096) {
1048
dh = local_dh_4096;
1049
}
1050
else if (keylen >= 2048) {
1051
dh = local_dh_2048;
1052
}
1053
else {
1054
dh = local_dh_1024;
1055
}
1056
1057
return dh;
1058
}
1059
1060
/* Loads Diffie-Hellman parameter from a file. Returns 1 if loaded, else -1
1061
if an error occured, and 0 if parameter not found. */
1062
int ssl_sock_load_dh_params(SSL_CTX *ctx, const char *file)
1063
{
1064
int ret = -1;
1065
BIO *in;
1066
DH *dh = NULL;
1067
1068
in = BIO_new(BIO_s_file());
1069
if (in == NULL)
1070
goto end;
1071
1072
if (BIO_read_filename(in, file) <= 0)
1073
goto end;
1074
1075
dh = PEM_read_bio_DHparams(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
1076
if (dh) {
1077
ret = 1;
1078
SSL_CTX_set_tmp_dh(ctx, dh);
1079
/* Setting ssl default dh param to the size of the static DH params
1080
found in the file. This way we know that there is no use
1081
complaining later about ssl-default-dh-param not being set. */
1082
global.tune.ssl_default_dh_param = DH_size(dh) * 8;
1083
}
1084
else {
1085
/* Clear openssl global errors stack */
1086
ERR_clear_error();
1087
1088
if (global.tune.ssl_default_dh_param <= 1024) {
1089
/* we are limited to DH parameter of 1024 bits anyway */
1090
local_dh_1024 = ssl_get_dh_1024();
1091
if (local_dh_1024 == NULL)
1092
goto end;
1093
1094
SSL_CTX_set_tmp_dh(ctx, local_dh_1024);
1095
}
1096
else {
1097
SSL_CTX_set_tmp_dh_callback(ctx, ssl_get_tmp_dh);
1098
}
1099
1100
ret = 0; /* DH params not found */
1101
}
1102
1103
end:
1104
if (dh)
1105
DH_free(dh);
1106
1107
if (in)
1108
BIO_free(in);
1109
1110
return ret;
1111
}
1112
#endif
1113
1114
static int ssl_sock_add_cert_sni(SSL_CTX *ctx, struct bind_conf *s, char *name, int order)
1115
{
1116
struct sni_ctx *sc;
1117
int wild = 0, neg = 0;
1118
1119
if (*name == '!') {
1120
neg = 1;
1121
name++;
1122
}
1123
if (*name == '*') {
1124
wild = 1;
1125
name++;
1126
}
1127
/* !* filter is a nop */
1128
if (neg && wild)
1129
return order;
1130
if (*name) {
1131
int j, len;
1132
len = strlen(name);
1133
sc = malloc(sizeof(struct sni_ctx) + len + 1);
1134
for (j = 0; j < len; j++)
1135
sc->name.key[j] = tolower(name[j]);
1136
sc->name.key[len] = 0;
1137
sc->ctx = ctx;
1138
sc->order = order++;
1139
sc->neg = neg;
1140
if (wild)
1141
ebst_insert(&s->sni_w_ctx, &sc->name);
1142
else
1143
ebst_insert(&s->sni_ctx, &sc->name);
1144
}
1145
return order;
1146
}
1147
1148
/* Loads a certificate key and CA chain from a file. Returns 0 on error, -1 if
1149
* an early error happens and the caller must call SSL_CTX_free() by itelf.
1150
*/
1151
static int ssl_sock_load_cert_chain_file(SSL_CTX *ctx, const char *file, struct bind_conf *s, char **sni_filter, int fcount)
1152
{
1153
BIO *in;
1154
X509 *x = NULL, *ca;
1155
int i, err;
1156
int ret = -1;
1157
int order = 0;
1158
X509_NAME *xname;
1159
char *str;
1160
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
1161
STACK_OF(GENERAL_NAME) *names;
1162
#endif
1163
1164
in = BIO_new(BIO_s_file());
1165
if (in == NULL)
1166
goto end;
1167
1168
if (BIO_read_filename(in, file) <= 0)
1169
goto end;
1170
1171
x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
1172
if (x == NULL)
1173
goto end;
1174
1175
if (fcount) {
1176
while (fcount--)
1177
order = ssl_sock_add_cert_sni(ctx, s, sni_filter[fcount], order);
1178
}
1179
else {
1180
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
1181
names = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
1182
if (names) {
1183
for (i = 0; i < sk_GENERAL_NAME_num(names); i++) {
1184
GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
1185
if (name->type == GEN_DNS) {
1186
if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
1187
order = ssl_sock_add_cert_sni(ctx, s, str, order);
1188
OPENSSL_free(str);
1189
}
1190
}
1191
}
1192
sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
1193
}
1194
#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
1195
xname = X509_get_subject_name(x);
1196
i = -1;
1197
while ((i = X509_NAME_get_index_by_NID(xname, NID_commonName, i)) != -1) {
1198
X509_NAME_ENTRY *entry = X509_NAME_get_entry(xname, i);
1199
if (ASN1_STRING_to_UTF8((unsigned char **)&str, entry->value) >= 0) {
1200
order = ssl_sock_add_cert_sni(ctx, s, str, order);
1201
OPENSSL_free(str);
1202
}
1203
}
1204
}
1205
1206
ret = 0; /* the caller must not free the SSL_CTX argument anymore */
1207
if (!SSL_CTX_use_certificate(ctx, x))
1208
goto end;
1209
1210
if (ctx->extra_certs != NULL) {
1211
sk_X509_pop_free(ctx->extra_certs, X509_free);
1212
ctx->extra_certs = NULL;
1213
}
1214
1215
while ((ca = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata))) {
1216
if (!SSL_CTX_add_extra_chain_cert(ctx, ca)) {
1217
X509_free(ca);
1218
goto end;
1219
}
1220
}
1221
1222
err = ERR_get_error();
1223
if (!err || (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)) {
1224
/* we successfully reached the last cert in the file */
1225
ret = 1;
1226
}
1227
ERR_clear_error();
1228
1229
end:
1230
if (x)
1231
X509_free(x);
1232
1233
if (in)
1234
BIO_free(in);
1235
1236
return ret;
1237
}
1238
1239
static int ssl_sock_load_cert_file(const char *path, struct bind_conf *bind_conf, struct proxy *curproxy, char **sni_filter, int fcount, char **err)
1240
{
1241
int ret;
1242
SSL_CTX *ctx;
1243
1244
ctx = SSL_CTX_new(SSLv23_server_method());
1245
if (!ctx) {
1246
memprintf(err, "%sunable to allocate SSL context for cert '%s'.\n",
1247
err && *err ? *err : "", path);
1248
return 1;
1249
}
1250
1251
if (SSL_CTX_use_PrivateKey_file(ctx, path, SSL_FILETYPE_PEM) <= 0) {
1252
memprintf(err, "%sunable to load SSL private key from PEM file '%s'.\n",
1253
err && *err ? *err : "", path);
1254
SSL_CTX_free(ctx);
1255
return 1;
1256
}
1257
1258
ret = ssl_sock_load_cert_chain_file(ctx, path, bind_conf, sni_filter, fcount);
1259
if (ret <= 0) {
1260
memprintf(err, "%sunable to load SSL certificate from PEM file '%s'.\n",
1261
err && *err ? *err : "", path);
1262
if (ret < 0) /* serious error, must do that ourselves */
1263
SSL_CTX_free(ctx);
1264
return 1;
1265
}
1266
1267
if (SSL_CTX_check_private_key(ctx) <= 0) {
1268
memprintf(err, "%sinconsistencies between private key and certificate loaded from PEM file '%s'.\n",
1269
err && *err ? *err : "", path);
1270
return 1;
1271
}
1272
1273
/* we must not free the SSL_CTX anymore below, since it's already in
1274
* the tree, so it will be discovered and cleaned in time.
1275
*/
1276
#ifndef OPENSSL_NO_DH
1277
ret = ssl_sock_load_dh_params(ctx, path);
1278
if (ret < 0) {
1279
if (err)
1280
memprintf(err, "%sunable to load DH parameters from file '%s'.\n",
1281
*err ? *err : "", path);
1282
return 1;
1283
}
1284
#endif
1285
1286
#ifdef SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
1287
ret = ssl_sock_load_ocsp(ctx, path);
1288
if (ret < 0) {
1289
if (err)
1290
memprintf(err, "%s '%s.ocsp' is present and activates OCSP but it is impossible to compute the OCSP certificate ID (maybe the issuer could not be found)'.\n",
1291
*err ? *err : "", path);
1292
return 1;
1293
}
1294
#endif
1295
1296
#ifndef SSL_CTRL_SET_TLSEXT_HOSTNAME
1297
if (bind_conf->default_ctx) {
1298
memprintf(err, "%sthis version of openssl cannot load multiple SSL certificates.\n",
1299
err && *err ? *err : "");
1300
return 1;
1301
}
1302
#endif
1303
if (!bind_conf->default_ctx)
1304
bind_conf->default_ctx = ctx;
1305
1306
return 0;
1307
}
1308
1309
int ssl_sock_load_cert(char *path, struct bind_conf *bind_conf, struct proxy *curproxy, char **err)
1310
{
1311
struct dirent *de;
1312
DIR *dir;
1313
struct stat buf;
1314
char *end;
1315
char fp[MAXPATHLEN+1];
1316
int cfgerr = 0;
1317
1318
if (!(dir = opendir(path)))
1319
return ssl_sock_load_cert_file(path, bind_conf, curproxy, NULL, 0, err);
1320
1321
/* strip trailing slashes, including first one */
1322
for (end = path + strlen(path) - 1; end >= path && *end == '/'; end--)
1323
*end = 0;
1324
1325
while ((de = readdir(dir))) {
1326
end = strrchr(de->d_name, '.');
1327
if (end && (!strcmp(end, ".issuer") || !strcmp(end, ".ocsp")))
1328
continue;
1329
1330
snprintf(fp, sizeof(fp), "%s/%s", path, de->d_name);
1331
if (stat(fp, &buf) != 0) {
1332
memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
1333
err && *err ? *err : "", fp, strerror(errno));
1334
cfgerr++;
1335
continue;
1336
}
1337
if (!S_ISREG(buf.st_mode))
1338
continue;
1339
cfgerr += ssl_sock_load_cert_file(fp, bind_conf, curproxy, NULL, 0, err);
1340
}
1341
closedir(dir);
1342
return cfgerr;
1343
}
1344
1345
/* Make sure openssl opens /dev/urandom before the chroot. The work is only
1346
* done once. Zero is returned if the operation fails. No error is returned
1347
* if the random is said as not implemented, because we expect that openssl
1348
* will use another method once needed.
1349
*/
1350
static int ssl_initialize_random()
1351
{
1352
unsigned char random;
1353
static int random_initialized = 0;
1354
1355
if (!random_initialized && RAND_bytes(&random, 1) != 0)
1356
random_initialized = 1;
1357
1358
return random_initialized;
1359
}
1360
1361
int ssl_sock_load_cert_list_file(char *file, struct bind_conf *bind_conf, struct proxy *curproxy, char **err)
1362
{
1363
char thisline[LINESIZE];
1364
FILE *f;
1365
int linenum = 0;
1366
int cfgerr = 0;
1367
1368
if ((f = fopen(file, "r")) == NULL) {
1369
memprintf(err, "cannot open file '%s' : %s", file, strerror(errno));
1370
return 1;
1371
}
1372
1373
while (fgets(thisline, sizeof(thisline), f) != NULL) {
1374
int arg;
1375
int newarg;
1376
char *end;
1377
char *args[MAX_LINE_ARGS + 1];
1378
char *line = thisline;
1379
1380
linenum++;
1381
end = line + strlen(line);
1382
if (end-line == sizeof(thisline)-1 && *(end-1) != '\n') {
1383
/* Check if we reached the limit and the last char is not \n.
1384
* Watch out for the last line without the terminating '\n'!
1385
*/
1386
memprintf(err, "line %d too long in file '%s', limit is %d characters",
1387
linenum, file, (int)sizeof(thisline)-1);
1388
cfgerr = 1;
1389
break;
1390
}
1391
1392
arg = 0;
1393
newarg = 1;
1394
while (*line) {
1395
if (*line == '#' || *line == '\n' || *line == '\r') {
1396
/* end of string, end of loop */
1397
*line = 0;
1398
break;
1399
}
1400
else if (isspace(*line)) {
1401
newarg = 1;
1402
*line = 0;
1403
}
1404
else if (newarg) {
1405
if (arg == MAX_LINE_ARGS) {
1406
memprintf(err, "too many args on line %d in file '%s'.",
1407
linenum, file);
1408
cfgerr = 1;
1409
break;
1410
}
1411
newarg = 0;
1412
args[arg++] = line;
1413
}
1414
line++;
1415
}
1416
if (cfgerr)
1417
break;
1418
1419
/* empty line */
1420
if (!arg)
1421
continue;
1422
1423
cfgerr = ssl_sock_load_cert_file(args[0], bind_conf, curproxy, &args[1], arg-1, err);
1424
if (cfgerr) {
1425
memprintf(err, "error processing line %d in file '%s' : %s", linenum, file, *err);
1426
break;
1427
}
1428
}
1429
fclose(f);
1430
return cfgerr;
1431
}
1432
1433
#ifndef SSL_OP_CIPHER_SERVER_PREFERENCE /* needs OpenSSL >= 0.9.7 */
1434
#define SSL_OP_CIPHER_SERVER_PREFERENCE 0
1435
#endif
1436
1437
#ifndef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION /* needs OpenSSL >= 0.9.7 */
1438
#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0
1439
#define SSL_renegotiate_pending(arg) 0
1440
#endif
1441
#ifndef SSL_OP_SINGLE_ECDH_USE /* needs OpenSSL >= 0.9.8 */
1442
#define SSL_OP_SINGLE_ECDH_USE 0
1443
#endif
1444
#ifndef SSL_OP_NO_TICKET /* needs OpenSSL >= 0.9.8 */
1445
#define SSL_OP_NO_TICKET 0
1446
#endif
1447
#ifndef SSL_OP_NO_COMPRESSION /* needs OpenSSL >= 0.9.9 */
1448
#define SSL_OP_NO_COMPRESSION 0
1449
#endif
1450
#ifndef SSL_OP_NO_TLSv1_1 /* needs OpenSSL >= 1.0.1 */
1451
#define SSL_OP_NO_TLSv1_1 0
1452
#endif
1453
#ifndef SSL_OP_NO_TLSv1_2 /* needs OpenSSL >= 1.0.1 */
1454
#define SSL_OP_NO_TLSv1_2 0
1455
#endif
1456
#ifndef SSL_OP_SINGLE_DH_USE /* needs OpenSSL >= 0.9.6 */
1457
#define SSL_OP_SINGLE_DH_USE 0
1458
#endif
1459
#ifndef SSL_OP_SINGLE_ECDH_USE /* needs OpenSSL >= 1.0.0 */
1460
#define SSL_OP_SINGLE_ECDH_USE 0
1461
#endif
1462
#ifndef SSL_MODE_RELEASE_BUFFERS /* needs OpenSSL >= 1.0.0 */
1463
#define SSL_MODE_RELEASE_BUFFERS 0
1464
#endif
1465
1466
int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, SSL_CTX *ctx, struct proxy *curproxy)
1467
{
1468
int cfgerr = 0;
1469
int verify = SSL_VERIFY_NONE;
1470
long ssloptions =
1471
SSL_OP_ALL | /* all known workarounds for bugs */
1472
SSL_OP_NO_SSLv2 |
1473
SSL_OP_NO_COMPRESSION |
1474
SSL_OP_SINGLE_DH_USE |
1475
SSL_OP_SINGLE_ECDH_USE |
1476
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION |
1477
SSL_OP_CIPHER_SERVER_PREFERENCE;
1478
long sslmode =
1479
SSL_MODE_ENABLE_PARTIAL_WRITE |
1480
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
1481
SSL_MODE_RELEASE_BUFFERS;
1482
STACK_OF(SSL_CIPHER) * ciphers = NULL;
1483
SSL_CIPHER * cipher = NULL;
1484
char cipher_description[128];
1485
/* The description of ciphers using an Ephemeral Diffie Hellman key exchange
1486
contains " Kx=DH " or " Kx=DH(". Beware of " Kx=DH/",
1487
which is not ephemeral DH. */
1488
const char dhe_description[] = " Kx=DH ";
1489
const char dhe_export_description[] = " Kx=DH(";
1490
int idx = 0;
1491
int dhe_found = 0;
1492
1493
/* Make sure openssl opens /dev/urandom before the chroot */
1494
if (!ssl_initialize_random()) {
1495
Alert("OpenSSL random data generator initialization failed.\n");
1496
cfgerr++;
1497
}
1498
1499
if (bind_conf->ssl_options & BC_SSL_O_NO_SSLV3)
1500
ssloptions |= SSL_OP_NO_SSLv3;
1501
if (bind_conf->ssl_options & BC_SSL_O_NO_TLSV10)
1502
ssloptions |= SSL_OP_NO_TLSv1;
1503
if (bind_conf->ssl_options & BC_SSL_O_NO_TLSV11)
1504
ssloptions |= SSL_OP_NO_TLSv1_1;
1505
if (bind_conf->ssl_options & BC_SSL_O_NO_TLSV12)
1506
ssloptions |= SSL_OP_NO_TLSv1_2;
1507
if (bind_conf->ssl_options & BC_SSL_O_NO_TLS_TICKETS)
1508
ssloptions |= SSL_OP_NO_TICKET;
1509
if (bind_conf->ssl_options & BC_SSL_O_USE_SSLV3)
1510
SSL_CTX_set_ssl_version(ctx, SSLv3_server_method());
1511
if (bind_conf->ssl_options & BC_SSL_O_USE_TLSV10)
1512
SSL_CTX_set_ssl_version(ctx, TLSv1_server_method());
1513
#if SSL_OP_NO_TLSv1_1
1514
if (bind_conf->ssl_options & BC_SSL_O_USE_TLSV11)
1515
SSL_CTX_set_ssl_version(ctx, TLSv1_1_server_method());
1516
#endif
1517
#if SSL_OP_NO_TLSv1_2
1518
if (bind_conf->ssl_options & BC_SSL_O_USE_TLSV12)
1519
SSL_CTX_set_ssl_version(ctx, TLSv1_2_server_method());
1520
#endif
1521
1522
SSL_CTX_set_options(ctx, ssloptions);
1523
SSL_CTX_set_mode(ctx, sslmode);
1524
switch (bind_conf->verify) {
1525
case SSL_SOCK_VERIFY_NONE:
1526
verify = SSL_VERIFY_NONE;
1527
break;
1528
case SSL_SOCK_VERIFY_OPTIONAL:
1529
verify = SSL_VERIFY_PEER;
1530
break;
1531
case SSL_SOCK_VERIFY_REQUIRED:
1532
verify = SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
1533
break;
1534
}
1535
SSL_CTX_set_verify(ctx, verify, ssl_sock_bind_verifycbk);
1536
if (verify & SSL_VERIFY_PEER) {
1537
if (bind_conf->ca_file) {
1538
/* load CAfile to verify */
1539
if (!SSL_CTX_load_verify_locations(ctx, bind_conf->ca_file, NULL)) {
1540
Alert("Proxy '%s': unable to load CA file '%s' for bind '%s' at [%s:%d].\n",
1541
curproxy->id, bind_conf->ca_file, bind_conf->arg, bind_conf->file, bind_conf->line);
1542
cfgerr++;
1543
}
1544
/* set CA names fo client cert request, function returns void */
1545
SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(bind_conf->ca_file));
1546
}
1547
else {
1548
Alert("Proxy '%s': verify is enabled but no CA file specified for bind '%s' at [%s:%d].\n",
1549
curproxy->id, bind_conf->arg, bind_conf->file, bind_conf->line);
1550
cfgerr++;
1551
}
1552
#ifdef X509_V_FLAG_CRL_CHECK
1553
if (bind_conf->crl_file) {
1554
X509_STORE *store = SSL_CTX_get_cert_store(ctx);
1555
1556
if (!store || !X509_STORE_load_locations(store, bind_conf->crl_file, NULL)) {
1557
Alert("Proxy '%s': unable to configure CRL file '%s' for bind '%s' at [%s:%d].\n",
1558
curproxy->id, bind_conf->ca_file, bind_conf->arg, bind_conf->file, bind_conf->line);
1559
cfgerr++;
1560
}
1561
else {
1562
X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
1563
}
1564
}
1565
#endif
1566
ERR_clear_error();
1567
}
1568
1569
if (global.tune.ssllifetime)
1570
SSL_CTX_set_timeout(ctx, global.tune.ssllifetime);
1571
1572
shared_context_set_cache(ctx);
1573
if (bind_conf->ciphers &&
1574
!SSL_CTX_set_cipher_list(ctx, bind_conf->ciphers)) {
1575
Alert("Proxy '%s': unable to set SSL cipher list to '%s' for bind '%s' at [%s:%d].\n",
1576
curproxy->id, bind_conf->ciphers, bind_conf->arg, bind_conf->file, bind_conf->line);
1577
cfgerr++;
1578
}
1579
1580
/* If tune.ssl.default-dh-param has not been set and
1581
no static DH params were in the certificate file. */
1582
if (global.tune.ssl_default_dh_param == 0) {
1583
ciphers = ctx->cipher_list;
1584
1585
if (ciphers) {
1586
for (idx = 0; idx < sk_SSL_CIPHER_num(ciphers); idx++) {
1587
cipher = sk_SSL_CIPHER_value(ciphers, idx);
1588
if (SSL_CIPHER_description(cipher, cipher_description, sizeof (cipher_description)) == cipher_description) {
1589
if (strstr(cipher_description, dhe_description) != NULL ||
1590
strstr(cipher_description, dhe_export_description) != NULL) {
1591
dhe_found = 1;
1592
break;
1593
}
1594
}
1595
}
1596
1597
if (dhe_found) {
1598
Warning("Setting tune.ssl.default-dh-param to 1024 by default, if your workload permits it you should set it to at least 2048. Please set a value >= 1024 to make this warning disappear.\n");
1599
}
1600
}
1601
1602
global.tune.ssl_default_dh_param = 1024;
1603
}
1604
1605
#ifndef OPENSSL_NO_DH
1606
if (global.tune.ssl_default_dh_param >= 1024) {
1607
if (local_dh_1024 == NULL) {
1608
local_dh_1024 = ssl_get_dh_1024();
1609
}
1610
if (global.tune.ssl_default_dh_param >= 2048) {
1611
if (local_dh_2048 == NULL) {
1612
local_dh_2048 = ssl_get_dh_2048();
1613
}
1614
if (global.tune.ssl_default_dh_param >= 4096) {
1615
if (local_dh_4096 == NULL) {
1616
local_dh_4096 = ssl_get_dh_4096();
1617
}
1618
if (global.tune.ssl_default_dh_param >= 8192 &&
1619
local_dh_8192 == NULL) {
1620
local_dh_8192 = ssl_get_dh_8192();
1621
}
1622
}
1623
}
1624
}
1625
#endif /* OPENSSL_NO_DH */
1626
1627
SSL_CTX_set_info_callback(ctx, ssl_sock_infocbk);
1628
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
1629
SSL_CTX_set_msg_callback(ctx, ssl_sock_msgcbk);
1630
#endif
1631
1632
#ifdef OPENSSL_NPN_NEGOTIATED
1633
if (bind_conf->npn_str)
1634
SSL_CTX_set_next_protos_advertised_cb(ctx, ssl_sock_advertise_npn_protos, bind_conf);
1635
#endif
1636
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
1637
if (bind_conf->alpn_str)
1638
SSL_CTX_set_alpn_select_cb(ctx, ssl_sock_advertise_alpn_protos, bind_conf);
1639
#endif
1640
1641
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
1642
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_cbk);
1643
SSL_CTX_set_tlsext_servername_arg(ctx, bind_conf);
1644
#endif
1645
#if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)
1646
{
1647
int i;
1648
EC_KEY *ecdh;
1649
1650
i = OBJ_sn2nid(bind_conf->ecdhe ? bind_conf->ecdhe : ECDHE_DEFAULT_CURVE);
1651
if (!i || ((ecdh = EC_KEY_new_by_curve_name(i)) == NULL)) {
1652
Alert("Proxy '%s': unable to set elliptic named curve to '%s' for bind '%s' at [%s:%d].\n",
1653
curproxy->id, bind_conf->ecdhe ? bind_conf->ecdhe : ECDHE_DEFAULT_CURVE,
1654
bind_conf->arg, bind_conf->file, bind_conf->line);
1655
cfgerr++;
1656
}
1657
else {
1658
SSL_CTX_set_tmp_ecdh(ctx, ecdh);
1659
EC_KEY_free(ecdh);
1660
}
1661
}
1662
#endif
1663
1664
return cfgerr;
1665
}
1666
1667
static int ssl_sock_srv_hostcheck(const char *pattern, const char *hostname)
1668
{
1669
const char *pattern_wildcard, *pattern_left_label_end, *hostname_left_label_end;
1670
size_t prefixlen, suffixlen;
1671
1672
/* Trivial case */
1673
if (strcmp(pattern, hostname) == 0)
1674
return 1;
1675
1676
/* The rest of this logic is based on RFC 6125, section 6.4.3
1677
* (http://tools.ietf.org/html/rfc6125#section-6.4.3) */
1678
1679
pattern_wildcard = NULL;
1680
pattern_left_label_end = pattern;
1681
while (*pattern_left_label_end != '.') {
1682
switch (*pattern_left_label_end) {
1683
case 0:
1684
/* End of label not found */
1685
return 0;
1686
case '*':
1687
/* If there is more than one wildcards */
1688
if (pattern_wildcard)
1689
return 0;
1690
pattern_wildcard = pattern_left_label_end;
1691
break;
1692
}
1693
pattern_left_label_end++;
1694
}
1695
1696
/* If it's not trivial and there is no wildcard, it can't
1697
* match */
1698
if (!pattern_wildcard)
1699
return 0;
1700
1701
/* Make sure all labels match except the leftmost */
1702
hostname_left_label_end = strchr(hostname, '.');
1703
if (!hostname_left_label_end
1704
|| strcmp(pattern_left_label_end, hostname_left_label_end) != 0)
1705
return 0;
1706
1707
/* Make sure the leftmost label of the hostname is long enough
1708
* that the wildcard can match */
1709
if (hostname_left_label_end - hostname < (pattern_left_label_end - pattern) - 1)
1710
return 0;
1711
1712
/* Finally compare the string on either side of the
1713
* wildcard */
1714
prefixlen = pattern_wildcard - pattern;
1715
suffixlen = pattern_left_label_end - (pattern_wildcard + 1);
1716
if ((prefixlen && (memcmp(pattern, hostname, prefixlen) != 0))
1717
|| (suffixlen && (memcmp(pattern_wildcard + 1, hostname_left_label_end - suffixlen, suffixlen) != 0)))
1718
return 0;
1719
1720
return 1;
1721
}
1722
1723
static int ssl_sock_srv_verifycbk(int ok, X509_STORE_CTX *ctx)
1724
{
1725
SSL *ssl;
1726
struct connection *conn;
1727
char *servername;
1728
1729
int depth;
1730
X509 *cert;
1731
STACK_OF(GENERAL_NAME) *alt_names;
1732
int i;
1733
X509_NAME *cert_subject;
1734
char *str;
1735
1736
if (ok == 0)
1737
return ok;
1738
1739
ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
1740
conn = (struct connection *)SSL_get_app_data(ssl);
1741
1742
servername = objt_server(conn->target)->ssl_ctx.verify_host;
1743
1744
/* We only need to verify the CN on the actual server cert,
1745
* not the indirect CAs */
1746
depth = X509_STORE_CTX_get_error_depth(ctx);
1747
if (depth != 0)
1748
return ok;
1749
1750
/* At this point, the cert is *not* OK unless we can find a
1751
* hostname match */
1752
ok = 0;
1753
1754
cert = X509_STORE_CTX_get_current_cert(ctx);
1755
/* It seems like this might happen if verify peer isn't set */
1756
if (!cert)
1757
return ok;
1758
1759
alt_names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
1760
if (alt_names) {
1761
for (i = 0; !ok && i < sk_GENERAL_NAME_num(alt_names); i++) {
1762
GENERAL_NAME *name = sk_GENERAL_NAME_value(alt_names, i);
1763
if (name->type == GEN_DNS) {
1764
#if OPENSSL_VERSION_NUMBER < 0x00907000L
1765
if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.ia5) >= 0) {
1766
#else
1767
if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
1768
#endif
1769
ok = ssl_sock_srv_hostcheck(str, servername);
1770
OPENSSL_free(str);
1771
}
1772
}
1773
}
1774
sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
1775
}
1776
1777
cert_subject = X509_get_subject_name(cert);
1778
i = -1;
1779
while (!ok && (i = X509_NAME_get_index_by_NID(cert_subject, NID_commonName, i)) != -1) {
1780
X509_NAME_ENTRY *entry = X509_NAME_get_entry(cert_subject, i);
1781
if (ASN1_STRING_to_UTF8((unsigned char **)&str, entry->value) >= 0) {
1782
ok = ssl_sock_srv_hostcheck(str, servername);
1783
OPENSSL_free(str);
1784
}
1785
}
1786
1787
return ok;
1788
}
1789
1790
/* prepare ssl context from servers options. Returns an error count */
1791
int ssl_sock_prepare_srv_ctx(struct server *srv, struct proxy *curproxy)
1792
{
1793
int cfgerr = 0;
1794
long options =
1795
SSL_OP_ALL | /* all known workarounds for bugs */
1796
SSL_OP_NO_SSLv2 |
1797
SSL_OP_NO_COMPRESSION;
1798
long mode =
1799
SSL_MODE_ENABLE_PARTIAL_WRITE |
1800
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
1801
SSL_MODE_RELEASE_BUFFERS;
1802
int verify = SSL_VERIFY_NONE;
1803
1804
/* Make sure openssl opens /dev/urandom before the chroot */
1805
if (!ssl_initialize_random()) {
1806
Alert("OpenSSL random data generator initialization failed.\n");
1807
cfgerr++;
1808
}
1809
1810
/* Initiate SSL context for current server */
1811
srv->ssl_ctx.reused_sess = NULL;
1812
if (srv->use_ssl)
1813
srv->xprt = &ssl_sock;
1814
if (srv->check.use_ssl)
1815
srv->check_common.xprt = &ssl_sock;
1816
1817
srv->ssl_ctx.ctx = SSL_CTX_new(SSLv23_client_method());
1818
if (!srv->ssl_ctx.ctx) {
1819
Alert("config : %s '%s', server '%s': unable to allocate ssl context.\n",
1820
proxy_type_str(curproxy), curproxy->id,
1821
srv->id);
1822
cfgerr++;
1823
return cfgerr;
1824
}
1825
if (srv->ssl_ctx.client_crt) {
1826
if (SSL_CTX_use_PrivateKey_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt, SSL_FILETYPE_PEM) <= 0) {
1827
Alert("config : %s '%s', server '%s': unable to load SSL private key from PEM file '%s'.\n",
1828
proxy_type_str(curproxy), curproxy->id,
1829
srv->id, srv->ssl_ctx.client_crt);
1830
cfgerr++;
1831
}
1832
else if (SSL_CTX_use_certificate_chain_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt) <= 0) {
1833
Alert("config : %s '%s', server '%s': unable to load ssl certificate from PEM file '%s'.\n",
1834
proxy_type_str(curproxy), curproxy->id,
1835
srv->id, srv->ssl_ctx.client_crt);
1836
cfgerr++;
1837
}
1838
else if (SSL_CTX_check_private_key(srv->ssl_ctx.ctx) <= 0) {
1839
Alert("config : %s '%s', server '%s': inconsistencies between private key and certificate loaded from PEM file '%s'.\n",
1840
proxy_type_str(curproxy), curproxy->id,
1841
srv->id, srv->ssl_ctx.client_crt);
1842
cfgerr++;
1843
}
1844
}
1845
1846
if (srv->ssl_ctx.options & SRV_SSL_O_NO_SSLV3)
1847
options |= SSL_OP_NO_SSLv3;
1848
if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLSV10)
1849
options |= SSL_OP_NO_TLSv1;
1850
if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLSV11)
1851
options |= SSL_OP_NO_TLSv1_1;
1852
if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLSV12)
1853
options |= SSL_OP_NO_TLSv1_2;
1854
if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLS_TICKETS)
1855
options |= SSL_OP_NO_TICKET;
1856
if (srv->ssl_ctx.options & SRV_SSL_O_USE_SSLV3)
1857
SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, SSLv3_client_method());
1858
if (srv->ssl_ctx.options & SRV_SSL_O_USE_TLSV10)
1859
SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, TLSv1_client_method());
1860
#if SSL_OP_NO_TLSv1_1
1861
if (srv->ssl_ctx.options & SRV_SSL_O_USE_TLSV11)
1862
SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, TLSv1_1_client_method());
1863
#endif
1864
#if SSL_OP_NO_TLSv1_2
1865
if (srv->ssl_ctx.options & SRV_SSL_O_USE_TLSV12)
1866
SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, TLSv1_2_client_method());
1867
#endif
1868
1869
SSL_CTX_set_options(srv->ssl_ctx.ctx, options);
1870
SSL_CTX_set_mode(srv->ssl_ctx.ctx, mode);
1871
1872
if (global.ssl_server_verify == SSL_SERVER_VERIFY_REQUIRED)
1873
verify = SSL_VERIFY_PEER;
1874
1875
switch (srv->ssl_ctx.verify) {
1876
case SSL_SOCK_VERIFY_NONE:
1877
verify = SSL_VERIFY_NONE;
1878
break;
1879
case SSL_SOCK_VERIFY_REQUIRED:
1880
verify = SSL_VERIFY_PEER;
1881
break;
1882
}
1883
SSL_CTX_set_verify(srv->ssl_ctx.ctx,
1884
verify,
1885
srv->ssl_ctx.verify_host ? ssl_sock_srv_verifycbk : NULL);
1886
if (verify & SSL_VERIFY_PEER) {
1887
if (srv->ssl_ctx.ca_file) {
1888
/* load CAfile to verify */
1889
if (!SSL_CTX_load_verify_locations(srv->ssl_ctx.ctx, srv->ssl_ctx.ca_file, NULL)) {
1890
Alert("Proxy '%s', server '%s' [%s:%d] unable to load CA file '%s'.\n",
1891
curproxy->id, srv->id,
1892
srv->conf.file, srv->conf.line, srv->ssl_ctx.ca_file);
1893
cfgerr++;
1894
}
1895
}
1896
else {
1897
if (global.ssl_server_verify == SSL_SERVER_VERIFY_REQUIRED)
1898
Alert("Proxy '%s', server '%s' [%s:%d] verify is enabled by default but no CA file specified. If you're running on a LAN where you're certain to trust the server's certificate, please set an explicit 'verify none' statement on the 'server' line, or use 'ssl-server-verify none' in the global section to disable server-side verifications by default.\n",
1899
curproxy->id, srv->id,
1900
srv->conf.file, srv->conf.line);
1901
else
1902
Alert("Proxy '%s', server '%s' [%s:%d] verify is enabled but no CA file specified.\n",
1903
curproxy->id, srv->id,
1904
srv->conf.file, srv->conf.line);
1905
cfgerr++;
1906
}
1907
#ifdef X509_V_FLAG_CRL_CHECK
1908
if (srv->ssl_ctx.crl_file) {
1909
X509_STORE *store = SSL_CTX_get_cert_store(srv->ssl_ctx.ctx);
1910
1911
if (!store || !X509_STORE_load_locations(store, srv->ssl_ctx.crl_file, NULL)) {
1912
Alert("Proxy '%s', server '%s' [%s:%d] unable to configure CRL file '%s'.\n",
1913
curproxy->id, srv->id,
1914
srv->conf.file, srv->conf.line, srv->ssl_ctx.crl_file);
1915
cfgerr++;
1916
}
1917
else {
1918
X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
1919
}
1920
}
1921
#endif
1922
}
1923
1924
if (global.tune.ssllifetime)
1925
SSL_CTX_set_timeout(srv->ssl_ctx.ctx, global.tune.ssllifetime);
1926
1927
SSL_CTX_set_session_cache_mode(srv->ssl_ctx.ctx, SSL_SESS_CACHE_OFF);
1928
if (srv->ssl_ctx.ciphers &&
1929
!SSL_CTX_set_cipher_list(srv->ssl_ctx.ctx, srv->ssl_ctx.ciphers)) {
1930
Alert("Proxy '%s', server '%s' [%s:%d] : unable to set SSL cipher list to '%s'.\n",
1931
curproxy->id, srv->id,
1932
srv->conf.file, srv->conf.line, srv->ssl_ctx.ciphers);
1933
cfgerr++;
1934
}
1935
1936
return cfgerr;
1937
}
1938
1939
/* Walks down the two trees in bind_conf and prepares all certs. The pointer may
1940
* be NULL, in which case nothing is done. Returns the number of errors
1941
* encountered.
1942
*/
1943
int ssl_sock_prepare_all_ctx(struct bind_conf *bind_conf, struct proxy *px)
1944
{
1945
struct ebmb_node *node;
1946
struct sni_ctx *sni;
1947
int err = 0;
1948
1949
if (!bind_conf || !bind_conf->is_ssl)
1950
return 0;
1951
1952
if (bind_conf->default_ctx)
1953
err += ssl_sock_prepare_ctx(bind_conf, bind_conf->default_ctx, px);
1954
1955
node = ebmb_first(&bind_conf->sni_ctx);
1956
while (node) {
1957
sni = ebmb_entry(node, struct sni_ctx, name);
1958
if (!sni->order && sni->ctx != bind_conf->default_ctx)
1959
/* only initialize the CTX on its first occurrence and
1960
if it is not the default_ctx */
1961
err += ssl_sock_prepare_ctx(bind_conf, sni->ctx, px);
1962
node = ebmb_next(node);
1963
}
1964
1965
node = ebmb_first(&bind_conf->sni_w_ctx);
1966
while (node) {
1967
sni = ebmb_entry(node, struct sni_ctx, name);
1968
if (!sni->order && sni->ctx != bind_conf->default_ctx)
1969
/* only initialize the CTX on its first occurrence and
1970
if it is not the default_ctx */
1971
err += ssl_sock_prepare_ctx(bind_conf, sni->ctx, px);
1972
node = ebmb_next(node);
1973
}
1974
return err;
1975
}
1976
1977
/* Walks down the two trees in bind_conf and frees all the certs. The pointer may
1978
* be NULL, in which case nothing is done. The default_ctx is nullified too.
1979
*/
1980
void ssl_sock_free_all_ctx(struct bind_conf *bind_conf)
1981
{
1982
struct ebmb_node *node, *back;
1983
struct sni_ctx *sni;
1984
1985
if (!bind_conf || !bind_conf->is_ssl)
1986
return;
1987
1988
node = ebmb_first(&bind_conf->sni_ctx);
1989
while (node) {
1990
sni = ebmb_entry(node, struct sni_ctx, name);
1991
back = ebmb_next(node);
1992
ebmb_delete(node);
1993
if (!sni->order) /* only free the CTX on its first occurrence */
1994
SSL_CTX_free(sni->ctx);
1995
free(sni);
1996
node = back;
1997
}
1998
1999
node = ebmb_first(&bind_conf->sni_w_ctx);
2000
while (node) {
2001
sni = ebmb_entry(node, struct sni_ctx, name);
2002
back = ebmb_next(node);
2003
ebmb_delete(node);
2004
if (!sni->order) /* only free the CTX on its first occurrence */
2005
SSL_CTX_free(sni->ctx);
2006
free(sni);
2007
node = back;
2008
}
2009
2010
bind_conf->default_ctx = NULL;
2011
}
2012
2013
/*
2014
* This function is called if SSL * context is not yet allocated. The function
2015
* is designed to be called before any other data-layer operation and sets the
2016
* handshake flag on the connection. It is safe to call it multiple times.
2017
* It returns 0 on success and -1 in error case.
2018
*/
2019
static int ssl_sock_init(struct connection *conn)
2020
{
2021
/* already initialized */
2022
if (conn->xprt_ctx)
2023
return 0;
2024
2025
if (!conn_ctrl_ready(conn))
2026
return 0;
2027
2028
if (global.maxsslconn && sslconns >= global.maxsslconn) {
2029
conn->err_code = CO_ER_SSL_TOO_MANY;
2030
return -1;
2031
}
2032
2033
/* If it is in client mode initiate SSL session
2034
in connect state otherwise accept state */
2035
if (objt_server(conn->target)) {
2036
/* Alloc a new SSL session ctx */
2037
conn->xprt_ctx = SSL_new(objt_server(conn->target)->ssl_ctx.ctx);
2038
if (!conn->xprt_ctx) {
2039
conn->err_code = CO_ER_SSL_NO_MEM;
2040
return -1;
2041
}
2042
2043
/* set fd on SSL session context */
2044
if (!SSL_set_fd(conn->xprt_ctx, conn->t.sock.fd)) {
2045
SSL_free(conn->xprt_ctx);
2046
conn->xprt_ctx = NULL;
2047
conn->err_code = CO_ER_SSL_NO_MEM;
2048
return -1;
2049
}
2050
2051
/* set connection pointer */
2052
if (!SSL_set_app_data(conn->xprt_ctx, conn)) {
2053
SSL_free(conn->xprt_ctx);
2054
conn->xprt_ctx = NULL;
2055
conn->err_code = CO_ER_SSL_NO_MEM;
2056
return -1;
2057
}
2058
2059
SSL_set_connect_state(conn->xprt_ctx);
2060
if (objt_server(conn->target)->ssl_ctx.reused_sess) {
2061
if(!SSL_set_session(conn->xprt_ctx, objt_server(conn->target)->ssl_ctx.reused_sess)) {
2062
SSL_SESSION_free(objt_server(conn->target)->ssl_ctx.reused_sess);
2063
objt_server(conn->target)->ssl_ctx.reused_sess = NULL;
2064
}
2065
}
2066
2067
/* leave init state and start handshake */
2068
conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
2069
2070
sslconns++;
2071
totalsslconns++;
2072
return 0;
2073
}
2074
else if (objt_listener(conn->target)) {
2075
/* Alloc a new SSL session ctx */
2076
conn->xprt_ctx = SSL_new(objt_listener(conn->target)->bind_conf->default_ctx);
2077
if (!conn->xprt_ctx) {
2078
conn->err_code = CO_ER_SSL_NO_MEM;
2079
return -1;
2080
}
2081
2082
/* set fd on SSL session context */
2083
if (!SSL_set_fd(conn->xprt_ctx, conn->t.sock.fd)) {
2084
SSL_free(conn->xprt_ctx);
2085
conn->xprt_ctx = NULL;
2086
conn->err_code = CO_ER_SSL_NO_MEM;
2087
return -1;
2088
}
2089
2090
/* set connection pointer */
2091
if (!SSL_set_app_data(conn->xprt_ctx, conn)) {
2092
SSL_free(conn->xprt_ctx);
2093
conn->xprt_ctx = NULL;
2094
conn->err_code = CO_ER_SSL_NO_MEM;
2095
return -1;
2096
}
2097
2098
SSL_set_accept_state(conn->xprt_ctx);
2099
2100
/* leave init state and start handshake */
2101
conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
2102
2103
sslconns++;
2104
totalsslconns++;
2105
return 0;
2106
}
2107
/* don't know how to handle such a target */
2108
conn->err_code = CO_ER_SSL_NO_TARGET;
2109
return -1;
2110
}
2111
2112
2113
/* This is the callback which is used when an SSL handshake is pending. It
2114
* updates the FD status if it wants some polling before being called again.
2115
* It returns 0 if it fails in a fatal way or needs to poll to go further,
2116
* otherwise it returns non-zero and removes itself from the connection's
2117
* flags (the bit is provided in <flag> by the caller).
2118
*/
2119
int ssl_sock_handshake(struct connection *conn, unsigned int flag)
2120
{
2121
int ret;
2122
2123
if (!conn_ctrl_ready(conn))
2124
return 0;
2125
2126
if (!conn->xprt_ctx)
2127
goto out_error;
2128
2129
/* If we use SSL_do_handshake to process a reneg initiated by
2130
* the remote peer, it sometimes returns SSL_ERROR_SSL.
2131
* Usually SSL_write and SSL_read are used and process implicitly
2132
* the reneg handshake.
2133
* Here we use SSL_peek as a workaround for reneg.
2134
*/
2135
if ((conn->flags & CO_FL_CONNECTED) && SSL_renegotiate_pending(conn->xprt_ctx)) {
2136
char c;
2137
2138
ret = SSL_peek(conn->xprt_ctx, &c, 1);
2139
if (ret <= 0) {
2140
/* handshake may have not been completed, let's find why */
2141
ret = SSL_get_error(conn->xprt_ctx, ret);
2142
if (ret == SSL_ERROR_WANT_WRITE) {
2143
/* SSL handshake needs to write, L4 connection may not be ready */
2144
__conn_sock_stop_recv(conn);
2145
__conn_sock_want_send(conn);
2146
fd_cant_send(conn->t.sock.fd);
2147
return 0;
2148
}
2149
else if (ret == SSL_ERROR_WANT_READ) {
2150
/* handshake may have been completed but we have
2151
* no more data to read.
2152
*/
2153
if (!SSL_renegotiate_pending(conn->xprt_ctx)) {
2154
ret = 1;
2155
goto reneg_ok;
2156
}
2157
/* SSL handshake needs to read, L4 connection is ready */
2158
if (conn->flags & CO_FL_WAIT_L4_CONN)
2159
conn->flags &= ~CO_FL_WAIT_L4_CONN;
2160
__conn_sock_stop_send(conn);
2161
__conn_sock_want_recv(conn);
2162
fd_cant_recv(conn->t.sock.fd);
2163
return 0;
2164
}
2165
else if (ret == SSL_ERROR_SYSCALL) {
2166
/* if errno is null, then connection was successfully established */
2167
if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
2168
conn->flags &= ~CO_FL_WAIT_L4_CONN;
2169
if (!conn->err_code) {
2170
if (!((SSL *)conn->xprt_ctx)->packet_length) {
2171
if (!errno) {
2172
if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2173
conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2174
else
2175
conn->err_code = CO_ER_SSL_EMPTY;
2176
}
2177
else {
2178
if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2179
conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2180
else
2181
conn->err_code = CO_ER_SSL_ABORT;
2182
}
2183
}
2184
else {
2185
if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2186
conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2187
else
2188
conn->err_code = CO_ER_SSL_HANDSHAKE;
2189
}
2190
}
2191
goto out_error;
2192
}
2193
else {
2194
/* Fail on all other handshake errors */
2195
/* Note: OpenSSL may leave unread bytes in the socket's
2196
* buffer, causing an RST to be emitted upon close() on
2197
* TCP sockets. We first try to drain possibly pending
2198
* data to avoid this as much as possible.
2199
*/
2200
conn_drain(conn);
2201
if (!conn->err_code)
2202
conn->err_code = (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT) ?
2203
CO_ER_SSL_KILLED_HB : CO_ER_SSL_HANDSHAKE;
2204
goto out_error;
2205
}
2206
}
2207
/* read some data: consider handshake completed */
2208
goto reneg_ok;
2209
}
2210
2211
ret = SSL_do_handshake(conn->xprt_ctx);
2212
if (ret != 1) {
2213
/* handshake did not complete, let's find why */
2214
ret = SSL_get_error(conn->xprt_ctx, ret);
2215
2216
if (ret == SSL_ERROR_WANT_WRITE) {
2217
/* SSL handshake needs to write, L4 connection may not be ready */
2218
__conn_sock_stop_recv(conn);
2219
__conn_sock_want_send(conn);
2220
fd_cant_send(conn->t.sock.fd);
2221
return 0;
2222
}
2223
else if (ret == SSL_ERROR_WANT_READ) {
2224
/* SSL handshake needs to read, L4 connection is ready */
2225
if (conn->flags & CO_FL_WAIT_L4_CONN)
2226
conn->flags &= ~CO_FL_WAIT_L4_CONN;
2227
__conn_sock_stop_send(conn);
2228
__conn_sock_want_recv(conn);
2229
fd_cant_recv(conn->t.sock.fd);
2230
return 0;
2231
}
2232
else if (ret == SSL_ERROR_SYSCALL) {
2233
/* if errno is null, then connection was successfully established */
2234
if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
2235
conn->flags &= ~CO_FL_WAIT_L4_CONN;
2236
2237
if (!((SSL *)conn->xprt_ctx)->packet_length) {
2238
if (!errno) {
2239
if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2240
conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2241
else
2242
conn->err_code = CO_ER_SSL_EMPTY;
2243
}
2244
else {
2245
if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2246
conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2247
else
2248
conn->err_code = CO_ER_SSL_ABORT;
2249
}
2250
}
2251
else {
2252
if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2253
conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2254
else
2255
conn->err_code = CO_ER_SSL_HANDSHAKE;
2256
}
2257
goto out_error;
2258
}
2259
else {
2260
/* Fail on all other handshake errors */
2261
/* Note: OpenSSL may leave unread bytes in the socket's
2262
* buffer, causing an RST to be emitted upon close() on
2263
* TCP sockets. We first try to drain possibly pending
2264
* data to avoid this as much as possible.
2265
*/
2266
conn_drain(conn);
2267
if (!conn->err_code)
2268
conn->err_code = (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT) ?
2269
CO_ER_SSL_KILLED_HB : CO_ER_SSL_HANDSHAKE;
2270
goto out_error;
2271
}
2272
}
2273
2274
reneg_ok:
2275
2276
/* Handshake succeeded */
2277
if (!SSL_session_reused(conn->xprt_ctx)) {
2278
if (objt_server(conn->target)) {
2279
update_freq_ctr(&global.ssl_be_keys_per_sec, 1);
2280
if (global.ssl_be_keys_per_sec.curr_ctr > global.ssl_be_keys_max)
2281
global.ssl_be_keys_max = global.ssl_be_keys_per_sec.curr_ctr;
2282
2283
/* check if session was reused, if not store current session on server for reuse */
2284
if (objt_server(conn->target)->ssl_ctx.reused_sess)
2285
SSL_SESSION_free(objt_server(conn->target)->ssl_ctx.reused_sess);
2286
2287
objt_server(conn->target)->ssl_ctx.reused_sess = SSL_get1_session(conn->xprt_ctx);
2288
}
2289
else {
2290
update_freq_ctr(&global.ssl_fe_keys_per_sec, 1);
2291
if (global.ssl_fe_keys_per_sec.curr_ctr > global.ssl_fe_keys_max)
2292
global.ssl_fe_keys_max = global.ssl_fe_keys_per_sec.curr_ctr;
2293
}
2294
}
2295
2296
/* The connection is now established at both layers, it's time to leave */
2297
conn->flags &= ~(flag | CO_FL_WAIT_L4_CONN | CO_FL_WAIT_L6_CONN);
2298
return 1;
2299
2300
out_error:
2301
/* Clear openssl global errors stack */
2302
ERR_clear_error();
2303
2304
/* free resumed session if exists */
2305
if (objt_server(conn->target) && objt_server(conn->target)->ssl_ctx.reused_sess) {
2306
SSL_SESSION_free(objt_server(conn->target)->ssl_ctx.reused_sess);
2307
objt_server(conn->target)->ssl_ctx.reused_sess = NULL;
2308
}
2309
2310
/* Fail on all other handshake errors */
2311
conn->flags |= CO_FL_ERROR;
2312
if (!conn->err_code)
2313
conn->err_code = CO_ER_SSL_HANDSHAKE;
2314
return 0;
2315
}
2316
2317
/* Receive up to <count> bytes from connection <conn>'s socket and store them
2318
* into buffer <buf>. Only one call to recv() is performed, unless the
2319
* buffer wraps, in which case a second call may be performed. The connection's
2320
* flags are updated with whatever special event is detected (error, read0,
2321
* empty). The caller is responsible for taking care of those events and
2322
* avoiding the call if inappropriate. The function does not call the
2323
* connection's polling update function, so the caller is responsible for this.
2324
*/
2325
static int ssl_sock_to_buf(struct connection *conn, struct buffer *buf, int count)
2326
{
2327
int ret, done = 0;
2328
int try;
2329
2330
if (!conn->xprt_ctx)
2331
goto out_error;
2332
2333
if (conn->flags & CO_FL_HANDSHAKE)
2334
/* a handshake was requested */
2335
return 0;
2336
2337
/* let's realign the buffer to optimize I/O */
2338
if (buffer_empty(buf))
2339
buf->p = buf->data;
2340
2341
/* read the largest possible block. For this, we perform only one call
2342
* to recv() unless the buffer wraps and we exactly fill the first hunk,
2343
* in which case we accept to do it once again. A new attempt is made on
2344
* EINTR too.
2345
*/
2346
while (count > 0) {
2347
/* first check if we have some room after p+i */
2348
try = buf->data + buf->size - (buf->p + buf->i);
2349
/* otherwise continue between data and p-o */
2350
if (try <= 0) {
2351
try = buf->p - (buf->data + buf->o);
2352
if (try <= 0)
2353
break;
2354
}
2355
if (try > count)
2356
try = count;
2357
2358
ret = SSL_read(conn->xprt_ctx, bi_end(buf), try);
2359
if (conn->flags & CO_FL_ERROR) {
2360
/* CO_FL_ERROR may be set by ssl_sock_infocbk */
2361
goto out_error;
2362
}
2363
if (ret > 0) {
2364
buf->i += ret;
2365
done += ret;
2366
if (ret < try)
2367
break;
2368
count -= ret;
2369
}
2370
else if (ret == 0) {
2371
ret = SSL_get_error(conn->xprt_ctx, ret);
2372
if (ret != SSL_ERROR_ZERO_RETURN) {
2373
/* error on protocol or underlying transport */
2374
if ((ret != SSL_ERROR_SYSCALL)
2375
|| (errno && (errno != EAGAIN)))
2376
conn->flags |= CO_FL_ERROR;
2377
2378
/* Clear openssl global errors stack */
2379
ERR_clear_error();
2380
}
2381
goto read0;
2382
}
2383
else {
2384
ret = SSL_get_error(conn->xprt_ctx, ret);
2385
if (ret == SSL_ERROR_WANT_WRITE) {
2386
/* handshake is running, and it needs to enable write */
2387
conn->flags |= CO_FL_SSL_WAIT_HS;
2388
__conn_sock_want_send(conn);
2389
break;
2390
}
2391
else if (ret == SSL_ERROR_WANT_READ) {
2392
if (SSL_renegotiate_pending(conn->xprt_ctx)) {
2393
/* handshake is running, and it may need to re-enable read */
2394
conn->flags |= CO_FL_SSL_WAIT_HS;
2395
__conn_sock_want_recv(conn);
2396
break;
2397
}
2398
/* we need to poll for retry a read later */
2399
fd_cant_recv(conn->t.sock.fd);
2400
break;
2401
}
2402
/* otherwise it's a real error */
2403
goto out_error;
2404
}
2405
}
2406
return done;
2407
2408
read0:
2409
conn_sock_read0(conn);
2410
return done;
2411
out_error:
2412
/* Clear openssl global errors stack */
2413
ERR_clear_error();
2414
2415
conn->flags |= CO_FL_ERROR;
2416
return done;
2417
}
2418
2419
2420
/* Send all pending bytes from buffer <buf> to connection <conn>'s socket.
2421
* <flags> may contain some CO_SFL_* flags to hint the system about other
2422
* pending data for example, but this flag is ignored at the moment.
2423
* Only one call to send() is performed, unless the buffer wraps, in which case
2424
* a second call may be performed. The connection's flags are updated with
2425
* whatever special event is detected (error, empty). The caller is responsible
2426
* for taking care of those events and avoiding the call if inappropriate. The
2427
* function does not call the connection's polling update function, so the caller
2428
* is responsible for this.
2429
*/
2430
static int ssl_sock_from_buf(struct connection *conn, struct buffer *buf, int flags)
2431
{
2432
int ret, try, done;
2433
2434
done = 0;
2435
2436
if (!conn->xprt_ctx)
2437
goto out_error;
2438
2439
if (conn->flags & CO_FL_HANDSHAKE)
2440
/* a handshake was requested */
2441
return 0;
2442
2443
/* send the largest possible block. For this we perform only one call
2444
* to send() unless the buffer wraps and we exactly fill the first hunk,
2445
* in which case we accept to do it once again.
2446
*/
2447
while (buf->o) {
2448
try = bo_contig_data(buf);
2449
2450
if (!(flags & CO_SFL_STREAMER) &&
2451
!(conn->xprt_st & SSL_SOCK_SEND_UNLIMITED) &&
2452
global.tune.ssl_max_record && try > global.tune.ssl_max_record) {
2453
try = global.tune.ssl_max_record;
2454
}
2455
else {
2456
/* we need to keep the information about the fact that
2457
* we're not limiting the upcoming send(), because if it
2458
* fails, we'll have to retry with at least as many data.
2459
*/
2460
conn->xprt_st |= SSL_SOCK_SEND_UNLIMITED;
2461
}
2462
2463
ret = SSL_write(conn->xprt_ctx, bo_ptr(buf), try);
2464
2465
if (conn->flags & CO_FL_ERROR) {
2466
/* CO_FL_ERROR may be set by ssl_sock_infocbk */
2467
goto out_error;
2468
}
2469
if (ret > 0) {
2470
conn->xprt_st &= ~SSL_SOCK_SEND_UNLIMITED;
2471
2472
buf->o -= ret;
2473
done += ret;
2474
2475
if (likely(buffer_empty(buf)))
2476
/* optimize data alignment in the buffer */
2477
buf->p = buf->data;
2478
2479
/* if the system buffer is full, don't insist */
2480
if (ret < try)
2481
break;
2482
}
2483
else {
2484
ret = SSL_get_error(conn->xprt_ctx, ret);
2485
if (ret == SSL_ERROR_WANT_WRITE) {
2486
if (SSL_renegotiate_pending(conn->xprt_ctx)) {
2487
/* handshake is running, and it may need to re-enable write */
2488
conn->flags |= CO_FL_SSL_WAIT_HS;
2489
__conn_sock_want_send(conn);
2490
break;
2491
}
2492
/* we need to poll to retry a write later */
2493
fd_cant_send(conn->t.sock.fd);
2494
break;
2495
}
2496
else if (ret == SSL_ERROR_WANT_READ) {
2497
/* handshake is running, and it needs to enable read */
2498
conn->flags |= CO_FL_SSL_WAIT_HS;
2499
__conn_sock_want_recv(conn);
2500
break;
2501
}
2502
goto out_error;
2503
}
2504
}
2505
return done;
2506
2507
out_error:
2508
/* Clear openssl global errors stack */
2509
ERR_clear_error();
2510
2511
conn->flags |= CO_FL_ERROR;
2512
return done;
2513
}
2514
2515
static void ssl_sock_close(struct connection *conn) {
2516
2517
if (conn->xprt_ctx) {
2518
SSL_free(conn->xprt_ctx);
2519
conn->xprt_ctx = NULL;
2520
sslconns--;
2521
}
2522
}
2523
2524
/* This function tries to perform a clean shutdown on an SSL connection, and in
2525
* any case, flags the connection as reusable if no handshake was in progress.
2526
*/
2527
static void ssl_sock_shutw(struct connection *conn, int clean)
2528
{
2529
if (conn->flags & CO_FL_HANDSHAKE)
2530
return;
2531
/* no handshake was in progress, try a clean ssl shutdown */
2532
if (clean && (SSL_shutdown(conn->xprt_ctx) <= 0)) {
2533
/* Clear openssl global errors stack */
2534
ERR_clear_error();
2535
}
2536
2537
/* force flag on ssl to keep session in cache regardless shutdown result */
2538
SSL_set_shutdown(conn->xprt_ctx, SSL_SENT_SHUTDOWN);
2539
}
2540
2541
/* used for logging, may be changed for a sample fetch later */
2542
const char *ssl_sock_get_cipher_name(struct connection *conn)
2543
{
2544
if (!conn->xprt && !conn->xprt_ctx)
2545
return NULL;
2546
return SSL_get_cipher_name(conn->xprt_ctx);
2547
}
2548
2549
/* used for logging, may be changed for a sample fetch later */
2550
const char *ssl_sock_get_proto_version(struct connection *conn)
2551
{
2552
if (!conn->xprt && !conn->xprt_ctx)
2553
return NULL;
2554
return SSL_get_version(conn->xprt_ctx);
2555
}
2556
2557
/* Extract a serial from a cert, and copy it to a chunk.
2558
* Returns 1 if serial is found and copied, 0 if no serial found and
2559
* -1 if output is not large enough.
2560
*/
2561
static int
2562
ssl_sock_get_serial(X509 *crt, struct chunk *out)
2563
{
2564
ASN1_INTEGER *serial;
2565
2566
serial = X509_get_serialNumber(crt);
2567
if (!serial)
2568
return 0;
2569
2570
if (out->size < serial->length)
2571
return -1;
2572
2573
memcpy(out->str, serial->data, serial->length);
2574
out->len = serial->length;
2575
return 1;
2576
}
2577
2578
/* Extract a cert to der, and copy it to a chunk.
2579
* Returns 1 if cert is found and copied, 0 on der convertion failure and
2580
* -1 if output is not large enough.
2581
*/
2582
static int
2583
ssl_sock_crt2der(X509 *crt, struct chunk *out)
2584
{
2585
int len;
2586
unsigned char *p = (unsigned char *)out->str;;
2587
2588
len =i2d_X509(crt, NULL);
2589
if (len <= 0)
2590
return 1;
2591
2592
if (out->size < len)
2593
return -1;
2594
2595
i2d_X509(crt,&p);
2596
out->len = len;
2597
return 1;
2598
}
2599
2600
2601
/* Copy Date in ASN1_UTCTIME format in struct chunk out.
2602
* Returns 1 if serial is found and copied, 0 if no valid time found
2603
* and -1 if output is not large enough.
2604
*/
2605
static int
2606
ssl_sock_get_time(ASN1_TIME *tm, struct chunk *out)
2607
{
2608
if (tm->type == V_ASN1_GENERALIZEDTIME) {
2609
ASN1_GENERALIZEDTIME *gentm = (ASN1_GENERALIZEDTIME *)tm;
2610
2611
if (gentm->length < 12)
2612
return 0;
2613
if (gentm->data[0] != 0x32 || gentm->data[1] != 0x30)
2614
return 0;
2615
if (out->size < gentm->length-2)
2616
return -1;
2617
2618
memcpy(out->str, gentm->data+2, gentm->length-2);
2619
out->len = gentm->length-2;
2620
return 1;
2621
}
2622
else if (tm->type == V_ASN1_UTCTIME) {
2623
ASN1_UTCTIME *utctm = (ASN1_UTCTIME *)tm;
2624
2625
if (utctm->length < 10)
2626
return 0;
2627
if (utctm->data[0] >= 0x35)
2628
return 0;
2629
if (out->size < utctm->length)
2630
return -1;
2631
2632
memcpy(out->str, utctm->data, utctm->length);
2633
out->len = utctm->length;
2634
return 1;
2635
}
2636
2637
return 0;
2638
}
2639
2640
/* Extract an entry from a X509_NAME and copy its value to an output chunk.
2641
* Returns 1 if entry found, 0 if entry not found, or -1 if output not large enough.
2642
*/
2643
static int
2644
ssl_sock_get_dn_entry(X509_NAME *a, const struct chunk *entry, int pos, struct chunk *out)
2645
{
2646
X509_NAME_ENTRY *ne;
2647
int i, j, n;
2648
int cur = 0;
2649
const char *s;
2650
char tmp[128];
2651
2652
out->len = 0;
2653
for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
2654
if (pos < 0)
2655
j = (sk_X509_NAME_ENTRY_num(a->entries)-1) - i;
2656
else
2657
j = i;
2658
2659
ne = sk_X509_NAME_ENTRY_value(a->entries, j);
2660
n = OBJ_obj2nid(ne->object);
2661
if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
2662
i2t_ASN1_OBJECT(tmp, sizeof(tmp), ne->object);
2663
s = tmp;
2664
}
2665
2666
if (chunk_strcasecmp(entry, s) != 0)
2667
continue;
2668
2669
if (pos < 0)
2670
cur--;
2671
else
2672
cur++;
2673
2674
if (cur != pos)
2675
continue;
2676
2677
if (ne->value->length > out->size)
2678
return -1;
2679
2680
memcpy(out->str, ne->value->data, ne->value->length);
2681
out->len = ne->value->length;
2682
return 1;
2683
}
2684
2685
return 0;
2686
2687
}
2688
2689
/* Extract and format full DN from a X509_NAME and copy result into a chunk
2690
* Returns 1 if dn entries exits, 0 if no dn entry found or -1 if output is not large enough.
2691
*/
2692
static int
2693
ssl_sock_get_dn_oneline(X509_NAME *a, struct chunk *out)
2694
{
2695
X509_NAME_ENTRY *ne;
2696
int i, n, ln;
2697
int l = 0;
2698
const char *s;
2699
char *p;
2700
char tmp[128];
2701
2702
out->len = 0;
2703
p = out->str;
2704
for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
2705
ne = sk_X509_NAME_ENTRY_value(a->entries, i);
2706
n = OBJ_obj2nid(ne->object);
2707
if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
2708
i2t_ASN1_OBJECT(tmp, sizeof(tmp), ne->object);
2709
s = tmp;
2710
}
2711
ln = strlen(s);
2712
2713
l += 1 + ln + 1 + ne->value->length;
2714
if (l > out->size)
2715
return -1;
2716
out->len = l;
2717
2718
*(p++)='/';
2719
memcpy(p, s, ln);
2720
p += ln;
2721
*(p++)='=';
2722
memcpy(p, ne->value->data, ne->value->length);
2723
p += ne->value->length;
2724
}
2725
2726
if (!out->len)
2727
return 0;
2728
2729
return 1;
2730
}
2731
2732
char *ssl_sock_get_version(struct connection *conn)
2733
{
2734
if (!ssl_sock_is_ssl(conn))
2735
return NULL;
2736
2737
return (char *)SSL_get_version(conn->xprt_ctx);
2738
}
2739
2740
/* Extract peer certificate's common name into the chunk dest
2741
* Returns
2742
* the len of the extracted common name
2743
* or 0 if no CN found in DN
2744
* or -1 on error case (i.e. no peer certificate)
2745
*/
2746
int ssl_sock_get_remote_common_name(struct connection *conn, struct chunk *dest)
2747
{
2748
X509 *crt = NULL;
2749
X509_NAME *name;
2750
const char find_cn[] = "CN";
2751
const struct chunk find_cn_chunk = {
2752
.str = (char *)&find_cn,
2753
.len = sizeof(find_cn)-1
2754
};
2755
int result = -1;
2756
2757
if (!ssl_sock_is_ssl(conn))
2758
goto out;
2759
2760
/* SSL_get_peer_certificate, it increase X509 * ref count */
2761
crt = SSL_get_peer_certificate(conn->xprt_ctx);
2762
if (!crt)
2763
goto out;
2764
2765
name = X509_get_subject_name(crt);
2766
if (!name)
2767
goto out;
2768
2769
result = ssl_sock_get_dn_entry(name, &find_cn_chunk, 1, dest);
2770
out:
2771
if (crt)
2772
X509_free(crt);
2773
2774
return result;
2775
}
2776
2777
/* returns 1 if client passed a certificate for this session, 0 if not */
2778
int ssl_sock_get_cert_used_sess(struct connection *conn)
2779
{
2780
X509 *crt = NULL;
2781
2782
if (!ssl_sock_is_ssl(conn))
2783
return 0;
2784
2785
/* SSL_get_peer_certificate, it increase X509 * ref count */
2786
crt = SSL_get_peer_certificate(conn->xprt_ctx);
2787
if (!crt)
2788
return 0;
2789
2790
X509_free(crt);
2791
return 1;
2792
}
2793
2794
/* returns 1 if client passed a certificate for this connection, 0 if not */
2795
int ssl_sock_get_cert_used_conn(struct connection *conn)
2796
{
2797
if (!ssl_sock_is_ssl(conn))
2798
return 0;
2799
2800
return SSL_SOCK_ST_FL_VERIFY_DONE & conn->xprt_st ? 1 : 0;
2801
}
2802
2803
/* returns result from SSL verify */
2804
unsigned int ssl_sock_get_verify_result(struct connection *conn)
2805
{
2806
if (!ssl_sock_is_ssl(conn))
2807
return (unsigned int)X509_V_ERR_APPLICATION_VERIFICATION;
2808
2809
return (unsigned int)SSL_get_verify_result(conn->xprt_ctx);
2810
}
2811
2812
/***** Below are some sample fetching functions for ACL/patterns *****/
2813
2814
/* boolean, returns true if client cert was present */
2815
static int
2816
smp_fetch_ssl_fc_has_crt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
2817
const struct arg *args, struct sample *smp, const char *kw)
2818
{
2819
struct connection *conn;
2820
2821
if (!l4)
2822
return 0;
2823
2824
conn = objt_conn(l4->si[0].end);
2825
if (!conn || conn->xprt != &ssl_sock)
2826
return 0;
2827
2828
if (!(conn->flags & CO_FL_CONNECTED)) {
2829
smp->flags |= SMP_F_MAY_CHANGE;
2830
return 0;
2831
}
2832
2833
smp->flags = 0;
2834
smp->type = SMP_T_BOOL;
2835
smp->data.uint = SSL_SOCK_ST_FL_VERIFY_DONE & conn->xprt_st ? 1 : 0;
2836
2837
return 1;
2838
}
2839
2840
/* binary, returns a certificate in a binary chunk (der/raw).
2841
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
2842
* should be use.
2843
*/
2844
static int
2845
smp_fetch_ssl_x_der(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
2846
const struct arg *args, struct sample *smp, const char *kw)
2847
{
2848
int cert_peer = (kw[4] == 'c') ? 1 : 0;
2849
X509 *crt = NULL;
2850
int ret = 0;
2851
struct chunk *smp_trash;
2852
struct connection *conn;
2853
2854
if (!l4)
2855
return 0;
2856
2857
conn = objt_conn(l4->si[0].end);
2858
if (!conn || conn->xprt != &ssl_sock)
2859
return 0;
2860
2861
if (!(conn->flags & CO_FL_CONNECTED)) {
2862
smp->flags |= SMP_F_MAY_CHANGE;
2863
return 0;
2864
}
2865
2866
if (cert_peer)
2867
crt = SSL_get_peer_certificate(conn->xprt_ctx);
2868
else
2869
crt = SSL_get_certificate(conn->xprt_ctx);
2870
2871
if (!crt)
2872
goto out;
2873
2874
smp_trash = get_trash_chunk();
2875
if (ssl_sock_crt2der(crt, smp_trash) <= 0)
2876
goto out;
2877
2878
smp->data.str = *smp_trash;
2879
smp->type = SMP_T_BIN;
2880
ret = 1;
2881
out:
2882
/* SSL_get_peer_certificate, it increase X509 * ref count */
2883
if (cert_peer && crt)
2884
X509_free(crt);
2885
return ret;
2886
}
2887
2888
/* binary, returns serial of certificate in a binary chunk.
2889
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
2890
* should be use.
2891
*/
2892
static int
2893
smp_fetch_ssl_x_serial(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
2894
const struct arg *args, struct sample *smp, const char *kw)
2895
{
2896
int cert_peer = (kw[4] == 'c') ? 1 : 0;
2897
X509 *crt = NULL;
2898
int ret = 0;
2899
struct chunk *smp_trash;
2900
struct connection *conn;
2901
2902
if (!l4)
2903
return 0;
2904
2905
conn = objt_conn(l4->si[0].end);
2906
if (!conn || conn->xprt != &ssl_sock)
2907
return 0;
2908
2909
if (!(conn->flags & CO_FL_CONNECTED)) {
2910
smp->flags |= SMP_F_MAY_CHANGE;
2911
return 0;
2912
}
2913
2914
if (cert_peer)
2915
crt = SSL_get_peer_certificate(conn->xprt_ctx);
2916
else
2917
crt = SSL_get_certificate(conn->xprt_ctx);
2918
2919
if (!crt)
2920
goto out;
2921
2922
smp_trash = get_trash_chunk();
2923
if (ssl_sock_get_serial(crt, smp_trash) <= 0)
2924
goto out;
2925
2926
smp->data.str = *smp_trash;
2927
smp->type = SMP_T_BIN;
2928
ret = 1;
2929
out:
2930
/* SSL_get_peer_certificate, it increase X509 * ref count */
2931
if (cert_peer && crt)
2932
X509_free(crt);
2933
return ret;
2934
}
2935
2936
/* binary, returns the client certificate's SHA-1 fingerprint (SHA-1 hash of DER-encoded certificate) in a binary chunk.
2937
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
2938
* should be use.
2939
*/
2940
static int
2941
smp_fetch_ssl_x_sha1(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
2942
const struct arg *args, struct sample *smp, const char *kw)
2943
{
2944
int cert_peer = (kw[4] == 'c') ? 1 : 0;
2945
X509 *crt = NULL;
2946
const EVP_MD *digest;
2947
int ret = 0;
2948
struct chunk *smp_trash;
2949
struct connection *conn;
2950
2951
if (!l4)
2952
return 0;
2953
2954
conn = objt_conn(l4->si[0].end);
2955
if (!conn || conn->xprt != &ssl_sock)
2956
return 0;
2957
2958
if (!(conn->flags & CO_FL_CONNECTED)) {
2959
smp->flags |= SMP_F_MAY_CHANGE;
2960
return 0;
2961
}
2962
2963
if (cert_peer)
2964
crt = SSL_get_peer_certificate(conn->xprt_ctx);
2965
else
2966
crt = SSL_get_certificate(conn->xprt_ctx);
2967
if (!crt)
2968
goto out;
2969
2970
smp_trash = get_trash_chunk();
2971
digest = EVP_sha1();
2972
X509_digest(crt, digest, (unsigned char *)smp_trash->str, (unsigned int *)&smp_trash->len);
2973
2974
smp->data.str = *smp_trash;
2975
smp->type = SMP_T_BIN;
2976
ret = 1;
2977
out:
2978
/* SSL_get_peer_certificate, it increase X509 * ref count */
2979
if (cert_peer && crt)
2980
X509_free(crt);
2981
return ret;
2982
}
2983
2984
/* string, returns certificate's notafter date in ASN1_UTCTIME format.
2985
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
2986
* should be use.
2987
*/
2988
static int
2989
smp_fetch_ssl_x_notafter(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
2990
const struct arg *args, struct sample *smp, const char *kw)
2991
{
2992
int cert_peer = (kw[4] == 'c') ? 1 : 0;
2993
X509 *crt = NULL;
2994
int ret = 0;
2995
struct chunk *smp_trash;
2996
struct connection *conn;
2997
2998
if (!l4)
2999
return 0;
3000
3001
conn = objt_conn(l4->si[0].end);
3002
if (!conn || conn->xprt != &ssl_sock)
3003
return 0;
3004
3005
if (!(conn->flags & CO_FL_CONNECTED)) {
3006
smp->flags |= SMP_F_MAY_CHANGE;
3007
return 0;
3008
}
3009
3010
if (cert_peer)
3011
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3012
else
3013
crt = SSL_get_certificate(conn->xprt_ctx);
3014
if (!crt)
3015
goto out;
3016
3017
smp_trash = get_trash_chunk();
3018
if (ssl_sock_get_time(X509_get_notAfter(crt), smp_trash) <= 0)
3019
goto out;
3020
3021
smp->data.str = *smp_trash;
3022
smp->type = SMP_T_STR;
3023
ret = 1;
3024
out:
3025
/* SSL_get_peer_certificate, it increase X509 * ref count */
3026
if (cert_peer && crt)
3027
X509_free(crt);
3028
return ret;
3029
}
3030
3031
/* string, returns a string of a formatted full dn \C=..\O=..\OU=.. \CN=.. of certificate's issuer
3032
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3033
* should be use.
3034
*/
3035
static int
3036
smp_fetch_ssl_x_i_dn(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3037
const struct arg *args, struct sample *smp, const char *kw)
3038
{
3039
int cert_peer = (kw[4] == 'c') ? 1 : 0;
3040
X509 *crt = NULL;
3041
X509_NAME *name;
3042
int ret = 0;
3043
struct chunk *smp_trash;
3044
struct connection *conn;
3045
3046
if (!l4)
3047
return 0;
3048
3049
conn = objt_conn(l4->si[0].end);
3050
if (!conn || conn->xprt != &ssl_sock)
3051
return 0;
3052
3053
if (!(conn->flags & CO_FL_CONNECTED)) {
3054
smp->flags |= SMP_F_MAY_CHANGE;
3055
return 0;
3056
}
3057
3058
if (cert_peer)
3059
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3060
else
3061
crt = SSL_get_certificate(conn->xprt_ctx);
3062
if (!crt)
3063
goto out;
3064
3065
name = X509_get_issuer_name(crt);
3066
if (!name)
3067
goto out;
3068
3069
smp_trash = get_trash_chunk();
3070
if (args && args[0].type == ARGT_STR) {
3071
int pos = 1;
3072
3073
if (args[1].type == ARGT_SINT)
3074
pos = args[1].data.sint;
3075
else if (args[1].type == ARGT_UINT)
3076
pos =(int)args[1].data.uint;
3077
3078
if (ssl_sock_get_dn_entry(name, &args[0].data.str, pos, smp_trash) <= 0)
3079
goto out;
3080
}
3081
else if (ssl_sock_get_dn_oneline(name, smp_trash) <= 0)
3082
goto out;
3083
3084
smp->type = SMP_T_STR;
3085
smp->data.str = *smp_trash;
3086
ret = 1;
3087
out:
3088
/* SSL_get_peer_certificate, it increase X509 * ref count */
3089
if (cert_peer && crt)
3090
X509_free(crt);
3091
return ret;
3092
}
3093
3094
/* string, returns notbefore date in ASN1_UTCTIME format.
3095
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3096
* should be use.
3097
*/
3098
static int
3099
smp_fetch_ssl_x_notbefore(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3100
const struct arg *args, struct sample *smp, const char *kw)
3101
{
3102
int cert_peer = (kw[4] == 'c') ? 1 : 0;
3103
X509 *crt = NULL;
3104
int ret = 0;
3105
struct chunk *smp_trash;
3106
struct connection *conn;
3107
3108
if (!l4)
3109
return 0;
3110
3111
conn = objt_conn(l4->si[0].end);
3112
if (!conn || conn->xprt != &ssl_sock)
3113
return 0;
3114
3115
if (!(conn->flags & CO_FL_CONNECTED)) {
3116
smp->flags |= SMP_F_MAY_CHANGE;
3117
return 0;
3118
}
3119
3120
if (cert_peer)
3121
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3122
else
3123
crt = SSL_get_certificate(conn->xprt_ctx);
3124
if (!crt)
3125
goto out;
3126
3127
smp_trash = get_trash_chunk();
3128
if (ssl_sock_get_time(X509_get_notBefore(crt), smp_trash) <= 0)
3129
goto out;
3130
3131
smp->data.str = *smp_trash;
3132
smp->type = SMP_T_STR;
3133
ret = 1;
3134
out:
3135
/* SSL_get_peer_certificate, it increase X509 * ref count */
3136
if (cert_peer && crt)
3137
X509_free(crt);
3138
return ret;
3139
}
3140
3141
/* string, returns a string of a formatted full dn \C=..\O=..\OU=.. \CN=.. of certificate's subject
3142
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3143
* should be use.
3144
*/
3145
static int
3146
smp_fetch_ssl_x_s_dn(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3147
const struct arg *args, struct sample *smp, const char *kw)
3148
{
3149
int cert_peer = (kw[4] == 'c') ? 1 : 0;
3150
X509 *crt = NULL;
3151
X509_NAME *name;
3152
int ret = 0;
3153
struct chunk *smp_trash;
3154
struct connection *conn;
3155
3156
if (!l4)
3157
return 0;
3158
3159
conn = objt_conn(l4->si[0].end);
3160
if (!conn || conn->xprt != &ssl_sock)
3161
return 0;
3162
3163
if (!(conn->flags & CO_FL_CONNECTED)) {
3164
smp->flags |= SMP_F_MAY_CHANGE;
3165
return 0;
3166
}
3167
3168
if (cert_peer)
3169
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3170
else
3171
crt = SSL_get_certificate(conn->xprt_ctx);
3172
if (!crt)
3173
goto out;
3174
3175
name = X509_get_subject_name(crt);
3176
if (!name)
3177
goto out;
3178
3179
smp_trash = get_trash_chunk();
3180
if (args && args[0].type == ARGT_STR) {
3181
int pos = 1;
3182
3183
if (args[1].type == ARGT_SINT)
3184
pos = args[1].data.sint;
3185
else if (args[1].type == ARGT_UINT)
3186
pos =(int)args[1].data.uint;
3187
3188
if (ssl_sock_get_dn_entry(name, &args[0].data.str, pos, smp_trash) <= 0)
3189
goto out;
3190
}
3191
else if (ssl_sock_get_dn_oneline(name, smp_trash) <= 0)
3192
goto out;
3193
3194
smp->type = SMP_T_STR;
3195
smp->data.str = *smp_trash;
3196
ret = 1;
3197
out:
3198
/* SSL_get_peer_certificate, it increase X509 * ref count */
3199
if (cert_peer && crt)
3200
X509_free(crt);
3201
return ret;
3202
}
3203
3204
/* integer, returns true if current session use a client certificate */
3205
static int
3206
smp_fetch_ssl_c_used(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3207
const struct arg *args, struct sample *smp, const char *kw)
3208
{
3209
X509 *crt;
3210
struct connection *conn;
3211
3212
if (!l4)
3213
return 0;
3214
3215
conn = objt_conn(l4->si[0].end);
3216
if (!conn || conn->xprt != &ssl_sock)
3217
return 0;
3218
3219
if (!(conn->flags & CO_FL_CONNECTED)) {
3220
smp->flags |= SMP_F_MAY_CHANGE;
3221
return 0;
3222
}
3223
3224
/* SSL_get_peer_certificate returns a ptr on allocated X509 struct */
3225
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3226
if (crt) {
3227
X509_free(crt);
3228
}
3229
3230
smp->type = SMP_T_BOOL;
3231
smp->data.uint = (crt != NULL);
3232
return 1;
3233
}
3234
3235
/* integer, returns the certificate version
3236
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3237
* should be use.
3238
*/
3239
static int
3240
smp_fetch_ssl_x_version(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3241
const struct arg *args, struct sample *smp, const char *kw)
3242
{
3243
int cert_peer = (kw[4] == 'c') ? 1 : 0;
3244
X509 *crt;
3245
struct connection *conn;
3246
3247
if (!l4)
3248
return 0;
3249
3250
conn = objt_conn(l4->si[0].end);
3251
if (!conn || conn->xprt != &ssl_sock)
3252
return 0;
3253
3254
if (!(conn->flags & CO_FL_CONNECTED)) {
3255
smp->flags |= SMP_F_MAY_CHANGE;
3256
return 0;
3257
}
3258
3259
if (cert_peer)
3260
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3261
else
3262
crt = SSL_get_certificate(conn->xprt_ctx);
3263
if (!crt)
3264
return 0;
3265
3266
smp->data.uint = (unsigned int)(1 + X509_get_version(crt));
3267
/* SSL_get_peer_certificate increase X509 * ref count */
3268
if (cert_peer)
3269
X509_free(crt);
3270
smp->type = SMP_T_UINT;
3271
3272
return 1;
3273
}
3274
3275
/* string, returns the certificate's signature algorithm.
3276
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3277
* should be use.
3278
*/
3279
static int
3280
smp_fetch_ssl_x_sig_alg(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3281
const struct arg *args, struct sample *smp, const char *kw)
3282
{
3283
int cert_peer = (kw[4] == 'c') ? 1 : 0;
3284
X509 *crt;
3285
int nid;
3286
struct connection *conn;
3287
3288
if (!l4)
3289
return 0;
3290
3291
conn = objt_conn(l4->si[0].end);
3292
if (!conn || conn->xprt != &ssl_sock)
3293
return 0;
3294
3295
if (!(conn->flags & CO_FL_CONNECTED)) {
3296
smp->flags |= SMP_F_MAY_CHANGE;
3297
return 0;
3298
}
3299
3300
if (cert_peer)
3301
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3302
else
3303
crt = SSL_get_certificate(conn->xprt_ctx);
3304
if (!crt)
3305
return 0;
3306
3307
nid = OBJ_obj2nid((ASN1_OBJECT *)(crt->cert_info->signature->algorithm));
3308
3309
smp->data.str.str = (char *)OBJ_nid2sn(nid);
3310
if (!smp->data.str.str) {
3311
/* SSL_get_peer_certificate increase X509 * ref count */
3312
if (cert_peer)
3313
X509_free(crt);
3314
return 0;
3315
}
3316
3317
smp->type = SMP_T_STR;
3318
smp->flags |= SMP_F_CONST;
3319
smp->data.str.len = strlen(smp->data.str.str);
3320
/* SSL_get_peer_certificate increase X509 * ref count */
3321
if (cert_peer)
3322
X509_free(crt);
3323
3324
return 1;
3325
}
3326
3327
/* string, returns the certificate's key algorithm.
3328
* The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3329
* should be use.
3330
*/
3331
static int
3332
smp_fetch_ssl_x_key_alg(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3333
const struct arg *args, struct sample *smp, const char *kw)
3334
{
3335
int cert_peer = (kw[4] == 'c') ? 1 : 0;
3336
X509 *crt;
3337
int nid;
3338
struct connection *conn;
3339
3340
if (!l4)
3341
return 0;
3342
3343
conn = objt_conn(l4->si[0].end);
3344
if (!conn || conn->xprt != &ssl_sock)
3345
return 0;
3346
3347
if (!(conn->flags & CO_FL_CONNECTED)) {
3348
smp->flags |= SMP_F_MAY_CHANGE;
3349
return 0;
3350
}
3351
3352
if (cert_peer)
3353
crt = SSL_get_peer_certificate(conn->xprt_ctx);
3354
else
3355
crt = SSL_get_certificate(conn->xprt_ctx);
3356
if (!crt)
3357
return 0;
3358
3359
nid = OBJ_obj2nid((ASN1_OBJECT *)(crt->cert_info->key->algor->algorithm));
3360
3361
smp->data.str.str = (char *)OBJ_nid2sn(nid);
3362
if (!smp->data.str.str) {
3363
/* SSL_get_peer_certificate increase X509 * ref count */
3364
if (cert_peer)
3365
X509_free(crt);
3366
return 0;
3367
}
3368
3369
smp->type = SMP_T_STR;
3370
smp->flags |= SMP_F_CONST;
3371
smp->data.str.len = strlen(smp->data.str.str);
3372
if (cert_peer)
3373
X509_free(crt);
3374
3375
return 1;
3376
}
3377
3378
/* boolean, returns true if front conn. transport layer is SSL.
3379
* This function is also usable on backend conn if the fetch keyword 5th
3380
* char is 'b'.
3381
*/
3382
static int
3383
smp_fetch_ssl_fc(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3384
const struct arg *args, struct sample *smp, const char *kw)
3385
{
3386
int back_conn = (kw[4] == 'b') ? 1 : 0;
3387
struct connection *conn = objt_conn(l4->si[back_conn].end);
3388
3389
smp->type = SMP_T_BOOL;
3390
smp->data.uint = (conn && conn->xprt == &ssl_sock);
3391
return 1;
3392
}
3393
3394
/* boolean, returns true if client present a SNI */
3395
static int
3396
smp_fetch_ssl_fc_has_sni(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3397
const struct arg *args, struct sample *smp, const char *kw)
3398
{
3399
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
3400
struct connection *conn = objt_conn(l4->si[0].end);
3401
3402
smp->type = SMP_T_BOOL;
3403
smp->data.uint = (conn && conn->xprt == &ssl_sock) &&
3404
conn->xprt_ctx &&
3405
SSL_get_servername(conn->xprt_ctx, TLSEXT_NAMETYPE_host_name) != NULL;
3406
return 1;
3407
#else
3408
return 0;
3409
#endif
3410
}
3411
3412
/* string, returns the used cipher if front conn. transport layer is SSL.
3413
* This function is also usable on backend conn if the fetch keyword 5th
3414
* char is 'b'.
3415
*/
3416
static int
3417
smp_fetch_ssl_fc_cipher(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3418
const struct arg *args, struct sample *smp, const char *kw)
3419
{
3420
int back_conn = (kw[4] == 'b') ? 1 : 0;
3421
struct connection *conn;
3422
3423
smp->flags = 0;
3424
3425
if (!l4)
3426
return 0;
3427
3428
conn = objt_conn(l4->si[back_conn].end);
3429
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3430
return 0;
3431
3432
smp->data.str.str = (char *)SSL_get_cipher_name(conn->xprt_ctx);
3433
if (!smp->data.str.str)
3434
return 0;
3435
3436
smp->type = SMP_T_STR;
3437
smp->flags |= SMP_F_CONST;
3438
smp->data.str.len = strlen(smp->data.str.str);
3439
3440
return 1;
3441
}
3442
3443
/* integer, returns the algoritm's keysize if front conn. transport layer
3444
* is SSL.
3445
* This function is also usable on backend conn if the fetch keyword 5th
3446
* char is 'b'.
3447
*/
3448
static int
3449
smp_fetch_ssl_fc_alg_keysize(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3450
const struct arg *args, struct sample *smp, const char *kw)
3451
{
3452
int back_conn = (kw[4] == 'b') ? 1 : 0;
3453
struct connection *conn;
3454
3455
smp->flags = 0;
3456
3457
if (!l4)
3458
return 0;
3459
3460
conn = objt_conn(l4->si[back_conn].end);
3461
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3462
return 0;
3463
3464
if (!SSL_get_cipher_bits(conn->xprt_ctx, (int *)&smp->data.uint))
3465
return 0;
3466
3467
smp->type = SMP_T_UINT;
3468
3469
return 1;
3470
}
3471
3472
/* integer, returns the used keysize if front conn. transport layer is SSL.
3473
* This function is also usable on backend conn if the fetch keyword 5th
3474
* char is 'b'.
3475
*/
3476
static int
3477
smp_fetch_ssl_fc_use_keysize(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3478
const struct arg *args, struct sample *smp, const char *kw)
3479
{
3480
int back_conn = (kw[4] == 'b') ? 1 : 0;
3481
struct connection *conn;
3482
3483
smp->flags = 0;
3484
3485
if (!l4)
3486
return 0;
3487
3488
conn = objt_conn(l4->si[back_conn].end);
3489
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3490
return 0;
3491
3492
smp->data.uint = (unsigned int)SSL_get_cipher_bits(conn->xprt_ctx, NULL);
3493
if (!smp->data.uint)
3494
return 0;
3495
3496
smp->type = SMP_T_UINT;
3497
3498
return 1;
3499
}
3500
3501
#ifdef OPENSSL_NPN_NEGOTIATED
3502
static int
3503
smp_fetch_ssl_fc_npn(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3504
const struct arg *args, struct sample *smp, const char *kw)
3505
{
3506
struct connection *conn;
3507
3508
smp->flags = SMP_F_CONST;
3509
smp->type = SMP_T_STR;
3510
3511
if (!l4)
3512
return 0;
3513
3514
conn = objt_conn(l4->si[0].end);
3515
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3516
return 0;
3517
3518
smp->data.str.str = NULL;
3519
SSL_get0_next_proto_negotiated(conn->xprt_ctx,
3520
(const unsigned char **)&smp->data.str.str, (unsigned *)&smp->data.str.len);
3521
3522
if (!smp->data.str.str)
3523
return 0;
3524
3525
return 1;
3526
}
3527
#endif
3528
3529
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
3530
static int
3531
smp_fetch_ssl_fc_alpn(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3532
const struct arg *args, struct sample *smp, const char *kw)
3533
{
3534
struct connection *conn;
3535
3536
smp->flags = SMP_F_CONST;
3537
smp->type = SMP_T_STR;
3538
3539
if (!l4)
3540
return 0;
3541
3542
conn = objt_conn(l4->si[0].end);
3543
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3544
return 0;
3545
3546
smp->data.str.str = NULL;
3547
SSL_get0_alpn_selected(conn->xprt_ctx,
3548
(const unsigned char **)&smp->data.str.str, (unsigned *)&smp->data.str.len);
3549
3550
if (!smp->data.str.str)
3551
return 0;
3552
3553
return 1;
3554
}
3555
#endif
3556
3557
/* string, returns the used protocol if front conn. transport layer is SSL.
3558
* This function is also usable on backend conn if the fetch keyword 5th
3559
* char is 'b'.
3560
*/
3561
static int
3562
smp_fetch_ssl_fc_protocol(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3563
const struct arg *args, struct sample *smp, const char *kw)
3564
{
3565
int back_conn = (kw[4] == 'b') ? 1 : 0;
3566
struct connection *conn;
3567
3568
smp->flags = 0;
3569
3570
if (!l4)
3571
return 0;
3572
3573
conn = objt_conn(l4->si[back_conn].end);
3574
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3575
return 0;
3576
3577
smp->data.str.str = (char *)SSL_get_version(conn->xprt_ctx);
3578
if (!smp->data.str.str)
3579
return 0;
3580
3581
smp->type = SMP_T_STR;
3582
smp->flags = SMP_F_CONST;
3583
smp->data.str.len = strlen(smp->data.str.str);
3584
3585
return 1;
3586
}
3587
3588
/* binary, returns the SSL session id if front conn. transport layer is SSL.
3589
* This function is also usable on backend conn if the fetch keyword 5th
3590
* char is 'b'.
3591
*/
3592
static int
3593
smp_fetch_ssl_fc_session_id(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3594
const struct arg *args, struct sample *smp, const char *kw)
3595
{
3596
#if OPENSSL_VERSION_NUMBER > 0x0090800fL
3597
int back_conn = (kw[4] == 'b') ? 1 : 0;
3598
SSL_SESSION *sess;
3599
struct connection *conn;
3600
3601
smp->flags = SMP_F_CONST;
3602
smp->type = SMP_T_BIN;
3603
3604
if (!l4)
3605
return 0;
3606
3607
conn = objt_conn(l4->si[back_conn].end);
3608
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3609
return 0;
3610
3611
sess = SSL_get_session(conn->xprt_ctx);
3612
if (!sess)
3613
return 0;
3614
3615
smp->data.str.str = (char *)SSL_SESSION_get_id(sess, (unsigned int *)&smp->data.str.len);
3616
if (!smp->data.str.str || !&smp->data.str.len)
3617
return 0;
3618
3619
return 1;
3620
#else
3621
return 0;
3622
#endif
3623
}
3624
3625
static int
3626
smp_fetch_ssl_fc_sni(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3627
const struct arg *args, struct sample *smp, const char *kw)
3628
{
3629
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
3630
struct connection *conn;
3631
3632
smp->flags = SMP_F_CONST;
3633
smp->type = SMP_T_STR;
3634
3635
if (!l4)
3636
return 0;
3637
3638
conn = objt_conn(l4->si[0].end);
3639
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3640
return 0;
3641
3642
smp->data.str.str = (char *)SSL_get_servername(conn->xprt_ctx, TLSEXT_NAMETYPE_host_name);
3643
if (!smp->data.str.str)
3644
return 0;
3645
3646
smp->data.str.len = strlen(smp->data.str.str);
3647
return 1;
3648
#else
3649
return 0;
3650
#endif
3651
}
3652
3653
static int
3654
smp_fetch_ssl_fc_unique_id(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3655
const struct arg *args, struct sample *smp, const char *kw)
3656
{
3657
#if OPENSSL_VERSION_NUMBER > 0x0090800fL
3658
int back_conn = (kw[4] == 'b') ? 1 : 0;
3659
struct connection *conn;
3660
int finished_len;
3661
struct chunk *finished_trash;
3662
3663
smp->flags = 0;
3664
3665
if (!l4)
3666
return 0;
3667
3668
conn = objt_conn(l4->si[back_conn].end);
3669
if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3670
return 0;
3671
3672
if (!(conn->flags & CO_FL_CONNECTED)) {
3673
smp->flags |= SMP_F_MAY_CHANGE;
3674
return 0;
3675
}
3676
3677
finished_trash = get_trash_chunk();
3678
if (!SSL_session_reused(conn->xprt_ctx))
3679
finished_len = SSL_get_peer_finished(conn->xprt_ctx, finished_trash->str, finished_trash->size);
3680
else
3681
finished_len = SSL_get_finished(conn->xprt_ctx, finished_trash->str, finished_trash->size);
3682
3683
if (!finished_len)
3684
return 0;
3685
3686
finished_trash->len = finished_len;
3687
smp->data.str = *finished_trash;
3688
smp->type = SMP_T_BIN;
3689
3690
return 1;
3691
#else
3692
return 0;
3693
#endif
3694
}
3695
3696
/* integer, returns the first verify error in CA chain of client certificate chain. */
3697
static int
3698
smp_fetch_ssl_c_ca_err(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3699
const struct arg *args, struct sample *smp, const char *kw)
3700
{
3701
struct connection *conn;
3702
3703
if (!l4)
3704
return 0;
3705
3706
conn = objt_conn(l4->si[0].end);
3707
if (!conn || conn->xprt != &ssl_sock)
3708
return 0;
3709
3710
if (!(conn->flags & CO_FL_CONNECTED)) {
3711
smp->flags = SMP_F_MAY_CHANGE;
3712
return 0;
3713
}
3714
3715
smp->type = SMP_T_UINT;
3716
smp->data.uint = (unsigned int)SSL_SOCK_ST_TO_CA_ERROR(conn->xprt_st);
3717
smp->flags = 0;
3718
3719
return 1;
3720
}
3721
3722
/* integer, returns the depth of the first verify error in CA chain of client certificate chain. */
3723
static int
3724
smp_fetch_ssl_c_ca_err_depth(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3725
const struct arg *args, struct sample *smp, const char *kw)
3726
{
3727
struct connection *conn;
3728
3729
if (!l4)
3730
return 0;
3731
3732
conn = objt_conn(l4->si[0].end);
3733
if (!conn || conn->xprt != &ssl_sock)
3734
return 0;
3735
3736
if (!(conn->flags & CO_FL_CONNECTED)) {
3737
smp->flags = SMP_F_MAY_CHANGE;
3738
return 0;
3739
}
3740
3741
smp->type = SMP_T_UINT;
3742
smp->data.uint = (unsigned int)SSL_SOCK_ST_TO_CAEDEPTH(conn->xprt_st);
3743
smp->flags = 0;
3744
3745
return 1;
3746
}
3747
3748
/* integer, returns the first verify error on client certificate */
3749
static int
3750
smp_fetch_ssl_c_err(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3751
const struct arg *args, struct sample *smp, const char *kw)
3752
{
3753
struct connection *conn;
3754
3755
if (!l4)
3756
return 0;
3757
3758
conn = objt_conn(l4->si[0].end);
3759
if (!conn || conn->xprt != &ssl_sock)
3760
return 0;
3761
3762
if (!(conn->flags & CO_FL_CONNECTED)) {
3763
smp->flags = SMP_F_MAY_CHANGE;
3764
return 0;
3765
}
3766
3767
smp->type = SMP_T_UINT;
3768
smp->data.uint = (unsigned int)SSL_SOCK_ST_TO_CRTERROR(conn->xprt_st);
3769
smp->flags = 0;
3770
3771
return 1;
3772
}
3773
3774
/* integer, returns the verify result on client cert */
3775
static int
3776
smp_fetch_ssl_c_verify(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
3777
const struct arg *args, struct sample *smp, const char *kw)
3778
{
3779
struct connection *conn;
3780
3781
if (!l4)
3782
return 0;
3783
3784
conn = objt_conn(l4->si[0].end);
3785
if (!conn || conn->xprt != &ssl_sock)
3786
return 0;
3787
3788
if (!(conn->flags & CO_FL_CONNECTED)) {
3789
smp->flags = SMP_F_MAY_CHANGE;
3790
return 0;
3791
}
3792
3793
if (!conn->xprt_ctx)
3794
return 0;
3795
3796
smp->type = SMP_T_UINT;
3797
smp->data.uint = (unsigned int)SSL_get_verify_result(conn->xprt_ctx);
3798
smp->flags = 0;
3799
3800
return 1;
3801
}
3802
3803
/* parse the "ca-file" bind keyword */
3804
static int bind_parse_ca_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3805
{
3806
if (!*args[cur_arg + 1]) {
3807
if (err)
3808
memprintf(err, "'%s' : missing CAfile path", args[cur_arg]);
3809
return ERR_ALERT | ERR_FATAL;
3810
}
3811
3812
if ((*args[cur_arg + 1] != '/') && global.ca_base)
3813
memprintf(&conf->ca_file, "%s/%s", global.ca_base, args[cur_arg + 1]);
3814
else
3815
memprintf(&conf->ca_file, "%s", args[cur_arg + 1]);
3816
3817
return 0;
3818
}
3819
3820
/* parse the "ciphers" bind keyword */
3821
static int bind_parse_ciphers(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3822
{
3823
if (!*args[cur_arg + 1]) {
3824
memprintf(err, "'%s' : missing cipher suite", args[cur_arg]);
3825
return ERR_ALERT | ERR_FATAL;
3826
}
3827
3828
free(conf->ciphers);
3829
conf->ciphers = strdup(args[cur_arg + 1]);
3830
return 0;
3831
}
3832
3833
/* parse the "crt" bind keyword */
3834
static int bind_parse_crt(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3835
{
3836
char path[MAXPATHLEN];
3837
3838
if (!*args[cur_arg + 1]) {
3839
memprintf(err, "'%s' : missing certificate location", args[cur_arg]);
3840
return ERR_ALERT | ERR_FATAL;
3841
}
3842
3843
if ((*args[cur_arg + 1] != '/' ) && global.crt_base) {
3844
if ((strlen(global.crt_base) + 1 + strlen(args[cur_arg + 1]) + 1) > MAXPATHLEN) {
3845
memprintf(err, "'%s' : path too long", args[cur_arg]);
3846
return ERR_ALERT | ERR_FATAL;
3847
}
3848
snprintf(path, sizeof(path), "%s/%s", global.crt_base, args[cur_arg + 1]);
3849
if (ssl_sock_load_cert(path, conf, px, err) > 0)
3850
return ERR_ALERT | ERR_FATAL;
3851
3852
return 0;
3853
}
3854
3855
if (ssl_sock_load_cert(args[cur_arg + 1], conf, px, err) > 0)
3856
return ERR_ALERT | ERR_FATAL;
3857
3858
return 0;
3859
}
3860
3861
/* parse the "crt-list" bind keyword */
3862
static int bind_parse_crt_list(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3863
{
3864
if (!*args[cur_arg + 1]) {
3865
memprintf(err, "'%s' : missing certificate location", args[cur_arg]);
3866
return ERR_ALERT | ERR_FATAL;
3867
}
3868
3869
if (ssl_sock_load_cert_list_file(args[cur_arg + 1], conf, px, err) > 0) {
3870
memprintf(err, "'%s' : %s", args[cur_arg], *err);
3871
return ERR_ALERT | ERR_FATAL;
3872
}
3873
3874
return 0;
3875
}
3876
3877
/* parse the "crl-file" bind keyword */
3878
static int bind_parse_crl_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3879
{
3880
#ifndef X509_V_FLAG_CRL_CHECK
3881
if (err)
3882
memprintf(err, "'%s' : library does not support CRL verify", args[cur_arg]);
3883
return ERR_ALERT | ERR_FATAL;
3884
#else
3885
if (!*args[cur_arg + 1]) {
3886
if (err)
3887
memprintf(err, "'%s' : missing CRLfile path", args[cur_arg]);
3888
return ERR_ALERT | ERR_FATAL;
3889
}
3890
3891
if ((*args[cur_arg + 1] != '/') && global.ca_base)
3892
memprintf(&conf->crl_file, "%s/%s", global.ca_base, args[cur_arg + 1]);
3893
else
3894
memprintf(&conf->crl_file, "%s", args[cur_arg + 1]);
3895
3896
return 0;
3897
#endif
3898
}
3899
3900
/* parse the "ecdhe" bind keyword keywords */
3901
static int bind_parse_ecdhe(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3902
{
3903
#if OPENSSL_VERSION_NUMBER < 0x0090800fL
3904
if (err)
3905
memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (too old)", args[cur_arg]);
3906
return ERR_ALERT | ERR_FATAL;
3907
#elif defined(OPENSSL_NO_ECDH)
3908
if (err)
3909
memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (disabled via OPENSSL_NO_ECDH)", args[cur_arg]);
3910
return ERR_ALERT | ERR_FATAL;
3911
#else
3912
if (!*args[cur_arg + 1]) {
3913
if (err)
3914
memprintf(err, "'%s' : missing named curve", args[cur_arg]);
3915
return ERR_ALERT | ERR_FATAL;
3916
}
3917
3918
conf->ecdhe = strdup(args[cur_arg + 1]);
3919
3920
return 0;
3921
#endif
3922
}
3923
3924
/* parse the "crt_ignerr" and "ca_ignerr" bind keywords */
3925
static int bind_parse_ignore_err(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3926
{
3927
int code;
3928
char *p = args[cur_arg + 1];
3929
unsigned long long *ignerr = &conf->crt_ignerr;
3930
3931
if (!*p) {
3932
if (err)
3933
memprintf(err, "'%s' : missing error IDs list", args[cur_arg]);
3934
return ERR_ALERT | ERR_FATAL;
3935
}
3936
3937
if (strcmp(args[cur_arg], "ca-ignore-err") == 0)
3938
ignerr = &conf->ca_ignerr;
3939
3940
if (strcmp(p, "all") == 0) {
3941
*ignerr = ~0ULL;
3942
return 0;
3943
}
3944
3945
while (p) {
3946
code = atoi(p);
3947
if ((code <= 0) || (code > 63)) {
3948
if (err)
3949
memprintf(err, "'%s' : ID '%d' out of range (1..63) in error IDs list '%s'",
3950
args[cur_arg], code, args[cur_arg + 1]);
3951
return ERR_ALERT | ERR_FATAL;
3952
}
3953
*ignerr |= 1ULL << code;
3954
p = strchr(p, ',');
3955
if (p)
3956
p++;
3957
}
3958
3959
return 0;
3960
}
3961
3962
/* parse the "force-sslv3" bind keyword */
3963
static int bind_parse_force_sslv3(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3964
{
3965
conf->ssl_options |= BC_SSL_O_USE_SSLV3;
3966
return 0;
3967
}
3968
3969
/* parse the "force-tlsv10" bind keyword */
3970
static int bind_parse_force_tlsv10(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3971
{
3972
conf->ssl_options |= BC_SSL_O_USE_TLSV10;
3973
return 0;
3974
}
3975
3976
/* parse the "force-tlsv11" bind keyword */
3977
static int bind_parse_force_tlsv11(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3978
{
3979
#if SSL_OP_NO_TLSv1_1
3980
conf->ssl_options |= BC_SSL_O_USE_TLSV11;
3981
return 0;
3982
#else
3983
if (err)
3984
memprintf(err, "'%s' : library does not support protocol TLSv1.1", args[cur_arg]);
3985
return ERR_ALERT | ERR_FATAL;
3986
#endif
3987
}
3988
3989
/* parse the "force-tlsv12" bind keyword */
3990
static int bind_parse_force_tlsv12(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
3991
{
3992
#if SSL_OP_NO_TLSv1_2
3993
conf->ssl_options |= BC_SSL_O_USE_TLSV12;
3994
return 0;
3995
#else
3996
if (err)
3997
memprintf(err, "'%s' : library does not support protocol TLSv1.2", args[cur_arg]);
3998
return ERR_ALERT | ERR_FATAL;
3999
#endif
4000
}
4001
4002
4003
/* parse the "no-tls-tickets" bind keyword */
4004
static int bind_parse_no_tls_tickets(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4005
{
4006
conf->ssl_options |= BC_SSL_O_NO_TLS_TICKETS;
4007
return 0;
4008
}
4009
4010
4011
/* parse the "no-sslv3" bind keyword */
4012
static int bind_parse_no_sslv3(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4013
{
4014
conf->ssl_options |= BC_SSL_O_NO_SSLV3;
4015
return 0;
4016
}
4017
4018
/* parse the "no-tlsv10" bind keyword */
4019
static int bind_parse_no_tlsv10(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4020
{
4021
conf->ssl_options |= BC_SSL_O_NO_TLSV10;
4022
return 0;
4023
}
4024
4025
/* parse the "no-tlsv11" bind keyword */
4026
static int bind_parse_no_tlsv11(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4027
{
4028
conf->ssl_options |= BC_SSL_O_NO_TLSV11;
4029
return 0;
4030
}
4031
4032
/* parse the "no-tlsv12" bind keyword */
4033
static int bind_parse_no_tlsv12(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4034
{
4035
conf->ssl_options |= BC_SSL_O_NO_TLSV12;
4036
return 0;
4037
}
4038
4039
/* parse the "npn" bind keyword */
4040
static int bind_parse_npn(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4041
{
4042
#ifdef OPENSSL_NPN_NEGOTIATED
4043
char *p1, *p2;
4044
4045
if (!*args[cur_arg + 1]) {
4046
memprintf(err, "'%s' : missing the comma-delimited NPN protocol suite", args[cur_arg]);
4047
return ERR_ALERT | ERR_FATAL;
4048
}
4049
4050
free(conf->npn_str);
4051
4052
/* the NPN string is built as a suite of (<len> <name>)* */
4053
conf->npn_len = strlen(args[cur_arg + 1]) + 1;
4054
conf->npn_str = calloc(1, conf->npn_len);
4055
memcpy(conf->npn_str + 1, args[cur_arg + 1], conf->npn_len);
4056
4057
/* replace commas with the name length */
4058
p1 = conf->npn_str;
4059
p2 = p1 + 1;
4060
while (1) {
4061
p2 = memchr(p1 + 1, ',', conf->npn_str + conf->npn_len - (p1 + 1));
4062
if (!p2)
4063
p2 = p1 + 1 + strlen(p1 + 1);
4064
4065
if (p2 - (p1 + 1) > 255) {
4066
*p2 = '\0';
4067
memprintf(err, "'%s' : NPN protocol name too long : '%s'", args[cur_arg], p1 + 1);
4068
return ERR_ALERT | ERR_FATAL;
4069
}
4070
4071
*p1 = p2 - (p1 + 1);
4072
p1 = p2;
4073
4074
if (!*p2)
4075
break;
4076
4077
*(p2++) = '\0';
4078
}
4079
return 0;
4080
#else
4081
if (err)
4082
memprintf(err, "'%s' : library does not support TLS NPN extension", args[cur_arg]);
4083
return ERR_ALERT | ERR_FATAL;
4084
#endif
4085
}
4086
4087
/* parse the "alpn" bind keyword */
4088
static int bind_parse_alpn(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4089
{
4090
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
4091
char *p1, *p2;
4092
4093
if (!*args[cur_arg + 1]) {
4094
memprintf(err, "'%s' : missing the comma-delimited ALPN protocol suite", args[cur_arg]);
4095
return ERR_ALERT | ERR_FATAL;
4096
}
4097
4098
free(conf->alpn_str);
4099
4100
/* the ALPN string is built as a suite of (<len> <name>)* */
4101
conf->alpn_len = strlen(args[cur_arg + 1]) + 1;
4102
conf->alpn_str = calloc(1, conf->alpn_len);
4103
memcpy(conf->alpn_str + 1, args[cur_arg + 1], conf->alpn_len);
4104
4105
/* replace commas with the name length */
4106
p1 = conf->alpn_str;
4107
p2 = p1 + 1;
4108
while (1) {
4109
p2 = memchr(p1 + 1, ',', conf->alpn_str + conf->alpn_len - (p1 + 1));
4110
if (!p2)
4111
p2 = p1 + 1 + strlen(p1 + 1);
4112
4113
if (p2 - (p1 + 1) > 255) {
4114
*p2 = '\0';
4115
memprintf(err, "'%s' : ALPN protocol name too long : '%s'", args[cur_arg], p1 + 1);
4116
return ERR_ALERT | ERR_FATAL;
4117
}
4118
4119
*p1 = p2 - (p1 + 1);
4120
p1 = p2;
4121
4122
if (!*p2)
4123
break;
4124
4125
*(p2++) = '\0';
4126
}
4127
return 0;
4128
#else
4129
if (err)
4130
memprintf(err, "'%s' : library does not support TLS ALPN extension", args[cur_arg]);
4131
return ERR_ALERT | ERR_FATAL;
4132
#endif
4133
}
4134
4135
/* parse the "ssl" bind keyword */
4136
static int bind_parse_ssl(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4137
{
4138
struct listener *l;
4139
4140
conf->is_ssl = 1;
4141
4142
if (global.listen_default_ciphers && !conf->ciphers)
4143
conf->ciphers = strdup(global.listen_default_ciphers);
4144
conf->ssl_options |= global.listen_default_ssloptions;
4145
4146
list_for_each_entry(l, &conf->listeners, by_bind)
4147
l->xprt = &ssl_sock;
4148
4149
return 0;
4150
}
4151
4152
/* parse the "strict-sni" bind keyword */
4153
static int bind_parse_strict_sni(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4154
{
4155
conf->strict_sni = 1;
4156
return 0;
4157
}
4158
4159
/* parse the "verify" bind keyword */
4160
static int bind_parse_verify(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4161
{
4162
if (!*args[cur_arg + 1]) {
4163
if (err)
4164
memprintf(err, "'%s' : missing verify method", args[cur_arg]);
4165
return ERR_ALERT | ERR_FATAL;
4166
}
4167
4168
if (strcmp(args[cur_arg + 1], "none") == 0)
4169
conf->verify = SSL_SOCK_VERIFY_NONE;
4170
else if (strcmp(args[cur_arg + 1], "optional") == 0)
4171
conf->verify = SSL_SOCK_VERIFY_OPTIONAL;
4172
else if (strcmp(args[cur_arg + 1], "required") == 0)
4173
conf->verify = SSL_SOCK_VERIFY_REQUIRED;
4174
else {
4175
if (err)
4176
memprintf(err, "'%s' : unknown verify method '%s', only 'none', 'optional', and 'required' are supported\n",
4177
args[cur_arg], args[cur_arg + 1]);
4178
return ERR_ALERT | ERR_FATAL;
4179
}
4180
4181
return 0;
4182
}
4183
4184
/************** "server" keywords ****************/
4185
4186
/* parse the "ca-file" server keyword */
4187
static int srv_parse_ca_file(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4188
{
4189
if (!*args[*cur_arg + 1]) {
4190
if (err)
4191
memprintf(err, "'%s' : missing CAfile path", args[*cur_arg]);
4192
return ERR_ALERT | ERR_FATAL;
4193
}
4194
4195
if ((*args[*cur_arg + 1] != '/') && global.ca_base)
4196
memprintf(&newsrv->ssl_ctx.ca_file, "%s/%s", global.ca_base, args[*cur_arg + 1]);
4197
else
4198
memprintf(&newsrv->ssl_ctx.ca_file, "%s", args[*cur_arg + 1]);
4199
4200
return 0;
4201
}
4202
4203
/* parse the "check-ssl" server keyword */
4204
static int srv_parse_check_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4205
{
4206
newsrv->check.use_ssl = 1;
4207
if (global.connect_default_ciphers && !newsrv->ssl_ctx.ciphers)
4208
newsrv->ssl_ctx.ciphers = strdup(global.connect_default_ciphers);
4209
newsrv->ssl_ctx.options |= global.connect_default_ssloptions;
4210
return 0;
4211
}
4212
4213
/* parse the "ciphers" server keyword */
4214
static int srv_parse_ciphers(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4215
{
4216
if (!*args[*cur_arg + 1]) {
4217
memprintf(err, "'%s' : missing cipher suite", args[*cur_arg]);
4218
return ERR_ALERT | ERR_FATAL;
4219
}
4220
4221
free(newsrv->ssl_ctx.ciphers);
4222
newsrv->ssl_ctx.ciphers = strdup(args[*cur_arg + 1]);
4223
return 0;
4224
}
4225
4226
/* parse the "crl-file" server keyword */
4227
static int srv_parse_crl_file(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4228
{
4229
#ifndef X509_V_FLAG_CRL_CHECK
4230
if (err)
4231
memprintf(err, "'%s' : library does not support CRL verify", args[*cur_arg]);
4232
return ERR_ALERT | ERR_FATAL;
4233
#else
4234
if (!*args[*cur_arg + 1]) {
4235
if (err)
4236
memprintf(err, "'%s' : missing CRLfile path", args[*cur_arg]);
4237
return ERR_ALERT | ERR_FATAL;
4238
}
4239
4240
if ((*args[*cur_arg + 1] != '/') && global.ca_base)
4241
memprintf(&newsrv->ssl_ctx.crl_file, "%s/%s", global.ca_base, args[*cur_arg + 1]);
4242
else
4243
memprintf(&newsrv->ssl_ctx.crl_file, "%s", args[*cur_arg + 1]);
4244
4245
return 0;
4246
#endif
4247
}
4248
4249
/* parse the "crt" server keyword */
4250
static int srv_parse_crt(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4251
{
4252
if (!*args[*cur_arg + 1]) {
4253
if (err)
4254
memprintf(err, "'%s' : missing certificate file path", args[*cur_arg]);
4255
return ERR_ALERT | ERR_FATAL;
4256
}
4257
4258
if ((*args[*cur_arg + 1] != '/') && global.crt_base)
4259
memprintf(&newsrv->ssl_ctx.client_crt, "%s/%s", global.ca_base, args[*cur_arg + 1]);
4260
else
4261
memprintf(&newsrv->ssl_ctx.client_crt, "%s", args[*cur_arg + 1]);
4262
4263
return 0;
4264
}
4265
4266
/* parse the "force-sslv3" server keyword */
4267
static int srv_parse_force_sslv3(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4268
{
4269
newsrv->ssl_ctx.options |= SRV_SSL_O_USE_SSLV3;
4270
return 0;
4271
}
4272
4273
/* parse the "force-tlsv10" server keyword */
4274
static int srv_parse_force_tlsv10(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4275
{
4276
newsrv->ssl_ctx.options |= SRV_SSL_O_USE_TLSV10;
4277
return 0;
4278
}
4279
4280
/* parse the "force-tlsv11" server keyword */
4281
static int srv_parse_force_tlsv11(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4282
{
4283
#if SSL_OP_NO_TLSv1_1
4284
newsrv->ssl_ctx.options |= SRV_SSL_O_USE_TLSV11;
4285
return 0;
4286
#else
4287
if (err)
4288
memprintf(err, "'%s' : library does not support protocol TLSv1.1", args[*cur_arg]);
4289
return ERR_ALERT | ERR_FATAL;
4290
#endif
4291
}
4292
4293
/* parse the "force-tlsv12" server keyword */
4294
static int srv_parse_force_tlsv12(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4295
{
4296
#if SSL_OP_NO_TLSv1_2
4297
newsrv->ssl_ctx.options |= SRV_SSL_O_USE_TLSV12;
4298
return 0;
4299
#else
4300
if (err)
4301
memprintf(err, "'%s' : library does not support protocol TLSv1.2", args[*cur_arg]);
4302
return ERR_ALERT | ERR_FATAL;
4303
#endif
4304
}
4305
4306
/* parse the "no-sslv3" server keyword */
4307
static int srv_parse_no_sslv3(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4308
{
4309
newsrv->ssl_ctx.options |= SRV_SSL_O_NO_SSLV3;
4310
return 0;
4311
}
4312
4313
/* parse the "no-tlsv10" server keyword */
4314
static int srv_parse_no_tlsv10(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4315
{
4316
newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLSV10;
4317
return 0;
4318
}
4319
4320
/* parse the "no-tlsv11" server keyword */
4321
static int srv_parse_no_tlsv11(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4322
{
4323
newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLSV11;
4324
return 0;
4325
}
4326
4327
/* parse the "no-tlsv12" server keyword */
4328
static int srv_parse_no_tlsv12(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4329
{
4330
newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLSV12;
4331
return 0;
4332
}
4333
4334
/* parse the "no-tls-tickets" server keyword */
4335
static int srv_parse_no_tls_tickets(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4336
{
4337
newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLS_TICKETS;
4338
return 0;
4339
}
4340
/* parse the "send-proxy-v2-ssl" server keyword */
4341
static int srv_parse_send_proxy_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4342
{
4343
newsrv->pp_opts |= SRV_PP_V2;
4344
newsrv->pp_opts |= SRV_PP_V2_SSL;
4345
return 0;
4346
}
4347
4348
/* parse the "send-proxy-v2-ssl-cn" server keyword */
4349
static int srv_parse_send_proxy_cn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4350
{
4351
newsrv->pp_opts |= SRV_PP_V2;
4352
newsrv->pp_opts |= SRV_PP_V2_SSL;
4353
newsrv->pp_opts |= SRV_PP_V2_SSL_CN;
4354
return 0;
4355
}
4356
4357
/* parse the "ssl" server keyword */
4358
static int srv_parse_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4359
{
4360
newsrv->use_ssl = 1;
4361
if (global.connect_default_ciphers && !newsrv->ssl_ctx.ciphers)
4362
newsrv->ssl_ctx.ciphers = strdup(global.connect_default_ciphers);
4363
return 0;
4364
}
4365
4366
/* parse the "verify" server keyword */
4367
static int srv_parse_verify(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4368
{
4369
if (!*args[*cur_arg + 1]) {
4370
if (err)
4371
memprintf(err, "'%s' : missing verify method", args[*cur_arg]);
4372
return ERR_ALERT | ERR_FATAL;
4373
}
4374
4375
if (strcmp(args[*cur_arg + 1], "none") == 0)
4376
newsrv->ssl_ctx.verify = SSL_SOCK_VERIFY_NONE;
4377
else if (strcmp(args[*cur_arg + 1], "required") == 0)
4378
newsrv->ssl_ctx.verify = SSL_SOCK_VERIFY_REQUIRED;
4379
else {
4380
if (err)
4381
memprintf(err, "'%s' : unknown verify method '%s', only 'none' and 'required' are supported\n",
4382
args[*cur_arg], args[*cur_arg + 1]);
4383
return ERR_ALERT | ERR_FATAL;
4384
}
4385
4386
return 0;
4387
}
4388
4389
/* parse the "verifyhost" server keyword */
4390
static int srv_parse_verifyhost(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4391
{
4392
if (!*args[*cur_arg + 1]) {
4393
if (err)
4394
memprintf(err, "'%s' : missing hostname to verify against", args[*cur_arg]);
4395
return ERR_ALERT | ERR_FATAL;
4396
}
4397
4398
newsrv->ssl_ctx.verify_host = strdup(args[*cur_arg + 1]);
4399
4400
return 0;
4401
}
4402
4403
/* parse the "ssl-default-bind-options" keyword in global section */
4404
static int ssl_parse_default_bind_options(char **args, int section_type, struct proxy *curpx,
4405
struct proxy *defpx, const char *file, int line,
4406
char **err) {
4407
int i = 1;
4408
4409
if (*(args[i]) == 0) {
4410
memprintf(err, "global statement '%s' expects an option as an argument.", args[0]);
4411
return -1;
4412
}
4413
while (*(args[i])) {
4414
if (!strcmp(args[i], "no-sslv3"))
4415
global.listen_default_ssloptions |= BC_SSL_O_NO_SSLV3;
4416
else if (!strcmp(args[i], "no-tlsv10"))
4417
global.listen_default_ssloptions |= BC_SSL_O_NO_TLSV10;
4418
else if (!strcmp(args[i], "no-tlsv11"))
4419
global.listen_default_ssloptions |= BC_SSL_O_NO_TLSV11;
4420
else if (!strcmp(args[i], "no-tlsv12"))
4421
global.listen_default_ssloptions |= BC_SSL_O_NO_TLSV12;
4422
else if (!strcmp(args[i], "force-sslv3"))
4423
global.listen_default_ssloptions |= BC_SSL_O_USE_SSLV3;
4424
else if (!strcmp(args[i], "force-tlsv10"))
4425
global.listen_default_ssloptions |= BC_SSL_O_USE_TLSV10;
4426
else if (!strcmp(args[i], "force-tlsv11")) {
4427
#if SSL_OP_NO_TLSv1_1
4428
global.listen_default_ssloptions |= BC_SSL_O_USE_TLSV11;
4429
#else
4430
memprintf(err, "'%s' '%s': library does not support protocol TLSv1.1", args[0], args[i]);
4431
return -1;
4432
#endif
4433
}
4434
else if (!strcmp(args[i], "force-tlsv12")) {
4435
#if SSL_OP_NO_TLSv1_2
4436
global.listen_default_ssloptions |= BC_SSL_O_USE_TLSV12;
4437
#else
4438
memprintf(err, "'%s' '%s': library does not support protocol TLSv1.2", args[0], args[i]);
4439
return -1;
4440
#endif
4441
}
4442
else if (!strcmp(args[i], "no-tls-tickets"))
4443
global.listen_default_ssloptions |= BC_SSL_O_NO_TLS_TICKETS;
4444
else {
4445
memprintf(err, "unknown option '%s' on global statement '%s'.", args[i], args[0]);
4446
return -1;
4447
}
4448
i++;
4449
}
4450
return 0;
4451
}
4452
4453
/* parse the "ssl-default-server-options" keyword in global section */
4454
static int ssl_parse_default_server_options(char **args, int section_type, struct proxy *curpx,
4455
struct proxy *defpx, const char *file, int line,
4456
char **err) {
4457
int i = 1;
4458
4459
if (*(args[i]) == 0) {
4460
memprintf(err, "global statement '%s' expects an option as an argument.", args[0]);
4461
return -1;
4462
}
4463
while (*(args[i])) {
4464
if (!strcmp(args[i], "no-sslv3"))
4465
global.connect_default_ssloptions |= SRV_SSL_O_NO_SSLV3;
4466
else if (!strcmp(args[i], "no-tlsv10"))
4467
global.connect_default_ssloptions |= SRV_SSL_O_NO_TLSV10;
4468
else if (!strcmp(args[i], "no-tlsv11"))
4469
global.connect_default_ssloptions |= SRV_SSL_O_NO_TLSV11;
4470
else if (!strcmp(args[i], "no-tlsv12"))
4471
global.connect_default_ssloptions |= SRV_SSL_O_NO_TLSV12;
4472
else if (!strcmp(args[i], "force-sslv3"))
4473
global.connect_default_ssloptions |= SRV_SSL_O_USE_SSLV3;
4474
else if (!strcmp(args[i], "force-tlsv10"))
4475
global.connect_default_ssloptions |= SRV_SSL_O_USE_TLSV10;
4476
else if (!strcmp(args[i], "force-tlsv11")) {
4477
#if SSL_OP_NO_TLSv1_1
4478
global.connect_default_ssloptions |= SRV_SSL_O_USE_TLSV11;
4479
#else
4480
memprintf(err, "'%s' '%s': library does not support protocol TLSv1.1", args[0], args[i]);
4481
return -1;
4482
#endif
4483
}
4484
else if (!strcmp(args[i], "force-tlsv12")) {
4485
#if SSL_OP_NO_TLSv1_2
4486
global.connect_default_ssloptions |= SRV_SSL_O_USE_TLSV12;
4487
#else
4488
memprintf(err, "'%s' '%s': library does not support protocol TLSv1.2", args[0], args[i]);
4489
return -1;
4490
#endif
4491
}
4492
else if (!strcmp(args[i], "no-tls-tickets"))
4493
global.connect_default_ssloptions |= SRV_SSL_O_NO_TLS_TICKETS;
4494
else {
4495
memprintf(err, "unknown option '%s' on global statement '%s'.", args[i], args[0]);
4496
return -1;
4497
}
4498
i++;
4499
}
4500
return 0;
4501
}
4502
4503
/* Note: must not be declared <const> as its list will be overwritten.
4504
* Please take care of keeping this list alphabetically sorted.
4505
*/
4506
static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
4507
{ "ssl_bc", smp_fetch_ssl_fc, 0, NULL, SMP_T_BOOL, SMP_USE_L5SRV },
4508
{ "ssl_bc_alg_keysize", smp_fetch_ssl_fc_alg_keysize, 0, NULL, SMP_T_UINT, SMP_USE_L5SRV },
4509
{ "ssl_bc_cipher", smp_fetch_ssl_fc_cipher, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
4510
{ "ssl_bc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
4511
{ "ssl_bc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
4512
{ "ssl_bc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_UINT, SMP_USE_L5SRV },
4513
{ "ssl_bc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
4514
{ "ssl_c_ca_err", smp_fetch_ssl_c_ca_err, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4515
{ "ssl_c_ca_err_depth", smp_fetch_ssl_c_ca_err_depth, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4516
{ "ssl_c_der", smp_fetch_ssl_x_der, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4517
{ "ssl_c_err", smp_fetch_ssl_c_err, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4518
{ "ssl_c_i_dn", smp_fetch_ssl_x_i_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
4519
{ "ssl_c_key_alg", smp_fetch_ssl_x_key_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4520
{ "ssl_c_notafter", smp_fetch_ssl_x_notafter, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4521
{ "ssl_c_notbefore", smp_fetch_ssl_x_notbefore, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4522
{ "ssl_c_sig_alg", smp_fetch_ssl_x_sig_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4523
{ "ssl_c_s_dn", smp_fetch_ssl_x_s_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
4524
{ "ssl_c_serial", smp_fetch_ssl_x_serial, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4525
{ "ssl_c_sha1", smp_fetch_ssl_x_sha1, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4526
{ "ssl_c_used", smp_fetch_ssl_c_used, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
4527
{ "ssl_c_verify", smp_fetch_ssl_c_verify, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4528
{ "ssl_c_version", smp_fetch_ssl_x_version, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4529
{ "ssl_f_der", smp_fetch_ssl_x_der, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4530
{ "ssl_f_i_dn", smp_fetch_ssl_x_i_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
4531
{ "ssl_f_key_alg", smp_fetch_ssl_x_key_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4532
{ "ssl_f_notafter", smp_fetch_ssl_x_notafter, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4533
{ "ssl_f_notbefore", smp_fetch_ssl_x_notbefore, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4534
{ "ssl_f_sig_alg", smp_fetch_ssl_x_sig_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4535
{ "ssl_f_s_dn", smp_fetch_ssl_x_s_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
4536
{ "ssl_f_serial", smp_fetch_ssl_x_serial, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4537
{ "ssl_f_sha1", smp_fetch_ssl_x_sha1, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4538
{ "ssl_f_version", smp_fetch_ssl_x_version, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4539
{ "ssl_fc", smp_fetch_ssl_fc, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
4540
{ "ssl_fc_alg_keysize", smp_fetch_ssl_fc_alg_keysize, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4541
{ "ssl_fc_cipher", smp_fetch_ssl_fc_cipher, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4542
{ "ssl_fc_has_crt", smp_fetch_ssl_fc_has_crt, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
4543
{ "ssl_fc_has_sni", smp_fetch_ssl_fc_has_sni, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
4544
#ifdef OPENSSL_NPN_NEGOTIATED
4545
{ "ssl_fc_npn", smp_fetch_ssl_fc_npn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4546
#endif
4547
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
4548
{ "ssl_fc_alpn", smp_fetch_ssl_fc_alpn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4549
#endif
4550
{ "ssl_fc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4551
{ "ssl_fc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4552
{ "ssl_fc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4553
{ "ssl_fc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4554
{ "ssl_fc_sni", smp_fetch_ssl_fc_sni, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4555
{ NULL, NULL, 0, 0, 0 },
4556
}};
4557
4558
/* Note: must not be declared <const> as its list will be overwritten.
4559
* Please take care of keeping this list alphabetically sorted.
4560
*/
4561
static struct acl_kw_list acl_kws = {ILH, {
4562
{ "ssl_fc_sni_end", "ssl_fc_sni", PAT_MATCH_END },
4563
{ "ssl_fc_sni_reg", "ssl_fc_sni", PAT_MATCH_REG },
4564
{ /* END */ },
4565
}};
4566
4567
/* Note: must not be declared <const> as its list will be overwritten.
4568
* Please take care of keeping this list alphabetically sorted, doing so helps
4569
* all code contributors.
4570
* Optional keywords are also declared with a NULL ->parse() function so that
4571
* the config parser can report an appropriate error when a known keyword was
4572
* not enabled.
4573
*/
4574
static struct bind_kw_list bind_kws = { "SSL", { }, {
4575
{ "alpn", bind_parse_alpn, 1 }, /* set ALPN supported protocols */
4576
{ "ca-file", bind_parse_ca_file, 1 }, /* set CAfile to process verify on client cert */
4577
{ "ca-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ignore on verify depth > 0 */
4578
{ "ciphers", bind_parse_ciphers, 1 }, /* set SSL cipher suite */
4579
{ "crl-file", bind_parse_crl_file, 1 }, /* set certificat revocation list file use on client cert verify */
4580
{ "crt", bind_parse_crt, 1 }, /* load SSL certificates from this location */
4581
{ "crt-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ingore on verify depth == 0 */
4582
{ "crt-list", bind_parse_crt_list, 1 }, /* load a list of crt from this location */
4583
{ "ecdhe", bind_parse_ecdhe, 1 }, /* defines named curve for elliptic curve Diffie-Hellman */
4584
{ "force-sslv3", bind_parse_force_sslv3, 0 }, /* force SSLv3 */
4585
{ "force-tlsv10", bind_parse_force_tlsv10, 0 }, /* force TLSv10 */
4586
{ "force-tlsv11", bind_parse_force_tlsv11, 0 }, /* force TLSv11 */
4587
{ "force-tlsv12", bind_parse_force_tlsv12, 0 }, /* force TLSv12 */
4588
{ "no-sslv3", bind_parse_no_sslv3, 0 }, /* disable SSLv3 */
4589
{ "no-tlsv10", bind_parse_no_tlsv10, 0 }, /* disable TLSv10 */
4590
{ "no-tlsv11", bind_parse_no_tlsv11, 0 }, /* disable TLSv11 */
4591
{ "no-tlsv12", bind_parse_no_tlsv12, 0 }, /* disable TLSv12 */
4592
{ "no-tls-tickets", bind_parse_no_tls_tickets, 0 }, /* disable session resumption tickets */
4593
{ "ssl", bind_parse_ssl, 0 }, /* enable SSL processing */
4594
{ "strict-sni", bind_parse_strict_sni, 0 }, /* refuse negotiation if sni doesn't match a certificate */
4595
{ "verify", bind_parse_verify, 1 }, /* set SSL verify method */
4596
{ "npn", bind_parse_npn, 1 }, /* set NPN supported protocols */
4597
{ NULL, NULL, 0 },
4598
}};
4599
4600
/* Note: must not be declared <const> as its list will be overwritten.
4601
* Please take care of keeping this list alphabetically sorted, doing so helps
4602
* all code contributors.
4603
* Optional keywords are also declared with a NULL ->parse() function so that
4604
* the config parser can report an appropriate error when a known keyword was
4605
* not enabled.
4606
*/
4607
static struct srv_kw_list srv_kws = { "SSL", { }, {
4608
{ "ca-file", srv_parse_ca_file, 1, 0 }, /* set CAfile to process verify server cert */
4609
{ "check-ssl", srv_parse_check_ssl, 0, 0 }, /* enable SSL for health checks */
4610
{ "ciphers", srv_parse_ciphers, 1, 0 }, /* select the cipher suite */
4611
{ "crl-file", srv_parse_crl_file, 1, 0 }, /* set certificate revocation list file use on server cert verify */
4612
{ "crt", srv_parse_crt, 1, 0 }, /* set client certificate */
4613
{ "force-sslv3", srv_parse_force_sslv3, 0, 0 }, /* force SSLv3 */
4614
{ "force-tlsv10", srv_parse_force_tlsv10, 0, 0 }, /* force TLSv10 */
4615
{ "force-tlsv11", srv_parse_force_tlsv11, 0, 0 }, /* force TLSv11 */
4616
{ "force-tlsv12", srv_parse_force_tlsv12, 0, 0 }, /* force TLSv12 */
4617
{ "no-sslv3", srv_parse_no_sslv3, 0, 0 }, /* disable SSLv3 */
4618
{ "no-tlsv10", srv_parse_no_tlsv10, 0, 0 }, /* disable TLSv10 */
4619
{ "no-tlsv11", srv_parse_no_tlsv11, 0, 0 }, /* disable TLSv11 */
4620
{ "no-tlsv12", srv_parse_no_tlsv12, 0, 0 }, /* disable TLSv12 */
4621
{ "no-tls-tickets", srv_parse_no_tls_tickets, 0, 0 }, /* disable session resumption tickets */
4622
{ "send-proxy-v2-ssl", srv_parse_send_proxy_ssl, 0, 0 }, /* send PROXY protocol header v2 with SSL info */
4623
{ "send-proxy-v2-ssl-cn", srv_parse_send_proxy_cn, 0, 0 }, /* send PROXY protocol header v2 with CN */
4624
{ "ssl", srv_parse_ssl, 0, 0 }, /* enable SSL processing */
4625
{ "verify", srv_parse_verify, 1, 0 }, /* set SSL verify method */
4626
{ "verifyhost", srv_parse_verifyhost, 1, 0 }, /* require that SSL cert verifies for hostname */
4627
{ NULL, NULL, 0, 0 },
4628
}};
4629
4630
static struct cfg_kw_list cfg_kws = {ILH, {
4631
{ CFG_GLOBAL, "ssl-default-bind-options", ssl_parse_default_bind_options },
4632
{ CFG_GLOBAL, "ssl-default-server-options", ssl_parse_default_server_options },
4633
{ 0, NULL, NULL },
4634
}};
4635
4636
/* transport-layer operations for SSL sockets */
4637
struct xprt_ops ssl_sock = {
4638
.snd_buf = ssl_sock_from_buf,
4639
.rcv_buf = ssl_sock_to_buf,
4640
.rcv_pipe = NULL,
4641
.snd_pipe = NULL,
4642
.shutr = NULL,
4643
.shutw = ssl_sock_shutw,
4644
.close = ssl_sock_close,
4645
.init = ssl_sock_init,
4646
};
4647
4648
__attribute__((constructor))
4649
static void __ssl_sock_init(void)
4650
{
4651
STACK_OF(SSL_COMP)* cm;
4652
4653
#ifdef LISTEN_DEFAULT_CIPHERS
4654
global.listen_default_ciphers = LISTEN_DEFAULT_CIPHERS;
4655
#endif
4656
#ifdef CONNECT_DEFAULT_CIPHERS
4657
global.connect_default_ciphers = CONNECT_DEFAULT_CIPHERS;
4658
#endif
4659
if (global.listen_default_ciphers)
4660
global.listen_default_ciphers = strdup(global.listen_default_ciphers);
4661
if (global.connect_default_ciphers)
4662
global.connect_default_ciphers = strdup(global.connect_default_ciphers);
4663
global.listen_default_ssloptions = BC_SSL_O_NONE;
4664
global.connect_default_ssloptions = SRV_SSL_O_NONE;
4665
4666
SSL_library_init();
4667
cm = SSL_COMP_get_compression_methods();
4668
sk_SSL_COMP_zero(cm);
4669
sample_register_fetches(&sample_fetch_keywords);
4670
acl_register_keywords(&acl_kws);
4671
bind_register_keywords(&bind_kws);
4672
srv_register_keywords(&srv_kws);
4673
cfg_register_keywords(&cfg_kws);
4674
}
4675
4676
/*
4677
* Local variables:
4678
* c-indent-level: 8
4679
* c-basic-offset: 8
4680
* End:
4681
*/
Loggerhead is a web-based interface for Breezy
Version: 2.0.1