34
35
static void setup_bio_callbacks();
35
36
static long bio_callback(
36
37
BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval);
38
static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx);
39
static int ssl_cert_digest(
40
SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str);
38
42
static int ssl_inited;
43
static struct mystr debug_str;
41
46
ssl_init(struct vsf_session* p_sess)
106
112
die("SSL: RNG is not seeded");
114
verify_option = SSL_VERIFY_PEER;
115
if (tunable_require_cert)
117
verify_option |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
119
SSL_CTX_set_verify(p_ctx, verify_option, ssl_verify_callback);
120
if (tunable_ca_certs_file)
122
if (!SSL_CTX_load_verify_locations(p_ctx, tunable_ca_certs_file, NULL))
124
die("SSL: could not load verify file");
108
127
p_sess->p_ssl_ctx = p_ctx;
125
144
struct mystr err_str = INIT_MYSTR;
126
145
str_alloc_text(&err_str, "Negotiation failed: ");
146
/* Technically, we shouldn't leak such detailed error messages. */
127
147
str_append_text(&err_str, get_ssl_error());
128
148
vsf_cmdio_write_str(p_sess, FTP_TLS_FAIL, &err_str);
129
149
vsf_sysutil_exit(0);
187
207
ssl_getline(const struct vsf_session* p_sess, struct mystr* p_str,
188
208
char end_char, char* p_buf, unsigned int buflen)
190
214
char* p_buf_start = p_buf;
191
p_buf[buflen - 1] = '\0';
215
p_buf[buflen - 1] = end_char;
219
/* Should I use SSL_peek here? Won't lack of it break pipelining? (SSL
220
* clients seem to work just fine, mind you, so maybe pipelining is banned
221
* over SSL connections. Also note that OpenSSL didn't always have
195
224
int retval = SSL_read(p_sess->p_control_ssl, p_buf, buflen);
200
p_buf[retval] = '\0';
229
p_buf[retval] = end_char;
201
230
buflen -= retval;
202
231
if (p_buf[retval - 1] == end_char || buflen == 0)
283
ssl_data_close(struct vsf_session* p_sess)
285
if (p_sess->p_data_ssl)
287
SSL_free(p_sess->p_data_ssl);
288
p_sess->p_data_ssl = NULL;
254
293
ssl_accept(struct vsf_session* p_sess, int fd)
295
/* SECURITY: data SSL connections don't have any auth on them as part of the
296
* protocol. If a client sends an unfortunately optional client cert then
297
* we can check for a match between the control and data connections.
299
if (p_sess->p_data_ssl != NULL)
301
die("p_data_ssl should be NULL.");
256
303
SSL* p_ssl = get_ssl(p_sess, fd);
257
304
if (p_ssl == NULL)
261
308
p_sess->p_data_ssl = p_ssl;
262
309
setup_bio_callbacks(p_ssl);
310
if (str_getlen(&p_sess->control_cert_digest) > 0)
312
static struct mystr data_cert_digest;
313
if (!ssl_cert_digest(p_ssl, p_sess, &data_cert_digest))
315
if (tunable_debug_ssl)
317
str_alloc_text(&debug_str, "Missing cert on data channel.");
318
vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
320
ssl_data_close(p_sess);
323
if (str_strcmp(&p_sess->control_cert_digest, &data_cert_digest))
325
if (tunable_debug_ssl)
327
str_alloc_text(&debug_str, "DIFFERENT cert on data channel.");
328
vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
330
ssl_data_close(p_sess);
333
if (tunable_debug_ssl)
335
str_alloc_text(&debug_str, "Matching cert on data channel.");
336
vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
267
ssl_data_close(struct vsf_session* p_sess)
269
SSL_free(p_sess->p_data_ssl);
273
343
ssl_comm_channel_init(struct vsf_session* p_sess)
275
345
const struct vsf_sysutil_socketpair_retval retval =
284
354
SSL* p_ssl = SSL_new(p_sess->p_ssl_ctx);
285
355
if (p_ssl == NULL)
357
if (tunable_debug_ssl)
359
str_alloc_text(&debug_str, "SSL_new failed");
360
vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
289
364
if (!SSL_set_fd(p_ssl, fd))
366
if (tunable_debug_ssl)
368
str_alloc_text(&debug_str, "SSL_set_fd failed");
369
vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
294
374
if (SSL_accept(p_ssl) != 1)
296
die(get_ssl_error());
376
const char* p_err = get_ssl_error();
377
if (tunable_debug_ssl)
379
str_alloc_text(&debug_str, "SSL_accept failed: ");
380
str_append_text(&debug_str, p_err);
381
vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
387
if (tunable_debug_ssl)
389
const char* p_ssl_version = SSL_get_cipher_version(p_ssl);
390
SSL_CIPHER* p_ssl_cipher = SSL_get_current_cipher(p_ssl);
391
const char* p_cipher_name = SSL_CIPHER_get_name(p_ssl_cipher);
392
int reused = SSL_session_reused(p_ssl);
393
X509* p_ssl_cert = SSL_get_peer_certificate(p_ssl);
394
str_alloc_text(&debug_str, "SSL version: ");
395
str_append_text(&debug_str, p_ssl_version);
396
str_append_text(&debug_str, ", SSL cipher: ");
397
str_append_text(&debug_str, p_cipher_name);
400
str_append_text(&debug_str, ", reused");
404
str_append_text(&debug_str, ", not reused");
406
if (p_ssl_cert != NULL)
408
str_append_text(&debug_str, ", CERT PRESENTED");
409
X509_free(p_ssl_cert);
413
str_append_text(&debug_str, ", no cert");
415
vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
311
428
p_sess->p_control_ssl = p_ssl;
429
(void) ssl_cert_digest(p_ssl, p_sess, &p_sess->control_cert_digest);
312
430
setup_bio_callbacks(p_ssl);
435
ssl_cert_digest(SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str)
437
X509* p_cert = SSL_get_peer_certificate(p_ssl);
438
unsigned int num_bytes = 0;
443
str_reserve(p_str, EVP_MAX_MD_SIZE);
445
str_rpad(p_str, EVP_MAX_MD_SIZE);
446
if (!X509_digest(p_cert, EVP_sha256(), (unsigned char*) str_getbuf(p_str),
449
die("X509_digest failed");
452
if (tunable_debug_ssl)
455
str_alloc_text(&debug_str, "Cert digest:");
456
for (i = 0; i < num_bytes; ++i)
458
str_append_char(&debug_str, ' ');
460
&debug_str, (unsigned long) (unsigned char) str_get_char_at(p_str, i));
462
vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
464
str_trunc(p_str, num_bytes);