blob: c3c05c157bb7972bc6d14bb5108759ec667b6970 [file] [log] [blame]
yanbzhu08ce6ab2015-12-02 13:01:29 -05001
Emeric Brun46591952012-05-18 15:47:34 +02002/*
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02003 * SSL/TLS transport layer over SOCK_STREAM sockets
Emeric Brun46591952012-05-18 15:47:34 +02004 *
5 * Copyright (C) 2012 EXCELIANCE, Emeric Brun <ebrun@exceliance.fr>
6 *
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version
10 * 2 of the License, or (at your option) any later version.
11 *
Willy Tarreau69845df2012-09-10 09:43:09 +020012 * Acknowledgement:
13 * We'd like to specially thank the Stud project authors for a very clean
14 * and well documented code which helped us understand how the OpenSSL API
15 * ought to be used in non-blocking mode. This is one difficult part which
16 * is not easy to get from the OpenSSL doc, and reading the Stud code made
17 * it much more obvious than the examples in the OpenSSL package. Keep up
18 * the good works, guys !
19 *
20 * Stud is an extremely efficient and scalable SSL/TLS proxy which combines
21 * particularly well with haproxy. For more info about this project, visit :
22 * https://github.com/bumptech/stud
23 *
Emeric Brun46591952012-05-18 15:47:34 +020024 */
25
Willy Tarreau8d164dc2019-05-10 09:35:00 +020026/* Note: do NOT include openssl/xxx.h here, do it in openssl-compat.h */
Emeric Brun46591952012-05-18 15:47:34 +020027#define _GNU_SOURCE
Emeric Brunfc0421f2012-09-07 17:30:07 +020028#include <ctype.h>
29#include <dirent.h>
Emeric Brun46591952012-05-18 15:47:34 +020030#include <errno.h>
31#include <fcntl.h>
32#include <stdio.h>
33#include <stdlib.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020034#include <string.h>
35#include <unistd.h>
Emeric Brun46591952012-05-18 15:47:34 +020036
37#include <sys/socket.h>
38#include <sys/stat.h>
39#include <sys/types.h>
Christopher Faulet31af49d2015-06-09 17:29:50 +020040#include <netdb.h>
Emeric Brun46591952012-05-18 15:47:34 +020041#include <netinet/tcp.h>
42
Christopher Faulet31af49d2015-06-09 17:29:50 +020043#include <import/lru.h>
44#include <import/xxhash.h>
45
Emeric Brun46591952012-05-18 15:47:34 +020046#include <common/buffer.h>
Willy Tarreau843b7cb2018-07-13 10:54:26 +020047#include <common/chunk.h>
Emeric Brun46591952012-05-18 15:47:34 +020048#include <common/compat.h>
49#include <common/config.h>
50#include <common/debug.h>
Willy Tarreau79eeafa2012-09-14 07:53:05 +020051#include <common/errors.h>
Willy Tarreau0108d902018-11-25 19:14:37 +010052#include <common/initcall.h>
Willy Tarreau55994562019-05-09 14:52:44 +020053#include <common/openssl-compat.h>
Emeric Brun46591952012-05-18 15:47:34 +020054#include <common/standard.h>
55#include <common/ticks.h>
56#include <common/time.h>
Emeric Brun2c86cbf2014-10-30 15:56:50 +010057#include <common/cfgparse.h>
Nenad Merdanovic05552d42015-02-27 19:56:49 +010058#include <common/base64.h>
Emeric Brun46591952012-05-18 15:47:34 +020059
Emeric Brunfc0421f2012-09-07 17:30:07 +020060#include <ebsttree.h>
61
William Lallemand32af2032016-10-29 18:09:35 +020062#include <types/applet.h>
63#include <types/cli.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020064#include <types/global.h>
65#include <types/ssl_sock.h>
William Lallemand32af2032016-10-29 18:09:35 +020066#include <types/stats.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020067
Willy Tarreau7875d092012-09-10 08:20:03 +020068#include <proto/acl.h>
69#include <proto/arg.h>
William Lallemand32af2032016-10-29 18:09:35 +020070#include <proto/channel.h>
Emeric Brun46591952012-05-18 15:47:34 +020071#include <proto/connection.h>
William Lallemand32af2032016-10-29 18:09:35 +020072#include <proto/cli.h>
Emeric Brun46591952012-05-18 15:47:34 +020073#include <proto/fd.h>
74#include <proto/freq_ctr.h>
75#include <proto/frontend.h>
Willy Tarreau61c112a2018-10-02 16:43:32 +020076#include <proto/http_rules.h>
Willy Tarreau79eeafa2012-09-14 07:53:05 +020077#include <proto/listener.h>
Thierry FOURNIERed66c292013-11-28 11:05:19 +010078#include <proto/pattern.h>
Christopher Faulet31af49d2015-06-09 17:29:50 +020079#include <proto/proto_tcp.h>
Christopher Fauletfc9cfe42019-07-16 14:54:53 +020080#include <proto/http_ana.h>
Willy Tarreau92faadf2012-10-10 23:04:25 +020081#include <proto/server.h>
William Lallemand32af2032016-10-29 18:09:35 +020082#include <proto/stream_interface.h>
Emeric Brun46591952012-05-18 15:47:34 +020083#include <proto/log.h>
Emeric Brun94324a42012-10-11 14:00:19 +020084#include <proto/proxy.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020085#include <proto/shctx.h>
Emeric Brun46591952012-05-18 15:47:34 +020086#include <proto/ssl_sock.h>
Willy Tarreau9ad7bd42015-04-03 19:19:59 +020087#include <proto/stream.h>
Emeric Brun46591952012-05-18 15:47:34 +020088#include <proto/task.h>
Nenad Merdanovicc31499d2019-03-23 11:00:32 +010089#include <proto/vars.h>
Emeric Brun46591952012-05-18 15:47:34 +020090
Willy Tarreau9356dac2019-05-10 09:22:53 +020091/* ***** READ THIS before adding code here! *****
92 *
93 * Due to API incompatibilities between multiple OpenSSL versions and their
94 * derivatives, it's often tempting to add macros to (re-)define certain
95 * symbols. Please do not do this here, and do it in common/openssl-compat.h
96 * exclusively so that the whole code consistently uses the same macros.
97 *
98 * Whenever possible if a macro is missing in certain versions, it's better
99 * to conditionally define it in openssl-compat.h than using lots of ifdefs.
100 */
101
Willy Tarreau518cedd2014-02-17 15:43:01 +0100102/* Warning, these are bits, not integers! */
Emeric Brune64aef12012-09-21 13:15:06 +0200103#define SSL_SOCK_ST_FL_VERIFY_DONE 0x00000001
Emeric Brund8b2bb52014-01-28 15:43:53 +0100104#define SSL_SOCK_ST_FL_16K_WBFSIZE 0x00000002
Willy Tarreau518cedd2014-02-17 15:43:01 +0100105#define SSL_SOCK_SEND_UNLIMITED 0x00000004
Emeric Brun29f037d2014-04-25 19:05:36 +0200106#define SSL_SOCK_RECV_HEARTBEAT 0x00000008
107
Emeric Brunf282a812012-09-21 15:27:54 +0200108/* bits 0xFFFF0000 are reserved to store verify errors */
109
110/* Verify errors macros */
111#define SSL_SOCK_CA_ERROR_TO_ST(e) (((e > 63) ? 63 : e) << (16))
112#define SSL_SOCK_CAEDEPTH_TO_ST(d) (((d > 15) ? 15 : d) << (6+16))
113#define SSL_SOCK_CRTERROR_TO_ST(e) (((e > 63) ? 63 : e) << (4+6+16))
114
115#define SSL_SOCK_ST_TO_CA_ERROR(s) ((s >> (16)) & 63)
116#define SSL_SOCK_ST_TO_CAEDEPTH(s) ((s >> (6+16)) & 15)
117#define SSL_SOCK_ST_TO_CRTERROR(s) ((s >> (4+6+16)) & 63)
Emeric Brune64aef12012-09-21 13:15:06 +0200118
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200119/* ssl_methods flags for ssl options */
120#define MC_SSL_O_ALL 0x0000
121#define MC_SSL_O_NO_SSLV3 0x0001 /* disable SSLv3 */
122#define MC_SSL_O_NO_TLSV10 0x0002 /* disable TLSv10 */
123#define MC_SSL_O_NO_TLSV11 0x0004 /* disable TLSv11 */
124#define MC_SSL_O_NO_TLSV12 0x0008 /* disable TLSv12 */
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +0200125#define MC_SSL_O_NO_TLSV13 0x0010 /* disable TLSv13 */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200126
William Lallemand3af48e72020-02-03 17:15:52 +0100127/* file to guess during file loading */
128#define SSL_GF_NONE 0x00000000 /* Don't guess any file, only open the files specified in the configuration files */
129#define SSL_GF_BUNDLE 0x00000001 /* try to open the bundles */
130#define SSL_GF_SCTL 0x00000002 /* try to open the .sctl file */
131#define SSL_GF_OCSP 0x00000004 /* try to open the .ocsp file */
132#define SSL_GF_OCSP_ISSUER 0x00000008 /* try to open the .issuer file if an OCSP file was loaded */
William Lallemand4c5adbf2020-02-24 14:23:22 +0100133#define SSL_GF_KEY 0x00000010 /* try to open the .key file to load a private key */
William Lallemand3af48e72020-02-03 17:15:52 +0100134
William Lallemand4c5adbf2020-02-24 14:23:22 +0100135#define SSL_GF_ALL (SSL_GF_BUNDLE|SSL_GF_SCTL|SSL_GF_OCSP|SSL_GF_OCSP_ISSUER|SSL_GF_KEY)
William Lallemand3af48e72020-02-03 17:15:52 +0100136
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200137/* ssl_methods versions */
138enum {
139 CONF_TLSV_NONE = 0,
140 CONF_TLSV_MIN = 1,
141 CONF_SSLV3 = 1,
142 CONF_TLSV10 = 2,
143 CONF_TLSV11 = 3,
144 CONF_TLSV12 = 4,
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +0200145 CONF_TLSV13 = 5,
146 CONF_TLSV_MAX = 5,
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200147};
148
Emeric Brun850efd52014-01-29 12:24:34 +0100149/* server and bind verify method, it uses a global value as default */
150enum {
151 SSL_SOCK_VERIFY_DEFAULT = 0,
152 SSL_SOCK_VERIFY_REQUIRED = 1,
153 SSL_SOCK_VERIFY_OPTIONAL = 2,
154 SSL_SOCK_VERIFY_NONE = 3,
155};
156
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +0100157/* issuer chain store with hash of Subject Key Identifier
158 certificate/issuer matching is verify with X509_check_issued
159*/
160struct issuer_chain {
161 struct eb64_node node;
162 STACK_OF(X509) *chain;
163 char *path;
164};
William Lallemand3f85c9a2017-10-09 16:30:50 +0200165
Willy Tarreau71b734c2014-01-28 15:19:44 +0100166int sslconns = 0;
167int totalsslconns = 0;
Willy Tarreaud9f5cca2016-12-22 21:08:52 +0100168static struct xprt_ops ssl_sock;
Emeric Brunece0c332017-12-06 13:51:49 +0100169int nb_engines = 0;
Emeric Brune1f38db2012-09-03 20:36:47 +0200170
Willy Tarreauef934602016-12-22 23:12:01 +0100171static struct {
172 char *crt_base; /* base directory path for certificates */
173 char *ca_base; /* base directory path for CAs and CRLs */
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +0100174 char *issuers_chain_path; /* from "issuers-chain-path" */
175 struct eb_root cert_issuer_tree; /* issuers tree from "issuers-chain-path" */
176
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000177 int async; /* whether we use ssl async mode */
Willy Tarreauef934602016-12-22 23:12:01 +0100178
179 char *listen_default_ciphers;
180 char *connect_default_ciphers;
Emmanuel Hocdet839af572019-05-14 16:27:35 +0200181#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200182 char *listen_default_ciphersuites;
183 char *connect_default_ciphersuites;
184#endif
Willy Tarreauef934602016-12-22 23:12:01 +0100185 int listen_default_ssloptions;
186 int connect_default_ssloptions;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200187 struct tls_version_filter listen_default_sslmethods;
188 struct tls_version_filter connect_default_sslmethods;
Willy Tarreauef934602016-12-22 23:12:01 +0100189
190 int private_cache; /* Force to use a private session cache even if nbproc > 1 */
191 unsigned int life_time; /* SSL session lifetime in seconds */
192 unsigned int max_record; /* SSL max record size */
193 unsigned int default_dh_param; /* SSL maximum DH parameter size */
194 int ctx_cache; /* max number of entries in the ssl_ctx cache. */
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100195 int capture_cipherlist; /* Size of the cipherlist buffer. */
William Lallemand3af48e72020-02-03 17:15:52 +0100196 int extra_files; /* which files not defined in the configuration file are we looking for */
Willy Tarreauef934602016-12-22 23:12:01 +0100197} global_ssl = {
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +0100198 .cert_issuer_tree = EB_ROOT,
Willy Tarreauef934602016-12-22 23:12:01 +0100199#ifdef LISTEN_DEFAULT_CIPHERS
200 .listen_default_ciphers = LISTEN_DEFAULT_CIPHERS,
201#endif
202#ifdef CONNECT_DEFAULT_CIPHERS
203 .connect_default_ciphers = CONNECT_DEFAULT_CIPHERS,
204#endif
Emmanuel Hocdet839af572019-05-14 16:27:35 +0200205#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200206#ifdef LISTEN_DEFAULT_CIPHERSUITES
207 .listen_default_ciphersuites = LISTEN_DEFAULT_CIPHERSUITES,
208#endif
209#ifdef CONNECT_DEFAULT_CIPHERSUITES
210 .connect_default_ciphersuites = CONNECT_DEFAULT_CIPHERSUITES,
211#endif
212#endif
Willy Tarreauef934602016-12-22 23:12:01 +0100213 .listen_default_ssloptions = BC_SSL_O_NONE,
214 .connect_default_ssloptions = SRV_SSL_O_NONE,
215
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200216 .listen_default_sslmethods.flags = MC_SSL_O_ALL,
217 .listen_default_sslmethods.min = CONF_TLSV_NONE,
218 .listen_default_sslmethods.max = CONF_TLSV_NONE,
219 .connect_default_sslmethods.flags = MC_SSL_O_ALL,
220 .connect_default_sslmethods.min = CONF_TLSV_NONE,
221 .connect_default_sslmethods.max = CONF_TLSV_NONE,
222
Willy Tarreauef934602016-12-22 23:12:01 +0100223#ifdef DEFAULT_SSL_MAX_RECORD
224 .max_record = DEFAULT_SSL_MAX_RECORD,
225#endif
226 .default_dh_param = SSL_DEFAULT_DH_PARAM,
227 .ctx_cache = DEFAULT_SSL_CTX_CACHE,
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100228 .capture_cipherlist = 0,
William Lallemand3af48e72020-02-03 17:15:52 +0100229 .extra_files = SSL_GF_ALL,
Willy Tarreauef934602016-12-22 23:12:01 +0100230};
231
Olivier Houcharda8955d52019-04-07 22:00:38 +0200232static BIO_METHOD *ha_meth;
233
Olivier Houchard66ab4982019-02-26 18:37:15 +0100234struct ssl_sock_ctx {
Olivier Houcharda8955d52019-04-07 22:00:38 +0200235 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100236 SSL *ssl;
Olivier Houcharda8955d52019-04-07 22:00:38 +0200237 BIO *bio;
Olivier Houchard5149b592019-05-23 17:47:36 +0200238 const struct xprt_ops *xprt;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100239 void *xprt_ctx;
Olivier Houchardea8dd942019-05-20 14:02:16 +0200240 struct wait_event wait_event;
Willy Tarreau113d52b2020-01-10 09:20:26 +0100241 struct wait_event *subs;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100242 int xprt_st; /* transport layer state, initialized to zero */
Olivier Houchard54907bb2019-12-19 15:02:39 +0100243 struct buffer early_buf; /* buffer to store the early data received */
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100244 int sent_early_data; /* Amount of early data we sent so far */
245
Olivier Houchard66ab4982019-02-26 18:37:15 +0100246};
247
248DECLARE_STATIC_POOL(ssl_sock_ctx_pool, "ssl_sock_ctx_pool", sizeof(struct ssl_sock_ctx));
249
Olivier Houchardea8dd942019-05-20 14:02:16 +0200250static struct task *ssl_sock_io_cb(struct task *, void *, unsigned short);
Olivier Houchard000694c2019-05-23 14:45:12 +0200251static int ssl_sock_handshake(struct connection *conn, unsigned int flag);
Olivier Houchardea8dd942019-05-20 14:02:16 +0200252
Olivier Houcharda8955d52019-04-07 22:00:38 +0200253/* Methods to implement OpenSSL BIO */
254static int ha_ssl_write(BIO *h, const char *buf, int num)
255{
256 struct buffer tmpbuf;
257 struct ssl_sock_ctx *ctx;
258 int ret;
259
260 ctx = BIO_get_data(h);
261 tmpbuf.size = num;
262 tmpbuf.area = (void *)(uintptr_t)buf;
263 tmpbuf.data = num;
264 tmpbuf.head = 0;
265 ret = ctx->xprt->snd_buf(ctx->conn, ctx->xprt_ctx, &tmpbuf, num, 0);
Olivier Houchardb51937e2019-05-01 17:24:36 +0200266 if (ret == 0 && !(ctx->conn->flags & (CO_FL_ERROR | CO_FL_SOCK_WR_SH))) {
Olivier Houcharda8955d52019-04-07 22:00:38 +0200267 BIO_set_retry_write(h);
Olivier Houcharda28454e2019-04-24 12:04:36 +0200268 ret = -1;
Olivier Houchardb51937e2019-05-01 17:24:36 +0200269 } else if (ret == 0)
270 BIO_clear_retry_flags(h);
Olivier Houcharda8955d52019-04-07 22:00:38 +0200271 return ret;
272}
273
274static int ha_ssl_gets(BIO *h, char *buf, int size)
275{
276
277 return 0;
278}
279
280static int ha_ssl_puts(BIO *h, const char *str)
281{
282
283 return ha_ssl_write(h, str, strlen(str));
284}
285
286static int ha_ssl_read(BIO *h, char *buf, int size)
287{
288 struct buffer tmpbuf;
289 struct ssl_sock_ctx *ctx;
290 int ret;
291
292 ctx = BIO_get_data(h);
293 tmpbuf.size = size;
294 tmpbuf.area = buf;
295 tmpbuf.data = 0;
296 tmpbuf.head = 0;
297 ret = ctx->xprt->rcv_buf(ctx->conn, ctx->xprt_ctx, &tmpbuf, size, 0);
Olivier Houchardb51937e2019-05-01 17:24:36 +0200298 if (ret == 0 && !(ctx->conn->flags & (CO_FL_ERROR | CO_FL_SOCK_RD_SH))) {
Olivier Houcharda8955d52019-04-07 22:00:38 +0200299 BIO_set_retry_read(h);
Olivier Houcharda28454e2019-04-24 12:04:36 +0200300 ret = -1;
Olivier Houchardb51937e2019-05-01 17:24:36 +0200301 } else if (ret == 0)
302 BIO_clear_retry_flags(h);
Olivier Houcharda8955d52019-04-07 22:00:38 +0200303
304 return ret;
305}
306
307static long ha_ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2)
308{
309 int ret = 0;
310 switch (cmd) {
311 case BIO_CTRL_DUP:
312 case BIO_CTRL_FLUSH:
313 ret = 1;
314 break;
315 }
316 return ret;
317}
318
319static int ha_ssl_new(BIO *h)
320{
321 BIO_set_init(h, 1);
322 BIO_set_data(h, NULL);
323 BIO_clear_flags(h, ~0);
324 return 1;
325}
326
327static int ha_ssl_free(BIO *data)
328{
329
330 return 1;
331}
332
333
Willy Tarreau5db847a2019-05-09 14:13:35 +0200334#if defined(USE_THREAD) && (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Christopher Faulet9dcf9b62017-11-13 10:34:01 +0100335
Emeric Brun821bb9b2017-06-15 16:37:39 +0200336static HA_RWLOCK_T *ssl_rwlocks;
337
338
339unsigned long ssl_id_function(void)
340{
341 return (unsigned long)tid;
342}
343
344void ssl_locking_function(int mode, int n, const char * file, int line)
345{
346 if (mode & CRYPTO_LOCK) {
347 if (mode & CRYPTO_READ)
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100348 HA_RWLOCK_RDLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200349 else
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100350 HA_RWLOCK_WRLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200351 }
352 else {
353 if (mode & CRYPTO_READ)
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100354 HA_RWLOCK_RDUNLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200355 else
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100356 HA_RWLOCK_WRUNLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200357 }
358}
359
360static int ssl_locking_init(void)
361{
362 int i;
363
364 ssl_rwlocks = malloc(sizeof(HA_RWLOCK_T)*CRYPTO_num_locks());
365 if (!ssl_rwlocks)
366 return -1;
367
368 for (i = 0 ; i < CRYPTO_num_locks() ; i++)
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100369 HA_RWLOCK_INIT(&ssl_rwlocks[i]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200370
371 CRYPTO_set_id_callback(ssl_id_function);
372 CRYPTO_set_locking_callback(ssl_locking_function);
373
374 return 0;
375}
Christopher Faulet9dcf9b62017-11-13 10:34:01 +0100376
Emeric Brun821bb9b2017-06-15 16:37:39 +0200377#endif
378
William Lallemand150bfa82019-09-19 17:12:49 +0200379__decl_hathreads(HA_SPINLOCK_T ckch_lock);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200380
William Lallemandbc6ca7c2019-10-29 23:48:19 +0100381/* Uncommitted CKCH transaction */
382
383static struct {
384 struct ckch_store *new_ckchs;
385 struct ckch_store *old_ckchs;
386 char *path;
387} ckchs_transaction;
388
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +0200389/*
Emmanuel Hocdetb270e812019-11-21 19:09:31 +0100390 * deduplicate cafile (and crlfile)
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +0200391 */
392struct cafile_entry {
393 X509_STORE *ca_store;
Emmanuel Hocdet129d3282019-10-24 18:08:51 +0200394 STACK_OF(X509_NAME) *ca_list;
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +0200395 struct ebmb_node node;
396 char path[0];
397};
398
399static struct eb_root cafile_tree = EB_ROOT_UNIQUE;
400
401static X509_STORE* ssl_store_get0_locations_file(char *path)
402{
403 struct ebmb_node *eb;
404
405 eb = ebst_lookup(&cafile_tree, path);
406 if (eb) {
407 struct cafile_entry *ca_e;
408 ca_e = ebmb_entry(eb, struct cafile_entry, node);
409 return ca_e->ca_store;
410 }
411 return NULL;
412}
413
414static int ssl_store_load_locations_file(char *path)
415{
416 if (ssl_store_get0_locations_file(path) == NULL) {
417 struct cafile_entry *ca_e;
418 X509_STORE *store = X509_STORE_new();
419 if (X509_STORE_load_locations(store, path, NULL)) {
420 int pathlen;
421 pathlen = strlen(path);
422 ca_e = calloc(1, sizeof(*ca_e) + pathlen + 1);
423 if (ca_e) {
424 memcpy(ca_e->path, path, pathlen + 1);
425 ca_e->ca_store = store;
426 ebst_insert(&cafile_tree, &ca_e->node);
427 return 1;
428 }
429 }
430 X509_STORE_free(store);
431 return 0;
432 }
433 return 1;
434}
435
436/* mimic what X509_STORE_load_locations do with store_ctx */
437static int ssl_set_cert_crl_file(X509_STORE *store_ctx, char *path)
438{
439 X509_STORE *store;
440 store = ssl_store_get0_locations_file(path);
441 if (store_ctx && store) {
442 int i;
443 X509_OBJECT *obj;
444 STACK_OF(X509_OBJECT) *objs = X509_STORE_get0_objects(store);
445 for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
446 obj = sk_X509_OBJECT_value(objs, i);
447 switch (X509_OBJECT_get_type(obj)) {
448 case X509_LU_X509:
449 X509_STORE_add_cert(store_ctx, X509_OBJECT_get0_X509(obj));
450 break;
451 case X509_LU_CRL:
452 X509_STORE_add_crl(store_ctx, X509_OBJECT_get0_X509_CRL(obj));
453 break;
454 default:
455 break;
456 }
457 }
458 return 1;
459 }
460 return 0;
461}
462
463/* SSL_CTX_load_verify_locations substitute, internaly call X509_STORE_load_locations */
464static int ssl_set_verify_locations_file(SSL_CTX *ctx, char *path)
465{
466 X509_STORE *store_ctx = SSL_CTX_get_cert_store(ctx);
467 return ssl_set_cert_crl_file(store_ctx, path);
468}
469
Emmanuel Hocdet129d3282019-10-24 18:08:51 +0200470/*
471 Extract CA_list from CA_file already in tree.
472 Duplicate ca_name is tracking with ebtree. It's simplify openssl compatibility.
473 Return a shared ca_list: SSL_dup_CA_list must be used before set it on SSL_CTX.
474*/
475static STACK_OF(X509_NAME)* ssl_get_client_ca_file(char *path)
476{
477 struct ebmb_node *eb;
478 struct cafile_entry *ca_e;
479
480 eb = ebst_lookup(&cafile_tree, path);
481 if (!eb)
482 return NULL;
483 ca_e = ebmb_entry(eb, struct cafile_entry, node);
484
485 if (ca_e->ca_list == NULL) {
486 int i;
487 unsigned long key;
488 struct eb_root ca_name_tree = EB_ROOT;
489 struct eb64_node *node, *back;
490 struct {
491 struct eb64_node node;
492 X509_NAME *xname;
493 } *ca_name;
494 STACK_OF(X509_OBJECT) *objs;
495 STACK_OF(X509_NAME) *skn;
496 X509 *x;
497 X509_NAME *xn;
498
499 skn = sk_X509_NAME_new_null();
500 /* take x509 from cafile_tree */
501 objs = X509_STORE_get0_objects(ca_e->ca_store);
502 for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
503 x = X509_OBJECT_get0_X509(sk_X509_OBJECT_value(objs, i));
504 if (!x)
505 continue;
506 xn = X509_get_subject_name(x);
507 if (!xn)
508 continue;
509 /* Check for duplicates. */
510 key = X509_NAME_hash(xn);
511 for (node = eb64_lookup(&ca_name_tree, key), ca_name = NULL;
512 node && ca_name == NULL;
513 node = eb64_next(node)) {
514 ca_name = container_of(node, typeof(*ca_name), node);
515 if (X509_NAME_cmp(xn, ca_name->xname) != 0)
516 ca_name = NULL;
517 }
518 /* find a duplicate */
519 if (ca_name)
520 continue;
521 ca_name = calloc(1, sizeof *ca_name);
522 xn = X509_NAME_dup(xn);
523 if (!ca_name ||
524 !xn ||
525 !sk_X509_NAME_push(skn, xn)) {
526 free(ca_name);
527 X509_NAME_free(xn);
528 sk_X509_NAME_pop_free(skn, X509_NAME_free);
529 sk_X509_NAME_free(skn);
530 skn = NULL;
531 break;
532 }
533 ca_name->node.key = key;
534 ca_name->xname = xn;
535 eb64_insert(&ca_name_tree, &ca_name->node);
536 }
537 ca_e->ca_list = skn;
538 /* remove temporary ca_name tree */
539 node = eb64_first(&ca_name_tree);
540 while (node) {
541 ca_name = container_of(node, typeof(*ca_name), node);
542 back = eb64_next(node);
543 eb64_delete(node);
544 free(ca_name);
545 node = back;
546 }
547 }
548 return ca_e->ca_list;
549}
550
Emmanuel Hocdetaaee7502017-03-07 18:34:58 +0100551/* This memory pool is used for capturing clienthello parameters. */
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100552struct ssl_capture {
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100553 unsigned long long int xxh64;
554 unsigned char ciphersuite_len;
555 char ciphersuite[0];
556};
Willy Tarreaubafbe012017-11-24 17:34:44 +0100557struct pool_head *pool_head_ssl_capture = NULL;
Emmanuel Hocdetaaee7502017-03-07 18:34:58 +0100558static int ssl_capture_ptr_index = -1;
Thierry FOURNIER28962c92018-06-17 21:37:05 +0200559static int ssl_app_data_index = -1;
Willy Tarreauef934602016-12-22 23:12:01 +0100560
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200561#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
562struct list tlskeys_reference = LIST_HEAD_INIT(tlskeys_reference);
563#endif
564
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200565#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +0000566static unsigned int openssl_engines_initialized;
567struct list openssl_engines = LIST_HEAD_INIT(openssl_engines);
568struct ssl_engine_list {
569 struct list list;
570 ENGINE *e;
571};
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200572#endif
Grant Zhang872f9c22017-01-21 01:10:18 +0000573
Remi Gacogne8de54152014-07-15 11:36:40 +0200574#ifndef OPENSSL_NO_DH
Remi Gacogne4f902b82015-05-28 16:23:00 +0200575static int ssl_dh_ptr_index = -1;
Remi Gacogne47783ef2015-05-29 15:53:22 +0200576static DH *global_dh = NULL;
Remi Gacogne8de54152014-07-15 11:36:40 +0200577static DH *local_dh_1024 = NULL;
578static DH *local_dh_2048 = NULL;
579static DH *local_dh_4096 = NULL;
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +0100580static DH *ssl_get_tmp_dh(SSL *ssl, int export, int keylen);
Remi Gacogne8de54152014-07-15 11:36:40 +0200581#endif /* OPENSSL_NO_DH */
582
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100583#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Christopher Faulet31af49d2015-06-09 17:29:50 +0200584/* X509V3 Extensions that will be added on generated certificates */
585#define X509V3_EXT_SIZE 5
586static char *x509v3_ext_names[X509V3_EXT_SIZE] = {
587 "basicConstraints",
588 "nsComment",
589 "subjectKeyIdentifier",
590 "authorityKeyIdentifier",
591 "keyUsage",
592};
593static char *x509v3_ext_values[X509V3_EXT_SIZE] = {
594 "CA:FALSE",
595 "\"OpenSSL Generated Certificate\"",
596 "hash",
597 "keyid,issuer:always",
598 "nonRepudiation,digitalSignature,keyEncipherment"
599};
Christopher Faulet31af49d2015-06-09 17:29:50 +0200600/* LRU cache to store generated certificate */
601static struct lru64_head *ssl_ctx_lru_tree = NULL;
602static unsigned int ssl_ctx_lru_seed = 0;
Emeric Brun821bb9b2017-06-15 16:37:39 +0200603static unsigned int ssl_ctx_serial;
Willy Tarreau86abe442018-11-25 20:12:18 +0100604__decl_rwlock(ssl_ctx_lru_rwlock);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200605
Willy Tarreauc8ad3be2015-06-17 15:48:26 +0200606#endif // SSL_CTRL_SET_TLSEXT_HOSTNAME
607
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100608static struct ssl_bind_kw ssl_bind_kws[];
609
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200610#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhube2774d2015-12-10 15:07:30 -0500611/* The order here matters for picking a default context,
612 * keep the most common keytype at the bottom of the list
613 */
614const char *SSL_SOCK_KEYTYPE_NAMES[] = {
615 "dsa",
616 "ecdsa",
617 "rsa"
618};
619#define SSL_SOCK_NUM_KEYTYPES 3
Willy Tarreau30da7ad2015-12-14 11:28:33 +0100620#else
621#define SSL_SOCK_NUM_KEYTYPES 1
yanbzhube2774d2015-12-10 15:07:30 -0500622#endif
623
William Lallemandc3cd35f2017-11-28 11:04:43 +0100624static struct shared_context *ssl_shctx = NULL; /* ssl shared session cache */
William Lallemand4f45bb92017-10-30 20:08:51 +0100625static struct eb_root *sh_ssl_sess_tree; /* ssl shared session tree */
626
627#define sh_ssl_sess_tree_delete(s) ebmb_delete(&(s)->key);
628
629#define sh_ssl_sess_tree_insert(s) (struct sh_ssl_sess_hdr *)ebmb_insert(sh_ssl_sess_tree, \
630 &(s)->key, SSL_MAX_SSL_SESSION_ID_LENGTH);
631
632#define sh_ssl_sess_tree_lookup(k) (struct sh_ssl_sess_hdr *)ebmb_lookup(sh_ssl_sess_tree, \
633 (k), SSL_MAX_SSL_SESSION_ID_LENGTH);
William Lallemand3f85c9a2017-10-09 16:30:50 +0200634
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100635/*
636 * This function gives the detail of the SSL error. It is used only
637 * if the debug mode and the verbose mode are activated. It dump all
638 * the SSL error until the stack was empty.
639 */
640static forceinline void ssl_sock_dump_errors(struct connection *conn)
641{
642 unsigned long ret;
643
644 if (unlikely(global.mode & MODE_DEBUG)) {
645 while(1) {
646 ret = ERR_get_error();
647 if (ret == 0)
648 return;
649 fprintf(stderr, "fd[%04x] OpenSSL error[0x%lx] %s: %s\n",
Willy Tarreau585744b2017-08-24 14:31:19 +0200650 (unsigned short)conn->handle.fd, ret,
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100651 ERR_func_error_string(ret), ERR_reason_error_string(ret));
652 }
653 }
654}
655
yanbzhube2774d2015-12-10 15:07:30 -0500656
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200657#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +0000658static int ssl_init_single_engine(const char *engine_id, const char *def_algorithms)
659{
660 int err_code = ERR_ABORT;
661 ENGINE *engine;
662 struct ssl_engine_list *el;
663
664 /* grab the structural reference to the engine */
665 engine = ENGINE_by_id(engine_id);
666 if (engine == NULL) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100667 ha_alert("ssl-engine %s: failed to get structural reference\n", engine_id);
Grant Zhang872f9c22017-01-21 01:10:18 +0000668 goto fail_get;
669 }
670
671 if (!ENGINE_init(engine)) {
672 /* the engine couldn't initialise, release it */
Christopher Faulet767a84b2017-11-24 16:50:31 +0100673 ha_alert("ssl-engine %s: failed to initialize\n", engine_id);
Grant Zhang872f9c22017-01-21 01:10:18 +0000674 goto fail_init;
675 }
676
677 if (ENGINE_set_default_string(engine, def_algorithms) == 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100678 ha_alert("ssl-engine %s: failed on ENGINE_set_default_string\n", engine_id);
Grant Zhang872f9c22017-01-21 01:10:18 +0000679 goto fail_set_method;
680 }
681
682 el = calloc(1, sizeof(*el));
683 el->e = engine;
684 LIST_ADD(&openssl_engines, &el->list);
Emeric Brunece0c332017-12-06 13:51:49 +0100685 nb_engines++;
686 if (global_ssl.async)
687 global.ssl_used_async_engines = nb_engines;
Grant Zhang872f9c22017-01-21 01:10:18 +0000688 return 0;
689
690fail_set_method:
691 /* release the functional reference from ENGINE_init() */
692 ENGINE_finish(engine);
693
694fail_init:
695 /* release the structural reference from ENGINE_by_id() */
696 ENGINE_free(engine);
697
698fail_get:
699 return err_code;
700}
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200701#endif
Grant Zhang872f9c22017-01-21 01:10:18 +0000702
Willy Tarreau5db847a2019-05-09 14:13:35 +0200703#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brun3854e012017-05-17 20:42:48 +0200704/*
705 * openssl async fd handler
706 */
Emeric Brund0e095c2019-04-19 17:15:28 +0200707void ssl_async_fd_handler(int fd)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000708{
Olivier Houchardea8dd942019-05-20 14:02:16 +0200709 struct ssl_sock_ctx *ctx = fdtab[fd].owner;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000710
Emeric Brun3854e012017-05-17 20:42:48 +0200711 /* fd is an async enfine fd, we must stop
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000712 * to poll this fd until it is requested
713 */
Emeric Brunbbc16542017-06-02 15:54:06 +0000714 fd_stop_recv(fd);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000715 fd_cant_recv(fd);
716
717 /* crypto engine is available, let's notify the associated
718 * connection that it can pursue its processing.
719 */
Olivier Houchard03abf2d2019-05-28 10:12:02 +0200720 ssl_sock_io_cb(NULL, ctx, 0);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000721}
722
Emeric Brun3854e012017-05-17 20:42:48 +0200723/*
724 * openssl async delayed SSL_free handler
725 */
Emeric Brund0e095c2019-04-19 17:15:28 +0200726void ssl_async_fd_free(int fd)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000727{
728 SSL *ssl = fdtab[fd].owner;
Emeric Brun3854e012017-05-17 20:42:48 +0200729 OSSL_ASYNC_FD all_fd[32];
730 size_t num_all_fds = 0;
731 int i;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000732
Emeric Brun3854e012017-05-17 20:42:48 +0200733 /* We suppose that the async job for a same SSL *
734 * are serialized. So if we are awake it is
735 * because the running job has just finished
736 * and we can remove all async fds safely
737 */
738 SSL_get_all_async_fds(ssl, NULL, &num_all_fds);
739 if (num_all_fds > 32) {
740 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
741 return;
742 }
743
744 SSL_get_all_async_fds(ssl, all_fd, &num_all_fds);
745 for (i=0 ; i < num_all_fds ; i++)
746 fd_remove(all_fd[i]);
747
748 /* Now we can safely call SSL_free, no more pending job in engines */
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000749 SSL_free(ssl);
Olivier Houchard2be5a4c2019-03-08 18:54:43 +0100750 _HA_ATOMIC_SUB(&sslconns, 1);
751 _HA_ATOMIC_SUB(&jobs, 1);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000752}
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000753/*
Emeric Brun3854e012017-05-17 20:42:48 +0200754 * function used to manage a returned SSL_ERROR_WANT_ASYNC
755 * and enable/disable polling for async fds
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000756 */
Olivier Houchardea8dd942019-05-20 14:02:16 +0200757static inline void ssl_async_process_fds(struct ssl_sock_ctx *ctx)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000758{
Willy Tarreaua9786b62018-01-25 07:22:13 +0100759 OSSL_ASYNC_FD add_fd[32];
Emeric Brun3854e012017-05-17 20:42:48 +0200760 OSSL_ASYNC_FD del_fd[32];
Olivier Houchardea8dd942019-05-20 14:02:16 +0200761 SSL *ssl = ctx->ssl;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000762 size_t num_add_fds = 0;
763 size_t num_del_fds = 0;
Emeric Brun3854e012017-05-17 20:42:48 +0200764 int i;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000765
766 SSL_get_changed_async_fds(ssl, NULL, &num_add_fds, NULL,
767 &num_del_fds);
Emeric Brun3854e012017-05-17 20:42:48 +0200768 if (num_add_fds > 32 || num_del_fds > 32) {
769 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000770 return;
771 }
772
Emeric Brun3854e012017-05-17 20:42:48 +0200773 SSL_get_changed_async_fds(ssl, add_fd, &num_add_fds, del_fd, &num_del_fds);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000774
Emeric Brun3854e012017-05-17 20:42:48 +0200775 /* We remove unused fds from the fdtab */
776 for (i=0 ; i < num_del_fds ; i++)
777 fd_remove(del_fd[i]);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000778
Emeric Brun3854e012017-05-17 20:42:48 +0200779 /* We add new fds to the fdtab */
780 for (i=0 ; i < num_add_fds ; i++) {
Olivier Houchardea8dd942019-05-20 14:02:16 +0200781 fd_insert(add_fd[i], ctx, ssl_async_fd_handler, tid_bit);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000782 }
783
Emeric Brun3854e012017-05-17 20:42:48 +0200784 num_add_fds = 0;
785 SSL_get_all_async_fds(ssl, NULL, &num_add_fds);
786 if (num_add_fds > 32) {
787 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
788 return;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000789 }
Emeric Brun3854e012017-05-17 20:42:48 +0200790
791 /* We activate the polling for all known async fds */
792 SSL_get_all_async_fds(ssl, add_fd, &num_add_fds);
Emeric Brunce9e01c2017-05-31 10:02:53 +0000793 for (i=0 ; i < num_add_fds ; i++) {
Emeric Brun3854e012017-05-17 20:42:48 +0200794 fd_want_recv(add_fd[i]);
Emeric Brunce9e01c2017-05-31 10:02:53 +0000795 /* To ensure that the fd cache won't be used
796 * We'll prefer to catch a real RD event
797 * because handling an EAGAIN on this fd will
798 * result in a context switch and also
799 * some engines uses a fd in blocking mode.
800 */
801 fd_cant_recv(add_fd[i]);
802 }
Emeric Brun3854e012017-05-17 20:42:48 +0200803
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000804}
805#endif
806
William Lallemand104a7a62019-10-14 14:14:59 +0200807#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200808/*
809 * This function returns the number of seconds elapsed
810 * since the Epoch, 1970-01-01 00:00:00 +0000 (UTC) and the
811 * date presented un ASN1_GENERALIZEDTIME.
812 *
813 * In parsing error case, it returns -1.
814 */
815static long asn1_generalizedtime_to_epoch(ASN1_GENERALIZEDTIME *d)
816{
817 long epoch;
818 char *p, *end;
819 const unsigned short month_offset[12] = {
820 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334
821 };
822 int year, month;
823
824 if (!d || (d->type != V_ASN1_GENERALIZEDTIME)) return -1;
825
826 p = (char *)d->data;
827 end = p + d->length;
828
829 if (end - p < 4) return -1;
830 year = 1000 * (p[0] - '0') + 100 * (p[1] - '0') + 10 * (p[2] - '0') + p[3] - '0';
831 p += 4;
832 if (end - p < 2) return -1;
833 month = 10 * (p[0] - '0') + p[1] - '0';
834 if (month < 1 || month > 12) return -1;
835 /* Compute the number of seconds since 1 jan 1970 and the beginning of current month
836 We consider leap years and the current month (<marsh or not) */
837 epoch = ( ((year - 1970) * 365)
838 + ((year - (month < 3)) / 4 - (year - (month < 3)) / 100 + (year - (month < 3)) / 400)
839 - ((1970 - 1) / 4 - (1970 - 1) / 100 + (1970 - 1) / 400)
840 + month_offset[month-1]
841 ) * 24 * 60 * 60;
842 p += 2;
843 if (end - p < 2) return -1;
844 /* Add the number of seconds of completed days of current month */
845 epoch += (10 * (p[0] - '0') + p[1] - '0' - 1) * 24 * 60 * 60;
846 p += 2;
847 if (end - p < 2) return -1;
848 /* Add the completed hours of the current day */
849 epoch += (10 * (p[0] - '0') + p[1] - '0') * 60 * 60;
850 p += 2;
851 if (end - p < 2) return -1;
852 /* Add the completed minutes of the current hour */
853 epoch += (10 * (p[0] - '0') + p[1] - '0') * 60;
854 p += 2;
855 if (p == end) return -1;
856 /* Test if there is available seconds */
857 if (p[0] < '0' || p[0] > '9')
858 goto nosec;
859 if (end - p < 2) return -1;
860 /* Add the seconds of the current minute */
861 epoch += 10 * (p[0] - '0') + p[1] - '0';
862 p += 2;
863 if (p == end) return -1;
864 /* Ignore seconds float part if present */
865 if (p[0] == '.') {
866 do {
867 if (++p == end) return -1;
868 } while (p[0] >= '0' && p[0] <= '9');
869 }
870
871nosec:
872 if (p[0] == 'Z') {
873 if (end - p != 1) return -1;
874 return epoch;
875 }
876 else if (p[0] == '+') {
877 if (end - p != 5) return -1;
878 /* Apply timezone offset */
Frederik Deweerdt953917a2017-10-16 07:37:31 -0700879 return epoch - ((10 * (p[1] - '0') + p[2] - '0') * 60 * 60 + (10 * (p[3] - '0') + p[4] - '0')) * 60;
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200880 }
881 else if (p[0] == '-') {
882 if (end - p != 5) return -1;
883 /* Apply timezone offset */
Frederik Deweerdt953917a2017-10-16 07:37:31 -0700884 return epoch + ((10 * (p[1] - '0') + p[2] - '0') * 60 * 60 + (10 * (p[3] - '0') + p[4] - '0')) * 60;
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200885 }
886
887 return -1;
888}
889
William Lallemand104a7a62019-10-14 14:14:59 +0200890/*
891 * struct alignment works here such that the key.key is the same as key_data
892 * Do not change the placement of key_data
893 */
894struct certificate_ocsp {
895 struct ebmb_node key;
896 unsigned char key_data[OCSP_MAX_CERTID_ASN1_LENGTH];
897 struct buffer response;
898 long expire;
899};
900
901struct ocsp_cbk_arg {
902 int is_single;
903 int single_kt;
904 union {
905 struct certificate_ocsp *s_ocsp;
906 /*
907 * m_ocsp will have multiple entries dependent on key type
908 * Entry 0 - DSA
909 * Entry 1 - ECDSA
910 * Entry 2 - RSA
911 */
912 struct certificate_ocsp *m_ocsp[SSL_SOCK_NUM_KEYTYPES];
913 };
914};
915
Emeric Brun1d3865b2014-06-20 15:37:32 +0200916static struct eb_root cert_ocsp_tree = EB_ROOT_UNIQUE;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200917
918/* This function starts to check if the OCSP response (in DER format) contained
919 * in chunk 'ocsp_response' is valid (else exits on error).
920 * If 'cid' is not NULL, it will be compared to the OCSP certificate ID
921 * contained in the OCSP Response and exits on error if no match.
922 * If it's a valid OCSP Response:
923 * If 'ocsp' is not NULL, the chunk is copied in the OCSP response's container
924 * pointed by 'ocsp'.
925 * If 'ocsp' is NULL, the function looks up into the OCSP response's
926 * containers tree (using as index the ASN1 form of the OCSP Certificate ID extracted
927 * from the response) and exits on error if not found. Finally, If an OCSP response is
928 * already present in the container, it will be overwritten.
929 *
930 * Note: OCSP response containing more than one OCSP Single response is not
931 * considered valid.
932 *
933 * Returns 0 on success, 1 in error case.
934 */
Willy Tarreau83061a82018-07-13 11:56:34 +0200935static int ssl_sock_load_ocsp_response(struct buffer *ocsp_response,
936 struct certificate_ocsp *ocsp,
937 OCSP_CERTID *cid, char **err)
Emeric Brun4147b2e2014-06-16 18:36:30 +0200938{
939 OCSP_RESPONSE *resp;
940 OCSP_BASICRESP *bs = NULL;
941 OCSP_SINGLERESP *sr;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200942 OCSP_CERTID *id;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200943 unsigned char *p = (unsigned char *) ocsp_response->area;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200944 int rc , count_sr;
Emeric Brun13a6b482014-06-20 15:44:34 +0200945 ASN1_GENERALIZEDTIME *revtime, *thisupd, *nextupd = NULL;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200946 int reason;
947 int ret = 1;
948
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200949 resp = d2i_OCSP_RESPONSE(NULL, (const unsigned char **)&p,
950 ocsp_response->data);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200951 if (!resp) {
952 memprintf(err, "Unable to parse OCSP response");
953 goto out;
954 }
955
956 rc = OCSP_response_status(resp);
957 if (rc != OCSP_RESPONSE_STATUS_SUCCESSFUL) {
958 memprintf(err, "OCSP response status not successful");
959 goto out;
960 }
961
962 bs = OCSP_response_get1_basic(resp);
963 if (!bs) {
964 memprintf(err, "Failed to get basic response from OCSP Response");
965 goto out;
966 }
967
968 count_sr = OCSP_resp_count(bs);
969 if (count_sr > 1) {
970 memprintf(err, "OCSP response ignored because contains multiple single responses (%d)", count_sr);
971 goto out;
972 }
973
974 sr = OCSP_resp_get0(bs, 0);
975 if (!sr) {
976 memprintf(err, "Failed to get OCSP single response");
977 goto out;
978 }
979
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200980 id = (OCSP_CERTID*)OCSP_SINGLERESP_get0_id(sr);
981
Emeric Brun4147b2e2014-06-16 18:36:30 +0200982 rc = OCSP_single_get0_status(sr, &reason, &revtime, &thisupd, &nextupd);
Emmanuel Hocdetef607052017-10-24 14:57:16 +0200983 if (rc != V_OCSP_CERTSTATUS_GOOD && rc != V_OCSP_CERTSTATUS_REVOKED) {
Emmanuel Hocdet872085c2017-10-10 15:18:52 +0200984 memprintf(err, "OCSP single response: certificate status is unknown");
Emeric Brun4147b2e2014-06-16 18:36:30 +0200985 goto out;
986 }
987
Emeric Brun13a6b482014-06-20 15:44:34 +0200988 if (!nextupd) {
989 memprintf(err, "OCSP single response: missing nextupdate");
990 goto out;
991 }
992
Emeric Brunc8b27b62014-06-19 14:16:17 +0200993 rc = OCSP_check_validity(thisupd, nextupd, OCSP_MAX_RESPONSE_TIME_SKEW, -1);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200994 if (!rc) {
995 memprintf(err, "OCSP single response: no longer valid.");
996 goto out;
997 }
998
999 if (cid) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001000 if (OCSP_id_cmp(id, cid)) {
Emeric Brun4147b2e2014-06-16 18:36:30 +02001001 memprintf(err, "OCSP single response: Certificate ID does not match certificate and issuer");
1002 goto out;
1003 }
1004 }
1005
1006 if (!ocsp) {
1007 unsigned char key[OCSP_MAX_CERTID_ASN1_LENGTH];
1008 unsigned char *p;
1009
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001010 rc = i2d_OCSP_CERTID(id, NULL);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001011 if (!rc) {
1012 memprintf(err, "OCSP single response: Unable to encode Certificate ID");
1013 goto out;
1014 }
1015
1016 if (rc > OCSP_MAX_CERTID_ASN1_LENGTH) {
1017 memprintf(err, "OCSP single response: Certificate ID too long");
1018 goto out;
1019 }
1020
1021 p = key;
1022 memset(key, 0, OCSP_MAX_CERTID_ASN1_LENGTH);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001023 i2d_OCSP_CERTID(id, &p);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001024 ocsp = (struct certificate_ocsp *)ebmb_lookup(&cert_ocsp_tree, key, OCSP_MAX_CERTID_ASN1_LENGTH);
1025 if (!ocsp) {
1026 memprintf(err, "OCSP single response: Certificate ID does not match any certificate or issuer");
1027 goto out;
1028 }
1029 }
1030
1031 /* According to comments on "chunk_dup", the
1032 previous chunk buffer will be freed */
1033 if (!chunk_dup(&ocsp->response, ocsp_response)) {
1034 memprintf(err, "OCSP response: Memory allocation error");
1035 goto out;
1036 }
1037
Emeric Brun4f3c87a2014-06-20 15:46:13 +02001038 ocsp->expire = asn1_generalizedtime_to_epoch(nextupd) - OCSP_MAX_RESPONSE_TIME_SKEW;
1039
Emeric Brun4147b2e2014-06-16 18:36:30 +02001040 ret = 0;
1041out:
Janusz Dziemidowicz8d710492017-03-08 16:59:41 +01001042 ERR_clear_error();
1043
Emeric Brun4147b2e2014-06-16 18:36:30 +02001044 if (bs)
1045 OCSP_BASICRESP_free(bs);
1046
1047 if (resp)
1048 OCSP_RESPONSE_free(resp);
1049
1050 return ret;
1051}
1052/*
1053 * External function use to update the OCSP response in the OCSP response's
1054 * containers tree. The chunk 'ocsp_response' must contain the OCSP response
1055 * to update in DER format.
1056 *
1057 * Returns 0 on success, 1 in error case.
1058 */
Willy Tarreau83061a82018-07-13 11:56:34 +02001059int ssl_sock_update_ocsp_response(struct buffer *ocsp_response, char **err)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001060{
1061 return ssl_sock_load_ocsp_response(ocsp_response, NULL, NULL, err);
1062}
1063
William Lallemand4a660132019-10-14 14:51:41 +02001064#endif
1065
1066#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001067/*
1068 * This function load the OCSP Resonse in DER format contained in file at
William Lallemand3b5f3602019-10-16 18:05:05 +02001069 * path 'ocsp_path' or base64 in a buffer <buf>
Emeric Brun4147b2e2014-06-16 18:36:30 +02001070 *
1071 * Returns 0 on success, 1 in error case.
1072 */
William Lallemand3b5f3602019-10-16 18:05:05 +02001073static int ssl_sock_load_ocsp_response_from_file(const char *ocsp_path, char *buf, struct cert_key_and_chain *ckch, char **err)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001074{
1075 int fd = -1;
1076 int r = 0;
1077 int ret = 1;
William Lallemand3b5f3602019-10-16 18:05:05 +02001078 struct buffer *ocsp_response;
1079 struct buffer *src = NULL;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001080
William Lallemand3b5f3602019-10-16 18:05:05 +02001081 if (buf) {
1082 int i, j;
1083 /* if it's from a buffer it will be base64 */
Emeric Brun4147b2e2014-06-16 18:36:30 +02001084
William Lallemand3b5f3602019-10-16 18:05:05 +02001085 /* remove \r and \n from the payload */
1086 for (i = 0, j = 0; buf[i]; i++) {
1087 if (buf[i] == '\r' || buf[i] == '\n')
Emeric Brun4147b2e2014-06-16 18:36:30 +02001088 continue;
William Lallemand3b5f3602019-10-16 18:05:05 +02001089 buf[j++] = buf[i];
1090 }
1091 buf[j] = 0;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001092
William Lallemand3b5f3602019-10-16 18:05:05 +02001093 ret = base64dec(buf, j, trash.area, trash.size);
1094 if (ret < 0) {
1095 memprintf(err, "Error reading OCSP response in base64 format");
Emeric Brun4147b2e2014-06-16 18:36:30 +02001096 goto end;
1097 }
William Lallemand3b5f3602019-10-16 18:05:05 +02001098 trash.data = ret;
1099 src = &trash;
1100 } else {
1101 fd = open(ocsp_path, O_RDONLY);
1102 if (fd == -1) {
1103 memprintf(err, "Error opening OCSP response file");
1104 goto end;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001105 }
William Lallemand3b5f3602019-10-16 18:05:05 +02001106
1107 trash.data = 0;
1108 while (trash.data < trash.size) {
1109 r = read(fd, trash.area + trash.data, trash.size - trash.data);
1110 if (r < 0) {
1111 if (errno == EINTR)
1112 continue;
1113
1114 memprintf(err, "Error reading OCSP response from file");
1115 goto end;
1116 }
1117 else if (r == 0) {
1118 break;
1119 }
1120 trash.data += r;
1121 }
1122 close(fd);
1123 fd = -1;
1124 src = &trash;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001125 }
1126
William Lallemand3b5f3602019-10-16 18:05:05 +02001127 ocsp_response = calloc(1, sizeof(*ocsp_response));
1128 if (!chunk_dup(ocsp_response, src)) {
1129 free(ocsp_response);
1130 ocsp_response = NULL;
William Lallemand246c0242019-10-11 08:59:13 +02001131 goto end;
1132 }
Emmanuel Hocdet0667fae2020-01-16 14:41:36 +01001133 /* no error, fill ckch with new context, old context must be free */
1134 if (ckch->ocsp_response) {
1135 free(ckch->ocsp_response->area);
1136 ckch->ocsp_response->area = NULL;
1137 free(ckch->ocsp_response);
1138 }
William Lallemand3b5f3602019-10-16 18:05:05 +02001139 ckch->ocsp_response = ocsp_response;
William Lallemande0f48ae2019-10-15 13:44:57 +02001140 ret = 0;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001141end:
1142 if (fd != -1)
1143 close(fd);
1144
1145 return ret;
1146}
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01001147#endif
Emeric Brun4147b2e2014-06-16 18:36:30 +02001148
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001149#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
1150static int ssl_tlsext_ticket_key_cb(SSL *s, unsigned char key_name[16], unsigned char *iv, EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc)
1151{
Christopher Faulet16f45c82018-02-16 11:23:49 +01001152 struct tls_keys_ref *ref;
Emeric Brun9e754772019-01-10 17:51:55 +01001153 union tls_sess_key *keys;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001154 struct connection *conn;
1155 int head;
1156 int i;
Christopher Faulet16f45c82018-02-16 11:23:49 +01001157 int ret = -1; /* error by default */
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001158
Thierry FOURNIER28962c92018-06-17 21:37:05 +02001159 conn = SSL_get_ex_data(s, ssl_app_data_index);
Willy Tarreau07d94e42018-09-20 10:57:52 +02001160 ref = __objt_listener(conn->target)->bind_conf->keys_ref;
Christopher Faulet16f45c82018-02-16 11:23:49 +01001161 HA_RWLOCK_RDLOCK(TLSKEYS_REF_LOCK, &ref->lock);
1162
1163 keys = ref->tlskeys;
1164 head = ref->tls_ticket_enc_index;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001165
1166 if (enc) {
1167 memcpy(key_name, keys[head].name, 16);
1168
1169 if(!RAND_pseudo_bytes(iv, EVP_MAX_IV_LENGTH))
Christopher Faulet16f45c82018-02-16 11:23:49 +01001170 goto end;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001171
Emeric Brun9e754772019-01-10 17:51:55 +01001172 if (ref->key_size_bits == 128) {
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001173
Emeric Brun9e754772019-01-10 17:51:55 +01001174 if(!EVP_EncryptInit_ex(ectx, EVP_aes_128_cbc(), NULL, keys[head].key_128.aes_key, iv))
1175 goto end;
1176
Willy Tarreau9356dac2019-05-10 09:22:53 +02001177 HMAC_Init_ex(hctx, keys[head].key_128.hmac_key, 16, TLS_TICKET_HASH_FUNCT(), NULL);
Emeric Brun9e754772019-01-10 17:51:55 +01001178 ret = 1;
1179 }
1180 else if (ref->key_size_bits == 256 ) {
1181
1182 if(!EVP_EncryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, keys[head].key_256.aes_key, iv))
1183 goto end;
1184
Willy Tarreau9356dac2019-05-10 09:22:53 +02001185 HMAC_Init_ex(hctx, keys[head].key_256.hmac_key, 32, TLS_TICKET_HASH_FUNCT(), NULL);
Emeric Brun9e754772019-01-10 17:51:55 +01001186 ret = 1;
1187 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001188 } else {
1189 for (i = 0; i < TLS_TICKETS_NO; i++) {
1190 if (!memcmp(key_name, keys[(head + i) % TLS_TICKETS_NO].name, 16))
1191 goto found;
1192 }
Christopher Faulet16f45c82018-02-16 11:23:49 +01001193 ret = 0;
1194 goto end;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001195
Christopher Faulet16f45c82018-02-16 11:23:49 +01001196 found:
Emeric Brun9e754772019-01-10 17:51:55 +01001197 if (ref->key_size_bits == 128) {
Willy Tarreau9356dac2019-05-10 09:22:53 +02001198 HMAC_Init_ex(hctx, keys[(head + i) % TLS_TICKETS_NO].key_128.hmac_key, 16, TLS_TICKET_HASH_FUNCT(), NULL);
Emeric Brun9e754772019-01-10 17:51:55 +01001199 if(!EVP_DecryptInit_ex(ectx, EVP_aes_128_cbc(), NULL, keys[(head + i) % TLS_TICKETS_NO].key_128.aes_key, iv))
1200 goto end;
1201 /* 2 for key renewal, 1 if current key is still valid */
1202 ret = i ? 2 : 1;
1203 }
1204 else if (ref->key_size_bits == 256) {
Willy Tarreau9356dac2019-05-10 09:22:53 +02001205 HMAC_Init_ex(hctx, keys[(head + i) % TLS_TICKETS_NO].key_256.hmac_key, 32, TLS_TICKET_HASH_FUNCT(), NULL);
Emeric Brun9e754772019-01-10 17:51:55 +01001206 if(!EVP_DecryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, keys[(head + i) % TLS_TICKETS_NO].key_256.aes_key, iv))
1207 goto end;
1208 /* 2 for key renewal, 1 if current key is still valid */
1209 ret = i ? 2 : 1;
1210 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001211 }
Emeric Brun9e754772019-01-10 17:51:55 +01001212
Christopher Faulet16f45c82018-02-16 11:23:49 +01001213 end:
1214 HA_RWLOCK_RDUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
1215 return ret;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001216}
1217
1218struct tls_keys_ref *tlskeys_ref_lookup(const char *filename)
1219{
1220 struct tls_keys_ref *ref;
1221
1222 list_for_each_entry(ref, &tlskeys_reference, list)
1223 if (ref->filename && strcmp(filename, ref->filename) == 0)
1224 return ref;
1225 return NULL;
1226}
1227
1228struct tls_keys_ref *tlskeys_ref_lookupid(int unique_id)
1229{
1230 struct tls_keys_ref *ref;
1231
1232 list_for_each_entry(ref, &tlskeys_reference, list)
1233 if (ref->unique_id == unique_id)
1234 return ref;
1235 return NULL;
1236}
1237
Emeric Brun9e754772019-01-10 17:51:55 +01001238/* Update the key into ref: if keysize doesnt
1239 * match existing ones, this function returns -1
1240 * else it returns 0 on success.
1241 */
1242int ssl_sock_update_tlskey_ref(struct tls_keys_ref *ref,
Willy Tarreau83061a82018-07-13 11:56:34 +02001243 struct buffer *tlskey)
Christopher Faulet16f45c82018-02-16 11:23:49 +01001244{
Emeric Brun9e754772019-01-10 17:51:55 +01001245 if (ref->key_size_bits == 128) {
1246 if (tlskey->data != sizeof(struct tls_sess_key_128))
1247 return -1;
1248 }
1249 else if (ref->key_size_bits == 256) {
1250 if (tlskey->data != sizeof(struct tls_sess_key_256))
1251 return -1;
1252 }
1253 else
1254 return -1;
1255
Christopher Faulet16f45c82018-02-16 11:23:49 +01001256 HA_RWLOCK_WRLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001257 memcpy((char *) (ref->tlskeys + ((ref->tls_ticket_enc_index + 2) % TLS_TICKETS_NO)),
1258 tlskey->area, tlskey->data);
Christopher Faulet16f45c82018-02-16 11:23:49 +01001259 ref->tls_ticket_enc_index = (ref->tls_ticket_enc_index + 1) % TLS_TICKETS_NO;
1260 HA_RWLOCK_WRUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Emeric Brun9e754772019-01-10 17:51:55 +01001261
1262 return 0;
Christopher Faulet16f45c82018-02-16 11:23:49 +01001263}
1264
Willy Tarreau83061a82018-07-13 11:56:34 +02001265int ssl_sock_update_tlskey(char *filename, struct buffer *tlskey, char **err)
Christopher Faulet16f45c82018-02-16 11:23:49 +01001266{
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001267 struct tls_keys_ref *ref = tlskeys_ref_lookup(filename);
1268
1269 if(!ref) {
1270 memprintf(err, "Unable to locate the referenced filename: %s", filename);
1271 return 1;
1272 }
Emeric Brun9e754772019-01-10 17:51:55 +01001273 if (ssl_sock_update_tlskey_ref(ref, tlskey) < 0) {
1274 memprintf(err, "Invalid key size");
1275 return 1;
1276 }
1277
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001278 return 0;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001279}
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001280
1281/* This function finalize the configuration parsing. Its set all the
Willy Tarreaud1c57502016-12-22 22:46:15 +01001282 * automatic ids. It's called just after the basic checks. It returns
1283 * 0 on success otherwise ERR_*.
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001284 */
Willy Tarreaud1c57502016-12-22 22:46:15 +01001285static int tlskeys_finalize_config(void)
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001286{
1287 int i = 0;
1288 struct tls_keys_ref *ref, *ref2, *ref3;
1289 struct list tkr = LIST_HEAD_INIT(tkr);
1290
1291 list_for_each_entry(ref, &tlskeys_reference, list) {
1292 if (ref->unique_id == -1) {
1293 /* Look for the first free id. */
1294 while (1) {
1295 list_for_each_entry(ref2, &tlskeys_reference, list) {
1296 if (ref2->unique_id == i) {
1297 i++;
1298 break;
1299 }
1300 }
1301 if (&ref2->list == &tlskeys_reference)
1302 break;
1303 }
1304
1305 /* Uses the unique id and increment it for the next entry. */
1306 ref->unique_id = i;
1307 i++;
1308 }
1309 }
1310
1311 /* This sort the reference list by id. */
1312 list_for_each_entry_safe(ref, ref2, &tlskeys_reference, list) {
1313 LIST_DEL(&ref->list);
1314 list_for_each_entry(ref3, &tkr, list) {
1315 if (ref->unique_id < ref3->unique_id) {
1316 LIST_ADDQ(&ref3->list, &ref->list);
1317 break;
1318 }
1319 }
1320 if (&ref3->list == &tkr)
1321 LIST_ADDQ(&tkr, &ref->list);
1322 }
1323
1324 /* swap root */
1325 LIST_ADD(&tkr, &tlskeys_reference);
1326 LIST_DEL(&tkr);
Willy Tarreaud1c57502016-12-22 22:46:15 +01001327 return 0;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001328}
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001329#endif /* SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB */
1330
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01001331#ifndef OPENSSL_NO_OCSP
yanbzhube2774d2015-12-10 15:07:30 -05001332int ssl_sock_get_ocsp_arg_kt_index(int evp_keytype)
1333{
1334 switch (evp_keytype) {
1335 case EVP_PKEY_RSA:
1336 return 2;
1337 case EVP_PKEY_DSA:
1338 return 0;
1339 case EVP_PKEY_EC:
1340 return 1;
1341 }
1342
1343 return -1;
1344}
1345
Emeric Brun4147b2e2014-06-16 18:36:30 +02001346/*
1347 * Callback used to set OCSP status extension content in server hello.
1348 */
1349int ssl_sock_ocsp_stapling_cbk(SSL *ssl, void *arg)
1350{
yanbzhube2774d2015-12-10 15:07:30 -05001351 struct certificate_ocsp *ocsp;
1352 struct ocsp_cbk_arg *ocsp_arg;
1353 char *ssl_buf;
1354 EVP_PKEY *ssl_pkey;
1355 int key_type;
1356 int index;
1357
Vincent Bernat3c2f2f22016-04-03 13:48:42 +02001358 ocsp_arg = arg;
yanbzhube2774d2015-12-10 15:07:30 -05001359
1360 ssl_pkey = SSL_get_privatekey(ssl);
1361 if (!ssl_pkey)
1362 return SSL_TLSEXT_ERR_NOACK;
1363
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001364 key_type = EVP_PKEY_base_id(ssl_pkey);
yanbzhube2774d2015-12-10 15:07:30 -05001365
1366 if (ocsp_arg->is_single && ocsp_arg->single_kt == key_type)
1367 ocsp = ocsp_arg->s_ocsp;
1368 else {
1369 /* For multiple certs per context, we have to find the correct OCSP response based on
1370 * the certificate type
1371 */
1372 index = ssl_sock_get_ocsp_arg_kt_index(key_type);
1373
1374 if (index < 0)
1375 return SSL_TLSEXT_ERR_NOACK;
1376
1377 ocsp = ocsp_arg->m_ocsp[index];
1378
1379 }
Emeric Brun4147b2e2014-06-16 18:36:30 +02001380
1381 if (!ocsp ||
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001382 !ocsp->response.area ||
1383 !ocsp->response.data ||
Emeric Brun4f3c87a2014-06-20 15:46:13 +02001384 (ocsp->expire < now.tv_sec))
Emeric Brun4147b2e2014-06-16 18:36:30 +02001385 return SSL_TLSEXT_ERR_NOACK;
1386
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001387 ssl_buf = OPENSSL_malloc(ocsp->response.data);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001388 if (!ssl_buf)
1389 return SSL_TLSEXT_ERR_NOACK;
1390
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001391 memcpy(ssl_buf, ocsp->response.area, ocsp->response.data);
1392 SSL_set_tlsext_status_ocsp_resp(ssl, ssl_buf, ocsp->response.data);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001393
1394 return SSL_TLSEXT_ERR_OK;
1395}
1396
William Lallemand4a660132019-10-14 14:51:41 +02001397#endif
1398
1399#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001400/*
1401 * This function enables the handling of OCSP status extension on 'ctx' if a
William Lallemand246c0242019-10-11 08:59:13 +02001402 * ocsp_response buffer was found in the cert_key_and_chain. To enable OCSP
1403 * status extension, the issuer's certificate is mandatory. It should be
1404 * present in ckch->ocsp_issuer.
Emeric Brun4147b2e2014-06-16 18:36:30 +02001405 *
William Lallemand246c0242019-10-11 08:59:13 +02001406 * In addition, the ckch->ocsp_reponse buffer is loaded as a DER format of an
1407 * OCSP response. If file is empty or content is not a valid OCSP response,
1408 * OCSP status extension is enabled but OCSP response is ignored (a warning is
1409 * displayed).
Emeric Brun4147b2e2014-06-16 18:36:30 +02001410 *
1411 * Returns 1 if no ".ocsp" file found, 0 if OCSP status extension is
Joseph Herlant017b3da2018-11-15 09:07:59 -08001412 * successfully enabled, or -1 in other error case.
Emeric Brun4147b2e2014-06-16 18:36:30 +02001413 */
William Lallemand4a660132019-10-14 14:51:41 +02001414#ifndef OPENSSL_IS_BORINGSSL
William Lallemand246c0242019-10-11 08:59:13 +02001415static int ssl_sock_load_ocsp(SSL_CTX *ctx, const struct cert_key_and_chain *ckch)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001416{
William Lallemand246c0242019-10-11 08:59:13 +02001417 X509 *x = NULL, *issuer = NULL;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001418 OCSP_CERTID *cid = NULL;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001419 int i, ret = -1;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001420 struct certificate_ocsp *ocsp = NULL, *iocsp;
1421 char *warn = NULL;
1422 unsigned char *p;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001423 void (*callback) (void);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001424
Emeric Brun4147b2e2014-06-16 18:36:30 +02001425
William Lallemand246c0242019-10-11 08:59:13 +02001426 x = ckch->cert;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001427 if (!x)
1428 goto out;
1429
William Lallemand246c0242019-10-11 08:59:13 +02001430 issuer = ckch->ocsp_issuer;
1431 if (!issuer)
1432 goto out;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001433
1434 cid = OCSP_cert_to_id(0, x, issuer);
1435 if (!cid)
1436 goto out;
1437
1438 i = i2d_OCSP_CERTID(cid, NULL);
1439 if (!i || (i > OCSP_MAX_CERTID_ASN1_LENGTH))
1440 goto out;
1441
Vincent Bernat02779b62016-04-03 13:48:43 +02001442 ocsp = calloc(1, sizeof(*ocsp));
Emeric Brun4147b2e2014-06-16 18:36:30 +02001443 if (!ocsp)
1444 goto out;
1445
1446 p = ocsp->key_data;
1447 i2d_OCSP_CERTID(cid, &p);
1448
1449 iocsp = (struct certificate_ocsp *)ebmb_insert(&cert_ocsp_tree, &ocsp->key, OCSP_MAX_CERTID_ASN1_LENGTH);
1450 if (iocsp == ocsp)
1451 ocsp = NULL;
1452
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001453#ifndef SSL_CTX_get_tlsext_status_cb
1454# define SSL_CTX_get_tlsext_status_cb(ctx, cb) \
1455 *cb = (void (*) (void))ctx->tlsext_status_cb;
1456#endif
1457 SSL_CTX_get_tlsext_status_cb(ctx, &callback);
1458
1459 if (!callback) {
Vincent Bernat02779b62016-04-03 13:48:43 +02001460 struct ocsp_cbk_arg *cb_arg = calloc(1, sizeof(*cb_arg));
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +01001461 EVP_PKEY *pkey;
yanbzhube2774d2015-12-10 15:07:30 -05001462
1463 cb_arg->is_single = 1;
1464 cb_arg->s_ocsp = iocsp;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001465
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +01001466 pkey = X509_get_pubkey(x);
1467 cb_arg->single_kt = EVP_PKEY_base_id(pkey);
1468 EVP_PKEY_free(pkey);
yanbzhube2774d2015-12-10 15:07:30 -05001469
1470 SSL_CTX_set_tlsext_status_cb(ctx, ssl_sock_ocsp_stapling_cbk);
1471 SSL_CTX_set_tlsext_status_arg(ctx, cb_arg);
1472 } else {
1473 /*
1474 * If the ctx has a status CB, then we have previously set an OCSP staple for this ctx
1475 * Update that cb_arg with the new cert's staple
1476 */
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001477 struct ocsp_cbk_arg *cb_arg;
yanbzhube2774d2015-12-10 15:07:30 -05001478 struct certificate_ocsp *tmp_ocsp;
1479 int index;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001480 int key_type;
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +01001481 EVP_PKEY *pkey;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001482
1483#ifdef SSL_CTX_get_tlsext_status_arg
1484 SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG, 0, &cb_arg);
1485#else
1486 cb_arg = ctx->tlsext_status_arg;
1487#endif
yanbzhube2774d2015-12-10 15:07:30 -05001488
1489 /*
1490 * The following few lines will convert cb_arg from a single ocsp to multi ocsp
1491 * the order of operations below matter, take care when changing it
1492 */
1493 tmp_ocsp = cb_arg->s_ocsp;
1494 index = ssl_sock_get_ocsp_arg_kt_index(cb_arg->single_kt);
1495 cb_arg->s_ocsp = NULL;
1496 cb_arg->m_ocsp[index] = tmp_ocsp;
1497 cb_arg->is_single = 0;
1498 cb_arg->single_kt = 0;
1499
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +01001500 pkey = X509_get_pubkey(x);
1501 key_type = EVP_PKEY_base_id(pkey);
1502 EVP_PKEY_free(pkey);
1503
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001504 index = ssl_sock_get_ocsp_arg_kt_index(key_type);
yanbzhube2774d2015-12-10 15:07:30 -05001505 if (index >= 0 && !cb_arg->m_ocsp[index])
1506 cb_arg->m_ocsp[index] = iocsp;
1507
1508 }
Emeric Brun4147b2e2014-06-16 18:36:30 +02001509
1510 ret = 0;
1511
1512 warn = NULL;
William Lallemand246c0242019-10-11 08:59:13 +02001513 if (ssl_sock_load_ocsp_response(ckch->ocsp_response, ocsp, cid, &warn)) {
William Lallemand3b5f3602019-10-16 18:05:05 +02001514 memprintf(&warn, "Loading: %s. Content will be ignored", warn ? warn : "failure");
Christopher Faulet767a84b2017-11-24 16:50:31 +01001515 ha_warning("%s.\n", warn);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001516 }
1517
1518out:
Emeric Brun4147b2e2014-06-16 18:36:30 +02001519 if (cid)
1520 OCSP_CERTID_free(cid);
1521
1522 if (ocsp)
1523 free(ocsp);
1524
1525 if (warn)
1526 free(warn);
1527
Emeric Brun4147b2e2014-06-16 18:36:30 +02001528 return ret;
1529}
William Lallemand4a660132019-10-14 14:51:41 +02001530#else /* OPENSSL_IS_BORINGSSL */
1531static int ssl_sock_load_ocsp(SSL_CTX *ctx, const struct cert_key_and_chain *ckch)
Emmanuel Hocdet2c32d8f2017-05-22 14:58:00 +02001532{
William Lallemand4a660132019-10-14 14:51:41 +02001533 return SSL_CTX_set_ocsp_response(ctx, (const uint8_t *)ckch->ocsp_response->area, ckch->ocsp_response->data);
Emmanuel Hocdet2c32d8f2017-05-22 14:58:00 +02001534}
1535#endif
1536
William Lallemand4a660132019-10-14 14:51:41 +02001537#endif
1538
1539
Willy Tarreau5db847a2019-05-09 14:13:35 +02001540#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001541
1542#define CT_EXTENSION_TYPE 18
1543
1544static int sctl_ex_index = -1;
1545
1546/*
1547 * Try to parse Signed Certificate Timestamp List structure. This function
1548 * makes only basic test if the data seems like SCTL. No signature validation
1549 * is performed.
1550 */
Willy Tarreau83061a82018-07-13 11:56:34 +02001551static int ssl_sock_parse_sctl(struct buffer *sctl)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001552{
1553 int ret = 1;
1554 int len, pos, sct_len;
1555 unsigned char *data;
1556
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001557 if (sctl->data < 2)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001558 goto out;
1559
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001560 data = (unsigned char *) sctl->area;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001561 len = (data[0] << 8) | data[1];
1562
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001563 if (len + 2 != sctl->data)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001564 goto out;
1565
1566 data = data + 2;
1567 pos = 0;
1568 while (pos < len) {
1569 if (len - pos < 2)
1570 goto out;
1571
1572 sct_len = (data[pos] << 8) | data[pos + 1];
1573 if (pos + sct_len + 2 > len)
1574 goto out;
1575
1576 pos += sct_len + 2;
1577 }
1578
1579 ret = 0;
1580
1581out:
1582 return ret;
1583}
1584
William Lallemand0dfae6c2019-10-16 18:06:58 +02001585/* Try to load a sctl from a buffer <buf> if not NULL, or read the file <sctl_path>
1586 * It fills the ckch->sctl buffer
1587 * return 0 on success or != 0 on failure */
1588static int ssl_sock_load_sctl_from_file(const char *sctl_path, char *buf, struct cert_key_and_chain *ckch, char **err)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001589{
1590 int fd = -1;
1591 int r = 0;
1592 int ret = 1;
William Lallemand0dfae6c2019-10-16 18:06:58 +02001593 struct buffer tmp;
1594 struct buffer *src;
1595 struct buffer *sctl;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001596
William Lallemand0dfae6c2019-10-16 18:06:58 +02001597 if (buf) {
1598 tmp.area = buf;
1599 tmp.data = strlen(buf);
1600 tmp.size = tmp.data + 1;
1601 src = &tmp;
1602 } else {
1603 fd = open(sctl_path, O_RDONLY);
1604 if (fd == -1)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001605 goto end;
William Lallemand0dfae6c2019-10-16 18:06:58 +02001606
1607 trash.data = 0;
1608 while (trash.data < trash.size) {
1609 r = read(fd, trash.area + trash.data, trash.size - trash.data);
1610 if (r < 0) {
1611 if (errno == EINTR)
1612 continue;
1613 goto end;
1614 }
1615 else if (r == 0) {
1616 break;
1617 }
1618 trash.data += r;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001619 }
William Lallemand0dfae6c2019-10-16 18:06:58 +02001620 src = &trash;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001621 }
1622
William Lallemand0dfae6c2019-10-16 18:06:58 +02001623 ret = ssl_sock_parse_sctl(src);
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001624 if (ret)
1625 goto end;
1626
William Lallemand0dfae6c2019-10-16 18:06:58 +02001627 sctl = calloc(1, sizeof(*sctl));
1628 if (!chunk_dup(sctl, src)) {
1629 free(sctl);
1630 sctl = NULL;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001631 goto end;
1632 }
Emmanuel Hocdet224a0872020-01-16 15:15:49 +01001633 /* no error, fill ckch with new context, old context must be free */
1634 if (ckch->sctl) {
1635 free(ckch->sctl->area);
1636 ckch->sctl->area = NULL;
1637 free(ckch->sctl);
1638 }
William Lallemand0dfae6c2019-10-16 18:06:58 +02001639 ckch->sctl = sctl;
Emmanuel Hocdet224a0872020-01-16 15:15:49 +01001640 ret = 0;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001641end:
1642 if (fd != -1)
1643 close(fd);
1644
1645 return ret;
1646}
1647
1648int ssl_sock_sctl_add_cbk(SSL *ssl, unsigned ext_type, const unsigned char **out, size_t *outlen, int *al, void *add_arg)
1649{
Willy Tarreau83061a82018-07-13 11:56:34 +02001650 struct buffer *sctl = add_arg;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001651
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001652 *out = (unsigned char *) sctl->area;
1653 *outlen = sctl->data;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001654
1655 return 1;
1656}
1657
1658int ssl_sock_sctl_parse_cbk(SSL *s, unsigned int ext_type, const unsigned char *in, size_t inlen, int *al, void *parse_arg)
1659{
1660 return 1;
1661}
1662
William Lallemanda17f4112019-10-10 15:16:44 +02001663static int ssl_sock_load_sctl(SSL_CTX *ctx, struct buffer *sctl)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001664{
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001665 int ret = -1;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001666
William Lallemanda17f4112019-10-10 15:16:44 +02001667 if (!SSL_CTX_add_server_custom_ext(ctx, CT_EXTENSION_TYPE, ssl_sock_sctl_add_cbk, NULL, sctl, ssl_sock_sctl_parse_cbk, NULL))
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001668 goto out;
1669
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001670 SSL_CTX_set_ex_data(ctx, sctl_ex_index, sctl);
1671
1672 ret = 0;
1673
1674out:
1675 return ret;
1676}
1677
1678#endif
1679
Emeric Brune1f38db2012-09-03 20:36:47 +02001680void ssl_sock_infocbk(const SSL *ssl, int where, int ret)
1681{
Thierry FOURNIER28962c92018-06-17 21:37:05 +02001682 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001683 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Emeric Brund8b2bb52014-01-28 15:43:53 +01001684 BIO *write_bio;
Willy Tarreau622317d2015-02-27 16:36:16 +01001685 (void)ret; /* shut gcc stupid warning */
Emeric Brune1f38db2012-09-03 20:36:47 +02001686
Dirkjan Bussink526894f2019-01-21 09:35:03 -08001687#ifndef SSL_OP_NO_RENEGOTIATION
1688 /* Please note that BoringSSL defines this macro to zero so don't
1689 * change this to #if and do not assign a default value to this macro!
1690 */
Emeric Brune1f38db2012-09-03 20:36:47 +02001691 if (where & SSL_CB_HANDSHAKE_START) {
1692 /* Disable renegotiation (CVE-2009-3555) */
Willy Tarreauc192b0a2020-01-23 09:11:58 +01001693 if ((conn->flags & (CO_FL_WAIT_L6_CONN | CO_FL_EARLY_SSL_HS | CO_FL_EARLY_DATA)) == 0) {
Emeric Brune1f38db2012-09-03 20:36:47 +02001694 conn->flags |= CO_FL_ERROR;
Willy Tarreau20879a02012-12-03 16:32:10 +01001695 conn->err_code = CO_ER_SSL_RENEG;
1696 }
Emeric Brune1f38db2012-09-03 20:36:47 +02001697 }
Dirkjan Bussink526894f2019-01-21 09:35:03 -08001698#endif
Emeric Brund8b2bb52014-01-28 15:43:53 +01001699
1700 if ((where & SSL_CB_ACCEPT_LOOP) == SSL_CB_ACCEPT_LOOP) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001701 if (!(ctx->xprt_st & SSL_SOCK_ST_FL_16K_WBFSIZE)) {
Emeric Brund8b2bb52014-01-28 15:43:53 +01001702 /* Long certificate chains optimz
1703 If write and read bios are differents, we
1704 consider that the buffering was activated,
1705 so we rise the output buffer size from 4k
1706 to 16k */
1707 write_bio = SSL_get_wbio(ssl);
1708 if (write_bio != SSL_get_rbio(ssl)) {
1709 BIO_set_write_buffer_size(write_bio, 16384);
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001710 ctx->xprt_st |= SSL_SOCK_ST_FL_16K_WBFSIZE;
Emeric Brund8b2bb52014-01-28 15:43:53 +01001711 }
1712 }
1713 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02001714}
1715
Emeric Brune64aef12012-09-21 13:15:06 +02001716/* Callback is called for each certificate of the chain during a verify
1717 ok is set to 1 if preverify detect no error on current certificate.
1718 Returns 0 to break the handshake, 1 otherwise. */
Evan Broderbe554312013-06-27 00:05:25 -07001719int ssl_sock_bind_verifycbk(int ok, X509_STORE_CTX *x_store)
Emeric Brune64aef12012-09-21 13:15:06 +02001720{
1721 SSL *ssl;
1722 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001723 struct ssl_sock_ctx *ctx;
Emeric Brun81c00f02012-09-21 14:31:21 +02001724 int err, depth;
Emeric Brune64aef12012-09-21 13:15:06 +02001725
1726 ssl = X509_STORE_CTX_get_ex_data(x_store, SSL_get_ex_data_X509_STORE_CTX_idx());
Thierry FOURNIER28962c92018-06-17 21:37:05 +02001727 conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Emeric Brune64aef12012-09-21 13:15:06 +02001728
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001729 ctx = conn->xprt_ctx;
1730
1731 ctx->xprt_st |= SSL_SOCK_ST_FL_VERIFY_DONE;
Emeric Brune64aef12012-09-21 13:15:06 +02001732
Emeric Brun81c00f02012-09-21 14:31:21 +02001733 if (ok) /* no errors */
1734 return ok;
1735
1736 depth = X509_STORE_CTX_get_error_depth(x_store);
1737 err = X509_STORE_CTX_get_error(x_store);
1738
1739 /* check if CA error needs to be ignored */
1740 if (depth > 0) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001741 if (!SSL_SOCK_ST_TO_CA_ERROR(ctx->xprt_st)) {
1742 ctx->xprt_st |= SSL_SOCK_CA_ERROR_TO_ST(err);
1743 ctx->xprt_st |= SSL_SOCK_CAEDEPTH_TO_ST(depth);
Emeric Brunf282a812012-09-21 15:27:54 +02001744 }
1745
Willy Tarreau731248f2020-02-04 14:02:02 +01001746 if (err < 64 && __objt_listener(conn->target)->bind_conf->ca_ignerr & (1ULL << err)) {
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02001747 ssl_sock_dump_errors(conn);
Emeric Brun1eb20ef2012-12-03 13:24:29 +01001748 ERR_clear_error();
Emeric Brun81c00f02012-09-21 14:31:21 +02001749 return 1;
Emeric Brun1eb20ef2012-12-03 13:24:29 +01001750 }
Emeric Brun81c00f02012-09-21 14:31:21 +02001751
Willy Tarreau20879a02012-12-03 16:32:10 +01001752 conn->err_code = CO_ER_SSL_CA_FAIL;
Emeric Brun81c00f02012-09-21 14:31:21 +02001753 return 0;
1754 }
1755
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001756 if (!SSL_SOCK_ST_TO_CRTERROR(ctx->xprt_st))
1757 ctx->xprt_st |= SSL_SOCK_CRTERROR_TO_ST(err);
Emeric Brunf282a812012-09-21 15:27:54 +02001758
Emeric Brun81c00f02012-09-21 14:31:21 +02001759 /* check if certificate error needs to be ignored */
Willy Tarreau731248f2020-02-04 14:02:02 +01001760 if (err < 64 && __objt_listener(conn->target)->bind_conf->crt_ignerr & (1ULL << err)) {
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02001761 ssl_sock_dump_errors(conn);
Emeric Brun1eb20ef2012-12-03 13:24:29 +01001762 ERR_clear_error();
Emeric Brun81c00f02012-09-21 14:31:21 +02001763 return 1;
Emeric Brun1eb20ef2012-12-03 13:24:29 +01001764 }
Emeric Brun81c00f02012-09-21 14:31:21 +02001765
Willy Tarreau20879a02012-12-03 16:32:10 +01001766 conn->err_code = CO_ER_SSL_CRT_FAIL;
Emeric Brun81c00f02012-09-21 14:31:21 +02001767 return 0;
Emeric Brune64aef12012-09-21 13:15:06 +02001768}
1769
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001770static inline
1771void ssl_sock_parse_clienthello(int write_p, int version, int content_type,
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001772 const void *buf, size_t len, SSL *ssl)
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001773{
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001774 struct ssl_capture *capture;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001775 unsigned char *msg;
1776 unsigned char *end;
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001777 size_t rec_len;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001778
1779 /* This function is called for "from client" and "to server"
1780 * connections. The combination of write_p == 0 and content_type == 22
Joseph Herlant017b3da2018-11-15 09:07:59 -08001781 * is only available during "from client" connection.
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001782 */
1783
1784 /* "write_p" is set to 0 is the bytes are received messages,
1785 * otherwise it is set to 1.
1786 */
1787 if (write_p != 0)
1788 return;
1789
1790 /* content_type contains the type of message received or sent
1791 * according with the SSL/TLS protocol spec. This message is
1792 * encoded with one byte. The value 256 (two bytes) is used
1793 * for designing the SSL/TLS record layer. According with the
1794 * rfc6101, the expected message (other than 256) are:
1795 * - change_cipher_spec(20)
1796 * - alert(21)
1797 * - handshake(22)
1798 * - application_data(23)
1799 * - (255)
1800 * We are interessed by the handshake and specially the client
1801 * hello.
1802 */
1803 if (content_type != 22)
1804 return;
1805
1806 /* The message length is at least 4 bytes, containing the
1807 * message type and the message length.
1808 */
1809 if (len < 4)
1810 return;
1811
1812 /* First byte of the handshake message id the type of
1813 * message. The konwn types are:
1814 * - hello_request(0)
1815 * - client_hello(1)
1816 * - server_hello(2)
1817 * - certificate(11)
1818 * - server_key_exchange (12)
1819 * - certificate_request(13)
1820 * - server_hello_done(14)
1821 * We are interested by the client hello.
1822 */
1823 msg = (unsigned char *)buf;
1824 if (msg[0] != 1)
1825 return;
1826
1827 /* Next three bytes are the length of the message. The total length
1828 * must be this decoded length + 4. If the length given as argument
1829 * is not the same, we abort the protocol dissector.
1830 */
1831 rec_len = (msg[1] << 16) + (msg[2] << 8) + msg[3];
1832 if (len < rec_len + 4)
1833 return;
1834 msg += 4;
1835 end = msg + rec_len;
1836 if (end < msg)
1837 return;
1838
1839 /* Expect 2 bytes for protocol version (1 byte for major and 1 byte
1840 * for minor, the random, composed by 4 bytes for the unix time and
Baptiste Assmann6be139f2018-11-28 15:20:25 +01001841 * 28 bytes for unix payload. So we jump 1 + 1 + 4 + 28.
1842 */
1843 msg += 1 + 1 + 4 + 28;
1844 if (msg > end)
1845 return;
1846
1847 /* Next, is session id:
1848 * if present, we have to jump by length + 1 for the size information
1849 * if not present, we have to jump by 1 only
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001850 */
Baptiste Assmann6be139f2018-11-28 15:20:25 +01001851 if (msg[0] > 0)
1852 msg += msg[0];
1853 msg += 1;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001854 if (msg > end)
1855 return;
1856
1857 /* Next two bytes are the ciphersuite length. */
1858 if (msg + 2 > end)
1859 return;
1860 rec_len = (msg[0] << 8) + msg[1];
1861 msg += 2;
1862 if (msg + rec_len > end || msg + rec_len < msg)
1863 return;
1864
Willy Tarreaubafbe012017-11-24 17:34:44 +01001865 capture = pool_alloc_dirty(pool_head_ssl_capture);
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001866 if (!capture)
1867 return;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001868 /* Compute the xxh64 of the ciphersuite. */
1869 capture->xxh64 = XXH64(msg, rec_len, 0);
1870
1871 /* Capture the ciphersuite. */
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001872 capture->ciphersuite_len = (global_ssl.capture_cipherlist < rec_len) ?
1873 global_ssl.capture_cipherlist : rec_len;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001874 memcpy(capture->ciphersuite, msg, capture->ciphersuite_len);
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001875
1876 SSL_set_ex_data(ssl, ssl_capture_ptr_index, capture);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001877}
1878
Emeric Brun29f037d2014-04-25 19:05:36 +02001879/* Callback is called for ssl protocol analyse */
1880void ssl_sock_msgcbk(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
1881{
Emeric Brun29f037d2014-04-25 19:05:36 +02001882#ifdef TLS1_RT_HEARTBEAT
1883 /* test heartbeat received (write_p is set to 0
1884 for a received record) */
Willy Tarreauf51c6982014-04-25 20:02:39 +02001885 if ((content_type == TLS1_RT_HEARTBEAT) && (write_p == 0)) {
Thierry FOURNIER28962c92018-06-17 21:37:05 +02001886 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
William Lallemand7e1770b2019-05-13 14:31:34 +02001887 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Willy Tarreauf51c6982014-04-25 20:02:39 +02001888 const unsigned char *p = buf;
1889 unsigned int payload;
1890
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001891 ctx->xprt_st |= SSL_SOCK_RECV_HEARTBEAT;
Willy Tarreauf51c6982014-04-25 20:02:39 +02001892
1893 /* Check if this is a CVE-2014-0160 exploitation attempt. */
1894 if (*p != TLS1_HB_REQUEST)
1895 return;
1896
Willy Tarreauaeed6722014-04-25 23:59:58 +02001897 if (len < 1 + 2 + 16) /* 1 type + 2 size + 0 payload + 16 padding */
Willy Tarreauf51c6982014-04-25 20:02:39 +02001898 goto kill_it;
1899
1900 payload = (p[1] * 256) + p[2];
Willy Tarreau3b2fdb62014-04-25 23:44:22 +02001901 if (3 + payload + 16 <= len)
Willy Tarreauf51c6982014-04-25 20:02:39 +02001902 return; /* OK no problem */
Willy Tarreauaeed6722014-04-25 23:59:58 +02001903 kill_it:
Willy Tarreau3b2fdb62014-04-25 23:44:22 +02001904 /* We have a clear heartbleed attack (CVE-2014-0160), the
1905 * advertised payload is larger than the advertised packet
1906 * length, so we have garbage in the buffer between the
1907 * payload and the end of the buffer (p+len). We can't know
1908 * if the SSL stack is patched, and we don't know if we can
1909 * safely wipe out the area between p+3+len and payload.
1910 * So instead, we prevent the response from being sent by
1911 * setting the max_send_fragment to 0 and we report an SSL
1912 * error, which will kill this connection. It will be reported
1913 * above as SSL_ERROR_SSL while an other handshake failure with
Willy Tarreauf51c6982014-04-25 20:02:39 +02001914 * a heartbeat message will be reported as SSL_ERROR_SYSCALL.
1915 */
Willy Tarreau3b2fdb62014-04-25 23:44:22 +02001916 ssl->max_send_fragment = 0;
Willy Tarreauf51c6982014-04-25 20:02:39 +02001917 SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_SSL_HANDSHAKE_FAILURE);
1918 return;
1919 }
Emeric Brun29f037d2014-04-25 19:05:36 +02001920#endif
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001921 if (global_ssl.capture_cipherlist > 0)
1922 ssl_sock_parse_clienthello(write_p, version, content_type, buf, len, ssl);
Emeric Brun29f037d2014-04-25 19:05:36 +02001923}
1924
Bernard Spil13c53f82018-02-15 13:34:58 +01001925#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Olivier Houchardc7566002018-11-20 23:33:50 +01001926static int ssl_sock_srv_select_protos(SSL *s, unsigned char **out, unsigned char *outlen,
1927 const unsigned char *in, unsigned int inlen,
1928 void *arg)
1929{
1930 struct server *srv = arg;
1931
1932 if (SSL_select_next_proto(out, outlen, in, inlen, (unsigned char *)srv->ssl_ctx.npn_str,
1933 srv->ssl_ctx.npn_len) == OPENSSL_NPN_NEGOTIATED)
1934 return SSL_TLSEXT_ERR_OK;
1935 return SSL_TLSEXT_ERR_NOACK;
1936}
1937#endif
1938
1939#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02001940/* This callback is used so that the server advertises the list of
1941 * negociable protocols for NPN.
1942 */
1943static int ssl_sock_advertise_npn_protos(SSL *s, const unsigned char **data,
1944 unsigned int *len, void *arg)
1945{
Emmanuel Hocdet98263292016-12-29 18:26:15 +01001946 struct ssl_bind_conf *conf = arg;
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02001947
1948 *data = (const unsigned char *)conf->npn_str;
1949 *len = conf->npn_len;
1950 return SSL_TLSEXT_ERR_OK;
1951}
1952#endif
1953
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01001954#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Willy Tarreauab861d32013-04-02 02:30:41 +02001955/* This callback is used so that the server advertises the list of
1956 * negociable protocols for ALPN.
1957 */
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01001958static int ssl_sock_advertise_alpn_protos(SSL *s, const unsigned char **out,
1959 unsigned char *outlen,
1960 const unsigned char *server,
1961 unsigned int server_len, void *arg)
Willy Tarreauab861d32013-04-02 02:30:41 +02001962{
Emmanuel Hocdet98263292016-12-29 18:26:15 +01001963 struct ssl_bind_conf *conf = arg;
Willy Tarreauab861d32013-04-02 02:30:41 +02001964
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01001965 if (SSL_select_next_proto((unsigned char**) out, outlen, (const unsigned char *)conf->alpn_str,
1966 conf->alpn_len, server, server_len) != OPENSSL_NPN_NEGOTIATED) {
1967 return SSL_TLSEXT_ERR_NOACK;
1968 }
Willy Tarreauab861d32013-04-02 02:30:41 +02001969 return SSL_TLSEXT_ERR_OK;
1970}
1971#endif
1972
Willy Tarreauc8ad3be2015-06-17 15:48:26 +02001973#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01001974#ifndef SSL_NO_GENERATE_CERTIFICATES
Christopher Faulet85b5a1a2015-10-09 11:46:32 +02001975
Christopher Faulet30548802015-06-11 13:39:32 +02001976/* Create a X509 certificate with the specified servername and serial. This
1977 * function returns a SSL_CTX object or NULL if an error occurs. */
Christopher Faulet7969a332015-10-09 11:15:03 +02001978static SSL_CTX *
Christopher Faulet635c0ad2015-11-12 11:35:51 +01001979ssl_sock_do_create_cert(const char *servername, struct bind_conf *bind_conf, SSL *ssl)
Christopher Faulet31af49d2015-06-09 17:29:50 +02001980{
Christopher Faulet7969a332015-10-09 11:15:03 +02001981 X509 *cacert = bind_conf->ca_sign_cert;
1982 EVP_PKEY *capkey = bind_conf->ca_sign_pkey;
Christopher Faulet31af49d2015-06-09 17:29:50 +02001983 SSL_CTX *ssl_ctx = NULL;
1984 X509 *newcrt = NULL;
1985 EVP_PKEY *pkey = NULL;
Emmanuel Hocdet15969292017-08-11 10:56:00 +02001986 SSL *tmp_ssl = NULL;
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +02001987 CONF *ctmp = NULL;
Christopher Faulet31af49d2015-06-09 17:29:50 +02001988 X509_NAME *name;
1989 const EVP_MD *digest;
1990 X509V3_CTX ctx;
1991 unsigned int i;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001992 int key_type;
Christopher Faulet31af49d2015-06-09 17:29:50 +02001993
Christopher Faulet48a83322017-07-28 16:56:09 +02001994 /* Get the private key of the default certificate and use it */
Willy Tarreau5db847a2019-05-09 14:13:35 +02001995#if (HA_OPENSSL_VERSION_NUMBER >= 0x10002000L)
Emmanuel Hocdet15969292017-08-11 10:56:00 +02001996 pkey = SSL_CTX_get0_privatekey(bind_conf->default_ctx);
1997#else
1998 tmp_ssl = SSL_new(bind_conf->default_ctx);
1999 if (tmp_ssl)
2000 pkey = SSL_get_privatekey(tmp_ssl);
2001#endif
2002 if (!pkey)
Christopher Faulet31af49d2015-06-09 17:29:50 +02002003 goto mkcert_error;
2004
2005 /* Create the certificate */
2006 if (!(newcrt = X509_new()))
2007 goto mkcert_error;
2008
2009 /* Set version number for the certificate (X509v3) and the serial
2010 * number */
2011 if (X509_set_version(newcrt, 2L) != 1)
2012 goto mkcert_error;
Olivier Houchard2be5a4c2019-03-08 18:54:43 +01002013 ASN1_INTEGER_set(X509_get_serialNumber(newcrt), _HA_ATOMIC_ADD(&ssl_ctx_serial, 1));
Christopher Faulet31af49d2015-06-09 17:29:50 +02002014
2015 /* Set duration for the certificate */
Rosen Penev68185952018-12-14 08:47:02 -08002016 if (!X509_gmtime_adj(X509_getm_notBefore(newcrt), (long)-60*60*24) ||
2017 !X509_gmtime_adj(X509_getm_notAfter(newcrt),(long)60*60*24*365))
Christopher Faulet31af49d2015-06-09 17:29:50 +02002018 goto mkcert_error;
2019
2020 /* set public key in the certificate */
2021 if (X509_set_pubkey(newcrt, pkey) != 1)
2022 goto mkcert_error;
2023
2024 /* Set issuer name from the CA */
2025 if (!(name = X509_get_subject_name(cacert)))
2026 goto mkcert_error;
2027 if (X509_set_issuer_name(newcrt, name) != 1)
2028 goto mkcert_error;
2029
2030 /* Set the subject name using the same, but the CN */
2031 name = X509_NAME_dup(name);
2032 if (X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC,
2033 (const unsigned char *)servername,
2034 -1, -1, 0) != 1) {
2035 X509_NAME_free(name);
2036 goto mkcert_error;
2037 }
2038 if (X509_set_subject_name(newcrt, name) != 1) {
2039 X509_NAME_free(name);
2040 goto mkcert_error;
2041 }
2042 X509_NAME_free(name);
2043
2044 /* Add x509v3 extensions as specified */
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +02002045 ctmp = NCONF_new(NULL);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002046 X509V3_set_ctx(&ctx, cacert, newcrt, NULL, NULL, 0);
2047 for (i = 0; i < X509V3_EXT_SIZE; i++) {
2048 X509_EXTENSION *ext;
2049
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +02002050 if (!(ext = X509V3_EXT_nconf(ctmp, &ctx, x509v3_ext_names[i], x509v3_ext_values[i])))
Christopher Faulet31af49d2015-06-09 17:29:50 +02002051 goto mkcert_error;
2052 if (!X509_add_ext(newcrt, ext, -1)) {
2053 X509_EXTENSION_free(ext);
2054 goto mkcert_error;
2055 }
2056 X509_EXTENSION_free(ext);
2057 }
2058
2059 /* Sign the certificate with the CA private key */
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002060
2061 key_type = EVP_PKEY_base_id(capkey);
2062
2063 if (key_type == EVP_PKEY_DSA)
2064 digest = EVP_sha1();
2065 else if (key_type == EVP_PKEY_RSA)
Christopher Faulet31af49d2015-06-09 17:29:50 +02002066 digest = EVP_sha256();
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002067 else if (key_type == EVP_PKEY_EC)
Christopher Faulet7969a332015-10-09 11:15:03 +02002068 digest = EVP_sha256();
2069 else {
Willy Tarreau9a1ab082019-05-09 13:26:41 +02002070#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000000fL) && !defined(OPENSSL_IS_BORINGSSL)
Christopher Faulet7969a332015-10-09 11:15:03 +02002071 int nid;
2072
2073 if (EVP_PKEY_get_default_digest_nid(capkey, &nid) <= 0)
2074 goto mkcert_error;
2075 if (!(digest = EVP_get_digestbynid(nid)))
2076 goto mkcert_error;
Christopher Faulete7db2162015-10-19 13:59:24 +02002077#else
2078 goto mkcert_error;
2079#endif
Christopher Faulet7969a332015-10-09 11:15:03 +02002080 }
2081
Christopher Faulet31af49d2015-06-09 17:29:50 +02002082 if (!(X509_sign(newcrt, capkey, digest)))
2083 goto mkcert_error;
2084
2085 /* Create and set the new SSL_CTX */
2086 if (!(ssl_ctx = SSL_CTX_new(SSLv23_server_method())))
2087 goto mkcert_error;
2088 if (!SSL_CTX_use_PrivateKey(ssl_ctx, pkey))
2089 goto mkcert_error;
2090 if (!SSL_CTX_use_certificate(ssl_ctx, newcrt))
2091 goto mkcert_error;
2092 if (!SSL_CTX_check_private_key(ssl_ctx))
2093 goto mkcert_error;
2094
2095 if (newcrt) X509_free(newcrt);
Christopher Faulet7969a332015-10-09 11:15:03 +02002096
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +01002097#ifndef OPENSSL_NO_DH
Christopher Faulet85b5a1a2015-10-09 11:46:32 +02002098 SSL_CTX_set_tmp_dh_callback(ssl_ctx, ssl_get_tmp_dh);
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +01002099#endif
Christopher Faulet85b5a1a2015-10-09 11:46:32 +02002100#if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)
2101 {
Emmanuel Hocdet98263292016-12-29 18:26:15 +01002102 const char *ecdhe = (bind_conf->ssl_conf.ecdhe ? bind_conf->ssl_conf.ecdhe : ECDHE_DEFAULT_CURVE);
Christopher Faulet85b5a1a2015-10-09 11:46:32 +02002103 EC_KEY *ecc;
2104 int nid;
2105
2106 if ((nid = OBJ_sn2nid(ecdhe)) == NID_undef)
2107 goto end;
2108 if (!(ecc = EC_KEY_new_by_curve_name(nid)))
2109 goto end;
2110 SSL_CTX_set_tmp_ecdh(ssl_ctx, ecc);
2111 EC_KEY_free(ecc);
2112 }
2113#endif
2114 end:
Christopher Faulet31af49d2015-06-09 17:29:50 +02002115 return ssl_ctx;
2116
2117 mkcert_error:
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +02002118 if (ctmp) NCONF_free(ctmp);
Emmanuel Hocdet15969292017-08-11 10:56:00 +02002119 if (tmp_ssl) SSL_free(tmp_ssl);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002120 if (ssl_ctx) SSL_CTX_free(ssl_ctx);
2121 if (newcrt) X509_free(newcrt);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002122 return NULL;
2123}
2124
Christopher Faulet7969a332015-10-09 11:15:03 +02002125SSL_CTX *
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002126ssl_sock_create_cert(struct connection *conn, const char *servername, unsigned int key)
Christopher Faulet7969a332015-10-09 11:15:03 +02002127{
Willy Tarreau07d94e42018-09-20 10:57:52 +02002128 struct bind_conf *bind_conf = __objt_listener(conn->target)->bind_conf;
Olivier Houchard66ab4982019-02-26 18:37:15 +01002129 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002130
Olivier Houchard66ab4982019-02-26 18:37:15 +01002131 return ssl_sock_do_create_cert(servername, bind_conf, ctx->ssl);
Christopher Faulet7969a332015-10-09 11:15:03 +02002132}
2133
Christopher Faulet30548802015-06-11 13:39:32 +02002134/* Do a lookup for a certificate in the LRU cache used to store generated
Emeric Brun821bb9b2017-06-15 16:37:39 +02002135 * certificates and immediately assign it to the SSL session if not null. */
Christopher Faulet30548802015-06-11 13:39:32 +02002136SSL_CTX *
Emeric Brun821bb9b2017-06-15 16:37:39 +02002137ssl_sock_assign_generated_cert(unsigned int key, struct bind_conf *bind_conf, SSL *ssl)
Christopher Faulet30548802015-06-11 13:39:32 +02002138{
2139 struct lru64 *lru = NULL;
2140
2141 if (ssl_ctx_lru_tree) {
Willy Tarreau03f4ec42018-05-17 10:56:47 +02002142 HA_RWLOCK_WRLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002143 lru = lru64_lookup(key, ssl_ctx_lru_tree, bind_conf->ca_sign_cert, 0);
Emeric Brun821bb9b2017-06-15 16:37:39 +02002144 if (lru && lru->domain) {
2145 if (ssl)
2146 SSL_set_SSL_CTX(ssl, (SSL_CTX *)lru->data);
Willy Tarreau03f4ec42018-05-17 10:56:47 +02002147 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet30548802015-06-11 13:39:32 +02002148 return (SSL_CTX *)lru->data;
Emeric Brun821bb9b2017-06-15 16:37:39 +02002149 }
Willy Tarreau03f4ec42018-05-17 10:56:47 +02002150 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet30548802015-06-11 13:39:32 +02002151 }
2152 return NULL;
2153}
2154
Emeric Brun821bb9b2017-06-15 16:37:39 +02002155/* Same as <ssl_sock_assign_generated_cert> but without SSL session. This
2156 * function is not thread-safe, it should only be used to check if a certificate
2157 * exists in the lru cache (with no warranty it will not be removed by another
2158 * thread). It is kept for backward compatibility. */
2159SSL_CTX *
2160ssl_sock_get_generated_cert(unsigned int key, struct bind_conf *bind_conf)
2161{
2162 return ssl_sock_assign_generated_cert(key, bind_conf, NULL);
2163}
2164
Christopher Fauletd2cab922015-07-28 16:03:47 +02002165/* Set a certificate int the LRU cache used to store generated
2166 * certificate. Return 0 on success, otherwise -1 */
2167int
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002168ssl_sock_set_generated_cert(SSL_CTX *ssl_ctx, unsigned int key, struct bind_conf *bind_conf)
Christopher Faulet30548802015-06-11 13:39:32 +02002169{
2170 struct lru64 *lru = NULL;
2171
2172 if (ssl_ctx_lru_tree) {
Christopher Faulet2a944ee2017-11-07 10:42:54 +01002173 HA_RWLOCK_WRLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002174 lru = lru64_get(key, ssl_ctx_lru_tree, bind_conf->ca_sign_cert, 0);
Emeric Brun821bb9b2017-06-15 16:37:39 +02002175 if (!lru) {
Christopher Faulet2a944ee2017-11-07 10:42:54 +01002176 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Fauletd2cab922015-07-28 16:03:47 +02002177 return -1;
Emeric Brun821bb9b2017-06-15 16:37:39 +02002178 }
Christopher Faulet30548802015-06-11 13:39:32 +02002179 if (lru->domain && lru->data)
2180 lru->free((SSL_CTX *)lru->data);
Christopher Faulet7969a332015-10-09 11:15:03 +02002181 lru64_commit(lru, ssl_ctx, bind_conf->ca_sign_cert, 0, (void (*)(void *))SSL_CTX_free);
Christopher Faulet2a944ee2017-11-07 10:42:54 +01002182 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Fauletd2cab922015-07-28 16:03:47 +02002183 return 0;
Christopher Faulet30548802015-06-11 13:39:32 +02002184 }
Christopher Fauletd2cab922015-07-28 16:03:47 +02002185 return -1;
Christopher Faulet30548802015-06-11 13:39:32 +02002186}
2187
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002188/* Compute the key of the certificate. */
Christopher Faulet30548802015-06-11 13:39:32 +02002189unsigned int
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002190ssl_sock_generated_cert_key(const void *data, size_t len)
Christopher Faulet30548802015-06-11 13:39:32 +02002191{
2192 return XXH32(data, len, ssl_ctx_lru_seed);
2193}
2194
Willy Tarreau2f63ef42015-10-20 15:16:01 +02002195/* Generate a cert and immediately assign it to the SSL session so that the cert's
2196 * refcount is maintained regardless of the cert's presence in the LRU cache.
2197 */
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002198static int
Christopher Faulet7969a332015-10-09 11:15:03 +02002199ssl_sock_generate_certificate(const char *servername, struct bind_conf *bind_conf, SSL *ssl)
Christopher Faulet31af49d2015-06-09 17:29:50 +02002200{
2201 X509 *cacert = bind_conf->ca_sign_cert;
Christopher Faulet31af49d2015-06-09 17:29:50 +02002202 SSL_CTX *ssl_ctx = NULL;
2203 struct lru64 *lru = NULL;
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002204 unsigned int key;
Christopher Faulet31af49d2015-06-09 17:29:50 +02002205
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002206 key = ssl_sock_generated_cert_key(servername, strlen(servername));
Christopher Faulet31af49d2015-06-09 17:29:50 +02002207 if (ssl_ctx_lru_tree) {
Christopher Faulet2a944ee2017-11-07 10:42:54 +01002208 HA_RWLOCK_WRLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002209 lru = lru64_get(key, ssl_ctx_lru_tree, cacert, 0);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002210 if (lru && lru->domain)
2211 ssl_ctx = (SSL_CTX *)lru->data;
Christopher Fauletd2cab922015-07-28 16:03:47 +02002212 if (!ssl_ctx && lru) {
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002213 ssl_ctx = ssl_sock_do_create_cert(servername, bind_conf, ssl);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002214 lru64_commit(lru, ssl_ctx, cacert, 0, (void (*)(void *))SSL_CTX_free);
Christopher Fauletd2cab922015-07-28 16:03:47 +02002215 }
Willy Tarreau2f63ef42015-10-20 15:16:01 +02002216 SSL_set_SSL_CTX(ssl, ssl_ctx);
Christopher Faulet2a944ee2017-11-07 10:42:54 +01002217 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002218 return 1;
Christopher Faulet31af49d2015-06-09 17:29:50 +02002219 }
Willy Tarreau2f63ef42015-10-20 15:16:01 +02002220 else {
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002221 ssl_ctx = ssl_sock_do_create_cert(servername, bind_conf, ssl);
Willy Tarreau2f63ef42015-10-20 15:16:01 +02002222 SSL_set_SSL_CTX(ssl, ssl_ctx);
2223 /* No LRU cache, this CTX will be released as soon as the session dies */
2224 SSL_CTX_free(ssl_ctx);
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002225 return 1;
Willy Tarreau2f63ef42015-10-20 15:16:01 +02002226 }
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002227 return 0;
2228}
2229static int
2230ssl_sock_generate_certificate_from_conn(struct bind_conf *bind_conf, SSL *ssl)
2231{
2232 unsigned int key;
Thierry FOURNIER28962c92018-06-17 21:37:05 +02002233 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002234
Willy Tarreauf5bdb642019-07-17 11:29:32 +02002235 if (conn_get_dst(conn)) {
Willy Tarreau085a1512019-07-17 14:47:35 +02002236 key = ssl_sock_generated_cert_key(conn->dst, get_addr_len(conn->dst));
Emeric Brun821bb9b2017-06-15 16:37:39 +02002237 if (ssl_sock_assign_generated_cert(key, bind_conf, ssl))
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002238 return 1;
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002239 }
2240 return 0;
Christopher Faulet31af49d2015-06-09 17:29:50 +02002241}
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002242#endif /* !defined SSL_NO_GENERATE_CERTIFICATES */
Christopher Faulet31af49d2015-06-09 17:29:50 +02002243
Willy Tarreau9a1ab082019-05-09 13:26:41 +02002244#if (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002245typedef enum { SET_CLIENT, SET_SERVER } set_context_func;
2246
2247static void ctx_set_SSLv3_func(SSL_CTX *ctx, set_context_func c)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002248{
Emmanuel Hocdet23877ab2017-07-12 12:53:02 +02002249#if SSL_OP_NO_SSLv3
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002250 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, SSLv3_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002251 : SSL_CTX_set_ssl_version(ctx, SSLv3_client_method());
2252#endif
2253}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002254static void ctx_set_TLSv10_func(SSL_CTX *ctx, set_context_func c) {
2255 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, TLSv1_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002256 : SSL_CTX_set_ssl_version(ctx, TLSv1_client_method());
2257}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002258static void ctx_set_TLSv11_func(SSL_CTX *ctx, set_context_func c) {
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002259#if SSL_OP_NO_TLSv1_1
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002260 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, TLSv1_1_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002261 : SSL_CTX_set_ssl_version(ctx, TLSv1_1_client_method());
2262#endif
2263}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002264static void ctx_set_TLSv12_func(SSL_CTX *ctx, set_context_func c) {
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002265#if SSL_OP_NO_TLSv1_2
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002266 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, TLSv1_2_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002267 : SSL_CTX_set_ssl_version(ctx, TLSv1_2_client_method());
2268#endif
2269}
Bertrand Jacquina25282b2018-08-14 00:56:13 +01002270/* TLSv1.2 is the last supported version in this context. */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002271static void ctx_set_TLSv13_func(SSL_CTX *ctx, set_context_func c) {}
2272/* Unusable in this context. */
2273static void ssl_set_SSLv3_func(SSL *ssl, set_context_func c) {}
2274static void ssl_set_TLSv10_func(SSL *ssl, set_context_func c) {}
2275static void ssl_set_TLSv11_func(SSL *ssl, set_context_func c) {}
2276static void ssl_set_TLSv12_func(SSL *ssl, set_context_func c) {}
2277static void ssl_set_TLSv13_func(SSL *ssl, set_context_func c) {}
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002278#else /* openssl >= 1.1.0 */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002279typedef enum { SET_MIN, SET_MAX } set_context_func;
2280
2281static void ctx_set_SSLv3_func(SSL_CTX *ctx, set_context_func c) {
2282 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, SSL3_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002283 : SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION);
2284}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002285static void ssl_set_SSLv3_func(SSL *ssl, set_context_func c) {
2286 c == SET_MAX ? SSL_set_max_proto_version(ssl, SSL3_VERSION)
2287 : SSL_set_min_proto_version(ssl, SSL3_VERSION);
2288}
2289static void ctx_set_TLSv10_func(SSL_CTX *ctx, set_context_func c) {
2290 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002291 : SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION);
2292}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002293static void ssl_set_TLSv10_func(SSL *ssl, set_context_func c) {
2294 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_VERSION)
2295 : SSL_set_min_proto_version(ssl, TLS1_VERSION);
2296}
2297static void ctx_set_TLSv11_func(SSL_CTX *ctx, set_context_func c) {
2298 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_1_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002299 : SSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION);
2300}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002301static void ssl_set_TLSv11_func(SSL *ssl, set_context_func c) {
2302 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_1_VERSION)
2303 : SSL_set_min_proto_version(ssl, TLS1_1_VERSION);
2304}
2305static void ctx_set_TLSv12_func(SSL_CTX *ctx, set_context_func c) {
2306 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002307 : SSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION);
2308}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002309static void ssl_set_TLSv12_func(SSL *ssl, set_context_func c) {
2310 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_2_VERSION)
2311 : SSL_set_min_proto_version(ssl, TLS1_2_VERSION);
2312}
2313static void ctx_set_TLSv13_func(SSL_CTX *ctx, set_context_func c) {
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002314#if SSL_OP_NO_TLSv1_3
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002315 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_3_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002316 : SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION);
2317#endif
2318}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002319static void ssl_set_TLSv13_func(SSL *ssl, set_context_func c) {
2320#if SSL_OP_NO_TLSv1_3
2321 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_3_VERSION)
2322 : SSL_set_min_proto_version(ssl, TLS1_3_VERSION);
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002323#endif
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002324}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002325#endif
2326static void ctx_set_None_func(SSL_CTX *ctx, set_context_func c) { }
2327static void ssl_set_None_func(SSL *ssl, set_context_func c) { }
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002328
2329static struct {
2330 int option;
2331 uint16_t flag;
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002332 void (*ctx_set_version)(SSL_CTX *, set_context_func);
2333 void (*ssl_set_version)(SSL *, set_context_func);
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002334 const char *name;
2335} methodVersions[] = {
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002336 {0, 0, ctx_set_None_func, ssl_set_None_func, "NONE"}, /* CONF_TLSV_NONE */
2337 {SSL_OP_NO_SSLv3, MC_SSL_O_NO_SSLV3, ctx_set_SSLv3_func, ssl_set_SSLv3_func, "SSLv3"}, /* CONF_SSLV3 */
2338 {SSL_OP_NO_TLSv1, MC_SSL_O_NO_TLSV10, ctx_set_TLSv10_func, ssl_set_TLSv10_func, "TLSv1.0"}, /* CONF_TLSV10 */
2339 {SSL_OP_NO_TLSv1_1, MC_SSL_O_NO_TLSV11, ctx_set_TLSv11_func, ssl_set_TLSv11_func, "TLSv1.1"}, /* CONF_TLSV11 */
2340 {SSL_OP_NO_TLSv1_2, MC_SSL_O_NO_TLSV12, ctx_set_TLSv12_func, ssl_set_TLSv12_func, "TLSv1.2"}, /* CONF_TLSV12 */
2341 {SSL_OP_NO_TLSv1_3, MC_SSL_O_NO_TLSV13, ctx_set_TLSv13_func, ssl_set_TLSv13_func, "TLSv1.3"}, /* CONF_TLSV13 */
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002342};
2343
Emmanuel Hocdet530141f2017-03-01 18:54:56 +01002344static void ssl_sock_switchctx_set(SSL *ssl, SSL_CTX *ctx)
2345{
2346 SSL_set_verify(ssl, SSL_CTX_get_verify_mode(ctx), ssl_sock_bind_verifycbk);
2347 SSL_set_client_CA_list(ssl, SSL_dup_CA_list(SSL_CTX_get_client_CA_list(ctx)));
2348 SSL_set_SSL_CTX(ssl, ctx);
2349}
2350
Willy Tarreau5db847a2019-05-09 14:13:35 +02002351#if ((HA_OPENSSL_VERSION_NUMBER >= 0x10101000L) || defined(OPENSSL_IS_BORINGSSL))
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002352
2353static int ssl_sock_switchctx_err_cbk(SSL *ssl, int *al, void *priv)
2354{
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002355 struct bind_conf *s = priv;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002356 (void)al; /* shut gcc stupid warning */
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002357
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002358 if (SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name) || s->generate_certs)
2359 return SSL_TLSEXT_ERR_OK;
2360 return SSL_TLSEXT_ERR_NOACK;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002361}
2362
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002363#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002364static int ssl_sock_switchctx_cbk(const struct ssl_early_callback_ctx *ctx)
2365{
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002366 SSL *ssl = ctx->ssl;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002367#else
2368static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg)
2369{
2370#endif
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002371 struct connection *conn;
2372 struct bind_conf *s;
2373 const uint8_t *extension_data;
2374 size_t extension_len;
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002375 int has_rsa_sig = 0, has_ecdsa_sig = 0;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002376
2377 char *wildp = NULL;
2378 const uint8_t *servername;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002379 size_t servername_len;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002380 struct ebmb_node *node, *n, *node_ecdsa = NULL, *node_rsa = NULL, *node_anonymous = NULL;
Olivier Houchardc2aae742017-09-22 18:26:28 +02002381 int allow_early = 0;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002382 int i;
2383
Thierry FOURNIER28962c92018-06-17 21:37:05 +02002384 conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Willy Tarreaua8825522018-10-15 13:20:07 +02002385 s = __objt_listener(conn->target)->bind_conf;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002386
Olivier Houchard9679ac92017-10-27 14:58:08 +02002387 if (s->ssl_conf.early_data)
Olivier Houchardc2aae742017-09-22 18:26:28 +02002388 allow_early = 1;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002389#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002390 if (SSL_early_callback_ctx_extension_get(ctx, TLSEXT_TYPE_server_name,
2391 &extension_data, &extension_len)) {
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002392#else
2393 if (SSL_client_hello_get0_ext(ssl, TLSEXT_TYPE_server_name, &extension_data, &extension_len)) {
2394#endif
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002395 /*
2396 * The server_name extension was given too much extensibility when it
2397 * was written, so parsing the normal case is a bit complex.
2398 */
2399 size_t len;
2400 if (extension_len <= 2)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002401 goto abort;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002402 /* Extract the length of the supplied list of names. */
2403 len = (*extension_data++) << 8;
2404 len |= *extension_data++;
2405 if (len + 2 != extension_len)
2406 goto abort;
2407 /*
2408 * The list in practice only has a single element, so we only consider
2409 * the first one.
2410 */
2411 if (len == 0 || *extension_data++ != TLSEXT_NAMETYPE_host_name)
2412 goto abort;
2413 extension_len = len - 1;
2414 /* Now we can finally pull out the byte array with the actual hostname. */
2415 if (extension_len <= 2)
2416 goto abort;
2417 len = (*extension_data++) << 8;
2418 len |= *extension_data++;
2419 if (len == 0 || len + 2 > extension_len || len > TLSEXT_MAXLEN_host_name
2420 || memchr(extension_data, 0, len) != NULL)
2421 goto abort;
2422 servername = extension_data;
2423 servername_len = len;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002424 } else {
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002425#if (!defined SSL_NO_GENERATE_CERTIFICATES)
2426 if (s->generate_certs && ssl_sock_generate_certificate_from_conn(s, ssl)) {
Olivier Houchardc2aae742017-09-22 18:26:28 +02002427 goto allow_early;
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002428 }
2429#endif
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002430 /* without SNI extension, is the default_ctx (need SSL_TLSEXT_ERR_NOACK) */
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002431 if (!s->strict_sni) {
William Lallemand21724f02019-11-04 17:56:13 +01002432 HA_RWLOCK_RDLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002433 ssl_sock_switchctx_set(ssl, s->default_ctx);
William Lallemand21724f02019-11-04 17:56:13 +01002434 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Olivier Houchardc2aae742017-09-22 18:26:28 +02002435 goto allow_early;
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002436 }
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002437 goto abort;
2438 }
2439
2440 /* extract/check clientHello informations */
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002441#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002442 if (SSL_early_callback_ctx_extension_get(ctx, TLSEXT_TYPE_signature_algorithms, &extension_data, &extension_len)) {
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002443#else
2444 if (SSL_client_hello_get0_ext(ssl, TLSEXT_TYPE_signature_algorithms, &extension_data, &extension_len)) {
2445#endif
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002446 uint8_t sign;
2447 size_t len;
2448 if (extension_len < 2)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002449 goto abort;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002450 len = (*extension_data++) << 8;
2451 len |= *extension_data++;
2452 if (len + 2 != extension_len)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002453 goto abort;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002454 if (len % 2 != 0)
2455 goto abort;
2456 for (; len > 0; len -= 2) {
2457 extension_data++; /* hash */
2458 sign = *extension_data++;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002459 switch (sign) {
2460 case TLSEXT_signature_rsa:
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002461 has_rsa_sig = 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002462 break;
2463 case TLSEXT_signature_ecdsa:
2464 has_ecdsa_sig = 1;
2465 break;
2466 default:
2467 continue;
2468 }
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002469 if (has_ecdsa_sig && has_rsa_sig)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002470 break;
2471 }
2472 } else {
Bertrand Jacquina25282b2018-08-14 00:56:13 +01002473 /* without TLSEXT_TYPE_signature_algorithms extension (< TLSv1.2) */
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002474 has_rsa_sig = 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002475 }
2476 if (has_ecdsa_sig) { /* in very rare case: has ecdsa sign but not a ECDSA cipher */
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002477 const SSL_CIPHER *cipher;
2478 size_t len;
2479 const uint8_t *cipher_suites;
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002480 has_ecdsa_sig = 0;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002481#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002482 len = ctx->cipher_suites_len;
2483 cipher_suites = ctx->cipher_suites;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002484#else
2485 len = SSL_client_hello_get0_ciphers(ssl, &cipher_suites);
2486#endif
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002487 if (len % 2 != 0)
2488 goto abort;
2489 for (; len != 0; len -= 2, cipher_suites += 2) {
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002490#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002491 uint16_t cipher_suite = (cipher_suites[0] << 8) | cipher_suites[1];
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002492 cipher = SSL_get_cipher_by_value(cipher_suite);
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002493#else
2494 cipher = SSL_CIPHER_find(ssl, cipher_suites);
2495#endif
Emmanuel Hocdet019f9b12017-10-02 17:12:06 +02002496 if (cipher && SSL_CIPHER_get_auth_nid(cipher) == NID_auth_ecdsa) {
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002497 has_ecdsa_sig = 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002498 break;
2499 }
2500 }
2501 }
2502
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002503 for (i = 0; i < trash.size && i < servername_len; i++) {
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002504 trash.area[i] = tolower(servername[i]);
2505 if (!wildp && (trash.area[i] == '.'))
2506 wildp = &trash.area[i];
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002507 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002508 trash.area[i] = 0;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002509
William Lallemand150bfa82019-09-19 17:12:49 +02002510 HA_RWLOCK_RDLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002511
Emmanuel Hocdet3777e3a2019-11-06 16:05:34 +01002512 for (i = 0; i < 2; i++) {
2513 if (i == 0) /* lookup in full qualified names */
2514 node = ebst_lookup(&s->sni_ctx, trash.area);
2515 else if (i == 1 && wildp) /* lookup in wildcards names */
2516 node = ebst_lookup(&s->sni_w_ctx, wildp);
2517 else
2518 break;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002519 for (n = node; n; n = ebmb_next_dup(n)) {
Emmanuel Hocdet3777e3a2019-11-06 16:05:34 +01002520 /* lookup a not neg filter */
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002521 if (!container_of(n, struct sni_ctx, name)->neg) {
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02002522 switch(container_of(n, struct sni_ctx, name)->kinfo.sig) {
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002523 case TLSEXT_signature_ecdsa:
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002524 if (!node_ecdsa)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002525 node_ecdsa = n;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002526 break;
2527 case TLSEXT_signature_rsa:
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002528 if (!node_rsa)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002529 node_rsa = n;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002530 break;
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02002531 default: /* TLSEXT_signature_anonymous|dsa */
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002532 if (!node_anonymous)
2533 node_anonymous = n;
2534 break;
2535 }
2536 }
2537 }
Emmanuel Hocdet3777e3a2019-11-06 16:05:34 +01002538 /* select by key_signature priority order */
2539 node = (has_ecdsa_sig && node_ecdsa) ? node_ecdsa
2540 : ((has_rsa_sig && node_rsa) ? node_rsa
2541 : (node_anonymous ? node_anonymous
2542 : (node_ecdsa ? node_ecdsa /* no ecdsa signature case (< TLSv1.2) */
2543 : node_rsa /* no rsa signature case (far far away) */
2544 )));
2545 if (node) {
2546 /* switch ctx */
2547 struct ssl_bind_conf *conf = container_of(node, struct sni_ctx, name)->conf;
2548 ssl_sock_switchctx_set(ssl, container_of(node, struct sni_ctx, name)->ctx);
Olivier Houchard35a63cc2017-11-02 19:04:38 +01002549 if (conf) {
2550 methodVersions[conf->ssl_methods.min].ssl_set_version(ssl, SET_MIN);
2551 methodVersions[conf->ssl_methods.max].ssl_set_version(ssl, SET_MAX);
2552 if (conf->early_data)
2553 allow_early = 1;
2554 }
William Lallemand02010472019-10-18 11:02:19 +02002555 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Olivier Houchard35a63cc2017-11-02 19:04:38 +01002556 goto allow_early;
Emmanuel Hocdet3777e3a2019-11-06 16:05:34 +01002557 }
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002558 }
William Lallemand150bfa82019-09-19 17:12:49 +02002559
William Lallemand02010472019-10-18 11:02:19 +02002560 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002561#if (!defined SSL_NO_GENERATE_CERTIFICATES)
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002562 if (s->generate_certs && ssl_sock_generate_certificate(trash.area, s, ssl)) {
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002563 /* switch ctx done in ssl_sock_generate_certificate */
Olivier Houchardc2aae742017-09-22 18:26:28 +02002564 goto allow_early;
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002565 }
2566#endif
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002567 if (!s->strict_sni) {
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002568 /* no certificate match, is the default_ctx */
William Lallemand21724f02019-11-04 17:56:13 +01002569 HA_RWLOCK_RDLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002570 ssl_sock_switchctx_set(ssl, s->default_ctx);
William Lallemand21724f02019-11-04 17:56:13 +01002571 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002572 }
Olivier Houchardc2aae742017-09-22 18:26:28 +02002573allow_early:
2574#ifdef OPENSSL_IS_BORINGSSL
2575 if (allow_early)
2576 SSL_set_early_data_enabled(ssl, 1);
2577#else
2578 if (!allow_early)
2579 SSL_set_max_early_data(ssl, 0);
2580#endif
2581 return 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002582 abort:
2583 /* abort handshake (was SSL_TLSEXT_ERR_ALERT_FATAL) */
2584 conn->err_code = CO_ER_SSL_HANDSHAKE;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002585#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002586 return ssl_select_cert_error;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002587#else
2588 *al = SSL_AD_UNRECOGNIZED_NAME;
2589 return 0;
2590#endif
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002591}
2592
2593#else /* OPENSSL_IS_BORINGSSL */
2594
Emeric Brunfc0421f2012-09-07 17:30:07 +02002595/* Sets the SSL ctx of <ssl> to match the advertised server name. Returns a
2596 * warning when no match is found, which implies the default (first) cert
2597 * will keep being used.
2598 */
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002599static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *priv)
Emeric Brunfc0421f2012-09-07 17:30:07 +02002600{
2601 const char *servername;
2602 const char *wildp = NULL;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002603 struct ebmb_node *node, *n;
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002604 struct bind_conf *s = priv;
Emeric Brunfc0421f2012-09-07 17:30:07 +02002605 int i;
2606 (void)al; /* shut gcc stupid warning */
2607
2608 servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
Emmanuel Hocdet65623372013-01-24 17:17:15 +01002609 if (!servername) {
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002610#if (!defined SSL_NO_GENERATE_CERTIFICATES)
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002611 if (s->generate_certs && ssl_sock_generate_certificate_from_conn(s, ssl))
2612 return SSL_TLSEXT_ERR_OK;
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002613#endif
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002614 if (s->strict_sni)
2615 return SSL_TLSEXT_ERR_ALERT_FATAL;
William Lallemand21724f02019-11-04 17:56:13 +01002616 HA_RWLOCK_RDLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002617 ssl_sock_switchctx_set(ssl, s->default_ctx);
William Lallemand21724f02019-11-04 17:56:13 +01002618 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002619 return SSL_TLSEXT_ERR_NOACK;
Emmanuel Hocdet65623372013-01-24 17:17:15 +01002620 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02002621
Willy Tarreau19d14ef2012-10-29 16:51:55 +01002622 for (i = 0; i < trash.size; i++) {
Emeric Brunfc0421f2012-09-07 17:30:07 +02002623 if (!servername[i])
2624 break;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002625 trash.area[i] = tolower(servername[i]);
2626 if (!wildp && (trash.area[i] == '.'))
2627 wildp = &trash.area[i];
Emeric Brunfc0421f2012-09-07 17:30:07 +02002628 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002629 trash.area[i] = 0;
Emeric Brunfc0421f2012-09-07 17:30:07 +02002630
William Lallemand150bfa82019-09-19 17:12:49 +02002631 HA_RWLOCK_RDLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetc5fdf0f2019-11-04 15:49:46 +01002632 node = NULL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02002633 /* lookup in full qualified names */
Emmanuel Hocdetc5fdf0f2019-11-04 15:49:46 +01002634 for (n = ebst_lookup(&s->sni_ctx, trash.area); n; n = ebmb_next_dup(n)) {
2635 /* lookup a not neg filter */
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002636 if (!container_of(n, struct sni_ctx, name)->neg) {
2637 node = n;
2638 break;
Emmanuel Hocdet65623372013-01-24 17:17:15 +01002639 }
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002640 }
2641 if (!node && wildp) {
2642 /* lookup in wildcards names */
Emmanuel Hocdetc5fdf0f2019-11-04 15:49:46 +01002643 for (n = ebst_lookup(&s->sni_w_ctx, wildp); n; n = ebmb_next_dup(n)) {
2644 /* lookup a not neg filter */
2645 if (!container_of(n, struct sni_ctx, name)->neg) {
2646 node = n;
2647 break;
2648 }
2649 }
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002650 }
Emmanuel Hocdetc5fdf0f2019-11-04 15:49:46 +01002651 if (!node) {
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002652#if (!defined SSL_NO_GENERATE_CERTIFICATES)
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002653 if (s->generate_certs && ssl_sock_generate_certificate(servername, s, ssl)) {
2654 /* switch ctx done in ssl_sock_generate_certificate */
William Lallemand150bfa82019-09-19 17:12:49 +02002655 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002656 return SSL_TLSEXT_ERR_OK;
2657 }
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002658#endif
William Lallemand21724f02019-11-04 17:56:13 +01002659 if (s->strict_sni) {
2660 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002661 return SSL_TLSEXT_ERR_ALERT_FATAL;
William Lallemand21724f02019-11-04 17:56:13 +01002662 }
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002663 ssl_sock_switchctx_set(ssl, s->default_ctx);
William Lallemand21724f02019-11-04 17:56:13 +01002664 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002665 return SSL_TLSEXT_ERR_OK;
Emeric Brunfc0421f2012-09-07 17:30:07 +02002666 }
2667
2668 /* switch ctx */
Emmanuel Hocdet530141f2017-03-01 18:54:56 +01002669 ssl_sock_switchctx_set(ssl, container_of(node, struct sni_ctx, name)->ctx);
William Lallemand150bfa82019-09-19 17:12:49 +02002670 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emeric Brunfc0421f2012-09-07 17:30:07 +02002671 return SSL_TLSEXT_ERR_OK;
2672}
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002673#endif /* (!) OPENSSL_IS_BORINGSSL */
Emeric Brunfc0421f2012-09-07 17:30:07 +02002674#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
2675
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002676#ifndef OPENSSL_NO_DH
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002677
2678static DH * ssl_get_dh_1024(void)
2679{
Remi Gacogned3a341a2015-05-29 16:26:17 +02002680 static unsigned char dh1024_p[]={
2681 0xFA,0xF9,0x2A,0x22,0x2A,0xA7,0x7F,0xE1,0x67,0x4E,0x53,0xF7,
2682 0x56,0x13,0xC3,0xB1,0xE3,0x29,0x6B,0x66,0x31,0x6A,0x7F,0xB3,
2683 0xC2,0x68,0x6B,0xCB,0x1D,0x57,0x39,0x1D,0x1F,0xFF,0x1C,0xC9,
2684 0xA6,0xA4,0x98,0x82,0x31,0x5D,0x25,0xFF,0x8A,0xE0,0x73,0x96,
2685 0x81,0xC8,0x83,0x79,0xC1,0x5A,0x04,0xF8,0x37,0x0D,0xA8,0x3D,
2686 0xAE,0x74,0xBC,0xDB,0xB6,0xA4,0x75,0xD9,0x71,0x8A,0xA0,0x17,
2687 0x9E,0x2D,0xC8,0xA8,0xDF,0x2C,0x5F,0x82,0x95,0xF8,0x92,0x9B,
2688 0xA7,0x33,0x5F,0x89,0x71,0xC8,0x2D,0x6B,0x18,0x86,0xC4,0x94,
2689 0x22,0xA5,0x52,0x8D,0xF6,0xF6,0xD2,0x37,0x92,0x0F,0xA5,0xCC,
2690 0xDB,0x7B,0x1D,0x3D,0xA1,0x31,0xB7,0x80,0x8F,0x0B,0x67,0x5E,
2691 0x36,0xA5,0x60,0x0C,0xF1,0x95,0x33,0x8B,
2692 };
2693 static unsigned char dh1024_g[]={
2694 0x02,
2695 };
2696
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002697 BIGNUM *p;
2698 BIGNUM *g;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002699 DH *dh = DH_new();
2700 if (dh) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002701 p = BN_bin2bn(dh1024_p, sizeof dh1024_p, NULL);
2702 g = BN_bin2bn(dh1024_g, sizeof dh1024_g, NULL);
Remi Gacogned3a341a2015-05-29 16:26:17 +02002703
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002704 if (!p || !g) {
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002705 DH_free(dh);
2706 dh = NULL;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002707 } else {
2708 DH_set0_pqg(dh, p, NULL, g);
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002709 }
2710 }
2711 return dh;
2712}
2713
2714static DH *ssl_get_dh_2048(void)
2715{
Remi Gacogned3a341a2015-05-29 16:26:17 +02002716 static unsigned char dh2048_p[]={
2717 0xEC,0x86,0xF8,0x70,0xA0,0x33,0x16,0xEC,0x05,0x1A,0x73,0x59,
2718 0xCD,0x1F,0x8B,0xF8,0x29,0xE4,0xD2,0xCF,0x52,0xDD,0xC2,0x24,
2719 0x8D,0xB5,0x38,0x9A,0xFB,0x5C,0xA4,0xE4,0xB2,0xDA,0xCE,0x66,
2720 0x50,0x74,0xA6,0x85,0x4D,0x4B,0x1D,0x30,0xB8,0x2B,0xF3,0x10,
2721 0xE9,0xA7,0x2D,0x05,0x71,0xE7,0x81,0xDF,0x8B,0x59,0x52,0x3B,
2722 0x5F,0x43,0x0B,0x68,0xF1,0xDB,0x07,0xBE,0x08,0x6B,0x1B,0x23,
2723 0xEE,0x4D,0xCC,0x9E,0x0E,0x43,0xA0,0x1E,0xDF,0x43,0x8C,0xEC,
2724 0xBE,0xBE,0x90,0xB4,0x51,0x54,0xB9,0x2F,0x7B,0x64,0x76,0x4E,
2725 0x5D,0xD4,0x2E,0xAE,0xC2,0x9E,0xAE,0x51,0x43,0x59,0xC7,0x77,
2726 0x9C,0x50,0x3C,0x0E,0xED,0x73,0x04,0x5F,0xF1,0x4C,0x76,0x2A,
2727 0xD8,0xF8,0xCF,0xFC,0x34,0x40,0xD1,0xB4,0x42,0x61,0x84,0x66,
2728 0x42,0x39,0x04,0xF8,0x68,0xB2,0x62,0xD7,0x55,0xED,0x1B,0x74,
2729 0x75,0x91,0xE0,0xC5,0x69,0xC1,0x31,0x5C,0xDB,0x7B,0x44,0x2E,
2730 0xCE,0x84,0x58,0x0D,0x1E,0x66,0x0C,0xC8,0x44,0x9E,0xFD,0x40,
2731 0x08,0x67,0x5D,0xFB,0xA7,0x76,0x8F,0x00,0x11,0x87,0xE9,0x93,
2732 0xF9,0x7D,0xC4,0xBC,0x74,0x55,0x20,0xD4,0x4A,0x41,0x2F,0x43,
2733 0x42,0x1A,0xC1,0xF2,0x97,0x17,0x49,0x27,0x37,0x6B,0x2F,0x88,
2734 0x7E,0x1C,0xA0,0xA1,0x89,0x92,0x27,0xD9,0x56,0x5A,0x71,0xC1,
2735 0x56,0x37,0x7E,0x3A,0x9D,0x05,0xE7,0xEE,0x5D,0x8F,0x82,0x17,
2736 0xBC,0xE9,0xC2,0x93,0x30,0x82,0xF9,0xF4,0xC9,0xAE,0x49,0xDB,
2737 0xD0,0x54,0xB4,0xD9,0x75,0x4D,0xFA,0x06,0xB8,0xD6,0x38,0x41,
2738 0xB7,0x1F,0x77,0xF3,
2739 };
2740 static unsigned char dh2048_g[]={
2741 0x02,
2742 };
2743
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002744 BIGNUM *p;
2745 BIGNUM *g;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002746 DH *dh = DH_new();
2747 if (dh) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002748 p = BN_bin2bn(dh2048_p, sizeof dh2048_p, NULL);
2749 g = BN_bin2bn(dh2048_g, sizeof dh2048_g, NULL);
Remi Gacogned3a341a2015-05-29 16:26:17 +02002750
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002751 if (!p || !g) {
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002752 DH_free(dh);
2753 dh = NULL;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002754 } else {
2755 DH_set0_pqg(dh, p, NULL, g);
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002756 }
2757 }
2758 return dh;
2759}
2760
2761static DH *ssl_get_dh_4096(void)
2762{
Remi Gacogned3a341a2015-05-29 16:26:17 +02002763 static unsigned char dh4096_p[]={
2764 0xDE,0x16,0x94,0xCD,0x99,0x58,0x07,0xF1,0xF7,0x32,0x96,0x11,
2765 0x04,0x82,0xD4,0x84,0x72,0x80,0x99,0x06,0xCA,0xF0,0xA3,0x68,
2766 0x07,0xCE,0x64,0x50,0xE7,0x74,0x45,0x20,0x80,0x5E,0x4D,0xAD,
2767 0xA5,0xB6,0xED,0xFA,0x80,0x6C,0x3B,0x35,0xC4,0x9A,0x14,0x6B,
2768 0x32,0xBB,0xFD,0x1F,0x17,0x8E,0xB7,0x1F,0xD6,0xFA,0x3F,0x7B,
2769 0xEE,0x16,0xA5,0x62,0x33,0x0D,0xED,0xBC,0x4E,0x58,0xE5,0x47,
2770 0x4D,0xE9,0xAB,0x8E,0x38,0xD3,0x6E,0x90,0x57,0xE3,0x22,0x15,
2771 0x33,0xBD,0xF6,0x43,0x45,0xB5,0x10,0x0A,0xBE,0x2C,0xB4,0x35,
2772 0xB8,0x53,0x8D,0xAD,0xFB,0xA7,0x1F,0x85,0x58,0x41,0x7A,0x79,
2773 0x20,0x68,0xB3,0xE1,0x3D,0x08,0x76,0xBF,0x86,0x0D,0x49,0xE3,
2774 0x82,0x71,0x8C,0xB4,0x8D,0x81,0x84,0xD4,0xE7,0xBE,0x91,0xDC,
2775 0x26,0x39,0x48,0x0F,0x35,0xC4,0xCA,0x65,0xE3,0x40,0x93,0x52,
2776 0x76,0x58,0x7D,0xDD,0x51,0x75,0xDC,0x69,0x61,0xBF,0x47,0x2C,
2777 0x16,0x68,0x2D,0xC9,0x29,0xD3,0xE6,0xC0,0x99,0x48,0xA0,0x9A,
2778 0xC8,0x78,0xC0,0x6D,0x81,0x67,0x12,0x61,0x3F,0x71,0xBA,0x41,
2779 0x1F,0x6C,0x89,0x44,0x03,0xBA,0x3B,0x39,0x60,0xAA,0x28,0x55,
2780 0x59,0xAE,0xB8,0xFA,0xCB,0x6F,0xA5,0x1A,0xF7,0x2B,0xDD,0x52,
2781 0x8A,0x8B,0xE2,0x71,0xA6,0x5E,0x7E,0xD8,0x2E,0x18,0xE0,0x66,
2782 0xDF,0xDD,0x22,0x21,0x99,0x52,0x73,0xA6,0x33,0x20,0x65,0x0E,
2783 0x53,0xE7,0x6B,0x9B,0xC5,0xA3,0x2F,0x97,0x65,0x76,0xD3,0x47,
2784 0x23,0x77,0x12,0xB6,0x11,0x7B,0x24,0xED,0xF1,0xEF,0xC0,0xE2,
2785 0xA3,0x7E,0x67,0x05,0x3E,0x96,0x4D,0x45,0xC2,0x18,0xD1,0x73,
2786 0x9E,0x07,0xF3,0x81,0x6E,0x52,0x63,0xF6,0x20,0x76,0xB9,0x13,
2787 0xD2,0x65,0x30,0x18,0x16,0x09,0x16,0x9E,0x8F,0xF1,0xD2,0x10,
2788 0x5A,0xD3,0xD4,0xAF,0x16,0x61,0xDA,0x55,0x2E,0x18,0x5E,0x14,
2789 0x08,0x54,0x2E,0x2A,0x25,0xA2,0x1A,0x9B,0x8B,0x32,0xA9,0xFD,
2790 0xC2,0x48,0x96,0xE1,0x80,0xCA,0xE9,0x22,0x17,0xBB,0xCE,0x3E,
2791 0x9E,0xED,0xC7,0xF1,0x1F,0xEC,0x17,0x21,0xDC,0x7B,0x82,0x48,
2792 0x8E,0xBB,0x4B,0x9D,0x5B,0x04,0x04,0xDA,0xDB,0x39,0xDF,0x01,
2793 0x40,0xC3,0xAA,0x26,0x23,0x89,0x75,0xC6,0x0B,0xD0,0xA2,0x60,
2794 0x6A,0xF1,0xCC,0x65,0x18,0x98,0x1B,0x52,0xD2,0x74,0x61,0xCC,
2795 0xBD,0x60,0xAE,0xA3,0xA0,0x66,0x6A,0x16,0x34,0x92,0x3F,0x41,
2796 0x40,0x31,0x29,0xC0,0x2C,0x63,0xB2,0x07,0x8D,0xEB,0x94,0xB8,
2797 0xE8,0x47,0x92,0x52,0x93,0x6A,0x1B,0x7E,0x1A,0x61,0xB3,0x1B,
2798 0xF0,0xD6,0x72,0x9B,0xF1,0xB0,0xAF,0xBF,0x3E,0x65,0xEF,0x23,
2799 0x1D,0x6F,0xFF,0x70,0xCD,0x8A,0x4C,0x8A,0xA0,0x72,0x9D,0xBE,
2800 0xD4,0xBB,0x24,0x47,0x4A,0x68,0xB5,0xF5,0xC6,0xD5,0x7A,0xCD,
2801 0xCA,0x06,0x41,0x07,0xAD,0xC2,0x1E,0xE6,0x54,0xA7,0xAD,0x03,
2802 0xD9,0x12,0xC1,0x9C,0x13,0xB1,0xC9,0x0A,0x43,0x8E,0x1E,0x08,
2803 0xCE,0x50,0x82,0x73,0x5F,0xA7,0x55,0x1D,0xD9,0x59,0xAC,0xB5,
2804 0xEA,0x02,0x7F,0x6C,0x5B,0x74,0x96,0x98,0x67,0x24,0xA3,0x0F,
2805 0x15,0xFC,0xA9,0x7D,0x3E,0x67,0xD1,0x70,0xF8,0x97,0xF3,0x67,
2806 0xC5,0x8C,0x88,0x44,0x08,0x02,0xC7,0x2B,
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002807 };
Remi Gacogned3a341a2015-05-29 16:26:17 +02002808 static unsigned char dh4096_g[]={
2809 0x02,
2810 };
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002811
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002812 BIGNUM *p;
2813 BIGNUM *g;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002814 DH *dh = DH_new();
2815 if (dh) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002816 p = BN_bin2bn(dh4096_p, sizeof dh4096_p, NULL);
2817 g = BN_bin2bn(dh4096_g, sizeof dh4096_g, NULL);
Remi Gacogned3a341a2015-05-29 16:26:17 +02002818
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002819 if (!p || !g) {
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002820 DH_free(dh);
2821 dh = NULL;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002822 } else {
2823 DH_set0_pqg(dh, p, NULL, g);
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002824 }
2825 }
2826 return dh;
2827}
2828
2829/* Returns Diffie-Hellman parameters matching the private key length
Willy Tarreauef934602016-12-22 23:12:01 +01002830 but not exceeding global_ssl.default_dh_param */
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002831static DH *ssl_get_tmp_dh(SSL *ssl, int export, int keylen)
2832{
2833 DH *dh = NULL;
2834 EVP_PKEY *pkey = SSL_get_privatekey(ssl);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002835 int type;
2836
2837 type = pkey ? EVP_PKEY_base_id(pkey) : EVP_PKEY_NONE;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002838
2839 /* The keylen supplied by OpenSSL can only be 512 or 1024.
2840 See ssl3_send_server_key_exchange() in ssl/s3_srvr.c
2841 */
2842 if (type == EVP_PKEY_RSA || type == EVP_PKEY_DSA) {
2843 keylen = EVP_PKEY_bits(pkey);
2844 }
2845
Willy Tarreauef934602016-12-22 23:12:01 +01002846 if (keylen > global_ssl.default_dh_param) {
2847 keylen = global_ssl.default_dh_param;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002848 }
2849
Remi Gacogned3a341a2015-05-29 16:26:17 +02002850 if (keylen >= 4096) {
Remi Gacogne8de54152014-07-15 11:36:40 +02002851 dh = local_dh_4096;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002852 }
2853 else if (keylen >= 2048) {
Remi Gacogne8de54152014-07-15 11:36:40 +02002854 dh = local_dh_2048;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002855 }
2856 else {
Remi Gacogne8de54152014-07-15 11:36:40 +02002857 dh = local_dh_1024;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002858 }
2859
2860 return dh;
2861}
2862
Remi Gacogne47783ef2015-05-29 15:53:22 +02002863static DH * ssl_sock_get_dh_from_file(const char *filename)
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002864{
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002865 DH *dh = NULL;
Remi Gacogne47783ef2015-05-29 15:53:22 +02002866 BIO *in = BIO_new(BIO_s_file());
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002867
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002868 if (in == NULL)
2869 goto end;
2870
Remi Gacogne47783ef2015-05-29 15:53:22 +02002871 if (BIO_read_filename(in, filename) <= 0)
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002872 goto end;
2873
Remi Gacogne47783ef2015-05-29 15:53:22 +02002874 dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
2875
2876end:
2877 if (in)
2878 BIO_free(in);
2879
Emeric Brune1b4ed42018-08-16 15:14:12 +02002880 ERR_clear_error();
2881
Remi Gacogne47783ef2015-05-29 15:53:22 +02002882 return dh;
2883}
2884
2885int ssl_sock_load_global_dh_param_from_file(const char *filename)
2886{
2887 global_dh = ssl_sock_get_dh_from_file(filename);
2888
2889 if (global_dh) {
2890 return 0;
2891 }
2892
2893 return -1;
2894}
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002895#endif
2896
William Lallemand9117de92019-10-04 00:29:42 +02002897/* Alloc and init a ckch_inst */
2898static struct ckch_inst *ckch_inst_new()
2899{
2900 struct ckch_inst *ckch_inst;
2901
2902 ckch_inst = calloc(1, sizeof *ckch_inst);
2903 if (ckch_inst)
2904 LIST_INIT(&ckch_inst->sni_ctx);
2905
2906 return ckch_inst;
2907}
2908
2909
2910/* This function allocates a sni_ctx and adds it to the ckch_inst */
William Lallemand1d29c742019-10-04 00:53:29 +02002911static int ckch_inst_add_cert_sni(SSL_CTX *ctx, struct ckch_inst *ckch_inst,
William Lallemand9117de92019-10-04 00:29:42 +02002912 struct bind_conf *s, struct ssl_bind_conf *conf,
2913 struct pkey_info kinfo, char *name, int order)
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01002914{
2915 struct sni_ctx *sc;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002916 int wild = 0, neg = 0;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01002917
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002918 if (*name == '!') {
2919 neg = 1;
2920 name++;
2921 }
2922 if (*name == '*') {
2923 wild = 1;
2924 name++;
2925 }
2926 /* !* filter is a nop */
2927 if (neg && wild)
2928 return order;
2929 if (*name) {
2930 int j, len;
2931 len = strlen(name);
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +02002932 for (j = 0; j < len && j < trash.size; j++)
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002933 trash.area[j] = tolower(name[j]);
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +02002934 if (j >= trash.size)
William Lallemandfe49bb32019-10-03 23:46:33 +02002935 return -1;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002936 trash.area[j] = 0;
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +02002937
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01002938 sc = malloc(sizeof(struct sni_ctx) + len + 1);
Thierry FOURNIER / OZON.IO7a3bd3b2016-10-06 10:35:29 +02002939 if (!sc)
William Lallemandfe49bb32019-10-03 23:46:33 +02002940 return -1;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002941 memcpy(sc->name.key, trash.area, len + 1);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01002942 sc->ctx = ctx;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01002943 sc->conf = conf;
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02002944 sc->kinfo = kinfo;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002945 sc->order = order++;
2946 sc->neg = neg;
William Lallemand1d29c742019-10-04 00:53:29 +02002947 sc->wild = wild;
2948 sc->name.node.leaf_p = NULL;
William Lallemand1d29c742019-10-04 00:53:29 +02002949 LIST_ADDQ(&ckch_inst->sni_ctx, &sc->by_ckch_inst);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01002950 }
2951 return order;
2952}
2953
William Lallemand6af03992019-07-23 15:00:54 +02002954/*
William Lallemand1d29c742019-10-04 00:53:29 +02002955 * Insert the sni_ctxs that are listed in the ckch_inst, in the bind_conf's sni_ctx tree
2956 * This function can't return an error.
2957 *
2958 * *CAUTION*: The caller must lock the sni tree if called in multithreading mode
2959 */
2960static void ssl_sock_load_cert_sni(struct ckch_inst *ckch_inst, struct bind_conf *bind_conf)
2961{
2962
2963 struct sni_ctx *sc0, *sc0b, *sc1;
2964 struct ebmb_node *node;
William Lallemand21724f02019-11-04 17:56:13 +01002965 int def = 0;
William Lallemand1d29c742019-10-04 00:53:29 +02002966
2967 list_for_each_entry_safe(sc0, sc0b, &ckch_inst->sni_ctx, by_ckch_inst) {
2968
2969 /* ignore if sc0 was already inserted in a tree */
2970 if (sc0->name.node.leaf_p)
2971 continue;
2972
2973 /* Check for duplicates. */
2974 if (sc0->wild)
2975 node = ebst_lookup(&bind_conf->sni_w_ctx, (char *)sc0->name.key);
2976 else
2977 node = ebst_lookup(&bind_conf->sni_ctx, (char *)sc0->name.key);
2978
2979 for (; node; node = ebmb_next_dup(node)) {
2980 sc1 = ebmb_entry(node, struct sni_ctx, name);
2981 if (sc1->ctx == sc0->ctx && sc1->conf == sc0->conf
2982 && sc1->neg == sc0->neg && sc1->wild == sc0->wild) {
2983 /* it's a duplicate, we should remove and free it */
2984 LIST_DEL(&sc0->by_ckch_inst);
2985 free(sc0);
2986 sc0 = NULL;
William Lallemande15029b2019-10-14 10:46:58 +02002987 break;
William Lallemand1d29c742019-10-04 00:53:29 +02002988 }
2989 }
2990
2991 /* if duplicate, ignore the insertion */
2992 if (!sc0)
2993 continue;
2994
2995 if (sc0->wild)
2996 ebst_insert(&bind_conf->sni_w_ctx, &sc0->name);
2997 else
2998 ebst_insert(&bind_conf->sni_ctx, &sc0->name);
William Lallemand21724f02019-11-04 17:56:13 +01002999
3000 /* replace the default_ctx if required with the first ctx */
3001 if (ckch_inst->is_default && !def) {
3002 /* we don't need to free the default_ctx because the refcount was not incremented */
3003 bind_conf->default_ctx = sc0->ctx;
3004 def = 1;
3005 }
William Lallemand1d29c742019-10-04 00:53:29 +02003006 }
3007}
3008
3009/*
William Lallemande3af8fb2019-10-08 11:36:53 +02003010 * tree used to store the ckchs ordered by filename/bundle name
William Lallemand6af03992019-07-23 15:00:54 +02003011 */
William Lallemande3af8fb2019-10-08 11:36:53 +02003012struct eb_root ckchs_tree = EB_ROOT_UNIQUE;
William Lallemand6af03992019-07-23 15:00:54 +02003013
William Lallemandfa892222019-07-23 16:06:08 +02003014
Emeric Brun7a883362019-10-17 13:27:40 +02003015/* Loads Diffie-Hellman parameter from a ckchs to an SSL_CTX.
3016 * If there is no DH paramater availaible in the ckchs, the global
3017 * DH parameter is loaded into the SSL_CTX and if there is no
3018 * DH parameter available in ckchs nor in global, the default
3019 * DH parameters are applied on the SSL_CTX.
3020 * Returns a bitfield containing the flags:
3021 * ERR_FATAL in any fatal error case
3022 * ERR_ALERT if a reason of the error is availabine in err
3023 * ERR_WARN if a warning is available into err
3024 * The value 0 means there is no error nor warning and
3025 * the operation succeed.
3026 */
William Lallemandfa892222019-07-23 16:06:08 +02003027#ifndef OPENSSL_NO_DH
Emeric Brun7a883362019-10-17 13:27:40 +02003028static int ssl_sock_load_dh_params(SSL_CTX *ctx, const struct cert_key_and_chain *ckch,
3029 const char *path, char **err)
William Lallemandfa892222019-07-23 16:06:08 +02003030{
Emeric Brun7a883362019-10-17 13:27:40 +02003031 int ret = 0;
William Lallemandfa892222019-07-23 16:06:08 +02003032 DH *dh = NULL;
3033
William Lallemanda8c73742019-07-31 18:31:34 +02003034 if (ckch && ckch->dh) {
William Lallemandfa892222019-07-23 16:06:08 +02003035 dh = ckch->dh;
Emeric Bruna9363eb2019-10-17 14:53:03 +02003036 if (!SSL_CTX_set_tmp_dh(ctx, dh)) {
3037 memprintf(err, "%sunable to load the DH parameter specified in '%s'",
3038 err && *err ? *err : "", path);
3039#if defined(SSL_CTX_set_dh_auto)
3040 SSL_CTX_set_dh_auto(ctx, 1);
3041 memprintf(err, "%s, SSL library will use an automatically generated DH parameter.\n",
3042 err && *err ? *err : "");
3043#else
3044 memprintf(err, "%s, DH ciphers won't be available.\n",
3045 err && *err ? *err : "");
3046#endif
3047 ret |= ERR_WARN;
3048 goto end;
3049 }
William Lallemandfa892222019-07-23 16:06:08 +02003050
3051 if (ssl_dh_ptr_index >= 0) {
3052 /* store a pointer to the DH params to avoid complaining about
3053 ssl-default-dh-param not being set for this SSL_CTX */
3054 SSL_CTX_set_ex_data(ctx, ssl_dh_ptr_index, dh);
3055 }
3056 }
3057 else if (global_dh) {
Emeric Bruna9363eb2019-10-17 14:53:03 +02003058 if (!SSL_CTX_set_tmp_dh(ctx, global_dh)) {
3059 memprintf(err, "%sunable to use the global DH parameter for certificate '%s'",
3060 err && *err ? *err : "", path);
3061#if defined(SSL_CTX_set_dh_auto)
3062 SSL_CTX_set_dh_auto(ctx, 1);
3063 memprintf(err, "%s, SSL library will use an automatically generated DH parameter.\n",
3064 err && *err ? *err : "");
3065#else
3066 memprintf(err, "%s, DH ciphers won't be available.\n",
3067 err && *err ? *err : "");
3068#endif
3069 ret |= ERR_WARN;
3070 goto end;
3071 }
William Lallemandfa892222019-07-23 16:06:08 +02003072 }
3073 else {
3074 /* Clear openssl global errors stack */
3075 ERR_clear_error();
3076
3077 if (global_ssl.default_dh_param <= 1024) {
3078 /* we are limited to DH parameter of 1024 bits anyway */
3079 if (local_dh_1024 == NULL)
3080 local_dh_1024 = ssl_get_dh_1024();
3081
Emeric Brun7a883362019-10-17 13:27:40 +02003082 if (local_dh_1024 == NULL) {
3083 memprintf(err, "%sunable to load default 1024 bits DH parameter for certificate '%s'.\n",
3084 err && *err ? *err : "", path);
3085 ret |= ERR_ALERT | ERR_FATAL;
William Lallemandfa892222019-07-23 16:06:08 +02003086 goto end;
Emeric Brun7a883362019-10-17 13:27:40 +02003087 }
William Lallemandfa892222019-07-23 16:06:08 +02003088
Emeric Bruna9363eb2019-10-17 14:53:03 +02003089 if (!SSL_CTX_set_tmp_dh(ctx, local_dh_1024)) {
3090 memprintf(err, "%sunable to load default 1024 bits DH parameter for certificate '%s'.\n",
3091 err && *err ? *err : "", path);
3092#if defined(SSL_CTX_set_dh_auto)
3093 SSL_CTX_set_dh_auto(ctx, 1);
3094 memprintf(err, "%s, SSL library will use an automatically generated DH parameter.\n",
3095 err && *err ? *err : "");
3096#else
3097 memprintf(err, "%s, DH ciphers won't be available.\n",
3098 err && *err ? *err : "");
3099#endif
3100 ret |= ERR_WARN;
3101 goto end;
3102 }
William Lallemandfa892222019-07-23 16:06:08 +02003103 }
3104 else {
3105 SSL_CTX_set_tmp_dh_callback(ctx, ssl_get_tmp_dh);
3106 }
William Lallemandfa892222019-07-23 16:06:08 +02003107 }
3108
3109end:
William Lallemand4dd145a2020-02-05 11:46:33 +01003110 ERR_clear_error();
William Lallemandfa892222019-07-23 16:06:08 +02003111 return ret;
3112}
3113#endif
yanbzhu08ce6ab2015-12-02 13:01:29 -05003114
yanbzhu488a4d22015-12-01 15:16:07 -05003115/* Frees the contents of a cert_key_and_chain
3116 */
3117static void ssl_sock_free_cert_key_and_chain_contents(struct cert_key_and_chain *ckch)
3118{
yanbzhu488a4d22015-12-01 15:16:07 -05003119 if (!ckch)
3120 return;
3121
3122 /* Free the certificate and set pointer to NULL */
3123 if (ckch->cert)
3124 X509_free(ckch->cert);
3125 ckch->cert = NULL;
3126
3127 /* Free the key and set pointer to NULL */
3128 if (ckch->key)
3129 EVP_PKEY_free(ckch->key);
3130 ckch->key = NULL;
3131
3132 /* Free each certificate in the chain */
Emmanuel Hocdet9246f8b2018-11-30 16:00:21 +01003133 if (ckch->chain)
3134 sk_X509_pop_free(ckch->chain, X509_free);
3135 ckch->chain = NULL;
yanbzhu488a4d22015-12-01 15:16:07 -05003136
William Lallemand455af502019-10-17 18:04:45 +02003137 if (ckch->dh)
3138 DH_free(ckch->dh);
3139 ckch->dh = NULL;
3140
3141 if (ckch->sctl) {
3142 free(ckch->sctl->area);
3143 ckch->sctl->area = NULL;
3144 free(ckch->sctl);
3145 ckch->sctl = NULL;
3146 }
3147
3148 if (ckch->ocsp_response) {
3149 free(ckch->ocsp_response->area);
3150 ckch->ocsp_response->area = NULL;
3151 free(ckch->ocsp_response);
3152 ckch->ocsp_response = NULL;
3153 }
William Lallemand5c3c96f2020-01-23 11:53:13 +01003154
3155 if (ckch->ocsp_issuer)
William Lallemanddad239d2020-01-23 11:59:02 +01003156 X509_free(ckch->ocsp_issuer);
William Lallemand5c3c96f2020-01-23 11:53:13 +01003157 ckch->ocsp_issuer = NULL;
yanbzhu488a4d22015-12-01 15:16:07 -05003158}
3159
William Lallemand8d0f8932019-10-17 18:03:58 +02003160/*
3161 *
3162 * This function copy a cert_key_and_chain in memory
3163 *
3164 * It's used to try to apply changes on a ckch before committing them, because
3165 * most of the time it's not possible to revert those changes
3166 *
3167 * Return a the dst or NULL
3168 */
3169static struct cert_key_and_chain *ssl_sock_copy_cert_key_and_chain(struct cert_key_and_chain *src,
3170 struct cert_key_and_chain *dst)
3171{
3172 if (src->cert) {
3173 dst->cert = src->cert;
3174 X509_up_ref(src->cert);
3175 }
3176
3177 if (src->key) {
3178 dst->key = src->key;
3179 EVP_PKEY_up_ref(src->key);
3180 }
3181
3182 if (src->chain) {
3183 dst->chain = X509_chain_up_ref(src->chain);
3184 }
3185
3186 if (src->dh) {
3187 DH_up_ref(src->dh);
3188 dst->dh = src->dh;
3189 }
3190
3191 if (src->sctl) {
3192 struct buffer *sctl;
3193
3194 sctl = calloc(1, sizeof(*sctl));
3195 if (!chunk_dup(sctl, src->sctl)) {
3196 free(sctl);
3197 sctl = NULL;
3198 goto error;
3199 }
3200 dst->sctl = sctl;
3201 }
3202
3203 if (src->ocsp_response) {
3204 struct buffer *ocsp_response;
3205
3206 ocsp_response = calloc(1, sizeof(*ocsp_response));
3207 if (!chunk_dup(ocsp_response, src->ocsp_response)) {
3208 free(ocsp_response);
3209 ocsp_response = NULL;
3210 goto error;
3211 }
3212 dst->ocsp_response = ocsp_response;
3213 }
3214
3215 if (src->ocsp_issuer) {
3216 X509_up_ref(src->ocsp_issuer);
3217 dst->ocsp_issuer = src->ocsp_issuer;
3218 }
3219
3220 return dst;
3221
3222error:
3223
3224 /* free everything */
3225 ssl_sock_free_cert_key_and_chain_contents(dst);
3226
3227 return NULL;
3228}
3229
3230
yanbzhu488a4d22015-12-01 15:16:07 -05003231/* checks if a key and cert exists in the ckch
3232 */
William Lallemand1633e392019-09-30 12:58:13 +02003233#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhu488a4d22015-12-01 15:16:07 -05003234static int ssl_sock_is_ckch_valid(struct cert_key_and_chain *ckch)
3235{
3236 return (ckch->cert != NULL && ckch->key != NULL);
3237}
William Lallemand1633e392019-09-30 12:58:13 +02003238#endif
yanbzhu488a4d22015-12-01 15:16:07 -05003239
William Lallemandf9568fc2019-10-16 18:27:58 +02003240/*
3241 * return 0 on success or != 0 on failure
3242 */
3243static int ssl_sock_load_issuer_file_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch, char **err)
3244{
3245 int ret = 1;
3246 BIO *in = NULL;
3247 X509 *issuer;
3248
3249 if (buf) {
3250 /* reading from a buffer */
3251 in = BIO_new_mem_buf(buf, -1);
3252 if (in == NULL) {
3253 memprintf(err, "%sCan't allocate memory\n", err && *err ? *err : "");
3254 goto end;
3255 }
3256
3257 } else {
3258 /* reading from a file */
3259 in = BIO_new(BIO_s_file());
3260 if (in == NULL)
3261 goto end;
3262
3263 if (BIO_read_filename(in, path) <= 0)
3264 goto end;
3265 }
3266
3267 issuer = PEM_read_bio_X509_AUX(in, NULL, NULL, NULL);
3268 if (!issuer) {
3269 memprintf(err, "%s'%s' cannot be read or parsed'.\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01003270 err && *err ? *err : "", path);
William Lallemandf9568fc2019-10-16 18:27:58 +02003271 goto end;
3272 }
Emmanuel Hocdeteb73dc32020-01-16 14:45:00 +01003273 /* no error, fill ckch with new context, old context must be free */
3274 if (ckch->ocsp_issuer)
3275 X509_free(ckch->ocsp_issuer);
William Lallemandf9568fc2019-10-16 18:27:58 +02003276 ckch->ocsp_issuer = issuer;
Emmanuel Hocdeteb73dc32020-01-16 14:45:00 +01003277 ret = 0;
William Lallemandf9568fc2019-10-16 18:27:58 +02003278
3279end:
3280
3281 ERR_clear_error();
3282 if (in)
3283 BIO_free(in);
3284
3285 return ret;
3286}
3287
William Lallemand96a9c972019-10-17 11:56:17 +02003288
3289/*
3290 * Try to load a PEM file from a <path> or a buffer <buf>
William Lallemand4c5adbf2020-02-24 14:23:22 +01003291 * The PEM must contain at least a Certificate,
3292 * It could contain a DH, a certificate chain and a PrivateKey.
yanbzhu488a4d22015-12-01 15:16:07 -05003293 *
William Lallemand96a9c972019-10-17 11:56:17 +02003294 * If it failed you should not attempt to use the ckch but free it.
3295 *
3296 * Return 0 on success or != 0 on failure
yanbzhu488a4d22015-12-01 15:16:07 -05003297 */
William Lallemand96a9c972019-10-17 11:56:17 +02003298static int ssl_sock_load_pem_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch , char **err)
yanbzhu488a4d22015-12-01 15:16:07 -05003299{
William Lallemandf11365b2019-09-19 14:25:58 +02003300 BIO *in = NULL;
yanbzhu488a4d22015-12-01 15:16:07 -05003301 int ret = 1;
Emmanuel Hocdet078156d2020-01-22 17:02:53 +01003302 int i;
Emmanuel Hocdet83cbd3c2019-10-25 11:55:03 +02003303 X509 *ca;
William Lallemand96a9c972019-10-17 11:56:17 +02003304 X509 *cert = NULL;
3305 EVP_PKEY *key = NULL;
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003306 DH *dh = NULL;
3307 STACK_OF(X509) *chain = NULL;
William Lallemand96a9c972019-10-17 11:56:17 +02003308
3309 if (buf) {
3310 /* reading from a buffer */
3311 in = BIO_new_mem_buf(buf, -1);
3312 if (in == NULL) {
3313 memprintf(err, "%sCan't allocate memory\n", err && *err ? *err : "");
3314 goto end;
3315 }
yanbzhu488a4d22015-12-01 15:16:07 -05003316
William Lallemand96a9c972019-10-17 11:56:17 +02003317 } else {
3318 /* reading from a file */
William Lallemandf11365b2019-09-19 14:25:58 +02003319 in = BIO_new(BIO_s_file());
3320 if (in == NULL)
3321 goto end;
yanbzhu488a4d22015-12-01 15:16:07 -05003322
William Lallemandf11365b2019-09-19 14:25:58 +02003323 if (BIO_read_filename(in, path) <= 0)
3324 goto end;
William Lallemandf11365b2019-09-19 14:25:58 +02003325 }
yanbzhu488a4d22015-12-01 15:16:07 -05003326
yanbzhu488a4d22015-12-01 15:16:07 -05003327 /* Read Private Key */
William Lallemand96a9c972019-10-17 11:56:17 +02003328 key = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL);
William Lallemand4c5adbf2020-02-24 14:23:22 +01003329 /* no need to check for errors here, because the private key could be loaded later */
yanbzhu488a4d22015-12-01 15:16:07 -05003330
Emmanuel Hocdet54227d82019-07-30 17:04:01 +02003331#ifndef OPENSSL_NO_DH
William Lallemandfa892222019-07-23 16:06:08 +02003332 /* Seek back to beginning of file */
3333 if (BIO_reset(in) == -1) {
3334 memprintf(err, "%san error occurred while reading the file '%s'.\n",
3335 err && *err ? *err : "", path);
3336 goto end;
3337 }
3338
William Lallemand96a9c972019-10-17 11:56:17 +02003339 dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
3340 /* no need to return an error there, dh is not mandatory */
Emmanuel Hocdet54227d82019-07-30 17:04:01 +02003341#endif
William Lallemandfa892222019-07-23 16:06:08 +02003342
Willy Tarreaubb137a82016-04-06 19:02:38 +02003343 /* Seek back to beginning of file */
Thierry FOURNIER / OZON.IOd44ea3f2016-10-14 00:49:21 +02003344 if (BIO_reset(in) == -1) {
3345 memprintf(err, "%san error occurred while reading the file '%s'.\n",
3346 err && *err ? *err : "", path);
3347 goto end;
3348 }
Willy Tarreaubb137a82016-04-06 19:02:38 +02003349
3350 /* Read Certificate */
William Lallemand96a9c972019-10-17 11:56:17 +02003351 cert = PEM_read_bio_X509_AUX(in, NULL, NULL, NULL);
3352 if (cert == NULL) {
Willy Tarreaubb137a82016-04-06 19:02:38 +02003353 memprintf(err, "%sunable to load certificate from file '%s'.\n",
William Lallemand96a9c972019-10-17 11:56:17 +02003354 err && *err ? *err : "", path);
Willy Tarreaubb137a82016-04-06 19:02:38 +02003355 goto end;
3356 }
3357
William Lallemand96a9c972019-10-17 11:56:17 +02003358 /* Look for a Certificate Chain */
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003359 while ((ca = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
3360 if (chain == NULL)
3361 chain = sk_X509_new_null();
3362 if (!sk_X509_push(chain, ca)) {
William Lallemand96a9c972019-10-17 11:56:17 +02003363 X509_free(ca);
3364 goto end;
3365 }
3366 }
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +01003367 /* Find Certificate Chain in global */
3368 if (chain == NULL) {
3369 AUTHORITY_KEYID *akid;
3370 akid = X509_get_ext_d2i(cert, NID_authority_key_identifier, NULL, NULL);
3371 if (akid) {
3372 struct issuer_chain *issuer;
3373 struct eb64_node *node;
3374 u64 hk;
3375 hk = XXH64(ASN1_STRING_get0_data(akid->keyid), ASN1_STRING_length(akid->keyid), 0);
3376 for (node = eb64_lookup(&global_ssl.cert_issuer_tree, hk); node; node = eb64_next(node)) {
3377 issuer = container_of(node, typeof(*issuer), node);
3378 if (X509_check_issued(sk_X509_value(issuer->chain, 0), cert) == X509_V_OK) {
3379 chain = X509_chain_up_ref(issuer->chain);
3380 break;
3381 }
3382 }
3383 AUTHORITY_KEYID_free(akid);
3384 }
3385 }
Emmanuel Hocdeted17f472019-10-24 18:28:33 +02003386 /* no chain */
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003387 if (chain == NULL) {
3388 chain = sk_X509_new_null();
Emmanuel Hocdeted17f472019-10-24 18:28:33 +02003389 }
3390
yanbzhu488a4d22015-12-01 15:16:07 -05003391 ret = ERR_get_error();
3392 if (ret && (ERR_GET_LIB(ret) != ERR_LIB_PEM && ERR_GET_REASON(ret) != PEM_R_NO_START_LINE)) {
3393 memprintf(err, "%sunable to load certificate chain from file '%s'.\n",
William Lallemand96a9c972019-10-17 11:56:17 +02003394 err && *err ? *err : "", path);
yanbzhu488a4d22015-12-01 15:16:07 -05003395 goto end;
William Lallemand246c0242019-10-11 08:59:13 +02003396 }
3397
William Lallemand75b15f72020-01-23 10:56:05 +01003398 /* once it loaded the PEM, it should remove everything else in the ckch */
3399 if (ckch->ocsp_response) {
3400 free(ckch->ocsp_response->area);
3401 ckch->ocsp_response->area = NULL;
3402 free(ckch->ocsp_response);
3403 ckch->ocsp_response = NULL;
3404 }
3405
3406 if (ckch->sctl) {
3407 free(ckch->sctl->area);
3408 ckch->sctl->area = NULL;
3409 free(ckch->sctl);
3410 ckch->sctl = NULL;
3411 }
3412
3413 if (ckch->ocsp_issuer) {
3414 X509_free(ckch->ocsp_issuer);
3415 ckch->ocsp_issuer = NULL;
3416 }
3417
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003418 /* no error, fill ckch with new context, old context will be free at end: */
3419 SWAP(ckch->key, key);
3420 SWAP(ckch->dh, dh);
3421 SWAP(ckch->cert, cert);
3422 SWAP(ckch->chain, chain);
3423
Emmanuel Hocdet078156d2020-01-22 17:02:53 +01003424 /* check if one of the certificate of the chain is the issuer */
3425 for (i = 0; i < sk_X509_num(ckch->chain); i++) {
3426 X509 *issuer = sk_X509_value(ckch->chain, i);
3427 if (X509_check_issued(issuer, ckch->cert) == X509_V_OK) {
3428 ckch->ocsp_issuer = issuer;
3429 X509_up_ref(issuer);
3430 break;
3431 }
3432 }
William Lallemand246c0242019-10-11 08:59:13 +02003433 ret = 0;
3434
William Lallemand96a9c972019-10-17 11:56:17 +02003435end:
William Lallemand246c0242019-10-11 08:59:13 +02003436
3437 ERR_clear_error();
William Lallemand96a9c972019-10-17 11:56:17 +02003438 if (in)
William Lallemand246c0242019-10-11 08:59:13 +02003439 BIO_free(in);
Emmanuel Hocdet83cbd3c2019-10-25 11:55:03 +02003440 if (key)
3441 EVP_PKEY_free(key);
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003442 if (dh)
3443 DH_free(dh);
Emmanuel Hocdet83cbd3c2019-10-25 11:55:03 +02003444 if (cert)
3445 X509_free(cert);
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003446 if (chain)
3447 sk_X509_pop_free(chain, X509_free);
William Lallemanda17f4112019-10-10 15:16:44 +02003448
William Lallemand96a9c972019-10-17 11:56:17 +02003449 return ret;
3450}
3451
3452/*
William Lallemand4c5adbf2020-02-24 14:23:22 +01003453 * Try to load a private key file from a <path> or a buffer <buf>
3454 *
3455 * If it failed you should not attempt to use the ckch but free it.
3456 *
3457 * Return 0 on success or != 0 on failure
3458 */
3459static int ssl_sock_load_key_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch , char **err)
3460{
3461 BIO *in = NULL;
3462 int ret = 1;
3463 EVP_PKEY *key = NULL;
3464
3465 if (buf) {
3466 /* reading from a buffer */
3467 in = BIO_new_mem_buf(buf, -1);
3468 if (in == NULL) {
3469 memprintf(err, "%sCan't allocate memory\n", err && *err ? *err : "");
3470 goto end;
3471 }
3472
3473 } else {
3474 /* reading from a file */
3475 in = BIO_new(BIO_s_file());
3476 if (in == NULL)
3477 goto end;
3478
3479 if (BIO_read_filename(in, path) <= 0)
3480 goto end;
3481 }
3482
3483 /* Read Private Key */
3484 key = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL);
3485 if (key == NULL) {
3486 memprintf(err, "%sunable to load private key from file '%s'.\n",
3487 err && *err ? *err : "", path);
3488 goto end;
3489 }
3490
3491 ret = 0;
3492
3493 SWAP(ckch->key, key);
3494
3495end:
3496
3497 ERR_clear_error();
3498 if (in)
3499 BIO_free(in);
3500 if (key)
3501 EVP_PKEY_free(key);
3502
3503 return ret;
3504}
3505
3506/*
William Lallemand96a9c972019-10-17 11:56:17 +02003507 * Try to load in a ckch every files related to a ckch.
3508 * (PEM, sctl, ocsp, issuer etc.)
3509 *
3510 * This function is only used to load files during the configuration parsing,
3511 * it is not used with the CLI.
3512 *
3513 * This allows us to carry the contents of the file without having to read the
3514 * file multiple times. The caller must call
3515 * ssl_sock_free_cert_key_and_chain_contents.
3516 *
3517 * returns:
3518 * 0 on Success
3519 * 1 on SSL Failure
3520 */
3521static int ssl_sock_load_files_into_ckch(const char *path, struct cert_key_and_chain *ckch, char **err)
3522{
3523 int ret = 1;
3524
3525 /* try to load the PEM */
3526 if (ssl_sock_load_pem_into_ckch(path, NULL, ckch , err) != 0) {
3527 goto end;
3528 }
3529
William Lallemand4c5adbf2020-02-24 14:23:22 +01003530 /* try to load an external private key if it wasn't in the PEM */
3531 if ((ckch->key == NULL) && (global_ssl.extra_files & SSL_GF_KEY)) {
3532 char fp[MAXPATHLEN+1];
3533 struct stat st;
3534
3535 snprintf(fp, MAXPATHLEN+1, "%s.key", path);
3536 if (stat(fp, &st) == 0) {
3537 if (ssl_sock_load_key_into_ckch(fp, NULL, ckch, err)) {
3538 memprintf(err, "%s '%s' is present but cannot be read or parsed'.\n",
3539 err && *err ? *err : "", fp);
3540 goto end;
3541 }
3542 }
3543 }
3544
3545 if (ckch->key == NULL) {
3546 memprintf(err, "%sNo Private Key found in '%s' or '%s.key'.\n", err && *err ? *err : "", path, path);
3547 goto end;
3548 }
3549
3550 if (!X509_check_private_key(ckch->cert, ckch->key)) {
3551 memprintf(err, "%sinconsistencies between private key and certificate loaded '%s'.\n",
3552 err && *err ? *err : "", path);
3553 goto end;
3554 }
3555
William Lallemanda17f4112019-10-10 15:16:44 +02003556#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
3557 /* try to load the sctl file */
William Lallemand3af48e72020-02-03 17:15:52 +01003558 if (global_ssl.extra_files & SSL_GF_SCTL) {
William Lallemanda17f4112019-10-10 15:16:44 +02003559 char fp[MAXPATHLEN+1];
3560 struct stat st;
3561
3562 snprintf(fp, MAXPATHLEN+1, "%s.sctl", path);
3563 if (stat(fp, &st) == 0) {
William Lallemand0dfae6c2019-10-16 18:06:58 +02003564 if (ssl_sock_load_sctl_from_file(fp, NULL, ckch, err)) {
William Lallemanda17f4112019-10-10 15:16:44 +02003565 memprintf(err, "%s '%s.sctl' is present but cannot be read or parsed'.\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01003566 err && *err ? *err : "", fp);
William Lallemanda17f4112019-10-10 15:16:44 +02003567 ret = 1;
3568 goto end;
3569 }
3570 }
3571 }
3572#endif
yanbzhu488a4d22015-12-01 15:16:07 -05003573
William Lallemand246c0242019-10-11 08:59:13 +02003574 /* try to load an ocsp response file */
William Lallemand3af48e72020-02-03 17:15:52 +01003575 if (global_ssl.extra_files & SSL_GF_OCSP) {
William Lallemand246c0242019-10-11 08:59:13 +02003576 char fp[MAXPATHLEN+1];
3577 struct stat st;
3578
3579 snprintf(fp, MAXPATHLEN+1, "%s.ocsp", path);
3580 if (stat(fp, &st) == 0) {
William Lallemand3b5f3602019-10-16 18:05:05 +02003581 if (ssl_sock_load_ocsp_response_from_file(fp, NULL, ckch, err)) {
William Lallemand246c0242019-10-11 08:59:13 +02003582 ret = 1;
3583 goto end;
3584 }
3585 }
3586 }
3587
Emmanuel Hocdeteaad5cc2019-10-25 12:19:00 +02003588#ifndef OPENSSL_IS_BORINGSSL /* Useless for BoringSSL */
William Lallemand3af48e72020-02-03 17:15:52 +01003589 if (ckch->ocsp_response && (global_ssl.extra_files & SSL_GF_OCSP_ISSUER)) {
William Lallemand246c0242019-10-11 08:59:13 +02003590 /* if no issuer was found, try to load an issuer from the .issuer */
Emmanuel Hocdet078156d2020-01-22 17:02:53 +01003591 if (!ckch->ocsp_issuer) {
William Lallemand246c0242019-10-11 08:59:13 +02003592 struct stat st;
3593 char fp[MAXPATHLEN+1];
3594
3595 snprintf(fp, MAXPATHLEN+1, "%s.issuer", path);
3596 if (stat(fp, &st) == 0) {
William Lallemandf9568fc2019-10-16 18:27:58 +02003597 if (ssl_sock_load_issuer_file_into_ckch(fp, NULL, ckch, err)) {
William Lallemand246c0242019-10-11 08:59:13 +02003598 ret = 1;
3599 goto end;
3600 }
3601
3602 if (X509_check_issued(ckch->ocsp_issuer, ckch->cert) != X509_V_OK) {
William Lallemand786188f2019-10-15 10:05:37 +02003603 memprintf(err, "%s '%s' is not an issuer'.\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01003604 err && *err ? *err : "", fp);
William Lallemand246c0242019-10-11 08:59:13 +02003605 ret = 1;
3606 goto end;
3607 }
3608 } else {
3609 memprintf(err, "%sNo issuer found, cannot use the OCSP response'.\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01003610 err && *err ? *err : "");
William Lallemand246c0242019-10-11 08:59:13 +02003611 ret = 1;
3612 goto end;
3613 }
3614 }
3615 }
Emmanuel Hocdeteaad5cc2019-10-25 12:19:00 +02003616#endif
William Lallemand246c0242019-10-11 08:59:13 +02003617
yanbzhu488a4d22015-12-01 15:16:07 -05003618 ret = 0;
3619
3620end:
3621
3622 ERR_clear_error();
yanbzhu488a4d22015-12-01 15:16:07 -05003623
3624 /* Something went wrong in one of the reads */
3625 if (ret != 0)
3626 ssl_sock_free_cert_key_and_chain_contents(ckch);
3627
3628 return ret;
3629}
3630
3631/* Loads the info in ckch into ctx
Emeric Bruna96b5822019-10-17 13:25:14 +02003632 * Returns a bitfield containing the flags:
3633 * ERR_FATAL in any fatal error case
3634 * ERR_ALERT if the reason of the error is available in err
3635 * ERR_WARN if a warning is available into err
3636 * The value 0 means there is no error nor warning and
3637 * the operation succeed.
yanbzhu488a4d22015-12-01 15:16:07 -05003638 */
3639static int ssl_sock_put_ckch_into_ctx(const char *path, const struct cert_key_and_chain *ckch, SSL_CTX *ctx, char **err)
3640{
Emeric Bruna96b5822019-10-17 13:25:14 +02003641 int errcode = 0;
3642
yanbzhu488a4d22015-12-01 15:16:07 -05003643 if (SSL_CTX_use_PrivateKey(ctx, ckch->key) <= 0) {
3644 memprintf(err, "%sunable to load SSL private key into SSL Context '%s'.\n",
3645 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003646 errcode |= ERR_ALERT | ERR_FATAL;
3647 return errcode;
yanbzhu488a4d22015-12-01 15:16:07 -05003648 }
3649
3650 if (!SSL_CTX_use_certificate(ctx, ckch->cert)) {
3651 memprintf(err, "%sunable to load SSL certificate into SSL Context '%s'.\n",
3652 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003653 errcode |= ERR_ALERT | ERR_FATAL;
3654 goto end;
yanbzhu488a4d22015-12-01 15:16:07 -05003655 }
3656
yanbzhu488a4d22015-12-01 15:16:07 -05003657 /* Load all certs in the ckch into the ctx_chain for the ssl_ctx */
Emmanuel Hocdet1c65fdd2018-12-03 18:07:44 +01003658#ifdef SSL_CTX_set1_chain
Emmanuel Hocdet9246f8b2018-11-30 16:00:21 +01003659 if (!SSL_CTX_set1_chain(ctx, ckch->chain)) {
3660 memprintf(err, "%sunable to load chain certificate into SSL Context '%s'. Make sure you are linking against Openssl >= 1.0.2.\n",
3661 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003662 errcode |= ERR_ALERT | ERR_FATAL;
3663 goto end;
yanbzhu488a4d22015-12-01 15:16:07 -05003664 }
Emmanuel Hocdet1c65fdd2018-12-03 18:07:44 +01003665#else
3666 { /* legacy compat (< openssl 1.0.2) */
3667 X509 *ca;
Emmanuel Hocdet140b64f2019-10-24 18:33:10 +02003668 STACK_OF(X509) *chain;
3669 chain = X509_chain_up_ref(ckch->chain);
3670 while ((ca = sk_X509_shift(chain)))
Emmanuel Hocdet1c65fdd2018-12-03 18:07:44 +01003671 if (!SSL_CTX_add_extra_chain_cert(ctx, ca)) {
3672 memprintf(err, "%sunable to load chain certificate into SSL Context '%s'.\n",
3673 err && *err ? *err : "", path);
3674 X509_free(ca);
Emmanuel Hocdet140b64f2019-10-24 18:33:10 +02003675 sk_X509_pop_free(chain, X509_free);
Emeric Bruna96b5822019-10-17 13:25:14 +02003676 errcode |= ERR_ALERT | ERR_FATAL;
3677 goto end;
Emmanuel Hocdet1c65fdd2018-12-03 18:07:44 +01003678 }
3679 }
3680#endif
yanbzhu488a4d22015-12-01 15:16:07 -05003681
William Lallemandfa892222019-07-23 16:06:08 +02003682#ifndef OPENSSL_NO_DH
3683 /* store a NULL pointer to indicate we have not yet loaded
3684 a custom DH param file */
3685 if (ssl_dh_ptr_index >= 0) {
3686 SSL_CTX_set_ex_data(ctx, ssl_dh_ptr_index, NULL);
3687 }
3688
Emeric Brun7a883362019-10-17 13:27:40 +02003689 errcode |= ssl_sock_load_dh_params(ctx, ckch, path, err);
3690 if (errcode & ERR_CODE) {
William Lallemandfa892222019-07-23 16:06:08 +02003691 memprintf(err, "%sunable to load DH parameters from file '%s'.\n",
3692 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003693 goto end;
William Lallemandfa892222019-07-23 16:06:08 +02003694 }
3695#endif
3696
William Lallemanda17f4112019-10-10 15:16:44 +02003697#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
3698 if (sctl_ex_index >= 0 && ckch->sctl) {
3699 if (ssl_sock_load_sctl(ctx, ckch->sctl) < 0) {
3700 memprintf(err, "%s '%s.sctl' is present but cannot be read or parsed'.\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01003701 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003702 errcode |= ERR_ALERT | ERR_FATAL;
3703 goto end;
William Lallemanda17f4112019-10-10 15:16:44 +02003704 }
3705 }
3706#endif
3707
William Lallemand4a660132019-10-14 14:51:41 +02003708#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
William Lallemand246c0242019-10-11 08:59:13 +02003709 /* Load OCSP Info into context */
3710 if (ckch->ocsp_response) {
3711 if (ssl_sock_load_ocsp(ctx, ckch) < 0) {
Tim Duesterhus93128532019-11-23 23:45:10 +01003712 memprintf(err, "%s '%s.ocsp' is present and activates OCSP but it is impossible to compute the OCSP certificate ID (maybe the issuer could not be found)'.\n",
3713 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003714 errcode |= ERR_ALERT | ERR_FATAL;
3715 goto end;
William Lallemand246c0242019-10-11 08:59:13 +02003716 }
3717 }
William Lallemand246c0242019-10-11 08:59:13 +02003718#endif
3719
Emeric Bruna96b5822019-10-17 13:25:14 +02003720 end:
3721 return errcode;
yanbzhu488a4d22015-12-01 15:16:07 -05003722}
3723
William Lallemandc4ecddf2019-07-31 16:50:08 +02003724#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhu08ce6ab2015-12-02 13:01:29 -05003725
William Lallemand28a8fce2019-10-04 17:36:55 +02003726static int ssl_sock_populate_sni_keytypes_hplr(const char *str, struct eb_root *sni_keytypes, int key_index)
yanbzhu08ce6ab2015-12-02 13:01:29 -05003727{
3728 struct sni_keytype *s_kt = NULL;
3729 struct ebmb_node *node;
3730 int i;
3731
3732 for (i = 0; i < trash.size; i++) {
3733 if (!str[i])
3734 break;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02003735 trash.area[i] = tolower(str[i]);
yanbzhu08ce6ab2015-12-02 13:01:29 -05003736 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +02003737 trash.area[i] = 0;
3738 node = ebst_lookup(sni_keytypes, trash.area);
yanbzhu08ce6ab2015-12-02 13:01:29 -05003739 if (!node) {
3740 /* CN not found in tree */
3741 s_kt = malloc(sizeof(struct sni_keytype) + i + 1);
3742 /* Using memcpy here instead of strncpy.
3743 * strncpy will cause sig_abrt errors under certain versions of gcc with -O2
3744 * See: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=60792
3745 */
William Lallemand28a8fce2019-10-04 17:36:55 +02003746 if (!s_kt)
3747 return -1;
3748
Willy Tarreau843b7cb2018-07-13 10:54:26 +02003749 memcpy(s_kt->name.key, trash.area, i+1);
yanbzhu08ce6ab2015-12-02 13:01:29 -05003750 s_kt->keytypes = 0;
3751 ebst_insert(sni_keytypes, &s_kt->name);
3752 } else {
3753 /* CN found in tree */
3754 s_kt = container_of(node, struct sni_keytype, name);
3755 }
3756
3757 /* Mark that this CN has the keytype of key_index via keytypes mask */
3758 s_kt->keytypes |= 1<<key_index;
3759
William Lallemand28a8fce2019-10-04 17:36:55 +02003760 return 0;
3761
yanbzhu08ce6ab2015-12-02 13:01:29 -05003762}
3763
William Lallemandc4ecddf2019-07-31 16:50:08 +02003764#endif
William Lallemand8c1cdde2019-10-18 10:58:14 +02003765/*
3766 * Free a ckch_store and its ckch(s)
3767 * The linked ckch_inst are not free'd
3768 */
3769void ckchs_free(struct ckch_store *ckchs)
3770{
3771 if (!ckchs)
3772 return;
3773
3774#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
3775 if (ckchs->multi) {
3776 int n;
3777
3778 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++)
3779 ssl_sock_free_cert_key_and_chain_contents(&ckchs->ckch[n]);
3780 } else
3781#endif
3782 {
3783 ssl_sock_free_cert_key_and_chain_contents(ckchs->ckch);
3784 ckchs->ckch = NULL;
3785 }
3786
3787 free(ckchs);
3788}
3789
3790/* allocate and duplicate a ckch_store
3791 * Return a new ckch_store or NULL */
3792static struct ckch_store *ckchs_dup(const struct ckch_store *src)
3793{
3794 struct ckch_store *dst;
3795 int pathlen;
3796
3797 pathlen = strlen(src->path);
3798 dst = calloc(1, sizeof(*dst) + pathlen + 1);
3799 if (!dst)
3800 return NULL;
3801 /* copy previous key */
3802 memcpy(dst->path, src->path, pathlen + 1);
3803 dst->multi = src->multi;
3804 LIST_INIT(&dst->ckch_inst);
3805
3806 dst->ckch = calloc((src->multi ? SSL_SOCK_NUM_KEYTYPES : 1), sizeof(*dst->ckch));
3807 if (!dst->ckch)
3808 goto error;
3809
3810#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
3811 if (src->multi) {
3812 int n;
3813
3814 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
3815 if (&src->ckch[n]) {
3816 if (!ssl_sock_copy_cert_key_and_chain(&src->ckch[n], &dst->ckch[n]))
3817 goto error;
3818 }
3819 }
3820 } else
3821#endif
3822 {
3823 if (!ssl_sock_copy_cert_key_and_chain(src->ckch, dst->ckch))
3824 goto error;
3825 }
3826
3827 return dst;
3828
3829error:
3830 ckchs_free(dst);
3831
3832 return NULL;
3833}
William Lallemandc4ecddf2019-07-31 16:50:08 +02003834
William Lallemand36b84632019-07-18 19:28:17 +02003835/*
William Lallemande3af8fb2019-10-08 11:36:53 +02003836 * lookup a path into the ckchs tree.
William Lallemand6af03992019-07-23 15:00:54 +02003837 */
William Lallemande3af8fb2019-10-08 11:36:53 +02003838static inline struct ckch_store *ckchs_lookup(char *path)
William Lallemand6af03992019-07-23 15:00:54 +02003839{
3840 struct ebmb_node *eb;
3841
William Lallemande3af8fb2019-10-08 11:36:53 +02003842 eb = ebst_lookup(&ckchs_tree, path);
William Lallemand6af03992019-07-23 15:00:54 +02003843 if (!eb)
3844 return NULL;
3845
William Lallemande3af8fb2019-10-08 11:36:53 +02003846 return ebmb_entry(eb, struct ckch_store, node);
William Lallemand6af03992019-07-23 15:00:54 +02003847}
3848
3849/*
William Lallemande3af8fb2019-10-08 11:36:53 +02003850 * This function allocate a ckch_store and populate it with certificates from files.
William Lallemand36b84632019-07-18 19:28:17 +02003851 */
William Lallemande3af8fb2019-10-08 11:36:53 +02003852static struct ckch_store *ckchs_load_cert_file(char *path, int multi, char **err)
William Lallemand36b84632019-07-18 19:28:17 +02003853{
William Lallemande3af8fb2019-10-08 11:36:53 +02003854 struct ckch_store *ckchs;
William Lallemand36b84632019-07-18 19:28:17 +02003855
William Lallemande3af8fb2019-10-08 11:36:53 +02003856 ckchs = calloc(1, sizeof(*ckchs) + strlen(path) + 1);
3857 if (!ckchs) {
William Lallemand36b84632019-07-18 19:28:17 +02003858 memprintf(err, "%sunable to allocate memory.\n", err && *err ? *err : "");
3859 goto end;
3860 }
William Lallemande3af8fb2019-10-08 11:36:53 +02003861 ckchs->ckch = calloc(1, sizeof(*ckchs->ckch) * (multi ? SSL_SOCK_NUM_KEYTYPES : 1));
William Lallemand36b84632019-07-18 19:28:17 +02003862
William Lallemande3af8fb2019-10-08 11:36:53 +02003863 if (!ckchs->ckch) {
William Lallemand36b84632019-07-18 19:28:17 +02003864 memprintf(err, "%sunable to allocate memory.\n", err && *err ? *err : "");
3865 goto end;
3866 }
3867
William Lallemand9117de92019-10-04 00:29:42 +02003868 LIST_INIT(&ckchs->ckch_inst);
3869
William Lallemand36b84632019-07-18 19:28:17 +02003870 if (!multi) {
3871
William Lallemand96a9c972019-10-17 11:56:17 +02003872 if (ssl_sock_load_files_into_ckch(path, ckchs->ckch, err) == 1)
William Lallemand36b84632019-07-18 19:28:17 +02003873 goto end;
3874
William Lallemande3af8fb2019-10-08 11:36:53 +02003875 /* insert into the ckchs tree */
3876 memcpy(ckchs->path, path, strlen(path) + 1);
3877 ebst_insert(&ckchs_tree, &ckchs->node);
William Lallemand36b84632019-07-18 19:28:17 +02003878 } else {
3879 int found = 0;
William Lallemandc4ecddf2019-07-31 16:50:08 +02003880#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
3881 char fp[MAXPATHLEN+1] = {0};
3882 int n = 0;
William Lallemand36b84632019-07-18 19:28:17 +02003883
3884 /* Load all possible certs and keys */
3885 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
3886 struct stat buf;
3887 snprintf(fp, sizeof(fp), "%s.%s", path, SSL_SOCK_KEYTYPE_NAMES[n]);
3888 if (stat(fp, &buf) == 0) {
William Lallemand96a9c972019-10-17 11:56:17 +02003889 if (ssl_sock_load_files_into_ckch(fp, &ckchs->ckch[n], err) == 1)
William Lallemand36b84632019-07-18 19:28:17 +02003890 goto end;
3891 found = 1;
William Lallemande3af8fb2019-10-08 11:36:53 +02003892 ckchs->multi = 1;
William Lallemand36b84632019-07-18 19:28:17 +02003893 }
3894 }
William Lallemandc4ecddf2019-07-31 16:50:08 +02003895#endif
William Lallemand36b84632019-07-18 19:28:17 +02003896
3897 if (!found) {
William Lallemand6e5f2ce2019-08-01 14:43:20 +02003898 memprintf(err, "%sDidn't find any certificate for bundle '%s'.\n", err && *err ? *err : "", path);
William Lallemand36b84632019-07-18 19:28:17 +02003899 goto end;
3900 }
William Lallemande3af8fb2019-10-08 11:36:53 +02003901 /* insert into the ckchs tree */
3902 memcpy(ckchs->path, path, strlen(path) + 1);
3903 ebst_insert(&ckchs_tree, &ckchs->node);
William Lallemand36b84632019-07-18 19:28:17 +02003904 }
William Lallemande3af8fb2019-10-08 11:36:53 +02003905 return ckchs;
yanbzhu08ce6ab2015-12-02 13:01:29 -05003906
William Lallemand36b84632019-07-18 19:28:17 +02003907end:
William Lallemande3af8fb2019-10-08 11:36:53 +02003908 if (ckchs) {
3909 free(ckchs->ckch);
3910 ebmb_delete(&ckchs->node);
William Lallemand6af03992019-07-23 15:00:54 +02003911 }
3912
William Lallemande3af8fb2019-10-08 11:36:53 +02003913 free(ckchs);
William Lallemand36b84632019-07-18 19:28:17 +02003914
3915 return NULL;
3916}
3917
William Lallemandc4ecddf2019-07-31 16:50:08 +02003918#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
3919
William Lallemand36b84632019-07-18 19:28:17 +02003920/*
William Lallemande3af8fb2019-10-08 11:36:53 +02003921 * Take a ckch_store which contains a multi-certificate bundle.
William Lallemand36b84632019-07-18 19:28:17 +02003922 * Group these certificates into a set of SSL_CTX*
yanbzhu08ce6ab2015-12-02 13:01:29 -05003923 * based on shared and unique CN and SAN entries. Add these SSL_CTX* to the SNI tree.
3924 *
Joseph Herlant017b3da2018-11-15 09:07:59 -08003925 * This will allow the user to explicitly group multiple cert/keys for a single purpose
yanbzhu08ce6ab2015-12-02 13:01:29 -05003926 *
Emeric Brun054563d2019-10-17 13:16:58 +02003927 * Returns a bitfield containing the flags:
3928 * ERR_FATAL in any fatal error case
3929 * ERR_ALERT if the reason of the error is available in err
3930 * ERR_WARN if a warning is available into err
William Lallemand36b84632019-07-18 19:28:17 +02003931 *
yanbzhu08ce6ab2015-12-02 13:01:29 -05003932 */
Emeric Brun054563d2019-10-17 13:16:58 +02003933static int ckch_inst_new_load_multi_store(const char *path, struct ckch_store *ckchs,
3934 struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf,
3935 char **sni_filter, int fcount, struct ckch_inst **ckchi, char **err)
yanbzhu08ce6ab2015-12-02 13:01:29 -05003936{
William Lallemand36b84632019-07-18 19:28:17 +02003937 int i = 0, n = 0;
3938 struct cert_key_and_chain *certs_and_keys;
William Lallemand4b989f22019-10-04 18:36:55 +02003939 struct eb_root sni_keytypes_map = EB_ROOT;
yanbzhu08ce6ab2015-12-02 13:01:29 -05003940 struct ebmb_node *node;
3941 struct ebmb_node *next;
3942 /* Array of SSL_CTX pointers corresponding to each possible combo
3943 * of keytypes
3944 */
3945 struct key_combo_ctx key_combos[SSL_SOCK_POSSIBLE_KT_COMBOS] = { {0} };
Emeric Brun054563d2019-10-17 13:16:58 +02003946 int errcode = 0;
yanbzhu08ce6ab2015-12-02 13:01:29 -05003947 X509_NAME *xname = NULL;
3948 char *str = NULL;
3949#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
3950 STACK_OF(GENERAL_NAME) *names = NULL;
3951#endif
William Lallemand614ca0d2019-10-07 13:52:11 +02003952 struct ckch_inst *ckch_inst;
yanbzhu08ce6ab2015-12-02 13:01:29 -05003953
Emeric Brun054563d2019-10-17 13:16:58 +02003954 *ckchi = NULL;
3955
William Lallemande3af8fb2019-10-08 11:36:53 +02003956 if (!ckchs || !ckchs->ckch || !ckchs->multi) {
William Lallemand36b84632019-07-18 19:28:17 +02003957 memprintf(err, "%sunable to load SSL certificate file '%s' file does not exist.\n",
3958 err && *err ? *err : "", path);
Emeric Brun054563d2019-10-17 13:16:58 +02003959 return ERR_ALERT | ERR_FATAL;
William Lallemand614ca0d2019-10-07 13:52:11 +02003960 }
3961
3962 ckch_inst = ckch_inst_new();
3963 if (!ckch_inst) {
3964 memprintf(err, "%sunable to allocate SSL context for cert '%s'.\n",
3965 err && *err ? *err : "", path);
Emeric Brun054563d2019-10-17 13:16:58 +02003966 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemand614ca0d2019-10-07 13:52:11 +02003967 goto end;
yanbzhu08ce6ab2015-12-02 13:01:29 -05003968 }
3969
William Lallemande3af8fb2019-10-08 11:36:53 +02003970 certs_and_keys = ckchs->ckch;
William Lallemand36b84632019-07-18 19:28:17 +02003971
William Lallemand150bfa82019-09-19 17:12:49 +02003972 /* at least one of the instances is using filters during the config
3973 * parsing, that's ok to inherit this during loading on CLI */
William Lallemand920b0352019-12-04 15:33:01 +01003974 ckchs->filters |= !!fcount;
William Lallemand150bfa82019-09-19 17:12:49 +02003975
yanbzhu08ce6ab2015-12-02 13:01:29 -05003976 /* Process each ckch and update keytypes for each CN/SAN
3977 * for example, if CN/SAN www.a.com is associated with
3978 * certs with keytype 0 and 2, then at the end of the loop,
3979 * www.a.com will have:
3980 * keyindex = 0 | 1 | 4 = 5
3981 */
3982 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
William Lallemand28a8fce2019-10-04 17:36:55 +02003983 int ret;
yanbzhu08ce6ab2015-12-02 13:01:29 -05003984
3985 if (!ssl_sock_is_ckch_valid(&certs_and_keys[n]))
3986 continue;
3987
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02003988 if (fcount) {
William Lallemand28a8fce2019-10-04 17:36:55 +02003989 for (i = 0; i < fcount; i++) {
3990 ret = ssl_sock_populate_sni_keytypes_hplr(sni_filter[i], &sni_keytypes_map, n);
3991 if (ret < 0) {
3992 memprintf(err, "%sunable to allocate SSL context.\n",
3993 err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02003994 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemand28a8fce2019-10-04 17:36:55 +02003995 goto end;
3996 }
3997 }
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02003998 } else {
3999 /* A lot of the following code is OpenSSL boilerplate for processing CN's and SAN's,
4000 * so the line that contains logic is marked via comments
4001 */
4002 xname = X509_get_subject_name(certs_and_keys[n].cert);
4003 i = -1;
4004 while ((i = X509_NAME_get_index_by_NID(xname, NID_commonName, i)) != -1) {
4005 X509_NAME_ENTRY *entry = X509_NAME_get_entry(xname, i);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02004006 ASN1_STRING *value;
4007 value = X509_NAME_ENTRY_get_data(entry);
4008 if (ASN1_STRING_to_UTF8((unsigned char **)&str, value) >= 0) {
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004009 /* Important line is here */
William Lallemand28a8fce2019-10-04 17:36:55 +02004010 ret = ssl_sock_populate_sni_keytypes_hplr(str, &sni_keytypes_map, n);
yanbzhu08ce6ab2015-12-02 13:01:29 -05004011
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004012 OPENSSL_free(str);
4013 str = NULL;
William Lallemand28a8fce2019-10-04 17:36:55 +02004014 if (ret < 0) {
4015 memprintf(err, "%sunable to allocate SSL context.\n",
4016 err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004017 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemand28a8fce2019-10-04 17:36:55 +02004018 goto end;
4019 }
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004020 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004021 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004022
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004023 /* Do the above logic for each SAN */
yanbzhu08ce6ab2015-12-02 13:01:29 -05004024#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004025 names = X509_get_ext_d2i(certs_and_keys[n].cert, NID_subject_alt_name, NULL, NULL);
4026 if (names) {
4027 for (i = 0; i < sk_GENERAL_NAME_num(names); i++) {
4028 GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
yanbzhu08ce6ab2015-12-02 13:01:29 -05004029
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004030 if (name->type == GEN_DNS) {
4031 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
4032 /* Important line is here */
William Lallemand28a8fce2019-10-04 17:36:55 +02004033 ret = ssl_sock_populate_sni_keytypes_hplr(str, &sni_keytypes_map, n);
yanbzhu08ce6ab2015-12-02 13:01:29 -05004034
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004035 OPENSSL_free(str);
4036 str = NULL;
William Lallemand28a8fce2019-10-04 17:36:55 +02004037 if (ret < 0) {
4038 memprintf(err, "%sunable to allocate SSL context.\n",
4039 err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004040 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemand28a8fce2019-10-04 17:36:55 +02004041 goto end;
4042 }
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004043 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004044 }
4045 }
4046 }
4047 }
4048#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
4049 }
4050
4051 /* If no files found, return error */
4052 if (eb_is_empty(&sni_keytypes_map)) {
4053 memprintf(err, "%sunable to load SSL certificate file '%s' file does not exist.\n",
4054 err && *err ? *err : "", path);
Emeric Brun054563d2019-10-17 13:16:58 +02004055 errcode |= ERR_ALERT | ERR_FATAL;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004056 goto end;
4057 }
4058
4059 /* We now have a map of CN/SAN to keytypes that are loaded in
4060 * Iterate through the map to create the SSL_CTX's (if needed)
4061 * and add each CTX to the SNI tree
4062 *
4063 * Some math here:
Joseph Herlant017b3da2018-11-15 09:07:59 -08004064 * There are 2^n - 1 possible combinations, each unique
yanbzhu08ce6ab2015-12-02 13:01:29 -05004065 * combination is denoted by the key in the map. Each key
4066 * has a value between 1 and 2^n - 1. Conveniently, the array
4067 * of SSL_CTX* is sized 2^n. So, we can simply use the i'th
4068 * entry in the array to correspond to the unique combo (key)
4069 * associated with i. This unique key combo (i) will be associated
4070 * with combos[i-1]
4071 */
4072
4073 node = ebmb_first(&sni_keytypes_map);
4074 while (node) {
4075 SSL_CTX *cur_ctx;
Bertrand Jacquin33423092016-11-13 16:37:13 +00004076 char cur_file[MAXPATHLEN+1];
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02004077 const struct pkey_info kinfo = { .sig = TLSEXT_signature_anonymous, .bits = 0 };
yanbzhu08ce6ab2015-12-02 13:01:29 -05004078
4079 str = (char *)container_of(node, struct sni_keytype, name)->name.key;
4080 i = container_of(node, struct sni_keytype, name)->keytypes;
4081 cur_ctx = key_combos[i-1].ctx;
4082
4083 if (cur_ctx == NULL) {
4084 /* need to create SSL_CTX */
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01004085 cur_ctx = SSL_CTX_new(SSLv23_server_method());
yanbzhu08ce6ab2015-12-02 13:01:29 -05004086 if (cur_ctx == NULL) {
4087 memprintf(err, "%sunable to allocate SSL context.\n",
4088 err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004089 errcode |= ERR_ALERT | ERR_FATAL;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004090 goto end;
4091 }
4092
yanbzhube2774d2015-12-10 15:07:30 -05004093 /* Load all required certs/keys/chains/OCSPs info into SSL_CTX */
yanbzhu08ce6ab2015-12-02 13:01:29 -05004094 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
4095 if (i & (1<<n)) {
4096 /* Key combo contains ckch[n] */
Bertrand Jacquin33423092016-11-13 16:37:13 +00004097 snprintf(cur_file, MAXPATHLEN+1, "%s.%s", path, SSL_SOCK_KEYTYPE_NAMES[n]);
Emeric Bruna96b5822019-10-17 13:25:14 +02004098 errcode |= ssl_sock_put_ckch_into_ctx(cur_file, &certs_and_keys[n], cur_ctx, err);
4099 if (errcode & ERR_CODE)
yanbzhu08ce6ab2015-12-02 13:01:29 -05004100 goto end;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004101 }
4102 }
4103
yanbzhu08ce6ab2015-12-02 13:01:29 -05004104 /* Update key_combos */
4105 key_combos[i-1].ctx = cur_ctx;
4106 }
4107
4108 /* Update SNI Tree */
William Lallemand9117de92019-10-04 00:29:42 +02004109
William Lallemand1d29c742019-10-04 00:53:29 +02004110 key_combos[i-1].order = ckch_inst_add_cert_sni(cur_ctx, ckch_inst, bind_conf, ssl_conf,
William Lallemandfe49bb32019-10-03 23:46:33 +02004111 kinfo, str, key_combos[i-1].order);
4112 if (key_combos[i-1].order < 0) {
4113 memprintf(err, "%sunable to create a sni context.\n", err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004114 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandfe49bb32019-10-03 23:46:33 +02004115 goto end;
4116 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004117 node = ebmb_next(node);
4118 }
4119
4120
4121 /* Mark a default context if none exists, using the ctx that has the most shared keys */
4122 if (!bind_conf->default_ctx) {
4123 for (i = SSL_SOCK_POSSIBLE_KT_COMBOS - 1; i >= 0; i--) {
4124 if (key_combos[i].ctx) {
4125 bind_conf->default_ctx = key_combos[i].ctx;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004126 bind_conf->default_ssl_conf = ssl_conf;
William Lallemand21724f02019-11-04 17:56:13 +01004127 ckch_inst->is_default = 1;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004128 break;
4129 }
4130 }
4131 }
4132
William Lallemand614ca0d2019-10-07 13:52:11 +02004133 ckch_inst->bind_conf = bind_conf;
William Lallemand150bfa82019-09-19 17:12:49 +02004134 ckch_inst->ssl_conf = ssl_conf;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004135end:
4136
4137 if (names)
4138 sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
4139
yanbzhu08ce6ab2015-12-02 13:01:29 -05004140 node = ebmb_first(&sni_keytypes_map);
4141 while (node) {
4142 next = ebmb_next(node);
4143 ebmb_delete(node);
William Lallemand8ed5b962019-10-04 17:24:39 +02004144 free(ebmb_entry(node, struct sni_keytype, name));
yanbzhu08ce6ab2015-12-02 13:01:29 -05004145 node = next;
4146 }
4147
Emeric Brun054563d2019-10-17 13:16:58 +02004148 if (errcode & ERR_CODE && ckch_inst) {
William Lallemand0c6d12f2019-10-04 18:38:51 +02004149 struct sni_ctx *sc0, *sc0b;
4150
4151 /* free the SSL_CTX in case of error */
4152 for (i = 0; i < SSL_SOCK_POSSIBLE_KT_COMBOS; i++) {
4153 if (key_combos[i].ctx)
4154 SSL_CTX_free(key_combos[i].ctx);
4155 }
4156
4157 /* free the sni_ctx in case of error */
4158 list_for_each_entry_safe(sc0, sc0b, &ckch_inst->sni_ctx, by_ckch_inst) {
4159
4160 ebmb_delete(&sc0->name);
4161 LIST_DEL(&sc0->by_ckch_inst);
4162 free(sc0);
4163 }
William Lallemand614ca0d2019-10-07 13:52:11 +02004164 free(ckch_inst);
4165 ckch_inst = NULL;
William Lallemand0c6d12f2019-10-04 18:38:51 +02004166 }
4167
Emeric Brun054563d2019-10-17 13:16:58 +02004168 *ckchi = ckch_inst;
4169 return errcode;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004170}
4171#else
4172/* This is a dummy, that just logs an error and returns error */
Emeric Brun054563d2019-10-17 13:16:58 +02004173static int ckch_inst_new_load_multi_store(const char *path, struct ckch_store *ckchs,
4174 struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf,
4175 char **sni_filter, int fcount, struct ckch_inst **ckchi, char **err)
yanbzhu08ce6ab2015-12-02 13:01:29 -05004176{
4177 memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
4178 err && *err ? *err : "", path, strerror(errno));
Emeric Brun054563d2019-10-17 13:16:58 +02004179 return ERR_ALERT | ERR_FATAL;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004180}
4181
Willy Tarreau9a1ab082019-05-09 13:26:41 +02004182#endif /* #if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL: Support for loading multiple certs into a single SSL_CTX */
yanbzhu488a4d22015-12-01 15:16:07 -05004183
William Lallemand614ca0d2019-10-07 13:52:11 +02004184/*
4185 * This function allocate a ckch_inst and create its snis
Emeric Brun054563d2019-10-17 13:16:58 +02004186 *
4187 * Returns a bitfield containing the flags:
4188 * ERR_FATAL in any fatal error case
4189 * ERR_ALERT if the reason of the error is available in err
4190 * ERR_WARN if a warning is available into err
William Lallemand614ca0d2019-10-07 13:52:11 +02004191 */
Emeric Brun054563d2019-10-17 13:16:58 +02004192static int ckch_inst_new_load_store(const char *path, struct ckch_store *ckchs, struct bind_conf *bind_conf,
4193 struct ssl_bind_conf *ssl_conf, char **sni_filter, int fcount, struct ckch_inst **ckchi, char **err)
Emeric Brunfc0421f2012-09-07 17:30:07 +02004194{
William Lallemandc9402072019-05-15 15:33:54 +02004195 SSL_CTX *ctx;
William Lallemandc9402072019-05-15 15:33:54 +02004196 int i;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004197 int order = 0;
4198 X509_NAME *xname;
4199 char *str;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01004200 EVP_PKEY *pkey;
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02004201 struct pkey_info kinfo = { .sig = TLSEXT_signature_anonymous, .bits = 0 };
Emeric Brunfc0421f2012-09-07 17:30:07 +02004202#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
4203 STACK_OF(GENERAL_NAME) *names;
4204#endif
William Lallemand36b84632019-07-18 19:28:17 +02004205 struct cert_key_and_chain *ckch;
William Lallemand614ca0d2019-10-07 13:52:11 +02004206 struct ckch_inst *ckch_inst = NULL;
Emeric Brun054563d2019-10-17 13:16:58 +02004207 int errcode = 0;
4208
4209 *ckchi = NULL;
William Lallemanda59191b2019-05-15 16:08:56 +02004210
William Lallemande3af8fb2019-10-08 11:36:53 +02004211 if (!ckchs || !ckchs->ckch)
Emeric Brun054563d2019-10-17 13:16:58 +02004212 return ERR_FATAL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004213
William Lallemande3af8fb2019-10-08 11:36:53 +02004214 ckch = ckchs->ckch;
William Lallemand36b84632019-07-18 19:28:17 +02004215
William Lallemand150bfa82019-09-19 17:12:49 +02004216 /* at least one of the instances is using filters during the config
4217 * parsing, that's ok to inherit this during loading on CLI */
William Lallemand920b0352019-12-04 15:33:01 +01004218 ckchs->filters |= !!fcount;
William Lallemand150bfa82019-09-19 17:12:49 +02004219
William Lallemandc9402072019-05-15 15:33:54 +02004220 ctx = SSL_CTX_new(SSLv23_server_method());
4221 if (!ctx) {
4222 memprintf(err, "%sunable to allocate SSL context for cert '%s'.\n",
4223 err && *err ? *err : "", path);
Emeric Brun054563d2019-10-17 13:16:58 +02004224 errcode |= ERR_ALERT | ERR_FATAL;
4225 goto error;
William Lallemandc9402072019-05-15 15:33:54 +02004226 }
4227
Emeric Bruna96b5822019-10-17 13:25:14 +02004228 errcode |= ssl_sock_put_ckch_into_ctx(path, ckch, ctx, err);
4229 if (errcode & ERR_CODE)
William Lallemand614ca0d2019-10-07 13:52:11 +02004230 goto error;
William Lallemand614ca0d2019-10-07 13:52:11 +02004231
4232 ckch_inst = ckch_inst_new();
4233 if (!ckch_inst) {
4234 memprintf(err, "%sunable to allocate SSL context for cert '%s'.\n",
4235 err && *err ? *err : "", path);
Emeric Brun054563d2019-10-17 13:16:58 +02004236 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandd9199372019-10-04 15:37:05 +02004237 goto error;
William Lallemandc9402072019-05-15 15:33:54 +02004238 }
4239
William Lallemand36b84632019-07-18 19:28:17 +02004240 pkey = X509_get_pubkey(ckch->cert);
Emmanuel Hocdet05942112017-02-20 16:11:50 +01004241 if (pkey) {
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02004242 kinfo.bits = EVP_PKEY_bits(pkey);
Emmanuel Hocdet05942112017-02-20 16:11:50 +01004243 switch(EVP_PKEY_base_id(pkey)) {
4244 case EVP_PKEY_RSA:
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02004245 kinfo.sig = TLSEXT_signature_rsa;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01004246 break;
4247 case EVP_PKEY_EC:
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02004248 kinfo.sig = TLSEXT_signature_ecdsa;
4249 break;
4250 case EVP_PKEY_DSA:
4251 kinfo.sig = TLSEXT_signature_dsa;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01004252 break;
4253 }
4254 EVP_PKEY_free(pkey);
4255 }
4256
Emeric Brun50bcecc2013-04-22 13:05:23 +02004257 if (fcount) {
William Lallemandfe49bb32019-10-03 23:46:33 +02004258 while (fcount--) {
William Lallemand1d29c742019-10-04 00:53:29 +02004259 order = ckch_inst_add_cert_sni(ctx, ckch_inst, bind_conf, ssl_conf, kinfo, sni_filter[fcount], order);
William Lallemandfe49bb32019-10-03 23:46:33 +02004260 if (order < 0) {
4261 memprintf(err, "%sunable to create a sni context.\n", err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004262 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandd9199372019-10-04 15:37:05 +02004263 goto error;
William Lallemandfe49bb32019-10-03 23:46:33 +02004264 }
4265 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004266 }
4267 else {
Emeric Brunfc0421f2012-09-07 17:30:07 +02004268#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
William Lallemand36b84632019-07-18 19:28:17 +02004269 names = X509_get_ext_d2i(ckch->cert, NID_subject_alt_name, NULL, NULL);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004270 if (names) {
4271 for (i = 0; i < sk_GENERAL_NAME_num(names); i++) {
4272 GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
4273 if (name->type == GEN_DNS) {
4274 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
William Lallemand1d29c742019-10-04 00:53:29 +02004275 order = ckch_inst_add_cert_sni(ctx, ckch_inst, bind_conf, ssl_conf, kinfo, str, order);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004276 OPENSSL_free(str);
William Lallemandfe49bb32019-10-03 23:46:33 +02004277 if (order < 0) {
4278 memprintf(err, "%sunable to create a sni context.\n", err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004279 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandd9199372019-10-04 15:37:05 +02004280 goto error;
William Lallemandfe49bb32019-10-03 23:46:33 +02004281 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004282 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004283 }
4284 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004285 sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
Emeric Brunfc0421f2012-09-07 17:30:07 +02004286 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004287#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
William Lallemand36b84632019-07-18 19:28:17 +02004288 xname = X509_get_subject_name(ckch->cert);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004289 i = -1;
4290 while ((i = X509_NAME_get_index_by_NID(xname, NID_commonName, i)) != -1) {
4291 X509_NAME_ENTRY *entry = X509_NAME_get_entry(xname, i);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02004292 ASN1_STRING *value;
4293
4294 value = X509_NAME_ENTRY_get_data(entry);
4295 if (ASN1_STRING_to_UTF8((unsigned char **)&str, value) >= 0) {
William Lallemand1d29c742019-10-04 00:53:29 +02004296 order = ckch_inst_add_cert_sni(ctx, ckch_inst, bind_conf, ssl_conf, kinfo, str, order);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004297 OPENSSL_free(str);
William Lallemandfe49bb32019-10-03 23:46:33 +02004298 if (order < 0) {
4299 memprintf(err, "%sunable to create a sni context.\n", err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004300 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandd9199372019-10-04 15:37:05 +02004301 goto error;
William Lallemandfe49bb32019-10-03 23:46:33 +02004302 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004303 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004304 }
4305 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004306 /* we must not free the SSL_CTX anymore below, since it's already in
4307 * the tree, so it will be discovered and cleaned in time.
4308 */
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02004309
Emeric Brunfc0421f2012-09-07 17:30:07 +02004310#ifndef SSL_CTRL_SET_TLSEXT_HOSTNAME
Willy Tarreau2a65ff02012-09-13 17:54:29 +02004311 if (bind_conf->default_ctx) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +02004312 memprintf(err, "%sthis version of openssl cannot load multiple SSL certificates.\n",
4313 err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004314 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandd9199372019-10-04 15:37:05 +02004315 goto error;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004316 }
4317#endif
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004318 if (!bind_conf->default_ctx) {
Willy Tarreau2a65ff02012-09-13 17:54:29 +02004319 bind_conf->default_ctx = ctx;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004320 bind_conf->default_ssl_conf = ssl_conf;
William Lallemand21724f02019-11-04 17:56:13 +01004321 ckch_inst->is_default = 1;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004322 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004323
William Lallemand9117de92019-10-04 00:29:42 +02004324 /* everything succeed, the ckch instance can be used */
4325 ckch_inst->bind_conf = bind_conf;
William Lallemand150bfa82019-09-19 17:12:49 +02004326 ckch_inst->ssl_conf = ssl_conf;
William Lallemand9117de92019-10-04 00:29:42 +02004327
Emeric Brun054563d2019-10-17 13:16:58 +02004328 *ckchi = ckch_inst;
4329 return errcode;
William Lallemandd9199372019-10-04 15:37:05 +02004330
4331error:
4332 /* free the allocated sni_ctxs */
William Lallemand614ca0d2019-10-07 13:52:11 +02004333 if (ckch_inst) {
William Lallemandd9199372019-10-04 15:37:05 +02004334 struct sni_ctx *sc0, *sc0b;
4335
4336 list_for_each_entry_safe(sc0, sc0b, &ckch_inst->sni_ctx, by_ckch_inst) {
4337
4338 ebmb_delete(&sc0->name);
4339 LIST_DEL(&sc0->by_ckch_inst);
4340 free(sc0);
4341 }
William Lallemand614ca0d2019-10-07 13:52:11 +02004342 free(ckch_inst);
4343 ckch_inst = NULL;
William Lallemandd9199372019-10-04 15:37:05 +02004344 }
4345 /* We only created 1 SSL_CTX so we can free it there */
4346 SSL_CTX_free(ctx);
4347
Emeric Brun054563d2019-10-17 13:16:58 +02004348 return errcode;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004349}
4350
Willy Tarreau8c5414a2019-10-16 17:06:25 +02004351/* Returns a set of ERR_* flags possibly with an error in <err>. */
William Lallemand614ca0d2019-10-07 13:52:11 +02004352static int ssl_sock_load_ckchs(const char *path, struct ckch_store *ckchs,
4353 struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf,
4354 char **sni_filter, int fcount, char **err)
4355{
4356 struct ckch_inst *ckch_inst = NULL;
Emeric Brun054563d2019-10-17 13:16:58 +02004357 int errcode = 0;
William Lallemand614ca0d2019-10-07 13:52:11 +02004358
4359 /* we found the ckchs in the tree, we can use it directly */
4360 if (ckchs->multi)
Emeric Brun054563d2019-10-17 13:16:58 +02004361 errcode |= ckch_inst_new_load_multi_store(path, ckchs, bind_conf, ssl_conf, sni_filter, fcount, &ckch_inst, err);
William Lallemand614ca0d2019-10-07 13:52:11 +02004362 else
Emeric Brun054563d2019-10-17 13:16:58 +02004363 errcode |= ckch_inst_new_load_store(path, ckchs, bind_conf, ssl_conf, sni_filter, fcount, &ckch_inst, err);
William Lallemand614ca0d2019-10-07 13:52:11 +02004364
Emeric Brun054563d2019-10-17 13:16:58 +02004365 if (errcode & ERR_CODE)
4366 return errcode;
William Lallemand614ca0d2019-10-07 13:52:11 +02004367
4368 ssl_sock_load_cert_sni(ckch_inst, bind_conf);
4369
4370 /* succeed, add the instance to the ckch_store's list of instance */
4371 LIST_ADDQ(&ckchs->ckch_inst, &ckch_inst->by_ckchs);
Emeric Brun054563d2019-10-17 13:16:58 +02004372 return errcode;
William Lallemand614ca0d2019-10-07 13:52:11 +02004373}
4374
4375
Willy Tarreaubbc91962019-10-16 16:42:19 +02004376/* Returns a set of ERR_* flags possibly with an error in <err>. */
Willy Tarreau03209342016-12-22 17:08:28 +01004377int ssl_sock_load_cert(char *path, struct bind_conf *bind_conf, char **err)
Emeric Brunfc0421f2012-09-07 17:30:07 +02004378{
Cyril Bonté3180f7b2015-01-25 00:16:08 +01004379 struct dirent **de_list;
4380 int i, n;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004381 struct stat buf;
Willy Tarreauee2663b2012-12-06 11:36:59 +01004382 char *end;
4383 char fp[MAXPATHLEN+1];
Emeric Brunfc0421f2012-09-07 17:30:07 +02004384 int cfgerr = 0;
William Lallemande3af8fb2019-10-08 11:36:53 +02004385 struct ckch_store *ckchs;
Willy Tarreau9a1ab082019-05-09 13:26:41 +02004386#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhu63ea8462015-12-09 13:35:14 -05004387 int is_bundle;
4388 int j;
4389#endif
William Lallemande3af8fb2019-10-08 11:36:53 +02004390 if ((ckchs = ckchs_lookup(path))) {
William Lallemande3af8fb2019-10-08 11:36:53 +02004391 /* we found the ckchs in the tree, we can use it directly */
Willy Tarreau8c5414a2019-10-16 17:06:25 +02004392 return ssl_sock_load_ckchs(path, ckchs, bind_conf, NULL, NULL, 0, err);
William Lallemand6af03992019-07-23 15:00:54 +02004393 }
4394
yanbzhu08ce6ab2015-12-02 13:01:29 -05004395 if (stat(path, &buf) == 0) {
William Dauchy9a8ef7f2020-01-13 17:52:49 +01004396 if (S_ISDIR(buf.st_mode) == 0) {
William Lallemande3af8fb2019-10-08 11:36:53 +02004397 ckchs = ckchs_load_cert_file(path, 0, err);
4398 if (!ckchs)
Willy Tarreaubbc91962019-10-16 16:42:19 +02004399 return ERR_ALERT | ERR_FATAL;
4400
Willy Tarreau8c5414a2019-10-16 17:06:25 +02004401 return ssl_sock_load_ckchs(path, ckchs, bind_conf, NULL, NULL, 0, err);
William Lallemand36b84632019-07-18 19:28:17 +02004402 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004403
yanbzhu08ce6ab2015-12-02 13:01:29 -05004404 /* strip trailing slashes, including first one */
4405 for (end = path + strlen(path) - 1; end >= path && *end == '/'; end--)
4406 *end = 0;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004407
yanbzhu08ce6ab2015-12-02 13:01:29 -05004408 n = scandir(path, &de_list, 0, alphasort);
4409 if (n < 0) {
4410 memprintf(err, "%sunable to scan directory '%s' : %s.\n",
4411 err && *err ? *err : "", path, strerror(errno));
Willy Tarreaubbc91962019-10-16 16:42:19 +02004412 cfgerr |= ERR_ALERT | ERR_FATAL;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004413 }
4414 else {
4415 for (i = 0; i < n; i++) {
4416 struct dirent *de = de_list[i];
Emeric Brun2aab7222014-06-18 18:15:09 +02004417
yanbzhu08ce6ab2015-12-02 13:01:29 -05004418 end = strrchr(de->d_name, '.');
William Lallemand3f25ae32020-02-24 16:30:12 +01004419 if (end && (!strcmp(end, ".issuer") || !strcmp(end, ".ocsp") || !strcmp(end, ".sctl") || !strcmp(end, ".key")))
yanbzhu08ce6ab2015-12-02 13:01:29 -05004420 goto ignore_entry;
Cyril Bonté3180f7b2015-01-25 00:16:08 +01004421
yanbzhu08ce6ab2015-12-02 13:01:29 -05004422 snprintf(fp, sizeof(fp), "%s/%s", path, de->d_name);
4423 if (stat(fp, &buf) != 0) {
4424 memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
4425 err && *err ? *err : "", fp, strerror(errno));
Willy Tarreaubbc91962019-10-16 16:42:19 +02004426 cfgerr |= ERR_ALERT | ERR_FATAL;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004427 goto ignore_entry;
4428 }
4429 if (!S_ISREG(buf.st_mode))
4430 goto ignore_entry;
yanbzhu63ea8462015-12-09 13:35:14 -05004431
Willy Tarreau9a1ab082019-05-09 13:26:41 +02004432#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhu63ea8462015-12-09 13:35:14 -05004433 is_bundle = 0;
4434 /* Check if current entry in directory is part of a multi-cert bundle */
4435
William Lallemand3af48e72020-02-03 17:15:52 +01004436 if ((global_ssl.extra_files & SSL_GF_BUNDLE) && end) {
yanbzhu63ea8462015-12-09 13:35:14 -05004437 for (j = 0; j < SSL_SOCK_NUM_KEYTYPES; j++) {
4438 if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) {
4439 is_bundle = 1;
4440 break;
4441 }
4442 }
4443
4444 if (is_bundle) {
yanbzhu63ea8462015-12-09 13:35:14 -05004445 int dp_len;
4446
4447 dp_len = end - de->d_name;
yanbzhu63ea8462015-12-09 13:35:14 -05004448
4449 /* increment i and free de until we get to a non-bundle cert
4450 * Note here that we look at de_list[i + 1] before freeing de
Willy Tarreau05800522019-10-29 10:48:50 +01004451 * this is important since ignore_entry will free de. This also
4452 * guarantees that de->d_name continues to hold the same prefix.
yanbzhu63ea8462015-12-09 13:35:14 -05004453 */
Willy Tarreau05800522019-10-29 10:48:50 +01004454 while (i + 1 < n && !strncmp(de_list[i + 1]->d_name, de->d_name, dp_len)) {
yanbzhu63ea8462015-12-09 13:35:14 -05004455 free(de);
4456 i++;
4457 de = de_list[i];
4458 }
4459
Willy Tarreau05800522019-10-29 10:48:50 +01004460 snprintf(fp, sizeof(fp), "%s/%.*s", path, dp_len, de->d_name);
William Lallemande3af8fb2019-10-08 11:36:53 +02004461 if ((ckchs = ckchs_lookup(fp)) == NULL)
4462 ckchs = ckchs_load_cert_file(fp, 1, err);
4463 if (!ckchs)
Willy Tarreaubbc91962019-10-16 16:42:19 +02004464 cfgerr |= ERR_ALERT | ERR_FATAL;
Willy Tarreau8c5414a2019-10-16 17:06:25 +02004465 else
4466 cfgerr |= ssl_sock_load_ckchs(path, ckchs, bind_conf, NULL, NULL, 0, err);
yanbzhu63ea8462015-12-09 13:35:14 -05004467 /* Successfully processed the bundle */
4468 goto ignore_entry;
4469 }
4470 }
4471
4472#endif
William Lallemande3af8fb2019-10-08 11:36:53 +02004473 if ((ckchs = ckchs_lookup(fp)) == NULL)
4474 ckchs = ckchs_load_cert_file(fp, 0, err);
4475 if (!ckchs)
Willy Tarreaubbc91962019-10-16 16:42:19 +02004476 cfgerr |= ERR_ALERT | ERR_FATAL;
William Lallemand614ca0d2019-10-07 13:52:11 +02004477 else
Willy Tarreau8c5414a2019-10-16 17:06:25 +02004478 cfgerr |= ssl_sock_load_ckchs(path, ckchs, bind_conf, NULL, NULL, 0, err);
William Lallemand36b84632019-07-18 19:28:17 +02004479
yanbzhu08ce6ab2015-12-02 13:01:29 -05004480ignore_entry:
4481 free(de);
Cyril Bonté3180f7b2015-01-25 00:16:08 +01004482 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004483 free(de_list);
Emeric Brunfc0421f2012-09-07 17:30:07 +02004484 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004485 return cfgerr;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004486
William Lallemand3af48e72020-02-03 17:15:52 +01004487 } else {
4488 /* stat failed */
Willy Tarreaubbc91962019-10-16 16:42:19 +02004489
William Lallemand3af48e72020-02-03 17:15:52 +01004490 if (global_ssl.extra_files & SSL_GF_BUNDLE) {
4491 /* try to load a bundle if it is permitted */
4492 ckchs = ckchs_load_cert_file(path, 1, err);
4493 if (!ckchs)
4494 return ERR_ALERT | ERR_FATAL;
4495 cfgerr |= ssl_sock_load_ckchs(path, ckchs, bind_conf, NULL, NULL, 0, err);
4496 } else {
4497 memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
4498 err && *err ? *err : "", fp, strerror(errno));
4499 cfgerr |= ERR_ALERT | ERR_FATAL;
4500 }
4501 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004502
Emeric Brunfc0421f2012-09-07 17:30:07 +02004503 return cfgerr;
4504}
4505
Thierry Fournier383085f2013-01-24 14:15:43 +01004506/* Make sure openssl opens /dev/urandom before the chroot. The work is only
4507 * done once. Zero is returned if the operation fails. No error is returned
4508 * if the random is said as not implemented, because we expect that openssl
4509 * will use another method once needed.
4510 */
4511static int ssl_initialize_random()
4512{
4513 unsigned char random;
4514 static int random_initialized = 0;
4515
4516 if (!random_initialized && RAND_bytes(&random, 1) != 0)
4517 random_initialized = 1;
4518
4519 return random_initialized;
4520}
4521
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004522/* release ssl bind conf */
4523void ssl_sock_free_ssl_conf(struct ssl_bind_conf *conf)
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004524{
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004525 if (conf) {
Bernard Spil13c53f82018-02-15 13:34:58 +01004526#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004527 free(conf->npn_str);
4528 conf->npn_str = NULL;
4529#endif
4530#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
4531 free(conf->alpn_str);
4532 conf->alpn_str = NULL;
4533#endif
4534 free(conf->ca_file);
4535 conf->ca_file = NULL;
4536 free(conf->crl_file);
4537 conf->crl_file = NULL;
4538 free(conf->ciphers);
4539 conf->ciphers = NULL;
Emmanuel Hocdet839af572019-05-14 16:27:35 +02004540#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02004541 free(conf->ciphersuites);
4542 conf->ciphersuites = NULL;
4543#endif
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01004544 free(conf->curves);
4545 conf->curves = NULL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004546 free(conf->ecdhe);
4547 conf->ecdhe = NULL;
4548 }
4549}
4550
Willy Tarreaubbc91962019-10-16 16:42:19 +02004551/* Returns a set of ERR_* flags possibly with an error in <err>. */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004552int ssl_sock_load_cert_list_file(char *file, struct bind_conf *bind_conf, struct proxy *curproxy, char **err)
4553{
4554 char thisline[CRT_LINESIZE];
4555 char path[MAXPATHLEN+1];
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004556 FILE *f;
yanbzhu1b04e5b2015-12-02 13:54:14 -05004557 struct stat buf;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004558 int linenum = 0;
4559 int cfgerr = 0;
William Lallemande3af8fb2019-10-08 11:36:53 +02004560 struct ckch_store *ckchs;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004561
Willy Tarreauad1731d2013-04-02 17:35:58 +02004562 if ((f = fopen(file, "r")) == NULL) {
4563 memprintf(err, "cannot open file '%s' : %s", file, strerror(errno));
Willy Tarreaubbc91962019-10-16 16:42:19 +02004564 return ERR_ALERT | ERR_FATAL;
Willy Tarreauad1731d2013-04-02 17:35:58 +02004565 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004566
4567 while (fgets(thisline, sizeof(thisline), f) != NULL) {
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004568 int arg, newarg, cur_arg, i, ssl_b = 0, ssl_e = 0;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004569 char *end;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004570 char *args[MAX_CRT_ARGS + 1];
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004571 char *line = thisline;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004572 char *crt_path;
4573 struct ssl_bind_conf *ssl_conf = NULL;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004574
4575 linenum++;
4576 end = line + strlen(line);
4577 if (end-line == sizeof(thisline)-1 && *(end-1) != '\n') {
4578 /* Check if we reached the limit and the last char is not \n.
4579 * Watch out for the last line without the terminating '\n'!
4580 */
Willy Tarreauad1731d2013-04-02 17:35:58 +02004581 memprintf(err, "line %d too long in file '%s', limit is %d characters",
4582 linenum, file, (int)sizeof(thisline)-1);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004583 cfgerr |= ERR_ALERT | ERR_FATAL;
Willy Tarreauad1731d2013-04-02 17:35:58 +02004584 break;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004585 }
4586
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004587 arg = 0;
Emeric Brun50bcecc2013-04-22 13:05:23 +02004588 newarg = 1;
4589 while (*line) {
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004590 if (*line == '#' || *line == '\n' || *line == '\r') {
4591 /* end of string, end of loop */
4592 *line = 0;
4593 break;
Willy Tarreauded15b72020-02-25 07:51:59 +01004594 } else if (isspace((unsigned char)*line)) {
Emeric Brun50bcecc2013-04-22 13:05:23 +02004595 newarg = 1;
4596 *line = 0;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004597 } else if (*line == '[') {
4598 if (ssl_b) {
4599 memprintf(err, "too many '[' on line %d in file '%s'.", linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004600 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004601 break;
4602 }
4603 if (!arg) {
4604 memprintf(err, "file must start with a cert on line %d in file '%s'", linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004605 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004606 break;
4607 }
4608 ssl_b = arg;
4609 newarg = 1;
4610 *line = 0;
4611 } else if (*line == ']') {
4612 if (ssl_e) {
4613 memprintf(err, "too many ']' on line %d in file '%s'.", linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004614 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brun50bcecc2013-04-22 13:05:23 +02004615 break;
4616 }
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004617 if (!ssl_b) {
4618 memprintf(err, "missing '[' in line %d in file '%s'.", linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004619 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004620 break;
4621 }
4622 ssl_e = arg;
4623 newarg = 1;
4624 *line = 0;
4625 } else if (newarg) {
4626 if (arg == MAX_CRT_ARGS) {
4627 memprintf(err, "too many args on line %d in file '%s'.", linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004628 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004629 break;
4630 }
Emeric Brun50bcecc2013-04-22 13:05:23 +02004631 newarg = 0;
4632 args[arg++] = line;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004633 }
Emeric Brun50bcecc2013-04-22 13:05:23 +02004634 line++;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004635 }
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02004636 if (cfgerr)
4637 break;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004638 args[arg++] = line;
Willy Tarreauad1731d2013-04-02 17:35:58 +02004639
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004640 /* empty line */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004641 if (!*args[0])
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004642 continue;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004643
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004644 crt_path = args[0];
4645 if (*crt_path != '/' && global_ssl.crt_base) {
4646 if ((strlen(global_ssl.crt_base) + 1 + strlen(crt_path)) > MAXPATHLEN) {
4647 memprintf(err, "'%s' : path too long on line %d in file '%s'",
4648 crt_path, linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004649 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004650 break;
4651 }
4652 snprintf(path, sizeof(path), "%s/%s", global_ssl.crt_base, crt_path);
4653 crt_path = path;
4654 }
4655
4656 ssl_conf = calloc(1, sizeof *ssl_conf);
4657 cur_arg = ssl_b ? ssl_b : 1;
4658 while (cur_arg < ssl_e) {
4659 newarg = 0;
4660 for (i = 0; ssl_bind_kws[i].kw != NULL; i++) {
4661 if (strcmp(ssl_bind_kws[i].kw, args[cur_arg]) == 0) {
4662 newarg = 1;
Willy Tarreaubbc91962019-10-16 16:42:19 +02004663 cfgerr |= ssl_bind_kws[i].parse(args, cur_arg, curproxy, ssl_conf, err);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004664 if (cur_arg + 1 + ssl_bind_kws[i].skip > ssl_e) {
4665 memprintf(err, "ssl args out of '[]' for %s on line %d in file '%s'",
4666 args[cur_arg], linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004667 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004668 }
4669 cur_arg += 1 + ssl_bind_kws[i].skip;
4670 break;
4671 }
4672 }
4673 if (!cfgerr && !newarg) {
4674 memprintf(err, "unknown ssl keyword %s on line %d in file '%s'.",
4675 args[cur_arg], linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004676 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004677 break;
4678 }
4679 }
Willy Tarreaubbc91962019-10-16 16:42:19 +02004680
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004681 if (cfgerr) {
4682 ssl_sock_free_ssl_conf(ssl_conf);
4683 free(ssl_conf);
4684 ssl_conf = NULL;
4685 break;
4686 }
4687
William Lallemande3af8fb2019-10-08 11:36:53 +02004688 if ((ckchs = ckchs_lookup(crt_path)) == NULL) {
William Lallemandeed4bf22019-10-10 11:38:13 +02004689 if (stat(crt_path, &buf) == 0)
William Lallemande3af8fb2019-10-08 11:36:53 +02004690 ckchs = ckchs_load_cert_file(crt_path, 0, err);
Emmanuel Hocdet1503e052019-07-31 18:30:33 +02004691 else
William Lallemande3af8fb2019-10-08 11:36:53 +02004692 ckchs = ckchs_load_cert_file(crt_path, 1, err);
yanbzhu1b04e5b2015-12-02 13:54:14 -05004693 }
4694
Willy Tarreau8c5414a2019-10-16 17:06:25 +02004695 if (!ckchs)
Willy Tarreaubbc91962019-10-16 16:42:19 +02004696 cfgerr |= ERR_ALERT | ERR_FATAL;
Willy Tarreau8c5414a2019-10-16 17:06:25 +02004697 else
4698 cfgerr |= ssl_sock_load_ckchs(crt_path, ckchs, bind_conf, ssl_conf, &args[cur_arg], arg - cur_arg - 1, err);
William Lallemandeed4bf22019-10-10 11:38:13 +02004699
Willy Tarreauad1731d2013-04-02 17:35:58 +02004700 if (cfgerr) {
4701 memprintf(err, "error processing line %d in file '%s' : %s", linenum, file, *err);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004702 break;
Willy Tarreauad1731d2013-04-02 17:35:58 +02004703 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004704 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004705 fclose(f);
4706 return cfgerr;
4707}
4708
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01004709/* Create an initial CTX used to start the SSL connection before switchctx */
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004710static int
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01004711ssl_sock_initial_ctx(struct bind_conf *bind_conf)
Emeric Brunfc0421f2012-09-07 17:30:07 +02004712{
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01004713 SSL_CTX *ctx = NULL;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004714 long options =
Emeric Brunfc0421f2012-09-07 17:30:07 +02004715 SSL_OP_ALL | /* all known workarounds for bugs */
4716 SSL_OP_NO_SSLv2 |
4717 SSL_OP_NO_COMPRESSION |
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02004718 SSL_OP_SINGLE_DH_USE |
Emeric Brun2b58d042012-09-20 17:10:03 +02004719 SSL_OP_SINGLE_ECDH_USE |
Emeric Brun3c4bc6e2012-10-04 18:44:19 +02004720 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION |
Lukas Tribus926594f2018-05-18 17:55:57 +02004721 SSL_OP_PRIORITIZE_CHACHA |
Emeric Brun3c4bc6e2012-10-04 18:44:19 +02004722 SSL_OP_CIPHER_SERVER_PREFERENCE;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004723 long mode =
Emeric Brunfc0421f2012-09-07 17:30:07 +02004724 SSL_MODE_ENABLE_PARTIAL_WRITE |
4725 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
Willy Tarreau396a1862014-11-13 14:06:52 +01004726 SSL_MODE_RELEASE_BUFFERS |
4727 SSL_MODE_SMALL_BUFFERS;
Emmanuel Hocdet43664762017-08-09 18:26:20 +02004728 struct tls_version_filter *conf_ssl_methods = &bind_conf->ssl_conf.ssl_methods;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02004729 int i, min, max, hole;
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004730 int flags = MC_SSL_O_ALL;
4731 int cfgerr = 0;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01004732
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004733 ctx = SSL_CTX_new(SSLv23_server_method());
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004734 bind_conf->initial_ctx = ctx;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004735
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004736 if (conf_ssl_methods->flags && (conf_ssl_methods->min || conf_ssl_methods->max))
Christopher Faulet767a84b2017-11-24 16:50:31 +01004737 ha_warning("Proxy '%s': no-sslv3/no-tlsv1x are ignored for bind '%s' at [%s:%d]. "
4738 "Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
4739 bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004740 else
4741 flags = conf_ssl_methods->flags;
4742
Emmanuel Hocdetbd695fe2017-05-15 15:53:41 +02004743 min = conf_ssl_methods->min;
4744 max = conf_ssl_methods->max;
4745 /* start with TLSv10 to remove SSLv3 per default */
4746 if (!min && (!max || max >= CONF_TLSV10))
4747 min = CONF_TLSV10;
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02004748 /* Real min and max should be determinate with configuration and openssl's capabilities */
Emmanuel Hocdetbd695fe2017-05-15 15:53:41 +02004749 if (min)
4750 flags |= (methodVersions[min].flag - 1);
4751 if (max)
4752 flags |= ~((methodVersions[max].flag << 1) - 1);
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02004753 /* find min, max and holes */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02004754 min = max = CONF_TLSV_NONE;
4755 hole = 0;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004756 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02004757 /* version is in openssl && version not disable in configuration */
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004758 if (methodVersions[i].option && !(flags & methodVersions[i].flag)) {
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02004759 if (min) {
4760 if (hole) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01004761 ha_warning("Proxy '%s': SSL/TLS versions range not contiguous for bind '%s' at [%s:%d]. "
4762 "Hole find for %s. Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
4763 bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line,
4764 methodVersions[hole].name);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02004765 hole = 0;
4766 }
4767 max = i;
4768 }
4769 else {
4770 min = max = i;
4771 }
4772 }
4773 else {
4774 if (min)
4775 hole = i;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02004776 }
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004777 if (!min) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01004778 ha_alert("Proxy '%s': all SSL/TLS versions are disabled for bind '%s' at [%s:%d].\n",
4779 bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004780 cfgerr += 1;
4781 }
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02004782 /* save real min/max in bind_conf */
4783 conf_ssl_methods->min = min;
4784 conf_ssl_methods->max = max;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004785
Willy Tarreau9a1ab082019-05-09 13:26:41 +02004786#if (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004787 /* Keep force-xxx implementation as it is in older haproxy. It's a
Joseph Herlant017b3da2018-11-15 09:07:59 -08004788 precautionary measure to avoid any surprise with older openssl version. */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004789 if (min == max)
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02004790 methodVersions[min].ctx_set_version(ctx, SET_SERVER);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004791 else
4792 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
4793 if (flags & methodVersions[i].flag)
4794 options |= methodVersions[i].option;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004795#else /* openssl >= 1.1.0 */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02004796 /* set the max_version is required to cap TLS version or activate new TLS (v1.3) */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02004797 methodVersions[min].ctx_set_version(ctx, SET_MIN);
4798 methodVersions[max].ctx_set_version(ctx, SET_MAX);
Emeric Brunfa5c5c82017-04-28 16:19:51 +02004799#endif
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004800
4801 if (bind_conf->ssl_options & BC_SSL_O_NO_TLS_TICKETS)
4802 options |= SSL_OP_NO_TICKET;
4803 if (bind_conf->ssl_options & BC_SSL_O_PREF_CLIE_CIPH)
4804 options &= ~SSL_OP_CIPHER_SERVER_PREFERENCE;
Dirkjan Bussink526894f2019-01-21 09:35:03 -08004805
4806#ifdef SSL_OP_NO_RENEGOTIATION
4807 options |= SSL_OP_NO_RENEGOTIATION;
4808#endif
4809
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004810 SSL_CTX_set_options(ctx, options);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00004811
Willy Tarreau5db847a2019-05-09 14:13:35 +02004812#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00004813 if (global_ssl.async)
4814 mode |= SSL_MODE_ASYNC;
4815#endif
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004816 SSL_CTX_set_mode(ctx, mode);
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01004817 if (global_ssl.life_time)
4818 SSL_CTX_set_timeout(ctx, global_ssl.life_time);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01004819
4820#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
4821#ifdef OPENSSL_IS_BORINGSSL
4822 SSL_CTX_set_select_certificate_cb(ctx, ssl_sock_switchctx_cbk);
4823 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
Ilya Shipitsine9ff8992020-01-19 12:20:14 +05004824#elif defined(SSL_OP_NO_ANTI_REPLAY)
Olivier Houchard545989f2019-12-17 15:39:54 +01004825 if (bind_conf->ssl_conf.early_data)
Olivier Houchard51088ce2019-01-02 18:46:41 +01004826 SSL_CTX_set_options(ctx, SSL_OP_NO_ANTI_REPLAY);
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02004827 SSL_CTX_set_client_hello_cb(ctx, ssl_sock_switchctx_cbk, NULL);
4828 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01004829#else
4830 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_cbk);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01004831#endif
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02004832 SSL_CTX_set_tlsext_servername_arg(ctx, bind_conf);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01004833#endif
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004834 return cfgerr;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01004835}
4836
William Lallemand4f45bb92017-10-30 20:08:51 +01004837
4838static inline void sh_ssl_sess_free_blocks(struct shared_block *first, struct shared_block *block)
4839{
4840 if (first == block) {
4841 struct sh_ssl_sess_hdr *sh_ssl_sess = (struct sh_ssl_sess_hdr *)first->data;
4842 if (first->len > 0)
4843 sh_ssl_sess_tree_delete(sh_ssl_sess);
4844 }
4845}
4846
4847/* return first block from sh_ssl_sess */
4848static inline struct shared_block *sh_ssl_sess_first_block(struct sh_ssl_sess_hdr *sh_ssl_sess)
4849{
4850 return (struct shared_block *)((unsigned char *)sh_ssl_sess - ((struct shared_block *)NULL)->data);
4851
4852}
4853
4854/* store a session into the cache
4855 * s_id : session id padded with zero to SSL_MAX_SSL_SESSION_ID_LENGTH
4856 * data: asn1 encoded session
4857 * data_len: asn1 encoded session length
4858 * Returns 1 id session was stored (else 0)
4859 */
4860static int sh_ssl_sess_store(unsigned char *s_id, unsigned char *data, int data_len)
4861{
4862 struct shared_block *first;
4863 struct sh_ssl_sess_hdr *sh_ssl_sess, *oldsh_ssl_sess;
4864
Frédéric Lécaille0bec8072018-10-22 17:55:57 +02004865 first = shctx_row_reserve_hot(ssl_shctx, NULL, data_len + sizeof(struct sh_ssl_sess_hdr));
William Lallemand4f45bb92017-10-30 20:08:51 +01004866 if (!first) {
4867 /* Could not retrieve enough free blocks to store that session */
4868 return 0;
4869 }
4870
4871 /* STORE the key in the first elem */
4872 sh_ssl_sess = (struct sh_ssl_sess_hdr *)first->data;
4873 memcpy(sh_ssl_sess->key_data, s_id, SSL_MAX_SSL_SESSION_ID_LENGTH);
4874 first->len = sizeof(struct sh_ssl_sess_hdr);
4875
4876 /* it returns the already existing node
4877 or current node if none, never returns null */
4878 oldsh_ssl_sess = sh_ssl_sess_tree_insert(sh_ssl_sess);
4879 if (oldsh_ssl_sess != sh_ssl_sess) {
4880 /* NOTE: Row couldn't be in use because we lock read & write function */
4881 /* release the reserved row */
4882 shctx_row_dec_hot(ssl_shctx, first);
4883 /* replace the previous session already in the tree */
4884 sh_ssl_sess = oldsh_ssl_sess;
4885 /* ignore the previous session data, only use the header */
4886 first = sh_ssl_sess_first_block(sh_ssl_sess);
4887 shctx_row_inc_hot(ssl_shctx, first);
4888 first->len = sizeof(struct sh_ssl_sess_hdr);
4889 }
4890
Frédéric Lécaille0bec8072018-10-22 17:55:57 +02004891 if (shctx_row_data_append(ssl_shctx, first, NULL, data, data_len) < 0) {
William Lallemand99b90af2018-01-03 19:15:51 +01004892 shctx_row_dec_hot(ssl_shctx, first);
William Lallemand4f45bb92017-10-30 20:08:51 +01004893 return 0;
William Lallemand99b90af2018-01-03 19:15:51 +01004894 }
4895
4896 shctx_row_dec_hot(ssl_shctx, first);
William Lallemand4f45bb92017-10-30 20:08:51 +01004897
4898 return 1;
4899}
William Lallemanded0b5ad2017-10-30 19:36:36 +01004900
Olivier Houchardbd84ac82017-11-03 13:43:35 +01004901/* SSL callback used when a new session is created while connecting to a server */
4902static int ssl_sess_new_srv_cb(SSL *ssl, SSL_SESSION *sess)
4903{
Thierry FOURNIER28962c92018-06-17 21:37:05 +02004904 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Olivier Houcharde6060c52017-11-16 17:42:52 +01004905 struct server *s;
Olivier Houchardbd84ac82017-11-03 13:43:35 +01004906
Willy Tarreau07d94e42018-09-20 10:57:52 +02004907 s = __objt_server(conn->target);
Olivier Houchardbd84ac82017-11-03 13:43:35 +01004908
Olivier Houcharde6060c52017-11-16 17:42:52 +01004909 if (!(s->ssl_ctx.options & SRV_SSL_O_NO_REUSE)) {
4910 int len;
4911 unsigned char *ptr;
Olivier Houchardbd84ac82017-11-03 13:43:35 +01004912
Olivier Houcharde6060c52017-11-16 17:42:52 +01004913 len = i2d_SSL_SESSION(sess, NULL);
4914 if (s->ssl_ctx.reused_sess[tid].ptr && s->ssl_ctx.reused_sess[tid].allocated_size >= len) {
4915 ptr = s->ssl_ctx.reused_sess[tid].ptr;
4916 } else {
4917 free(s->ssl_ctx.reused_sess[tid].ptr);
4918 ptr = s->ssl_ctx.reused_sess[tid].ptr = malloc(len);
4919 s->ssl_ctx.reused_sess[tid].allocated_size = len;
4920 }
4921 if (s->ssl_ctx.reused_sess[tid].ptr) {
4922 s->ssl_ctx.reused_sess[tid].size = i2d_SSL_SESSION(sess,
4923 &ptr);
4924 }
4925 } else {
4926 free(s->ssl_ctx.reused_sess[tid].ptr);
4927 s->ssl_ctx.reused_sess[tid].ptr = NULL;
4928 }
4929
4930 return 0;
Olivier Houchardbd84ac82017-11-03 13:43:35 +01004931}
4932
Olivier Houcharde6060c52017-11-16 17:42:52 +01004933
William Lallemanded0b5ad2017-10-30 19:36:36 +01004934/* SSL callback used on new session creation */
William Lallemand4f45bb92017-10-30 20:08:51 +01004935int sh_ssl_sess_new_cb(SSL *ssl, SSL_SESSION *sess)
William Lallemanded0b5ad2017-10-30 19:36:36 +01004936{
4937 unsigned char encsess[SHSESS_MAX_DATA_LEN]; /* encoded session */
4938 unsigned char encid[SSL_MAX_SSL_SESSION_ID_LENGTH]; /* encoded id */
4939 unsigned char *p;
4940 int data_len;
Emeric Bruneb469652019-10-08 18:27:37 +02004941 unsigned int sid_length;
William Lallemanded0b5ad2017-10-30 19:36:36 +01004942 const unsigned char *sid_data;
William Lallemanded0b5ad2017-10-30 19:36:36 +01004943
4944 /* Session id is already stored in to key and session id is known
4945 * so we dont store it to keep size.
Emeric Bruneb469652019-10-08 18:27:37 +02004946 * note: SSL_SESSION_set1_id is using
4947 * a memcpy so we need to use a different pointer
4948 * than sid_data or sid_ctx_data to avoid valgrind
4949 * complaining.
William Lallemanded0b5ad2017-10-30 19:36:36 +01004950 */
4951
4952 sid_data = SSL_SESSION_get_id(sess, &sid_length);
Emeric Bruneb469652019-10-08 18:27:37 +02004953
4954 /* copy value in an other buffer */
4955 memcpy(encid, sid_data, sid_length);
4956
4957 /* pad with 0 */
4958 if (sid_length < SSL_MAX_SSL_SESSION_ID_LENGTH)
4959 memset(encid + sid_length, 0, SSL_MAX_SSL_SESSION_ID_LENGTH-sid_length);
4960
4961 /* force length to zero to avoid ASN1 encoding */
4962 SSL_SESSION_set1_id(sess, encid, 0);
4963
4964 /* force length to zero to avoid ASN1 encoding */
4965 SSL_SESSION_set1_id_context(sess, (const unsigned char *)SHCTX_APPNAME, 0);
William Lallemanded0b5ad2017-10-30 19:36:36 +01004966
4967 /* check if buffer is large enough for the ASN1 encoded session */
4968 data_len = i2d_SSL_SESSION(sess, NULL);
4969 if (data_len > SHSESS_MAX_DATA_LEN)
4970 goto err;
4971
4972 p = encsess;
4973
4974 /* process ASN1 session encoding before the lock */
4975 i2d_SSL_SESSION(sess, &p);
4976
William Lallemanded0b5ad2017-10-30 19:36:36 +01004977
William Lallemanda3c77cf2017-10-30 23:44:40 +01004978 shctx_lock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01004979 /* store to cache */
William Lallemand4f45bb92017-10-30 20:08:51 +01004980 sh_ssl_sess_store(encid, encsess, data_len);
William Lallemanda3c77cf2017-10-30 23:44:40 +01004981 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01004982err:
4983 /* reset original length values */
Emeric Bruneb469652019-10-08 18:27:37 +02004984 SSL_SESSION_set1_id(sess, encid, sid_length);
4985 SSL_SESSION_set1_id_context(sess, (const unsigned char *)SHCTX_APPNAME, strlen(SHCTX_APPNAME));
William Lallemanded0b5ad2017-10-30 19:36:36 +01004986
4987 return 0; /* do not increment session reference count */
4988}
4989
4990/* SSL callback used on lookup an existing session cause none found in internal cache */
William Lallemand4f45bb92017-10-30 20:08:51 +01004991SSL_SESSION *sh_ssl_sess_get_cb(SSL *ssl, __OPENSSL_110_CONST__ unsigned char *key, int key_len, int *do_copy)
William Lallemanded0b5ad2017-10-30 19:36:36 +01004992{
William Lallemand4f45bb92017-10-30 20:08:51 +01004993 struct sh_ssl_sess_hdr *sh_ssl_sess;
William Lallemanded0b5ad2017-10-30 19:36:36 +01004994 unsigned char data[SHSESS_MAX_DATA_LEN], *p;
4995 unsigned char tmpkey[SSL_MAX_SSL_SESSION_ID_LENGTH];
William Lallemanded0b5ad2017-10-30 19:36:36 +01004996 SSL_SESSION *sess;
William Lallemand4f45bb92017-10-30 20:08:51 +01004997 struct shared_block *first;
William Lallemanded0b5ad2017-10-30 19:36:36 +01004998
4999 global.shctx_lookups++;
5000
5001 /* allow the session to be freed automatically by openssl */
5002 *do_copy = 0;
5003
5004 /* tree key is zeros padded sessionid */
5005 if (key_len < SSL_MAX_SSL_SESSION_ID_LENGTH) {
5006 memcpy(tmpkey, key, key_len);
5007 memset(tmpkey + key_len, 0, SSL_MAX_SSL_SESSION_ID_LENGTH - key_len);
5008 key = tmpkey;
5009 }
5010
5011 /* lock cache */
William Lallemanda3c77cf2017-10-30 23:44:40 +01005012 shctx_lock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005013
5014 /* lookup for session */
William Lallemand4f45bb92017-10-30 20:08:51 +01005015 sh_ssl_sess = sh_ssl_sess_tree_lookup(key);
5016 if (!sh_ssl_sess) {
William Lallemanded0b5ad2017-10-30 19:36:36 +01005017 /* no session found: unlock cache and exit */
William Lallemanda3c77cf2017-10-30 23:44:40 +01005018 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005019 global.shctx_misses++;
5020 return NULL;
5021 }
5022
William Lallemand4f45bb92017-10-30 20:08:51 +01005023 /* sh_ssl_sess (shared_block->data) is at the end of shared_block */
5024 first = sh_ssl_sess_first_block(sh_ssl_sess);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005025
William Lallemand4f45bb92017-10-30 20:08:51 +01005026 shctx_row_data_get(ssl_shctx, first, data, sizeof(struct sh_ssl_sess_hdr), first->len-sizeof(struct sh_ssl_sess_hdr));
William Lallemanded0b5ad2017-10-30 19:36:36 +01005027
William Lallemanda3c77cf2017-10-30 23:44:40 +01005028 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005029
5030 /* decode ASN1 session */
5031 p = data;
William Lallemand4f45bb92017-10-30 20:08:51 +01005032 sess = d2i_SSL_SESSION(NULL, (const unsigned char **)&p, first->len-sizeof(struct sh_ssl_sess_hdr));
William Lallemanded0b5ad2017-10-30 19:36:36 +01005033 /* Reset session id and session id contenxt */
5034 if (sess) {
5035 SSL_SESSION_set1_id(sess, key, key_len);
5036 SSL_SESSION_set1_id_context(sess, (const unsigned char *)SHCTX_APPNAME, strlen(SHCTX_APPNAME));
5037 }
5038
5039 return sess;
5040}
5041
William Lallemand4f45bb92017-10-30 20:08:51 +01005042
William Lallemanded0b5ad2017-10-30 19:36:36 +01005043/* SSL callback used to signal session is no more used in internal cache */
William Lallemand4f45bb92017-10-30 20:08:51 +01005044void sh_ssl_sess_remove_cb(SSL_CTX *ctx, SSL_SESSION *sess)
William Lallemanded0b5ad2017-10-30 19:36:36 +01005045{
William Lallemand4f45bb92017-10-30 20:08:51 +01005046 struct sh_ssl_sess_hdr *sh_ssl_sess;
William Lallemanded0b5ad2017-10-30 19:36:36 +01005047 unsigned char tmpkey[SSL_MAX_SSL_SESSION_ID_LENGTH];
5048 unsigned int sid_length;
5049 const unsigned char *sid_data;
5050 (void)ctx;
5051
5052 sid_data = SSL_SESSION_get_id(sess, &sid_length);
5053 /* tree key is zeros padded sessionid */
5054 if (sid_length < SSL_MAX_SSL_SESSION_ID_LENGTH) {
5055 memcpy(tmpkey, sid_data, sid_length);
5056 memset(tmpkey+sid_length, 0, SSL_MAX_SSL_SESSION_ID_LENGTH - sid_length);
5057 sid_data = tmpkey;
5058 }
5059
William Lallemanda3c77cf2017-10-30 23:44:40 +01005060 shctx_lock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005061
5062 /* lookup for session */
William Lallemand4f45bb92017-10-30 20:08:51 +01005063 sh_ssl_sess = sh_ssl_sess_tree_lookup(sid_data);
5064 if (sh_ssl_sess) {
William Lallemanded0b5ad2017-10-30 19:36:36 +01005065 /* free session */
William Lallemand4f45bb92017-10-30 20:08:51 +01005066 sh_ssl_sess_tree_delete(sh_ssl_sess);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005067 }
5068
5069 /* unlock cache */
William Lallemanda3c77cf2017-10-30 23:44:40 +01005070 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005071}
5072
5073/* Set session cache mode to server and disable openssl internal cache.
5074 * Set shared cache callbacks on an ssl context.
5075 * Shared context MUST be firstly initialized */
William Lallemand4f45bb92017-10-30 20:08:51 +01005076void ssl_set_shctx(SSL_CTX *ctx)
William Lallemanded0b5ad2017-10-30 19:36:36 +01005077{
5078 SSL_CTX_set_session_id_context(ctx, (const unsigned char *)SHCTX_APPNAME, strlen(SHCTX_APPNAME));
5079
5080 if (!ssl_shctx) {
5081 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
5082 return;
5083 }
5084
5085 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER |
5086 SSL_SESS_CACHE_NO_INTERNAL |
5087 SSL_SESS_CACHE_NO_AUTO_CLEAR);
5088
5089 /* Set callbacks */
William Lallemand4f45bb92017-10-30 20:08:51 +01005090 SSL_CTX_sess_set_new_cb(ctx, sh_ssl_sess_new_cb);
5091 SSL_CTX_sess_set_get_cb(ctx, sh_ssl_sess_get_cb);
5092 SSL_CTX_sess_set_remove_cb(ctx, sh_ssl_sess_remove_cb);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005093}
5094
William Lallemand8b453912019-11-21 15:48:10 +01005095/*
5096 * This function applies the SSL configuration on a SSL_CTX
5097 * It returns an error code and fills the <err> buffer
5098 */
5099int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf, SSL_CTX *ctx, char **err)
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005100{
5101 struct proxy *curproxy = bind_conf->frontend;
5102 int cfgerr = 0;
5103 int verify = SSL_VERIFY_NONE;
Willy Tarreau5d4cafb2018-01-04 18:55:19 +01005104 struct ssl_bind_conf __maybe_unused *ssl_conf_cur;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005105 const char *conf_ciphers;
Emmanuel Hocdet839af572019-05-14 16:27:35 +02005106#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02005107 const char *conf_ciphersuites;
5108#endif
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01005109 const char *conf_curves = NULL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02005110
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02005111 if (ssl_conf) {
5112 struct tls_version_filter *conf_ssl_methods = &ssl_conf->ssl_methods;
5113 int i, min, max;
5114 int flags = MC_SSL_O_ALL;
5115
5116 /* Real min and max should be determinate with configuration and openssl's capabilities */
Emmanuel Hocdet43664762017-08-09 18:26:20 +02005117 min = conf_ssl_methods->min ? conf_ssl_methods->min : bind_conf->ssl_conf.ssl_methods.min;
5118 max = conf_ssl_methods->max ? conf_ssl_methods->max : bind_conf->ssl_conf.ssl_methods.max;
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02005119 if (min)
5120 flags |= (methodVersions[min].flag - 1);
5121 if (max)
5122 flags |= ~((methodVersions[max].flag << 1) - 1);
5123 min = max = CONF_TLSV_NONE;
5124 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
5125 if (methodVersions[i].option && !(flags & methodVersions[i].flag)) {
5126 if (min)
5127 max = i;
5128 else
5129 min = max = i;
5130 }
5131 /* save real min/max */
5132 conf_ssl_methods->min = min;
5133 conf_ssl_methods->max = max;
5134 if (!min) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005135 memprintf(err, "%sProxy '%s': all SSL/TLS versions are disabled for bind '%s' at [%s:%d].\n",
5136 err && *err ? *err : "", bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005137 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02005138 }
5139 }
5140
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005141 switch ((ssl_conf && ssl_conf->verify) ? ssl_conf->verify : bind_conf->ssl_conf.verify) {
Emeric Brun850efd52014-01-29 12:24:34 +01005142 case SSL_SOCK_VERIFY_NONE:
5143 verify = SSL_VERIFY_NONE;
5144 break;
5145 case SSL_SOCK_VERIFY_OPTIONAL:
5146 verify = SSL_VERIFY_PEER;
5147 break;
5148 case SSL_SOCK_VERIFY_REQUIRED:
5149 verify = SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
5150 break;
5151 }
5152 SSL_CTX_set_verify(ctx, verify, ssl_sock_bind_verifycbk);
5153 if (verify & SSL_VERIFY_PEER) {
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005154 char *ca_file = (ssl_conf && ssl_conf->ca_file) ? ssl_conf->ca_file : bind_conf->ssl_conf.ca_file;
5155 char *crl_file = (ssl_conf && ssl_conf->crl_file) ? ssl_conf->crl_file : bind_conf->ssl_conf.crl_file;
5156 if (ca_file) {
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +02005157 /* set CAfile to verify */
5158 if (!ssl_set_verify_locations_file(ctx, ca_file)) {
5159 memprintf(err, "%sProxy '%s': unable to set CA file '%s' for bind '%s' at [%s:%d].\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01005160 err && *err ? *err : "", curproxy->id, ca_file, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005161 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brund94b3fe2012-09-20 18:23:56 +02005162 }
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +02005163 if (!((ssl_conf && ssl_conf->no_ca_names) || bind_conf->ssl_conf.no_ca_names)) {
5164 /* set CA names for client cert request, function returns void */
Emmanuel Hocdet129d3282019-10-24 18:08:51 +02005165 SSL_CTX_set_client_CA_list(ctx, SSL_dup_CA_list(ssl_get_client_ca_file(ca_file)));
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +02005166 }
Emeric Brund94b3fe2012-09-20 18:23:56 +02005167 }
Emeric Brun850efd52014-01-29 12:24:34 +01005168 else {
Tim Duesterhus93128532019-11-23 23:45:10 +01005169 memprintf(err, "%sProxy '%s': verify is enabled but no CA file specified for bind '%s' at [%s:%d].\n",
5170 err && *err ? *err : "", curproxy->id, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005171 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brun850efd52014-01-29 12:24:34 +01005172 }
Emeric Brun051cdab2012-10-02 19:25:50 +02005173#ifdef X509_V_FLAG_CRL_CHECK
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005174 if (crl_file) {
Emeric Brund94b3fe2012-09-20 18:23:56 +02005175 X509_STORE *store = SSL_CTX_get_cert_store(ctx);
5176
Emmanuel Hocdetb270e812019-11-21 19:09:31 +01005177 if (!ssl_set_cert_crl_file(store, crl_file)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005178 memprintf(err, "%sProxy '%s': unable to configure CRL file '%s' for bind '%s' at [%s:%d].\n",
5179 err && *err ? *err : "", curproxy->id, crl_file, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005180 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brund94b3fe2012-09-20 18:23:56 +02005181 }
Emeric Brun561e5742012-10-02 15:20:55 +02005182 else {
5183 X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
5184 }
Emeric Brund94b3fe2012-09-20 18:23:56 +02005185 }
Emeric Brun051cdab2012-10-02 19:25:50 +02005186#endif
Emeric Brun644cde02012-12-14 11:21:13 +01005187 ERR_clear_error();
Emeric Brund94b3fe2012-09-20 18:23:56 +02005188 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +01005189#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
Nenad Merdanovic146defa2015-05-09 08:46:00 +02005190 if(bind_conf->keys_ref) {
Nenad Merdanovic05552d42015-02-27 19:56:49 +01005191 if (!SSL_CTX_set_tlsext_ticket_key_cb(ctx, ssl_tlsext_ticket_key_cb)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005192 memprintf(err, "%sProxy '%s': unable to set callback for TLS ticket validation for bind '%s' at [%s:%d].\n",
5193 err && *err ? *err : "", curproxy->id, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005194 cfgerr |= ERR_ALERT | ERR_FATAL;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01005195 }
5196 }
5197#endif
5198
William Lallemand4f45bb92017-10-30 20:08:51 +01005199 ssl_set_shctx(ctx);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005200 conf_ciphers = (ssl_conf && ssl_conf->ciphers) ? ssl_conf->ciphers : bind_conf->ssl_conf.ciphers;
5201 if (conf_ciphers &&
5202 !SSL_CTX_set_cipher_list(ctx, conf_ciphers)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005203 memprintf(err, "%sProxy '%s': unable to set SSL cipher list to '%s' for bind '%s' at [%s:%d].\n",
5204 err && *err ? *err : "", curproxy->id, conf_ciphers, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005205 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02005206 }
5207
Emmanuel Hocdet839af572019-05-14 16:27:35 +02005208#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02005209 conf_ciphersuites = (ssl_conf && ssl_conf->ciphersuites) ? ssl_conf->ciphersuites : bind_conf->ssl_conf.ciphersuites;
5210 if (conf_ciphersuites &&
5211 !SSL_CTX_set_ciphersuites(ctx, conf_ciphersuites)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005212 memprintf(err, "%sProxy '%s': unable to set TLS 1.3 cipher suites to '%s' for bind '%s' at [%s:%d].\n",
5213 err && *err ? *err : "", curproxy->id, conf_ciphersuites, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005214 cfgerr |= ERR_ALERT | ERR_FATAL;
Dirkjan Bussink415150f2018-09-14 11:14:21 +02005215 }
5216#endif
5217
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +01005218#ifndef OPENSSL_NO_DH
Remi Gacogne47783ef2015-05-29 15:53:22 +02005219 /* If tune.ssl.default-dh-param has not been set,
5220 neither has ssl-default-dh-file and no static DH
5221 params were in the certificate file. */
Willy Tarreauef934602016-12-22 23:12:01 +01005222 if (global_ssl.default_dh_param == 0 &&
Remi Gacogne47783ef2015-05-29 15:53:22 +02005223 global_dh == NULL &&
Remi Gacogne4f902b82015-05-28 16:23:00 +02005224 (ssl_dh_ptr_index == -1 ||
5225 SSL_CTX_get_ex_data(ctx, ssl_dh_ptr_index) == NULL)) {
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +01005226 STACK_OF(SSL_CIPHER) * ciphers = NULL;
5227 const SSL_CIPHER * cipher = NULL;
5228 char cipher_description[128];
5229 /* The description of ciphers using an Ephemeral Diffie Hellman key exchange
5230 contains " Kx=DH " or " Kx=DH(". Beware of " Kx=DH/",
5231 which is not ephemeral DH. */
5232 const char dhe_description[] = " Kx=DH ";
5233 const char dhe_export_description[] = " Kx=DH(";
5234 int idx = 0;
5235 int dhe_found = 0;
5236 SSL *ssl = NULL;
Lukas Tribus90132722014-08-18 00:56:33 +02005237
Remi Gacogne23d5d372014-10-10 17:04:26 +02005238 ssl = SSL_new(ctx);
Remi Gacognef46cd6e2014-06-12 14:58:40 +02005239
Remi Gacogne23d5d372014-10-10 17:04:26 +02005240 if (ssl) {
5241 ciphers = SSL_get_ciphers(ssl);
5242
5243 if (ciphers) {
5244 for (idx = 0; idx < sk_SSL_CIPHER_num(ciphers); idx++) {
5245 cipher = sk_SSL_CIPHER_value(ciphers, idx);
5246 if (SSL_CIPHER_description(cipher, cipher_description, sizeof (cipher_description)) == cipher_description) {
5247 if (strstr(cipher_description, dhe_description) != NULL ||
5248 strstr(cipher_description, dhe_export_description) != NULL) {
5249 dhe_found = 1;
5250 break;
5251 }
Remi Gacognec1eab8c2014-06-12 18:20:11 +02005252 }
Remi Gacognef46cd6e2014-06-12 14:58:40 +02005253 }
5254 }
Remi Gacogne23d5d372014-10-10 17:04:26 +02005255 SSL_free(ssl);
5256 ssl = NULL;
Lukas Tribus90132722014-08-18 00:56:33 +02005257 }
Remi Gacognef46cd6e2014-06-12 14:58:40 +02005258
Lukas Tribus90132722014-08-18 00:56:33 +02005259 if (dhe_found) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005260 memprintf(err, "%sSetting tune.ssl.default-dh-param to 1024 by default, if your workload permits it you should set it to at least 2048. Please set a value >= 1024 to make this warning disappear.\n",
5261 err && *err ? *err : "");
William Lallemand8b453912019-11-21 15:48:10 +01005262 cfgerr |= ERR_WARN;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02005263 }
5264
Willy Tarreauef934602016-12-22 23:12:01 +01005265 global_ssl.default_dh_param = 1024;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02005266 }
Remi Gacogne8de54152014-07-15 11:36:40 +02005267
Willy Tarreauef934602016-12-22 23:12:01 +01005268 if (global_ssl.default_dh_param >= 1024) {
Remi Gacogne8de54152014-07-15 11:36:40 +02005269 if (local_dh_1024 == NULL) {
5270 local_dh_1024 = ssl_get_dh_1024();
5271 }
Willy Tarreauef934602016-12-22 23:12:01 +01005272 if (global_ssl.default_dh_param >= 2048) {
Remi Gacogne8de54152014-07-15 11:36:40 +02005273 if (local_dh_2048 == NULL) {
5274 local_dh_2048 = ssl_get_dh_2048();
5275 }
Willy Tarreauef934602016-12-22 23:12:01 +01005276 if (global_ssl.default_dh_param >= 4096) {
Remi Gacogne8de54152014-07-15 11:36:40 +02005277 if (local_dh_4096 == NULL) {
5278 local_dh_4096 = ssl_get_dh_4096();
5279 }
Remi Gacogne8de54152014-07-15 11:36:40 +02005280 }
5281 }
5282 }
5283#endif /* OPENSSL_NO_DH */
Remi Gacognef46cd6e2014-06-12 14:58:40 +02005284
Emeric Brunfc0421f2012-09-07 17:30:07 +02005285 SSL_CTX_set_info_callback(ctx, ssl_sock_infocbk);
Willy Tarreau9a1ab082019-05-09 13:26:41 +02005286#if HA_OPENSSL_VERSION_NUMBER >= 0x00907000L
Emeric Brun29f037d2014-04-25 19:05:36 +02005287 SSL_CTX_set_msg_callback(ctx, ssl_sock_msgcbk);
Willy Tarreau5cbe4ef2014-05-08 22:45:11 +02005288#endif
Emeric Brun29f037d2014-04-25 19:05:36 +02005289
Bernard Spil13c53f82018-02-15 13:34:58 +01005290#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005291 ssl_conf_cur = NULL;
5292 if (ssl_conf && ssl_conf->npn_str)
5293 ssl_conf_cur = ssl_conf;
5294 else if (bind_conf->ssl_conf.npn_str)
5295 ssl_conf_cur = &bind_conf->ssl_conf;
5296 if (ssl_conf_cur)
5297 SSL_CTX_set_next_protos_advertised_cb(ctx, ssl_sock_advertise_npn_protos, ssl_conf_cur);
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02005298#endif
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01005299#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005300 ssl_conf_cur = NULL;
5301 if (ssl_conf && ssl_conf->alpn_str)
5302 ssl_conf_cur = ssl_conf;
5303 else if (bind_conf->ssl_conf.alpn_str)
5304 ssl_conf_cur = &bind_conf->ssl_conf;
5305 if (ssl_conf_cur)
5306 SSL_CTX_set_alpn_select_cb(ctx, ssl_sock_advertise_alpn_protos, ssl_conf_cur);
Willy Tarreauab861d32013-04-02 02:30:41 +02005307#endif
Lukas Tribusd14b49c2019-11-24 18:20:40 +01005308#if ((HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL) || defined(LIBRESSL_VERSION_NUMBER))
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01005309 conf_curves = (ssl_conf && ssl_conf->curves) ? ssl_conf->curves : bind_conf->ssl_conf.curves;
5310 if (conf_curves) {
5311 if (!SSL_CTX_set1_curves_list(ctx, conf_curves)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005312 memprintf(err, "%sProxy '%s': unable to set SSL curves list to '%s' for bind '%s' at [%s:%d].\n",
5313 err && *err ? *err : "", curproxy->id, conf_curves, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005314 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01005315 }
Emmanuel Hocdeta52bb152017-03-20 11:11:49 +01005316 (void)SSL_CTX_set_ecdh_auto(ctx, 1);
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01005317 }
5318#endif
Emeric Brun2b58d042012-09-20 17:10:03 +02005319#if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01005320 if (!conf_curves) {
Emeric Brun2b58d042012-09-20 17:10:03 +02005321 int i;
5322 EC_KEY *ecdh;
Willy Tarreau9a1ab082019-05-09 13:26:41 +02005323#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005324 const char *ecdhe = (ssl_conf && ssl_conf->ecdhe) ? ssl_conf->ecdhe :
Olivier Houchardc2aae742017-09-22 18:26:28 +02005325 (bind_conf->ssl_conf.ecdhe ? bind_conf->ssl_conf.ecdhe :
5326 NULL);
5327
5328 if (ecdhe == NULL) {
Eric Salama3c8bde82019-11-20 11:33:40 +01005329 (void)SSL_CTX_set_ecdh_auto(ctx, 1);
Olivier Houchardc2aae742017-09-22 18:26:28 +02005330 return cfgerr;
5331 }
5332#else
5333 const char *ecdhe = (ssl_conf && ssl_conf->ecdhe) ? ssl_conf->ecdhe :
5334 (bind_conf->ssl_conf.ecdhe ? bind_conf->ssl_conf.ecdhe :
5335 ECDHE_DEFAULT_CURVE);
5336#endif
Emeric Brun2b58d042012-09-20 17:10:03 +02005337
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005338 i = OBJ_sn2nid(ecdhe);
Emeric Brun2b58d042012-09-20 17:10:03 +02005339 if (!i || ((ecdh = EC_KEY_new_by_curve_name(i)) == NULL)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005340 memprintf(err, "%sProxy '%s': unable to set elliptic named curve to '%s' for bind '%s' at [%s:%d].\n",
5341 err && *err ? *err : "", curproxy->id, ecdhe, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005342 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brun2b58d042012-09-20 17:10:03 +02005343 }
5344 else {
5345 SSL_CTX_set_tmp_ecdh(ctx, ecdh);
5346 EC_KEY_free(ecdh);
5347 }
5348 }
5349#endif
5350
Emeric Brunfc0421f2012-09-07 17:30:07 +02005351 return cfgerr;
5352}
5353
Evan Broderbe554312013-06-27 00:05:25 -07005354static int ssl_sock_srv_hostcheck(const char *pattern, const char *hostname)
5355{
5356 const char *pattern_wildcard, *pattern_left_label_end, *hostname_left_label_end;
5357 size_t prefixlen, suffixlen;
5358
5359 /* Trivial case */
5360 if (strcmp(pattern, hostname) == 0)
5361 return 1;
5362
Evan Broderbe554312013-06-27 00:05:25 -07005363 /* The rest of this logic is based on RFC 6125, section 6.4.3
5364 * (http://tools.ietf.org/html/rfc6125#section-6.4.3) */
5365
Emeric Bruna848dae2013-10-08 11:27:28 +02005366 pattern_wildcard = NULL;
5367 pattern_left_label_end = pattern;
5368 while (*pattern_left_label_end != '.') {
5369 switch (*pattern_left_label_end) {
5370 case 0:
5371 /* End of label not found */
5372 return 0;
5373 case '*':
5374 /* If there is more than one wildcards */
5375 if (pattern_wildcard)
5376 return 0;
5377 pattern_wildcard = pattern_left_label_end;
5378 break;
5379 }
5380 pattern_left_label_end++;
5381 }
5382
5383 /* If it's not trivial and there is no wildcard, it can't
5384 * match */
5385 if (!pattern_wildcard)
Evan Broderbe554312013-06-27 00:05:25 -07005386 return 0;
5387
5388 /* Make sure all labels match except the leftmost */
5389 hostname_left_label_end = strchr(hostname, '.');
5390 if (!hostname_left_label_end
5391 || strcmp(pattern_left_label_end, hostname_left_label_end) != 0)
5392 return 0;
5393
5394 /* Make sure the leftmost label of the hostname is long enough
5395 * that the wildcard can match */
Emeric Brun369da852013-10-08 11:39:35 +02005396 if (hostname_left_label_end - hostname < (pattern_left_label_end - pattern) - 1)
Evan Broderbe554312013-06-27 00:05:25 -07005397 return 0;
5398
5399 /* Finally compare the string on either side of the
5400 * wildcard */
5401 prefixlen = pattern_wildcard - pattern;
5402 suffixlen = pattern_left_label_end - (pattern_wildcard + 1);
Emeric Bruna848dae2013-10-08 11:27:28 +02005403 if ((prefixlen && (memcmp(pattern, hostname, prefixlen) != 0))
5404 || (suffixlen && (memcmp(pattern_wildcard + 1, hostname_left_label_end - suffixlen, suffixlen) != 0)))
Evan Broderbe554312013-06-27 00:05:25 -07005405 return 0;
5406
5407 return 1;
5408}
5409
5410static int ssl_sock_srv_verifycbk(int ok, X509_STORE_CTX *ctx)
5411{
5412 SSL *ssl;
5413 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01005414 struct ssl_sock_ctx *ssl_ctx;
Willy Tarreau2ab88672017-07-05 18:23:03 +02005415 const char *servername;
Willy Tarreau71d058c2017-07-26 20:09:56 +02005416 const char *sni;
Evan Broderbe554312013-06-27 00:05:25 -07005417
5418 int depth;
5419 X509 *cert;
5420 STACK_OF(GENERAL_NAME) *alt_names;
5421 int i;
5422 X509_NAME *cert_subject;
5423 char *str;
5424
5425 if (ok == 0)
5426 return ok;
5427
5428 ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
Thierry FOURNIER28962c92018-06-17 21:37:05 +02005429 conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Olivier Houchard66ab4982019-02-26 18:37:15 +01005430 ssl_ctx = conn->xprt_ctx;
Evan Broderbe554312013-06-27 00:05:25 -07005431
Willy Tarreauad92a9a2017-07-28 11:38:41 +02005432 /* We're checking if the provided hostnames match the desired one. The
5433 * desired hostname comes from the SNI we presented if any, or if not
5434 * provided then it may have been explicitly stated using a "verifyhost"
5435 * directive. If neither is set, we don't care about the name so the
5436 * verification is OK.
Willy Tarreau2ab88672017-07-05 18:23:03 +02005437 */
Olivier Houchard66ab4982019-02-26 18:37:15 +01005438 servername = SSL_get_servername(ssl_ctx->ssl, TLSEXT_NAMETYPE_host_name);
Willy Tarreau71d058c2017-07-26 20:09:56 +02005439 sni = servername;
Willy Tarreau2ab88672017-07-05 18:23:03 +02005440 if (!servername) {
Willy Tarreau07d94e42018-09-20 10:57:52 +02005441 servername = __objt_server(conn->target)->ssl_ctx.verify_host;
Willy Tarreau2ab88672017-07-05 18:23:03 +02005442 if (!servername)
5443 return ok;
5444 }
Evan Broderbe554312013-06-27 00:05:25 -07005445
5446 /* We only need to verify the CN on the actual server cert,
5447 * not the indirect CAs */
5448 depth = X509_STORE_CTX_get_error_depth(ctx);
5449 if (depth != 0)
5450 return ok;
5451
5452 /* At this point, the cert is *not* OK unless we can find a
5453 * hostname match */
5454 ok = 0;
5455
5456 cert = X509_STORE_CTX_get_current_cert(ctx);
5457 /* It seems like this might happen if verify peer isn't set */
5458 if (!cert)
5459 return ok;
5460
5461 alt_names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
5462 if (alt_names) {
5463 for (i = 0; !ok && i < sk_GENERAL_NAME_num(alt_names); i++) {
5464 GENERAL_NAME *name = sk_GENERAL_NAME_value(alt_names, i);
5465 if (name->type == GEN_DNS) {
Willy Tarreau9a1ab082019-05-09 13:26:41 +02005466#if HA_OPENSSL_VERSION_NUMBER < 0x00907000L
Emeric Bruna33410c2013-09-17 15:47:48 +02005467 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.ia5) >= 0) {
5468#else
Evan Broderbe554312013-06-27 00:05:25 -07005469 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
Emeric Bruna33410c2013-09-17 15:47:48 +02005470#endif
Evan Broderbe554312013-06-27 00:05:25 -07005471 ok = ssl_sock_srv_hostcheck(str, servername);
5472 OPENSSL_free(str);
5473 }
5474 }
5475 }
Emeric Brun4ad50a42013-09-17 15:19:54 +02005476 sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
Evan Broderbe554312013-06-27 00:05:25 -07005477 }
5478
5479 cert_subject = X509_get_subject_name(cert);
5480 i = -1;
5481 while (!ok && (i = X509_NAME_get_index_by_NID(cert_subject, NID_commonName, i)) != -1) {
5482 X509_NAME_ENTRY *entry = X509_NAME_get_entry(cert_subject, i);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02005483 ASN1_STRING *value;
5484 value = X509_NAME_ENTRY_get_data(entry);
5485 if (ASN1_STRING_to_UTF8((unsigned char **)&str, value) >= 0) {
Evan Broderbe554312013-06-27 00:05:25 -07005486 ok = ssl_sock_srv_hostcheck(str, servername);
5487 OPENSSL_free(str);
5488 }
5489 }
5490
Willy Tarreau71d058c2017-07-26 20:09:56 +02005491 /* report the mismatch and indicate if SNI was used or not */
5492 if (!ok && !conn->err_code)
5493 conn->err_code = sni ? CO_ER_SSL_MISMATCH_SNI : CO_ER_SSL_MISMATCH;
Evan Broderbe554312013-06-27 00:05:25 -07005494 return ok;
5495}
5496
Emeric Brun94324a42012-10-11 14:00:19 +02005497/* prepare ssl context from servers options. Returns an error count */
Willy Tarreau03209342016-12-22 17:08:28 +01005498int ssl_sock_prepare_srv_ctx(struct server *srv)
Emeric Brun94324a42012-10-11 14:00:19 +02005499{
Willy Tarreau03209342016-12-22 17:08:28 +01005500 struct proxy *curproxy = srv->proxy;
Emeric Brun94324a42012-10-11 14:00:19 +02005501 int cfgerr = 0;
Remi Gacogneaf5c3da2014-05-19 10:29:58 +02005502 long options =
Emeric Brun94324a42012-10-11 14:00:19 +02005503 SSL_OP_ALL | /* all known workarounds for bugs */
5504 SSL_OP_NO_SSLv2 |
5505 SSL_OP_NO_COMPRESSION;
Remi Gacogneaf5c3da2014-05-19 10:29:58 +02005506 long mode =
Emeric Brun94324a42012-10-11 14:00:19 +02005507 SSL_MODE_ENABLE_PARTIAL_WRITE |
5508 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
Willy Tarreau396a1862014-11-13 14:06:52 +01005509 SSL_MODE_RELEASE_BUFFERS |
5510 SSL_MODE_SMALL_BUFFERS;
Emeric Brun850efd52014-01-29 12:24:34 +01005511 int verify = SSL_VERIFY_NONE;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005512 SSL_CTX *ctx = NULL;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005513 struct tls_version_filter *conf_ssl_methods = &srv->ssl_ctx.methods;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005514 int i, min, max, hole;
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005515 int flags = MC_SSL_O_ALL;
Emeric Brun94324a42012-10-11 14:00:19 +02005516
Thierry Fournier383085f2013-01-24 14:15:43 +01005517 /* Make sure openssl opens /dev/urandom before the chroot */
5518 if (!ssl_initialize_random()) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005519 ha_alert("OpenSSL random data generator initialization failed.\n");
Thierry Fournier383085f2013-01-24 14:15:43 +01005520 cfgerr++;
5521 }
5522
Willy Tarreaufce03112015-01-15 21:32:40 +01005523 /* Automatic memory computations need to know we use SSL there */
5524 global.ssl_used_backend = 1;
5525
5526 /* Initiate SSL context for current server */
Emeric Brun821bb9b2017-06-15 16:37:39 +02005527 if (!srv->ssl_ctx.reused_sess) {
Olivier Houcharde6060c52017-11-16 17:42:52 +01005528 if ((srv->ssl_ctx.reused_sess = calloc(1, global.nbthread*sizeof(*srv->ssl_ctx.reused_sess))) == NULL) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005529 ha_alert("Proxy '%s', server '%s' [%s:%d] out of memory.\n",
5530 curproxy->id, srv->id,
5531 srv->conf.file, srv->conf.line);
Emeric Brun821bb9b2017-06-15 16:37:39 +02005532 cfgerr++;
5533 return cfgerr;
5534 }
5535 }
Emeric Brun94324a42012-10-11 14:00:19 +02005536 if (srv->use_ssl)
5537 srv->xprt = &ssl_sock;
5538 if (srv->check.use_ssl)
Cyril Bonté9ce13112014-11-15 22:41:27 +01005539 srv->check.xprt = &ssl_sock;
Emeric Brun94324a42012-10-11 14:00:19 +02005540
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005541 ctx = SSL_CTX_new(SSLv23_client_method());
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005542 if (!ctx) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005543 ha_alert("config : %s '%s', server '%s': unable to allocate ssl context.\n",
5544 proxy_type_str(curproxy), curproxy->id,
5545 srv->id);
Emeric Brun94324a42012-10-11 14:00:19 +02005546 cfgerr++;
5547 return cfgerr;
5548 }
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005549
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005550 if (conf_ssl_methods->flags && (conf_ssl_methods->min || conf_ssl_methods->max))
Christopher Faulet767a84b2017-11-24 16:50:31 +01005551 ha_warning("config : %s '%s': no-sslv3/no-tlsv1x are ignored for server '%s'. "
5552 "Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
5553 proxy_type_str(curproxy), curproxy->id, srv->id);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005554 else
5555 flags = conf_ssl_methods->flags;
5556
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005557 /* Real min and max should be determinate with configuration and openssl's capabilities */
5558 if (conf_ssl_methods->min)
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005559 flags |= (methodVersions[conf_ssl_methods->min].flag - 1);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005560 if (conf_ssl_methods->max)
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005561 flags |= ~((methodVersions[conf_ssl_methods->max].flag << 1) - 1);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005562
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02005563 /* find min, max and holes */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005564 min = max = CONF_TLSV_NONE;
5565 hole = 0;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005566 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005567 /* version is in openssl && version not disable in configuration */
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005568 if (methodVersions[i].option && !(flags & methodVersions[i].flag)) {
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005569 if (min) {
5570 if (hole) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005571 ha_warning("config : %s '%s': SSL/TLS versions range not contiguous for server '%s'. "
5572 "Hole find for %s. Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
5573 proxy_type_str(curproxy), curproxy->id, srv->id,
5574 methodVersions[hole].name);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005575 hole = 0;
5576 }
5577 max = i;
5578 }
5579 else {
5580 min = max = i;
5581 }
5582 }
5583 else {
5584 if (min)
5585 hole = i;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005586 }
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005587 if (!min) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005588 ha_alert("config : %s '%s': all SSL/TLS versions are disabled for server '%s'.\n",
5589 proxy_type_str(curproxy), curproxy->id, srv->id);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005590 cfgerr += 1;
5591 }
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005592
Willy Tarreau9a1ab082019-05-09 13:26:41 +02005593#if (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005594 /* Keep force-xxx implementation as it is in older haproxy. It's a
Joseph Herlant017b3da2018-11-15 09:07:59 -08005595 precautionary measure to avoid any surprise with older openssl version. */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005596 if (min == max)
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02005597 methodVersions[min].ctx_set_version(ctx, SET_CLIENT);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005598 else
5599 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
5600 if (flags & methodVersions[i].flag)
5601 options |= methodVersions[i].option;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005602#else /* openssl >= 1.1.0 */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005603 /* set the max_version is required to cap TLS version or activate new TLS (v1.3) */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02005604 methodVersions[min].ctx_set_version(ctx, SET_MIN);
5605 methodVersions[max].ctx_set_version(ctx, SET_MAX);
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005606#endif
5607
5608 if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLS_TICKETS)
5609 options |= SSL_OP_NO_TICKET;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005610 SSL_CTX_set_options(ctx, options);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00005611
Willy Tarreau5db847a2019-05-09 14:13:35 +02005612#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00005613 if (global_ssl.async)
5614 mode |= SSL_MODE_ASYNC;
5615#endif
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005616 SSL_CTX_set_mode(ctx, mode);
5617 srv->ssl_ctx.ctx = ctx;
5618
Emeric Bruna7aa3092012-10-26 12:58:00 +02005619 if (srv->ssl_ctx.client_crt) {
5620 if (SSL_CTX_use_PrivateKey_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt, SSL_FILETYPE_PEM) <= 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005621 ha_alert("config : %s '%s', server '%s': unable to load SSL private key from PEM file '%s'.\n",
5622 proxy_type_str(curproxy), curproxy->id,
5623 srv->id, srv->ssl_ctx.client_crt);
Emeric Bruna7aa3092012-10-26 12:58:00 +02005624 cfgerr++;
5625 }
5626 else if (SSL_CTX_use_certificate_chain_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt) <= 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005627 ha_alert("config : %s '%s', server '%s': unable to load ssl certificate from PEM file '%s'.\n",
5628 proxy_type_str(curproxy), curproxy->id,
5629 srv->id, srv->ssl_ctx.client_crt);
Emeric Bruna7aa3092012-10-26 12:58:00 +02005630 cfgerr++;
5631 }
5632 else if (SSL_CTX_check_private_key(srv->ssl_ctx.ctx) <= 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005633 ha_alert("config : %s '%s', server '%s': inconsistencies between private key and certificate loaded from PEM file '%s'.\n",
5634 proxy_type_str(curproxy), curproxy->id,
5635 srv->id, srv->ssl_ctx.client_crt);
Emeric Bruna7aa3092012-10-26 12:58:00 +02005636 cfgerr++;
5637 }
5638 }
Emeric Brun94324a42012-10-11 14:00:19 +02005639
Emeric Brun850efd52014-01-29 12:24:34 +01005640 if (global.ssl_server_verify == SSL_SERVER_VERIFY_REQUIRED)
5641 verify = SSL_VERIFY_PEER;
Emeric Brun850efd52014-01-29 12:24:34 +01005642 switch (srv->ssl_ctx.verify) {
5643 case SSL_SOCK_VERIFY_NONE:
5644 verify = SSL_VERIFY_NONE;
5645 break;
5646 case SSL_SOCK_VERIFY_REQUIRED:
5647 verify = SSL_VERIFY_PEER;
5648 break;
5649 }
Evan Broderbe554312013-06-27 00:05:25 -07005650 SSL_CTX_set_verify(srv->ssl_ctx.ctx,
Emeric Brun850efd52014-01-29 12:24:34 +01005651 verify,
Willy Tarreau2ab88672017-07-05 18:23:03 +02005652 (srv->ssl_ctx.verify_host || (verify & SSL_VERIFY_PEER)) ? ssl_sock_srv_verifycbk : NULL);
Emeric Brun850efd52014-01-29 12:24:34 +01005653 if (verify & SSL_VERIFY_PEER) {
Emeric Brunef42d922012-10-11 16:11:36 +02005654 if (srv->ssl_ctx.ca_file) {
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +02005655 /* set CAfile to verify */
5656 if (!ssl_set_verify_locations_file(srv->ssl_ctx.ctx, srv->ssl_ctx.ca_file)) {
5657 ha_alert("Proxy '%s', server '%s' [%s:%d] unable to set CA file '%s'.\n",
Christopher Faulet767a84b2017-11-24 16:50:31 +01005658 curproxy->id, srv->id,
5659 srv->conf.file, srv->conf.line, srv->ssl_ctx.ca_file);
Emeric Brunef42d922012-10-11 16:11:36 +02005660 cfgerr++;
5661 }
5662 }
Emeric Brun850efd52014-01-29 12:24:34 +01005663 else {
5664 if (global.ssl_server_verify == SSL_SERVER_VERIFY_REQUIRED)
Christopher Faulet767a84b2017-11-24 16:50:31 +01005665 ha_alert("Proxy '%s', server '%s' [%s:%d] verify is enabled by default but no CA file specified. If you're running on a LAN where you're certain to trust the server's certificate, please set an explicit 'verify none' statement on the 'server' line, or use 'ssl-server-verify none' in the global section to disable server-side verifications by default.\n",
5666 curproxy->id, srv->id,
5667 srv->conf.file, srv->conf.line);
Emeric Brun850efd52014-01-29 12:24:34 +01005668 else
Christopher Faulet767a84b2017-11-24 16:50:31 +01005669 ha_alert("Proxy '%s', server '%s' [%s:%d] verify is enabled but no CA file specified.\n",
5670 curproxy->id, srv->id,
5671 srv->conf.file, srv->conf.line);
Emeric Brun850efd52014-01-29 12:24:34 +01005672 cfgerr++;
5673 }
Emeric Brunef42d922012-10-11 16:11:36 +02005674#ifdef X509_V_FLAG_CRL_CHECK
5675 if (srv->ssl_ctx.crl_file) {
5676 X509_STORE *store = SSL_CTX_get_cert_store(srv->ssl_ctx.ctx);
5677
Emmanuel Hocdetb270e812019-11-21 19:09:31 +01005678 if (!ssl_set_cert_crl_file(store, srv->ssl_ctx.crl_file)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005679 ha_alert("Proxy '%s', server '%s' [%s:%d] unable to configure CRL file '%s'.\n",
5680 curproxy->id, srv->id,
5681 srv->conf.file, srv->conf.line, srv->ssl_ctx.crl_file);
Emeric Brunef42d922012-10-11 16:11:36 +02005682 cfgerr++;
5683 }
5684 else {
5685 X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
5686 }
5687 }
5688#endif
5689 }
5690
Olivier Houchardbd84ac82017-11-03 13:43:35 +01005691 SSL_CTX_set_session_cache_mode(srv->ssl_ctx.ctx, SSL_SESS_CACHE_CLIENT |
5692 SSL_SESS_CACHE_NO_INTERNAL_STORE);
5693 SSL_CTX_sess_set_new_cb(srv->ssl_ctx.ctx, ssl_sess_new_srv_cb);
Emeric Brun94324a42012-10-11 14:00:19 +02005694 if (srv->ssl_ctx.ciphers &&
5695 !SSL_CTX_set_cipher_list(srv->ssl_ctx.ctx, srv->ssl_ctx.ciphers)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005696 ha_alert("Proxy '%s', server '%s' [%s:%d] : unable to set SSL cipher list to '%s'.\n",
5697 curproxy->id, srv->id,
5698 srv->conf.file, srv->conf.line, srv->ssl_ctx.ciphers);
Emeric Brun94324a42012-10-11 14:00:19 +02005699 cfgerr++;
5700 }
Dirkjan Bussink415150f2018-09-14 11:14:21 +02005701
Emmanuel Hocdet839af572019-05-14 16:27:35 +02005702#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02005703 if (srv->ssl_ctx.ciphersuites &&
Pierre Cheynierbc34cd12019-03-21 16:15:47 +00005704 !SSL_CTX_set_ciphersuites(srv->ssl_ctx.ctx, srv->ssl_ctx.ciphersuites)) {
Dirkjan Bussink415150f2018-09-14 11:14:21 +02005705 ha_alert("Proxy '%s', server '%s' [%s:%d] : unable to set TLS 1.3 cipher suites to '%s'.\n",
5706 curproxy->id, srv->id,
5707 srv->conf.file, srv->conf.line, srv->ssl_ctx.ciphersuites);
5708 cfgerr++;
5709 }
5710#endif
Olivier Houchardc7566002018-11-20 23:33:50 +01005711#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
5712 if (srv->ssl_ctx.npn_str)
5713 SSL_CTX_set_next_proto_select_cb(ctx, ssl_sock_srv_select_protos, srv);
5714#endif
5715#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
5716 if (srv->ssl_ctx.alpn_str)
5717 SSL_CTX_set_alpn_protos(ctx, (unsigned char *)srv->ssl_ctx.alpn_str, srv->ssl_ctx.alpn_len);
5718#endif
5719
Emeric Brun94324a42012-10-11 14:00:19 +02005720
5721 return cfgerr;
5722}
5723
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005724/* Walks down the two trees in bind_conf and prepares all certs. The pointer may
Emeric Brunfc0421f2012-09-07 17:30:07 +02005725 * be NULL, in which case nothing is done. Returns the number of errors
5726 * encountered.
5727 */
Willy Tarreau03209342016-12-22 17:08:28 +01005728int ssl_sock_prepare_all_ctx(struct bind_conf *bind_conf)
Emeric Brunfc0421f2012-09-07 17:30:07 +02005729{
5730 struct ebmb_node *node;
5731 struct sni_ctx *sni;
5732 int err = 0;
William Lallemand8b453912019-11-21 15:48:10 +01005733 int errcode = 0;
5734 char *errmsg = NULL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02005735
Willy Tarreaufce03112015-01-15 21:32:40 +01005736 /* Automatic memory computations need to know we use SSL there */
5737 global.ssl_used_frontend = 1;
5738
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005739 /* Make sure openssl opens /dev/urandom before the chroot */
5740 if (!ssl_initialize_random()) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005741 ha_alert("OpenSSL random data generator initialization failed.\n");
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005742 err++;
5743 }
5744 /* Create initial_ctx used to start the ssl connection before do switchctx */
5745 if (!bind_conf->initial_ctx) {
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005746 err += ssl_sock_initial_ctx(bind_conf);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005747 /* It should not be necessary to call this function, but it's
5748 necessary first to check and move all initialisation related
5749 to initial_ctx in ssl_sock_initial_ctx. */
William Lallemand8b453912019-11-21 15:48:10 +01005750 errcode |= ssl_sock_prepare_ctx(bind_conf, NULL, bind_conf->initial_ctx, &errmsg);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005751 }
Emeric Brun0bed9942014-10-30 19:25:24 +01005752 if (bind_conf->default_ctx)
William Lallemand8b453912019-11-21 15:48:10 +01005753 errcode |= ssl_sock_prepare_ctx(bind_conf, bind_conf->default_ssl_conf, bind_conf->default_ctx, &errmsg);
Emeric Brun0bed9942014-10-30 19:25:24 +01005754
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005755 node = ebmb_first(&bind_conf->sni_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02005756 while (node) {
5757 sni = ebmb_entry(node, struct sni_ctx, name);
Emeric Brun0bed9942014-10-30 19:25:24 +01005758 if (!sni->order && sni->ctx != bind_conf->default_ctx)
5759 /* only initialize the CTX on its first occurrence and
5760 if it is not the default_ctx */
William Lallemand8b453912019-11-21 15:48:10 +01005761 errcode |= ssl_sock_prepare_ctx(bind_conf, sni->conf, sni->ctx, &errmsg);
Emeric Brunfc0421f2012-09-07 17:30:07 +02005762 node = ebmb_next(node);
5763 }
5764
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005765 node = ebmb_first(&bind_conf->sni_w_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02005766 while (node) {
5767 sni = ebmb_entry(node, struct sni_ctx, name);
William Lallemand8b453912019-11-21 15:48:10 +01005768 if (!sni->order && sni->ctx != bind_conf->default_ctx) {
Emeric Brun0bed9942014-10-30 19:25:24 +01005769 /* only initialize the CTX on its first occurrence and
5770 if it is not the default_ctx */
William Lallemand8b453912019-11-21 15:48:10 +01005771 errcode |= ssl_sock_prepare_ctx(bind_conf, sni->conf, sni->ctx, &errmsg);
5772 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02005773 node = ebmb_next(node);
5774 }
William Lallemand8b453912019-11-21 15:48:10 +01005775
5776 if (errcode & ERR_WARN) {
Tim Duesterhusc0e820c2019-11-23 23:52:30 +01005777 ha_warning("%s", errmsg);
William Lallemand8b453912019-11-21 15:48:10 +01005778 } else if (errcode & ERR_CODE) {
Tim Duesterhusc0e820c2019-11-23 23:52:30 +01005779 ha_alert("%s", errmsg);
William Lallemand8b453912019-11-21 15:48:10 +01005780 err++;
5781 }
5782
5783 free(errmsg);
Emeric Brunfc0421f2012-09-07 17:30:07 +02005784 return err;
5785}
5786
Willy Tarreau55d37912016-12-21 23:38:39 +01005787/* Prepares all the contexts for a bind_conf and allocates the shared SSL
5788 * context if needed. Returns < 0 on error, 0 on success. The warnings and
5789 * alerts are directly emitted since the rest of the stack does it below.
5790 */
5791int ssl_sock_prepare_bind_conf(struct bind_conf *bind_conf)
5792{
5793 struct proxy *px = bind_conf->frontend;
5794 int alloc_ctx;
5795 int err;
5796
5797 if (!bind_conf->is_ssl) {
5798 if (bind_conf->default_ctx) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005799 ha_warning("Proxy '%s': A certificate was specified but SSL was not enabled on bind '%s' at [%s:%d] (use 'ssl').\n",
5800 px->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Willy Tarreau55d37912016-12-21 23:38:39 +01005801 }
5802 return 0;
5803 }
5804 if (!bind_conf->default_ctx) {
Emmanuel Hocdetaa0d6372017-08-09 11:24:25 +02005805 if (bind_conf->strict_sni && !bind_conf->generate_certs) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005806 ha_warning("Proxy '%s': no SSL certificate specified for bind '%s' at [%s:%d], ssl connections will fail (use 'crt').\n",
5807 px->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetaa0d6372017-08-09 11:24:25 +02005808 }
5809 else {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005810 ha_alert("Proxy '%s': no SSL certificate specified for bind '%s' at [%s:%d] (use 'crt').\n",
5811 px->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetaa0d6372017-08-09 11:24:25 +02005812 return -1;
5813 }
Willy Tarreau55d37912016-12-21 23:38:39 +01005814 }
William Lallemandc61c0b32017-12-04 18:46:39 +01005815 if (!ssl_shctx && global.tune.sslcachesize) {
William Lallemandc3cd35f2017-11-28 11:04:43 +01005816 alloc_ctx = shctx_init(&ssl_shctx, global.tune.sslcachesize,
Frédéric Lécailleb7838af2018-10-22 16:21:39 +02005817 sizeof(struct sh_ssl_sess_hdr) + SHSESS_BLOCK_MIN_SIZE, -1,
William Lallemandc3cd35f2017-11-28 11:04:43 +01005818 sizeof(*sh_ssl_sess_tree),
5819 ((global.nbthread > 1) || (!global_ssl.private_cache && (global.nbproc > 1))) ? 1 : 0);
Frédéric Lécaille4c8aa112018-10-25 20:22:46 +02005820 if (alloc_ctx <= 0) {
William Lallemandc3cd35f2017-11-28 11:04:43 +01005821 if (alloc_ctx == SHCTX_E_INIT_LOCK)
5822 ha_alert("Unable to initialize the lock for the shared SSL session cache. You can retry using the global statement 'tune.ssl.force-private-cache' but it could increase CPU usage due to renegotiations if nbproc > 1.\n");
5823 else
5824 ha_alert("Unable to allocate SSL session cache.\n");
5825 return -1;
5826 }
5827 /* free block callback */
5828 ssl_shctx->free_block = sh_ssl_sess_free_blocks;
5829 /* init the root tree within the extra space */
5830 sh_ssl_sess_tree = (void *)ssl_shctx + sizeof(struct shared_context);
5831 *sh_ssl_sess_tree = EB_ROOT_UNIQUE;
Willy Tarreau55d37912016-12-21 23:38:39 +01005832 }
Willy Tarreau55d37912016-12-21 23:38:39 +01005833 err = 0;
5834 /* initialize all certificate contexts */
5835 err += ssl_sock_prepare_all_ctx(bind_conf);
5836
5837 /* initialize CA variables if the certificates generation is enabled */
5838 err += ssl_sock_load_ca(bind_conf);
5839
5840 return -err;
5841}
Christopher Faulet77fe80c2015-07-29 13:02:40 +02005842
5843/* release ssl context allocated for servers. */
5844void ssl_sock_free_srv_ctx(struct server *srv)
5845{
Olivier Houchardc7566002018-11-20 23:33:50 +01005846#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
5847 if (srv->ssl_ctx.alpn_str)
5848 free(srv->ssl_ctx.alpn_str);
5849#endif
Lukas Tribusda95fd92018-11-25 13:21:27 +01005850#ifdef OPENSSL_NPN_NEGOTIATED
Olivier Houchardc7566002018-11-20 23:33:50 +01005851 if (srv->ssl_ctx.npn_str)
5852 free(srv->ssl_ctx.npn_str);
Lukas Tribus7706b852018-11-26 22:57:17 +01005853#endif
Christopher Faulet77fe80c2015-07-29 13:02:40 +02005854 if (srv->ssl_ctx.ctx)
5855 SSL_CTX_free(srv->ssl_ctx.ctx);
5856}
5857
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005858/* Walks down the two trees in bind_conf and frees all the certs. The pointer may
Emeric Brunfc0421f2012-09-07 17:30:07 +02005859 * be NULL, in which case nothing is done. The default_ctx is nullified too.
5860 */
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005861void ssl_sock_free_all_ctx(struct bind_conf *bind_conf)
Emeric Brunfc0421f2012-09-07 17:30:07 +02005862{
5863 struct ebmb_node *node, *back;
5864 struct sni_ctx *sni;
5865
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005866 node = ebmb_first(&bind_conf->sni_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02005867 while (node) {
5868 sni = ebmb_entry(node, struct sni_ctx, name);
5869 back = ebmb_next(node);
5870 ebmb_delete(node);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005871 if (!sni->order) { /* only free the CTX on its first occurrence */
Emeric Brunfc0421f2012-09-07 17:30:07 +02005872 SSL_CTX_free(sni->ctx);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005873 ssl_sock_free_ssl_conf(sni->conf);
5874 free(sni->conf);
5875 sni->conf = NULL;
5876 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02005877 free(sni);
5878 node = back;
5879 }
5880
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005881 node = ebmb_first(&bind_conf->sni_w_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02005882 while (node) {
5883 sni = ebmb_entry(node, struct sni_ctx, name);
5884 back = ebmb_next(node);
5885 ebmb_delete(node);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005886 if (!sni->order) { /* only free the CTX on its first occurrence */
Emeric Brunfc0421f2012-09-07 17:30:07 +02005887 SSL_CTX_free(sni->ctx);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005888 ssl_sock_free_ssl_conf(sni->conf);
5889 free(sni->conf);
5890 sni->conf = NULL;
5891 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02005892 free(sni);
5893 node = back;
5894 }
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005895 SSL_CTX_free(bind_conf->initial_ctx);
5896 bind_conf->initial_ctx = NULL;
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005897 bind_conf->default_ctx = NULL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005898 bind_conf->default_ssl_conf = NULL;
Emeric Brune1f38db2012-09-03 20:36:47 +02005899}
5900
Willy Tarreau795cdab2016-12-22 17:30:54 +01005901/* Destroys all the contexts for a bind_conf. This is used during deinit(). */
5902void ssl_sock_destroy_bind_conf(struct bind_conf *bind_conf)
5903{
5904 ssl_sock_free_ca(bind_conf);
5905 ssl_sock_free_all_ctx(bind_conf);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005906 ssl_sock_free_ssl_conf(&bind_conf->ssl_conf);
Willy Tarreau795cdab2016-12-22 17:30:54 +01005907 free(bind_conf->ca_sign_file);
5908 free(bind_conf->ca_sign_pass);
Willy Tarreau17b4aa12018-07-17 10:05:32 +02005909 if (bind_conf->keys_ref && !--bind_conf->keys_ref->refcount) {
Willy Tarreau795cdab2016-12-22 17:30:54 +01005910 free(bind_conf->keys_ref->filename);
5911 free(bind_conf->keys_ref->tlskeys);
5912 LIST_DEL(&bind_conf->keys_ref->list);
5913 free(bind_conf->keys_ref);
5914 }
5915 bind_conf->keys_ref = NULL;
Willy Tarreau795cdab2016-12-22 17:30:54 +01005916 bind_conf->ca_sign_pass = NULL;
5917 bind_conf->ca_sign_file = NULL;
Willy Tarreau795cdab2016-12-22 17:30:54 +01005918}
5919
Christopher Faulet31af49d2015-06-09 17:29:50 +02005920/* Load CA cert file and private key used to generate certificates */
5921int
Willy Tarreau03209342016-12-22 17:08:28 +01005922ssl_sock_load_ca(struct bind_conf *bind_conf)
Christopher Faulet31af49d2015-06-09 17:29:50 +02005923{
Willy Tarreau03209342016-12-22 17:08:28 +01005924 struct proxy *px = bind_conf->frontend;
Christopher Faulet31af49d2015-06-09 17:29:50 +02005925 FILE *fp;
5926 X509 *cacert = NULL;
5927 EVP_PKEY *capkey = NULL;
5928 int err = 0;
5929
Christopher Fauletf8bb0ce2017-09-15 09:52:49 +02005930 if (!bind_conf->generate_certs)
Christopher Faulet31af49d2015-06-09 17:29:50 +02005931 return err;
5932
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01005933#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Emeric Brun821bb9b2017-06-15 16:37:39 +02005934 if (global_ssl.ctx_cache) {
Willy Tarreauef934602016-12-22 23:12:01 +01005935 ssl_ctx_lru_tree = lru64_new(global_ssl.ctx_cache);
Emeric Brun821bb9b2017-06-15 16:37:39 +02005936 }
Christopher Fauletd2cab922015-07-28 16:03:47 +02005937 ssl_ctx_lru_seed = (unsigned int)time(NULL);
Emeric Brun821bb9b2017-06-15 16:37:39 +02005938 ssl_ctx_serial = now_ms;
Willy Tarreaua84c2672015-10-09 12:10:13 +02005939#endif
Christopher Fauletd2cab922015-07-28 16:03:47 +02005940
Christopher Faulet31af49d2015-06-09 17:29:50 +02005941 if (!bind_conf->ca_sign_file) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005942 ha_alert("Proxy '%s': cannot enable certificate generation, "
5943 "no CA certificate File configured at [%s:%d].\n",
5944 px->id, bind_conf->file, bind_conf->line);
Christopher Faulet31af49d2015-06-09 17:29:50 +02005945 goto load_error;
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02005946 }
Christopher Faulet31af49d2015-06-09 17:29:50 +02005947
5948 /* read in the CA certificate */
5949 if (!(fp = fopen(bind_conf->ca_sign_file, "r"))) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005950 ha_alert("Proxy '%s': Failed to read CA certificate file '%s' at [%s:%d].\n",
5951 px->id, bind_conf->ca_sign_file, bind_conf->file, bind_conf->line);
Christopher Faulet31af49d2015-06-09 17:29:50 +02005952 goto load_error;
5953 }
5954 if (!(cacert = PEM_read_X509(fp, NULL, NULL, NULL))) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005955 ha_alert("Proxy '%s': Failed to read CA certificate file '%s' at [%s:%d].\n",
5956 px->id, bind_conf->ca_sign_file, bind_conf->file, bind_conf->line);
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02005957 goto read_error;
Christopher Faulet31af49d2015-06-09 17:29:50 +02005958 }
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02005959 rewind(fp);
Christopher Faulet31af49d2015-06-09 17:29:50 +02005960 if (!(capkey = PEM_read_PrivateKey(fp, NULL, NULL, bind_conf->ca_sign_pass))) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005961 ha_alert("Proxy '%s': Failed to read CA private key file '%s' at [%s:%d].\n",
5962 px->id, bind_conf->ca_sign_file, bind_conf->file, bind_conf->line);
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02005963 goto read_error;
Christopher Faulet31af49d2015-06-09 17:29:50 +02005964 }
Christopher Faulet31af49d2015-06-09 17:29:50 +02005965
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02005966 fclose (fp);
Christopher Faulet31af49d2015-06-09 17:29:50 +02005967 bind_conf->ca_sign_cert = cacert;
5968 bind_conf->ca_sign_pkey = capkey;
5969 return err;
5970
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02005971 read_error:
5972 fclose (fp);
Christopher Faulet31af49d2015-06-09 17:29:50 +02005973 if (capkey) EVP_PKEY_free(capkey);
5974 if (cacert) X509_free(cacert);
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02005975 load_error:
5976 bind_conf->generate_certs = 0;
5977 err++;
Christopher Faulet31af49d2015-06-09 17:29:50 +02005978 return err;
5979}
5980
5981/* Release CA cert and private key used to generate certificated */
5982void
5983ssl_sock_free_ca(struct bind_conf *bind_conf)
5984{
Christopher Faulet31af49d2015-06-09 17:29:50 +02005985 if (bind_conf->ca_sign_pkey)
5986 EVP_PKEY_free(bind_conf->ca_sign_pkey);
5987 if (bind_conf->ca_sign_cert)
5988 X509_free(bind_conf->ca_sign_cert);
Willy Tarreau94ff03a2016-12-22 17:57:46 +01005989 bind_conf->ca_sign_pkey = NULL;
5990 bind_conf->ca_sign_cert = NULL;
Christopher Faulet31af49d2015-06-09 17:29:50 +02005991}
5992
Emeric Brun46591952012-05-18 15:47:34 +02005993/*
5994 * This function is called if SSL * context is not yet allocated. The function
5995 * is designed to be called before any other data-layer operation and sets the
5996 * handshake flag on the connection. It is safe to call it multiple times.
5997 * It returns 0 on success and -1 in error case.
5998 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01005999static int ssl_sock_init(struct connection *conn, void **xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +02006000{
Olivier Houchard66ab4982019-02-26 18:37:15 +01006001 struct ssl_sock_ctx *ctx;
Emeric Brun46591952012-05-18 15:47:34 +02006002 /* already initialized */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006003 if (*xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +02006004 return 0;
6005
Willy Tarreau3c728722014-01-23 13:50:42 +01006006 if (!conn_ctrl_ready(conn))
Willy Tarreauf79c8172013-10-21 16:30:56 +02006007 return 0;
6008
Olivier Houchard66ab4982019-02-26 18:37:15 +01006009 ctx = pool_alloc(ssl_sock_ctx_pool);
6010 if (!ctx) {
6011 conn->err_code = CO_ER_SSL_NO_MEM;
6012 return -1;
6013 }
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006014 ctx->wait_event.tasklet = tasklet_new();
6015 if (!ctx->wait_event.tasklet) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006016 conn->err_code = CO_ER_SSL_NO_MEM;
6017 pool_free(ssl_sock_ctx_pool, ctx);
6018 return -1;
6019 }
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006020 ctx->wait_event.tasklet->process = ssl_sock_io_cb;
6021 ctx->wait_event.tasklet->context = ctx;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006022 ctx->wait_event.events = 0;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006023 ctx->sent_early_data = 0;
Olivier Houchard54907bb2019-12-19 15:02:39 +01006024 ctx->early_buf = BUF_NULL;
Olivier Houcharda8955d52019-04-07 22:00:38 +02006025 ctx->conn = conn;
Willy Tarreau113d52b2020-01-10 09:20:26 +01006026 ctx->subs = NULL;
Emeric Brun5762a0d2019-09-06 15:36:02 +02006027 ctx->xprt_st = 0;
6028 ctx->xprt_ctx = NULL;
Olivier Houcharda8955d52019-04-07 22:00:38 +02006029
6030 /* Only work with sockets for now, this should be adapted when we'll
6031 * add QUIC support.
6032 */
6033 ctx->xprt = xprt_get(XPRT_RAW);
Olivier Houchard19afb272019-05-23 18:24:07 +02006034 if (ctx->xprt->init) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006035 if (ctx->xprt->init(conn, &ctx->xprt_ctx) != 0)
6036 goto err;
Olivier Houchard19afb272019-05-23 18:24:07 +02006037 }
Olivier Houchard66ab4982019-02-26 18:37:15 +01006038
Willy Tarreau20879a02012-12-03 16:32:10 +01006039 if (global.maxsslconn && sslconns >= global.maxsslconn) {
6040 conn->err_code = CO_ER_SSL_TOO_MANY;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006041 goto err;
Willy Tarreau20879a02012-12-03 16:32:10 +01006042 }
Willy Tarreau403edff2012-09-06 11:58:37 +02006043
Emeric Brun46591952012-05-18 15:47:34 +02006044 /* If it is in client mode initiate SSL session
6045 in connect state otherwise accept state */
Willy Tarreau3fdb3662012-11-12 00:42:33 +01006046 if (objt_server(conn->target)) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006047 int may_retry = 1;
6048
6049 retry_connect:
Emeric Brun46591952012-05-18 15:47:34 +02006050 /* Alloc a new SSL session ctx */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006051 ctx->ssl = SSL_new(__objt_server(conn->target)->ssl_ctx.ctx);
6052 if (!ctx->ssl) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006053 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006054 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006055 goto retry_connect;
6056 }
Willy Tarreau20879a02012-12-03 16:32:10 +01006057 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006058 goto err;
Willy Tarreau20879a02012-12-03 16:32:10 +01006059 }
Olivier Houcharda8955d52019-04-07 22:00:38 +02006060 ctx->bio = BIO_new(ha_meth);
6061 if (!ctx->bio) {
Olivier Houchardefe5e8e2020-01-24 15:17:38 +01006062 SSL_free(ctx->ssl);
6063 ctx->ssl = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006064 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006065 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006066 goto retry_connect;
6067 }
Emeric Brun55476152014-11-12 17:35:37 +01006068 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006069 goto err;
Emeric Brun55476152014-11-12 17:35:37 +01006070 }
Olivier Houcharda8955d52019-04-07 22:00:38 +02006071 BIO_set_data(ctx->bio, ctx);
Olivier Houcharda8955d52019-04-07 22:00:38 +02006072 SSL_set_bio(ctx->ssl, ctx->bio, ctx->bio);
Emeric Brun46591952012-05-18 15:47:34 +02006073
Evan Broderbe554312013-06-27 00:05:25 -07006074 /* set connection pointer */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006075 if (!SSL_set_ex_data(ctx->ssl, ssl_app_data_index, conn)) {
6076 SSL_free(ctx->ssl);
6077 ctx->ssl = NULL;
Emeric Brun55476152014-11-12 17:35:37 +01006078 conn->xprt_ctx = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006079 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006080 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006081 goto retry_connect;
6082 }
Emeric Brun55476152014-11-12 17:35:37 +01006083 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006084 goto err;
Emeric Brun55476152014-11-12 17:35:37 +01006085 }
6086
Olivier Houchard66ab4982019-02-26 18:37:15 +01006087 SSL_set_connect_state(ctx->ssl);
Willy Tarreau07d94e42018-09-20 10:57:52 +02006088 if (__objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr) {
6089 const unsigned char *ptr = __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr;
6090 SSL_SESSION *sess = d2i_SSL_SESSION(NULL, &ptr, __objt_server(conn->target)->ssl_ctx.reused_sess[tid].size);
Olivier Houchard66ab4982019-02-26 18:37:15 +01006091 if (sess && !SSL_set_session(ctx->ssl, sess)) {
Olivier Houcharde6060c52017-11-16 17:42:52 +01006092 SSL_SESSION_free(sess);
Willy Tarreau07d94e42018-09-20 10:57:52 +02006093 free(__objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr);
6094 __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr = NULL;
Olivier Houcharde6060c52017-11-16 17:42:52 +01006095 } else if (sess) {
6096 SSL_SESSION_free(sess);
Emeric Brun55476152014-11-12 17:35:37 +01006097 }
6098 }
Evan Broderbe554312013-06-27 00:05:25 -07006099
Emeric Brun46591952012-05-18 15:47:34 +02006100 /* leave init state and start handshake */
Willy Tarreau05737472012-09-04 08:03:39 +02006101 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Willy Tarreau403edff2012-09-06 11:58:37 +02006102
Olivier Houchard2be5a4c2019-03-08 18:54:43 +01006103 _HA_ATOMIC_ADD(&sslconns, 1);
6104 _HA_ATOMIC_ADD(&totalsslconns, 1);
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006105 *xprt_ctx = ctx;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006106 /* Start the handshake */
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006107 tasklet_wakeup(ctx->wait_event.tasklet);
Emeric Brun46591952012-05-18 15:47:34 +02006108 return 0;
6109 }
Willy Tarreau3fdb3662012-11-12 00:42:33 +01006110 else if (objt_listener(conn->target)) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006111 int may_retry = 1;
6112
6113 retry_accept:
Emeric Brun46591952012-05-18 15:47:34 +02006114 /* Alloc a new SSL session ctx */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006115 ctx->ssl = SSL_new(__objt_listener(conn->target)->bind_conf->initial_ctx);
6116 if (!ctx->ssl) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006117 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006118 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006119 goto retry_accept;
6120 }
Willy Tarreau20879a02012-12-03 16:32:10 +01006121 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006122 goto err;
Willy Tarreau20879a02012-12-03 16:32:10 +01006123 }
Olivier Houcharda8955d52019-04-07 22:00:38 +02006124 ctx->bio = BIO_new(ha_meth);
6125 if (!ctx->bio) {
Olivier Houchardefe5e8e2020-01-24 15:17:38 +01006126 SSL_free(ctx->ssl);
6127 ctx->ssl = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006128 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006129 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006130 goto retry_accept;
6131 }
Emeric Brun55476152014-11-12 17:35:37 +01006132 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006133 goto err;
Emeric Brun55476152014-11-12 17:35:37 +01006134 }
Olivier Houcharda8955d52019-04-07 22:00:38 +02006135 BIO_set_data(ctx->bio, ctx);
Olivier Houcharda8955d52019-04-07 22:00:38 +02006136 SSL_set_bio(ctx->ssl, ctx->bio, ctx->bio);
Emeric Brun46591952012-05-18 15:47:34 +02006137
Emeric Brune1f38db2012-09-03 20:36:47 +02006138 /* set connection pointer */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006139 if (!SSL_set_ex_data(ctx->ssl, ssl_app_data_index, conn)) {
6140 SSL_free(ctx->ssl);
6141 ctx->ssl = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006142 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006143 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006144 goto retry_accept;
6145 }
Emeric Brun55476152014-11-12 17:35:37 +01006146 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006147 goto err;
Emeric Brun55476152014-11-12 17:35:37 +01006148 }
6149
Frédéric Lécaille3139c1b2020-01-24 14:56:18 +01006150#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
6151 if (__objt_listener(conn->target)->bind_conf->ssl_conf.early_data) {
6152 b_alloc(&ctx->early_buf);
6153 SSL_set_max_early_data(ctx->ssl,
6154 /* Only allow early data if we managed to allocate
6155 * a buffer.
6156 */
6157 (!b_is_null(&ctx->early_buf)) ?
6158 global.tune.bufsize - global.tune.maxrewrite : 0);
6159 }
6160#endif
6161
Olivier Houchard66ab4982019-02-26 18:37:15 +01006162 SSL_set_accept_state(ctx->ssl);
Emeric Brune1f38db2012-09-03 20:36:47 +02006163
Emeric Brun46591952012-05-18 15:47:34 +02006164 /* leave init state and start handshake */
Willy Tarreau05737472012-09-04 08:03:39 +02006165 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Emmanuel Hocdetf967c312019-08-05 18:04:16 +02006166#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchardc2aae742017-09-22 18:26:28 +02006167 conn->flags |= CO_FL_EARLY_SSL_HS;
6168#endif
Willy Tarreau403edff2012-09-06 11:58:37 +02006169
Olivier Houchard2be5a4c2019-03-08 18:54:43 +01006170 _HA_ATOMIC_ADD(&sslconns, 1);
6171 _HA_ATOMIC_ADD(&totalsslconns, 1);
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006172 *xprt_ctx = ctx;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006173 /* Start the handshake */
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006174 tasklet_wakeup(ctx->wait_event.tasklet);
Emeric Brun46591952012-05-18 15:47:34 +02006175 return 0;
6176 }
6177 /* don't know how to handle such a target */
Willy Tarreau20879a02012-12-03 16:32:10 +01006178 conn->err_code = CO_ER_SSL_NO_TARGET;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006179err:
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006180 if (ctx && ctx->wait_event.tasklet)
6181 tasklet_free(ctx->wait_event.tasklet);
Olivier Houchard66ab4982019-02-26 18:37:15 +01006182 pool_free(ssl_sock_ctx_pool, ctx);
Emeric Brun46591952012-05-18 15:47:34 +02006183 return -1;
6184}
6185
6186
6187/* This is the callback which is used when an SSL handshake is pending. It
6188 * updates the FD status if it wants some polling before being called again.
6189 * It returns 0 if it fails in a fatal way or needs to poll to go further,
6190 * otherwise it returns non-zero and removes itself from the connection's
6191 * flags (the bit is provided in <flag> by the caller).
6192 */
Olivier Houchard000694c2019-05-23 14:45:12 +02006193static int ssl_sock_handshake(struct connection *conn, unsigned int flag)
Emeric Brun46591952012-05-18 15:47:34 +02006194{
Olivier Houchard66ab4982019-02-26 18:37:15 +01006195 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Emeric Brun46591952012-05-18 15:47:34 +02006196 int ret;
6197
Willy Tarreau3c728722014-01-23 13:50:42 +01006198 if (!conn_ctrl_ready(conn))
Willy Tarreauf79c8172013-10-21 16:30:56 +02006199 return 0;
6200
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02006201 if (!conn->xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +02006202 goto out_error;
6203
Willy Tarreau5db847a2019-05-09 14:13:35 +02006204#if HA_OPENSSL_VERSION_NUMBER >= 0x10101000L
Olivier Houchardc2aae742017-09-22 18:26:28 +02006205 /*
6206 * Check if we have early data. If we do, we have to read them
6207 * before SSL_do_handshake() is called, And there's no way to
6208 * detect early data, except to try to read them
6209 */
6210 if (conn->flags & CO_FL_EARLY_SSL_HS) {
Olivier Houchard54907bb2019-12-19 15:02:39 +01006211 size_t read_data = 0;
Olivier Houchardc2aae742017-09-22 18:26:28 +02006212
Olivier Houchard54907bb2019-12-19 15:02:39 +01006213 while (1) {
6214 ret = SSL_read_early_data(ctx->ssl,
6215 b_tail(&ctx->early_buf), b_room(&ctx->early_buf),
6216 &read_data);
6217 if (ret == SSL_READ_EARLY_DATA_ERROR)
6218 goto check_error;
6219 if (read_data > 0) {
6220 conn->flags |= CO_FL_EARLY_DATA;
6221 b_add(&ctx->early_buf, read_data);
6222 }
6223 if (ret == SSL_READ_EARLY_DATA_FINISH) {
6224 conn->flags &= ~CO_FL_EARLY_SSL_HS;
6225 if (!b_data(&ctx->early_buf))
6226 b_free(&ctx->early_buf);
6227 break;
6228 }
6229 }
Olivier Houchardc2aae742017-09-22 18:26:28 +02006230 }
6231#endif
Emeric Brun674b7432012-11-08 19:21:55 +01006232 /* If we use SSL_do_handshake to process a reneg initiated by
6233 * the remote peer, it sometimes returns SSL_ERROR_SSL.
6234 * Usually SSL_write and SSL_read are used and process implicitly
6235 * the reneg handshake.
6236 * Here we use SSL_peek as a workaround for reneg.
6237 */
Willy Tarreauc192b0a2020-01-23 09:11:58 +01006238 if (!(conn->flags & CO_FL_WAIT_L6_CONN) && SSL_renegotiate_pending(ctx->ssl)) {
Emeric Brun674b7432012-11-08 19:21:55 +01006239 char c;
6240
Olivier Houchard66ab4982019-02-26 18:37:15 +01006241 ret = SSL_peek(ctx->ssl, &c, 1);
Emeric Brun674b7432012-11-08 19:21:55 +01006242 if (ret <= 0) {
6243 /* handshake may have not been completed, let's find why */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006244 ret = SSL_get_error(ctx->ssl, ret);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006245
Emeric Brun674b7432012-11-08 19:21:55 +01006246 if (ret == SSL_ERROR_WANT_WRITE) {
6247 /* SSL handshake needs to write, L4 connection may not be ready */
Olivier Houchard03abf2d2019-05-28 10:12:02 +02006248 if (!(ctx->wait_event.events & SUB_RETRY_SEND))
Olivier Houchardea8dd942019-05-20 14:02:16 +02006249 ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_SEND, &ctx->wait_event);
Emeric Brun674b7432012-11-08 19:21:55 +01006250 return 0;
6251 }
6252 else if (ret == SSL_ERROR_WANT_READ) {
6253 /* handshake may have been completed but we have
6254 * no more data to read.
6255 */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006256 if (!SSL_renegotiate_pending(ctx->ssl)) {
Emeric Brun674b7432012-11-08 19:21:55 +01006257 ret = 1;
6258 goto reneg_ok;
6259 }
6260 /* SSL handshake needs to read, L4 connection is ready */
Olivier Houchard03abf2d2019-05-28 10:12:02 +02006261 if (!(ctx->wait_event.events & SUB_RETRY_RECV))
Olivier Houchardea8dd942019-05-20 14:02:16 +02006262 ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_RECV, &ctx->wait_event);
Emeric Brun674b7432012-11-08 19:21:55 +01006263 return 0;
6264 }
Willy Tarreau5db847a2019-05-09 14:13:35 +02006265#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006266 else if (ret == SSL_ERROR_WANT_ASYNC) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006267 ssl_async_process_fds(ctx);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006268 return 0;
6269 }
6270#endif
Emeric Brun674b7432012-11-08 19:21:55 +01006271 else if (ret == SSL_ERROR_SYSCALL) {
6272 /* if errno is null, then connection was successfully established */
6273 if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
6274 conn->flags &= ~CO_FL_WAIT_L4_CONN;
Willy Tarreau20879a02012-12-03 16:32:10 +01006275 if (!conn->err_code) {
Lukas Tribus49799162019-07-08 14:29:15 +02006276#if defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER)
6277 /* do not handle empty handshakes in BoringSSL or LibreSSL */
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006278 conn->err_code = CO_ER_SSL_HANDSHAKE;
6279#else
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006280 int empty_handshake;
Willy Tarreau5db847a2019-05-09 14:13:35 +02006281#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL)
Lukas Tribus49799162019-07-08 14:29:15 +02006282 /* use SSL_get_state() in OpenSSL >= 1.1.0; SSL_state() is broken */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006283 OSSL_HANDSHAKE_STATE state = SSL_get_state((SSL *)ctx->ssl);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006284 empty_handshake = state == TLS_ST_BEFORE;
6285#else
Lukas Tribus49799162019-07-08 14:29:15 +02006286 /* access packet_length directly in OpenSSL <= 1.0.2; SSL_state() is broken */
6287 empty_handshake = !ctx->ssl->packet_length;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006288#endif
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006289 if (empty_handshake) {
Emeric Brun29f037d2014-04-25 19:05:36 +02006290 if (!errno) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006291 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +02006292 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
6293 else
6294 conn->err_code = CO_ER_SSL_EMPTY;
6295 }
6296 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006297 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +02006298 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
6299 else
6300 conn->err_code = CO_ER_SSL_ABORT;
6301 }
6302 }
6303 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006304 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +02006305 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
Willy Tarreau20879a02012-12-03 16:32:10 +01006306 else
Emeric Brun29f037d2014-04-25 19:05:36 +02006307 conn->err_code = CO_ER_SSL_HANDSHAKE;
6308 }
Lukas Tribus49799162019-07-08 14:29:15 +02006309#endif /* BoringSSL or LibreSSL */
Willy Tarreau20879a02012-12-03 16:32:10 +01006310 }
Emeric Brun674b7432012-11-08 19:21:55 +01006311 goto out_error;
6312 }
6313 else {
6314 /* Fail on all other handshake errors */
6315 /* Note: OpenSSL may leave unread bytes in the socket's
6316 * buffer, causing an RST to be emitted upon close() on
6317 * TCP sockets. We first try to drain possibly pending
6318 * data to avoid this as much as possible.
6319 */
Willy Tarreaud85c4852015-03-13 00:40:28 +01006320 conn_sock_drain(conn);
Willy Tarreau20879a02012-12-03 16:32:10 +01006321 if (!conn->err_code)
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006322 conn->err_code = (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT) ?
Willy Tarreauf51c6982014-04-25 20:02:39 +02006323 CO_ER_SSL_KILLED_HB : CO_ER_SSL_HANDSHAKE;
Emeric Brun674b7432012-11-08 19:21:55 +01006324 goto out_error;
6325 }
6326 }
6327 /* read some data: consider handshake completed */
6328 goto reneg_ok;
6329 }
Olivier Houchard66ab4982019-02-26 18:37:15 +01006330 ret = SSL_do_handshake(ctx->ssl);
Olivier Houchardc2aae742017-09-22 18:26:28 +02006331check_error:
Emeric Brun46591952012-05-18 15:47:34 +02006332 if (ret != 1) {
6333 /* handshake did not complete, let's find why */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006334 ret = SSL_get_error(ctx->ssl, ret);
Emeric Brun46591952012-05-18 15:47:34 +02006335
6336 if (ret == SSL_ERROR_WANT_WRITE) {
6337 /* SSL handshake needs to write, L4 connection may not be ready */
Olivier Houchard03abf2d2019-05-28 10:12:02 +02006338 if (!(ctx->wait_event.events & SUB_RETRY_SEND))
Olivier Houchardea8dd942019-05-20 14:02:16 +02006339 ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_SEND, &ctx->wait_event);
Emeric Brun46591952012-05-18 15:47:34 +02006340 return 0;
6341 }
6342 else if (ret == SSL_ERROR_WANT_READ) {
6343 /* SSL handshake needs to read, L4 connection is ready */
Olivier Houchardea8dd942019-05-20 14:02:16 +02006344 if (!(ctx->wait_event.events & SUB_RETRY_RECV))
Olivier Houchardea8dd942019-05-20 14:02:16 +02006345 ctx->xprt->subscribe(conn, ctx->xprt_ctx,
6346 SUB_RETRY_RECV, &ctx->wait_event);
Emeric Brun46591952012-05-18 15:47:34 +02006347 return 0;
6348 }
Willy Tarreau5db847a2019-05-09 14:13:35 +02006349#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006350 else if (ret == SSL_ERROR_WANT_ASYNC) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006351 ssl_async_process_fds(ctx);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006352 return 0;
6353 }
6354#endif
Willy Tarreau89230192012-09-28 20:22:13 +02006355 else if (ret == SSL_ERROR_SYSCALL) {
6356 /* if errno is null, then connection was successfully established */
6357 if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
6358 conn->flags &= ~CO_FL_WAIT_L4_CONN;
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006359 if (!conn->err_code) {
Lukas Tribus49799162019-07-08 14:29:15 +02006360#if defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER)
6361 /* do not handle empty handshakes in BoringSSL or LibreSSL */
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006362 conn->err_code = CO_ER_SSL_HANDSHAKE;
6363#else
6364 int empty_handshake;
Willy Tarreau5db847a2019-05-09 14:13:35 +02006365#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL)
Lukas Tribus49799162019-07-08 14:29:15 +02006366 /* use SSL_get_state() in OpenSSL >= 1.1.0; SSL_state() is broken */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006367 OSSL_HANDSHAKE_STATE state = SSL_get_state(ctx->ssl);
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006368 empty_handshake = state == TLS_ST_BEFORE;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006369#else
Lukas Tribus49799162019-07-08 14:29:15 +02006370 /* access packet_length directly in OpenSSL <= 1.0.2; SSL_state() is broken */
6371 empty_handshake = !ctx->ssl->packet_length;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006372#endif
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006373 if (empty_handshake) {
6374 if (!errno) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006375 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006376 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
6377 else
6378 conn->err_code = CO_ER_SSL_EMPTY;
6379 }
6380 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006381 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006382 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
6383 else
6384 conn->err_code = CO_ER_SSL_ABORT;
6385 }
Emeric Brun29f037d2014-04-25 19:05:36 +02006386 }
6387 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006388 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +02006389 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
6390 else
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006391 conn->err_code = CO_ER_SSL_HANDSHAKE;
Emeric Brun29f037d2014-04-25 19:05:36 +02006392 }
Lukas Tribus49799162019-07-08 14:29:15 +02006393#endif /* BoringSSL or LibreSSL */
Emeric Brun29f037d2014-04-25 19:05:36 +02006394 }
Willy Tarreau89230192012-09-28 20:22:13 +02006395 goto out_error;
6396 }
Emeric Brun46591952012-05-18 15:47:34 +02006397 else {
6398 /* Fail on all other handshake errors */
Willy Tarreau566dc552012-10-19 20:52:18 +02006399 /* Note: OpenSSL may leave unread bytes in the socket's
6400 * buffer, causing an RST to be emitted upon close() on
6401 * TCP sockets. We first try to drain possibly pending
6402 * data to avoid this as much as possible.
6403 */
Willy Tarreaud85c4852015-03-13 00:40:28 +01006404 conn_sock_drain(conn);
Willy Tarreau20879a02012-12-03 16:32:10 +01006405 if (!conn->err_code)
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006406 conn->err_code = (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT) ?
Willy Tarreauf51c6982014-04-25 20:02:39 +02006407 CO_ER_SSL_KILLED_HB : CO_ER_SSL_HANDSHAKE;
Emeric Brun46591952012-05-18 15:47:34 +02006408 goto out_error;
6409 }
6410 }
Willy Tarreau5db847a2019-05-09 14:13:35 +02006411#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchard522eea72017-11-03 16:27:47 +01006412 else {
6413 /*
6414 * If the server refused the early data, we have to send a
6415 * 425 to the client, as we no longer have the data to sent
6416 * them again.
6417 */
6418 if ((conn->flags & CO_FL_EARLY_DATA) && (objt_server(conn->target))) {
Olivier Houchard66ab4982019-02-26 18:37:15 +01006419 if (SSL_get_early_data_status(ctx->ssl) == SSL_EARLY_DATA_REJECTED) {
Olivier Houchard522eea72017-11-03 16:27:47 +01006420 conn->err_code = CO_ER_SSL_EARLY_FAILED;
6421 goto out_error;
6422 }
6423 }
6424 }
6425#endif
6426
Emeric Brun46591952012-05-18 15:47:34 +02006427
Emeric Brun674b7432012-11-08 19:21:55 +01006428reneg_ok:
Emeric Brunb5e42a82017-06-06 12:35:14 +00006429
Willy Tarreau5db847a2019-05-09 14:13:35 +02006430#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +00006431 /* ASYNC engine API doesn't support moving read/write
6432 * buffers. So we disable ASYNC mode right after
6433 * the handshake to avoid buffer oveflows.
6434 */
6435 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +01006436 SSL_clear_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +00006437#endif
Emeric Brun46591952012-05-18 15:47:34 +02006438 /* Handshake succeeded */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006439 if (!SSL_session_reused(ctx->ssl)) {
Willy Tarreau0c9c2722014-05-28 12:28:58 +02006440 if (objt_server(conn->target)) {
6441 update_freq_ctr(&global.ssl_be_keys_per_sec, 1);
6442 if (global.ssl_be_keys_per_sec.curr_ctr > global.ssl_be_keys_max)
6443 global.ssl_be_keys_max = global.ssl_be_keys_per_sec.curr_ctr;
Emeric Brun46591952012-05-18 15:47:34 +02006444 }
Willy Tarreau0c9c2722014-05-28 12:28:58 +02006445 else {
6446 update_freq_ctr(&global.ssl_fe_keys_per_sec, 1);
6447 if (global.ssl_fe_keys_per_sec.curr_ctr > global.ssl_fe_keys_max)
6448 global.ssl_fe_keys_max = global.ssl_fe_keys_per_sec.curr_ctr;
6449 }
Emeric Brun46591952012-05-18 15:47:34 +02006450 }
6451
6452 /* The connection is now established at both layers, it's time to leave */
6453 conn->flags &= ~(flag | CO_FL_WAIT_L4_CONN | CO_FL_WAIT_L6_CONN);
6454 return 1;
6455
6456 out_error:
Emeric Brun644cde02012-12-14 11:21:13 +01006457 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02006458 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +01006459 ERR_clear_error();
6460
Emeric Brun9fa89732012-10-04 17:09:56 +02006461 /* free resumed session if exists */
Willy Tarreau07d94e42018-09-20 10:57:52 +02006462 if (objt_server(conn->target) && __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr) {
6463 free(__objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr);
6464 __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr = NULL;
Emeric Brun9fa89732012-10-04 17:09:56 +02006465 }
6466
Emeric Brun46591952012-05-18 15:47:34 +02006467 /* Fail on all other handshake errors */
6468 conn->flags |= CO_FL_ERROR;
Willy Tarreau20879a02012-12-03 16:32:10 +01006469 if (!conn->err_code)
6470 conn->err_code = CO_ER_SSL_HANDSHAKE;
Emeric Brun46591952012-05-18 15:47:34 +02006471 return 0;
6472}
6473
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006474/* Called from the upper layer, to subscribe <es> to events <event_type>. The
6475 * event subscriber <es> is not allowed to change from a previous call as long
6476 * as at least one event is still subscribed. The <event_type> must only be a
6477 * combination of SUB_RETRY_RECV and SUB_RETRY_SEND. It always returns 0,
6478 * unless the transport layer was already released.
6479 */
6480static int ssl_subscribe(struct connection *conn, void *xprt_ctx, int event_type, struct wait_event *es)
Olivier Houcharddf357842019-03-21 16:30:07 +01006481{
Olivier Houchardea8dd942019-05-20 14:02:16 +02006482 struct ssl_sock_ctx *ctx = xprt_ctx;
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006483
Olivier Houchard0ff28652019-06-24 18:57:39 +02006484 if (!ctx)
6485 return -1;
6486
Willy Tarreau113d52b2020-01-10 09:20:26 +01006487 BUG_ON(event_type & ~(SUB_RETRY_SEND|SUB_RETRY_RECV));
6488 BUG_ON(ctx->subs && ctx->subs->events & event_type);
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006489 BUG_ON(ctx->subs && ctx->subs != es);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006490
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006491 ctx->subs = es;
6492 es->events |= event_type;
Willy Tarreau113d52b2020-01-10 09:20:26 +01006493
6494 /* we may have to subscribe to lower layers for new events */
6495 event_type &= ~ctx->wait_event.events;
6496 if (event_type && !(conn->flags & CO_FL_SSL_WAIT_HS))
6497 ctx->xprt->subscribe(conn, ctx->xprt_ctx, event_type, &ctx->wait_event);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006498 return 0;
Olivier Houcharddf357842019-03-21 16:30:07 +01006499}
6500
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006501/* Called from the upper layer, to unsubscribe <es> from events <event_type>.
6502 * The <es> pointer is not allowed to differ from the one passed to the
6503 * subscribe() call. It always returns zero.
6504 */
6505static int ssl_unsubscribe(struct connection *conn, void *xprt_ctx, int event_type, struct wait_event *es)
Olivier Houcharddf357842019-03-21 16:30:07 +01006506{
Olivier Houchardea8dd942019-05-20 14:02:16 +02006507 struct ssl_sock_ctx *ctx = xprt_ctx;
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006508
Willy Tarreau113d52b2020-01-10 09:20:26 +01006509 BUG_ON(event_type & ~(SUB_RETRY_SEND|SUB_RETRY_RECV));
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006510 BUG_ON(ctx->subs && ctx->subs != es);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006511
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006512 es->events &= ~event_type;
6513 if (!es->events)
Willy Tarreau113d52b2020-01-10 09:20:26 +01006514 ctx->subs = NULL;
6515
6516 /* If we subscribed, and we're not doing the handshake,
6517 * then we subscribed because the upper layer asked for it,
6518 * as the upper layer is no longer interested, we can
6519 * unsubscribe too.
6520 */
6521 event_type &= ctx->wait_event.events;
6522 if (event_type && !(ctx->conn->flags & CO_FL_SSL_WAIT_HS))
6523 conn_unsubscribe(conn, ctx->xprt_ctx, event_type, &ctx->wait_event);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006524
6525 return 0;
Olivier Houcharddf357842019-03-21 16:30:07 +01006526}
6527
Olivier Houchard2e055482019-05-27 19:50:12 +02006528/* Use the provided XPRT as an underlying XPRT, and provide the old one.
6529 * Returns 0 on success, and non-zero on failure.
6530 */
6531static int ssl_add_xprt(struct connection *conn, void *xprt_ctx, void *toadd_ctx, const struct xprt_ops *toadd_ops, void **oldxprt_ctx, const struct xprt_ops **oldxprt_ops)
6532{
6533 struct ssl_sock_ctx *ctx = xprt_ctx;
6534
6535 if (oldxprt_ops != NULL)
6536 *oldxprt_ops = ctx->xprt;
6537 if (oldxprt_ctx != NULL)
6538 *oldxprt_ctx = ctx->xprt_ctx;
6539 ctx->xprt = toadd_ops;
6540 ctx->xprt_ctx = toadd_ctx;
6541 return 0;
6542}
6543
Olivier Houchard5149b592019-05-23 17:47:36 +02006544/* Remove the specified xprt. If if it our underlying XPRT, remove it and
6545 * return 0, otherwise just call the remove_xprt method from the underlying
6546 * XPRT.
6547 */
6548static int ssl_remove_xprt(struct connection *conn, void *xprt_ctx, void *toremove_ctx, const struct xprt_ops *newops, void *newctx)
6549{
6550 struct ssl_sock_ctx *ctx = xprt_ctx;
6551
6552 if (ctx->xprt_ctx == toremove_ctx) {
6553 ctx->xprt_ctx = newctx;
6554 ctx->xprt = newops;
6555 return 0;
6556 }
6557 return (ctx->xprt->remove_xprt(conn, ctx->xprt_ctx, toremove_ctx, newops, newctx));
6558}
6559
Olivier Houchardea8dd942019-05-20 14:02:16 +02006560static struct task *ssl_sock_io_cb(struct task *t, void *context, unsigned short state)
6561{
6562 struct ssl_sock_ctx *ctx = context;
6563
6564 /* First if we're doing an handshake, try that */
6565 if (ctx->conn->flags & CO_FL_SSL_WAIT_HS)
6566 ssl_sock_handshake(ctx->conn, CO_FL_SSL_WAIT_HS);
6567 /* If we had an error, or the handshake is done and I/O is available,
6568 * let the upper layer know.
Olivier Houchard477902b2020-01-22 18:08:48 +01006569 * If no mux was set up yet, then call conn_create_mux()
Olivier Houchardea8dd942019-05-20 14:02:16 +02006570 * we can't be sure conn_fd_handler() will be called again.
6571 */
6572 if ((ctx->conn->flags & CO_FL_ERROR) ||
6573 !(ctx->conn->flags & CO_FL_SSL_WAIT_HS)) {
6574 int ret = 0;
6575 int woke = 0;
6576
6577 /* On error, wake any waiter */
Willy Tarreau113d52b2020-01-10 09:20:26 +01006578 if (ctx->subs) {
6579 tasklet_wakeup(ctx->subs->tasklet);
6580 ctx->subs->events = 0;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006581 woke = 1;
Willy Tarreau113d52b2020-01-10 09:20:26 +01006582 ctx->subs = NULL;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006583 }
Willy Tarreau113d52b2020-01-10 09:20:26 +01006584
Olivier Houchardea8dd942019-05-20 14:02:16 +02006585 /* If we're the first xprt for the connection, let the
Olivier Houchard477902b2020-01-22 18:08:48 +01006586 * upper layers know. If we have no mux, create it,
6587 * and once we have a mux, call its wake method if we didn't
6588 * woke a tasklet already.
Olivier Houchardea8dd942019-05-20 14:02:16 +02006589 */
6590 if (ctx->conn->xprt_ctx == ctx) {
Olivier Houchard477902b2020-01-22 18:08:48 +01006591 if (!ctx->conn->mux)
6592 ret = conn_create_mux(ctx->conn);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006593 if (ret >= 0 && !woke && ctx->conn->mux && ctx->conn->mux->wake)
6594 ctx->conn->mux->wake(ctx->conn);
6595 return NULL;
6596 }
6597 }
Olivier Houchard54907bb2019-12-19 15:02:39 +01006598#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
6599 /* If we have early data and somebody wants to receive, let them */
Willy Tarreau113d52b2020-01-10 09:20:26 +01006600 else if (b_data(&ctx->early_buf) && ctx->subs &&
6601 ctx->subs->events & SUB_RETRY_RECV) {
6602 tasklet_wakeup(ctx->subs->tasklet);
6603 ctx->subs->events &= ~SUB_RETRY_RECV;
6604 if (!ctx->subs->events)
6605 ctx->subs = NULL;
Olivier Houchard54907bb2019-12-19 15:02:39 +01006606 }
6607#endif
Olivier Houchardea8dd942019-05-20 14:02:16 +02006608 return NULL;
6609}
6610
Emeric Brun46591952012-05-18 15:47:34 +02006611/* Receive up to <count> bytes from connection <conn>'s socket and store them
Willy Tarreauabf08d92014-01-14 11:31:27 +01006612 * into buffer <buf>. Only one call to recv() is performed, unless the
Emeric Brun46591952012-05-18 15:47:34 +02006613 * buffer wraps, in which case a second call may be performed. The connection's
6614 * flags are updated with whatever special event is detected (error, read0,
6615 * empty). The caller is responsible for taking care of those events and
6616 * avoiding the call if inappropriate. The function does not call the
6617 * connection's polling update function, so the caller is responsible for this.
6618 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006619static size_t ssl_sock_to_buf(struct connection *conn, void *xprt_ctx, struct buffer *buf, size_t count, int flags)
Emeric Brun46591952012-05-18 15:47:34 +02006620{
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006621 struct ssl_sock_ctx *ctx = xprt_ctx;
Willy Tarreaubfc4d772018-07-18 11:22:03 +02006622 ssize_t ret;
6623 size_t try, done = 0;
Emeric Brun46591952012-05-18 15:47:34 +02006624
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006625 if (!ctx)
Emeric Brun46591952012-05-18 15:47:34 +02006626 goto out_error;
6627
Olivier Houchard54907bb2019-12-19 15:02:39 +01006628#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
6629 if (b_data(&ctx->early_buf)) {
6630 try = b_contig_space(buf);
6631 if (try > b_data(&ctx->early_buf))
6632 try = b_data(&ctx->early_buf);
6633 memcpy(b_tail(buf), b_head(&ctx->early_buf), try);
6634 b_add(buf, try);
6635 b_del(&ctx->early_buf, try);
6636 if (b_data(&ctx->early_buf) == 0)
6637 b_free(&ctx->early_buf);
6638 return try;
6639 }
6640#endif
6641
Willy Tarreau911db9b2020-01-23 16:27:54 +01006642 if (conn->flags & (CO_FL_WAIT_XPRT | CO_FL_SSL_WAIT_HS))
Emeric Brun46591952012-05-18 15:47:34 +02006643 /* a handshake was requested */
6644 return 0;
6645
Emeric Brun46591952012-05-18 15:47:34 +02006646 /* read the largest possible block. For this, we perform only one call
6647 * to recv() unless the buffer wraps and we exactly fill the first hunk,
6648 * in which case we accept to do it once again. A new attempt is made on
6649 * EINTR too.
6650 */
Willy Tarreau00b0fb92014-01-17 11:09:40 +01006651 while (count > 0) {
Olivier Houchardc2aae742017-09-22 18:26:28 +02006652
Willy Tarreau591d4452018-06-15 17:21:00 +02006653 try = b_contig_space(buf);
6654 if (!try)
6655 break;
6656
Willy Tarreauabf08d92014-01-14 11:31:27 +01006657 if (try > count)
6658 try = count;
Willy Tarreau591d4452018-06-15 17:21:00 +02006659
Olivier Houchard66ab4982019-02-26 18:37:15 +01006660 ret = SSL_read(ctx->ssl, b_tail(buf), try);
Emmanuel Hocdetf967c312019-08-05 18:04:16 +02006661
Emeric Brune1f38db2012-09-03 20:36:47 +02006662 if (conn->flags & CO_FL_ERROR) {
6663 /* CO_FL_ERROR may be set by ssl_sock_infocbk */
Emeric Brun644cde02012-12-14 11:21:13 +01006664 goto out_error;
Emeric Brune1f38db2012-09-03 20:36:47 +02006665 }
Emeric Brun46591952012-05-18 15:47:34 +02006666 if (ret > 0) {
Olivier Houchardacd14032018-06-28 18:17:23 +02006667 b_add(buf, ret);
Emeric Brun46591952012-05-18 15:47:34 +02006668 done += ret;
Emeric Brun46591952012-05-18 15:47:34 +02006669 count -= ret;
Emeric Brun46591952012-05-18 15:47:34 +02006670 }
Emeric Brun46591952012-05-18 15:47:34 +02006671 else {
Olivier Houchard66ab4982019-02-26 18:37:15 +01006672 ret = SSL_get_error(ctx->ssl, ret);
Emeric Brun46591952012-05-18 15:47:34 +02006673 if (ret == SSL_ERROR_WANT_WRITE) {
Emeric Brun8af8dd12012-11-08 17:56:20 +01006674 /* handshake is running, and it needs to enable write */
Emeric Brun46591952012-05-18 15:47:34 +02006675 conn->flags |= CO_FL_SSL_WAIT_HS;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006676 ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_SEND, &ctx->wait_event);
Willy Tarreau5db847a2019-05-09 14:13:35 +02006677#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +00006678 /* Async mode can be re-enabled, because we're leaving data state.*/
6679 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +01006680 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +00006681#endif
Emeric Brun46591952012-05-18 15:47:34 +02006682 break;
6683 }
6684 else if (ret == SSL_ERROR_WANT_READ) {
Olivier Houchard66ab4982019-02-26 18:37:15 +01006685 if (SSL_renegotiate_pending(ctx->ssl)) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006686 ctx->xprt->subscribe(conn, ctx->xprt_ctx,
6687 SUB_RETRY_RECV,
6688 &ctx->wait_event);
Emeric Brun282a76a2012-11-08 18:02:56 +01006689 /* handshake is running, and it may need to re-enable read */
6690 conn->flags |= CO_FL_SSL_WAIT_HS;
Willy Tarreau5db847a2019-05-09 14:13:35 +02006691#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +00006692 /* Async mode can be re-enabled, because we're leaving data state.*/
6693 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +01006694 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +00006695#endif
Emeric Brun282a76a2012-11-08 18:02:56 +01006696 break;
6697 }
Emeric Brun46591952012-05-18 15:47:34 +02006698 break;
Olivier Houchardc2aae742017-09-22 18:26:28 +02006699 } else if (ret == SSL_ERROR_ZERO_RETURN)
6700 goto read0;
Christopher Faulet4ac77a92018-02-19 14:25:15 +01006701 /* For SSL_ERROR_SYSCALL, make sure to clear the error
6702 * stack before shutting down the connection for
6703 * reading. */
Olivier Houchard7e2e5052018-02-13 15:17:23 +01006704 if (ret == SSL_ERROR_SYSCALL && (!errno || errno == EAGAIN))
6705 goto clear_ssl_error;
Emeric Brun46591952012-05-18 15:47:34 +02006706 /* otherwise it's a real error */
6707 goto out_error;
6708 }
6709 }
Willy Tarreau31d4dbe2017-10-25 09:32:15 +02006710 leave:
Emeric Brun46591952012-05-18 15:47:34 +02006711 return done;
6712
Christopher Faulet4ac77a92018-02-19 14:25:15 +01006713 clear_ssl_error:
6714 /* Clear openssl global errors stack */
6715 ssl_sock_dump_errors(conn);
6716 ERR_clear_error();
Emeric Brun46591952012-05-18 15:47:34 +02006717 read0:
6718 conn_sock_read0(conn);
Willy Tarreau31d4dbe2017-10-25 09:32:15 +02006719 goto leave;
Christopher Faulet4ac77a92018-02-19 14:25:15 +01006720
Emeric Brun46591952012-05-18 15:47:34 +02006721 out_error:
Olivier Houchard7e2e5052018-02-13 15:17:23 +01006722 conn->flags |= CO_FL_ERROR;
Emeric Brun644cde02012-12-14 11:21:13 +01006723 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02006724 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +01006725 ERR_clear_error();
Willy Tarreau31d4dbe2017-10-25 09:32:15 +02006726 goto leave;
Emeric Brun46591952012-05-18 15:47:34 +02006727}
6728
6729
Willy Tarreau787db9a2018-06-14 18:31:46 +02006730/* Send up to <count> pending bytes from buffer <buf> to connection <conn>'s
6731 * socket. <flags> may contain some CO_SFL_* flags to hint the system about
6732 * other pending data for example, but this flag is ignored at the moment.
Emeric Brun46591952012-05-18 15:47:34 +02006733 * Only one call to send() is performed, unless the buffer wraps, in which case
6734 * a second call may be performed. The connection's flags are updated with
6735 * whatever special event is detected (error, empty). The caller is responsible
6736 * for taking care of those events and avoiding the call if inappropriate. The
6737 * function does not call the connection's polling update function, so the caller
Willy Tarreau787db9a2018-06-14 18:31:46 +02006738 * is responsible for this. The buffer's output is not adjusted, it's up to the
6739 * caller to take care of this. It's up to the caller to update the buffer's
6740 * contents based on the return value.
Emeric Brun46591952012-05-18 15:47:34 +02006741 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006742static size_t ssl_sock_from_buf(struct connection *conn, void *xprt_ctx, const struct buffer *buf, size_t count, int flags)
Emeric Brun46591952012-05-18 15:47:34 +02006743{
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006744 struct ssl_sock_ctx *ctx = xprt_ctx;
Willy Tarreau787db9a2018-06-14 18:31:46 +02006745 ssize_t ret;
6746 size_t try, done;
Emeric Brun46591952012-05-18 15:47:34 +02006747
6748 done = 0;
6749
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006750 if (!ctx)
Emeric Brun46591952012-05-18 15:47:34 +02006751 goto out_error;
6752
Willy Tarreau911db9b2020-01-23 16:27:54 +01006753 if (conn->flags & (CO_FL_WAIT_XPRT | CO_FL_SSL_WAIT_HS | CO_FL_EARLY_SSL_HS))
Emeric Brun46591952012-05-18 15:47:34 +02006754 /* a handshake was requested */
6755 return 0;
6756
6757 /* send the largest possible block. For this we perform only one call
6758 * to send() unless the buffer wraps and we exactly fill the first hunk,
6759 * in which case we accept to do it once again.
6760 */
Willy Tarreau787db9a2018-06-14 18:31:46 +02006761 while (count) {
Willy Tarreau5db847a2019-05-09 14:13:35 +02006762#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchardc2aae742017-09-22 18:26:28 +02006763 size_t written_data;
6764#endif
6765
Willy Tarreau787db9a2018-06-14 18:31:46 +02006766 try = b_contig_data(buf, done);
6767 if (try > count)
6768 try = count;
Willy Tarreaubfd59462013-02-21 07:46:09 +01006769
Willy Tarreau7bed9452014-02-02 02:00:24 +01006770 if (!(flags & CO_SFL_STREAMER) &&
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006771 !(ctx->xprt_st & SSL_SOCK_SEND_UNLIMITED) &&
Willy Tarreauef934602016-12-22 23:12:01 +01006772 global_ssl.max_record && try > global_ssl.max_record) {
6773 try = global_ssl.max_record;
Willy Tarreau518cedd2014-02-17 15:43:01 +01006774 }
6775 else {
6776 /* we need to keep the information about the fact that
6777 * we're not limiting the upcoming send(), because if it
6778 * fails, we'll have to retry with at least as many data.
6779 */
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006780 ctx->xprt_st |= SSL_SOCK_SEND_UNLIMITED;
Willy Tarreau518cedd2014-02-17 15:43:01 +01006781 }
Willy Tarreaubfd59462013-02-21 07:46:09 +01006782
Willy Tarreau5db847a2019-05-09 14:13:35 +02006783#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchard010941f2019-05-03 20:56:19 +02006784 if (!SSL_is_init_finished(ctx->ssl) && conn_is_back(conn)) {
Olivier Houchardc2aae742017-09-22 18:26:28 +02006785 unsigned int max_early;
6786
Olivier Houchard522eea72017-11-03 16:27:47 +01006787 if (objt_listener(conn->target))
Olivier Houchard66ab4982019-02-26 18:37:15 +01006788 max_early = SSL_get_max_early_data(ctx->ssl);
Olivier Houchard522eea72017-11-03 16:27:47 +01006789 else {
Olivier Houchard66ab4982019-02-26 18:37:15 +01006790 if (SSL_get0_session(ctx->ssl))
6791 max_early = SSL_SESSION_get_max_early_data(SSL_get0_session(ctx->ssl));
Olivier Houchard522eea72017-11-03 16:27:47 +01006792 else
6793 max_early = 0;
6794 }
6795
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006796 if (try + ctx->sent_early_data > max_early) {
6797 try -= (try + ctx->sent_early_data) - max_early;
Olivier Houchard522eea72017-11-03 16:27:47 +01006798 if (try <= 0) {
Olivier Houchard010941f2019-05-03 20:56:19 +02006799 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Olivier Houchard965e84e2019-06-15 20:59:30 +02006800 tasklet_wakeup(ctx->wait_event.tasklet);
Olivier Houchardc2aae742017-09-22 18:26:28 +02006801 break;
Olivier Houchard522eea72017-11-03 16:27:47 +01006802 }
Olivier Houchardc2aae742017-09-22 18:26:28 +02006803 }
Olivier Houchard66ab4982019-02-26 18:37:15 +01006804 ret = SSL_write_early_data(ctx->ssl, b_peek(buf, done), try, &written_data);
Olivier Houchardc2aae742017-09-22 18:26:28 +02006805 if (ret == 1) {
6806 ret = written_data;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006807 ctx->sent_early_data += ret;
Olivier Houchard965e84e2019-06-15 20:59:30 +02006808 if (objt_server(conn->target)) {
Olivier Houchard522eea72017-11-03 16:27:47 +01006809 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN | CO_FL_EARLY_DATA;
Olivier Houchard965e84e2019-06-15 20:59:30 +02006810 /* Initiate the handshake, now */
6811 tasklet_wakeup(ctx->wait_event.tasklet);
6812 }
Olivier Houchard522eea72017-11-03 16:27:47 +01006813
Olivier Houchardc2aae742017-09-22 18:26:28 +02006814 }
6815
6816 } else
6817#endif
Olivier Houchard66ab4982019-02-26 18:37:15 +01006818 ret = SSL_write(ctx->ssl, b_peek(buf, done), try);
Willy Tarreau518cedd2014-02-17 15:43:01 +01006819
Emeric Brune1f38db2012-09-03 20:36:47 +02006820 if (conn->flags & CO_FL_ERROR) {
6821 /* CO_FL_ERROR may be set by ssl_sock_infocbk */
Emeric Brun644cde02012-12-14 11:21:13 +01006822 goto out_error;
Emeric Brune1f38db2012-09-03 20:36:47 +02006823 }
Emeric Brun46591952012-05-18 15:47:34 +02006824 if (ret > 0) {
Willy Tarreauc192b0a2020-01-23 09:11:58 +01006825 /* A send succeeded, so we can consider ourself connected */
6826 conn->flags &= ~CO_FL_WAIT_L4L6;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006827 ctx->xprt_st &= ~SSL_SOCK_SEND_UNLIMITED;
Willy Tarreau787db9a2018-06-14 18:31:46 +02006828 count -= ret;
Emeric Brun46591952012-05-18 15:47:34 +02006829 done += ret;
Emeric Brun46591952012-05-18 15:47:34 +02006830 }
6831 else {
Olivier Houchard66ab4982019-02-26 18:37:15 +01006832 ret = SSL_get_error(ctx->ssl, ret);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006833
Emeric Brun46591952012-05-18 15:47:34 +02006834 if (ret == SSL_ERROR_WANT_WRITE) {
Olivier Houchard66ab4982019-02-26 18:37:15 +01006835 if (SSL_renegotiate_pending(ctx->ssl)) {
Emeric Brun282a76a2012-11-08 18:02:56 +01006836 /* handshake is running, and it may need to re-enable write */
6837 conn->flags |= CO_FL_SSL_WAIT_HS;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006838 ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_SEND, &ctx->wait_event);
Willy Tarreau5db847a2019-05-09 14:13:35 +02006839#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +00006840 /* Async mode can be re-enabled, because we're leaving data state.*/
6841 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +01006842 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +00006843#endif
Emeric Brun282a76a2012-11-08 18:02:56 +01006844 break;
6845 }
Olivier Houchardea8dd942019-05-20 14:02:16 +02006846
Emeric Brun46591952012-05-18 15:47:34 +02006847 break;
6848 }
6849 else if (ret == SSL_ERROR_WANT_READ) {
Emeric Brun8af8dd12012-11-08 17:56:20 +01006850 /* handshake is running, and it needs to enable read */
Emeric Brun46591952012-05-18 15:47:34 +02006851 conn->flags |= CO_FL_SSL_WAIT_HS;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006852 ctx->xprt->subscribe(conn, ctx->xprt_ctx,
6853 SUB_RETRY_RECV,
6854 &ctx->wait_event);
Willy Tarreau5db847a2019-05-09 14:13:35 +02006855#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +00006856 /* Async mode can be re-enabled, because we're leaving data state.*/
6857 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +01006858 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +00006859#endif
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006860 break;
6861 }
Emeric Brun46591952012-05-18 15:47:34 +02006862 goto out_error;
6863 }
6864 }
Willy Tarreau31d4dbe2017-10-25 09:32:15 +02006865 leave:
Emeric Brun46591952012-05-18 15:47:34 +02006866 return done;
6867
6868 out_error:
Emeric Brun644cde02012-12-14 11:21:13 +01006869 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02006870 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +01006871 ERR_clear_error();
6872
Emeric Brun46591952012-05-18 15:47:34 +02006873 conn->flags |= CO_FL_ERROR;
Willy Tarreau31d4dbe2017-10-25 09:32:15 +02006874 goto leave;
Emeric Brun46591952012-05-18 15:47:34 +02006875}
6876
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006877static void ssl_sock_close(struct connection *conn, void *xprt_ctx) {
Emeric Brun46591952012-05-18 15:47:34 +02006878
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006879 struct ssl_sock_ctx *ctx = xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006880
Olivier Houchardea8dd942019-05-20 14:02:16 +02006881
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006882 if (ctx) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006883 if (ctx->wait_event.events != 0)
6884 ctx->xprt->unsubscribe(ctx->conn, ctx->xprt_ctx,
6885 ctx->wait_event.events,
6886 &ctx->wait_event);
Willy Tarreau113d52b2020-01-10 09:20:26 +01006887 if (ctx->subs) {
6888 ctx->subs->events = 0;
6889 tasklet_wakeup(ctx->subs->tasklet);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006890 }
Willy Tarreau113d52b2020-01-10 09:20:26 +01006891
Olivier Houchard692c1d02019-05-23 18:41:47 +02006892 if (ctx->xprt->close)
6893 ctx->xprt->close(conn, ctx->xprt_ctx);
Willy Tarreau5db847a2019-05-09 14:13:35 +02006894#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brun3854e012017-05-17 20:42:48 +02006895 if (global_ssl.async) {
6896 OSSL_ASYNC_FD all_fd[32], afd;
6897 size_t num_all_fds = 0;
6898 int i;
6899
Olivier Houchard66ab4982019-02-26 18:37:15 +01006900 SSL_get_all_async_fds(ctx->ssl, NULL, &num_all_fds);
Emeric Brun3854e012017-05-17 20:42:48 +02006901 if (num_all_fds > 32) {
6902 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
6903 return;
6904 }
6905
Olivier Houchard66ab4982019-02-26 18:37:15 +01006906 SSL_get_all_async_fds(ctx->ssl, all_fd, &num_all_fds);
Emeric Brun3854e012017-05-17 20:42:48 +02006907
6908 /* If an async job is pending, we must try to
6909 to catch the end using polling before calling
6910 SSL_free */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006911 if (num_all_fds && SSL_waiting_for_async(ctx->ssl)) {
Emeric Brun3854e012017-05-17 20:42:48 +02006912 for (i=0 ; i < num_all_fds ; i++) {
6913 /* switch on an handler designed to
6914 * handle the SSL_free
6915 */
6916 afd = all_fd[i];
6917 fdtab[afd].iocb = ssl_async_fd_free;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006918 fdtab[afd].owner = ctx->ssl;
Emeric Brun3854e012017-05-17 20:42:48 +02006919 fd_want_recv(afd);
Emeric Brunce9e01c2017-05-31 10:02:53 +00006920 /* To ensure that the fd cache won't be used
6921 * and we'll catch a real RD event.
6922 */
6923 fd_cant_recv(afd);
Emeric Brun3854e012017-05-17 20:42:48 +02006924 }
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006925 tasklet_free(ctx->wait_event.tasklet);
Olivier Houchard66ab4982019-02-26 18:37:15 +01006926 pool_free(ssl_sock_ctx_pool, ctx);
Olivier Houchard2be5a4c2019-03-08 18:54:43 +01006927 _HA_ATOMIC_ADD(&jobs, 1);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006928 return;
6929 }
Emeric Brun3854e012017-05-17 20:42:48 +02006930 /* Else we can remove the fds from the fdtab
6931 * and call SSL_free.
6932 * note: we do a fd_remove and not a delete
6933 * because the fd is owned by the engine.
6934 * the engine is responsible to close
6935 */
6936 for (i=0 ; i < num_all_fds ; i++)
6937 fd_remove(all_fd[i]);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006938 }
6939#endif
Olivier Houchard66ab4982019-02-26 18:37:15 +01006940 SSL_free(ctx->ssl);
Olivier Houchard54907bb2019-12-19 15:02:39 +01006941 b_free(&ctx->early_buf);
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006942 tasklet_free(ctx->wait_event.tasklet);
Olivier Houchard66ab4982019-02-26 18:37:15 +01006943 pool_free(ssl_sock_ctx_pool, ctx);
Olivier Houchard2be5a4c2019-03-08 18:54:43 +01006944 _HA_ATOMIC_SUB(&sslconns, 1);
Emeric Brun46591952012-05-18 15:47:34 +02006945 }
Emeric Brun46591952012-05-18 15:47:34 +02006946}
6947
6948/* This function tries to perform a clean shutdown on an SSL connection, and in
6949 * any case, flags the connection as reusable if no handshake was in progress.
6950 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006951static void ssl_sock_shutw(struct connection *conn, void *xprt_ctx, int clean)
Emeric Brun46591952012-05-18 15:47:34 +02006952{
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006953 struct ssl_sock_ctx *ctx = xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006954
Willy Tarreau911db9b2020-01-23 16:27:54 +01006955 if (conn->flags & (CO_FL_WAIT_XPRT | CO_FL_SSL_WAIT_HS))
Emeric Brun46591952012-05-18 15:47:34 +02006956 return;
Emmanuel Hocdet405ff312017-01-08 14:07:39 +01006957 if (!clean)
6958 /* don't sent notify on SSL_shutdown */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006959 SSL_set_quiet_shutdown(ctx->ssl, 1);
Emeric Brun46591952012-05-18 15:47:34 +02006960 /* no handshake was in progress, try a clean ssl shutdown */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006961 if (SSL_shutdown(ctx->ssl) <= 0) {
Emeric Brun644cde02012-12-14 11:21:13 +01006962 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02006963 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +01006964 ERR_clear_error();
6965 }
Emeric Brun46591952012-05-18 15:47:34 +02006966}
6967
William Lallemandd4f946c2019-12-05 10:26:40 +01006968/* fill a buffer with the algorithm and size of a public key */
6969static int cert_get_pkey_algo(X509 *crt, struct buffer *out)
Emmanuel Hocdet96b78342017-10-31 15:46:07 +01006970{
Emmanuel Hocdet96b78342017-10-31 15:46:07 +01006971 int bits = 0;
6972 int sig = TLSEXT_signature_anonymous;
6973 int len = -1;
Emmanuel Hocdetc3775d22019-11-04 18:19:32 +01006974 EVP_PKEY *pkey;
Emmanuel Hocdet96b78342017-10-31 15:46:07 +01006975
Emmanuel Hocdetc3775d22019-11-04 18:19:32 +01006976 pkey = X509_get_pubkey(crt);
6977 if (pkey) {
6978 bits = EVP_PKEY_bits(pkey);
6979 switch(EVP_PKEY_base_id(pkey)) {
6980 case EVP_PKEY_RSA:
6981 sig = TLSEXT_signature_rsa;
6982 break;
6983 case EVP_PKEY_EC:
6984 sig = TLSEXT_signature_ecdsa;
6985 break;
6986 case EVP_PKEY_DSA:
6987 sig = TLSEXT_signature_dsa;
6988 break;
Emmanuel Hocdet96b78342017-10-31 15:46:07 +01006989 }
Emmanuel Hocdetc3775d22019-11-04 18:19:32 +01006990 EVP_PKEY_free(pkey);
Emmanuel Hocdet96b78342017-10-31 15:46:07 +01006991 }
6992
6993 switch(sig) {
6994 case TLSEXT_signature_rsa:
6995 len = chunk_printf(out, "RSA%d", bits);
6996 break;
6997 case TLSEXT_signature_ecdsa:
6998 len = chunk_printf(out, "EC%d", bits);
6999 break;
7000 case TLSEXT_signature_dsa:
7001 len = chunk_printf(out, "DSA%d", bits);
7002 break;
7003 default:
7004 return 0;
7005 }
7006 if (len < 0)
7007 return 0;
7008 return 1;
7009}
7010
William Lallemandd4f946c2019-12-05 10:26:40 +01007011/* used for ppv2 pkey alog (can be used for logging) */
7012int ssl_sock_get_pkey_algo(struct connection *conn, struct buffer *out)
7013{
7014 struct ssl_sock_ctx *ctx;
7015 X509 *crt;
7016
7017 if (!ssl_sock_is_ssl(conn))
7018 return 0;
7019
7020 ctx = conn->xprt_ctx;
7021
7022 crt = SSL_get_certificate(ctx->ssl);
7023 if (!crt)
7024 return 0;
7025
7026 return cert_get_pkey_algo(crt, out);
7027}
7028
Emmanuel Hocdet283e0042017-11-02 14:05:23 +01007029/* used for ppv2 cert signature (can be used for logging) */
7030const char *ssl_sock_get_cert_sig(struct connection *conn)
7031{
Christopher Faulet82004142019-09-10 10:12:03 +02007032 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007033
Emmanuel Hocdet283e0042017-11-02 14:05:23 +01007034 __OPENSSL_110_CONST__ ASN1_OBJECT *algorithm;
7035 X509 *crt;
7036
7037 if (!ssl_sock_is_ssl(conn))
7038 return NULL;
Christopher Faulet82004142019-09-10 10:12:03 +02007039 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007040 crt = SSL_get_certificate(ctx->ssl);
Emmanuel Hocdet283e0042017-11-02 14:05:23 +01007041 if (!crt)
7042 return NULL;
7043 X509_ALGOR_get0(&algorithm, NULL, NULL, X509_get0_tbs_sigalg(crt));
7044 return OBJ_nid2sn(OBJ_obj2nid(algorithm));
7045}
7046
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +01007047/* used for ppv2 authority */
7048const char *ssl_sock_get_sni(struct connection *conn)
7049{
7050#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Christopher Faulet82004142019-09-10 10:12:03 +02007051 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007052
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +01007053 if (!ssl_sock_is_ssl(conn))
7054 return NULL;
Christopher Faulet82004142019-09-10 10:12:03 +02007055 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007056 return SSL_get_servername(ctx->ssl, TLSEXT_NAMETYPE_host_name);
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +01007057#else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007058 return NULL;
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +01007059#endif
7060}
7061
Emmanuel Hocdet01da5712017-10-13 16:59:49 +02007062/* used for logging/ppv2, may be changed for a sample fetch later */
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007063const char *ssl_sock_get_cipher_name(struct connection *conn)
7064{
Christopher Faulet82004142019-09-10 10:12:03 +02007065 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007066
Emmanuel Hocdet01da5712017-10-13 16:59:49 +02007067 if (!ssl_sock_is_ssl(conn))
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007068 return NULL;
Christopher Faulet82004142019-09-10 10:12:03 +02007069 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007070 return SSL_get_cipher_name(ctx->ssl);
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007071}
7072
Emmanuel Hocdet01da5712017-10-13 16:59:49 +02007073/* used for logging/ppv2, may be changed for a sample fetch later */
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007074const char *ssl_sock_get_proto_version(struct connection *conn)
7075{
Christopher Faulet82004142019-09-10 10:12:03 +02007076 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007077
Emmanuel Hocdet01da5712017-10-13 16:59:49 +02007078 if (!ssl_sock_is_ssl(conn))
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007079 return NULL;
Christopher Faulet82004142019-09-10 10:12:03 +02007080 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007081 return SSL_get_version(ctx->ssl);
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007082}
7083
Willy Tarreau8d598402012-10-22 17:58:39 +02007084/* Extract a serial from a cert, and copy it to a chunk.
7085 * Returns 1 if serial is found and copied, 0 if no serial found and
7086 * -1 if output is not large enough.
7087 */
7088static int
Willy Tarreau83061a82018-07-13 11:56:34 +02007089ssl_sock_get_serial(X509 *crt, struct buffer *out)
Willy Tarreau8d598402012-10-22 17:58:39 +02007090{
7091 ASN1_INTEGER *serial;
7092
7093 serial = X509_get_serialNumber(crt);
7094 if (!serial)
7095 return 0;
7096
7097 if (out->size < serial->length)
7098 return -1;
7099
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007100 memcpy(out->area, serial->data, serial->length);
7101 out->data = serial->length;
Willy Tarreau8d598402012-10-22 17:58:39 +02007102 return 1;
7103}
7104
Emeric Brun43e79582014-10-29 19:03:26 +01007105/* Extract a cert to der, and copy it to a chunk.
Joseph Herlant017b3da2018-11-15 09:07:59 -08007106 * Returns 1 if the cert is found and copied, 0 on der conversion failure
7107 * and -1 if the output is not large enough.
Emeric Brun43e79582014-10-29 19:03:26 +01007108 */
7109static int
Willy Tarreau83061a82018-07-13 11:56:34 +02007110ssl_sock_crt2der(X509 *crt, struct buffer *out)
Emeric Brun43e79582014-10-29 19:03:26 +01007111{
7112 int len;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007113 unsigned char *p = (unsigned char *) out->area;;
Emeric Brun43e79582014-10-29 19:03:26 +01007114
7115 len =i2d_X509(crt, NULL);
7116 if (len <= 0)
7117 return 1;
7118
7119 if (out->size < len)
7120 return -1;
7121
7122 i2d_X509(crt,&p);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007123 out->data = len;
Emeric Brun43e79582014-10-29 19:03:26 +01007124 return 1;
7125}
7126
Emeric Brunce5ad802012-10-22 14:11:22 +02007127
Willy Tarreau83061a82018-07-13 11:56:34 +02007128/* Copy Date in ASN1_UTCTIME format in struct buffer out.
Emeric Brunce5ad802012-10-22 14:11:22 +02007129 * Returns 1 if serial is found and copied, 0 if no valid time found
7130 * and -1 if output is not large enough.
7131 */
7132static int
Willy Tarreau83061a82018-07-13 11:56:34 +02007133ssl_sock_get_time(ASN1_TIME *tm, struct buffer *out)
Emeric Brunce5ad802012-10-22 14:11:22 +02007134{
7135 if (tm->type == V_ASN1_GENERALIZEDTIME) {
7136 ASN1_GENERALIZEDTIME *gentm = (ASN1_GENERALIZEDTIME *)tm;
7137
7138 if (gentm->length < 12)
7139 return 0;
7140 if (gentm->data[0] != 0x32 || gentm->data[1] != 0x30)
7141 return 0;
7142 if (out->size < gentm->length-2)
7143 return -1;
7144
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007145 memcpy(out->area, gentm->data+2, gentm->length-2);
7146 out->data = gentm->length-2;
Emeric Brunce5ad802012-10-22 14:11:22 +02007147 return 1;
7148 }
7149 else if (tm->type == V_ASN1_UTCTIME) {
7150 ASN1_UTCTIME *utctm = (ASN1_UTCTIME *)tm;
7151
7152 if (utctm->length < 10)
7153 return 0;
7154 if (utctm->data[0] >= 0x35)
7155 return 0;
7156 if (out->size < utctm->length)
7157 return -1;
7158
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007159 memcpy(out->area, utctm->data, utctm->length);
7160 out->data = utctm->length;
Emeric Brunce5ad802012-10-22 14:11:22 +02007161 return 1;
7162 }
7163
7164 return 0;
7165}
7166
Emeric Brun87855892012-10-17 17:39:35 +02007167/* Extract an entry from a X509_NAME and copy its value to an output chunk.
7168 * Returns 1 if entry found, 0 if entry not found, or -1 if output not large enough.
7169 */
7170static int
Willy Tarreau83061a82018-07-13 11:56:34 +02007171ssl_sock_get_dn_entry(X509_NAME *a, const struct buffer *entry, int pos,
7172 struct buffer *out)
Emeric Brun87855892012-10-17 17:39:35 +02007173{
7174 X509_NAME_ENTRY *ne;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007175 ASN1_OBJECT *obj;
7176 ASN1_STRING *data;
7177 const unsigned char *data_ptr;
7178 int data_len;
Emeric Brun87855892012-10-17 17:39:35 +02007179 int i, j, n;
7180 int cur = 0;
7181 const char *s;
7182 char tmp[128];
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007183 int name_count;
7184
7185 name_count = X509_NAME_entry_count(a);
Emeric Brun87855892012-10-17 17:39:35 +02007186
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007187 out->data = 0;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007188 for (i = 0; i < name_count; i++) {
Emeric Brun87855892012-10-17 17:39:35 +02007189 if (pos < 0)
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007190 j = (name_count-1) - i;
Emeric Brun87855892012-10-17 17:39:35 +02007191 else
7192 j = i;
7193
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007194 ne = X509_NAME_get_entry(a, j);
7195 obj = X509_NAME_ENTRY_get_object(ne);
7196 data = X509_NAME_ENTRY_get_data(ne);
7197 data_ptr = ASN1_STRING_get0_data(data);
7198 data_len = ASN1_STRING_length(data);
7199 n = OBJ_obj2nid(obj);
Emeric Brun87855892012-10-17 17:39:35 +02007200 if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007201 i2t_ASN1_OBJECT(tmp, sizeof(tmp), obj);
Emeric Brun87855892012-10-17 17:39:35 +02007202 s = tmp;
7203 }
7204
7205 if (chunk_strcasecmp(entry, s) != 0)
7206 continue;
7207
7208 if (pos < 0)
7209 cur--;
7210 else
7211 cur++;
7212
7213 if (cur != pos)
7214 continue;
7215
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007216 if (data_len > out->size)
Emeric Brun87855892012-10-17 17:39:35 +02007217 return -1;
7218
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007219 memcpy(out->area, data_ptr, data_len);
7220 out->data = data_len;
Emeric Brun87855892012-10-17 17:39:35 +02007221 return 1;
7222 }
7223
7224 return 0;
7225
William Lallemandd4f946c2019-12-05 10:26:40 +01007226}
7227
7228/*
7229 * Extract and format the DNS SAN extensions and copy result into a chuink
7230 * Return 0;
7231 */
7232#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
7233static int ssl_sock_get_san_oneline(X509 *cert, struct buffer *out)
7234{
7235 int i;
7236 char *str;
7237 STACK_OF(GENERAL_NAME) *names = NULL;
7238
7239 names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
7240 if (names) {
7241 for (i = 0; i < sk_GENERAL_NAME_num(names); i++) {
7242 GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
7243 if (i > 0)
7244 chunk_appendf(out, ", ");
7245 if (name->type == GEN_DNS) {
7246 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
7247 chunk_appendf(out, "DNS:%s", str);
7248 OPENSSL_free(str);
7249 }
7250 }
7251 }
7252 sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
7253 }
7254 return 0;
Emeric Brun87855892012-10-17 17:39:35 +02007255}
William Lallemandd4f946c2019-12-05 10:26:40 +01007256#endif
Emeric Brun87855892012-10-17 17:39:35 +02007257
Elliot Otchet71f82972020-01-15 08:12:14 -05007258/*
7259 * Extract the DN in the specified format from the X509_NAME and copy result to a chunk.
7260 * Currently supports rfc2253 for returning LDAP V3 DNs.
7261 * Returns 1 if dn entries exist, 0 if no dn entry was found.
7262 */
7263static int
7264ssl_sock_get_dn_formatted(X509_NAME *a, const struct buffer *format, struct buffer *out)
7265{
7266 BIO *bio = NULL;
7267 int ret = 0;
7268 int data_len = 0;
7269
7270 if (chunk_strcmp(format, "rfc2253") == 0) {
7271 bio = BIO_new(BIO_s_mem());
7272 if (bio == NULL)
7273 goto out;
7274
7275 if (X509_NAME_print_ex(bio, a, 0, XN_FLAG_RFC2253) < 0)
7276 goto out;
7277
7278 if ((data_len = BIO_read(bio, out->area, out->size)) <= 0)
7279 goto out;
7280
7281 out->data = data_len;
7282
7283 ret = 1;
7284 }
7285out:
7286 if (bio)
7287 BIO_free(bio);
7288 return ret;
7289}
7290
Emeric Brun87855892012-10-17 17:39:35 +02007291/* Extract and format full DN from a X509_NAME and copy result into a chunk
7292 * Returns 1 if dn entries exits, 0 if no dn entry found or -1 if output is not large enough.
7293 */
7294static int
Willy Tarreau83061a82018-07-13 11:56:34 +02007295ssl_sock_get_dn_oneline(X509_NAME *a, struct buffer *out)
Emeric Brun87855892012-10-17 17:39:35 +02007296{
7297 X509_NAME_ENTRY *ne;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007298 ASN1_OBJECT *obj;
7299 ASN1_STRING *data;
7300 const unsigned char *data_ptr;
7301 int data_len;
Emeric Brun87855892012-10-17 17:39:35 +02007302 int i, n, ln;
7303 int l = 0;
7304 const char *s;
7305 char *p;
7306 char tmp[128];
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007307 int name_count;
7308
7309
7310 name_count = X509_NAME_entry_count(a);
Emeric Brun87855892012-10-17 17:39:35 +02007311
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007312 out->data = 0;
7313 p = out->area;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007314 for (i = 0; i < name_count; i++) {
7315 ne = X509_NAME_get_entry(a, i);
7316 obj = X509_NAME_ENTRY_get_object(ne);
7317 data = X509_NAME_ENTRY_get_data(ne);
7318 data_ptr = ASN1_STRING_get0_data(data);
7319 data_len = ASN1_STRING_length(data);
7320 n = OBJ_obj2nid(obj);
Emeric Brun87855892012-10-17 17:39:35 +02007321 if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007322 i2t_ASN1_OBJECT(tmp, sizeof(tmp), obj);
Emeric Brun87855892012-10-17 17:39:35 +02007323 s = tmp;
7324 }
7325 ln = strlen(s);
7326
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007327 l += 1 + ln + 1 + data_len;
Emeric Brun87855892012-10-17 17:39:35 +02007328 if (l > out->size)
7329 return -1;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007330 out->data = l;
Emeric Brun87855892012-10-17 17:39:35 +02007331
7332 *(p++)='/';
7333 memcpy(p, s, ln);
7334 p += ln;
7335 *(p++)='=';
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007336 memcpy(p, data_ptr, data_len);
7337 p += data_len;
Emeric Brun87855892012-10-17 17:39:35 +02007338 }
7339
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007340 if (!out->data)
Emeric Brun87855892012-10-17 17:39:35 +02007341 return 0;
7342
7343 return 1;
7344}
7345
Olivier Houchardab28a322018-12-21 19:45:40 +01007346void ssl_sock_set_alpn(struct connection *conn, const unsigned char *alpn, int len)
7347{
7348#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Christopher Faulet82004142019-09-10 10:12:03 +02007349 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007350
Olivier Houcharde488ea82019-06-28 14:10:33 +02007351 if (!ssl_sock_is_ssl(conn))
7352 return;
Christopher Faulet82004142019-09-10 10:12:03 +02007353 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007354 SSL_set_alpn_protos(ctx->ssl, alpn, len);
Olivier Houchardab28a322018-12-21 19:45:40 +01007355#endif
7356}
7357
Willy Tarreau119a4082016-12-22 21:58:38 +01007358/* Sets advertised SNI for outgoing connections. Please set <hostname> to NULL
7359 * to disable SNI.
7360 */
Willy Tarreau63076412015-07-10 11:33:32 +02007361void ssl_sock_set_servername(struct connection *conn, const char *hostname)
7362{
7363#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Christopher Faulet82004142019-09-10 10:12:03 +02007364 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007365
Willy Tarreau119a4082016-12-22 21:58:38 +01007366 char *prev_name;
7367
Willy Tarreau63076412015-07-10 11:33:32 +02007368 if (!ssl_sock_is_ssl(conn))
7369 return;
Christopher Faulet82004142019-09-10 10:12:03 +02007370 ctx = conn->xprt_ctx;
Willy Tarreau63076412015-07-10 11:33:32 +02007371
Willy Tarreau119a4082016-12-22 21:58:38 +01007372 /* if the SNI changes, we must destroy the reusable context so that a
7373 * new connection will present a new SNI. As an optimization we could
7374 * later imagine having a small cache of ssl_ctx to hold a few SNI per
7375 * server.
7376 */
Olivier Houchard66ab4982019-02-26 18:37:15 +01007377 prev_name = (char *)SSL_get_servername(ctx->ssl, TLSEXT_NAMETYPE_host_name);
Willy Tarreau119a4082016-12-22 21:58:38 +01007378 if ((!prev_name && hostname) ||
7379 (prev_name && (!hostname || strcmp(hostname, prev_name) != 0)))
Olivier Houchard66ab4982019-02-26 18:37:15 +01007380 SSL_set_session(ctx->ssl, NULL);
Willy Tarreau119a4082016-12-22 21:58:38 +01007381
Olivier Houchard66ab4982019-02-26 18:37:15 +01007382 SSL_set_tlsext_host_name(ctx->ssl, hostname);
Willy Tarreau63076412015-07-10 11:33:32 +02007383#endif
7384}
7385
Emeric Brun0abf8362014-06-24 18:26:41 +02007386/* Extract peer certificate's common name into the chunk dest
7387 * Returns
7388 * the len of the extracted common name
7389 * or 0 if no CN found in DN
7390 * or -1 on error case (i.e. no peer certificate)
7391 */
Willy Tarreau83061a82018-07-13 11:56:34 +02007392int ssl_sock_get_remote_common_name(struct connection *conn,
7393 struct buffer *dest)
David Safb76832014-05-08 23:42:08 -04007394{
Christopher Faulet82004142019-09-10 10:12:03 +02007395 struct ssl_sock_ctx *ctx;
David Safb76832014-05-08 23:42:08 -04007396 X509 *crt = NULL;
7397 X509_NAME *name;
David Safb76832014-05-08 23:42:08 -04007398 const char find_cn[] = "CN";
Willy Tarreau83061a82018-07-13 11:56:34 +02007399 const struct buffer find_cn_chunk = {
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007400 .area = (char *)&find_cn,
7401 .data = sizeof(find_cn)-1
David Safb76832014-05-08 23:42:08 -04007402 };
Emeric Brun0abf8362014-06-24 18:26:41 +02007403 int result = -1;
David Safb76832014-05-08 23:42:08 -04007404
7405 if (!ssl_sock_is_ssl(conn))
Emeric Brun0abf8362014-06-24 18:26:41 +02007406 goto out;
Christopher Faulet82004142019-09-10 10:12:03 +02007407 ctx = conn->xprt_ctx;
David Safb76832014-05-08 23:42:08 -04007408
7409 /* SSL_get_peer_certificate, it increase X509 * ref count */
Olivier Houchard66ab4982019-02-26 18:37:15 +01007410 crt = SSL_get_peer_certificate(ctx->ssl);
David Safb76832014-05-08 23:42:08 -04007411 if (!crt)
7412 goto out;
7413
7414 name = X509_get_subject_name(crt);
7415 if (!name)
7416 goto out;
David Safb76832014-05-08 23:42:08 -04007417
Emeric Brun0abf8362014-06-24 18:26:41 +02007418 result = ssl_sock_get_dn_entry(name, &find_cn_chunk, 1, dest);
7419out:
David Safb76832014-05-08 23:42:08 -04007420 if (crt)
7421 X509_free(crt);
7422
7423 return result;
7424}
7425
Dave McCowan328fb582014-07-30 10:39:13 -04007426/* returns 1 if client passed a certificate for this session, 0 if not */
7427int ssl_sock_get_cert_used_sess(struct connection *conn)
7428{
Christopher Faulet82004142019-09-10 10:12:03 +02007429 struct ssl_sock_ctx *ctx;
Dave McCowan328fb582014-07-30 10:39:13 -04007430 X509 *crt = NULL;
7431
7432 if (!ssl_sock_is_ssl(conn))
7433 return 0;
Christopher Faulet82004142019-09-10 10:12:03 +02007434 ctx = conn->xprt_ctx;
Dave McCowan328fb582014-07-30 10:39:13 -04007435
7436 /* SSL_get_peer_certificate, it increase X509 * ref count */
Olivier Houchard66ab4982019-02-26 18:37:15 +01007437 crt = SSL_get_peer_certificate(ctx->ssl);
Dave McCowan328fb582014-07-30 10:39:13 -04007438 if (!crt)
7439 return 0;
7440
7441 X509_free(crt);
7442 return 1;
7443}
7444
7445/* returns 1 if client passed a certificate for this connection, 0 if not */
7446int ssl_sock_get_cert_used_conn(struct connection *conn)
David Safb76832014-05-08 23:42:08 -04007447{
Christopher Faulet82004142019-09-10 10:12:03 +02007448 struct ssl_sock_ctx *ctx;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007449
David Safb76832014-05-08 23:42:08 -04007450 if (!ssl_sock_is_ssl(conn))
7451 return 0;
Christopher Faulet82004142019-09-10 10:12:03 +02007452 ctx = conn->xprt_ctx;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007453 return SSL_SOCK_ST_FL_VERIFY_DONE & ctx->xprt_st ? 1 : 0;
David Safb76832014-05-08 23:42:08 -04007454}
7455
7456/* returns result from SSL verify */
7457unsigned int ssl_sock_get_verify_result(struct connection *conn)
7458{
Christopher Faulet82004142019-09-10 10:12:03 +02007459 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007460
David Safb76832014-05-08 23:42:08 -04007461 if (!ssl_sock_is_ssl(conn))
7462 return (unsigned int)X509_V_ERR_APPLICATION_VERIFICATION;
Christopher Faulet82004142019-09-10 10:12:03 +02007463 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007464 return (unsigned int)SSL_get_verify_result(ctx->ssl);
David Safb76832014-05-08 23:42:08 -04007465}
7466
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007467/* Returns the application layer protocol name in <str> and <len> when known.
7468 * Zero is returned if the protocol name was not found, otherwise non-zero is
7469 * returned. The string is allocated in the SSL context and doesn't have to be
7470 * freed by the caller. NPN is also checked if available since older versions
7471 * of openssl (1.0.1) which are more common in field only support this one.
7472 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007473static int ssl_sock_get_alpn(const struct connection *conn, void *xprt_ctx, const char **str, int *len)
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007474{
Olivier Houchard66ab4982019-02-26 18:37:15 +01007475#if defined(TLSEXT_TYPE_application_layer_protocol_negotiation) || \
7476 defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007477 struct ssl_sock_ctx *ctx = xprt_ctx;
7478 if (!ctx)
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007479 return 0;
7480
7481 *str = NULL;
7482
7483#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Olivier Houchard66ab4982019-02-26 18:37:15 +01007484 SSL_get0_alpn_selected(ctx->ssl, (const unsigned char **)str, (unsigned *)len);
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007485 if (*str)
7486 return 1;
7487#endif
Bernard Spil13c53f82018-02-15 13:34:58 +01007488#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007489 SSL_get0_next_proto_negotiated(ctx->ssl, (const unsigned char **)str, (unsigned *)len);
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007490 if (*str)
7491 return 1;
7492#endif
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007493#endif
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007494 return 0;
7495}
7496
Willy Tarreau7875d092012-09-10 08:20:03 +02007497/***** Below are some sample fetching functions for ACL/patterns *****/
7498
Olivier Houchardccaa7de2017-10-02 11:51:03 +02007499static int
7500smp_fetch_ssl_fc_has_early(const struct arg *args, struct sample *smp, const char *kw, void *private)
7501{
7502 struct connection *conn;
7503
7504 conn = objt_conn(smp->sess->origin);
7505 if (!conn || conn->xprt != &ssl_sock)
7506 return 0;
7507
7508 smp->flags = 0;
7509 smp->data.type = SMP_T_BOOL;
Emmanuel Hocdetc9858012019-08-07 14:44:49 +02007510#ifdef OPENSSL_IS_BORINGSSL
7511 {
7512 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
7513 smp->data.u.sint = (SSL_in_early_data(ctx->ssl) &&
7514 SSL_early_data_accepted(ctx->ssl));
7515 }
7516#else
Olivier Houchard25ae45a2017-11-29 19:51:19 +01007517 smp->data.u.sint = ((conn->flags & CO_FL_EARLY_DATA) &&
Olivier Houchard220a26c2020-01-23 14:57:36 +01007518 (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_SSL_WAIT_HS))) ? 1 : 0;
Emmanuel Hocdetc9858012019-08-07 14:44:49 +02007519#endif
Olivier Houchardccaa7de2017-10-02 11:51:03 +02007520 return 1;
7521}
7522
Emeric Brune64aef12012-09-21 13:15:06 +02007523/* boolean, returns true if client cert was present */
7524static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007525smp_fetch_ssl_fc_has_crt(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brune64aef12012-09-21 13:15:06 +02007526{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007527 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007528 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007529
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007530 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007531 if (!conn || conn->xprt != &ssl_sock)
Emeric Brune64aef12012-09-21 13:15:06 +02007532 return 0;
7533
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007534 ctx = conn->xprt_ctx;
7535
Willy Tarreau911db9b2020-01-23 16:27:54 +01007536 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brune64aef12012-09-21 13:15:06 +02007537 smp->flags |= SMP_F_MAY_CHANGE;
7538 return 0;
7539 }
7540
7541 smp->flags = 0;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007542 smp->data.type = SMP_T_BOOL;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007543 smp->data.u.sint = SSL_SOCK_ST_FL_VERIFY_DONE & ctx->xprt_st ? 1 : 0;
Emeric Brune64aef12012-09-21 13:15:06 +02007544
7545 return 1;
7546}
7547
Emeric Brun43e79582014-10-29 19:03:26 +01007548/* binary, returns a certificate in a binary chunk (der/raw).
7549 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7550 * should be use.
7551 */
7552static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007553smp_fetch_ssl_x_der(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun43e79582014-10-29 19:03:26 +01007554{
7555 int cert_peer = (kw[4] == 'c') ? 1 : 0;
7556 X509 *crt = NULL;
7557 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007558 struct buffer *smp_trash;
Emeric Brun43e79582014-10-29 19:03:26 +01007559 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007560 struct ssl_sock_ctx *ctx;
Emeric Brun43e79582014-10-29 19:03:26 +01007561
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007562 conn = objt_conn(smp->sess->origin);
Emeric Brun43e79582014-10-29 19:03:26 +01007563 if (!conn || conn->xprt != &ssl_sock)
7564 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007565 ctx = conn->xprt_ctx;
Emeric Brun43e79582014-10-29 19:03:26 +01007566
Willy Tarreau911db9b2020-01-23 16:27:54 +01007567 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun43e79582014-10-29 19:03:26 +01007568 smp->flags |= SMP_F_MAY_CHANGE;
7569 return 0;
7570 }
7571
7572 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007573 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brun43e79582014-10-29 19:03:26 +01007574 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007575 crt = SSL_get_certificate(ctx->ssl);
Emeric Brun43e79582014-10-29 19:03:26 +01007576
7577 if (!crt)
7578 goto out;
7579
7580 smp_trash = get_trash_chunk();
7581 if (ssl_sock_crt2der(crt, smp_trash) <= 0)
7582 goto out;
7583
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007584 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007585 smp->data.type = SMP_T_BIN;
Emeric Brun43e79582014-10-29 19:03:26 +01007586 ret = 1;
7587out:
7588 /* SSL_get_peer_certificate, it increase X509 * ref count */
7589 if (cert_peer && crt)
7590 X509_free(crt);
7591 return ret;
7592}
7593
Emeric Brunba841a12014-04-30 17:05:08 +02007594/* binary, returns serial of certificate in a binary chunk.
7595 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7596 * should be use.
7597 */
Willy Tarreau8d598402012-10-22 17:58:39 +02007598static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007599smp_fetch_ssl_x_serial(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau8d598402012-10-22 17:58:39 +02007600{
Emeric Brunba841a12014-04-30 17:05:08 +02007601 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Willy Tarreau8d598402012-10-22 17:58:39 +02007602 X509 *crt = NULL;
7603 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007604 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007605 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007606 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007607
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007608 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007609 if (!conn || conn->xprt != &ssl_sock)
Willy Tarreau8d598402012-10-22 17:58:39 +02007610 return 0;
7611
Olivier Houchard66ab4982019-02-26 18:37:15 +01007612 ctx = conn->xprt_ctx;
7613
Willy Tarreau911db9b2020-01-23 16:27:54 +01007614 if (conn->flags & CO_FL_WAIT_XPRT) {
Willy Tarreau8d598402012-10-22 17:58:39 +02007615 smp->flags |= SMP_F_MAY_CHANGE;
7616 return 0;
7617 }
7618
Emeric Brunba841a12014-04-30 17:05:08 +02007619 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007620 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007621 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007622 crt = SSL_get_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007623
Willy Tarreau8d598402012-10-22 17:58:39 +02007624 if (!crt)
7625 goto out;
7626
Willy Tarreau47ca5452012-12-23 20:22:19 +01007627 smp_trash = get_trash_chunk();
Willy Tarreau8d598402012-10-22 17:58:39 +02007628 if (ssl_sock_get_serial(crt, smp_trash) <= 0)
7629 goto out;
7630
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007631 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007632 smp->data.type = SMP_T_BIN;
Willy Tarreau8d598402012-10-22 17:58:39 +02007633 ret = 1;
7634out:
Emeric Brunba841a12014-04-30 17:05:08 +02007635 /* SSL_get_peer_certificate, it increase X509 * ref count */
7636 if (cert_peer && crt)
Willy Tarreau8d598402012-10-22 17:58:39 +02007637 X509_free(crt);
7638 return ret;
7639}
Emeric Brune64aef12012-09-21 13:15:06 +02007640
Emeric Brunba841a12014-04-30 17:05:08 +02007641/* binary, returns the client certificate's SHA-1 fingerprint (SHA-1 hash of DER-encoded certificate) in a binary chunk.
7642 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7643 * should be use.
7644 */
James Votha051b4a2013-05-14 20:37:59 +02007645static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007646smp_fetch_ssl_x_sha1(const struct arg *args, struct sample *smp, const char *kw, void *private)
James Votha051b4a2013-05-14 20:37:59 +02007647{
Emeric Brunba841a12014-04-30 17:05:08 +02007648 int cert_peer = (kw[4] == 'c') ? 1 : 0;
James Votha051b4a2013-05-14 20:37:59 +02007649 X509 *crt = NULL;
7650 const EVP_MD *digest;
7651 int ret = 0;
Willy Tarreau105599c2020-02-25 08:59:23 +01007652 unsigned int len = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007653 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007654 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007655 struct ssl_sock_ctx *ctx;
James Votha051b4a2013-05-14 20:37:59 +02007656
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007657 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007658 if (!conn || conn->xprt != &ssl_sock)
7659 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007660 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007661
Willy Tarreau911db9b2020-01-23 16:27:54 +01007662 if (conn->flags & CO_FL_WAIT_XPRT) {
James Votha051b4a2013-05-14 20:37:59 +02007663 smp->flags |= SMP_F_MAY_CHANGE;
7664 return 0;
7665 }
7666
Emeric Brunba841a12014-04-30 17:05:08 +02007667 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007668 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007669 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007670 crt = SSL_get_certificate(ctx->ssl);
James Votha051b4a2013-05-14 20:37:59 +02007671 if (!crt)
7672 goto out;
7673
7674 smp_trash = get_trash_chunk();
7675 digest = EVP_sha1();
Willy Tarreau105599c2020-02-25 08:59:23 +01007676 X509_digest(crt, digest, (unsigned char *) smp_trash->area, &len);
7677 smp_trash->data = len;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007678 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007679 smp->data.type = SMP_T_BIN;
James Votha051b4a2013-05-14 20:37:59 +02007680 ret = 1;
7681out:
Emeric Brunba841a12014-04-30 17:05:08 +02007682 /* SSL_get_peer_certificate, it increase X509 * ref count */
7683 if (cert_peer && crt)
James Votha051b4a2013-05-14 20:37:59 +02007684 X509_free(crt);
7685 return ret;
7686}
7687
Emeric Brunba841a12014-04-30 17:05:08 +02007688/* string, returns certificate's notafter date in ASN1_UTCTIME format.
7689 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7690 * should be use.
7691 */
Emeric Brunce5ad802012-10-22 14:11:22 +02007692static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007693smp_fetch_ssl_x_notafter(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunce5ad802012-10-22 14:11:22 +02007694{
Emeric Brunba841a12014-04-30 17:05:08 +02007695 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brunce5ad802012-10-22 14:11:22 +02007696 X509 *crt = NULL;
7697 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007698 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007699 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007700 struct ssl_sock_ctx *ctx;
Emeric Brunce5ad802012-10-22 14:11:22 +02007701
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007702 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007703 if (!conn || conn->xprt != &ssl_sock)
7704 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007705 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007706
Willy Tarreau911db9b2020-01-23 16:27:54 +01007707 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunce5ad802012-10-22 14:11:22 +02007708 smp->flags |= SMP_F_MAY_CHANGE;
7709 return 0;
7710 }
7711
Emeric Brunba841a12014-04-30 17:05:08 +02007712 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007713 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007714 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007715 crt = SSL_get_certificate(ctx->ssl);
Emeric Brunce5ad802012-10-22 14:11:22 +02007716 if (!crt)
7717 goto out;
7718
Willy Tarreau47ca5452012-12-23 20:22:19 +01007719 smp_trash = get_trash_chunk();
Rosen Penev68185952018-12-14 08:47:02 -08007720 if (ssl_sock_get_time(X509_getm_notAfter(crt), smp_trash) <= 0)
Emeric Brunce5ad802012-10-22 14:11:22 +02007721 goto out;
7722
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007723 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007724 smp->data.type = SMP_T_STR;
Emeric Brunce5ad802012-10-22 14:11:22 +02007725 ret = 1;
7726out:
Emeric Brunba841a12014-04-30 17:05:08 +02007727 /* SSL_get_peer_certificate, it increase X509 * ref count */
7728 if (cert_peer && crt)
Emeric Brunce5ad802012-10-22 14:11:22 +02007729 X509_free(crt);
7730 return ret;
7731}
7732
Emeric Brunba841a12014-04-30 17:05:08 +02007733/* string, returns a string of a formatted full dn \C=..\O=..\OU=.. \CN=.. of certificate's issuer
7734 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7735 * should be use.
7736 */
Emeric Brun87855892012-10-17 17:39:35 +02007737static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007738smp_fetch_ssl_x_i_dn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun87855892012-10-17 17:39:35 +02007739{
Emeric Brunba841a12014-04-30 17:05:08 +02007740 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun87855892012-10-17 17:39:35 +02007741 X509 *crt = NULL;
7742 X509_NAME *name;
7743 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007744 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007745 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007746 struct ssl_sock_ctx *ctx;
Emeric Brun87855892012-10-17 17:39:35 +02007747
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007748 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007749 if (!conn || conn->xprt != &ssl_sock)
7750 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007751 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007752
Willy Tarreau911db9b2020-01-23 16:27:54 +01007753 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun87855892012-10-17 17:39:35 +02007754 smp->flags |= SMP_F_MAY_CHANGE;
7755 return 0;
7756 }
7757
Emeric Brunba841a12014-04-30 17:05:08 +02007758 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007759 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007760 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007761 crt = SSL_get_certificate(ctx->ssl);
Emeric Brun87855892012-10-17 17:39:35 +02007762 if (!crt)
7763 goto out;
7764
7765 name = X509_get_issuer_name(crt);
7766 if (!name)
7767 goto out;
7768
Willy Tarreau47ca5452012-12-23 20:22:19 +01007769 smp_trash = get_trash_chunk();
Elliot Otchet71f82972020-01-15 08:12:14 -05007770 if (args && args[0].type == ARGT_STR && args[0].data.str.data > 0) {
Emeric Brun87855892012-10-17 17:39:35 +02007771 int pos = 1;
7772
7773 if (args[1].type == ARGT_SINT)
7774 pos = args[1].data.sint;
Emeric Brun87855892012-10-17 17:39:35 +02007775
7776 if (ssl_sock_get_dn_entry(name, &args[0].data.str, pos, smp_trash) <= 0)
7777 goto out;
7778 }
Elliot Otchet71f82972020-01-15 08:12:14 -05007779 else if (args && args[2].type == ARGT_STR && args[2].data.str.data > 0) {
7780 if (ssl_sock_get_dn_formatted(name, &args[2].data.str, smp_trash) <= 0)
7781 goto out;
7782 }
Emeric Brun87855892012-10-17 17:39:35 +02007783 else if (ssl_sock_get_dn_oneline(name, smp_trash) <= 0)
7784 goto out;
7785
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007786 smp->data.type = SMP_T_STR;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007787 smp->data.u.str = *smp_trash;
Emeric Brun87855892012-10-17 17:39:35 +02007788 ret = 1;
7789out:
Emeric Brunba841a12014-04-30 17:05:08 +02007790 /* SSL_get_peer_certificate, it increase X509 * ref count */
7791 if (cert_peer && crt)
Emeric Brun87855892012-10-17 17:39:35 +02007792 X509_free(crt);
7793 return ret;
7794}
7795
Emeric Brunba841a12014-04-30 17:05:08 +02007796/* string, returns notbefore date in ASN1_UTCTIME format.
7797 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7798 * should be use.
7799 */
Emeric Brunce5ad802012-10-22 14:11:22 +02007800static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007801smp_fetch_ssl_x_notbefore(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunce5ad802012-10-22 14:11:22 +02007802{
Emeric Brunba841a12014-04-30 17:05:08 +02007803 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brunce5ad802012-10-22 14:11:22 +02007804 X509 *crt = NULL;
7805 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007806 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007807 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007808 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007809
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007810 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007811 if (!conn || conn->xprt != &ssl_sock)
Emeric Brunce5ad802012-10-22 14:11:22 +02007812 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007813 ctx = conn->xprt_ctx;
Emeric Brunce5ad802012-10-22 14:11:22 +02007814
Willy Tarreau911db9b2020-01-23 16:27:54 +01007815 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunce5ad802012-10-22 14:11:22 +02007816 smp->flags |= SMP_F_MAY_CHANGE;
7817 return 0;
7818 }
7819
Emeric Brunba841a12014-04-30 17:05:08 +02007820 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007821 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007822 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007823 crt = SSL_get_certificate(ctx->ssl);
Emeric Brunce5ad802012-10-22 14:11:22 +02007824 if (!crt)
7825 goto out;
7826
Willy Tarreau47ca5452012-12-23 20:22:19 +01007827 smp_trash = get_trash_chunk();
Rosen Penev68185952018-12-14 08:47:02 -08007828 if (ssl_sock_get_time(X509_getm_notBefore(crt), smp_trash) <= 0)
Emeric Brunce5ad802012-10-22 14:11:22 +02007829 goto out;
7830
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007831 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007832 smp->data.type = SMP_T_STR;
Emeric Brunce5ad802012-10-22 14:11:22 +02007833 ret = 1;
7834out:
Emeric Brunba841a12014-04-30 17:05:08 +02007835 /* SSL_get_peer_certificate, it increase X509 * ref count */
7836 if (cert_peer && crt)
Emeric Brunce5ad802012-10-22 14:11:22 +02007837 X509_free(crt);
7838 return ret;
7839}
7840
Emeric Brunba841a12014-04-30 17:05:08 +02007841/* string, returns a string of a formatted full dn \C=..\O=..\OU=.. \CN=.. of certificate's subject
7842 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7843 * should be use.
7844 */
Emeric Brun87855892012-10-17 17:39:35 +02007845static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007846smp_fetch_ssl_x_s_dn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun87855892012-10-17 17:39:35 +02007847{
Emeric Brunba841a12014-04-30 17:05:08 +02007848 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun87855892012-10-17 17:39:35 +02007849 X509 *crt = NULL;
7850 X509_NAME *name;
7851 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007852 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007853 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007854 struct ssl_sock_ctx *ctx;
Emeric Brun87855892012-10-17 17:39:35 +02007855
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007856 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007857 if (!conn || conn->xprt != &ssl_sock)
7858 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007859 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007860
Willy Tarreau911db9b2020-01-23 16:27:54 +01007861 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun87855892012-10-17 17:39:35 +02007862 smp->flags |= SMP_F_MAY_CHANGE;
7863 return 0;
7864 }
7865
Emeric Brunba841a12014-04-30 17:05:08 +02007866 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007867 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007868 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007869 crt = SSL_get_certificate(ctx->ssl);
Emeric Brun87855892012-10-17 17:39:35 +02007870 if (!crt)
7871 goto out;
7872
7873 name = X509_get_subject_name(crt);
7874 if (!name)
7875 goto out;
7876
Willy Tarreau47ca5452012-12-23 20:22:19 +01007877 smp_trash = get_trash_chunk();
Elliot Otchet71f82972020-01-15 08:12:14 -05007878 if (args && args[0].type == ARGT_STR && args[0].data.str.data > 0) {
Emeric Brun87855892012-10-17 17:39:35 +02007879 int pos = 1;
7880
7881 if (args[1].type == ARGT_SINT)
7882 pos = args[1].data.sint;
Emeric Brun87855892012-10-17 17:39:35 +02007883
7884 if (ssl_sock_get_dn_entry(name, &args[0].data.str, pos, smp_trash) <= 0)
7885 goto out;
7886 }
Elliot Otchet71f82972020-01-15 08:12:14 -05007887 else if (args && args[2].type == ARGT_STR && args[2].data.str.data > 0) {
7888 if (ssl_sock_get_dn_formatted(name, &args[2].data.str, smp_trash) <= 0)
7889 goto out;
7890 }
Emeric Brun87855892012-10-17 17:39:35 +02007891 else if (ssl_sock_get_dn_oneline(name, smp_trash) <= 0)
7892 goto out;
7893
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007894 smp->data.type = SMP_T_STR;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007895 smp->data.u.str = *smp_trash;
Emeric Brun87855892012-10-17 17:39:35 +02007896 ret = 1;
7897out:
Emeric Brunba841a12014-04-30 17:05:08 +02007898 /* SSL_get_peer_certificate, it increase X509 * ref count */
7899 if (cert_peer && crt)
Emeric Brun87855892012-10-17 17:39:35 +02007900 X509_free(crt);
7901 return ret;
7902}
Emeric Brun9143d372012-12-20 15:44:16 +01007903
7904/* integer, returns true if current session use a client certificate */
7905static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007906smp_fetch_ssl_c_used(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun9143d372012-12-20 15:44:16 +01007907{
7908 X509 *crt;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007909 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007910 struct ssl_sock_ctx *ctx;
Emeric Brun9143d372012-12-20 15:44:16 +01007911
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007912 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007913 if (!conn || conn->xprt != &ssl_sock)
7914 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007915 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007916
Willy Tarreau911db9b2020-01-23 16:27:54 +01007917 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun9143d372012-12-20 15:44:16 +01007918 smp->flags |= SMP_F_MAY_CHANGE;
7919 return 0;
7920 }
7921
7922 /* SSL_get_peer_certificate returns a ptr on allocated X509 struct */
Olivier Houchard66ab4982019-02-26 18:37:15 +01007923 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brun9143d372012-12-20 15:44:16 +01007924 if (crt) {
7925 X509_free(crt);
7926 }
7927
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007928 smp->data.type = SMP_T_BOOL;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007929 smp->data.u.sint = (crt != NULL);
Emeric Brun9143d372012-12-20 15:44:16 +01007930 return 1;
7931}
7932
Emeric Brunba841a12014-04-30 17:05:08 +02007933/* integer, returns the certificate version
7934 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7935 * should be use.
7936 */
Emeric Bruna7359fd2012-10-17 15:03:11 +02007937static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007938smp_fetch_ssl_x_version(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Bruna7359fd2012-10-17 15:03:11 +02007939{
Emeric Brunba841a12014-04-30 17:05:08 +02007940 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Bruna7359fd2012-10-17 15:03:11 +02007941 X509 *crt;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007942 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007943 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007944
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007945 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007946 if (!conn || conn->xprt != &ssl_sock)
Emeric Bruna7359fd2012-10-17 15:03:11 +02007947 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007948 ctx = conn->xprt_ctx;
Emeric Bruna7359fd2012-10-17 15:03:11 +02007949
Willy Tarreau911db9b2020-01-23 16:27:54 +01007950 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Bruna7359fd2012-10-17 15:03:11 +02007951 smp->flags |= SMP_F_MAY_CHANGE;
7952 return 0;
7953 }
7954
Emeric Brunba841a12014-04-30 17:05:08 +02007955 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007956 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007957 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007958 crt = SSL_get_certificate(ctx->ssl);
Emeric Bruna7359fd2012-10-17 15:03:11 +02007959 if (!crt)
7960 return 0;
7961
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007962 smp->data.u.sint = (unsigned int)(1 + X509_get_version(crt));
Emeric Brunba841a12014-04-30 17:05:08 +02007963 /* SSL_get_peer_certificate increase X509 * ref count */
7964 if (cert_peer)
7965 X509_free(crt);
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007966 smp->data.type = SMP_T_SINT;
Emeric Bruna7359fd2012-10-17 15:03:11 +02007967
7968 return 1;
7969}
7970
Emeric Brunba841a12014-04-30 17:05:08 +02007971/* string, returns the certificate's signature algorithm.
7972 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7973 * should be use.
7974 */
Emeric Brun7f56e742012-10-19 18:15:40 +02007975static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007976smp_fetch_ssl_x_sig_alg(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun7f56e742012-10-19 18:15:40 +02007977{
Emeric Brunba841a12014-04-30 17:05:08 +02007978 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun7f56e742012-10-19 18:15:40 +02007979 X509 *crt;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007980 __OPENSSL_110_CONST__ ASN1_OBJECT *algorithm;
Emeric Brun7f56e742012-10-19 18:15:40 +02007981 int nid;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007982 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007983 struct ssl_sock_ctx *ctx;
Emeric Brun7f56e742012-10-19 18:15:40 +02007984
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007985 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007986 if (!conn || conn->xprt != &ssl_sock)
7987 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007988 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007989
Willy Tarreau911db9b2020-01-23 16:27:54 +01007990 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun7f56e742012-10-19 18:15:40 +02007991 smp->flags |= SMP_F_MAY_CHANGE;
7992 return 0;
7993 }
7994
Emeric Brunba841a12014-04-30 17:05:08 +02007995 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007996 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007997 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007998 crt = SSL_get_certificate(ctx->ssl);
Emeric Brun7f56e742012-10-19 18:15:40 +02007999 if (!crt)
8000 return 0;
8001
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02008002 X509_ALGOR_get0(&algorithm, NULL, NULL, X509_get0_tbs_sigalg(crt));
8003 nid = OBJ_obj2nid(algorithm);
Emeric Brun7f56e742012-10-19 18:15:40 +02008004
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008005 smp->data.u.str.area = (char *)OBJ_nid2sn(nid);
8006 if (!smp->data.u.str.area) {
Emeric Brunba841a12014-04-30 17:05:08 +02008007 /* SSL_get_peer_certificate increase X509 * ref count */
8008 if (cert_peer)
8009 X509_free(crt);
Emeric Brun7f56e742012-10-19 18:15:40 +02008010 return 0;
Emeric Brun9bf3ba22013-10-07 14:31:44 +02008011 }
Emeric Brun7f56e742012-10-19 18:15:40 +02008012
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008013 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008014 smp->flags |= SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008015 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brunba841a12014-04-30 17:05:08 +02008016 /* SSL_get_peer_certificate increase X509 * ref count */
8017 if (cert_peer)
8018 X509_free(crt);
Emeric Brun7f56e742012-10-19 18:15:40 +02008019
8020 return 1;
8021}
8022
Emeric Brunba841a12014-04-30 17:05:08 +02008023/* string, returns the certificate's key algorithm.
8024 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
8025 * should be use.
8026 */
Emeric Brun521a0112012-10-22 12:22:55 +02008027static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008028smp_fetch_ssl_x_key_alg(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun521a0112012-10-22 12:22:55 +02008029{
Emeric Brunba841a12014-04-30 17:05:08 +02008030 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun521a0112012-10-22 12:22:55 +02008031 X509 *crt;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02008032 ASN1_OBJECT *algorithm;
Emeric Brun521a0112012-10-22 12:22:55 +02008033 int nid;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008034 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008035 struct ssl_sock_ctx *ctx;
Emeric Brun521a0112012-10-22 12:22:55 +02008036
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008037 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008038 if (!conn || conn->xprt != &ssl_sock)
8039 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008040 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008041
Willy Tarreau911db9b2020-01-23 16:27:54 +01008042 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun521a0112012-10-22 12:22:55 +02008043 smp->flags |= SMP_F_MAY_CHANGE;
8044 return 0;
8045 }
8046
Emeric Brunba841a12014-04-30 17:05:08 +02008047 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01008048 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02008049 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01008050 crt = SSL_get_certificate(ctx->ssl);
Emeric Brun521a0112012-10-22 12:22:55 +02008051 if (!crt)
8052 return 0;
8053
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02008054 X509_PUBKEY_get0_param(&algorithm, NULL, NULL, NULL, X509_get_X509_PUBKEY(crt));
8055 nid = OBJ_obj2nid(algorithm);
Emeric Brun521a0112012-10-22 12:22:55 +02008056
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008057 smp->data.u.str.area = (char *)OBJ_nid2sn(nid);
8058 if (!smp->data.u.str.area) {
Emeric Brunba841a12014-04-30 17:05:08 +02008059 /* SSL_get_peer_certificate increase X509 * ref count */
8060 if (cert_peer)
8061 X509_free(crt);
Emeric Brun521a0112012-10-22 12:22:55 +02008062 return 0;
Emeric Brun9bf3ba22013-10-07 14:31:44 +02008063 }
Emeric Brun521a0112012-10-22 12:22:55 +02008064
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008065 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008066 smp->flags |= SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008067 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brunba841a12014-04-30 17:05:08 +02008068 if (cert_peer)
8069 X509_free(crt);
Emeric Brun521a0112012-10-22 12:22:55 +02008070
8071 return 1;
8072}
8073
Emeric Brun645ae792014-04-30 14:21:06 +02008074/* boolean, returns true if front conn. transport layer is SSL.
8075 * This function is also usable on backend conn if the fetch keyword 5th
8076 * char is 'b'.
8077 */
Willy Tarreau7875d092012-09-10 08:20:03 +02008078static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008079smp_fetch_ssl_fc(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau7875d092012-09-10 08:20:03 +02008080{
Emeric Bruneb8def92018-02-19 15:59:48 +01008081 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8082 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008083
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008084 smp->data.type = SMP_T_BOOL;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008085 smp->data.u.sint = (conn && conn->xprt == &ssl_sock);
Willy Tarreau7875d092012-09-10 08:20:03 +02008086 return 1;
8087}
8088
Emeric Brun2525b6b2012-10-18 15:59:43 +02008089/* boolean, returns true if client present a SNI */
Willy Tarreau7875d092012-09-10 08:20:03 +02008090static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008091smp_fetch_ssl_fc_has_sni(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau7875d092012-09-10 08:20:03 +02008092{
8093#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008094 struct connection *conn = objt_conn(smp->sess->origin);
Olivier Houchard66ab4982019-02-26 18:37:15 +01008095 struct ssl_sock_ctx *ctx = conn ? conn->xprt_ctx : NULL;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008096
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008097 smp->data.type = SMP_T_BOOL;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008098 smp->data.u.sint = (conn && conn->xprt == &ssl_sock) &&
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008099 conn->xprt_ctx &&
Olivier Houchard66ab4982019-02-26 18:37:15 +01008100 SSL_get_servername(ctx->ssl, TLSEXT_NAMETYPE_host_name) != NULL;
Willy Tarreau7875d092012-09-10 08:20:03 +02008101 return 1;
8102#else
8103 return 0;
8104#endif
8105}
8106
Emeric Brun74f7ffa2018-02-19 16:14:12 +01008107/* boolean, returns true if client session has been resumed.
8108 * This function is also usable on backend conn if the fetch keyword 5th
8109 * char is 'b'.
8110 */
Nenad Merdanovic26ea8222015-05-18 02:28:57 +02008111static int
8112smp_fetch_ssl_fc_is_resumed(const struct arg *args, struct sample *smp, const char *kw, void *private)
8113{
Emeric Brun74f7ffa2018-02-19 16:14:12 +01008114 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8115 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008116 struct ssl_sock_ctx *ctx = conn ? conn->xprt_ctx : NULL;
Emeric Brun74f7ffa2018-02-19 16:14:12 +01008117
Nenad Merdanovic26ea8222015-05-18 02:28:57 +02008118
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008119 smp->data.type = SMP_T_BOOL;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008120 smp->data.u.sint = (conn && conn->xprt == &ssl_sock) &&
Nenad Merdanovic26ea8222015-05-18 02:28:57 +02008121 conn->xprt_ctx &&
Olivier Houchard66ab4982019-02-26 18:37:15 +01008122 SSL_session_reused(ctx->ssl);
Nenad Merdanovic26ea8222015-05-18 02:28:57 +02008123 return 1;
8124}
8125
Emeric Brun645ae792014-04-30 14:21:06 +02008126/* string, returns the used cipher if front conn. transport layer is SSL.
8127 * This function is also usable on backend conn if the fetch keyword 5th
8128 * char is 'b'.
8129 */
Emeric Brun589fcad2012-10-16 14:13:26 +02008130static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008131smp_fetch_ssl_fc_cipher(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02008132{
Emeric Bruneb8def92018-02-19 15:59:48 +01008133 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8134 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008135 struct ssl_sock_ctx *ctx;
Emeric Brun589fcad2012-10-16 14:13:26 +02008136
Willy Tarreaube508f12016-03-10 11:47:01 +01008137 smp->flags = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008138 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
Emeric Brun589fcad2012-10-16 14:13:26 +02008139 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008140 ctx = conn->xprt_ctx;
Emeric Brun589fcad2012-10-16 14:13:26 +02008141
Olivier Houchard66ab4982019-02-26 18:37:15 +01008142 smp->data.u.str.area = (char *)SSL_get_cipher_name(ctx->ssl);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008143 if (!smp->data.u.str.area)
Emeric Brun589fcad2012-10-16 14:13:26 +02008144 return 0;
8145
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008146 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008147 smp->flags |= SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008148 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brun589fcad2012-10-16 14:13:26 +02008149
8150 return 1;
8151}
8152
Emeric Brun645ae792014-04-30 14:21:06 +02008153/* integer, returns the algoritm's keysize if front conn. transport layer
8154 * is SSL.
8155 * This function is also usable on backend conn if the fetch keyword 5th
8156 * char is 'b'.
8157 */
Emeric Brun589fcad2012-10-16 14:13:26 +02008158static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008159smp_fetch_ssl_fc_alg_keysize(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02008160{
Emeric Bruneb8def92018-02-19 15:59:48 +01008161 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8162 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008163 struct ssl_sock_ctx *ctx;
Willy Tarreaue237fe12016-03-10 17:05:28 +01008164 int sint;
Willy Tarreaube508f12016-03-10 11:47:01 +01008165
Emeric Brun589fcad2012-10-16 14:13:26 +02008166 smp->flags = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008167 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
Emeric Brun589fcad2012-10-16 14:13:26 +02008168 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008169 ctx = conn->xprt_ctx;
Emeric Brun589fcad2012-10-16 14:13:26 +02008170
Olivier Houchard66ab4982019-02-26 18:37:15 +01008171 if (!SSL_get_cipher_bits(ctx->ssl, &sint))
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008172 return 0;
8173
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008174 smp->data.u.sint = sint;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008175 smp->data.type = SMP_T_SINT;
Emeric Brun589fcad2012-10-16 14:13:26 +02008176
8177 return 1;
8178}
8179
Emeric Brun645ae792014-04-30 14:21:06 +02008180/* integer, returns the used keysize if front conn. transport layer is SSL.
8181 * This function is also usable on backend conn if the fetch keyword 5th
8182 * char is 'b'.
8183 */
Emeric Brun589fcad2012-10-16 14:13:26 +02008184static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008185smp_fetch_ssl_fc_use_keysize(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02008186{
Emeric Bruneb8def92018-02-19 15:59:48 +01008187 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8188 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008189 struct ssl_sock_ctx *ctx;
Willy Tarreaube508f12016-03-10 11:47:01 +01008190
Emeric Brun589fcad2012-10-16 14:13:26 +02008191 smp->flags = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008192 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8193 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008194 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008195
Olivier Houchard66ab4982019-02-26 18:37:15 +01008196 smp->data.u.sint = (unsigned int)SSL_get_cipher_bits(ctx->ssl, NULL);
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008197 if (!smp->data.u.sint)
Emeric Brun589fcad2012-10-16 14:13:26 +02008198 return 0;
8199
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008200 smp->data.type = SMP_T_SINT;
Emeric Brun589fcad2012-10-16 14:13:26 +02008201
8202 return 1;
8203}
8204
Bernard Spil13c53f82018-02-15 13:34:58 +01008205#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Willy Tarreau7875d092012-09-10 08:20:03 +02008206static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008207smp_fetch_ssl_fc_npn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreaua33c6542012-10-15 13:19:06 +02008208{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008209 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008210 struct ssl_sock_ctx *ctx;
Willy Tarreau105599c2020-02-25 08:59:23 +01008211 unsigned int len = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008212
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008213 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008214 smp->data.type = SMP_T_STR;
Willy Tarreaua33c6542012-10-15 13:19:06 +02008215
Olivier Houchard6b77f492018-11-22 18:18:29 +01008216 conn = (kw[4] != 'b' ) ? objt_conn(smp->sess->origin) :
8217 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008218 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8219 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008220 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008221
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008222 smp->data.u.str.area = NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008223 SSL_get0_next_proto_negotiated(ctx->ssl,
Willy Tarreau105599c2020-02-25 08:59:23 +01008224 (const unsigned char **)&smp->data.u.str.area,
8225 &len);
Willy Tarreaua33c6542012-10-15 13:19:06 +02008226
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008227 if (!smp->data.u.str.area)
Willy Tarreaua33c6542012-10-15 13:19:06 +02008228 return 0;
8229
Willy Tarreau105599c2020-02-25 08:59:23 +01008230 smp->data.u.str.data = len;
Willy Tarreaua33c6542012-10-15 13:19:06 +02008231 return 1;
Willy Tarreaua33c6542012-10-15 13:19:06 +02008232}
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02008233#endif
Willy Tarreaua33c6542012-10-15 13:19:06 +02008234
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01008235#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Willy Tarreauab861d32013-04-02 02:30:41 +02008236static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008237smp_fetch_ssl_fc_alpn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreauab861d32013-04-02 02:30:41 +02008238{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008239 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008240 struct ssl_sock_ctx *ctx;
Willy Tarreau105599c2020-02-25 08:59:23 +01008241 unsigned int len = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008242
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008243 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008244 smp->data.type = SMP_T_STR;
Willy Tarreauab861d32013-04-02 02:30:41 +02008245
Olivier Houchard6b77f492018-11-22 18:18:29 +01008246 conn = (kw[4] != 'b' ) ? objt_conn(smp->sess->origin) :
8247 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
8248
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008249 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
Willy Tarreauab861d32013-04-02 02:30:41 +02008250 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008251 ctx = conn->xprt_ctx;
Willy Tarreauab861d32013-04-02 02:30:41 +02008252
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008253 smp->data.u.str.area = NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008254 SSL_get0_alpn_selected(ctx->ssl,
Willy Tarreau105599c2020-02-25 08:59:23 +01008255 (const unsigned char **)&smp->data.u.str.area,
8256 &len);
Willy Tarreauab861d32013-04-02 02:30:41 +02008257
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008258 if (!smp->data.u.str.area)
Willy Tarreauab861d32013-04-02 02:30:41 +02008259 return 0;
8260
Willy Tarreau105599c2020-02-25 08:59:23 +01008261 smp->data.u.str.data = len;
Willy Tarreauab861d32013-04-02 02:30:41 +02008262 return 1;
8263}
8264#endif
8265
Emeric Brun645ae792014-04-30 14:21:06 +02008266/* string, returns the used protocol if front conn. transport layer is SSL.
8267 * This function is also usable on backend conn if the fetch keyword 5th
8268 * char is 'b'.
8269 */
Willy Tarreaua33c6542012-10-15 13:19:06 +02008270static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008271smp_fetch_ssl_fc_protocol(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02008272{
Emeric Bruneb8def92018-02-19 15:59:48 +01008273 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8274 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008275 struct ssl_sock_ctx *ctx;
Willy Tarreaube508f12016-03-10 11:47:01 +01008276
Emeric Brun589fcad2012-10-16 14:13:26 +02008277 smp->flags = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008278 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8279 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008280 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008281
Olivier Houchard66ab4982019-02-26 18:37:15 +01008282 smp->data.u.str.area = (char *)SSL_get_version(ctx->ssl);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008283 if (!smp->data.u.str.area)
Emeric Brun589fcad2012-10-16 14:13:26 +02008284 return 0;
8285
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008286 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008287 smp->flags = SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008288 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brun589fcad2012-10-16 14:13:26 +02008289
8290 return 1;
8291}
8292
Willy Tarreau87b09662015-04-03 00:22:06 +02008293/* binary, returns the SSL stream id if front conn. transport layer is SSL.
Emeric Brun645ae792014-04-30 14:21:06 +02008294 * This function is also usable on backend conn if the fetch keyword 5th
8295 * char is 'b'.
8296 */
Willy Tarreau9a1ab082019-05-09 13:26:41 +02008297#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Emeric Brun589fcad2012-10-16 14:13:26 +02008298static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008299smp_fetch_ssl_fc_session_id(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunfe68f682012-10-16 14:59:28 +02008300{
Emeric Bruneb8def92018-02-19 15:59:48 +01008301 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8302 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Willy Tarreaue237fe12016-03-10 17:05:28 +01008303 SSL_SESSION *ssl_sess;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008304 struct ssl_sock_ctx *ctx;
Willy Tarreau105599c2020-02-25 08:59:23 +01008305 unsigned int len = 0;
Willy Tarreaube508f12016-03-10 11:47:01 +01008306
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008307 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008308 smp->data.type = SMP_T_BIN;
Emeric Brunfe68f682012-10-16 14:59:28 +02008309
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008310 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8311 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008312 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008313
Olivier Houchard66ab4982019-02-26 18:37:15 +01008314 ssl_sess = SSL_get_session(ctx->ssl);
Willy Tarreau192252e2015-04-04 01:47:55 +02008315 if (!ssl_sess)
Emeric Brunfe68f682012-10-16 14:59:28 +02008316 return 0;
8317
Willy Tarreau105599c2020-02-25 08:59:23 +01008318 smp->data.u.str.area = (char *)SSL_SESSION_get_id(ssl_sess, &len);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008319 if (!smp->data.u.str.area || !smp->data.u.str.data)
Emeric Brunfe68f682012-10-16 14:59:28 +02008320 return 0;
8321
Willy Tarreau105599c2020-02-25 08:59:23 +01008322 smp->data.u.str.data = len;
Emeric Brunfe68f682012-10-16 14:59:28 +02008323 return 1;
Emeric Brunfe68f682012-10-16 14:59:28 +02008324}
Patrick Hemmer41966772018-04-28 19:15:48 -04008325#endif
8326
Emeric Brunfe68f682012-10-16 14:59:28 +02008327
Emmanuel Hocdet839af572019-05-14 16:27:35 +02008328#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
Patrick Hemmere0275472018-04-28 19:15:51 -04008329static int
Patrick Hemmer65674662019-06-04 08:13:03 -04008330smp_fetch_ssl_fc_random(const struct arg *args, struct sample *smp, const char *kw, void *private)
8331{
8332 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8333 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
8334 struct buffer *data;
8335 struct ssl_sock_ctx *ctx;
8336
8337 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8338 return 0;
8339 ctx = conn->xprt_ctx;
8340
8341 data = get_trash_chunk();
8342 if (kw[7] == 'c')
8343 data->data = SSL_get_client_random(ctx->ssl,
8344 (unsigned char *) data->area,
8345 data->size);
8346 else
8347 data->data = SSL_get_server_random(ctx->ssl,
8348 (unsigned char *) data->area,
8349 data->size);
8350 if (!data->data)
8351 return 0;
8352
8353 smp->flags = 0;
8354 smp->data.type = SMP_T_BIN;
8355 smp->data.u.str = *data;
8356
8357 return 1;
8358}
8359
8360static int
Patrick Hemmere0275472018-04-28 19:15:51 -04008361smp_fetch_ssl_fc_session_key(const struct arg *args, struct sample *smp, const char *kw, void *private)
8362{
8363 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8364 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
8365 SSL_SESSION *ssl_sess;
Willy Tarreau83061a82018-07-13 11:56:34 +02008366 struct buffer *data;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008367 struct ssl_sock_ctx *ctx;
Patrick Hemmere0275472018-04-28 19:15:51 -04008368
8369 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8370 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008371 ctx = conn->xprt_ctx;
Patrick Hemmere0275472018-04-28 19:15:51 -04008372
Olivier Houchard66ab4982019-02-26 18:37:15 +01008373 ssl_sess = SSL_get_session(ctx->ssl);
Patrick Hemmere0275472018-04-28 19:15:51 -04008374 if (!ssl_sess)
8375 return 0;
8376
8377 data = get_trash_chunk();
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008378 data->data = SSL_SESSION_get_master_key(ssl_sess,
8379 (unsigned char *) data->area,
8380 data->size);
8381 if (!data->data)
Patrick Hemmere0275472018-04-28 19:15:51 -04008382 return 0;
8383
8384 smp->flags = 0;
8385 smp->data.type = SMP_T_BIN;
8386 smp->data.u.str = *data;
8387
8388 return 1;
8389}
8390#endif
8391
Patrick Hemmer41966772018-04-28 19:15:48 -04008392#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Emeric Brunfe68f682012-10-16 14:59:28 +02008393static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008394smp_fetch_ssl_fc_sni(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau7875d092012-09-10 08:20:03 +02008395{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008396 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008397 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008398
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008399 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008400 smp->data.type = SMP_T_STR;
Willy Tarreau7875d092012-09-10 08:20:03 +02008401
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008402 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008403 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8404 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008405 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008406
Olivier Houchard66ab4982019-02-26 18:37:15 +01008407 smp->data.u.str.area = (char *)SSL_get_servername(ctx->ssl, TLSEXT_NAMETYPE_host_name);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008408 if (!smp->data.u.str.area)
Willy Tarreau3e394c92012-09-14 23:56:58 +02008409 return 0;
8410
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008411 smp->data.u.str.data = strlen(smp->data.u.str.area);
Willy Tarreau7875d092012-09-10 08:20:03 +02008412 return 1;
Willy Tarreau7875d092012-09-10 08:20:03 +02008413}
Patrick Hemmer41966772018-04-28 19:15:48 -04008414#endif
Willy Tarreau7875d092012-09-10 08:20:03 +02008415
David Sc1ad52e2014-04-08 18:48:47 -04008416static int
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008417smp_fetch_ssl_fc_cl_bin(const struct arg *args, struct sample *smp, const char *kw, void *private)
8418{
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008419 struct connection *conn;
8420 struct ssl_capture *capture;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008421 struct ssl_sock_ctx *ctx;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008422
8423 conn = objt_conn(smp->sess->origin);
8424 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8425 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008426 ctx = conn->xprt_ctx;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008427
Olivier Houchard66ab4982019-02-26 18:37:15 +01008428 capture = SSL_get_ex_data(ctx->ssl, ssl_capture_ptr_index);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008429 if (!capture)
8430 return 0;
8431
8432 smp->flags = SMP_F_CONST;
8433 smp->data.type = SMP_T_BIN;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008434 smp->data.u.str.area = capture->ciphersuite;
8435 smp->data.u.str.data = capture->ciphersuite_len;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008436 return 1;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008437}
8438
8439static int
8440smp_fetch_ssl_fc_cl_hex(const struct arg *args, struct sample *smp, const char *kw, void *private)
8441{
Willy Tarreau83061a82018-07-13 11:56:34 +02008442 struct buffer *data;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008443
8444 if (!smp_fetch_ssl_fc_cl_bin(args, smp, kw, private))
8445 return 0;
8446
8447 data = get_trash_chunk();
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008448 dump_binary(data, smp->data.u.str.area, smp->data.u.str.data);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008449 smp->data.type = SMP_T_BIN;
8450 smp->data.u.str = *data;
8451 return 1;
8452}
8453
8454static int
8455smp_fetch_ssl_fc_cl_xxh64(const struct arg *args, struct sample *smp, const char *kw, void *private)
8456{
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008457 struct connection *conn;
8458 struct ssl_capture *capture;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008459 struct ssl_sock_ctx *ctx;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008460
8461 conn = objt_conn(smp->sess->origin);
8462 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8463 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008464 ctx = conn->xprt_ctx;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008465
Olivier Houchard66ab4982019-02-26 18:37:15 +01008466 capture = SSL_get_ex_data(ctx->ssl, ssl_capture_ptr_index);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008467 if (!capture)
8468 return 0;
8469
8470 smp->data.type = SMP_T_SINT;
8471 smp->data.u.sint = capture->xxh64;
8472 return 1;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008473}
8474
8475static int
8476smp_fetch_ssl_fc_cl_str(const struct arg *args, struct sample *smp, const char *kw, void *private)
8477{
Willy Tarreau5db847a2019-05-09 14:13:35 +02008478#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL)
Willy Tarreau83061a82018-07-13 11:56:34 +02008479 struct buffer *data;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008480 int i;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008481
8482 if (!smp_fetch_ssl_fc_cl_bin(args, smp, kw, private))
8483 return 0;
8484
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008485 data = get_trash_chunk();
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008486 for (i = 0; i + 1 < smp->data.u.str.data; i += 2) {
Emmanuel Hocdetddcde192017-09-01 17:32:08 +02008487 const char *str;
8488 const SSL_CIPHER *cipher;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008489 const unsigned char *bin = (const unsigned char *) smp->data.u.str.area + i;
Emmanuel Hocdetddcde192017-09-01 17:32:08 +02008490 uint16_t id = (bin[0] << 8) | bin[1];
8491#if defined(OPENSSL_IS_BORINGSSL)
8492 cipher = SSL_get_cipher_by_value(id);
8493#else
Willy Tarreaub7290772018-10-15 11:01:59 +02008494 struct connection *conn = __objt_conn(smp->sess->origin);
Olivier Houchard66ab4982019-02-26 18:37:15 +01008495 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
8496 cipher = SSL_CIPHER_find(ctx->ssl, bin);
Emmanuel Hocdetddcde192017-09-01 17:32:08 +02008497#endif
8498 str = SSL_CIPHER_get_name(cipher);
8499 if (!str || strcmp(str, "(NONE)") == 0)
8500 chunk_appendf(data, "%sUNKNOWN(%04x)", i == 0 ? "" : ",", id);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008501 else
8502 chunk_appendf(data, "%s%s", i == 0 ? "" : ",", str);
8503 }
8504 smp->data.type = SMP_T_STR;
8505 smp->data.u.str = *data;
8506 return 1;
8507#else
8508 return smp_fetch_ssl_fc_cl_xxh64(args, smp, kw, private);
8509#endif
8510}
8511
Willy Tarreau9a1ab082019-05-09 13:26:41 +02008512#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008513static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008514smp_fetch_ssl_fc_unique_id(const struct arg *args, struct sample *smp, const char *kw, void *private)
David Sc1ad52e2014-04-08 18:48:47 -04008515{
Emeric Bruneb8def92018-02-19 15:59:48 +01008516 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8517 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
David Sc1ad52e2014-04-08 18:48:47 -04008518 int finished_len;
Willy Tarreau83061a82018-07-13 11:56:34 +02008519 struct buffer *finished_trash;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008520 struct ssl_sock_ctx *ctx;
David Sc1ad52e2014-04-08 18:48:47 -04008521
8522 smp->flags = 0;
David Sc1ad52e2014-04-08 18:48:47 -04008523 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8524 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008525 ctx = conn->xprt_ctx;
David Sc1ad52e2014-04-08 18:48:47 -04008526
Willy Tarreau911db9b2020-01-23 16:27:54 +01008527 if (conn->flags & CO_FL_WAIT_XPRT) {
David Sc1ad52e2014-04-08 18:48:47 -04008528 smp->flags |= SMP_F_MAY_CHANGE;
8529 return 0;
8530 }
8531
8532 finished_trash = get_trash_chunk();
Olivier Houchard66ab4982019-02-26 18:37:15 +01008533 if (!SSL_session_reused(ctx->ssl))
8534 finished_len = SSL_get_peer_finished(ctx->ssl,
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008535 finished_trash->area,
8536 finished_trash->size);
David Sc1ad52e2014-04-08 18:48:47 -04008537 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01008538 finished_len = SSL_get_finished(ctx->ssl,
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008539 finished_trash->area,
8540 finished_trash->size);
David Sc1ad52e2014-04-08 18:48:47 -04008541
8542 if (!finished_len)
8543 return 0;
8544
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008545 finished_trash->data = finished_len;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008546 smp->data.u.str = *finished_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008547 smp->data.type = SMP_T_BIN;
David Sc1ad52e2014-04-08 18:48:47 -04008548
8549 return 1;
David Sc1ad52e2014-04-08 18:48:47 -04008550}
Patrick Hemmer41966772018-04-28 19:15:48 -04008551#endif
David Sc1ad52e2014-04-08 18:48:47 -04008552
Emeric Brun2525b6b2012-10-18 15:59:43 +02008553/* integer, returns the first verify error in CA chain of client certificate chain. */
Emeric Brunf282a812012-09-21 15:27:54 +02008554static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008555smp_fetch_ssl_c_ca_err(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunf282a812012-09-21 15:27:54 +02008556{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008557 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008558 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008559
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008560 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008561 if (!conn || conn->xprt != &ssl_sock)
8562 return 0;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008563 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008564
Willy Tarreau911db9b2020-01-23 16:27:54 +01008565 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunf282a812012-09-21 15:27:54 +02008566 smp->flags = SMP_F_MAY_CHANGE;
8567 return 0;
8568 }
8569
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008570 smp->data.type = SMP_T_SINT;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008571 smp->data.u.sint = (unsigned long long int)SSL_SOCK_ST_TO_CA_ERROR(ctx->xprt_st);
Emeric Brunf282a812012-09-21 15:27:54 +02008572 smp->flags = 0;
8573
8574 return 1;
8575}
8576
Emeric Brun2525b6b2012-10-18 15:59:43 +02008577/* integer, returns the depth of the first verify error in CA chain of client certificate chain. */
Emeric Brunf282a812012-09-21 15:27:54 +02008578static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008579smp_fetch_ssl_c_ca_err_depth(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunf282a812012-09-21 15:27:54 +02008580{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008581 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008582 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008583
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008584 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008585 if (!conn || conn->xprt != &ssl_sock)
Emeric Brunf282a812012-09-21 15:27:54 +02008586 return 0;
8587
Willy Tarreau911db9b2020-01-23 16:27:54 +01008588 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunf282a812012-09-21 15:27:54 +02008589 smp->flags = SMP_F_MAY_CHANGE;
8590 return 0;
8591 }
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008592 ctx = conn->xprt_ctx;
Emeric Brunf282a812012-09-21 15:27:54 +02008593
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008594 smp->data.type = SMP_T_SINT;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008595 smp->data.u.sint = (long long int)SSL_SOCK_ST_TO_CAEDEPTH(ctx->xprt_st);
Emeric Brunf282a812012-09-21 15:27:54 +02008596 smp->flags = 0;
8597
8598 return 1;
8599}
8600
Emeric Brun2525b6b2012-10-18 15:59:43 +02008601/* integer, returns the first verify error on client certificate */
Emeric Brunf282a812012-09-21 15:27:54 +02008602static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008603smp_fetch_ssl_c_err(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunf282a812012-09-21 15:27:54 +02008604{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008605 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008606 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008607
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008608 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008609 if (!conn || conn->xprt != &ssl_sock)
8610 return 0;
8611
Willy Tarreau911db9b2020-01-23 16:27:54 +01008612 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunf282a812012-09-21 15:27:54 +02008613 smp->flags = SMP_F_MAY_CHANGE;
8614 return 0;
8615 }
8616
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008617 ctx = conn->xprt_ctx;
8618
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008619 smp->data.type = SMP_T_SINT;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008620 smp->data.u.sint = (long long int)SSL_SOCK_ST_TO_CRTERROR(ctx->xprt_st);
Emeric Brunf282a812012-09-21 15:27:54 +02008621 smp->flags = 0;
8622
8623 return 1;
8624}
8625
Emeric Brun2525b6b2012-10-18 15:59:43 +02008626/* integer, returns the verify result on client cert */
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02008627static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008628smp_fetch_ssl_c_verify(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02008629{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008630 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008631 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008632
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008633 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008634 if (!conn || conn->xprt != &ssl_sock)
8635 return 0;
8636
Willy Tarreau911db9b2020-01-23 16:27:54 +01008637 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02008638 smp->flags = SMP_F_MAY_CHANGE;
8639 return 0;
8640 }
8641
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008642 if (!conn->xprt_ctx)
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02008643 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008644 ctx = conn->xprt_ctx;
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02008645
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008646 smp->data.type = SMP_T_SINT;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008647 smp->data.u.sint = (long long int)SSL_get_verify_result(ctx->ssl);
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02008648 smp->flags = 0;
8649
8650 return 1;
8651}
8652
Emeric Brunfb510ea2012-10-05 12:00:26 +02008653/* parse the "ca-file" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008654static int ssl_bind_parse_ca_file(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Emeric Brund94b3fe2012-09-20 18:23:56 +02008655{
8656 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008657 memprintf(err, "'%s' : missing CAfile path", args[cur_arg]);
Emeric Brund94b3fe2012-09-20 18:23:56 +02008658 return ERR_ALERT | ERR_FATAL;
8659 }
8660
Willy Tarreauef934602016-12-22 23:12:01 +01008661 if ((*args[cur_arg + 1] != '/') && global_ssl.ca_base)
8662 memprintf(&conf->ca_file, "%s/%s", global_ssl.ca_base, args[cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +02008663 else
8664 memprintf(&conf->ca_file, "%s", args[cur_arg + 1]);
Emeric Brunc8e8d122012-10-02 18:42:10 +02008665
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +02008666 if (!ssl_store_load_locations_file(conf->ca_file)) {
8667 memprintf(err, "'%s' : unable to load %s", args[cur_arg], conf->ca_file);
8668 return ERR_ALERT | ERR_FATAL;
8669 }
Emeric Brund94b3fe2012-09-20 18:23:56 +02008670 return 0;
8671}
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008672static int bind_parse_ca_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8673{
8674 return ssl_bind_parse_ca_file(args, cur_arg, px, &conf->ssl_conf, err);
8675}
Emeric Brund94b3fe2012-09-20 18:23:56 +02008676
Christopher Faulet31af49d2015-06-09 17:29:50 +02008677/* parse the "ca-sign-file" bind keyword */
8678static int bind_parse_ca_sign_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8679{
8680 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008681 memprintf(err, "'%s' : missing CAfile path", args[cur_arg]);
Christopher Faulet31af49d2015-06-09 17:29:50 +02008682 return ERR_ALERT | ERR_FATAL;
8683 }
8684
Willy Tarreauef934602016-12-22 23:12:01 +01008685 if ((*args[cur_arg + 1] != '/') && global_ssl.ca_base)
8686 memprintf(&conf->ca_sign_file, "%s/%s", global_ssl.ca_base, args[cur_arg + 1]);
Christopher Faulet31af49d2015-06-09 17:29:50 +02008687 else
8688 memprintf(&conf->ca_sign_file, "%s", args[cur_arg + 1]);
8689
8690 return 0;
8691}
8692
Bertrand Jacquinff13c062016-11-13 16:37:11 +00008693/* parse the "ca-sign-pass" bind keyword */
Christopher Faulet31af49d2015-06-09 17:29:50 +02008694static int bind_parse_ca_sign_pass(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8695{
8696 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008697 memprintf(err, "'%s' : missing CAkey password", args[cur_arg]);
Christopher Faulet31af49d2015-06-09 17:29:50 +02008698 return ERR_ALERT | ERR_FATAL;
8699 }
8700 memprintf(&conf->ca_sign_pass, "%s", args[cur_arg + 1]);
8701 return 0;
8702}
8703
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008704/* parse the "ciphers" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008705static int ssl_bind_parse_ciphers(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008706{
8707 if (!*args[cur_arg + 1]) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +02008708 memprintf(err, "'%s' : missing cipher suite", args[cur_arg]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008709 return ERR_ALERT | ERR_FATAL;
8710 }
8711
Emeric Brun76d88952012-10-05 15:47:31 +02008712 free(conf->ciphers);
Willy Tarreau4348fad2012-09-20 16:48:07 +02008713 conf->ciphers = strdup(args[cur_arg + 1]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008714 return 0;
8715}
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008716static int bind_parse_ciphers(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8717{
8718 return ssl_bind_parse_ciphers(args, cur_arg, px, &conf->ssl_conf, err);
8719}
Dirkjan Bussink415150f2018-09-14 11:14:21 +02008720
Emmanuel Hocdet839af572019-05-14 16:27:35 +02008721#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02008722/* parse the "ciphersuites" bind keyword */
8723static int ssl_bind_parse_ciphersuites(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
8724{
8725 if (!*args[cur_arg + 1]) {
8726 memprintf(err, "'%s' : missing cipher suite", args[cur_arg]);
8727 return ERR_ALERT | ERR_FATAL;
8728 }
8729
8730 free(conf->ciphersuites);
8731 conf->ciphersuites = strdup(args[cur_arg + 1]);
8732 return 0;
8733}
8734static int bind_parse_ciphersuites(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8735{
8736 return ssl_bind_parse_ciphersuites(args, cur_arg, px, &conf->ssl_conf, err);
8737}
8738#endif
8739
Willy Tarreaubbc91962019-10-16 16:42:19 +02008740/* parse the "crt" bind keyword. Returns a set of ERR_* flags possibly with an error in <err>. */
Willy Tarreau4348fad2012-09-20 16:48:07 +02008741static int bind_parse_crt(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008742{
Willy Tarreau38011032013-08-13 16:59:39 +02008743 char path[MAXPATHLEN];
Willy Tarreaub75d6922014-04-14 18:05:41 +02008744
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008745 if (!*args[cur_arg + 1]) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +02008746 memprintf(err, "'%s' : missing certificate location", args[cur_arg]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008747 return ERR_ALERT | ERR_FATAL;
8748 }
8749
Willy Tarreauef934602016-12-22 23:12:01 +01008750 if ((*args[cur_arg + 1] != '/' ) && global_ssl.crt_base) {
8751 if ((strlen(global_ssl.crt_base) + 1 + strlen(args[cur_arg + 1]) + 1) > MAXPATHLEN) {
Emeric Brunc8e8d122012-10-02 18:42:10 +02008752 memprintf(err, "'%s' : path too long", args[cur_arg]);
8753 return ERR_ALERT | ERR_FATAL;
8754 }
Willy Tarreauef934602016-12-22 23:12:01 +01008755 snprintf(path, sizeof(path), "%s/%s", global_ssl.crt_base, args[cur_arg + 1]);
Willy Tarreaubbc91962019-10-16 16:42:19 +02008756 return ssl_sock_load_cert(path, conf, err);
Emeric Brunc8e8d122012-10-02 18:42:10 +02008757 }
8758
Willy Tarreaubbc91962019-10-16 16:42:19 +02008759 return ssl_sock_load_cert(args[cur_arg + 1], conf, err);
Emeric Brund94b3fe2012-09-20 18:23:56 +02008760}
8761
Willy Tarreaubbc91962019-10-16 16:42:19 +02008762/* parse the "crt-list" bind keyword. Returns a set of ERR_* flags possibly with an error in <err>. */
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01008763static int bind_parse_crt_list(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8764{
Willy Tarreaubbc91962019-10-16 16:42:19 +02008765 int err_code;
8766
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01008767 if (!*args[cur_arg + 1]) {
8768 memprintf(err, "'%s' : missing certificate location", args[cur_arg]);
8769 return ERR_ALERT | ERR_FATAL;
8770 }
8771
Willy Tarreaubbc91962019-10-16 16:42:19 +02008772 err_code = ssl_sock_load_cert_list_file(args[cur_arg + 1], conf, px, err);
8773 if (err_code)
Willy Tarreauad1731d2013-04-02 17:35:58 +02008774 memprintf(err, "'%s' : %s", args[cur_arg], *err);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01008775
Willy Tarreaubbc91962019-10-16 16:42:19 +02008776 return err_code;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01008777}
8778
Emeric Brunfb510ea2012-10-05 12:00:26 +02008779/* parse the "crl-file" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008780static int ssl_bind_parse_crl_file(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Emeric Brund94b3fe2012-09-20 18:23:56 +02008781{
Emeric Brun051cdab2012-10-02 19:25:50 +02008782#ifndef X509_V_FLAG_CRL_CHECK
Tim Duesterhus93128532019-11-23 23:45:10 +01008783 memprintf(err, "'%s' : library does not support CRL verify", args[cur_arg]);
Emeric Brun051cdab2012-10-02 19:25:50 +02008784 return ERR_ALERT | ERR_FATAL;
8785#else
Emeric Brund94b3fe2012-09-20 18:23:56 +02008786 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008787 memprintf(err, "'%s' : missing CRLfile path", args[cur_arg]);
Emeric Brund94b3fe2012-09-20 18:23:56 +02008788 return ERR_ALERT | ERR_FATAL;
8789 }
Emeric Brun2b58d042012-09-20 17:10:03 +02008790
Willy Tarreauef934602016-12-22 23:12:01 +01008791 if ((*args[cur_arg + 1] != '/') && global_ssl.ca_base)
8792 memprintf(&conf->crl_file, "%s/%s", global_ssl.ca_base, args[cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +02008793 else
8794 memprintf(&conf->crl_file, "%s", args[cur_arg + 1]);
Emeric Brunc8e8d122012-10-02 18:42:10 +02008795
Emmanuel Hocdetb270e812019-11-21 19:09:31 +01008796 if (!ssl_store_load_locations_file(conf->crl_file)) {
8797 memprintf(err, "'%s' : unable to load %s", args[cur_arg], conf->crl_file);
8798 return ERR_ALERT | ERR_FATAL;
8799 }
Emeric Brun2b58d042012-09-20 17:10:03 +02008800 return 0;
Emeric Brun051cdab2012-10-02 19:25:50 +02008801#endif
Emeric Brun2b58d042012-09-20 17:10:03 +02008802}
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008803static int bind_parse_crl_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8804{
8805 return ssl_bind_parse_crl_file(args, cur_arg, px, &conf->ssl_conf, err);
8806}
Emeric Brun2b58d042012-09-20 17:10:03 +02008807
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01008808/* parse the "curves" bind keyword keyword */
8809static int ssl_bind_parse_curves(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
8810{
Lukas Tribusd14b49c2019-11-24 18:20:40 +01008811#if ((HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL) || defined(LIBRESSL_VERSION_NUMBER))
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01008812 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008813 memprintf(err, "'%s' : missing curve suite", args[cur_arg]);
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01008814 return ERR_ALERT | ERR_FATAL;
8815 }
8816 conf->curves = strdup(args[cur_arg + 1]);
8817 return 0;
8818#else
Tim Duesterhus93128532019-11-23 23:45:10 +01008819 memprintf(err, "'%s' : library does not support curve suite", args[cur_arg]);
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01008820 return ERR_ALERT | ERR_FATAL;
8821#endif
8822}
8823static int bind_parse_curves(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8824{
8825 return ssl_bind_parse_curves(args, cur_arg, px, &conf->ssl_conf, err);
8826}
8827
Bertrand Jacquinff13c062016-11-13 16:37:11 +00008828/* parse the "ecdhe" bind keyword keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008829static int ssl_bind_parse_ecdhe(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Emeric Brun2b58d042012-09-20 17:10:03 +02008830{
Willy Tarreau9a1ab082019-05-09 13:26:41 +02008831#if HA_OPENSSL_VERSION_NUMBER < 0x0090800fL
Tim Duesterhus93128532019-11-23 23:45:10 +01008832 memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (too old)", args[cur_arg]);
Emeric Brun2b58d042012-09-20 17:10:03 +02008833 return ERR_ALERT | ERR_FATAL;
8834#elif defined(OPENSSL_NO_ECDH)
Tim Duesterhus93128532019-11-23 23:45:10 +01008835 memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (disabled via OPENSSL_NO_ECDH)", args[cur_arg]);
Emeric Brun2b58d042012-09-20 17:10:03 +02008836 return ERR_ALERT | ERR_FATAL;
8837#else
8838 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008839 memprintf(err, "'%s' : missing named curve", args[cur_arg]);
Emeric Brun2b58d042012-09-20 17:10:03 +02008840 return ERR_ALERT | ERR_FATAL;
8841 }
8842
8843 conf->ecdhe = strdup(args[cur_arg + 1]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008844
8845 return 0;
Emeric Brun2b58d042012-09-20 17:10:03 +02008846#endif
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008847}
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008848static int bind_parse_ecdhe(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8849{
8850 return ssl_bind_parse_ecdhe(args, cur_arg, px, &conf->ssl_conf, err);
8851}
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008852
Bertrand Jacquinff13c062016-11-13 16:37:11 +00008853/* parse the "crt-ignore-err" and "ca-ignore-err" bind keywords */
Emeric Brun81c00f02012-09-21 14:31:21 +02008854static int bind_parse_ignore_err(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8855{
8856 int code;
8857 char *p = args[cur_arg + 1];
8858 unsigned long long *ignerr = &conf->crt_ignerr;
8859
8860 if (!*p) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008861 memprintf(err, "'%s' : missing error IDs list", args[cur_arg]);
Emeric Brun81c00f02012-09-21 14:31:21 +02008862 return ERR_ALERT | ERR_FATAL;
8863 }
8864
8865 if (strcmp(args[cur_arg], "ca-ignore-err") == 0)
8866 ignerr = &conf->ca_ignerr;
8867
8868 if (strcmp(p, "all") == 0) {
8869 *ignerr = ~0ULL;
8870 return 0;
8871 }
8872
8873 while (p) {
8874 code = atoi(p);
8875 if ((code <= 0) || (code > 63)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008876 memprintf(err, "'%s' : ID '%d' out of range (1..63) in error IDs list '%s'",
8877 args[cur_arg], code, args[cur_arg + 1]);
Emeric Brun81c00f02012-09-21 14:31:21 +02008878 return ERR_ALERT | ERR_FATAL;
8879 }
8880 *ignerr |= 1ULL << code;
8881 p = strchr(p, ',');
8882 if (p)
8883 p++;
8884 }
8885
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008886 return 0;
8887}
8888
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008889/* parse tls_method_options "no-xxx" and "force-xxx" */
8890static int parse_tls_method_options(char *arg, struct tls_version_filter *methods, char **err)
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008891{
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008892 uint16_t v;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008893 char *p;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008894 p = strchr(arg, '-');
8895 if (!p)
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008896 goto fail;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008897 p++;
8898 if (!strcmp(p, "sslv3"))
8899 v = CONF_SSLV3;
8900 else if (!strcmp(p, "tlsv10"))
8901 v = CONF_TLSV10;
8902 else if (!strcmp(p, "tlsv11"))
8903 v = CONF_TLSV11;
8904 else if (!strcmp(p, "tlsv12"))
8905 v = CONF_TLSV12;
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +02008906 else if (!strcmp(p, "tlsv13"))
8907 v = CONF_TLSV13;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008908 else
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008909 goto fail;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008910 if (!strncmp(arg, "no-", 3))
8911 methods->flags |= methodVersions[v].flag;
8912 else if (!strncmp(arg, "force-", 6))
8913 methods->min = methods->max = v;
8914 else
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008915 goto fail;
Emeric Brun2d0c4822012-10-02 13:45:20 +02008916 return 0;
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008917 fail:
Tim Duesterhus93128532019-11-23 23:45:10 +01008918 memprintf(err, "'%s' : option not implemented", arg);
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008919 return ERR_ALERT | ERR_FATAL;
Emeric Brun2d0c4822012-10-02 13:45:20 +02008920}
8921
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008922static int bind_parse_tls_method_options(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008923{
Emmanuel Hocdet43664762017-08-09 18:26:20 +02008924 return parse_tls_method_options(args[cur_arg], &conf->ssl_conf.ssl_methods, err);
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008925}
8926
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008927static int srv_parse_tls_method_options(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008928{
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008929 return parse_tls_method_options(args[*cur_arg], &newsrv->ssl_ctx.methods, err);
8930}
8931
8932/* parse tls_method min/max: "ssl-min-ver" and "ssl-max-ver" */
8933static int parse_tls_method_minmax(char **args, int cur_arg, struct tls_version_filter *methods, char **err)
8934{
8935 uint16_t i, v = 0;
8936 char *argv = args[cur_arg + 1];
8937 if (!*argv) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008938 memprintf(err, "'%s' : missing the ssl/tls version", args[cur_arg]);
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008939 return ERR_ALERT | ERR_FATAL;
8940 }
8941 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
8942 if (!strcmp(argv, methodVersions[i].name))
8943 v = i;
8944 if (!v) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008945 memprintf(err, "'%s' : unknown ssl/tls version", args[cur_arg + 1]);
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008946 return ERR_ALERT | ERR_FATAL;
8947 }
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008948 if (!strcmp("ssl-min-ver", args[cur_arg]))
8949 methods->min = v;
8950 else if (!strcmp("ssl-max-ver", args[cur_arg]))
8951 methods->max = v;
8952 else {
Tim Duesterhus93128532019-11-23 23:45:10 +01008953 memprintf(err, "'%s' : option not implemented", args[cur_arg]);
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008954 return ERR_ALERT | ERR_FATAL;
8955 }
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008956 return 0;
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008957}
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008958
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02008959static int ssl_bind_parse_tls_method_minmax(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
8960{
Willy Tarreau9a1ab082019-05-09 13:26:41 +02008961#if (HA_OPENSSL_VERSION_NUMBER < 0x10101000L) && !defined(OPENSSL_IS_BORINGSSL)
Christopher Faulet767a84b2017-11-24 16:50:31 +01008962 ha_warning("crt-list: ssl-min-ver and ssl-max-ver are not supported with this Openssl version (skipped).\n");
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02008963#endif
8964 return parse_tls_method_minmax(args, cur_arg, &conf->ssl_methods, err);
8965}
8966
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008967static int bind_parse_tls_method_minmax(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8968{
Emmanuel Hocdet43664762017-08-09 18:26:20 +02008969 return parse_tls_method_minmax(args, cur_arg, &conf->ssl_conf.ssl_methods, err);
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008970}
8971
8972static int srv_parse_tls_method_minmax(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8973{
8974 return parse_tls_method_minmax(args, *cur_arg, &newsrv->ssl_ctx.methods, err);
8975}
8976
Emeric Brun2d0c4822012-10-02 13:45:20 +02008977/* parse the "no-tls-tickets" bind keyword */
Emmanuel Hocdet4608ed92017-01-20 13:06:27 +01008978static int bind_parse_no_tls_tickets(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Emeric Brun2d0c4822012-10-02 13:45:20 +02008979{
Emeric Brun89675492012-10-05 13:48:26 +02008980 conf->ssl_options |= BC_SSL_O_NO_TLS_TICKETS;
Emeric Brun81c00f02012-09-21 14:31:21 +02008981 return 0;
8982}
Emeric Brun2d0c4822012-10-02 13:45:20 +02008983
Olivier Houchardc2aae742017-09-22 18:26:28 +02008984/* parse the "allow-0rtt" bind keyword */
8985static int ssl_bind_parse_allow_0rtt(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
8986{
8987 conf->early_data = 1;
8988 return 0;
8989}
8990
8991static int bind_parse_allow_0rtt(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8992{
Olivier Houchard9679ac92017-10-27 14:58:08 +02008993 conf->ssl_conf.early_data = 1;
Olivier Houchardc2aae742017-09-22 18:26:28 +02008994 return 0;
8995}
8996
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02008997/* parse the "npn" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008998static int ssl_bind_parse_npn(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02008999{
Bernard Spil13c53f82018-02-15 13:34:58 +01009000#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02009001 char *p1, *p2;
9002
9003 if (!*args[cur_arg + 1]) {
9004 memprintf(err, "'%s' : missing the comma-delimited NPN protocol suite", args[cur_arg]);
9005 return ERR_ALERT | ERR_FATAL;
9006 }
9007
9008 free(conf->npn_str);
9009
Willy Tarreau3724da12016-02-12 17:11:12 +01009010 /* the NPN string is built as a suite of (<len> <name>)*,
9011 * so we reuse each comma to store the next <len> and need
9012 * one more for the end of the string.
9013 */
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02009014 conf->npn_len = strlen(args[cur_arg + 1]) + 1;
Willy Tarreau3724da12016-02-12 17:11:12 +01009015 conf->npn_str = calloc(1, conf->npn_len + 1);
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02009016 memcpy(conf->npn_str + 1, args[cur_arg + 1], conf->npn_len);
9017
9018 /* replace commas with the name length */
9019 p1 = conf->npn_str;
9020 p2 = p1 + 1;
9021 while (1) {
9022 p2 = memchr(p1 + 1, ',', conf->npn_str + conf->npn_len - (p1 + 1));
9023 if (!p2)
9024 p2 = p1 + 1 + strlen(p1 + 1);
9025
9026 if (p2 - (p1 + 1) > 255) {
9027 *p2 = '\0';
9028 memprintf(err, "'%s' : NPN protocol name too long : '%s'", args[cur_arg], p1 + 1);
9029 return ERR_ALERT | ERR_FATAL;
9030 }
9031
9032 *p1 = p2 - (p1 + 1);
9033 p1 = p2;
9034
9035 if (!*p2)
9036 break;
9037
9038 *(p2++) = '\0';
9039 }
9040 return 0;
9041#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009042 memprintf(err, "'%s' : library does not support TLS NPN extension", args[cur_arg]);
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02009043 return ERR_ALERT | ERR_FATAL;
9044#endif
9045}
9046
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009047static int bind_parse_npn(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9048{
9049 return ssl_bind_parse_npn(args, cur_arg, px, &conf->ssl_conf, err);
9050}
9051
Willy Tarreauab861d32013-04-02 02:30:41 +02009052/* parse the "alpn" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009053static int ssl_bind_parse_alpn(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Willy Tarreauab861d32013-04-02 02:30:41 +02009054{
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01009055#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Willy Tarreauab861d32013-04-02 02:30:41 +02009056 char *p1, *p2;
9057
9058 if (!*args[cur_arg + 1]) {
9059 memprintf(err, "'%s' : missing the comma-delimited ALPN protocol suite", args[cur_arg]);
9060 return ERR_ALERT | ERR_FATAL;
9061 }
9062
9063 free(conf->alpn_str);
9064
Marcoen Hirschbergbef60912016-02-12 17:05:24 +01009065 /* the ALPN string is built as a suite of (<len> <name>)*,
9066 * so we reuse each comma to store the next <len> and need
9067 * one more for the end of the string.
9068 */
Willy Tarreauab861d32013-04-02 02:30:41 +02009069 conf->alpn_len = strlen(args[cur_arg + 1]) + 1;
Marcoen Hirschbergbef60912016-02-12 17:05:24 +01009070 conf->alpn_str = calloc(1, conf->alpn_len + 1);
Willy Tarreauab861d32013-04-02 02:30:41 +02009071 memcpy(conf->alpn_str + 1, args[cur_arg + 1], conf->alpn_len);
9072
9073 /* replace commas with the name length */
9074 p1 = conf->alpn_str;
9075 p2 = p1 + 1;
9076 while (1) {
9077 p2 = memchr(p1 + 1, ',', conf->alpn_str + conf->alpn_len - (p1 + 1));
9078 if (!p2)
9079 p2 = p1 + 1 + strlen(p1 + 1);
9080
9081 if (p2 - (p1 + 1) > 255) {
9082 *p2 = '\0';
9083 memprintf(err, "'%s' : ALPN protocol name too long : '%s'", args[cur_arg], p1 + 1);
9084 return ERR_ALERT | ERR_FATAL;
9085 }
9086
9087 *p1 = p2 - (p1 + 1);
9088 p1 = p2;
9089
9090 if (!*p2)
9091 break;
9092
9093 *(p2++) = '\0';
9094 }
9095 return 0;
9096#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009097 memprintf(err, "'%s' : library does not support TLS ALPN extension", args[cur_arg]);
Willy Tarreauab861d32013-04-02 02:30:41 +02009098 return ERR_ALERT | ERR_FATAL;
9099#endif
9100}
9101
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009102static int bind_parse_alpn(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9103{
9104 return ssl_bind_parse_alpn(args, cur_arg, px, &conf->ssl_conf, err);
9105}
9106
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009107/* parse the "ssl" bind keyword */
Willy Tarreau4348fad2012-09-20 16:48:07 +02009108static int bind_parse_ssl(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009109{
Willy Tarreau71a8c7c2016-12-21 22:04:54 +01009110 conf->xprt = &ssl_sock;
Willy Tarreau4348fad2012-09-20 16:48:07 +02009111 conf->is_ssl = 1;
Emeric Brun76d88952012-10-05 15:47:31 +02009112
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009113 if (global_ssl.listen_default_ciphers && !conf->ssl_conf.ciphers)
9114 conf->ssl_conf.ciphers = strdup(global_ssl.listen_default_ciphers);
Emmanuel Hocdet839af572019-05-14 16:27:35 +02009115#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009116 if (global_ssl.listen_default_ciphersuites && !conf->ssl_conf.ciphersuites)
9117 conf->ssl_conf.ciphersuites = strdup(global_ssl.listen_default_ciphersuites);
9118#endif
Emmanuel Hocdet4608ed92017-01-20 13:06:27 +01009119 conf->ssl_options |= global_ssl.listen_default_ssloptions;
Emmanuel Hocdet43664762017-08-09 18:26:20 +02009120 conf->ssl_conf.ssl_methods.flags |= global_ssl.listen_default_sslmethods.flags;
9121 if (!conf->ssl_conf.ssl_methods.min)
9122 conf->ssl_conf.ssl_methods.min = global_ssl.listen_default_sslmethods.min;
9123 if (!conf->ssl_conf.ssl_methods.max)
9124 conf->ssl_conf.ssl_methods.max = global_ssl.listen_default_sslmethods.max;
Emeric Brun76d88952012-10-05 15:47:31 +02009125
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009126 return 0;
9127}
9128
Lukas Tribus53ae85c2017-05-04 15:45:40 +00009129/* parse the "prefer-client-ciphers" bind keyword */
9130static int bind_parse_pcc(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9131{
9132 conf->ssl_options |= BC_SSL_O_PREF_CLIE_CIPH;
9133 return 0;
9134}
9135
Christopher Faulet31af49d2015-06-09 17:29:50 +02009136/* parse the "generate-certificates" bind keyword */
9137static int bind_parse_generate_certs(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9138{
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01009139#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Christopher Faulet31af49d2015-06-09 17:29:50 +02009140 conf->generate_certs = 1;
9141#else
9142 memprintf(err, "%sthis version of openssl cannot generate SSL certificates.\n",
9143 err && *err ? *err : "");
9144#endif
9145 return 0;
9146}
9147
Emmanuel Hocdet65623372013-01-24 17:17:15 +01009148/* parse the "strict-sni" bind keyword */
9149static int bind_parse_strict_sni(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9150{
9151 conf->strict_sni = 1;
9152 return 0;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009153}
9154
9155/* parse the "tls-ticket-keys" bind keyword */
9156static int bind_parse_tls_ticket_keys(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9157{
9158#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
Christopher Faulete566f3d2019-10-21 09:55:49 +02009159 FILE *f = NULL;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009160 int i = 0;
9161 char thisline[LINESIZE];
Christopher Faulete566f3d2019-10-21 09:55:49 +02009162 struct tls_keys_ref *keys_ref = NULL;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009163
9164 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009165 memprintf(err, "'%s' : missing TLS ticket keys file path", args[cur_arg]);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009166 goto fail;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009167 }
9168
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02009169 keys_ref = tlskeys_ref_lookup(args[cur_arg + 1]);
Willy Tarreau17b4aa12018-07-17 10:05:32 +02009170 if (keys_ref) {
9171 keys_ref->refcount++;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02009172 conf->keys_ref = keys_ref;
9173 return 0;
9174 }
9175
Christopher Faulete566f3d2019-10-21 09:55:49 +02009176 keys_ref = calloc(1, sizeof(*keys_ref));
Emeric Brun09852f72019-01-10 10:51:13 +01009177 if (!keys_ref) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009178 memprintf(err, "'%s' : allocation error", args[cur_arg+1]);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009179 goto fail;
Emeric Brun09852f72019-01-10 10:51:13 +01009180 }
9181
Emeric Brun9e754772019-01-10 17:51:55 +01009182 keys_ref->tlskeys = malloc(TLS_TICKETS_NO * sizeof(union tls_sess_key));
Emeric Brun09852f72019-01-10 10:51:13 +01009183 if (!keys_ref->tlskeys) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009184 memprintf(err, "'%s' : allocation error", args[cur_arg+1]);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009185 goto fail;
Emeric Brun09852f72019-01-10 10:51:13 +01009186 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009187
9188 if ((f = fopen(args[cur_arg + 1], "r")) == NULL) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009189 memprintf(err, "'%s' : unable to load ssl tickets keys file", args[cur_arg+1]);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009190 goto fail;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009191 }
9192
Nenad Merdanovic146defa2015-05-09 08:46:00 +02009193 keys_ref->filename = strdup(args[cur_arg + 1]);
Emeric Brun09852f72019-01-10 10:51:13 +01009194 if (!keys_ref->filename) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009195 memprintf(err, "'%s' : allocation error", args[cur_arg+1]);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009196 goto fail;
Emeric Brun09852f72019-01-10 10:51:13 +01009197 }
Nenad Merdanovic146defa2015-05-09 08:46:00 +02009198
Emeric Brun9e754772019-01-10 17:51:55 +01009199 keys_ref->key_size_bits = 0;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009200 while (fgets(thisline, sizeof(thisline), f) != NULL) {
9201 int len = strlen(thisline);
Emeric Brun9e754772019-01-10 17:51:55 +01009202 int dec_size;
9203
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009204 /* Strip newline characters from the end */
9205 if(thisline[len - 1] == '\n')
9206 thisline[--len] = 0;
9207
9208 if(thisline[len - 1] == '\r')
9209 thisline[--len] = 0;
9210
Emeric Brun9e754772019-01-10 17:51:55 +01009211 dec_size = base64dec(thisline, len, (char *) (keys_ref->tlskeys + i % TLS_TICKETS_NO), sizeof(union tls_sess_key));
9212 if (dec_size < 0) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009213 memprintf(err, "'%s' : unable to decode base64 key on line %d", args[cur_arg+1], i + 1);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009214 goto fail;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009215 }
Emeric Brun9e754772019-01-10 17:51:55 +01009216 else if (!keys_ref->key_size_bits && (dec_size == sizeof(struct tls_sess_key_128))) {
9217 keys_ref->key_size_bits = 128;
9218 }
9219 else if (!keys_ref->key_size_bits && (dec_size == sizeof(struct tls_sess_key_256))) {
9220 keys_ref->key_size_bits = 256;
9221 }
9222 else if (((dec_size != sizeof(struct tls_sess_key_128)) && (dec_size != sizeof(struct tls_sess_key_256)))
9223 || ((dec_size == sizeof(struct tls_sess_key_128) && (keys_ref->key_size_bits != 128)))
9224 || ((dec_size == sizeof(struct tls_sess_key_256) && (keys_ref->key_size_bits != 256)))) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009225 memprintf(err, "'%s' : wrong sized key on line %d", args[cur_arg+1], i + 1);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009226 goto fail;
Emeric Brun9e754772019-01-10 17:51:55 +01009227 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009228 i++;
9229 }
9230
9231 if (i < TLS_TICKETS_NO) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009232 memprintf(err, "'%s' : please supply at least %d keys in the tls-tickets-file", args[cur_arg+1], TLS_TICKETS_NO);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009233 goto fail;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009234 }
9235
9236 fclose(f);
9237
9238 /* Use penultimate key for encryption, handle when TLS_TICKETS_NO = 1 */
Nenad Merdanovic17891152016-03-25 22:16:57 +01009239 i -= 2;
9240 keys_ref->tls_ticket_enc_index = i < 0 ? 0 : i % TLS_TICKETS_NO;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02009241 keys_ref->unique_id = -1;
Willy Tarreau17b4aa12018-07-17 10:05:32 +02009242 keys_ref->refcount = 1;
Christopher Faulet16f45c82018-02-16 11:23:49 +01009243 HA_RWLOCK_INIT(&keys_ref->lock);
Nenad Merdanovic146defa2015-05-09 08:46:00 +02009244 conf->keys_ref = keys_ref;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009245
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02009246 LIST_ADD(&tlskeys_reference, &keys_ref->list);
9247
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009248 return 0;
Christopher Faulete566f3d2019-10-21 09:55:49 +02009249
9250 fail:
9251 if (f)
9252 fclose(f);
9253 if (keys_ref) {
9254 free(keys_ref->filename);
9255 free(keys_ref->tlskeys);
9256 free(keys_ref);
9257 }
9258 return ERR_ALERT | ERR_FATAL;
9259
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009260#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009261 memprintf(err, "'%s' : TLS ticket callback extension not supported", args[cur_arg]);
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009262 return ERR_ALERT | ERR_FATAL;
9263#endif /* SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB */
Emmanuel Hocdet65623372013-01-24 17:17:15 +01009264}
9265
Emeric Brund94b3fe2012-09-20 18:23:56 +02009266/* parse the "verify" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009267static int ssl_bind_parse_verify(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Emeric Brund94b3fe2012-09-20 18:23:56 +02009268{
9269 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009270 memprintf(err, "'%s' : missing verify method", args[cur_arg]);
Emeric Brund94b3fe2012-09-20 18:23:56 +02009271 return ERR_ALERT | ERR_FATAL;
9272 }
9273
9274 if (strcmp(args[cur_arg + 1], "none") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01009275 conf->verify = SSL_SOCK_VERIFY_NONE;
Emeric Brund94b3fe2012-09-20 18:23:56 +02009276 else if (strcmp(args[cur_arg + 1], "optional") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01009277 conf->verify = SSL_SOCK_VERIFY_OPTIONAL;
Emeric Brund94b3fe2012-09-20 18:23:56 +02009278 else if (strcmp(args[cur_arg + 1], "required") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01009279 conf->verify = SSL_SOCK_VERIFY_REQUIRED;
Emeric Brund94b3fe2012-09-20 18:23:56 +02009280 else {
Tim Duesterhus93128532019-11-23 23:45:10 +01009281 memprintf(err, "'%s' : unknown verify method '%s', only 'none', 'optional', and 'required' are supported\n",
9282 args[cur_arg], args[cur_arg + 1]);
Emeric Brund94b3fe2012-09-20 18:23:56 +02009283 return ERR_ALERT | ERR_FATAL;
9284 }
9285
9286 return 0;
9287}
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009288static int bind_parse_verify(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9289{
9290 return ssl_bind_parse_verify(args, cur_arg, px, &conf->ssl_conf, err);
9291}
Emeric Brund94b3fe2012-09-20 18:23:56 +02009292
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +02009293/* parse the "no-ca-names" bind keyword */
9294static int ssl_bind_parse_no_ca_names(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
9295{
9296 conf->no_ca_names = 1;
9297 return 0;
9298}
9299static int bind_parse_no_ca_names(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9300{
9301 return ssl_bind_parse_no_ca_names(args, cur_arg, px, &conf->ssl_conf, err);
9302}
9303
Willy Tarreau92faadf2012-10-10 23:04:25 +02009304/************** "server" keywords ****************/
9305
Olivier Houchardc7566002018-11-20 23:33:50 +01009306/* parse the "npn" bind keyword */
9307static int srv_parse_npn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9308{
9309#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
9310 char *p1, *p2;
9311
9312 if (!*args[*cur_arg + 1]) {
9313 memprintf(err, "'%s' : missing the comma-delimited NPN protocol suite", args[*cur_arg]);
9314 return ERR_ALERT | ERR_FATAL;
9315 }
9316
9317 free(newsrv->ssl_ctx.npn_str);
9318
9319 /* the NPN string is built as a suite of (<len> <name>)*,
9320 * so we reuse each comma to store the next <len> and need
9321 * one more for the end of the string.
9322 */
9323 newsrv->ssl_ctx.npn_len = strlen(args[*cur_arg + 1]) + 1;
9324 newsrv->ssl_ctx.npn_str = calloc(1, newsrv->ssl_ctx.npn_len + 1);
9325 memcpy(newsrv->ssl_ctx.npn_str + 1, args[*cur_arg + 1],
9326 newsrv->ssl_ctx.npn_len);
9327
9328 /* replace commas with the name length */
9329 p1 = newsrv->ssl_ctx.npn_str;
9330 p2 = p1 + 1;
9331 while (1) {
9332 p2 = memchr(p1 + 1, ',', newsrv->ssl_ctx.npn_str +
9333 newsrv->ssl_ctx.npn_len - (p1 + 1));
9334 if (!p2)
9335 p2 = p1 + 1 + strlen(p1 + 1);
9336
9337 if (p2 - (p1 + 1) > 255) {
9338 *p2 = '\0';
9339 memprintf(err, "'%s' : NPN protocol name too long : '%s'", args[*cur_arg], p1 + 1);
9340 return ERR_ALERT | ERR_FATAL;
9341 }
9342
9343 *p1 = p2 - (p1 + 1);
9344 p1 = p2;
9345
9346 if (!*p2)
9347 break;
9348
9349 *(p2++) = '\0';
9350 }
9351 return 0;
9352#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009353 memprintf(err, "'%s' : library does not support TLS NPN extension", args[*cur_arg]);
Olivier Houchardc7566002018-11-20 23:33:50 +01009354 return ERR_ALERT | ERR_FATAL;
9355#endif
9356}
9357
Olivier Houchard92150142018-12-21 19:47:01 +01009358/* parse the "alpn" or the "check-alpn" server keyword */
Olivier Houchardc7566002018-11-20 23:33:50 +01009359static int srv_parse_alpn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9360{
9361#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
9362 char *p1, *p2;
Olivier Houchard92150142018-12-21 19:47:01 +01009363 char **alpn_str;
9364 int *alpn_len;
Olivier Houchardc7566002018-11-20 23:33:50 +01009365
Olivier Houchard92150142018-12-21 19:47:01 +01009366 if (*args[*cur_arg] == 'c') {
9367 alpn_str = &newsrv->check.alpn_str;
9368 alpn_len = &newsrv->check.alpn_len;
9369 } else {
9370 alpn_str = &newsrv->ssl_ctx.alpn_str;
9371 alpn_len = &newsrv->ssl_ctx.alpn_len;
9372
9373 }
Olivier Houchardc7566002018-11-20 23:33:50 +01009374 if (!*args[*cur_arg + 1]) {
9375 memprintf(err, "'%s' : missing the comma-delimited ALPN protocol suite", args[*cur_arg]);
9376 return ERR_ALERT | ERR_FATAL;
9377 }
9378
Olivier Houchard92150142018-12-21 19:47:01 +01009379 free(*alpn_str);
Olivier Houchardc7566002018-11-20 23:33:50 +01009380
9381 /* the ALPN string is built as a suite of (<len> <name>)*,
9382 * so we reuse each comma to store the next <len> and need
9383 * one more for the end of the string.
9384 */
Olivier Houchard92150142018-12-21 19:47:01 +01009385 *alpn_len = strlen(args[*cur_arg + 1]) + 1;
9386 *alpn_str = calloc(1, *alpn_len + 1);
9387 memcpy(*alpn_str + 1, args[*cur_arg + 1], *alpn_len);
Olivier Houchardc7566002018-11-20 23:33:50 +01009388
9389 /* replace commas with the name length */
Olivier Houchard92150142018-12-21 19:47:01 +01009390 p1 = *alpn_str;
Olivier Houchardc7566002018-11-20 23:33:50 +01009391 p2 = p1 + 1;
9392 while (1) {
Olivier Houchard92150142018-12-21 19:47:01 +01009393 p2 = memchr(p1 + 1, ',', *alpn_str + *alpn_len - (p1 + 1));
Olivier Houchardc7566002018-11-20 23:33:50 +01009394 if (!p2)
9395 p2 = p1 + 1 + strlen(p1 + 1);
9396
9397 if (p2 - (p1 + 1) > 255) {
9398 *p2 = '\0';
9399 memprintf(err, "'%s' : ALPN protocol name too long : '%s'", args[*cur_arg], p1 + 1);
9400 return ERR_ALERT | ERR_FATAL;
9401 }
9402
9403 *p1 = p2 - (p1 + 1);
9404 p1 = p2;
9405
9406 if (!*p2)
9407 break;
9408
9409 *(p2++) = '\0';
9410 }
9411 return 0;
9412#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009413 memprintf(err, "'%s' : library does not support TLS ALPN extension", args[*cur_arg]);
Olivier Houchardc7566002018-11-20 23:33:50 +01009414 return ERR_ALERT | ERR_FATAL;
9415#endif
9416}
9417
Emeric Brunef42d922012-10-11 16:11:36 +02009418/* parse the "ca-file" server keyword */
9419static int srv_parse_ca_file(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9420{
9421 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009422 memprintf(err, "'%s' : missing CAfile path", args[*cur_arg]);
Emeric Brunef42d922012-10-11 16:11:36 +02009423 return ERR_ALERT | ERR_FATAL;
9424 }
9425
Willy Tarreauef934602016-12-22 23:12:01 +01009426 if ((*args[*cur_arg + 1] != '/') && global_ssl.ca_base)
9427 memprintf(&newsrv->ssl_ctx.ca_file, "%s/%s", global_ssl.ca_base, args[*cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +02009428 else
9429 memprintf(&newsrv->ssl_ctx.ca_file, "%s", args[*cur_arg + 1]);
9430
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +02009431 if (!ssl_store_load_locations_file(newsrv->ssl_ctx.ca_file)) {
9432 memprintf(err, "'%s' : unable to load %s", args[*cur_arg], newsrv->ssl_ctx.ca_file);
9433 return ERR_ALERT | ERR_FATAL;
9434 }
Emeric Brunef42d922012-10-11 16:11:36 +02009435 return 0;
9436}
9437
Olivier Houchard9130a962017-10-17 17:33:43 +02009438/* parse the "check-sni" server keyword */
9439static int srv_parse_check_sni(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9440{
9441 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009442 memprintf(err, "'%s' : missing SNI", args[*cur_arg]);
Olivier Houchard9130a962017-10-17 17:33:43 +02009443 return ERR_ALERT | ERR_FATAL;
9444 }
9445
9446 newsrv->check.sni = strdup(args[*cur_arg + 1]);
9447 if (!newsrv->check.sni) {
9448 memprintf(err, "'%s' : failed to allocate memory", args[*cur_arg]);
9449 return ERR_ALERT | ERR_FATAL;
9450 }
9451 return 0;
9452
9453}
9454
Willy Tarreau92faadf2012-10-10 23:04:25 +02009455/* parse the "check-ssl" server keyword */
9456static int srv_parse_check_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9457{
9458 newsrv->check.use_ssl = 1;
Willy Tarreauef934602016-12-22 23:12:01 +01009459 if (global_ssl.connect_default_ciphers && !newsrv->ssl_ctx.ciphers)
9460 newsrv->ssl_ctx.ciphers = strdup(global_ssl.connect_default_ciphers);
Emmanuel Hocdet839af572019-05-14 16:27:35 +02009461#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009462 if (global_ssl.connect_default_ciphersuites && !newsrv->ssl_ctx.ciphersuites)
9463 newsrv->ssl_ctx.ciphersuites = strdup(global_ssl.connect_default_ciphersuites);
9464#endif
Willy Tarreauef934602016-12-22 23:12:01 +01009465 newsrv->ssl_ctx.options |= global_ssl.connect_default_ssloptions;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02009466 newsrv->ssl_ctx.methods.flags |= global_ssl.connect_default_sslmethods.flags;
9467 if (!newsrv->ssl_ctx.methods.min)
9468 newsrv->ssl_ctx.methods.min = global_ssl.connect_default_sslmethods.min;
9469 if (!newsrv->ssl_ctx.methods.max)
9470 newsrv->ssl_ctx.methods.max = global_ssl.connect_default_sslmethods.max;
9471
Willy Tarreau92faadf2012-10-10 23:04:25 +02009472 return 0;
9473}
9474
9475/* parse the "ciphers" server keyword */
9476static int srv_parse_ciphers(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9477{
9478 if (!*args[*cur_arg + 1]) {
9479 memprintf(err, "'%s' : missing cipher suite", args[*cur_arg]);
9480 return ERR_ALERT | ERR_FATAL;
9481 }
9482
9483 free(newsrv->ssl_ctx.ciphers);
9484 newsrv->ssl_ctx.ciphers = strdup(args[*cur_arg + 1]);
9485 return 0;
9486}
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009487
Emmanuel Hocdet839af572019-05-14 16:27:35 +02009488#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009489/* parse the "ciphersuites" server keyword */
9490static int srv_parse_ciphersuites(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9491{
9492 if (!*args[*cur_arg + 1]) {
9493 memprintf(err, "'%s' : missing cipher suite", args[*cur_arg]);
9494 return ERR_ALERT | ERR_FATAL;
9495 }
9496
9497 free(newsrv->ssl_ctx.ciphersuites);
9498 newsrv->ssl_ctx.ciphersuites = strdup(args[*cur_arg + 1]);
9499 return 0;
9500}
9501#endif
Willy Tarreau92faadf2012-10-10 23:04:25 +02009502
Emeric Brunef42d922012-10-11 16:11:36 +02009503/* parse the "crl-file" server keyword */
9504static int srv_parse_crl_file(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9505{
9506#ifndef X509_V_FLAG_CRL_CHECK
Tim Duesterhus93128532019-11-23 23:45:10 +01009507 memprintf(err, "'%s' : library does not support CRL verify", args[*cur_arg]);
Emeric Brunef42d922012-10-11 16:11:36 +02009508 return ERR_ALERT | ERR_FATAL;
9509#else
9510 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009511 memprintf(err, "'%s' : missing CRLfile path", args[*cur_arg]);
Emeric Brunef42d922012-10-11 16:11:36 +02009512 return ERR_ALERT | ERR_FATAL;
9513 }
9514
Willy Tarreauef934602016-12-22 23:12:01 +01009515 if ((*args[*cur_arg + 1] != '/') && global_ssl.ca_base)
9516 memprintf(&newsrv->ssl_ctx.crl_file, "%s/%s", global_ssl.ca_base, args[*cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +02009517 else
9518 memprintf(&newsrv->ssl_ctx.crl_file, "%s", args[*cur_arg + 1]);
9519
Emmanuel Hocdetb270e812019-11-21 19:09:31 +01009520 if (!ssl_store_load_locations_file(newsrv->ssl_ctx.crl_file)) {
9521 memprintf(err, "'%s' : unable to load %s", args[*cur_arg], newsrv->ssl_ctx.crl_file);
9522 return ERR_ALERT | ERR_FATAL;
9523 }
Emeric Brunef42d922012-10-11 16:11:36 +02009524 return 0;
9525#endif
9526}
9527
Emeric Bruna7aa3092012-10-26 12:58:00 +02009528/* parse the "crt" server keyword */
9529static int srv_parse_crt(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9530{
9531 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009532 memprintf(err, "'%s' : missing certificate file path", args[*cur_arg]);
Emeric Bruna7aa3092012-10-26 12:58:00 +02009533 return ERR_ALERT | ERR_FATAL;
9534 }
9535
Willy Tarreauef934602016-12-22 23:12:01 +01009536 if ((*args[*cur_arg + 1] != '/') && global_ssl.crt_base)
Christopher Fauletff3a41e2017-11-23 09:13:32 +01009537 memprintf(&newsrv->ssl_ctx.client_crt, "%s/%s", global_ssl.crt_base, args[*cur_arg + 1]);
Emeric Bruna7aa3092012-10-26 12:58:00 +02009538 else
9539 memprintf(&newsrv->ssl_ctx.client_crt, "%s", args[*cur_arg + 1]);
9540
9541 return 0;
9542}
Emeric Brunef42d922012-10-11 16:11:36 +02009543
Frédéric Lécaille340ae602017-03-13 10:38:04 +01009544/* parse the "no-check-ssl" server keyword */
9545static int srv_parse_no_check_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9546{
9547 newsrv->check.use_ssl = 0;
9548 free(newsrv->ssl_ctx.ciphers);
9549 newsrv->ssl_ctx.ciphers = NULL;
9550 newsrv->ssl_ctx.options &= ~global_ssl.connect_default_ssloptions;
9551 return 0;
9552}
9553
Frédéric Lécaillee892c4c2017-03-13 12:08:01 +01009554/* parse the "no-send-proxy-v2-ssl" server keyword */
9555static int srv_parse_no_send_proxy_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9556{
9557 newsrv->pp_opts &= ~SRV_PP_V2;
9558 newsrv->pp_opts &= ~SRV_PP_V2_SSL;
9559 return 0;
9560}
9561
9562/* parse the "no-send-proxy-v2-ssl-cn" server keyword */
9563static int srv_parse_no_send_proxy_cn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9564{
9565 newsrv->pp_opts &= ~SRV_PP_V2;
9566 newsrv->pp_opts &= ~SRV_PP_V2_SSL;
9567 newsrv->pp_opts &= ~SRV_PP_V2_SSL_CN;
9568 return 0;
9569}
9570
Frédéric Lécaillee381d762017-03-13 11:54:17 +01009571/* parse the "no-ssl" server keyword */
9572static int srv_parse_no_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9573{
9574 newsrv->use_ssl = 0;
9575 free(newsrv->ssl_ctx.ciphers);
9576 newsrv->ssl_ctx.ciphers = NULL;
9577 return 0;
9578}
9579
Olivier Houchard522eea72017-11-03 16:27:47 +01009580/* parse the "allow-0rtt" server keyword */
9581static int srv_parse_allow_0rtt(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9582{
9583 newsrv->ssl_ctx.options |= SRV_SSL_O_EARLY_DATA;
9584 return 0;
9585}
9586
Willy Tarreau2a3fb1c2015-02-05 16:47:07 +01009587/* parse the "no-ssl-reuse" server keyword */
9588static int srv_parse_no_ssl_reuse(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9589{
9590 newsrv->ssl_ctx.options |= SRV_SSL_O_NO_REUSE;
9591 return 0;
9592}
9593
Emeric Brunf9c5c472012-10-11 15:28:34 +02009594/* parse the "no-tls-tickets" server keyword */
9595static int srv_parse_no_tls_tickets(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9596{
9597 newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLS_TICKETS;
9598 return 0;
9599}
David Safb76832014-05-08 23:42:08 -04009600/* parse the "send-proxy-v2-ssl" server keyword */
9601static int srv_parse_send_proxy_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9602{
9603 newsrv->pp_opts |= SRV_PP_V2;
9604 newsrv->pp_opts |= SRV_PP_V2_SSL;
9605 return 0;
9606}
9607
9608/* parse the "send-proxy-v2-ssl-cn" server keyword */
9609static int srv_parse_send_proxy_cn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9610{
9611 newsrv->pp_opts |= SRV_PP_V2;
9612 newsrv->pp_opts |= SRV_PP_V2_SSL;
9613 newsrv->pp_opts |= SRV_PP_V2_SSL_CN;
9614 return 0;
9615}
Emeric Brunf9c5c472012-10-11 15:28:34 +02009616
Willy Tarreau732eac42015-07-09 11:40:25 +02009617/* parse the "sni" server keyword */
9618static int srv_parse_sni(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9619{
9620#ifndef SSL_CTRL_SET_TLSEXT_HOSTNAME
9621 memprintf(err, "'%s' : the current SSL library doesn't support the SNI TLS extension", args[*cur_arg]);
9622 return ERR_ALERT | ERR_FATAL;
9623#else
Frédéric Lécaille9a146de2017-03-20 14:54:41 +01009624 char *arg;
Willy Tarreau732eac42015-07-09 11:40:25 +02009625
Frédéric Lécaille9a146de2017-03-20 14:54:41 +01009626 arg = args[*cur_arg + 1];
9627 if (!*arg) {
Willy Tarreau732eac42015-07-09 11:40:25 +02009628 memprintf(err, "'%s' : missing sni expression", args[*cur_arg]);
9629 return ERR_ALERT | ERR_FATAL;
9630 }
9631
Frédéric Lécaille9a146de2017-03-20 14:54:41 +01009632 free(newsrv->sni_expr);
9633 newsrv->sni_expr = strdup(arg);
Willy Tarreau732eac42015-07-09 11:40:25 +02009634
Willy Tarreau732eac42015-07-09 11:40:25 +02009635 return 0;
9636#endif
9637}
9638
Willy Tarreau92faadf2012-10-10 23:04:25 +02009639/* parse the "ssl" server keyword */
9640static int srv_parse_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9641{
9642 newsrv->use_ssl = 1;
Willy Tarreauef934602016-12-22 23:12:01 +01009643 if (global_ssl.connect_default_ciphers && !newsrv->ssl_ctx.ciphers)
9644 newsrv->ssl_ctx.ciphers = strdup(global_ssl.connect_default_ciphers);
Emmanuel Hocdet839af572019-05-14 16:27:35 +02009645#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009646 if (global_ssl.connect_default_ciphersuites && !newsrv->ssl_ctx.ciphersuites)
9647 newsrv->ssl_ctx.ciphersuites = strdup(global_ssl.connect_default_ciphersuites);
9648#endif
Willy Tarreau92faadf2012-10-10 23:04:25 +02009649 return 0;
9650}
9651
Frédéric Lécaille2cfcdbe2017-03-13 11:32:20 +01009652/* parse the "ssl-reuse" server keyword */
9653static int srv_parse_ssl_reuse(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9654{
9655 newsrv->ssl_ctx.options &= ~SRV_SSL_O_NO_REUSE;
9656 return 0;
9657}
9658
Frédéric Lécaille2cfcdbe2017-03-13 11:32:20 +01009659/* parse the "tls-tickets" server keyword */
9660static int srv_parse_tls_tickets(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9661{
9662 newsrv->ssl_ctx.options &= ~SRV_SSL_O_NO_TLS_TICKETS;
9663 return 0;
9664}
9665
Emeric Brunef42d922012-10-11 16:11:36 +02009666/* parse the "verify" server keyword */
9667static int srv_parse_verify(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9668{
9669 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009670 memprintf(err, "'%s' : missing verify method", args[*cur_arg]);
Emeric Brunef42d922012-10-11 16:11:36 +02009671 return ERR_ALERT | ERR_FATAL;
9672 }
9673
9674 if (strcmp(args[*cur_arg + 1], "none") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01009675 newsrv->ssl_ctx.verify = SSL_SOCK_VERIFY_NONE;
Emeric Brunef42d922012-10-11 16:11:36 +02009676 else if (strcmp(args[*cur_arg + 1], "required") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01009677 newsrv->ssl_ctx.verify = SSL_SOCK_VERIFY_REQUIRED;
Emeric Brunef42d922012-10-11 16:11:36 +02009678 else {
Tim Duesterhus93128532019-11-23 23:45:10 +01009679 memprintf(err, "'%s' : unknown verify method '%s', only 'none' and 'required' are supported\n",
9680 args[*cur_arg], args[*cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +02009681 return ERR_ALERT | ERR_FATAL;
9682 }
9683
Evan Broderbe554312013-06-27 00:05:25 -07009684 return 0;
9685}
9686
9687/* parse the "verifyhost" server keyword */
9688static int srv_parse_verifyhost(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9689{
9690 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009691 memprintf(err, "'%s' : missing hostname to verify against", args[*cur_arg]);
Evan Broderbe554312013-06-27 00:05:25 -07009692 return ERR_ALERT | ERR_FATAL;
9693 }
9694
Frédéric Lécaille273f3212017-03-13 15:52:01 +01009695 free(newsrv->ssl_ctx.verify_host);
Evan Broderbe554312013-06-27 00:05:25 -07009696 newsrv->ssl_ctx.verify_host = strdup(args[*cur_arg + 1]);
9697
Emeric Brunef42d922012-10-11 16:11:36 +02009698 return 0;
9699}
9700
Emeric Brun2c86cbf2014-10-30 15:56:50 +01009701/* parse the "ssl-default-bind-options" keyword in global section */
9702static int ssl_parse_default_bind_options(char **args, int section_type, struct proxy *curpx,
9703 struct proxy *defpx, const char *file, int line,
9704 char **err) {
9705 int i = 1;
9706
9707 if (*(args[i]) == 0) {
9708 memprintf(err, "global statement '%s' expects an option as an argument.", args[0]);
9709 return -1;
9710 }
9711 while (*(args[i])) {
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02009712 if (!strcmp(args[i], "no-tls-tickets"))
Willy Tarreauef934602016-12-22 23:12:01 +01009713 global_ssl.listen_default_ssloptions |= BC_SSL_O_NO_TLS_TICKETS;
Lukas Tribus53ae85c2017-05-04 15:45:40 +00009714 else if (!strcmp(args[i], "prefer-client-ciphers"))
9715 global_ssl.listen_default_ssloptions |= BC_SSL_O_PREF_CLIE_CIPH;
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009716 else if (!strcmp(args[i], "ssl-min-ver") || !strcmp(args[i], "ssl-max-ver")) {
9717 if (!parse_tls_method_minmax(args, i, &global_ssl.listen_default_sslmethods, err))
9718 i++;
9719 else {
9720 memprintf(err, "%s on global statement '%s'.", *err, args[0]);
9721 return -1;
9722 }
9723 }
9724 else if (parse_tls_method_options(args[i], &global_ssl.listen_default_sslmethods, err)) {
Emeric Brun2c86cbf2014-10-30 15:56:50 +01009725 memprintf(err, "unknown option '%s' on global statement '%s'.", args[i], args[0]);
9726 return -1;
9727 }
9728 i++;
9729 }
9730 return 0;
9731}
9732
9733/* parse the "ssl-default-server-options" keyword in global section */
9734static int ssl_parse_default_server_options(char **args, int section_type, struct proxy *curpx,
9735 struct proxy *defpx, const char *file, int line,
9736 char **err) {
9737 int i = 1;
9738
9739 if (*(args[i]) == 0) {
9740 memprintf(err, "global statement '%s' expects an option as an argument.", args[0]);
9741 return -1;
9742 }
9743 while (*(args[i])) {
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02009744 if (!strcmp(args[i], "no-tls-tickets"))
Willy Tarreauef934602016-12-22 23:12:01 +01009745 global_ssl.connect_default_ssloptions |= SRV_SSL_O_NO_TLS_TICKETS;
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009746 else if (!strcmp(args[i], "ssl-min-ver") || !strcmp(args[i], "ssl-max-ver")) {
9747 if (!parse_tls_method_minmax(args, i, &global_ssl.connect_default_sslmethods, err))
9748 i++;
9749 else {
9750 memprintf(err, "%s on global statement '%s'.", *err, args[0]);
9751 return -1;
9752 }
9753 }
9754 else if (parse_tls_method_options(args[i], &global_ssl.connect_default_sslmethods, err)) {
Emeric Brun2c86cbf2014-10-30 15:56:50 +01009755 memprintf(err, "unknown option '%s' on global statement '%s'.", args[i], args[0]);
9756 return -1;
9757 }
9758 i++;
9759 }
9760 return 0;
9761}
9762
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +01009763/* parse the "ca-base" / "crt-base" keywords in global section.
9764 * Returns <0 on alert, >0 on warning, 0 on success.
9765 */
9766static int ssl_parse_global_ca_crt_base(char **args, int section_type, struct proxy *curpx,
9767 struct proxy *defpx, const char *file, int line,
9768 char **err)
9769{
9770 char **target;
9771
Willy Tarreauef934602016-12-22 23:12:01 +01009772 target = (args[0][1] == 'a') ? &global_ssl.ca_base : &global_ssl.crt_base;
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +01009773
9774 if (too_many_args(1, args, err, NULL))
9775 return -1;
9776
9777 if (*target) {
9778 memprintf(err, "'%s' already specified.", args[0]);
9779 return -1;
9780 }
9781
9782 if (*(args[1]) == 0) {
9783 memprintf(err, "global statement '%s' expects a directory path as an argument.", args[0]);
9784 return -1;
9785 }
9786 *target = strdup(args[1]);
9787 return 0;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00009788}
9789
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +01009790/* "issuers-chain-path" load chain certificate in global */
9791static int ssl_load_global_issuer_from_BIO(BIO *in, char *fp, char **err)
9792{
9793 X509 *ca;
9794 X509_NAME *name = NULL;
9795 ASN1_OCTET_STRING *skid = NULL;
9796 STACK_OF(X509) *chain = NULL;
9797 struct issuer_chain *issuer;
9798 struct eb64_node *node;
9799 char *path;
9800 u64 key;
9801 int ret = 0;
9802
9803 while ((ca = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
9804 if (chain == NULL) {
9805 chain = sk_X509_new_null();
9806 skid = X509_get_ext_d2i(ca, NID_subject_key_identifier, NULL, NULL);
9807 name = X509_get_subject_name(ca);
9808 }
9809 if (!sk_X509_push(chain, ca)) {
9810 X509_free(ca);
9811 goto end;
9812 }
9813 }
9814 if (!chain) {
9815 memprintf(err, "unable to load issuers-chain %s : pem certificate not found.\n", fp);
9816 goto end;
9817 }
9818 if (!skid) {
9819 memprintf(err, "unable to load issuers-chain %s : SubjectKeyIdentifier not found.\n", fp);
9820 goto end;
9821 }
9822 if (!name) {
9823 memprintf(err, "unable to load issuers-chain %s : SubjectName not found.\n", fp);
9824 goto end;
9825 }
9826 key = XXH64(ASN1_STRING_get0_data(skid), ASN1_STRING_length(skid), 0);
9827 for (node = eb64_lookup(&global_ssl.cert_issuer_tree, key); node; node = eb64_next(node)) {
9828 issuer = container_of(node, typeof(*issuer), node);
9829 if (!X509_NAME_cmp(name, X509_get_subject_name(sk_X509_value(issuer->chain, 0)))) {
9830 memprintf(err, "duplicate issuers-chain %s: %s already in store\n", fp, issuer->path);
9831 goto end;
9832 }
9833 }
9834 issuer = calloc(1, sizeof *issuer);
9835 path = strdup(fp);
9836 if (!issuer || !path) {
9837 free(issuer);
9838 free(path);
9839 goto end;
9840 }
9841 issuer->node.key = key;
9842 issuer->path = path;
9843 issuer->chain = chain;
9844 chain = NULL;
9845 eb64_insert(&global_ssl.cert_issuer_tree, &issuer->node);
9846 ret = 1;
9847 end:
9848 if (skid)
9849 ASN1_OCTET_STRING_free(skid);
9850 if (chain)
9851 sk_X509_pop_free(chain, X509_free);
9852 return ret;
9853}
9854
9855static void ssl_free_global_issuers(void)
9856{
9857 struct eb64_node *node, *back;
9858 struct issuer_chain *issuer;
9859
9860 node = eb64_first(&global_ssl.cert_issuer_tree);
9861 while (node) {
9862 issuer = container_of(node, typeof(*issuer), node);
9863 back = eb64_next(node);
9864 eb64_delete(node);
9865 free(issuer->path);
9866 sk_X509_pop_free(issuer->chain, X509_free);
9867 free(issuer);
9868 node = back;
9869 }
9870}
9871
9872static int ssl_load_global_issuers_from_path(char **args, int section_type, struct proxy *curpx,
9873 struct proxy *defpx, const char *file, int line,
9874 char **err)
9875{
9876 char *path;
9877 struct dirent **de_list;
9878 int i, n;
9879 struct stat buf;
9880 char *end;
9881 char fp[MAXPATHLEN+1];
9882
9883 if (too_many_args(1, args, err, NULL))
9884 return -1;
9885
9886 path = args[1];
9887 if (*path == 0 || stat(path, &buf)) {
9888 memprintf(err, "%sglobal statement '%s' expects a directory path as an argument.\n",
9889 err && *err ? *err : "", args[0]);
9890 return -1;
9891 }
9892 if (S_ISDIR(buf.st_mode) == 0) {
9893 memprintf(err, "%sglobal statement '%s': %s is not a directory.\n",
9894 err && *err ? *err : "", args[0], path);
9895 return -1;
9896 }
9897
9898 /* strip trailing slashes, including first one */
9899 for (end = path + strlen(path) - 1; end >= path && *end == '/'; end--)
9900 *end = 0;
9901 /* path already parsed? */
9902 if (global_ssl.issuers_chain_path && strcmp(global_ssl.issuers_chain_path, path) == 0)
9903 return 0;
9904 /* overwrite old issuers_chain_path */
9905 free(global_ssl.issuers_chain_path);
9906 global_ssl.issuers_chain_path = strdup(path);
9907 ssl_free_global_issuers();
9908
9909 n = scandir(path, &de_list, 0, alphasort);
9910 if (n < 0) {
9911 memprintf(err, "%sglobal statement '%s': unable to scan directory '%s' : %s.\n",
9912 err && *err ? *err : "", args[0], path, strerror(errno));
9913 return -1;
9914 }
9915 for (i = 0; i < n; i++) {
9916 struct dirent *de = de_list[i];
9917 BIO *in = NULL;
9918 char *warn = NULL;
9919
9920 snprintf(fp, sizeof(fp), "%s/%s", path, de->d_name);
9921 free(de);
9922 if (stat(fp, &buf) != 0) {
9923 ha_warning("unable to stat certificate from file '%s' : %s.\n", fp, strerror(errno));
9924 goto next;
9925 }
9926 if (!S_ISREG(buf.st_mode))
9927 goto next;
9928
9929 in = BIO_new(BIO_s_file());
9930 if (in == NULL)
9931 goto next;
9932 if (BIO_read_filename(in, fp) <= 0)
9933 goto next;
9934 ssl_load_global_issuer_from_BIO(in, fp, &warn);
9935 if (warn) {
Tim Duesterhuse8aa5f22020-02-19 11:41:13 +01009936 ha_warning("%s", warn);
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +01009937 free(warn);
9938 warn = NULL;
9939 }
9940 next:
9941 if (in)
9942 BIO_free(in);
9943 }
9944 free(de_list);
9945
9946 return 0;
9947}
9948
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00009949/* parse the "ssl-mode-async" keyword in global section.
9950 * Returns <0 on alert, >0 on warning, 0 on success.
9951 */
9952static int ssl_parse_global_ssl_async(char **args, int section_type, struct proxy *curpx,
9953 struct proxy *defpx, const char *file, int line,
9954 char **err)
9955{
Willy Tarreau5db847a2019-05-09 14:13:35 +02009956#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00009957 global_ssl.async = 1;
Emeric Brunece0c332017-12-06 13:51:49 +01009958 global.ssl_used_async_engines = nb_engines;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00009959 return 0;
9960#else
9961 memprintf(err, "'%s': openssl library does not support async mode", args[0]);
9962 return -1;
9963#endif
9964}
9965
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +02009966#ifndef OPENSSL_NO_ENGINE
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00009967static int ssl_check_async_engine_count(void) {
9968 int err_code = 0;
9969
Emeric Brun3854e012017-05-17 20:42:48 +02009970 if (global_ssl.async && (openssl_engines_initialized > 32)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01009971 ha_alert("ssl-mode-async only supports a maximum of 32 engines.\n");
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00009972 err_code = ERR_ABORT;
9973 }
9974 return err_code;
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +01009975}
9976
Grant Zhang872f9c22017-01-21 01:10:18 +00009977/* parse the "ssl-engine" keyword in global section.
9978 * Returns <0 on alert, >0 on warning, 0 on success.
9979 */
9980static int ssl_parse_global_ssl_engine(char **args, int section_type, struct proxy *curpx,
9981 struct proxy *defpx, const char *file, int line,
9982 char **err)
9983{
9984 char *algo;
9985 int ret = -1;
9986
9987 if (*(args[1]) == 0) {
9988 memprintf(err, "global statement '%s' expects a valid engine name as an argument.", args[0]);
9989 return ret;
9990 }
9991
9992 if (*(args[2]) == 0) {
9993 /* if no list of algorithms is given, it defaults to ALL */
9994 algo = strdup("ALL");
9995 goto add_engine;
9996 }
9997
9998 /* otherwise the expected format is ssl-engine <engine_name> algo <list of algo> */
9999 if (strcmp(args[2], "algo") != 0) {
10000 memprintf(err, "global statement '%s' expects to have algo keyword.", args[0]);
10001 return ret;
10002 }
10003
10004 if (*(args[3]) == 0) {
10005 memprintf(err, "global statement '%s' expects algorithm names as an argument.", args[0]);
10006 return ret;
10007 }
10008 algo = strdup(args[3]);
10009
10010add_engine:
10011 if (ssl_init_single_engine(args[1], algo)==0) {
10012 openssl_engines_initialized++;
10013 ret = 0;
10014 }
10015 free(algo);
10016 return ret;
10017}
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020010018#endif
Grant Zhang872f9c22017-01-21 01:10:18 +000010019
Willy Tarreauf22e9682016-12-21 23:23:19 +010010020/* parse the "ssl-default-bind-ciphers" / "ssl-default-server-ciphers" keywords
10021 * in global section. Returns <0 on alert, >0 on warning, 0 on success.
10022 */
10023static int ssl_parse_global_ciphers(char **args, int section_type, struct proxy *curpx,
10024 struct proxy *defpx, const char *file, int line,
10025 char **err)
10026{
10027 char **target;
10028
Willy Tarreauef934602016-12-22 23:12:01 +010010029 target = (args[0][12] == 'b') ? &global_ssl.listen_default_ciphers : &global_ssl.connect_default_ciphers;
Willy Tarreauf22e9682016-12-21 23:23:19 +010010030
10031 if (too_many_args(1, args, err, NULL))
10032 return -1;
10033
10034 if (*(args[1]) == 0) {
10035 memprintf(err, "global statement '%s' expects a cipher suite as an argument.", args[0]);
10036 return -1;
10037 }
10038
10039 free(*target);
10040 *target = strdup(args[1]);
10041 return 0;
10042}
Dirkjan Bussink415150f2018-09-14 11:14:21 +020010043
Emmanuel Hocdet839af572019-05-14 16:27:35 +020010044#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020010045/* parse the "ssl-default-bind-ciphersuites" / "ssl-default-server-ciphersuites" keywords
10046 * in global section. Returns <0 on alert, >0 on warning, 0 on success.
10047 */
10048static int ssl_parse_global_ciphersuites(char **args, int section_type, struct proxy *curpx,
10049 struct proxy *defpx, const char *file, int line,
10050 char **err)
10051{
10052 char **target;
10053
10054 target = (args[0][12] == 'b') ? &global_ssl.listen_default_ciphersuites : &global_ssl.connect_default_ciphersuites;
10055
10056 if (too_many_args(1, args, err, NULL))
10057 return -1;
10058
10059 if (*(args[1]) == 0) {
10060 memprintf(err, "global statement '%s' expects a cipher suite as an argument.", args[0]);
10061 return -1;
10062 }
10063
10064 free(*target);
10065 *target = strdup(args[1]);
10066 return 0;
10067}
10068#endif
Willy Tarreauf22e9682016-12-21 23:23:19 +010010069
Willy Tarreau9ceda382016-12-21 23:13:03 +010010070/* parse various global tune.ssl settings consisting in positive integers.
10071 * Returns <0 on alert, >0 on warning, 0 on success.
10072 */
10073static int ssl_parse_global_int(char **args, int section_type, struct proxy *curpx,
10074 struct proxy *defpx, const char *file, int line,
10075 char **err)
10076{
10077 int *target;
10078
10079 if (strcmp(args[0], "tune.ssl.cachesize") == 0)
10080 target = &global.tune.sslcachesize;
10081 else if (strcmp(args[0], "tune.ssl.maxrecord") == 0)
Willy Tarreauef934602016-12-22 23:12:01 +010010082 target = (int *)&global_ssl.max_record;
Willy Tarreau9ceda382016-12-21 23:13:03 +010010083 else if (strcmp(args[0], "tune.ssl.ssl-ctx-cache-size") == 0)
Willy Tarreauef934602016-12-22 23:12:01 +010010084 target = &global_ssl.ctx_cache;
Willy Tarreau0bea58d2016-12-21 23:17:25 +010010085 else if (strcmp(args[0], "maxsslconn") == 0)
10086 target = &global.maxsslconn;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010010087 else if (strcmp(args[0], "tune.ssl.capture-cipherlist-size") == 0)
10088 target = &global_ssl.capture_cipherlist;
Willy Tarreau9ceda382016-12-21 23:13:03 +010010089 else {
10090 memprintf(err, "'%s' keyword not unhandled (please report this bug).", args[0]);
10091 return -1;
10092 }
10093
10094 if (too_many_args(1, args, err, NULL))
10095 return -1;
10096
10097 if (*(args[1]) == 0) {
10098 memprintf(err, "'%s' expects an integer argument.", args[0]);
10099 return -1;
10100 }
10101
10102 *target = atoi(args[1]);
10103 if (*target < 0) {
10104 memprintf(err, "'%s' expects a positive numeric value.", args[0]);
10105 return -1;
10106 }
10107 return 0;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010010108}
10109
10110static int ssl_parse_global_capture_cipherlist(char **args, int section_type, struct proxy *curpx,
10111 struct proxy *defpx, const char *file, int line,
10112 char **err)
10113{
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010010114 int ret;
10115
10116 ret = ssl_parse_global_int(args, section_type, curpx, defpx, file, line, err);
10117 if (ret != 0)
10118 return ret;
10119
Willy Tarreaubafbe012017-11-24 17:34:44 +010010120 if (pool_head_ssl_capture) {
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010010121 memprintf(err, "'%s' is already configured.", args[0]);
10122 return -1;
10123 }
10124
Willy Tarreaubafbe012017-11-24 17:34:44 +010010125 pool_head_ssl_capture = create_pool("ssl-capture", sizeof(struct ssl_capture) + global_ssl.capture_cipherlist, MEM_F_SHARED);
10126 if (!pool_head_ssl_capture) {
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010010127 memprintf(err, "Out of memory error.");
10128 return -1;
10129 }
10130 return 0;
Willy Tarreau9ceda382016-12-21 23:13:03 +010010131}
10132
10133/* parse "ssl.force-private-cache".
10134 * Returns <0 on alert, >0 on warning, 0 on success.
10135 */
10136static int ssl_parse_global_private_cache(char **args, int section_type, struct proxy *curpx,
10137 struct proxy *defpx, const char *file, int line,
10138 char **err)
10139{
10140 if (too_many_args(0, args, err, NULL))
10141 return -1;
10142
Willy Tarreauef934602016-12-22 23:12:01 +010010143 global_ssl.private_cache = 1;
Willy Tarreau9ceda382016-12-21 23:13:03 +010010144 return 0;
10145}
10146
10147/* parse "ssl.lifetime".
10148 * Returns <0 on alert, >0 on warning, 0 on success.
10149 */
10150static int ssl_parse_global_lifetime(char **args, int section_type, struct proxy *curpx,
10151 struct proxy *defpx, const char *file, int line,
10152 char **err)
10153{
10154 const char *res;
10155
10156 if (too_many_args(1, args, err, NULL))
10157 return -1;
10158
10159 if (*(args[1]) == 0) {
10160 memprintf(err, "'%s' expects ssl sessions <lifetime> in seconds as argument.", args[0]);
10161 return -1;
10162 }
10163
Willy Tarreauef934602016-12-22 23:12:01 +010010164 res = parse_time_err(args[1], &global_ssl.life_time, TIME_UNIT_S);
Willy Tarreau9faebe32019-06-07 19:00:37 +020010165 if (res == PARSE_TIME_OVER) {
10166 memprintf(err, "timer overflow in argument '%s' to <%s> (maximum value is 2147483647 s or ~68 years).",
10167 args[1], args[0]);
10168 return -1;
10169 }
10170 else if (res == PARSE_TIME_UNDER) {
10171 memprintf(err, "timer underflow in argument '%s' to <%s> (minimum non-null value is 1 s).",
10172 args[1], args[0]);
10173 return -1;
10174 }
10175 else if (res) {
Willy Tarreau9ceda382016-12-21 23:13:03 +010010176 memprintf(err, "unexpected character '%c' in argument to <%s>.", *res, args[0]);
10177 return -1;
10178 }
10179 return 0;
10180}
10181
10182#ifndef OPENSSL_NO_DH
Willy Tarreau14e36a12016-12-21 23:28:13 +010010183/* parse "ssl-dh-param-file".
10184 * Returns <0 on alert, >0 on warning, 0 on success.
10185 */
10186static int ssl_parse_global_dh_param_file(char **args, int section_type, struct proxy *curpx,
10187 struct proxy *defpx, const char *file, int line,
10188 char **err)
10189{
10190 if (too_many_args(1, args, err, NULL))
10191 return -1;
10192
10193 if (*(args[1]) == 0) {
10194 memprintf(err, "'%s' expects a file path as an argument.", args[0]);
10195 return -1;
10196 }
10197
10198 if (ssl_sock_load_global_dh_param_from_file(args[1])) {
10199 memprintf(err, "'%s': unable to load DH parameters from file <%s>.", args[0], args[1]);
10200 return -1;
10201 }
10202 return 0;
10203}
10204
Willy Tarreau9ceda382016-12-21 23:13:03 +010010205/* parse "ssl.default-dh-param".
10206 * Returns <0 on alert, >0 on warning, 0 on success.
10207 */
10208static int ssl_parse_global_default_dh(char **args, int section_type, struct proxy *curpx,
10209 struct proxy *defpx, const char *file, int line,
10210 char **err)
10211{
10212 if (too_many_args(1, args, err, NULL))
10213 return -1;
10214
10215 if (*(args[1]) == 0) {
10216 memprintf(err, "'%s' expects an integer argument.", args[0]);
10217 return -1;
10218 }
10219
Willy Tarreauef934602016-12-22 23:12:01 +010010220 global_ssl.default_dh_param = atoi(args[1]);
10221 if (global_ssl.default_dh_param < 1024) {
Willy Tarreau9ceda382016-12-21 23:13:03 +010010222 memprintf(err, "'%s' expects a value >= 1024.", args[0]);
10223 return -1;
10224 }
10225 return 0;
10226}
10227#endif
10228
William Lallemand3af48e72020-02-03 17:15:52 +010010229
10230/*
10231 * parse "ssl-load-extra-files".
10232 * multiple arguments are allowed: "bundle", "sctl", "ocsp", "issuer", "all", "none"
10233 */
10234static int ssl_parse_global_extra_files(char **args, int section_type, struct proxy *curpx,
10235 struct proxy *defpx, const char *file, int line,
10236 char **err)
10237{
10238 int i;
10239 int gf = SSL_GF_NONE;
10240
10241 if (*(args[1]) == 0)
10242 goto err_arg;
10243
10244 for (i = 1; *args[i]; i++) {
10245
10246 if (!strcmp("bundle", args[i])) {
10247 gf |= SSL_GF_BUNDLE;
10248
10249 } else if (!strcmp("sctl", args[i])) {
10250 gf |= SSL_GF_SCTL;
10251
10252 } else if (!strcmp("ocsp", args[i])){
10253 gf |= SSL_GF_OCSP;
10254
10255 } else if (!strcmp("issuer", args[i])){
10256 gf |= SSL_GF_OCSP_ISSUER;
10257
William Lallemand4c5adbf2020-02-24 14:23:22 +010010258 } else if (!strcmp("key", args[i])) {
10259 gf |= SSL_GF_KEY;
10260
William Lallemand3af48e72020-02-03 17:15:52 +010010261 } else if (!strcmp("none", args[i])) {
10262 if (gf != SSL_GF_NONE)
10263 goto err_alone;
10264 gf = SSL_GF_NONE;
10265 i++;
10266 break;
10267
10268 } else if (!strcmp("all", args[i])) {
10269 if (gf != SSL_GF_NONE)
10270 goto err_alone;
10271 gf = SSL_GF_ALL;
10272 i++;
10273 break;
10274 } else {
10275 goto err_arg;
10276 }
10277 }
10278 /* break from loop but there are still arguments */
10279 if (*args[i])
10280 goto err_alone;
10281
10282 global_ssl.extra_files = gf;
10283
10284 return 0;
10285
10286err_alone:
10287 memprintf(err, "'%s' 'none' and 'all' can be only used alone", args[0]);
10288 return -1;
10289
10290err_arg:
10291 memprintf(err, "'%s' expects one or multiple arguments (none, all, bundle, sctl, ocsp, issuer).", args[0]);
10292 return -1;
10293}
10294
Willy Tarreau9ceda382016-12-21 23:13:03 +010010295
William Lallemand32af2032016-10-29 18:09:35 +020010296/* This function is used with TLS ticket keys management. It permits to browse
10297 * each reference. The variable <getnext> must contain the current node,
10298 * <end> point to the root node.
10299 */
10300#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
10301static inline
10302struct tls_keys_ref *tlskeys_list_get_next(struct tls_keys_ref *getnext, struct list *end)
10303{
10304 struct tls_keys_ref *ref = getnext;
10305
10306 while (1) {
10307
10308 /* Get next list entry. */
10309 ref = LIST_NEXT(&ref->list, struct tls_keys_ref *, list);
10310
10311 /* If the entry is the last of the list, return NULL. */
10312 if (&ref->list == end)
10313 return NULL;
10314
10315 return ref;
10316 }
10317}
10318
10319static inline
10320struct tls_keys_ref *tlskeys_ref_lookup_ref(const char *reference)
10321{
10322 int id;
10323 char *error;
10324
10325 /* If the reference starts by a '#', this is numeric id. */
10326 if (reference[0] == '#') {
10327 /* Try to convert the numeric id. If the conversion fails, the lookup fails. */
10328 id = strtol(reference + 1, &error, 10);
10329 if (*error != '\0')
10330 return NULL;
10331
10332 /* Perform the unique id lookup. */
10333 return tlskeys_ref_lookupid(id);
10334 }
10335
10336 /* Perform the string lookup. */
10337 return tlskeys_ref_lookup(reference);
10338}
10339#endif
10340
10341
10342#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
10343
10344static int cli_io_handler_tlskeys_files(struct appctx *appctx);
10345
10346static inline int cli_io_handler_tlskeys_entries(struct appctx *appctx) {
10347 return cli_io_handler_tlskeys_files(appctx);
10348}
10349
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010350/* dumps all tls keys. Relies on cli.i0 (non-null = only list file names), cli.i1
10351 * (next index to be dumped), and cli.p0 (next key reference).
10352 */
William Lallemand32af2032016-10-29 18:09:35 +020010353static int cli_io_handler_tlskeys_files(struct appctx *appctx) {
10354
10355 struct stream_interface *si = appctx->owner;
10356
10357 switch (appctx->st2) {
10358 case STAT_ST_INIT:
10359 /* Display the column headers. If the message cannot be sent,
Joseph Herlant017b3da2018-11-15 09:07:59 -080010360 * quit the function with returning 0. The function is called
William Lallemand32af2032016-10-29 18:09:35 +020010361 * later and restart at the state "STAT_ST_INIT".
10362 */
10363 chunk_reset(&trash);
10364
10365 if (appctx->io_handler == cli_io_handler_tlskeys_entries)
10366 chunk_appendf(&trash, "# id secret\n");
10367 else
10368 chunk_appendf(&trash, "# id (file)\n");
10369
Willy Tarreau06d80a92017-10-19 14:32:15 +020010370 if (ci_putchk(si_ic(si), &trash) == -1) {
Willy Tarreaudb398432018-11-15 11:08:52 +010010371 si_rx_room_blk(si);
William Lallemand32af2032016-10-29 18:09:35 +020010372 return 0;
10373 }
10374
William Lallemand32af2032016-10-29 18:09:35 +020010375 /* Now, we start the browsing of the references lists.
10376 * Note that the following call to LIST_ELEM return bad pointer. The only
10377 * available field of this pointer is <list>. It is used with the function
10378 * tlskeys_list_get_next() for retruning the first available entry
10379 */
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010380 if (appctx->ctx.cli.p0 == NULL) {
10381 appctx->ctx.cli.p0 = LIST_ELEM(&tlskeys_reference, struct tls_keys_ref *, list);
10382 appctx->ctx.cli.p0 = tlskeys_list_get_next(appctx->ctx.cli.p0, &tlskeys_reference);
William Lallemand32af2032016-10-29 18:09:35 +020010383 }
10384
10385 appctx->st2 = STAT_ST_LIST;
10386 /* fall through */
10387
10388 case STAT_ST_LIST:
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010389 while (appctx->ctx.cli.p0) {
10390 struct tls_keys_ref *ref = appctx->ctx.cli.p0;
William Lallemand32af2032016-10-29 18:09:35 +020010391
10392 chunk_reset(&trash);
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010393 if (appctx->io_handler == cli_io_handler_tlskeys_entries && appctx->ctx.cli.i1 == 0)
William Lallemand32af2032016-10-29 18:09:35 +020010394 chunk_appendf(&trash, "# ");
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010395
10396 if (appctx->ctx.cli.i1 == 0)
10397 chunk_appendf(&trash, "%d (%s)\n", ref->unique_id, ref->filename);
10398
William Lallemand32af2032016-10-29 18:09:35 +020010399 if (appctx->io_handler == cli_io_handler_tlskeys_entries) {
Christopher Faulet16f45c82018-02-16 11:23:49 +010010400 int head;
10401
10402 HA_RWLOCK_RDLOCK(TLSKEYS_REF_LOCK, &ref->lock);
10403 head = ref->tls_ticket_enc_index;
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010404 while (appctx->ctx.cli.i1 < TLS_TICKETS_NO) {
Willy Tarreau83061a82018-07-13 11:56:34 +020010405 struct buffer *t2 = get_trash_chunk();
William Lallemand32af2032016-10-29 18:09:35 +020010406
10407 chunk_reset(t2);
10408 /* should never fail here because we dump only a key in the t2 buffer */
Emeric Brun9e754772019-01-10 17:51:55 +010010409 if (ref->key_size_bits == 128) {
10410 t2->data = a2base64((char *)(ref->tlskeys + (head + 2 + appctx->ctx.cli.i1) % TLS_TICKETS_NO),
10411 sizeof(struct tls_sess_key_128),
10412 t2->area, t2->size);
10413 chunk_appendf(&trash, "%d.%d %s\n", ref->unique_id, appctx->ctx.cli.i1,
10414 t2->area);
10415 }
10416 else if (ref->key_size_bits == 256) {
10417 t2->data = a2base64((char *)(ref->tlskeys + (head + 2 + appctx->ctx.cli.i1) % TLS_TICKETS_NO),
10418 sizeof(struct tls_sess_key_256),
10419 t2->area, t2->size);
10420 chunk_appendf(&trash, "%d.%d %s\n", ref->unique_id, appctx->ctx.cli.i1,
10421 t2->area);
10422 }
10423 else {
10424 /* This case should never happen */
10425 chunk_appendf(&trash, "%d.%d <unknown>\n", ref->unique_id, appctx->ctx.cli.i1);
10426 }
William Lallemand32af2032016-10-29 18:09:35 +020010427
Willy Tarreau06d80a92017-10-19 14:32:15 +020010428 if (ci_putchk(si_ic(si), &trash) == -1) {
William Lallemand32af2032016-10-29 18:09:35 +020010429 /* let's try again later from this stream. We add ourselves into
10430 * this stream's users so that it can remove us upon termination.
10431 */
Christopher Faulet16f45c82018-02-16 11:23:49 +010010432 HA_RWLOCK_RDUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Willy Tarreaudb398432018-11-15 11:08:52 +010010433 si_rx_room_blk(si);
William Lallemand32af2032016-10-29 18:09:35 +020010434 return 0;
10435 }
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010436 appctx->ctx.cli.i1++;
William Lallemand32af2032016-10-29 18:09:35 +020010437 }
Christopher Faulet16f45c82018-02-16 11:23:49 +010010438 HA_RWLOCK_RDUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010439 appctx->ctx.cli.i1 = 0;
William Lallemand32af2032016-10-29 18:09:35 +020010440 }
Willy Tarreau06d80a92017-10-19 14:32:15 +020010441 if (ci_putchk(si_ic(si), &trash) == -1) {
William Lallemand32af2032016-10-29 18:09:35 +020010442 /* let's try again later from this stream. We add ourselves into
10443 * this stream's users so that it can remove us upon termination.
10444 */
Willy Tarreaudb398432018-11-15 11:08:52 +010010445 si_rx_room_blk(si);
William Lallemand32af2032016-10-29 18:09:35 +020010446 return 0;
10447 }
10448
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010449 if (appctx->ctx.cli.i0 == 0) /* don't display everything if not necessary */
William Lallemand32af2032016-10-29 18:09:35 +020010450 break;
10451
10452 /* get next list entry and check the end of the list */
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010453 appctx->ctx.cli.p0 = tlskeys_list_get_next(appctx->ctx.cli.p0, &tlskeys_reference);
William Lallemand32af2032016-10-29 18:09:35 +020010454 }
10455
10456 appctx->st2 = STAT_ST_FIN;
10457 /* fall through */
10458
10459 default:
10460 appctx->st2 = STAT_ST_FIN;
10461 return 1;
10462 }
10463 return 0;
10464}
10465
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010466/* sets cli.i0 to non-zero if only file lists should be dumped */
Aurélien Nephtaliabbf6072018-04-18 13:26:46 +020010467static int cli_parse_show_tlskeys(char **args, char *payload, struct appctx *appctx, void *private)
William Lallemand32af2032016-10-29 18:09:35 +020010468{
William Lallemand32af2032016-10-29 18:09:35 +020010469 /* no parameter, shows only file list */
10470 if (!*args[2]) {
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010471 appctx->ctx.cli.i0 = 1;
William Lallemand32af2032016-10-29 18:09:35 +020010472 appctx->io_handler = cli_io_handler_tlskeys_files;
Willy Tarreau3067bfa2016-12-05 14:50:15 +010010473 return 0;
William Lallemand32af2032016-10-29 18:09:35 +020010474 }
10475
10476 if (args[2][0] == '*') {
10477 /* list every TLS ticket keys */
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010478 appctx->ctx.cli.i0 = 1;
William Lallemand32af2032016-10-29 18:09:35 +020010479 } else {
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010480 appctx->ctx.cli.p0 = tlskeys_ref_lookup_ref(args[2]);
Willy Tarreau9d008692019-08-09 11:21:01 +020010481 if (!appctx->ctx.cli.p0)
10482 return cli_err(appctx, "'show tls-keys' unable to locate referenced filename\n");
William Lallemand32af2032016-10-29 18:09:35 +020010483 }
William Lallemand32af2032016-10-29 18:09:35 +020010484 appctx->io_handler = cli_io_handler_tlskeys_entries;
Willy Tarreau3067bfa2016-12-05 14:50:15 +010010485 return 0;
William Lallemand32af2032016-10-29 18:09:35 +020010486}
10487
Aurélien Nephtaliabbf6072018-04-18 13:26:46 +020010488static int cli_parse_set_tlskeys(char **args, char *payload, struct appctx *appctx, void *private)
William Lallemand32af2032016-10-29 18:09:35 +020010489{
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010490 struct tls_keys_ref *ref;
Willy Tarreau1c913e42018-08-22 05:26:57 +020010491 int ret;
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010492
William Lallemand32af2032016-10-29 18:09:35 +020010493 /* Expect two parameters: the filename and the new new TLS key in encoding */
Willy Tarreau9d008692019-08-09 11:21:01 +020010494 if (!*args[3] || !*args[4])
10495 return cli_err(appctx, "'set ssl tls-key' expects a filename and the new TLS key in base64 encoding.\n");
William Lallemand32af2032016-10-29 18:09:35 +020010496
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010497 ref = tlskeys_ref_lookup_ref(args[3]);
Willy Tarreau9d008692019-08-09 11:21:01 +020010498 if (!ref)
10499 return cli_err(appctx, "'set ssl tls-key' unable to locate referenced filename\n");
William Lallemand32af2032016-10-29 18:09:35 +020010500
Willy Tarreau1c913e42018-08-22 05:26:57 +020010501 ret = base64dec(args[4], strlen(args[4]), trash.area, trash.size);
Willy Tarreau9d008692019-08-09 11:21:01 +020010502 if (ret < 0)
10503 return cli_err(appctx, "'set ssl tls-key' received invalid base64 encoded TLS key.\n");
Emeric Brun9e754772019-01-10 17:51:55 +010010504
Willy Tarreau1c913e42018-08-22 05:26:57 +020010505 trash.data = ret;
Willy Tarreau9d008692019-08-09 11:21:01 +020010506 if (ssl_sock_update_tlskey_ref(ref, &trash) < 0)
10507 return cli_err(appctx, "'set ssl tls-key' received a key of wrong size.\n");
William Lallemand32af2032016-10-29 18:09:35 +020010508
Willy Tarreau9d008692019-08-09 11:21:01 +020010509 return cli_msg(appctx, LOG_INFO, "TLS ticket key updated!\n");
William Lallemand32af2032016-10-29 18:09:35 +020010510}
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +010010511#endif
William Lallemand32af2032016-10-29 18:09:35 +020010512
William Lallemand44b35322019-10-17 16:28:40 +020010513
10514/* Type of SSL payloads that can be updated over the CLI */
10515
10516enum {
10517 CERT_TYPE_PEM = 0,
William Lallemand4c5adbf2020-02-24 14:23:22 +010010518 CERT_TYPE_KEY,
Emmanuel Hocdetf6ac4fa2019-10-30 17:41:27 +010010519#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
William Lallemand44b35322019-10-17 16:28:40 +020010520 CERT_TYPE_OCSP,
Emmanuel Hocdetf6ac4fa2019-10-30 17:41:27 +010010521#endif
William Lallemand44b35322019-10-17 16:28:40 +020010522 CERT_TYPE_ISSUER,
Emmanuel Hocdetf6ac4fa2019-10-30 17:41:27 +010010523#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
William Lallemand44b35322019-10-17 16:28:40 +020010524 CERT_TYPE_SCTL,
Emmanuel Hocdetf6ac4fa2019-10-30 17:41:27 +010010525#endif
William Lallemand44b35322019-10-17 16:28:40 +020010526 CERT_TYPE_MAX,
10527};
10528
10529struct {
10530 const char *ext;
10531 int type;
10532 int (*load)(const char *path, char *payload, struct cert_key_and_chain *ckch, char **err);
10533 /* add a parsing callback */
William Lallemandf29cdef2019-10-23 15:00:52 +020010534} cert_exts[CERT_TYPE_MAX+1] = {
William Lallemand44b35322019-10-17 16:28:40 +020010535 [CERT_TYPE_PEM] = { "", CERT_TYPE_PEM, &ssl_sock_load_pem_into_ckch }, /* default mode, no extensions */
William Lallemand4c5adbf2020-02-24 14:23:22 +010010536 [CERT_TYPE_KEY] = { "key", CERT_TYPE_KEY, &ssl_sock_load_key_into_ckch },
William Lallemand541a5342019-10-23 14:11:54 +020010537#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
William Lallemand44b35322019-10-17 16:28:40 +020010538 [CERT_TYPE_OCSP] = { "ocsp", CERT_TYPE_OCSP, &ssl_sock_load_ocsp_response_from_file },
William Lallemand541a5342019-10-23 14:11:54 +020010539#endif
10540#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
William Lallemand44b35322019-10-17 16:28:40 +020010541 [CERT_TYPE_SCTL] = { "sctl", CERT_TYPE_SCTL, &ssl_sock_load_sctl_from_file },
William Lallemand541a5342019-10-23 14:11:54 +020010542#endif
William Lallemand44b35322019-10-17 16:28:40 +020010543 [CERT_TYPE_ISSUER] = { "issuer", CERT_TYPE_ISSUER, &ssl_sock_load_issuer_file_into_ckch },
William Lallemandf29cdef2019-10-23 15:00:52 +020010544 [CERT_TYPE_MAX] = { NULL, CERT_TYPE_MAX, NULL },
William Lallemand44b35322019-10-17 16:28:40 +020010545};
10546
William Lallemand430413e2019-10-28 14:30:47 +010010547/* states of the CLI IO handler for 'set ssl cert' */
10548enum {
10549 SETCERT_ST_INIT = 0,
10550 SETCERT_ST_GEN,
10551 SETCERT_ST_INSERT,
10552 SETCERT_ST_FIN,
10553};
William Lallemand8f840d72019-10-23 10:53:05 +020010554
William Lallemandd4f946c2019-12-05 10:26:40 +010010555/* release function of the `show ssl cert' command */
10556static void cli_release_show_cert(struct appctx *appctx)
10557{
10558 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
10559}
10560
10561/* IO handler of "show ssl cert <filename>" */
10562static int cli_io_handler_show_cert(struct appctx *appctx)
10563{
10564 struct buffer *trash = alloc_trash_chunk();
10565 struct ebmb_node *node;
10566 struct stream_interface *si = appctx->owner;
10567 struct ckch_store *ckchs;
William Lallemandd4f946c2019-12-05 10:26:40 +010010568
10569 if (trash == NULL)
10570 return 1;
10571
10572 if (!appctx->ctx.ssl.old_ckchs) {
10573 if (ckchs_transaction.old_ckchs) {
10574 ckchs = ckchs_transaction.old_ckchs;
10575 chunk_appendf(trash, "# transaction\n");
10576 if (!ckchs->multi) {
10577 chunk_appendf(trash, "*%s\n", ckchs->path);
William Lallemandba22e902019-12-18 20:36:01 +010010578#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
William Lallemandd4f946c2019-12-05 10:26:40 +010010579 } else {
William Lallemanda25a19f2020-01-29 00:04:24 +010010580 int n;
10581
William Lallemandd4f946c2019-12-05 10:26:40 +010010582 chunk_appendf(trash, "*%s:", ckchs->path);
10583 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
10584 if (ckchs->ckch[n].cert)
10585 chunk_appendf(trash, " %s.%s\n", ckchs->path, SSL_SOCK_KEYTYPE_NAMES[n]);
10586 }
10587 chunk_appendf(trash, "\n");
William Lallemandba22e902019-12-18 20:36:01 +010010588#endif
William Lallemandd4f946c2019-12-05 10:26:40 +010010589 }
10590 }
10591 }
10592
10593 if (!appctx->ctx.cli.p0) {
10594 chunk_appendf(trash, "# filename\n");
10595 node = ebmb_first(&ckchs_tree);
10596 } else {
10597 node = &((struct ckch_store *)appctx->ctx.cli.p0)->node;
10598 }
10599 while (node) {
10600 ckchs = ebmb_entry(node, struct ckch_store, node);
10601 if (!ckchs->multi) {
10602 chunk_appendf(trash, "%s\n", ckchs->path);
William Lallemandba22e902019-12-18 20:36:01 +010010603#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
William Lallemandd4f946c2019-12-05 10:26:40 +010010604 } else {
William Lallemanda25a19f2020-01-29 00:04:24 +010010605 int n;
10606
William Lallemandd4f946c2019-12-05 10:26:40 +010010607 chunk_appendf(trash, "%s:", ckchs->path);
10608 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
10609 if (ckchs->ckch[n].cert)
10610 chunk_appendf(trash, " %s.%s", ckchs->path, SSL_SOCK_KEYTYPE_NAMES[n]);
10611 }
10612 chunk_appendf(trash, "\n");
William Lallemandba22e902019-12-18 20:36:01 +010010613#endif
William Lallemandd4f946c2019-12-05 10:26:40 +010010614 }
10615
10616 node = ebmb_next(node);
10617 if (ci_putchk(si_ic(si), trash) == -1) {
10618 si_rx_room_blk(si);
10619 goto yield;
10620 }
10621 }
10622
10623 appctx->ctx.cli.p0 = NULL;
10624 free_trash_chunk(trash);
10625 return 1;
10626yield:
10627
10628 free_trash_chunk(trash);
10629 appctx->ctx.cli.p0 = ckchs;
10630 return 0; /* should come back */
10631}
10632
10633/* IO handler of the details "show ssl cert <filename>" */
10634static int cli_io_handler_show_cert_detail(struct appctx *appctx)
10635{
10636 struct stream_interface *si = appctx->owner;
10637 struct ckch_store *ckchs = appctx->ctx.cli.p0;
10638 struct buffer *out = alloc_trash_chunk();
10639 struct buffer *tmp = alloc_trash_chunk();
10640 X509_NAME *name = NULL;
Willy Tarreau105599c2020-02-25 08:59:23 +010010641 unsigned int len = 0;
William Lallemandd4f946c2019-12-05 10:26:40 +010010642 int write = -1;
10643 BIO *bio = NULL;
10644
10645 if (!tmp || !out)
10646 goto end;
10647
10648 if (!ckchs->multi) {
10649 chunk_appendf(out, "Filename: ");
10650 if (ckchs == ckchs_transaction.new_ckchs)
10651 chunk_appendf(out, "*");
10652 chunk_appendf(out, "%s\n", ckchs->path);
10653 chunk_appendf(out, "Serial: ");
10654 if (ssl_sock_get_serial(ckchs->ckch->cert, tmp) == -1)
10655 goto end;
10656 dump_binary(out, tmp->area, tmp->data);
10657 chunk_appendf(out, "\n");
10658
10659 chunk_appendf(out, "notBefore: ");
10660 chunk_reset(tmp);
10661 if ((bio = BIO_new(BIO_s_mem())) == NULL)
10662 goto end;
10663 if (ASN1_TIME_print(bio, X509_getm_notBefore(ckchs->ckch->cert)) == 0)
10664 goto end;
10665 write = BIO_read(bio, tmp->area, tmp->size-1);
10666 tmp->area[write] = '\0';
10667 BIO_free(bio);
10668 chunk_appendf(out, "%s\n", tmp->area);
10669
10670 chunk_appendf(out, "notAfter: ");
10671 chunk_reset(tmp);
10672 if ((bio = BIO_new(BIO_s_mem())) == NULL)
10673 goto end;
10674 if (ASN1_TIME_print(bio, X509_getm_notAfter(ckchs->ckch->cert)) == 0)
10675 goto end;
10676 if ((write = BIO_read(bio, tmp->area, tmp->size-1)) <= 0)
10677 goto end;
10678 tmp->area[write] = '\0';
10679 BIO_free(bio);
10680 chunk_appendf(out, "%s\n", tmp->area);
10681
10682
10683 chunk_appendf(out, "Issuer: ");
10684 if ((name = X509_get_issuer_name(ckchs->ckch->cert)) == NULL)
10685 goto end;
10686 if ((ssl_sock_get_dn_oneline(name, tmp)) == -1)
10687 goto end;
10688 *(tmp->area + tmp->data) = '\0';
10689 chunk_appendf(out, "%s\n", tmp->area);
10690
10691 chunk_appendf(out, "Subject: ");
10692 if ((name = X509_get_subject_name(ckchs->ckch->cert)) == NULL)
10693 goto end;
10694 if ((ssl_sock_get_dn_oneline(name, tmp)) == -1)
10695 goto end;
10696 *(tmp->area + tmp->data) = '\0';
10697 chunk_appendf(out, "%s\n", tmp->area);
10698
10699
10700#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
10701 chunk_appendf(out, "Subject Alternative Name: ");
10702 if (ssl_sock_get_san_oneline(ckchs->ckch->cert, out) == -1)
10703 goto end;
10704 *(out->area + out->data) = '\0';
10705 chunk_appendf(out, "\n");
10706#endif
10707 chunk_reset(tmp);
10708 chunk_appendf(out, "Algorithm: ");
10709 if (cert_get_pkey_algo(ckchs->ckch->cert, tmp) == 0)
10710 goto end;
10711 chunk_appendf(out, "%s\n", tmp->area);
10712
10713 chunk_reset(tmp);
10714 chunk_appendf(out, "SHA1 FingerPrint: ");
Willy Tarreau105599c2020-02-25 08:59:23 +010010715 if (X509_digest(ckchs->ckch->cert, EVP_sha1(), (unsigned char *) tmp->area, &len) == 0)
William Lallemandd4f946c2019-12-05 10:26:40 +010010716 goto end;
Willy Tarreau105599c2020-02-25 08:59:23 +010010717
10718 tmp->data = len;
William Lallemandd4f946c2019-12-05 10:26:40 +010010719 dump_binary(out, tmp->area, tmp->data);
10720 chunk_appendf(out, "\n");
10721 }
10722
10723 if (ci_putchk(si_ic(si), out) == -1) {
10724 si_rx_room_blk(si);
10725 goto yield;
10726 }
10727
10728end:
10729 free_trash_chunk(tmp);
10730 free_trash_chunk(out);
10731 return 1;
10732yield:
10733 free_trash_chunk(tmp);
10734 free_trash_chunk(out);
10735 return 0; /* should come back */
10736}
10737
10738/* parsing function for 'show ssl cert [certfile]' */
10739static int cli_parse_show_cert(char **args, char *payload, struct appctx *appctx, void *private)
10740{
10741 struct ckch_store *ckchs;
10742
10743 if (!cli_has_level(appctx, ACCESS_LVL_OPER))
10744 return cli_err(appctx, "Can't allocate memory!\n");
10745
10746 /* The operations on the CKCH architecture are locked so we can
10747 * manipulate ckch_store and ckch_inst */
10748 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
10749 return cli_err(appctx, "Can't show!\nOperations on certificates are currently locked!\n");
10750
10751 /* check if there is a certificate to lookup */
10752 if (*args[3]) {
10753 if (*args[3] == '*') {
10754 if (!ckchs_transaction.new_ckchs)
10755 goto error;
10756
10757 ckchs = ckchs_transaction.new_ckchs;
10758
10759 if (strcmp(args[3] + 1, ckchs->path))
10760 goto error;
10761
10762 } else {
10763 if ((ckchs = ckchs_lookup(args[3])) == NULL)
10764 goto error;
10765
10766 }
10767
10768 if (ckchs->multi)
10769 goto error;
10770
10771 appctx->ctx.cli.p0 = ckchs;
10772 /* use the IO handler that shows details */
10773 appctx->io_handler = cli_io_handler_show_cert_detail;
10774 }
10775
10776 return 0;
10777
10778error:
10779 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
10780 return cli_err(appctx, "Can't display the certificate: Not found or the certificate is a bundle!\n");
10781}
10782
William Lallemand430413e2019-10-28 14:30:47 +010010783/* release function of the `set ssl cert' command, free things and unlock the spinlock */
William Lallemandbc6ca7c2019-10-29 23:48:19 +010010784static void cli_release_commit_cert(struct appctx *appctx)
William Lallemand8f840d72019-10-23 10:53:05 +020010785{
10786 struct ckch_store *new_ckchs;
10787 struct ckch_inst *ckchi, *ckchis;
William Lallemand8f840d72019-10-23 10:53:05 +020010788
William Lallemand430413e2019-10-28 14:30:47 +010010789 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
William Lallemand8f840d72019-10-23 10:53:05 +020010790
William Lallemand430413e2019-10-28 14:30:47 +010010791 if (appctx->st2 != SETCERT_ST_FIN) {
William Lallemand8f840d72019-10-23 10:53:05 +020010792 /* free every new sni_ctx and the new store, which are not in the trees so no spinlock there */
William Lallemandbeea2a42019-10-30 17:45:33 +010010793 new_ckchs = appctx->ctx.ssl.new_ckchs;
William Lallemand8f840d72019-10-23 10:53:05 +020010794
William Lallemandbeea2a42019-10-30 17:45:33 +010010795 if (!new_ckchs)
10796 return;
William Lallemand8f840d72019-10-23 10:53:05 +020010797
William Lallemandbeea2a42019-10-30 17:45:33 +010010798 /* if the allocation failed, we need to free everything from the temporary list */
10799 list_for_each_entry_safe(ckchi, ckchis, &new_ckchs->ckch_inst, by_ckchs) {
10800 struct sni_ctx *sc0, *sc0s;
William Lallemand8f840d72019-10-23 10:53:05 +020010801
William Lallemandbeea2a42019-10-30 17:45:33 +010010802 list_for_each_entry_safe(sc0, sc0s, &ckchi->sni_ctx, by_ckch_inst) {
10803 if (sc0->order == 0) /* we only free if it's the first inserted */
10804 SSL_CTX_free(sc0->ctx);
10805 LIST_DEL(&sc0->by_ckch_inst);
10806 free(sc0);
William Lallemand8f840d72019-10-23 10:53:05 +020010807 }
William Lallemandbeea2a42019-10-30 17:45:33 +010010808 LIST_DEL(&ckchi->by_ckchs);
10809 free(ckchi);
William Lallemand8f840d72019-10-23 10:53:05 +020010810 }
William Lallemandbeea2a42019-10-30 17:45:33 +010010811 ckchs_free(new_ckchs);
William Lallemand8f840d72019-10-23 10:53:05 +020010812 }
10813}
10814
10815
10816/*
10817 * This function tries to create the new ckch_inst and their SNIs
10818 */
William Lallemandbc6ca7c2019-10-29 23:48:19 +010010819static int cli_io_handler_commit_cert(struct appctx *appctx)
William Lallemand8f840d72019-10-23 10:53:05 +020010820{
10821 struct stream_interface *si = appctx->owner;
10822 int y = 0;
10823 char *err = NULL;
10824 int errcode = 0;
10825 struct ckch_store *old_ckchs, *new_ckchs = NULL;
10826 struct ckch_inst *ckchi, *ckchis;
William Lallemand8f840d72019-10-23 10:53:05 +020010827 struct buffer *trash = alloc_trash_chunk();
William Lallemand8ef0c2a2019-11-21 16:30:34 +010010828 struct sni_ctx *sc0, *sc0s;
William Lallemand8f840d72019-10-23 10:53:05 +020010829
William Lallemand33cc76f2019-10-31 11:43:45 +010010830 if (trash == NULL)
10831 goto error;
10832
William Lallemand8f840d72019-10-23 10:53:05 +020010833 if (unlikely(si_ic(si)->flags & (CF_WRITE_ERROR|CF_SHUTW)))
10834 goto error;
10835
William Lallemand430413e2019-10-28 14:30:47 +010010836 while (1) {
10837 switch (appctx->st2) {
10838 case SETCERT_ST_INIT:
10839 /* This state just print the update message */
William Lallemandbc6ca7c2019-10-29 23:48:19 +010010840 chunk_printf(trash, "Committing %s", ckchs_transaction.path);
William Lallemand430413e2019-10-28 14:30:47 +010010841 if (ci_putchk(si_ic(si), trash) == -1) {
10842 si_rx_room_blk(si);
William Lallemand8f840d72019-10-23 10:53:05 +020010843 goto yield;
William Lallemand430413e2019-10-28 14:30:47 +010010844 }
10845 appctx->st2 = SETCERT_ST_GEN;
10846 /* fallthrough */
10847 case SETCERT_ST_GEN:
10848 /*
10849 * This state generates the ckch instances with their
10850 * sni_ctxs and SSL_CTX.
10851 *
William Lallemand430413e2019-10-28 14:30:47 +010010852 * Since the SSL_CTX generation can be CPU consumer, we
10853 * yield every 10 instances.
10854 */
William Lallemand8f840d72019-10-23 10:53:05 +020010855
William Lallemandbeea2a42019-10-30 17:45:33 +010010856 old_ckchs = appctx->ctx.ssl.old_ckchs;
10857 new_ckchs = appctx->ctx.ssl.new_ckchs;
William Lallemand8f840d72019-10-23 10:53:05 +020010858
William Lallemandbeea2a42019-10-30 17:45:33 +010010859 if (!new_ckchs)
10860 continue;
William Lallemand8f840d72019-10-23 10:53:05 +020010861
William Lallemandbeea2a42019-10-30 17:45:33 +010010862 /* get the next ckchi to regenerate */
10863 ckchi = appctx->ctx.ssl.next_ckchi;
10864 /* we didn't start yet, set it to the first elem */
10865 if (ckchi == NULL)
10866 ckchi = LIST_ELEM(old_ckchs->ckch_inst.n, typeof(ckchi), by_ckchs);
William Lallemand8f840d72019-10-23 10:53:05 +020010867
William Lallemandbeea2a42019-10-30 17:45:33 +010010868 /* walk through the old ckch_inst and creates new ckch_inst using the updated ckchs */
10869 list_for_each_entry_from(ckchi, &old_ckchs->ckch_inst, by_ckchs) {
10870 struct ckch_inst *new_inst;
William Lallemand8f840d72019-10-23 10:53:05 +020010871
William Lallemandbeea2a42019-10-30 17:45:33 +010010872 /* it takes a lot of CPU to creates SSL_CTXs, so we yield every 10 CKCH instances */
10873 if (y >= 10) {
10874 /* save the next ckchi to compute */
10875 appctx->ctx.ssl.next_ckchi = ckchi;
10876 goto yield;
10877 }
William Lallemand8f840d72019-10-23 10:53:05 +020010878
William Lallemandbeea2a42019-10-30 17:45:33 +010010879 if (new_ckchs->multi)
10880 errcode |= ckch_inst_new_load_multi_store(new_ckchs->path, new_ckchs, ckchi->bind_conf, ckchi->ssl_conf, NULL, 0, &new_inst, &err);
10881 else
10882 errcode |= ckch_inst_new_load_store(new_ckchs->path, new_ckchs, ckchi->bind_conf, ckchi->ssl_conf, NULL, 0, &new_inst, &err);
William Lallemand8f840d72019-10-23 10:53:05 +020010883
William Lallemandbeea2a42019-10-30 17:45:33 +010010884 if (errcode & ERR_CODE)
10885 goto error;
William Lallemand8f840d72019-10-23 10:53:05 +020010886
William Lallemand21724f02019-11-04 17:56:13 +010010887 /* if the previous ckchi was used as the default */
10888 if (ckchi->is_default)
10889 new_inst->is_default = 1;
10890
William Lallemand8ef0c2a2019-11-21 16:30:34 +010010891 /* we need to initialize the SSL_CTX generated */
William Lallemand696f3172020-02-07 20:45:24 +010010892 /* this iterate on the newly generated SNIs in the new instance to prepare their SSL_CTX */
10893 list_for_each_entry_safe(sc0, sc0s, &new_inst->sni_ctx, by_ckch_inst) {
William Lallemand8ef0c2a2019-11-21 16:30:34 +010010894 if (!sc0->order) { /* we initiliazed only the first SSL_CTX because it's the same in the other sni_ctx's */
10895 errcode |= ssl_sock_prepare_ctx(ckchi->bind_conf, ckchi->ssl_conf, sc0->ctx, &err);
10896 if (errcode & ERR_CODE)
10897 goto error;
10898 }
10899 }
10900
10901
William Lallemandbeea2a42019-10-30 17:45:33 +010010902 /* display one dot per new instance */
10903 chunk_appendf(trash, ".");
10904 /* link the new ckch_inst to the duplicate */
10905 LIST_ADDQ(&new_ckchs->ckch_inst, &new_inst->by_ckchs);
10906 y++;
10907 }
William Lallemand430413e2019-10-28 14:30:47 +010010908 appctx->st2 = SETCERT_ST_INSERT;
10909 /* fallthrough */
10910 case SETCERT_ST_INSERT:
10911 /* The generation is finished, we can insert everything */
William Lallemand8f840d72019-10-23 10:53:05 +020010912
William Lallemandbeea2a42019-10-30 17:45:33 +010010913 old_ckchs = appctx->ctx.ssl.old_ckchs;
10914 new_ckchs = appctx->ctx.ssl.new_ckchs;
William Lallemand8f840d72019-10-23 10:53:05 +020010915
William Lallemandbeea2a42019-10-30 17:45:33 +010010916 if (!new_ckchs)
10917 continue;
William Lallemand430413e2019-10-28 14:30:47 +010010918
William Lallemand21724f02019-11-04 17:56:13 +010010919 /* First, we insert every new SNIs in the trees, also replace the default_ctx */
William Lallemandbeea2a42019-10-30 17:45:33 +010010920 list_for_each_entry_safe(ckchi, ckchis, &new_ckchs->ckch_inst, by_ckchs) {
10921 HA_RWLOCK_WRLOCK(SNI_LOCK, &ckchi->bind_conf->sni_lock);
10922 ssl_sock_load_cert_sni(ckchi, ckchi->bind_conf);
10923 HA_RWLOCK_WRUNLOCK(SNI_LOCK, &ckchi->bind_conf->sni_lock);
10924 }
William Lallemand8f840d72019-10-23 10:53:05 +020010925
William Lallemandbeea2a42019-10-30 17:45:33 +010010926 /* delete the old sni_ctx, the old ckch_insts and the ckch_store */
10927 list_for_each_entry_safe(ckchi, ckchis, &old_ckchs->ckch_inst, by_ckchs) {
William Lallemand430413e2019-10-28 14:30:47 +010010928
William Lallemandbeea2a42019-10-30 17:45:33 +010010929 HA_RWLOCK_WRLOCK(SNI_LOCK, &ckchi->bind_conf->sni_lock);
10930 list_for_each_entry_safe(sc0, sc0s, &ckchi->sni_ctx, by_ckch_inst) {
10931 ebmb_delete(&sc0->name);
10932 LIST_DEL(&sc0->by_ckch_inst);
10933 free(sc0);
William Lallemand430413e2019-10-28 14:30:47 +010010934 }
William Lallemandbeea2a42019-10-30 17:45:33 +010010935 HA_RWLOCK_WRUNLOCK(SNI_LOCK, &ckchi->bind_conf->sni_lock);
10936 LIST_DEL(&ckchi->by_ckchs);
10937 free(ckchi);
10938 }
William Lallemand8f840d72019-10-23 10:53:05 +020010939
William Lallemandbeea2a42019-10-30 17:45:33 +010010940 /* Replace the old ckchs by the new one */
10941 ebmb_delete(&old_ckchs->node);
10942 ckchs_free(old_ckchs);
10943 ebst_insert(&ckchs_tree, &new_ckchs->node);
William Lallemand430413e2019-10-28 14:30:47 +010010944 appctx->st2 = SETCERT_ST_FIN;
10945 /* fallthrough */
10946 case SETCERT_ST_FIN:
William Lallemandbc6ca7c2019-10-29 23:48:19 +010010947 /* we achieved the transaction, we can set everything to NULL */
10948 free(ckchs_transaction.path);
10949 ckchs_transaction.path = NULL;
10950 ckchs_transaction.new_ckchs = NULL;
10951 ckchs_transaction.old_ckchs = NULL;
William Lallemand430413e2019-10-28 14:30:47 +010010952 goto end;
10953 }
William Lallemand8f840d72019-10-23 10:53:05 +020010954 }
William Lallemand430413e2019-10-28 14:30:47 +010010955end:
William Lallemand8f840d72019-10-23 10:53:05 +020010956
William Lallemanded442432019-11-21 16:41:07 +010010957 chunk_appendf(trash, "\n");
10958 if (errcode & ERR_WARN)
Tim Duesterhusc0e820c2019-11-23 23:52:30 +010010959 chunk_appendf(trash, "%s", err);
William Lallemanded442432019-11-21 16:41:07 +010010960 chunk_appendf(trash, "Success!\n");
William Lallemand430413e2019-10-28 14:30:47 +010010961 if (ci_putchk(si_ic(si), trash) == -1)
10962 si_rx_room_blk(si);
10963 free_trash_chunk(trash);
10964 /* success: call the release function and don't come back */
10965 return 1;
William Lallemand8f840d72019-10-23 10:53:05 +020010966yield:
10967 /* store the state */
10968 if (ci_putchk(si_ic(si), trash) == -1)
10969 si_rx_room_blk(si);
10970 free_trash_chunk(trash);
10971 si_rx_endp_more(si); /* let's come back later */
William Lallemand8f840d72019-10-23 10:53:05 +020010972 return 0; /* should come back */
10973
10974error:
10975 /* spin unlock and free are done in the release function */
William Lallemand33cc76f2019-10-31 11:43:45 +010010976 if (trash) {
10977 chunk_appendf(trash, "\n%sFailed!\n", err);
10978 if (ci_putchk(si_ic(si), trash) == -1)
10979 si_rx_room_blk(si);
10980 free_trash_chunk(trash);
10981 }
William Lallemand430413e2019-10-28 14:30:47 +010010982 /* error: call the release function and don't come back */
10983 return 1;
William Lallemand8f840d72019-10-23 10:53:05 +020010984}
William Lallemandbc6ca7c2019-10-29 23:48:19 +010010985
10986/*
10987 * Parsing function of 'commit ssl cert'
10988 */
10989static int cli_parse_commit_cert(char **args, char *payload, struct appctx *appctx, void *private)
10990{
10991 char *err = NULL;
10992
William Lallemand230662a2019-12-03 13:32:54 +010010993 if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
10994 return 1;
10995
William Lallemandbc6ca7c2019-10-29 23:48:19 +010010996 if (!*args[3])
10997 return cli_err(appctx, "'commit ssl cert expects a filename\n");
10998
10999 /* The operations on the CKCH architecture are locked so we can
11000 * manipulate ckch_store and ckch_inst */
11001 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
11002 return cli_err(appctx, "Can't commit the certificate!\nOperations on certificates are currently locked!\n");
11003
11004 if (!ckchs_transaction.path) {
11005 memprintf(&err, "No ongoing transaction! !\n");
11006 goto error;
11007 }
11008
11009 if (strcmp(ckchs_transaction.path, args[3]) != 0) {
11010 memprintf(&err, "The ongoing transaction is about '%s' but you are trying to set '%s'\n", ckchs_transaction.path, args[3]);
11011 goto error;
11012 }
11013
William Lallemand4c5adbf2020-02-24 14:23:22 +010011014#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
11015 if (ckchs_transaction.new_ckchs->multi) {
11016 int n;
11017
11018 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
11019 if (ckchs_transaction.new_ckchs->ckch[n].cert && !X509_check_private_key(ckchs_transaction.new_ckchs->ckch[n].cert, ckchs_transaction.new_ckchs->ckch[n].key)) {
11020 memprintf(&err, "inconsistencies between private key and certificate loaded '%s'.\n", ckchs_transaction.path);
11021 goto error;
11022 }
11023 }
11024 } else
11025#endif
11026 {
11027 if (!X509_check_private_key(ckchs_transaction.new_ckchs->ckch->cert, ckchs_transaction.new_ckchs->ckch->key)) {
11028 memprintf(&err, "inconsistencies between private key and certificate loaded '%s'.\n", ckchs_transaction.path);
11029 goto error;
11030 }
11031 }
11032
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011033 /* init the appctx structure */
11034 appctx->st2 = SETCERT_ST_INIT;
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011035 appctx->ctx.ssl.next_ckchi = NULL;
11036 appctx->ctx.ssl.new_ckchs = ckchs_transaction.new_ckchs;
11037 appctx->ctx.ssl.old_ckchs = ckchs_transaction.old_ckchs;
11038
11039 /* we don't unlock there, it will be unlock after the IO handler, in the release handler */
11040 return 0;
11041
11042error:
11043
11044 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
11045 err = memprintf(&err, "%sCan't commit %s!\n", err ? err : "", args[3]);
11046
11047 return cli_dynerr(appctx, err);
11048}
11049
11050
William Lallemand8f840d72019-10-23 10:53:05 +020011051/*
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011052 * Parsing function of `set ssl cert`, it updates or creates a temporary ckch.
William Lallemand8f840d72019-10-23 10:53:05 +020011053 */
William Lallemand150bfa82019-09-19 17:12:49 +020011054static int cli_parse_set_cert(char **args, char *payload, struct appctx *appctx, void *private)
11055{
William Lallemand0c3b7d92019-10-18 11:27:07 +020011056 struct ckch_store *new_ckchs = NULL;
William Lallemand8f840d72019-10-23 10:53:05 +020011057 struct ckch_store *old_ckchs = NULL;
William Lallemand150bfa82019-09-19 17:12:49 +020011058 char *err = NULL;
William Lallemand963b2e72019-10-14 11:38:36 +020011059 int i;
William Lallemand849eed62019-10-17 16:23:50 +020011060 int bundle = -1; /* TRUE if >= 0 (ckch index) */
Emeric Brunf69ed1d2019-10-17 11:56:56 +020011061 int errcode = 0;
William Lallemand44b35322019-10-17 16:28:40 +020011062 char *end;
11063 int type = CERT_TYPE_PEM;
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011064 struct cert_key_and_chain *ckch;
11065 struct buffer *buf;
William Lallemand8f840d72019-10-23 10:53:05 +020011066
William Lallemand230662a2019-12-03 13:32:54 +010011067 if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
11068 return 1;
11069
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011070 if ((buf = alloc_trash_chunk()) == NULL)
11071 return cli_err(appctx, "Can't allocate memory\n");
William Lallemand150bfa82019-09-19 17:12:49 +020011072
11073 if (!*args[3] || !payload)
11074 return cli_err(appctx, "'set ssl cert expects a filename and a certificat as a payload\n");
11075
11076 /* The operations on the CKCH architecture are locked so we can
11077 * manipulate ckch_store and ckch_inst */
11078 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
11079 return cli_err(appctx, "Can't update the certificate!\nOperations on certificates are currently locked!\n");
11080
William Lallemand8f840d72019-10-23 10:53:05 +020011081 if (!chunk_strcpy(buf, args[3])) {
11082 memprintf(&err, "%sCan't allocate memory\n", err ? err : "");
11083 errcode |= ERR_ALERT | ERR_FATAL;
11084 goto end;
11085 }
11086
William Lallemand44b35322019-10-17 16:28:40 +020011087 /* check which type of file we want to update */
William Lallemandf29cdef2019-10-23 15:00:52 +020011088 for (i = 0; cert_exts[i].type < CERT_TYPE_MAX; i++) {
William Lallemand8f840d72019-10-23 10:53:05 +020011089 end = strrchr(buf->area, '.');
William Lallemand44b35322019-10-17 16:28:40 +020011090 if (end && *cert_exts[i].ext && (!strcmp(end + 1, cert_exts[i].ext))) {
11091 *end = '\0';
11092 type = cert_exts[i].type;
11093 break;
11094 }
11095 }
11096
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011097 appctx->ctx.ssl.old_ckchs = NULL;
11098 appctx->ctx.ssl.new_ckchs = NULL;
William Lallemand849eed62019-10-17 16:23:50 +020011099
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011100 /* if there is an ongoing transaction */
11101 if (ckchs_transaction.path) {
11102 /* if the ongoing transaction is a bundle, we need to find which part of the bundle need to be updated */
William Lallemand963b2e72019-10-14 11:38:36 +020011103#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011104 if (ckchs_transaction.new_ckchs->multi) {
Emmanuel Hocdet40f2f1e2019-10-30 17:31:28 +010011105 char *end;
William Lallemand963b2e72019-10-14 11:38:36 +020011106 int j;
William Lallemand150bfa82019-09-19 17:12:49 +020011107
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011108 /* check if it was used in a bundle by removing the
William Lallemand963b2e72019-10-14 11:38:36 +020011109 * .dsa/.rsa/.ecdsa at the end of the filename */
William Lallemand8f840d72019-10-23 10:53:05 +020011110 end = strrchr(buf->area, '.');
Emmanuel Hocdet40f2f1e2019-10-30 17:31:28 +010011111 for (j = 0; end && j < SSL_SOCK_NUM_KEYTYPES; j++) {
William Lallemand963b2e72019-10-14 11:38:36 +020011112 if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) {
11113 bundle = j; /* keep the type of certificate so we insert it at the right place */
11114 *end = '\0'; /* it's a bundle let's end the string*/
11115 break;
11116 }
William Lallemand150bfa82019-09-19 17:12:49 +020011117 }
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011118 if (bundle < 0) {
11119 memprintf(&err, "The ongoing transaction is the '%s' bundle. You need to specify which part of the bundle you want to update ('%s.{rsa,ecdsa,dsa}')\n", ckchs_transaction.path, buf->area);
11120 errcode |= ERR_ALERT | ERR_FATAL;
11121 goto end;
11122 }
11123 }
11124#endif
11125
11126 /* if there is an ongoing transaction, check if this is the same file */
11127 if (strcmp(ckchs_transaction.path, buf->area) != 0) {
11128 memprintf(&err, "The ongoing transaction is about '%s' but you are trying to set '%s'\n", ckchs_transaction.path, buf->area);
11129 errcode |= ERR_ALERT | ERR_FATAL;
11130 goto end;
William Lallemand150bfa82019-09-19 17:12:49 +020011131 }
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011132
11133 appctx->ctx.ssl.old_ckchs = ckchs_transaction.new_ckchs;
11134
11135 } else {
11136 struct ckch_store *find_ckchs[2] = { NULL, NULL };
11137
11138 /* lookup for the certificate in the tree:
11139 * check if this is used as a bundle AND as a unique certificate */
11140 for (i = 0; i < 2; i++) {
11141
11142 if ((find_ckchs[i] = ckchs_lookup(buf->area)) != NULL) {
11143 /* only the bundle name is in the tree and you should
11144 * never update a bundle name, only a filename */
11145 if (bundle < 0 && find_ckchs[i]->multi) {
11146 /* we tried to look for a non-bundle and we found a bundle */
11147 memprintf(&err, "%s%s is a multi-cert bundle. Try updating %s.{dsa,rsa,ecdsa}\n",
11148 err ? err : "", args[3], args[3]);
11149 errcode |= ERR_ALERT | ERR_FATAL;
11150 goto end;
11151 }
William Lallemand3246d942019-11-04 14:02:11 +010011152 /* If we want a bundle but this is not a bundle
11153 * example: When you try to update <file>.rsa, but
11154 * <file> is a regular file */
11155 if (bundle >= 0 && find_ckchs[i]->multi == 0) {
11156 find_ckchs[i] = NULL;
11157 break;
11158 }
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011159 }
11160#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
11161 {
Emmanuel Hocdet40f2f1e2019-10-30 17:31:28 +010011162 char *end;
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011163 int j;
11164
11165 /* check if it was used in a bundle by removing the
11166 * .dsa/.rsa/.ecdsa at the end of the filename */
11167 end = strrchr(buf->area, '.');
Emmanuel Hocdet40f2f1e2019-10-30 17:31:28 +010011168 for (j = 0; end && j < SSL_SOCK_NUM_KEYTYPES; j++) {
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011169 if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) {
11170 bundle = j; /* keep the type of certificate so we insert it at the right place */
11171 *end = '\0'; /* it's a bundle let's end the string*/
11172 break;
11173 }
11174 }
William Lallemand37031b82019-11-04 13:38:53 +010011175 if (bundle < 0) /* we didn't find a bundle extension */
11176 break;
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011177 }
William Lallemand963b2e72019-10-14 11:38:36 +020011178#else
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011179 /* bundles are not supported here, so we don't need to lookup again */
11180 break;
William Lallemand963b2e72019-10-14 11:38:36 +020011181#endif
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011182 }
11183
11184 if (find_ckchs[0] && find_ckchs[1]) {
11185 memprintf(&err, "%sUpdating a certificate which is used in the HAProxy configuration as a bundle and as a unique certificate is not supported. ('%s' and '%s')\n",
11186 err ? err : "", find_ckchs[0]->path, find_ckchs[1]->path);
11187 errcode |= ERR_ALERT | ERR_FATAL;
11188 goto end;
11189 }
11190
11191 appctx->ctx.ssl.old_ckchs = find_ckchs[0] ? find_ckchs[0] : find_ckchs[1];
William Lallemand150bfa82019-09-19 17:12:49 +020011192 }
11193
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011194 if (!appctx->ctx.ssl.old_ckchs) {
11195 memprintf(&err, "%sCan't replace a certificate which is not referenced by the configuration!\n",
William Lallemand150bfa82019-09-19 17:12:49 +020011196 err ? err : "");
Emeric Brunf69ed1d2019-10-17 11:56:56 +020011197 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemand8f840d72019-10-23 10:53:05 +020011198 goto end;
William Lallemand150bfa82019-09-19 17:12:49 +020011199 }
11200
William Lallemand8a7fdf02019-11-04 10:59:32 +010011201 if (!appctx->ctx.ssl.path) {
11202 /* this is a new transaction, set the path of the transaction */
11203 appctx->ctx.ssl.path = strdup(appctx->ctx.ssl.old_ckchs->path);
11204 if (!appctx->ctx.ssl.path) {
11205 memprintf(&err, "%sCan't allocate memory\n", err ? err : "");
11206 errcode |= ERR_ALERT | ERR_FATAL;
11207 goto end;
11208 }
11209 }
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011210
11211 old_ckchs = appctx->ctx.ssl.old_ckchs;
11212
11213 /* TODO: handle filters */
11214 if (old_ckchs->filters) {
11215 memprintf(&err, "%sCertificates used in crt-list with filters are not supported!\n",
11216 err ? err : "");
11217 errcode |= ERR_ALERT | ERR_FATAL;
11218 goto end;
11219 }
11220
11221 /* duplicate the ckch store */
11222 new_ckchs = ckchs_dup(old_ckchs);
11223 if (!new_ckchs) {
11224 memprintf(&err, "%sCannot allocate memory!\n",
11225 err ? err : "");
11226 errcode |= ERR_ALERT | ERR_FATAL;
11227 goto end;
11228 }
11229
11230 if (!new_ckchs->multi)
11231 ckch = new_ckchs->ckch;
11232 else
11233 ckch = &new_ckchs->ckch[bundle];
11234
11235 /* appply the change on the duplicate */
11236 if (cert_exts[type].load(buf->area, payload, ckch, &err) != 0) {
11237 memprintf(&err, "%sCan't load the payload\n", err ? err : "");
11238 errcode |= ERR_ALERT | ERR_FATAL;
11239 goto end;
11240 }
11241
11242 appctx->ctx.ssl.new_ckchs = new_ckchs;
11243
11244 /* we succeed, we can save the ckchs in the transaction */
11245
11246 /* if there wasn't a transaction, update the old ckchs */
William Dauchyc8bb1532019-11-24 15:04:20 +010011247 if (!ckchs_transaction.old_ckchs) {
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011248 ckchs_transaction.old_ckchs = appctx->ctx.ssl.old_ckchs;
11249 ckchs_transaction.path = appctx->ctx.ssl.path;
11250 err = memprintf(&err, "Transaction created for certificate %s!\n", ckchs_transaction.path);
11251 } else {
11252 err = memprintf(&err, "Transaction updated for certificate %s!\n", ckchs_transaction.path);
11253
11254 }
11255
11256 /* free the previous ckchs if there was a transaction */
11257 ckchs_free(ckchs_transaction.new_ckchs);
11258
11259 ckchs_transaction.new_ckchs = appctx->ctx.ssl.new_ckchs;
11260
11261
William Lallemand8f840d72019-10-23 10:53:05 +020011262 /* creates the SNI ctxs later in the IO handler */
William Lallemand150bfa82019-09-19 17:12:49 +020011263
William Lallemand8f840d72019-10-23 10:53:05 +020011264end:
11265 free_trash_chunk(buf);
William Lallemand150bfa82019-09-19 17:12:49 +020011266
Emeric Brunf69ed1d2019-10-17 11:56:56 +020011267 if (errcode & ERR_CODE) {
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011268
11269 ckchs_free(appctx->ctx.ssl.new_ckchs);
11270 appctx->ctx.ssl.new_ckchs = NULL;
11271
11272 appctx->ctx.ssl.old_ckchs = NULL;
11273
11274 free(appctx->ctx.ssl.path);
11275 appctx->ctx.ssl.path = NULL;
11276
11277 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
William Lallemand44b35322019-10-17 16:28:40 +020011278 return cli_dynerr(appctx, memprintf(&err, "%sCan't update %s!\n", err ? err : "", args[3]));
William Lallemand430413e2019-10-28 14:30:47 +010011279 } else {
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011280
11281 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
11282 return cli_dynmsg(appctx, LOG_NOTICE, err);
William Lallemand430413e2019-10-28 14:30:47 +010011283 }
William Lallemand8f840d72019-10-23 10:53:05 +020011284 /* TODO: handle the ERR_WARN which are not handled because of the io_handler */
William Lallemand150bfa82019-09-19 17:12:49 +020011285}
11286
William Lallemand0bc9c8a2019-11-19 15:51:51 +010011287/* parsing function of 'abort ssl cert' */
11288static int cli_parse_abort_cert(char **args, char *payload, struct appctx *appctx, void *private)
11289{
11290 char *err = NULL;
11291
William Lallemand230662a2019-12-03 13:32:54 +010011292 if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
11293 return 1;
11294
William Lallemand0bc9c8a2019-11-19 15:51:51 +010011295 if (!*args[3])
11296 return cli_err(appctx, "'abort ssl cert' expects a filename\n");
11297
11298 /* The operations on the CKCH architecture are locked so we can
11299 * manipulate ckch_store and ckch_inst */
11300 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
11301 return cli_err(appctx, "Can't abort!\nOperations on certificates are currently locked!\n");
11302
11303 if (!ckchs_transaction.path) {
11304 memprintf(&err, "No ongoing transaction!\n");
11305 goto error;
11306 }
11307
11308 if (strcmp(ckchs_transaction.path, args[3]) != 0) {
11309 memprintf(&err, "The ongoing transaction is about '%s' but you are trying to abort a transaction for '%s'\n", ckchs_transaction.path, args[3]);
11310 goto error;
11311 }
11312
11313 /* Only free the ckchs there, because the SNI and instances were not generated yet */
11314 ckchs_free(ckchs_transaction.new_ckchs);
11315 ckchs_transaction.new_ckchs = NULL;
11316 ckchs_free(ckchs_transaction.old_ckchs);
11317 ckchs_transaction.old_ckchs = NULL;
11318 free(ckchs_transaction.path);
11319 ckchs_transaction.path = NULL;
11320
11321 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
11322
11323 err = memprintf(&err, "Transaction aborted for certificate '%s'!\n", args[3]);
11324 return cli_dynmsg(appctx, LOG_NOTICE, err);
11325
11326error:
11327 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
11328
11329 return cli_dynerr(appctx, err);
11330}
11331
Aurélien Nephtaliabbf6072018-04-18 13:26:46 +020011332static int cli_parse_set_ocspresponse(char **args, char *payload, struct appctx *appctx, void *private)
William Lallemand32af2032016-10-29 18:09:35 +020011333{
11334#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
11335 char *err = NULL;
Willy Tarreau1c913e42018-08-22 05:26:57 +020011336 int i, j, ret;
Aurélien Nephtali1e0867c2018-04-18 14:04:58 +020011337
11338 if (!payload)
11339 payload = args[3];
William Lallemand32af2032016-10-29 18:09:35 +020011340
11341 /* Expect one parameter: the new response in base64 encoding */
Willy Tarreau9d008692019-08-09 11:21:01 +020011342 if (!*payload)
11343 return cli_err(appctx, "'set ssl ocsp-response' expects response in base64 encoding.\n");
Aurélien Nephtali1e0867c2018-04-18 14:04:58 +020011344
11345 /* remove \r and \n from the payload */
11346 for (i = 0, j = 0; payload[i]; i++) {
11347 if (payload[i] == '\r' || payload[i] == '\n')
11348 continue;
11349 payload[j++] = payload[i];
11350 }
11351 payload[j] = 0;
William Lallemand32af2032016-10-29 18:09:35 +020011352
Willy Tarreau1c913e42018-08-22 05:26:57 +020011353 ret = base64dec(payload, j, trash.area, trash.size);
Willy Tarreau9d008692019-08-09 11:21:01 +020011354 if (ret < 0)
11355 return cli_err(appctx, "'set ssl ocsp-response' received invalid base64 encoded response.\n");
William Lallemand32af2032016-10-29 18:09:35 +020011356
Willy Tarreau1c913e42018-08-22 05:26:57 +020011357 trash.data = ret;
William Lallemand32af2032016-10-29 18:09:35 +020011358 if (ssl_sock_update_ocsp_response(&trash, &err)) {
Willy Tarreau9d008692019-08-09 11:21:01 +020011359 if (err)
11360 return cli_dynerr(appctx, memprintf(&err, "%s.\n", err));
11361 else
11362 return cli_err(appctx, "Failed to update OCSP response.\n");
William Lallemand32af2032016-10-29 18:09:35 +020011363 }
Willy Tarreau9d008692019-08-09 11:21:01 +020011364
11365 return cli_msg(appctx, LOG_INFO, "OCSP Response updated!\n");
William Lallemand32af2032016-10-29 18:09:35 +020011366#else
Willy Tarreau9d008692019-08-09 11:21:01 +020011367 return cli_err(appctx, "HAProxy was compiled against a version of OpenSSL that doesn't support OCSP stapling.\n");
William Lallemand32af2032016-10-29 18:09:35 +020011368#endif
11369
Nenad Merdanovicc31499d2019-03-23 11:00:32 +010011370}
11371
Willy Tarreau86a394e2019-05-09 14:15:32 +020011372#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000100fL)
Nenad Merdanovicc31499d2019-03-23 11:00:32 +010011373static inline int sample_conv_var2smp_str(const struct arg *arg, struct sample *smp)
11374{
11375 switch (arg->type) {
11376 case ARGT_STR:
11377 smp->data.type = SMP_T_STR;
11378 smp->data.u.str = arg->data.str;
11379 return 1;
11380 case ARGT_VAR:
11381 if (!vars_get_by_desc(&arg->data.var, smp))
11382 return 0;
11383 if (!sample_casts[smp->data.type][SMP_T_STR])
11384 return 0;
11385 if (!sample_casts[smp->data.type][SMP_T_STR](smp))
11386 return 0;
11387 return 1;
11388 default:
11389 return 0;
11390 }
11391}
11392
11393static int check_aes_gcm(struct arg *args, struct sample_conv *conv,
11394 const char *file, int line, char **err)
11395{
11396 switch(args[0].data.sint) {
11397 case 128:
11398 case 192:
11399 case 256:
11400 break;
11401 default:
11402 memprintf(err, "key size must be 128, 192 or 256 (bits).");
11403 return 0;
11404 }
11405 /* Try to decode a variable. */
11406 vars_check_arg(&args[1], NULL);
11407 vars_check_arg(&args[2], NULL);
11408 vars_check_arg(&args[3], NULL);
11409 return 1;
11410}
11411
11412/* Arguements: AES size in bits, nonce, key, tag. The last three arguments are base64 encoded */
11413static int sample_conv_aes_gcm_dec(const struct arg *arg_p, struct sample *smp, void *private)
11414{
11415 struct sample nonce, key, aead_tag;
11416 struct buffer *smp_trash, *smp_trash_alloc;
11417 EVP_CIPHER_CTX *ctx;
11418 int dec_size, ret;
11419
11420 smp_set_owner(&nonce, smp->px, smp->sess, smp->strm, smp->opt);
11421 if (!sample_conv_var2smp_str(&arg_p[1], &nonce))
11422 return 0;
11423
11424 smp_set_owner(&key, smp->px, smp->sess, smp->strm, smp->opt);
11425 if (!sample_conv_var2smp_str(&arg_p[2], &key))
11426 return 0;
11427
11428 smp_set_owner(&aead_tag, smp->px, smp->sess, smp->strm, smp->opt);
11429 if (!sample_conv_var2smp_str(&arg_p[3], &aead_tag))
11430 return 0;
11431
11432 smp_trash = get_trash_chunk();
11433 smp_trash_alloc = alloc_trash_chunk();
11434 if (!smp_trash_alloc)
11435 return 0;
11436
11437 ctx = EVP_CIPHER_CTX_new();
11438
11439 if (!ctx)
11440 goto err;
11441
11442 dec_size = base64dec(nonce.data.u.str.area, nonce.data.u.str.data, smp_trash->area, smp_trash->size);
11443 if (dec_size < 0)
11444 goto err;
11445 smp_trash->data = dec_size;
11446
11447 /* Set cipher type and mode */
11448 switch(arg_p[0].data.sint) {
11449 case 128:
11450 EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL);
11451 break;
11452 case 192:
11453 EVP_DecryptInit_ex(ctx, EVP_aes_192_gcm(), NULL, NULL, NULL);
11454 break;
11455 case 256:
11456 EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL);
11457 break;
11458 }
11459
11460 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, smp_trash->data, NULL);
11461
11462 /* Initialise IV */
11463 if(!EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, (unsigned char *) smp_trash->area))
11464 goto err;
11465
11466 dec_size = base64dec(key.data.u.str.area, key.data.u.str.data, smp_trash->area, smp_trash->size);
11467 if (dec_size < 0)
11468 goto err;
11469 smp_trash->data = dec_size;
11470
11471 /* Initialise key */
11472 if (!EVP_DecryptInit_ex(ctx, NULL, NULL, (unsigned char *) smp_trash->area, NULL))
11473 goto err;
11474
11475 if (!EVP_DecryptUpdate(ctx, (unsigned char *) smp_trash->area, (int *) &smp_trash->data,
11476 (unsigned char *) smp->data.u.str.area, (int) smp->data.u.str.data))
11477 goto err;
11478
11479 dec_size = base64dec(aead_tag.data.u.str.area, aead_tag.data.u.str.data, smp_trash_alloc->area, smp_trash_alloc->size);
11480 if (dec_size < 0)
11481 goto err;
11482 smp_trash_alloc->data = dec_size;
11483 dec_size = smp_trash->data;
11484
11485 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, smp_trash_alloc->data, (void *) smp_trash_alloc->area);
11486 ret = EVP_DecryptFinal_ex(ctx, (unsigned char *) smp_trash->area + smp_trash->data, (int *) &smp_trash->data);
11487
11488 if (ret <= 0)
11489 goto err;
11490
11491 smp->data.u.str.data = dec_size + smp_trash->data;
11492 smp->data.u.str.area = smp_trash->area;
11493 smp->data.type = SMP_T_BIN;
11494 smp->flags &= ~SMP_F_CONST;
11495 free_trash_chunk(smp_trash_alloc);
11496 return 1;
11497
11498err:
11499 free_trash_chunk(smp_trash_alloc);
11500 return 0;
William Lallemand32af2032016-10-29 18:09:35 +020011501}
Nenad Merdanovicc31499d2019-03-23 11:00:32 +010011502# endif
William Lallemand32af2032016-10-29 18:09:35 +020011503
Elliot Otchet71f82972020-01-15 08:12:14 -050011504/* Argument validation functions */
11505
11506/* This function is used to validate the arguments passed to any "x_dn" ssl
11507 * keywords. These keywords support specifying a third parameter that must be
11508 * either empty or the value "rfc2253". Returns 0 on error, non-zero if OK.
11509 */
11510int val_dnfmt(struct arg *arg, char **err_msg)
11511{
11512 if (arg && arg[2].type == ARGT_STR && arg[2].data.str.data > 0 && (strcmp(arg[2].data.str.area, "rfc2253") != 0)) {
11513 memprintf(err_msg, "only rfc2253 or a blank value are currently supported as the format argument.");
11514 return 0;
11515 }
11516 return 1;
11517}
11518
William Lallemand32af2032016-10-29 18:09:35 +020011519/* register cli keywords */
11520static struct cli_kw_list cli_kws = {{ },{
11521#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
11522 { { "show", "tls-keys", NULL }, "show tls-keys [id|*]: show tls keys references or dump tls ticket keys when id specified", cli_parse_show_tlskeys, NULL },
Lukas Tribusf4bbc432017-10-24 12:26:31 +020011523 { { "set", "ssl", "tls-key", NULL }, "set ssl tls-key [id|keyfile] <tlskey>: set the next TLS key for the <id> or <keyfile> listener to <tlskey>", cli_parse_set_tlskeys, NULL },
William Lallemand32af2032016-10-29 18:09:35 +020011524#endif
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +010011525 { { "set", "ssl", "ocsp-response", NULL }, NULL, cli_parse_set_ocspresponse, NULL },
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011526 { { "set", "ssl", "cert", NULL }, "set ssl cert <certfile> <payload> : replace a certificate file", cli_parse_set_cert, NULL, NULL },
11527 { { "commit", "ssl", "cert", NULL }, "commit ssl cert <certfile> : commit a certificate file", cli_parse_commit_cert, cli_io_handler_commit_cert, cli_release_commit_cert },
William Lallemand0bc9c8a2019-11-19 15:51:51 +010011528 { { "abort", "ssl", "cert", NULL }, "abort ssl cert <certfile> : abort a transaction for a certificate file", cli_parse_abort_cert, NULL, NULL },
William Lallemandd4f946c2019-12-05 10:26:40 +010011529 { { "show", "ssl", "cert", NULL }, "show ssl cert [<certfile>] : display the SSL certificates used in memory, or the details of a <certfile>", cli_parse_show_cert, cli_io_handler_show_cert, cli_release_show_cert },
William Lallemand32af2032016-10-29 18:09:35 +020011530 { { NULL }, NULL, NULL, NULL }
11531}};
11532
Willy Tarreau0108d902018-11-25 19:14:37 +010011533INITCALL1(STG_REGISTER, cli_register_kw, &cli_kws);
William Lallemand32af2032016-10-29 18:09:35 +020011534
Willy Tarreau7875d092012-09-10 08:20:03 +020011535/* Note: must not be declared <const> as its list will be overwritten.
11536 * Please take care of keeping this list alphabetically sorted.
11537 */
Willy Tarreaudc13c112013-06-21 23:16:39 +020011538static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
Emeric Brun645ae792014-04-30 14:21:06 +020011539 { "ssl_bc", smp_fetch_ssl_fc, 0, NULL, SMP_T_BOOL, SMP_USE_L5SRV },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011540 { "ssl_bc_alg_keysize", smp_fetch_ssl_fc_alg_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5SRV },
Olivier Houchard6b77f492018-11-22 18:18:29 +010011541#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Jérôme Magnine064a802018-12-03 22:21:04 +010011542 { "ssl_bc_alpn", smp_fetch_ssl_fc_alpn, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
Olivier Houchard6b77f492018-11-22 18:18:29 +010011543#endif
Emeric Brun645ae792014-04-30 14:21:06 +020011544 { "ssl_bc_cipher", smp_fetch_ssl_fc_cipher, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
Olivier Houchard6b77f492018-11-22 18:18:29 +010011545#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
11546 { "ssl_bc_npn", smp_fetch_ssl_fc_npn, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
11547#endif
Emeric Brun74f7ffa2018-02-19 16:14:12 +010011548 { "ssl_bc_is_resumed", smp_fetch_ssl_fc_is_resumed, 0, NULL, SMP_T_BOOL, SMP_USE_L5SRV },
Emeric Brun645ae792014-04-30 14:21:06 +020011549 { "ssl_bc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
Emeric Brunb73a9b02014-04-30 18:49:19 +020011550 { "ssl_bc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011551 { "ssl_bc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5SRV },
Willy Tarreau9a1ab082019-05-09 13:26:41 +020011552#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Emeric Brun645ae792014-04-30 14:21:06 +020011553 { "ssl_bc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
Patrick Hemmer41966772018-04-28 19:15:48 -040011554#endif
Emmanuel Hocdet839af572019-05-14 16:27:35 +020011555#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
Patrick Hemmer65674662019-06-04 08:13:03 -040011556 { "ssl_bc_client_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
11557 { "ssl_bc_server_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
Patrick Hemmere0275472018-04-28 19:15:51 -040011558 { "ssl_bc_session_key", smp_fetch_ssl_fc_session_key, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
11559#endif
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011560 { "ssl_c_ca_err", smp_fetch_ssl_c_ca_err, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
11561 { "ssl_c_ca_err_depth", smp_fetch_ssl_c_ca_err_depth, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Emeric Brun43e79582014-10-29 19:03:26 +010011562 { "ssl_c_der", smp_fetch_ssl_x_der, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011563 { "ssl_c_err", smp_fetch_ssl_c_err, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Elliot Otchet71f82972020-01-15 08:12:14 -050011564 { "ssl_c_i_dn", smp_fetch_ssl_x_i_dn, ARG3(0,STR,SINT,STR),val_dnfmt, SMP_T_STR, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +020011565 { "ssl_c_key_alg", smp_fetch_ssl_x_key_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11566 { "ssl_c_notafter", smp_fetch_ssl_x_notafter, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11567 { "ssl_c_notbefore", smp_fetch_ssl_x_notbefore, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11568 { "ssl_c_sig_alg", smp_fetch_ssl_x_sig_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Elliot Otchet71f82972020-01-15 08:12:14 -050011569 { "ssl_c_s_dn", smp_fetch_ssl_x_s_dn, ARG3(0,STR,SINT,STR),val_dnfmt, SMP_T_STR, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +020011570 { "ssl_c_serial", smp_fetch_ssl_x_serial, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
11571 { "ssl_c_sha1", smp_fetch_ssl_x_sha1, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +010011572 { "ssl_c_used", smp_fetch_ssl_c_used, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011573 { "ssl_c_verify", smp_fetch_ssl_c_verify, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
11574 { "ssl_c_version", smp_fetch_ssl_x_version, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Emeric Brun43e79582014-10-29 19:03:26 +010011575 { "ssl_f_der", smp_fetch_ssl_x_der, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Elliot Otchet71f82972020-01-15 08:12:14 -050011576 { "ssl_f_i_dn", smp_fetch_ssl_x_i_dn, ARG3(0,STR,SINT,STR),val_dnfmt, SMP_T_STR, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +020011577 { "ssl_f_key_alg", smp_fetch_ssl_x_key_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11578 { "ssl_f_notafter", smp_fetch_ssl_x_notafter, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11579 { "ssl_f_notbefore", smp_fetch_ssl_x_notbefore, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11580 { "ssl_f_sig_alg", smp_fetch_ssl_x_sig_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Elliot Otchet71f82972020-01-15 08:12:14 -050011581 { "ssl_f_s_dn", smp_fetch_ssl_x_s_dn, ARG3(0,STR,SINT,STR),val_dnfmt, SMP_T_STR, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +020011582 { "ssl_f_serial", smp_fetch_ssl_x_serial, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Emeric Brun55f4fa82014-04-30 17:11:25 +020011583 { "ssl_f_sha1", smp_fetch_ssl_x_sha1, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011584 { "ssl_f_version", smp_fetch_ssl_x_version, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +010011585 { "ssl_fc", smp_fetch_ssl_fc, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011586 { "ssl_fc_alg_keysize", smp_fetch_ssl_fc_alg_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010011587 { "ssl_fc_cipher", smp_fetch_ssl_fc_cipher, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +010011588 { "ssl_fc_has_crt", smp_fetch_ssl_fc_has_crt, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Olivier Houchardccaa7de2017-10-02 11:51:03 +020011589 { "ssl_fc_has_early", smp_fetch_ssl_fc_has_early, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +010011590 { "ssl_fc_has_sni", smp_fetch_ssl_fc_has_sni, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Nenad Merdanovic26ea8222015-05-18 02:28:57 +020011591 { "ssl_fc_is_resumed", smp_fetch_ssl_fc_is_resumed, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Bernard Spil13c53f82018-02-15 13:34:58 +010011592#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010011593 { "ssl_fc_npn", smp_fetch_ssl_fc_npn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreaua33c6542012-10-15 13:19:06 +020011594#endif
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +010011595#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010011596 { "ssl_fc_alpn", smp_fetch_ssl_fc_alpn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreauab861d32013-04-02 02:30:41 +020011597#endif
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010011598 { "ssl_fc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreau9a1ab082019-05-09 13:26:41 +020011599#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Emeric Brunb73a9b02014-04-30 18:49:19 +020011600 { "ssl_fc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Patrick Hemmer41966772018-04-28 19:15:48 -040011601#endif
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011602 { "ssl_fc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Willy Tarreau9a1ab082019-05-09 13:26:41 +020011603#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010011604 { "ssl_fc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Patrick Hemmer41966772018-04-28 19:15:48 -040011605#endif
Emmanuel Hocdet839af572019-05-14 16:27:35 +020011606#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
Patrick Hemmer65674662019-06-04 08:13:03 -040011607 { "ssl_fc_client_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
11608 { "ssl_fc_server_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Patrick Hemmere0275472018-04-28 19:15:51 -040011609 { "ssl_fc_session_key", smp_fetch_ssl_fc_session_key, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
11610#endif
Patrick Hemmer41966772018-04-28 19:15:48 -040011611#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010011612 { "ssl_fc_sni", smp_fetch_ssl_fc_sni, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Patrick Hemmer41966772018-04-28 19:15:48 -040011613#endif
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010011614 { "ssl_fc_cipherlist_bin", smp_fetch_ssl_fc_cl_bin, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11615 { "ssl_fc_cipherlist_hex", smp_fetch_ssl_fc_cl_hex, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
11616 { "ssl_fc_cipherlist_str", smp_fetch_ssl_fc_cl_str, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11617 { "ssl_fc_cipherlist_xxh", smp_fetch_ssl_fc_cl_xxh64, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Willy Tarreau7875d092012-09-10 08:20:03 +020011618 { NULL, NULL, 0, 0, 0 },
11619}};
11620
Willy Tarreau0108d902018-11-25 19:14:37 +010011621INITCALL1(STG_REGISTER, sample_register_fetches, &sample_fetch_keywords);
11622
Willy Tarreau7875d092012-09-10 08:20:03 +020011623/* Note: must not be declared <const> as its list will be overwritten.
11624 * Please take care of keeping this list alphabetically sorted.
11625 */
Willy Tarreaudc13c112013-06-21 23:16:39 +020011626static struct acl_kw_list acl_kws = {ILH, {
Thierry FOURNIERc5a4e982014-03-05 16:07:08 +010011627 { "ssl_fc_sni_end", "ssl_fc_sni", PAT_MATCH_END },
11628 { "ssl_fc_sni_reg", "ssl_fc_sni", PAT_MATCH_REG },
Willy Tarreau8ed669b2013-01-11 15:49:37 +010011629 { /* END */ },
Willy Tarreau7875d092012-09-10 08:20:03 +020011630}};
11631
Willy Tarreau0108d902018-11-25 19:14:37 +010011632INITCALL1(STG_REGISTER, acl_register_keywords, &acl_kws);
11633
Willy Tarreau79eeafa2012-09-14 07:53:05 +020011634/* Note: must not be declared <const> as its list will be overwritten.
11635 * Please take care of keeping this list alphabetically sorted, doing so helps
11636 * all code contributors.
11637 * Optional keywords are also declared with a NULL ->parse() function so that
11638 * the config parser can report an appropriate error when a known keyword was
11639 * not enabled.
11640 */
Emmanuel Hocdet98263292016-12-29 18:26:15 +010011641static struct ssl_bind_kw ssl_bind_kws[] = {
Olivier Houchardc2aae742017-09-22 18:26:28 +020011642 { "allow-0rtt", ssl_bind_parse_allow_0rtt, 0 }, /* allow 0-RTT */
Emmanuel Hocdet98263292016-12-29 18:26:15 +010011643 { "alpn", ssl_bind_parse_alpn, 1 }, /* set ALPN supported protocols */
11644 { "ca-file", ssl_bind_parse_ca_file, 1 }, /* set CAfile to process verify on client cert */
11645 { "ciphers", ssl_bind_parse_ciphers, 1 }, /* set SSL cipher suite */
Emmanuel Hocdet839af572019-05-14 16:27:35 +020011646#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020011647 { "ciphersuites", ssl_bind_parse_ciphersuites, 1 }, /* set TLS 1.3 cipher suite */
11648#endif
Emmanuel Hocdet98263292016-12-29 18:26:15 +010011649 { "crl-file", ssl_bind_parse_crl_file, 1 }, /* set certificat revocation list file use on client cert verify */
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +010011650 { "curves", ssl_bind_parse_curves, 1 }, /* set SSL curve suite */
Emmanuel Hocdet98263292016-12-29 18:26:15 +010011651 { "ecdhe", ssl_bind_parse_ecdhe, 1 }, /* defines named curve for elliptic curve Diffie-Hellman */
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +020011652 { "no-ca-names", ssl_bind_parse_no_ca_names, 0 }, /* do not send ca names to clients (ca_file related) */
Emmanuel Hocdet98263292016-12-29 18:26:15 +010011653 { "npn", ssl_bind_parse_npn, 1 }, /* set NPN supported protocols */
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +020011654 { "ssl-min-ver", ssl_bind_parse_tls_method_minmax,1 }, /* minimum version */
11655 { "ssl-max-ver", ssl_bind_parse_tls_method_minmax,1 }, /* maximum version */
Emmanuel Hocdet98263292016-12-29 18:26:15 +010011656 { "verify", ssl_bind_parse_verify, 1 }, /* set SSL verify method */
11657 { NULL, NULL, 0 },
11658};
11659
Willy Tarreau0108d902018-11-25 19:14:37 +010011660/* no initcall for ssl_bind_kws, these ones are parsed in the parser loop */
11661
Willy Tarreau51fb7652012-09-18 18:24:39 +020011662static struct bind_kw_list bind_kws = { "SSL", { }, {
Olivier Houchardc2aae742017-09-22 18:26:28 +020011663 { "allow-0rtt", bind_parse_allow_0rtt, 0 }, /* Allow 0RTT */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020011664 { "alpn", bind_parse_alpn, 1 }, /* set ALPN supported protocols */
11665 { "ca-file", bind_parse_ca_file, 1 }, /* set CAfile to process verify on client cert */
11666 { "ca-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ignore on verify depth > 0 */
11667 { "ca-sign-file", bind_parse_ca_sign_file, 1 }, /* set CAFile used to generate and sign server certs */
11668 { "ca-sign-pass", bind_parse_ca_sign_pass, 1 }, /* set CAKey passphrase */
11669 { "ciphers", bind_parse_ciphers, 1 }, /* set SSL cipher suite */
Emmanuel Hocdet839af572019-05-14 16:27:35 +020011670#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020011671 { "ciphersuites", bind_parse_ciphersuites, 1 }, /* set TLS 1.3 cipher suite */
11672#endif
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020011673 { "crl-file", bind_parse_crl_file, 1 }, /* set certificat revocation list file use on client cert verify */
11674 { "crt", bind_parse_crt, 1 }, /* load SSL certificates from this location */
11675 { "crt-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ingore on verify depth == 0 */
11676 { "crt-list", bind_parse_crt_list, 1 }, /* load a list of crt from this location */
11677 { "curves", bind_parse_curves, 1 }, /* set SSL curve suite */
11678 { "ecdhe", bind_parse_ecdhe, 1 }, /* defines named curve for elliptic curve Diffie-Hellman */
11679 { "force-sslv3", bind_parse_tls_method_options, 0 }, /* force SSLv3 */
11680 { "force-tlsv10", bind_parse_tls_method_options, 0 }, /* force TLSv10 */
11681 { "force-tlsv11", bind_parse_tls_method_options, 0 }, /* force TLSv11 */
11682 { "force-tlsv12", bind_parse_tls_method_options, 0 }, /* force TLSv12 */
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +020011683 { "force-tlsv13", bind_parse_tls_method_options, 0 }, /* force TLSv13 */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020011684 { "generate-certificates", bind_parse_generate_certs, 0 }, /* enable the server certificates generation */
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +020011685 { "no-ca-names", bind_parse_no_ca_names, 0 }, /* do not send ca names to clients (ca_file related) */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020011686 { "no-sslv3", bind_parse_tls_method_options, 0 }, /* disable SSLv3 */
11687 { "no-tlsv10", bind_parse_tls_method_options, 0 }, /* disable TLSv10 */
11688 { "no-tlsv11", bind_parse_tls_method_options, 0 }, /* disable TLSv11 */
11689 { "no-tlsv12", bind_parse_tls_method_options, 0 }, /* disable TLSv12 */
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +020011690 { "no-tlsv13", bind_parse_tls_method_options, 0 }, /* disable TLSv13 */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020011691 { "no-tls-tickets", bind_parse_no_tls_tickets, 0 }, /* disable session resumption tickets */
11692 { "ssl", bind_parse_ssl, 0 }, /* enable SSL processing */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020011693 { "ssl-min-ver", bind_parse_tls_method_minmax, 1 }, /* minimum version */
11694 { "ssl-max-ver", bind_parse_tls_method_minmax, 1 }, /* maximum version */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020011695 { "strict-sni", bind_parse_strict_sni, 0 }, /* refuse negotiation if sni doesn't match a certificate */
11696 { "tls-ticket-keys", bind_parse_tls_ticket_keys, 1 }, /* set file to load TLS ticket keys from */
11697 { "verify", bind_parse_verify, 1 }, /* set SSL verify method */
11698 { "npn", bind_parse_npn, 1 }, /* set NPN supported protocols */
11699 { "prefer-client-ciphers", bind_parse_pcc, 0 }, /* prefer client ciphers */
Willy Tarreau79eeafa2012-09-14 07:53:05 +020011700 { NULL, NULL, 0 },
11701}};
Emeric Brun46591952012-05-18 15:47:34 +020011702
Willy Tarreau0108d902018-11-25 19:14:37 +010011703INITCALL1(STG_REGISTER, bind_register_keywords, &bind_kws);
11704
Willy Tarreau92faadf2012-10-10 23:04:25 +020011705/* Note: must not be declared <const> as its list will be overwritten.
11706 * Please take care of keeping this list alphabetically sorted, doing so helps
11707 * all code contributors.
11708 * Optional keywords are also declared with a NULL ->parse() function so that
11709 * the config parser can report an appropriate error when a known keyword was
11710 * not enabled.
11711 */
11712static struct srv_kw_list srv_kws = { "SSL", { }, {
Olivier Houchard522eea72017-11-03 16:27:47 +010011713 { "allow-0rtt", srv_parse_allow_0rtt, 0, 1 }, /* Allow using early data on this server */
Olivier Houchardc7566002018-11-20 23:33:50 +010011714 { "alpn", srv_parse_alpn, 1, 1 }, /* Set ALPN supported protocols */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020011715 { "ca-file", srv_parse_ca_file, 1, 1 }, /* set CAfile to process verify server cert */
Olivier Houchard92150142018-12-21 19:47:01 +010011716 { "check-alpn", srv_parse_alpn, 1, 1 }, /* Set ALPN used for checks */
Olivier Houchard9130a962017-10-17 17:33:43 +020011717 { "check-sni", srv_parse_check_sni, 1, 1 }, /* set SNI */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020011718 { "check-ssl", srv_parse_check_ssl, 0, 1 }, /* enable SSL for health checks */
11719 { "ciphers", srv_parse_ciphers, 1, 1 }, /* select the cipher suite */
Emmanuel Hocdet839af572019-05-14 16:27:35 +020011720#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020011721 { "ciphersuites", srv_parse_ciphersuites, 1, 1 }, /* select the cipher suite */
11722#endif
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020011723 { "crl-file", srv_parse_crl_file, 1, 1 }, /* set certificate revocation list file use on server cert verify */
11724 { "crt", srv_parse_crt, 1, 1 }, /* set client certificate */
11725 { "force-sslv3", srv_parse_tls_method_options, 0, 1 }, /* force SSLv3 */
11726 { "force-tlsv10", srv_parse_tls_method_options, 0, 1 }, /* force TLSv10 */
11727 { "force-tlsv11", srv_parse_tls_method_options, 0, 1 }, /* force TLSv11 */
11728 { "force-tlsv12", srv_parse_tls_method_options, 0, 1 }, /* force TLSv12 */
11729 { "force-tlsv13", srv_parse_tls_method_options, 0, 1 }, /* force TLSv13 */
11730 { "no-check-ssl", srv_parse_no_check_ssl, 0, 1 }, /* disable SSL for health checks */
11731 { "no-send-proxy-v2-ssl", srv_parse_no_send_proxy_ssl, 0, 1 }, /* do not send PROXY protocol header v2 with SSL info */
11732 { "no-send-proxy-v2-ssl-cn", srv_parse_no_send_proxy_cn, 0, 1 }, /* do not send PROXY protocol header v2 with CN */
11733 { "no-ssl", srv_parse_no_ssl, 0, 1 }, /* disable SSL processing */
11734 { "no-ssl-reuse", srv_parse_no_ssl_reuse, 0, 1 }, /* disable session reuse */
11735 { "no-sslv3", srv_parse_tls_method_options, 0, 0 }, /* disable SSLv3 */
11736 { "no-tlsv10", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv10 */
11737 { "no-tlsv11", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv11 */
11738 { "no-tlsv12", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv12 */
11739 { "no-tlsv13", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv13 */
11740 { "no-tls-tickets", srv_parse_no_tls_tickets, 0, 1 }, /* disable session resumption tickets */
Olivier Houchardc7566002018-11-20 23:33:50 +010011741 { "npn", srv_parse_npn, 1, 1 }, /* Set NPN supported protocols */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020011742 { "send-proxy-v2-ssl", srv_parse_send_proxy_ssl, 0, 1 }, /* send PROXY protocol header v2 with SSL info */
11743 { "send-proxy-v2-ssl-cn", srv_parse_send_proxy_cn, 0, 1 }, /* send PROXY protocol header v2 with CN */
11744 { "sni", srv_parse_sni, 1, 1 }, /* send SNI extension */
11745 { "ssl", srv_parse_ssl, 0, 1 }, /* enable SSL processing */
11746 { "ssl-min-ver", srv_parse_tls_method_minmax, 1, 1 }, /* minimum version */
11747 { "ssl-max-ver", srv_parse_tls_method_minmax, 1, 1 }, /* maximum version */
11748 { "ssl-reuse", srv_parse_ssl_reuse, 0, 1 }, /* enable session reuse */
11749 { "tls-tickets", srv_parse_tls_tickets, 0, 1 }, /* enable session resumption tickets */
11750 { "verify", srv_parse_verify, 1, 1 }, /* set SSL verify method */
11751 { "verifyhost", srv_parse_verifyhost, 1, 1 }, /* require that SSL cert verifies for hostname */
Willy Tarreau92faadf2012-10-10 23:04:25 +020011752 { NULL, NULL, 0, 0 },
11753}};
11754
Willy Tarreau0108d902018-11-25 19:14:37 +010011755INITCALL1(STG_REGISTER, srv_register_keywords, &srv_kws);
11756
Emeric Brun2c86cbf2014-10-30 15:56:50 +010011757static struct cfg_kw_list cfg_kws = {ILH, {
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +010011758 { CFG_GLOBAL, "ca-base", ssl_parse_global_ca_crt_base },
11759 { CFG_GLOBAL, "crt-base", ssl_parse_global_ca_crt_base },
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +010011760 { CFG_GLOBAL, "issuers-chain-path", ssl_load_global_issuers_from_path },
Willy Tarreau0bea58d2016-12-21 23:17:25 +010011761 { CFG_GLOBAL, "maxsslconn", ssl_parse_global_int },
Emeric Brun2c86cbf2014-10-30 15:56:50 +010011762 { CFG_GLOBAL, "ssl-default-bind-options", ssl_parse_default_bind_options },
11763 { CFG_GLOBAL, "ssl-default-server-options", ssl_parse_default_server_options },
Willy Tarreau14e36a12016-12-21 23:28:13 +010011764#ifndef OPENSSL_NO_DH
11765 { CFG_GLOBAL, "ssl-dh-param-file", ssl_parse_global_dh_param_file },
11766#endif
Grant Zhangfa6c7ee2017-01-14 01:42:15 +000011767 { CFG_GLOBAL, "ssl-mode-async", ssl_parse_global_ssl_async },
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020011768#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +000011769 { CFG_GLOBAL, "ssl-engine", ssl_parse_global_ssl_engine },
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020011770#endif
Willy Tarreau9ceda382016-12-21 23:13:03 +010011771 { CFG_GLOBAL, "tune.ssl.cachesize", ssl_parse_global_int },
11772#ifndef OPENSSL_NO_DH
11773 { CFG_GLOBAL, "tune.ssl.default-dh-param", ssl_parse_global_default_dh },
11774#endif
11775 { CFG_GLOBAL, "tune.ssl.force-private-cache", ssl_parse_global_private_cache },
11776 { CFG_GLOBAL, "tune.ssl.lifetime", ssl_parse_global_lifetime },
11777 { CFG_GLOBAL, "tune.ssl.maxrecord", ssl_parse_global_int },
11778 { CFG_GLOBAL, "tune.ssl.ssl-ctx-cache-size", ssl_parse_global_int },
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010011779 { CFG_GLOBAL, "tune.ssl.capture-cipherlist-size", ssl_parse_global_capture_cipherlist },
Willy Tarreauf22e9682016-12-21 23:23:19 +010011780 { CFG_GLOBAL, "ssl-default-bind-ciphers", ssl_parse_global_ciphers },
11781 { CFG_GLOBAL, "ssl-default-server-ciphers", ssl_parse_global_ciphers },
Emmanuel Hocdet839af572019-05-14 16:27:35 +020011782#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020011783 { CFG_GLOBAL, "ssl-default-bind-ciphersuites", ssl_parse_global_ciphersuites },
11784 { CFG_GLOBAL, "ssl-default-server-ciphersuites", ssl_parse_global_ciphersuites },
11785#endif
William Lallemand3af48e72020-02-03 17:15:52 +010011786 { CFG_GLOBAL, "ssl-load-extra-files", ssl_parse_global_extra_files },
Emeric Brun2c86cbf2014-10-30 15:56:50 +010011787 { 0, NULL, NULL },
11788}};
11789
Willy Tarreau0108d902018-11-25 19:14:37 +010011790INITCALL1(STG_REGISTER, cfg_register_keywords, &cfg_kws);
11791
Nenad Merdanovicc31499d2019-03-23 11:00:32 +010011792/* Note: must not be declared <const> as its list will be overwritten */
11793static struct sample_conv_kw_list conv_kws = {ILH, {
Willy Tarreau86a394e2019-05-09 14:15:32 +020011794#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000100fL)
Nenad Merdanovicc31499d2019-03-23 11:00:32 +010011795 { "aes_gcm_dec", sample_conv_aes_gcm_dec, ARG4(4,SINT,STR,STR,STR), check_aes_gcm, SMP_T_BIN, SMP_T_BIN },
11796#endif
11797 { NULL, NULL, 0, 0, 0 },
11798}};
11799
11800INITCALL1(STG_REGISTER, sample_register_convs, &conv_kws);
11801
Willy Tarreauf7bc57c2012-10-03 00:19:48 +020011802/* transport-layer operations for SSL sockets */
Willy Tarreaud9f5cca2016-12-22 21:08:52 +010011803static struct xprt_ops ssl_sock = {
Emeric Brun46591952012-05-18 15:47:34 +020011804 .snd_buf = ssl_sock_from_buf,
11805 .rcv_buf = ssl_sock_to_buf,
Olivier Houcharddf357842019-03-21 16:30:07 +010011806 .subscribe = ssl_subscribe,
11807 .unsubscribe = ssl_unsubscribe,
Olivier Houchard5149b592019-05-23 17:47:36 +020011808 .remove_xprt = ssl_remove_xprt,
Olivier Houchard2e055482019-05-27 19:50:12 +020011809 .add_xprt = ssl_add_xprt,
Emeric Brun46591952012-05-18 15:47:34 +020011810 .rcv_pipe = NULL,
11811 .snd_pipe = NULL,
11812 .shutr = NULL,
11813 .shutw = ssl_sock_shutw,
11814 .close = ssl_sock_close,
11815 .init = ssl_sock_init,
Willy Tarreau55d37912016-12-21 23:38:39 +010011816 .prepare_bind_conf = ssl_sock_prepare_bind_conf,
Willy Tarreau795cdab2016-12-22 17:30:54 +010011817 .destroy_bind_conf = ssl_sock_destroy_bind_conf,
Willy Tarreau17d45382016-12-22 21:16:08 +010011818 .prepare_srv = ssl_sock_prepare_srv_ctx,
11819 .destroy_srv = ssl_sock_free_srv_ctx,
Willy Tarreau8743f7e2016-12-04 18:44:29 +010011820 .get_alpn = ssl_sock_get_alpn,
Willy Tarreau8e0bb0a2016-11-24 16:58:12 +010011821 .name = "SSL",
Emeric Brun46591952012-05-18 15:47:34 +020011822};
11823
Olivier Houchardccaa7de2017-10-02 11:51:03 +020011824enum act_return ssl_action_wait_for_hs(struct act_rule *rule, struct proxy *px,
11825 struct session *sess, struct stream *s, int flags)
11826{
11827 struct connection *conn;
Olivier Houchard6fa63d92017-11-27 18:41:32 +010011828 struct conn_stream *cs;
Olivier Houchardccaa7de2017-10-02 11:51:03 +020011829
11830 conn = objt_conn(sess->origin);
Olivier Houchard6fa63d92017-11-27 18:41:32 +010011831 cs = objt_cs(s->si[0].end);
Olivier Houchardccaa7de2017-10-02 11:51:03 +020011832
Olivier Houchard6fa63d92017-11-27 18:41:32 +010011833 if (conn && cs) {
Olivier Houchardccaa7de2017-10-02 11:51:03 +020011834 if (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_SSL_WAIT_HS)) {
Olivier Houchard6fa63d92017-11-27 18:41:32 +010011835 cs->flags |= CS_FL_WAIT_FOR_HS;
Olivier Houchardccaa7de2017-10-02 11:51:03 +020011836 s->req.flags |= CF_READ_NULL;
11837 return ACT_RET_YIELD;
11838 }
11839 }
11840 return (ACT_RET_CONT);
11841}
11842
11843static enum act_parse_ret ssl_parse_wait_for_hs(const char **args, int *orig_arg, struct proxy *px, struct act_rule *rule, char **err)
11844{
11845 rule->action_ptr = ssl_action_wait_for_hs;
11846
11847 return ACT_RET_PRS_OK;
11848}
11849
11850static struct action_kw_list http_req_actions = {ILH, {
11851 { "wait-for-handshake", ssl_parse_wait_for_hs },
11852 { /* END */ }
11853}};
11854
Willy Tarreau0108d902018-11-25 19:14:37 +010011855INITCALL1(STG_REGISTER, http_req_keywords_register, &http_req_actions);
11856
Willy Tarreau5db847a2019-05-09 14:13:35 +020011857#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +010011858
11859static void ssl_sock_sctl_free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp)
11860{
11861 if (ptr) {
11862 chunk_destroy(ptr);
11863 free(ptr);
11864 }
11865}
11866
11867#endif
Emmanuel Hocdetaaee7502017-03-07 18:34:58 +010011868static void ssl_sock_capture_free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp)
11869{
Willy Tarreaubafbe012017-11-24 17:34:44 +010011870 pool_free(pool_head_ssl_capture, ptr);
Emmanuel Hocdetaaee7502017-03-07 18:34:58 +010011871}
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +010011872
Emeric Brun46591952012-05-18 15:47:34 +020011873__attribute__((constructor))
Willy Tarreau92faadf2012-10-10 23:04:25 +020011874static void __ssl_sock_init(void)
11875{
Ilya Shipitsin0590f442019-05-25 19:30:50 +050011876#if (!defined(OPENSSL_NO_COMP) && !defined(SSL_OP_NO_COMPRESSION))
Emeric Brun46591952012-05-18 15:47:34 +020011877 STACK_OF(SSL_COMP)* cm;
Ilya Shipitsine242f3d2019-05-25 03:38:14 +050011878 int n;
Ilya Shipitsin0590f442019-05-25 19:30:50 +050011879#endif
Emeric Brun46591952012-05-18 15:47:34 +020011880
Willy Tarreauef934602016-12-22 23:12:01 +010011881 if (global_ssl.listen_default_ciphers)
11882 global_ssl.listen_default_ciphers = strdup(global_ssl.listen_default_ciphers);
11883 if (global_ssl.connect_default_ciphers)
11884 global_ssl.connect_default_ciphers = strdup(global_ssl.connect_default_ciphers);
Emmanuel Hocdet839af572019-05-14 16:27:35 +020011885#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020011886 if (global_ssl.listen_default_ciphersuites)
11887 global_ssl.listen_default_ciphersuites = strdup(global_ssl.listen_default_ciphersuites);
11888 if (global_ssl.connect_default_ciphersuites)
11889 global_ssl.connect_default_ciphersuites = strdup(global_ssl.connect_default_ciphersuites);
11890#endif
Willy Tarreau610f04b2014-02-13 11:36:41 +010011891
Willy Tarreau13e14102016-12-22 20:25:26 +010011892 xprt_register(XPRT_SSL, &ssl_sock);
Willy Tarreau9a1ab082019-05-09 13:26:41 +020011893#if HA_OPENSSL_VERSION_NUMBER < 0x10100000L
Emeric Brun46591952012-05-18 15:47:34 +020011894 SSL_library_init();
Rosen Penev68185952018-12-14 08:47:02 -080011895#endif
Ilya Shipitsin0590f442019-05-25 19:30:50 +050011896#if (!defined(OPENSSL_NO_COMP) && !defined(SSL_OP_NO_COMPRESSION))
Emeric Brun46591952012-05-18 15:47:34 +020011897 cm = SSL_COMP_get_compression_methods();
Ilya Shipitsine242f3d2019-05-25 03:38:14 +050011898 n = sk_SSL_COMP_num(cm);
11899 while (n--) {
11900 (void) sk_SSL_COMP_pop(cm);
11901 }
Ilya Shipitsin0590f442019-05-25 19:30:50 +050011902#endif
Ilya Shipitsine242f3d2019-05-25 03:38:14 +050011903
Willy Tarreau5db847a2019-05-09 14:13:35 +020011904#if defined(USE_THREAD) && (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Emeric Brun821bb9b2017-06-15 16:37:39 +020011905 ssl_locking_init();
11906#endif
Willy Tarreau5db847a2019-05-09 14:13:35 +020011907#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +010011908 sctl_ex_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, ssl_sock_sctl_free_func);
11909#endif
Thierry FOURNIER28962c92018-06-17 21:37:05 +020011910 ssl_app_data_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL);
Thierry FOURNIER16ff0502018-06-17 21:33:01 +020011911 ssl_capture_ptr_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, ssl_sock_capture_free_func);
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020011912#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +000011913 ENGINE_load_builtin_engines();
Grant Zhangfa6c7ee2017-01-14 01:42:15 +000011914 hap_register_post_check(ssl_check_async_engine_count);
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020011915#endif
Willy Tarreaud1c57502016-12-22 22:46:15 +010011916#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
11917 hap_register_post_check(tlskeys_finalize_config);
11918#endif
Willy Tarreau80713382018-11-26 10:19:54 +010011919
11920 global.ssl_session_max_cost = SSL_SESSION_MAX_COST;
11921 global.ssl_handshake_max_cost = SSL_HANDSHAKE_MAX_COST;
11922
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +010011923 hap_register_post_deinit(ssl_free_global_issuers);
11924
Willy Tarreau80713382018-11-26 10:19:54 +010011925#ifndef OPENSSL_NO_DH
11926 ssl_dh_ptr_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL);
11927 hap_register_post_deinit(ssl_free_dh);
11928#endif
11929#ifndef OPENSSL_NO_ENGINE
11930 hap_register_post_deinit(ssl_free_engines);
11931#endif
11932 /* Load SSL string for the verbose & debug mode. */
11933 ERR_load_SSL_strings();
Olivier Houcharda8955d52019-04-07 22:00:38 +020011934 ha_meth = BIO_meth_new(0x666, "ha methods");
11935 BIO_meth_set_write(ha_meth, ha_ssl_write);
11936 BIO_meth_set_read(ha_meth, ha_ssl_read);
11937 BIO_meth_set_ctrl(ha_meth, ha_ssl_ctrl);
11938 BIO_meth_set_create(ha_meth, ha_ssl_new);
11939 BIO_meth_set_destroy(ha_meth, ha_ssl_free);
11940 BIO_meth_set_puts(ha_meth, ha_ssl_puts);
11941 BIO_meth_set_gets(ha_meth, ha_ssl_gets);
William Lallemand150bfa82019-09-19 17:12:49 +020011942
11943 HA_SPIN_INIT(&ckch_lock);
Willy Tarreau80713382018-11-26 10:19:54 +010011944}
Willy Tarreaud92aa5c2015-01-15 21:34:39 +010011945
Willy Tarreau80713382018-11-26 10:19:54 +010011946/* Compute and register the version string */
11947static void ssl_register_build_options()
11948{
11949 char *ptr = NULL;
11950 int i;
11951
Willy Tarreauc2c0b612016-12-21 19:23:20 +010011952 memprintf(&ptr, "Built with OpenSSL version : "
11953#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet50e25e12017-03-24 15:20:03 +010011954 "BoringSSL");
Willy Tarreauc2c0b612016-12-21 19:23:20 +010011955#else /* OPENSSL_IS_BORINGSSL */
11956 OPENSSL_VERSION_TEXT
11957 "\nRunning on OpenSSL version : %s%s",
Rosen Penev68185952018-12-14 08:47:02 -080011958 OpenSSL_version(OPENSSL_VERSION),
Willy Tarreau1d158ab2019-05-09 13:41:45 +020011959 ((OPENSSL_VERSION_NUMBER ^ OpenSSL_version_num()) >> 8) ? " (VERSIONS DIFFER!)" : "");
Willy Tarreauc2c0b612016-12-21 19:23:20 +010011960#endif
11961 memprintf(&ptr, "%s\nOpenSSL library supports TLS extensions : "
Willy Tarreau9a1ab082019-05-09 13:26:41 +020011962#if HA_OPENSSL_VERSION_NUMBER < 0x00907000L
Willy Tarreauc2c0b612016-12-21 19:23:20 +010011963 "no (library version too old)"
11964#elif defined(OPENSSL_NO_TLSEXT)
11965 "no (disabled via OPENSSL_NO_TLSEXT)"
11966#else
11967 "yes"
11968#endif
11969 "", ptr);
11970
11971 memprintf(&ptr, "%s\nOpenSSL library supports SNI : "
11972#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
11973 "yes"
11974#else
11975#ifdef OPENSSL_NO_TLSEXT
11976 "no (because of OPENSSL_NO_TLSEXT)"
11977#else
11978 "no (version might be too old, 0.9.8f min needed)"
11979#endif
11980#endif
11981 "", ptr);
11982
Emmanuel Hocdetf80bc242017-07-12 14:25:38 +020011983 memprintf(&ptr, "%s\nOpenSSL library supports :", ptr);
11984 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
11985 if (methodVersions[i].option)
11986 memprintf(&ptr, "%s %s", ptr, methodVersions[i].name);
Emmanuel Hocdet50e25e12017-03-24 15:20:03 +010011987
Willy Tarreauc2c0b612016-12-21 19:23:20 +010011988 hap_register_build_opts(ptr, 1);
Willy Tarreau80713382018-11-26 10:19:54 +010011989}
Willy Tarreauc2c0b612016-12-21 19:23:20 +010011990
Willy Tarreau80713382018-11-26 10:19:54 +010011991INITCALL0(STG_REGISTER, ssl_register_build_options);
Remi Gacogne4f902b82015-05-28 16:23:00 +020011992
Emeric Brun46591952012-05-18 15:47:34 +020011993
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020011994#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +000011995void ssl_free_engines(void) {
11996 struct ssl_engine_list *wl, *wlb;
11997 /* free up engine list */
11998 list_for_each_entry_safe(wl, wlb, &openssl_engines, list) {
11999 ENGINE_finish(wl->e);
12000 ENGINE_free(wl->e);
12001 LIST_DEL(&wl->list);
12002 free(wl);
12003 }
12004}
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020012005#endif
Christopher Faulet31af49d2015-06-09 17:29:50 +020012006
Remi Gacogned3a23c32015-05-28 16:39:47 +020012007#ifndef OPENSSL_NO_DH
Grant Zhang872f9c22017-01-21 01:10:18 +000012008void ssl_free_dh(void) {
12009 if (local_dh_1024) {
12010 DH_free(local_dh_1024);
12011 local_dh_1024 = NULL;
12012 }
12013 if (local_dh_2048) {
12014 DH_free(local_dh_2048);
12015 local_dh_2048 = NULL;
12016 }
12017 if (local_dh_4096) {
12018 DH_free(local_dh_4096);
12019 local_dh_4096 = NULL;
12020 }
Remi Gacogne47783ef2015-05-29 15:53:22 +020012021 if (global_dh) {
12022 DH_free(global_dh);
12023 global_dh = NULL;
12024 }
Grant Zhang872f9c22017-01-21 01:10:18 +000012025}
12026#endif
12027
12028__attribute__((destructor))
12029static void __ssl_sock_deinit(void)
12030{
12031#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Emeric Brun821bb9b2017-06-15 16:37:39 +020012032 if (ssl_ctx_lru_tree) {
12033 lru64_destroy(ssl_ctx_lru_tree);
Christopher Faulet2a944ee2017-11-07 10:42:54 +010012034 HA_RWLOCK_DESTROY(&ssl_ctx_lru_rwlock);
Emeric Brun821bb9b2017-06-15 16:37:39 +020012035 }
Remi Gacogned3a23c32015-05-28 16:39:47 +020012036#endif
12037
Willy Tarreau5db847a2019-05-09 14:13:35 +020012038#if (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Remi Gacogned3a23c32015-05-28 16:39:47 +020012039 ERR_remove_state(0);
12040 ERR_free_strings();
12041
12042 EVP_cleanup();
Rosen Penev68185952018-12-14 08:47:02 -080012043#endif
Remi Gacogned3a23c32015-05-28 16:39:47 +020012044
Willy Tarreau5db847a2019-05-09 14:13:35 +020012045#if (HA_OPENSSL_VERSION_NUMBER >= 0x00907000L) && (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Remi Gacogned3a23c32015-05-28 16:39:47 +020012046 CRYPTO_cleanup_all_ex_data();
12047#endif
Olivier Houcharda8955d52019-04-07 22:00:38 +020012048 BIO_meth_free(ha_meth);
Remi Gacogned3a23c32015-05-28 16:39:47 +020012049}
12050
12051
Emeric Brun46591952012-05-18 15:47:34 +020012052/*
12053 * Local variables:
12054 * c-indent-level: 8
12055 * c-basic-offset: 8
12056 * End:
12057 */