blob: 9302869b92863ac06a937abdd5f982e98a5dc805 [file] [log] [blame]
Emeric Brun46591952012-05-18 15:47:34 +02001/*
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02002 * SSL/TLS transport layer over SOCK_STREAM sockets
Emeric Brun46591952012-05-18 15:47:34 +02003 *
4 * Copyright (C) 2012 EXCELIANCE, Emeric Brun <ebrun@exceliance.fr>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
Willy Tarreau69845df2012-09-10 09:43:09 +020011 * Acknowledgement:
12 * We'd like to specially thank the Stud project authors for a very clean
13 * and well documented code which helped us understand how the OpenSSL API
14 * ought to be used in non-blocking mode. This is one difficult part which
15 * is not easy to get from the OpenSSL doc, and reading the Stud code made
16 * it much more obvious than the examples in the OpenSSL package. Keep up
17 * the good works, guys !
18 *
19 * Stud is an extremely efficient and scalable SSL/TLS proxy which combines
20 * particularly well with haproxy. For more info about this project, visit :
21 * https://github.com/bumptech/stud
22 *
Emeric Brun46591952012-05-18 15:47:34 +020023 */
24
25#define _GNU_SOURCE
Emeric Brunfc0421f2012-09-07 17:30:07 +020026#include <ctype.h>
27#include <dirent.h>
Emeric Brun46591952012-05-18 15:47:34 +020028#include <errno.h>
29#include <fcntl.h>
30#include <stdio.h>
31#include <stdlib.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020032#include <string.h>
33#include <unistd.h>
Emeric Brun46591952012-05-18 15:47:34 +020034
35#include <sys/socket.h>
36#include <sys/stat.h>
37#include <sys/types.h>
38
39#include <netinet/tcp.h>
40
41#include <openssl/ssl.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020042#include <openssl/x509.h>
43#include <openssl/x509v3.h>
44#include <openssl/x509.h>
45#include <openssl/err.h>
Thierry Fournier383085f2013-01-24 14:15:43 +010046#include <openssl/rand.h>
Lukas Tribuse4e30f72014-12-09 16:32:51 +010047#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
Emeric Brun4147b2e2014-06-16 18:36:30 +020048#include <openssl/ocsp.h>
49#endif
Emeric Brun46591952012-05-18 15:47:34 +020050
51#include <common/buffer.h>
52#include <common/compat.h>
53#include <common/config.h>
54#include <common/debug.h>
Willy Tarreau79eeafa2012-09-14 07:53:05 +020055#include <common/errors.h>
Emeric Brun46591952012-05-18 15:47:34 +020056#include <common/standard.h>
57#include <common/ticks.h>
58#include <common/time.h>
Emeric Brun2c86cbf2014-10-30 15:56:50 +010059#include <common/cfgparse.h>
Nenad Merdanovic05552d42015-02-27 19:56:49 +010060#include <common/base64.h>
Emeric Brun46591952012-05-18 15:47:34 +020061
Emeric Brunfc0421f2012-09-07 17:30:07 +020062#include <ebsttree.h>
63
64#include <types/global.h>
65#include <types/ssl_sock.h>
66
Willy Tarreau7875d092012-09-10 08:20:03 +020067#include <proto/acl.h>
68#include <proto/arg.h>
Emeric Brun46591952012-05-18 15:47:34 +020069#include <proto/connection.h>
70#include <proto/fd.h>
71#include <proto/freq_ctr.h>
72#include <proto/frontend.h>
Willy Tarreau79eeafa2012-09-14 07:53:05 +020073#include <proto/listener.h>
Thierry FOURNIERed66c292013-11-28 11:05:19 +010074#include <proto/pattern.h>
Willy Tarreau92faadf2012-10-10 23:04:25 +020075#include <proto/server.h>
Emeric Brun46591952012-05-18 15:47:34 +020076#include <proto/log.h>
Emeric Brun94324a42012-10-11 14:00:19 +020077#include <proto/proxy.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020078#include <proto/shctx.h>
Emeric Brun46591952012-05-18 15:47:34 +020079#include <proto/ssl_sock.h>
Willy Tarreau9ad7bd42015-04-03 19:19:59 +020080#include <proto/stream.h>
Emeric Brun46591952012-05-18 15:47:34 +020081#include <proto/task.h>
82
Willy Tarreau518cedd2014-02-17 15:43:01 +010083/* Warning, these are bits, not integers! */
Emeric Brune64aef12012-09-21 13:15:06 +020084#define SSL_SOCK_ST_FL_VERIFY_DONE 0x00000001
Emeric Brund8b2bb52014-01-28 15:43:53 +010085#define SSL_SOCK_ST_FL_16K_WBFSIZE 0x00000002
Willy Tarreau518cedd2014-02-17 15:43:01 +010086#define SSL_SOCK_SEND_UNLIMITED 0x00000004
Emeric Brun29f037d2014-04-25 19:05:36 +020087#define SSL_SOCK_RECV_HEARTBEAT 0x00000008
88
Emeric Brunf282a812012-09-21 15:27:54 +020089/* bits 0xFFFF0000 are reserved to store verify errors */
90
91/* Verify errors macros */
92#define SSL_SOCK_CA_ERROR_TO_ST(e) (((e > 63) ? 63 : e) << (16))
93#define SSL_SOCK_CAEDEPTH_TO_ST(d) (((d > 15) ? 15 : d) << (6+16))
94#define SSL_SOCK_CRTERROR_TO_ST(e) (((e > 63) ? 63 : e) << (4+6+16))
95
96#define SSL_SOCK_ST_TO_CA_ERROR(s) ((s >> (16)) & 63)
97#define SSL_SOCK_ST_TO_CAEDEPTH(s) ((s >> (6+16)) & 15)
98#define SSL_SOCK_ST_TO_CRTERROR(s) ((s >> (4+6+16)) & 63)
Emeric Brune64aef12012-09-21 13:15:06 +020099
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100100/* Supported hash function for TLS tickets */
101#ifdef OPENSSL_NO_SHA256
102#define HASH_FUNCT EVP_sha1
103#else
104#define HASH_FUNCT EVP_sha256
105#endif /* OPENSSL_NO_SHA256 */
106
Emeric Brun850efd52014-01-29 12:24:34 +0100107/* server and bind verify method, it uses a global value as default */
108enum {
109 SSL_SOCK_VERIFY_DEFAULT = 0,
110 SSL_SOCK_VERIFY_REQUIRED = 1,
111 SSL_SOCK_VERIFY_OPTIONAL = 2,
112 SSL_SOCK_VERIFY_NONE = 3,
113};
114
Willy Tarreau71b734c2014-01-28 15:19:44 +0100115int sslconns = 0;
116int totalsslconns = 0;
Emeric Brune1f38db2012-09-03 20:36:47 +0200117
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200118#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
119struct list tlskeys_reference = LIST_HEAD_INIT(tlskeys_reference);
120#endif
121
Remi Gacogne8de54152014-07-15 11:36:40 +0200122#ifndef OPENSSL_NO_DH
123static DH *local_dh_1024 = NULL;
124static DH *local_dh_2048 = NULL;
125static DH *local_dh_4096 = NULL;
126static DH *local_dh_8192 = NULL;
127#endif /* OPENSSL_NO_DH */
128
Lukas Tribuse4e30f72014-12-09 16:32:51 +0100129#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
Emeric Brun4147b2e2014-06-16 18:36:30 +0200130struct certificate_ocsp {
131 struct ebmb_node key;
132 unsigned char key_data[OCSP_MAX_CERTID_ASN1_LENGTH];
133 struct chunk response;
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200134 long expire;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200135};
136
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200137/*
138 * This function returns the number of seconds elapsed
139 * since the Epoch, 1970-01-01 00:00:00 +0000 (UTC) and the
140 * date presented un ASN1_GENERALIZEDTIME.
141 *
142 * In parsing error case, it returns -1.
143 */
144static long asn1_generalizedtime_to_epoch(ASN1_GENERALIZEDTIME *d)
145{
146 long epoch;
147 char *p, *end;
148 const unsigned short month_offset[12] = {
149 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334
150 };
151 int year, month;
152
153 if (!d || (d->type != V_ASN1_GENERALIZEDTIME)) return -1;
154
155 p = (char *)d->data;
156 end = p + d->length;
157
158 if (end - p < 4) return -1;
159 year = 1000 * (p[0] - '0') + 100 * (p[1] - '0') + 10 * (p[2] - '0') + p[3] - '0';
160 p += 4;
161 if (end - p < 2) return -1;
162 month = 10 * (p[0] - '0') + p[1] - '0';
163 if (month < 1 || month > 12) return -1;
164 /* Compute the number of seconds since 1 jan 1970 and the beginning of current month
165 We consider leap years and the current month (<marsh or not) */
166 epoch = ( ((year - 1970) * 365)
167 + ((year - (month < 3)) / 4 - (year - (month < 3)) / 100 + (year - (month < 3)) / 400)
168 - ((1970 - 1) / 4 - (1970 - 1) / 100 + (1970 - 1) / 400)
169 + month_offset[month-1]
170 ) * 24 * 60 * 60;
171 p += 2;
172 if (end - p < 2) return -1;
173 /* Add the number of seconds of completed days of current month */
174 epoch += (10 * (p[0] - '0') + p[1] - '0' - 1) * 24 * 60 * 60;
175 p += 2;
176 if (end - p < 2) return -1;
177 /* Add the completed hours of the current day */
178 epoch += (10 * (p[0] - '0') + p[1] - '0') * 60 * 60;
179 p += 2;
180 if (end - p < 2) return -1;
181 /* Add the completed minutes of the current hour */
182 epoch += (10 * (p[0] - '0') + p[1] - '0') * 60;
183 p += 2;
184 if (p == end) return -1;
185 /* Test if there is available seconds */
186 if (p[0] < '0' || p[0] > '9')
187 goto nosec;
188 if (end - p < 2) return -1;
189 /* Add the seconds of the current minute */
190 epoch += 10 * (p[0] - '0') + p[1] - '0';
191 p += 2;
192 if (p == end) return -1;
193 /* Ignore seconds float part if present */
194 if (p[0] == '.') {
195 do {
196 if (++p == end) return -1;
197 } while (p[0] >= '0' && p[0] <= '9');
198 }
199
200nosec:
201 if (p[0] == 'Z') {
202 if (end - p != 1) return -1;
203 return epoch;
204 }
205 else if (p[0] == '+') {
206 if (end - p != 5) return -1;
207 /* Apply timezone offset */
208 return epoch - ((10 * (p[1] - '0') + p[2] - '0') * 60 + (10 * (p[3] - '0') + p[4] - '0')) * 60;
209 }
210 else if (p[0] == '-') {
211 if (end - p != 5) return -1;
212 /* Apply timezone offset */
213 return epoch + ((10 * (p[1] - '0') + p[2] - '0') * 60 + (10 * (p[3] - '0') + p[4] - '0')) * 60;
214 }
215
216 return -1;
217}
218
Emeric Brun1d3865b2014-06-20 15:37:32 +0200219static struct eb_root cert_ocsp_tree = EB_ROOT_UNIQUE;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200220
221/* This function starts to check if the OCSP response (in DER format) contained
222 * in chunk 'ocsp_response' is valid (else exits on error).
223 * If 'cid' is not NULL, it will be compared to the OCSP certificate ID
224 * contained in the OCSP Response and exits on error if no match.
225 * If it's a valid OCSP Response:
226 * If 'ocsp' is not NULL, the chunk is copied in the OCSP response's container
227 * pointed by 'ocsp'.
228 * If 'ocsp' is NULL, the function looks up into the OCSP response's
229 * containers tree (using as index the ASN1 form of the OCSP Certificate ID extracted
230 * from the response) and exits on error if not found. Finally, If an OCSP response is
231 * already present in the container, it will be overwritten.
232 *
233 * Note: OCSP response containing more than one OCSP Single response is not
234 * considered valid.
235 *
236 * Returns 0 on success, 1 in error case.
237 */
238static int ssl_sock_load_ocsp_response(struct chunk *ocsp_response, struct certificate_ocsp *ocsp, OCSP_CERTID *cid, char **err)
239{
240 OCSP_RESPONSE *resp;
241 OCSP_BASICRESP *bs = NULL;
242 OCSP_SINGLERESP *sr;
243 unsigned char *p = (unsigned char *)ocsp_response->str;
244 int rc , count_sr;
Emeric Brun13a6b482014-06-20 15:44:34 +0200245 ASN1_GENERALIZEDTIME *revtime, *thisupd, *nextupd = NULL;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200246 int reason;
247 int ret = 1;
248
249 resp = d2i_OCSP_RESPONSE(NULL, (const unsigned char **)&p, ocsp_response->len);
250 if (!resp) {
251 memprintf(err, "Unable to parse OCSP response");
252 goto out;
253 }
254
255 rc = OCSP_response_status(resp);
256 if (rc != OCSP_RESPONSE_STATUS_SUCCESSFUL) {
257 memprintf(err, "OCSP response status not successful");
258 goto out;
259 }
260
261 bs = OCSP_response_get1_basic(resp);
262 if (!bs) {
263 memprintf(err, "Failed to get basic response from OCSP Response");
264 goto out;
265 }
266
267 count_sr = OCSP_resp_count(bs);
268 if (count_sr > 1) {
269 memprintf(err, "OCSP response ignored because contains multiple single responses (%d)", count_sr);
270 goto out;
271 }
272
273 sr = OCSP_resp_get0(bs, 0);
274 if (!sr) {
275 memprintf(err, "Failed to get OCSP single response");
276 goto out;
277 }
278
279 rc = OCSP_single_get0_status(sr, &reason, &revtime, &thisupd, &nextupd);
280 if (rc != V_OCSP_CERTSTATUS_GOOD) {
281 memprintf(err, "OCSP single response: certificate status not good");
282 goto out;
283 }
284
Emeric Brun13a6b482014-06-20 15:44:34 +0200285 if (!nextupd) {
286 memprintf(err, "OCSP single response: missing nextupdate");
287 goto out;
288 }
289
Emeric Brunc8b27b62014-06-19 14:16:17 +0200290 rc = OCSP_check_validity(thisupd, nextupd, OCSP_MAX_RESPONSE_TIME_SKEW, -1);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200291 if (!rc) {
292 memprintf(err, "OCSP single response: no longer valid.");
293 goto out;
294 }
295
296 if (cid) {
297 if (OCSP_id_cmp(sr->certId, cid)) {
298 memprintf(err, "OCSP single response: Certificate ID does not match certificate and issuer");
299 goto out;
300 }
301 }
302
303 if (!ocsp) {
304 unsigned char key[OCSP_MAX_CERTID_ASN1_LENGTH];
305 unsigned char *p;
306
307 rc = i2d_OCSP_CERTID(sr->certId, NULL);
308 if (!rc) {
309 memprintf(err, "OCSP single response: Unable to encode Certificate ID");
310 goto out;
311 }
312
313 if (rc > OCSP_MAX_CERTID_ASN1_LENGTH) {
314 memprintf(err, "OCSP single response: Certificate ID too long");
315 goto out;
316 }
317
318 p = key;
319 memset(key, 0, OCSP_MAX_CERTID_ASN1_LENGTH);
320 i2d_OCSP_CERTID(sr->certId, &p);
321 ocsp = (struct certificate_ocsp *)ebmb_lookup(&cert_ocsp_tree, key, OCSP_MAX_CERTID_ASN1_LENGTH);
322 if (!ocsp) {
323 memprintf(err, "OCSP single response: Certificate ID does not match any certificate or issuer");
324 goto out;
325 }
326 }
327
328 /* According to comments on "chunk_dup", the
329 previous chunk buffer will be freed */
330 if (!chunk_dup(&ocsp->response, ocsp_response)) {
331 memprintf(err, "OCSP response: Memory allocation error");
332 goto out;
333 }
334
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200335 ocsp->expire = asn1_generalizedtime_to_epoch(nextupd) - OCSP_MAX_RESPONSE_TIME_SKEW;
336
Emeric Brun4147b2e2014-06-16 18:36:30 +0200337 ret = 0;
338out:
339 if (bs)
340 OCSP_BASICRESP_free(bs);
341
342 if (resp)
343 OCSP_RESPONSE_free(resp);
344
345 return ret;
346}
347/*
348 * External function use to update the OCSP response in the OCSP response's
349 * containers tree. The chunk 'ocsp_response' must contain the OCSP response
350 * to update in DER format.
351 *
352 * Returns 0 on success, 1 in error case.
353 */
354int ssl_sock_update_ocsp_response(struct chunk *ocsp_response, char **err)
355{
356 return ssl_sock_load_ocsp_response(ocsp_response, NULL, NULL, err);
357}
358
359/*
360 * This function load the OCSP Resonse in DER format contained in file at
361 * path 'ocsp_path' and call 'ssl_sock_load_ocsp_response'
362 *
363 * Returns 0 on success, 1 in error case.
364 */
365static int ssl_sock_load_ocsp_response_from_file(const char *ocsp_path, struct certificate_ocsp *ocsp, OCSP_CERTID *cid, char **err)
366{
367 int fd = -1;
368 int r = 0;
369 int ret = 1;
370
371 fd = open(ocsp_path, O_RDONLY);
372 if (fd == -1) {
373 memprintf(err, "Error opening OCSP response file");
374 goto end;
375 }
376
377 trash.len = 0;
378 while (trash.len < trash.size) {
379 r = read(fd, trash.str + trash.len, trash.size - trash.len);
380 if (r < 0) {
381 if (errno == EINTR)
382 continue;
383
384 memprintf(err, "Error reading OCSP response from file");
385 goto end;
386 }
387 else if (r == 0) {
388 break;
389 }
390 trash.len += r;
391 }
392
393 close(fd);
394 fd = -1;
395
396 ret = ssl_sock_load_ocsp_response(&trash, ocsp, cid, err);
397end:
398 if (fd != -1)
399 close(fd);
400
401 return ret;
402}
403
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100404#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
405static int ssl_tlsext_ticket_key_cb(SSL *s, unsigned char key_name[16], unsigned char *iv, EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc)
406{
407 struct tls_sess_key *keys;
408 struct connection *conn;
409 int head;
410 int i;
411
412 conn = (struct connection *)SSL_get_app_data(s);
Nenad Merdanovic146defa2015-05-09 08:46:00 +0200413 keys = objt_listener(conn->target)->bind_conf->keys_ref->tlskeys;
414 head = objt_listener(conn->target)->bind_conf->keys_ref->tls_ticket_enc_index;
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100415
416 if (enc) {
417 memcpy(key_name, keys[head].name, 16);
418
419 if(!RAND_pseudo_bytes(iv, EVP_MAX_IV_LENGTH))
420 return -1;
421
422 if(!EVP_EncryptInit_ex(ectx, EVP_aes_128_cbc(), NULL, keys[head].aes_key, iv))
423 return -1;
424
425 HMAC_Init_ex(hctx, keys[head].hmac_key, 16, HASH_FUNCT(), NULL);
426
427 return 1;
428 } else {
429 for (i = 0; i < TLS_TICKETS_NO; i++) {
430 if (!memcmp(key_name, keys[(head + i) % TLS_TICKETS_NO].name, 16))
431 goto found;
432 }
433 return 0;
434
435 found:
436 HMAC_Init_ex(hctx, keys[(head + i) % TLS_TICKETS_NO].hmac_key, 16, HASH_FUNCT(), NULL);
437 if(!EVP_DecryptInit_ex(ectx, EVP_aes_128_cbc(), NULL, keys[(head + i) % TLS_TICKETS_NO].aes_key, iv))
438 return -1;
439 /* 2 for key renewal, 1 if current key is still valid */
440 return i ? 2 : 1;
441 }
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200442}
443
444struct tls_keys_ref *tlskeys_ref_lookup(const char *filename)
445{
446 struct tls_keys_ref *ref;
447
448 list_for_each_entry(ref, &tlskeys_reference, list)
449 if (ref->filename && strcmp(filename, ref->filename) == 0)
450 return ref;
451 return NULL;
452}
453
454struct tls_keys_ref *tlskeys_ref_lookupid(int unique_id)
455{
456 struct tls_keys_ref *ref;
457
458 list_for_each_entry(ref, &tlskeys_reference, list)
459 if (ref->unique_id == unique_id)
460 return ref;
461 return NULL;
462}
463
464int ssl_sock_update_tlskey(char *filename, struct chunk *tlskey, char **err) {
465 struct tls_keys_ref *ref = tlskeys_ref_lookup(filename);
466
467 if(!ref) {
468 memprintf(err, "Unable to locate the referenced filename: %s", filename);
469 return 1;
470 }
471
472 memcpy((char *) (ref->tlskeys + 2 % TLS_TICKETS_NO), tlskey->str, tlskey->len);
473 ref->tls_ticket_enc_index = ref->tls_ticket_enc_index + 1 % TLS_TICKETS_NO;
474
475 return 0;
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100476}
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200477
478/* This function finalize the configuration parsing. Its set all the
479 * automatic ids
480 */
481void tlskeys_finalize_config(void)
482{
483 int i = 0;
484 struct tls_keys_ref *ref, *ref2, *ref3;
485 struct list tkr = LIST_HEAD_INIT(tkr);
486
487 list_for_each_entry(ref, &tlskeys_reference, list) {
488 if (ref->unique_id == -1) {
489 /* Look for the first free id. */
490 while (1) {
491 list_for_each_entry(ref2, &tlskeys_reference, list) {
492 if (ref2->unique_id == i) {
493 i++;
494 break;
495 }
496 }
497 if (&ref2->list == &tlskeys_reference)
498 break;
499 }
500
501 /* Uses the unique id and increment it for the next entry. */
502 ref->unique_id = i;
503 i++;
504 }
505 }
506
507 /* This sort the reference list by id. */
508 list_for_each_entry_safe(ref, ref2, &tlskeys_reference, list) {
509 LIST_DEL(&ref->list);
510 list_for_each_entry(ref3, &tkr, list) {
511 if (ref->unique_id < ref3->unique_id) {
512 LIST_ADDQ(&ref3->list, &ref->list);
513 break;
514 }
515 }
516 if (&ref3->list == &tkr)
517 LIST_ADDQ(&tkr, &ref->list);
518 }
519
520 /* swap root */
521 LIST_ADD(&tkr, &tlskeys_reference);
522 LIST_DEL(&tkr);
523}
524
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100525#endif /* SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB */
526
Emeric Brun4147b2e2014-06-16 18:36:30 +0200527/*
528 * Callback used to set OCSP status extension content in server hello.
529 */
530int ssl_sock_ocsp_stapling_cbk(SSL *ssl, void *arg)
531{
532 struct certificate_ocsp *ocsp = (struct certificate_ocsp *)arg;
533 char* ssl_buf;
534
535 if (!ocsp ||
536 !ocsp->response.str ||
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200537 !ocsp->response.len ||
538 (ocsp->expire < now.tv_sec))
Emeric Brun4147b2e2014-06-16 18:36:30 +0200539 return SSL_TLSEXT_ERR_NOACK;
540
541 ssl_buf = OPENSSL_malloc(ocsp->response.len);
542 if (!ssl_buf)
543 return SSL_TLSEXT_ERR_NOACK;
544
545 memcpy(ssl_buf, ocsp->response.str, ocsp->response.len);
546 SSL_set_tlsext_status_ocsp_resp(ssl, ssl_buf, ocsp->response.len);
547
548 return SSL_TLSEXT_ERR_OK;
549}
550
551/*
552 * This function enables the handling of OCSP status extension on 'ctx' if a
553 * file name 'cert_path' suffixed using ".ocsp" is present.
554 * To enable OCSP status extension, the issuer's certificate is mandatory.
555 * It should be present in the certificate's extra chain builded from file
556 * 'cert_path'. If not found, the issuer certificate is loaded from a file
557 * named 'cert_path' suffixed using '.issuer'.
558 *
559 * In addition, ".ocsp" file content is loaded as a DER format of an OCSP
560 * response. If file is empty or content is not a valid OCSP response,
561 * OCSP status extension is enabled but OCSP response is ignored (a warning
562 * is displayed).
563 *
564 * Returns 1 if no ".ocsp" file found, 0 if OCSP status extension is
565 * succesfully enabled, or -1 in other error case.
566 */
567static int ssl_sock_load_ocsp(SSL_CTX *ctx, const char *cert_path)
568{
569
570 BIO *in = NULL;
571 X509 *x, *xi = NULL, *issuer = NULL;
572 STACK_OF(X509) *chain = NULL;
573 OCSP_CERTID *cid = NULL;
574 SSL *ssl;
575 char ocsp_path[MAXPATHLEN+1];
576 int i, ret = -1;
577 struct stat st;
578 struct certificate_ocsp *ocsp = NULL, *iocsp;
579 char *warn = NULL;
580 unsigned char *p;
581
582 snprintf(ocsp_path, MAXPATHLEN+1, "%s.ocsp", cert_path);
583
584 if (stat(ocsp_path, &st))
585 return 1;
586
587 ssl = SSL_new(ctx);
588 if (!ssl)
589 goto out;
590
591 x = SSL_get_certificate(ssl);
592 if (!x)
593 goto out;
594
595 /* Try to lookup for issuer in certificate extra chain */
596#ifdef SSL_CTRL_GET_EXTRA_CHAIN_CERTS
597 SSL_CTX_get_extra_chain_certs(ctx, &chain);
598#else
599 chain = ctx->extra_certs;
600#endif
601 for (i = 0; i < sk_X509_num(chain); i++) {
602 issuer = sk_X509_value(chain, i);
603 if (X509_check_issued(issuer, x) == X509_V_OK)
604 break;
605 else
606 issuer = NULL;
607 }
608
609 /* If not found try to load issuer from a suffixed file */
610 if (!issuer) {
611 char issuer_path[MAXPATHLEN+1];
612
613 in = BIO_new(BIO_s_file());
614 if (!in)
615 goto out;
616
617 snprintf(issuer_path, MAXPATHLEN+1, "%s.issuer", cert_path);
618 if (BIO_read_filename(in, issuer_path) <= 0)
619 goto out;
620
621 xi = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
622 if (!xi)
623 goto out;
624
625 if (X509_check_issued(xi, x) != X509_V_OK)
626 goto out;
627
628 issuer = xi;
629 }
630
631 cid = OCSP_cert_to_id(0, x, issuer);
632 if (!cid)
633 goto out;
634
635 i = i2d_OCSP_CERTID(cid, NULL);
636 if (!i || (i > OCSP_MAX_CERTID_ASN1_LENGTH))
637 goto out;
638
639 ocsp = calloc(1, sizeof(struct certificate_ocsp));
640 if (!ocsp)
641 goto out;
642
643 p = ocsp->key_data;
644 i2d_OCSP_CERTID(cid, &p);
645
646 iocsp = (struct certificate_ocsp *)ebmb_insert(&cert_ocsp_tree, &ocsp->key, OCSP_MAX_CERTID_ASN1_LENGTH);
647 if (iocsp == ocsp)
648 ocsp = NULL;
649
650 SSL_CTX_set_tlsext_status_cb(ctx, ssl_sock_ocsp_stapling_cbk);
651 SSL_CTX_set_tlsext_status_arg(ctx, iocsp);
652
653 ret = 0;
654
655 warn = NULL;
656 if (ssl_sock_load_ocsp_response_from_file(ocsp_path, iocsp, cid, &warn)) {
657 memprintf(&warn, "Loading '%s': %s. Content will be ignored", ocsp_path, warn ? warn : "failure");
658 Warning("%s.\n", warn);
659 }
660
661out:
662 if (ssl)
663 SSL_free(ssl);
664
665 if (in)
666 BIO_free(in);
667
668 if (xi)
669 X509_free(xi);
670
671 if (cid)
672 OCSP_CERTID_free(cid);
673
674 if (ocsp)
675 free(ocsp);
676
677 if (warn)
678 free(warn);
679
680
681 return ret;
682}
683
684#endif
685
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100686#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
687
688#define CT_EXTENSION_TYPE 18
689
690static int sctl_ex_index = -1;
691
692/*
693 * Try to parse Signed Certificate Timestamp List structure. This function
694 * makes only basic test if the data seems like SCTL. No signature validation
695 * is performed.
696 */
697static int ssl_sock_parse_sctl(struct chunk *sctl)
698{
699 int ret = 1;
700 int len, pos, sct_len;
701 unsigned char *data;
702
703 if (sctl->len < 2)
704 goto out;
705
706 data = (unsigned char *)sctl->str;
707 len = (data[0] << 8) | data[1];
708
709 if (len + 2 != sctl->len)
710 goto out;
711
712 data = data + 2;
713 pos = 0;
714 while (pos < len) {
715 if (len - pos < 2)
716 goto out;
717
718 sct_len = (data[pos] << 8) | data[pos + 1];
719 if (pos + sct_len + 2 > len)
720 goto out;
721
722 pos += sct_len + 2;
723 }
724
725 ret = 0;
726
727out:
728 return ret;
729}
730
731static int ssl_sock_load_sctl_from_file(const char *sctl_path, struct chunk **sctl)
732{
733 int fd = -1;
734 int r = 0;
735 int ret = 1;
736
737 *sctl = NULL;
738
739 fd = open(sctl_path, O_RDONLY);
740 if (fd == -1)
741 goto end;
742
743 trash.len = 0;
744 while (trash.len < trash.size) {
745 r = read(fd, trash.str + trash.len, trash.size - trash.len);
746 if (r < 0) {
747 if (errno == EINTR)
748 continue;
749
750 goto end;
751 }
752 else if (r == 0) {
753 break;
754 }
755 trash.len += r;
756 }
757
758 ret = ssl_sock_parse_sctl(&trash);
759 if (ret)
760 goto end;
761
762 *sctl = calloc(1, sizeof(struct chunk));
763 if (!chunk_dup(*sctl, &trash)) {
764 free(*sctl);
765 *sctl = NULL;
766 goto end;
767 }
768
769end:
770 if (fd != -1)
771 close(fd);
772
773 return ret;
774}
775
776int ssl_sock_sctl_add_cbk(SSL *ssl, unsigned ext_type, const unsigned char **out, size_t *outlen, int *al, void *add_arg)
777{
778 struct chunk *sctl = (struct chunk *)add_arg;
779
780 *out = (unsigned char *)sctl->str;
781 *outlen = sctl->len;
782
783 return 1;
784}
785
786int ssl_sock_sctl_parse_cbk(SSL *s, unsigned int ext_type, const unsigned char *in, size_t inlen, int *al, void *parse_arg)
787{
788 return 1;
789}
790
791static int ssl_sock_load_sctl(SSL_CTX *ctx, const char *cert_path)
792{
793 char sctl_path[MAXPATHLEN+1];
794 int ret = -1;
795 struct stat st;
796 struct chunk *sctl = NULL;
797
798 snprintf(sctl_path, MAXPATHLEN+1, "%s.sctl", cert_path);
799
800 if (stat(sctl_path, &st))
801 return 1;
802
803 if (ssl_sock_load_sctl_from_file(sctl_path, &sctl))
804 goto out;
805
806 if (!SSL_CTX_add_server_custom_ext(ctx, CT_EXTENSION_TYPE, ssl_sock_sctl_add_cbk, NULL, sctl, ssl_sock_sctl_parse_cbk, NULL)) {
807 free(sctl);
808 goto out;
809 }
810
811 SSL_CTX_set_ex_data(ctx, sctl_ex_index, sctl);
812
813 ret = 0;
814
815out:
816 return ret;
817}
818
819#endif
820
Emeric Brune1f38db2012-09-03 20:36:47 +0200821void ssl_sock_infocbk(const SSL *ssl, int where, int ret)
822{
823 struct connection *conn = (struct connection *)SSL_get_app_data(ssl);
Emeric Brund8b2bb52014-01-28 15:43:53 +0100824 BIO *write_bio;
Willy Tarreau622317d2015-02-27 16:36:16 +0100825 (void)ret; /* shut gcc stupid warning */
Emeric Brune1f38db2012-09-03 20:36:47 +0200826
827 if (where & SSL_CB_HANDSHAKE_START) {
828 /* Disable renegotiation (CVE-2009-3555) */
Willy Tarreau20879a02012-12-03 16:32:10 +0100829 if (conn->flags & CO_FL_CONNECTED) {
Emeric Brune1f38db2012-09-03 20:36:47 +0200830 conn->flags |= CO_FL_ERROR;
Willy Tarreau20879a02012-12-03 16:32:10 +0100831 conn->err_code = CO_ER_SSL_RENEG;
832 }
Emeric Brune1f38db2012-09-03 20:36:47 +0200833 }
Emeric Brund8b2bb52014-01-28 15:43:53 +0100834
835 if ((where & SSL_CB_ACCEPT_LOOP) == SSL_CB_ACCEPT_LOOP) {
836 if (!(conn->xprt_st & SSL_SOCK_ST_FL_16K_WBFSIZE)) {
837 /* Long certificate chains optimz
838 If write and read bios are differents, we
839 consider that the buffering was activated,
840 so we rise the output buffer size from 4k
841 to 16k */
842 write_bio = SSL_get_wbio(ssl);
843 if (write_bio != SSL_get_rbio(ssl)) {
844 BIO_set_write_buffer_size(write_bio, 16384);
845 conn->xprt_st |= SSL_SOCK_ST_FL_16K_WBFSIZE;
846 }
847 }
848 }
Emeric Brunfc0421f2012-09-07 17:30:07 +0200849}
850
Emeric Brune64aef12012-09-21 13:15:06 +0200851/* Callback is called for each certificate of the chain during a verify
852 ok is set to 1 if preverify detect no error on current certificate.
853 Returns 0 to break the handshake, 1 otherwise. */
Evan Broderbe554312013-06-27 00:05:25 -0700854int ssl_sock_bind_verifycbk(int ok, X509_STORE_CTX *x_store)
Emeric Brune64aef12012-09-21 13:15:06 +0200855{
856 SSL *ssl;
857 struct connection *conn;
Emeric Brun81c00f02012-09-21 14:31:21 +0200858 int err, depth;
Emeric Brune64aef12012-09-21 13:15:06 +0200859
860 ssl = X509_STORE_CTX_get_ex_data(x_store, SSL_get_ex_data_X509_STORE_CTX_idx());
861 conn = (struct connection *)SSL_get_app_data(ssl);
862
Willy Tarreauf7bc57c2012-10-03 00:19:48 +0200863 conn->xprt_st |= SSL_SOCK_ST_FL_VERIFY_DONE;
Emeric Brune64aef12012-09-21 13:15:06 +0200864
Emeric Brun81c00f02012-09-21 14:31:21 +0200865 if (ok) /* no errors */
866 return ok;
867
868 depth = X509_STORE_CTX_get_error_depth(x_store);
869 err = X509_STORE_CTX_get_error(x_store);
870
871 /* check if CA error needs to be ignored */
872 if (depth > 0) {
Willy Tarreauf7bc57c2012-10-03 00:19:48 +0200873 if (!SSL_SOCK_ST_TO_CA_ERROR(conn->xprt_st)) {
874 conn->xprt_st |= SSL_SOCK_CA_ERROR_TO_ST(err);
875 conn->xprt_st |= SSL_SOCK_CAEDEPTH_TO_ST(depth);
Emeric Brunf282a812012-09-21 15:27:54 +0200876 }
877
Emeric Brun1eb20ef2012-12-03 13:24:29 +0100878 if (objt_listener(conn->target)->bind_conf->ca_ignerr & (1ULL << err)) {
879 ERR_clear_error();
Emeric Brun81c00f02012-09-21 14:31:21 +0200880 return 1;
Emeric Brun1eb20ef2012-12-03 13:24:29 +0100881 }
Emeric Brun81c00f02012-09-21 14:31:21 +0200882
Willy Tarreau20879a02012-12-03 16:32:10 +0100883 conn->err_code = CO_ER_SSL_CA_FAIL;
Emeric Brun81c00f02012-09-21 14:31:21 +0200884 return 0;
885 }
886
Willy Tarreauf7bc57c2012-10-03 00:19:48 +0200887 if (!SSL_SOCK_ST_TO_CRTERROR(conn->xprt_st))
888 conn->xprt_st |= SSL_SOCK_CRTERROR_TO_ST(err);
Emeric Brunf282a812012-09-21 15:27:54 +0200889
Emeric Brun81c00f02012-09-21 14:31:21 +0200890 /* check if certificate error needs to be ignored */
Emeric Brun1eb20ef2012-12-03 13:24:29 +0100891 if (objt_listener(conn->target)->bind_conf->crt_ignerr & (1ULL << err)) {
892 ERR_clear_error();
Emeric Brun81c00f02012-09-21 14:31:21 +0200893 return 1;
Emeric Brun1eb20ef2012-12-03 13:24:29 +0100894 }
Emeric Brun81c00f02012-09-21 14:31:21 +0200895
Willy Tarreau20879a02012-12-03 16:32:10 +0100896 conn->err_code = CO_ER_SSL_CRT_FAIL;
Emeric Brun81c00f02012-09-21 14:31:21 +0200897 return 0;
Emeric Brune64aef12012-09-21 13:15:06 +0200898}
899
Emeric Brun29f037d2014-04-25 19:05:36 +0200900/* Callback is called for ssl protocol analyse */
901void ssl_sock_msgcbk(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
902{
Emeric Brun29f037d2014-04-25 19:05:36 +0200903#ifdef TLS1_RT_HEARTBEAT
904 /* test heartbeat received (write_p is set to 0
905 for a received record) */
Willy Tarreauf51c6982014-04-25 20:02:39 +0200906 if ((content_type == TLS1_RT_HEARTBEAT) && (write_p == 0)) {
Willy Tarreau84815002014-04-25 21:40:27 +0200907 struct connection *conn = (struct connection *)SSL_get_app_data(ssl);
Willy Tarreauf51c6982014-04-25 20:02:39 +0200908 const unsigned char *p = buf;
909 unsigned int payload;
910
Emeric Brun29f037d2014-04-25 19:05:36 +0200911 conn->xprt_st |= SSL_SOCK_RECV_HEARTBEAT;
Willy Tarreauf51c6982014-04-25 20:02:39 +0200912
913 /* Check if this is a CVE-2014-0160 exploitation attempt. */
914 if (*p != TLS1_HB_REQUEST)
915 return;
916
Willy Tarreauaeed6722014-04-25 23:59:58 +0200917 if (len < 1 + 2 + 16) /* 1 type + 2 size + 0 payload + 16 padding */
Willy Tarreauf51c6982014-04-25 20:02:39 +0200918 goto kill_it;
919
920 payload = (p[1] * 256) + p[2];
Willy Tarreau3b2fdb62014-04-25 23:44:22 +0200921 if (3 + payload + 16 <= len)
Willy Tarreauf51c6982014-04-25 20:02:39 +0200922 return; /* OK no problem */
Willy Tarreauaeed6722014-04-25 23:59:58 +0200923 kill_it:
Willy Tarreau3b2fdb62014-04-25 23:44:22 +0200924 /* We have a clear heartbleed attack (CVE-2014-0160), the
925 * advertised payload is larger than the advertised packet
926 * length, so we have garbage in the buffer between the
927 * payload and the end of the buffer (p+len). We can't know
928 * if the SSL stack is patched, and we don't know if we can
929 * safely wipe out the area between p+3+len and payload.
930 * So instead, we prevent the response from being sent by
931 * setting the max_send_fragment to 0 and we report an SSL
932 * error, which will kill this connection. It will be reported
933 * above as SSL_ERROR_SSL while an other handshake failure with
Willy Tarreauf51c6982014-04-25 20:02:39 +0200934 * a heartbeat message will be reported as SSL_ERROR_SYSCALL.
935 */
Willy Tarreau3b2fdb62014-04-25 23:44:22 +0200936 ssl->max_send_fragment = 0;
Willy Tarreauf51c6982014-04-25 20:02:39 +0200937 SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_SSL_HANDSHAKE_FAILURE);
938 return;
939 }
Emeric Brun29f037d2014-04-25 19:05:36 +0200940#endif
941}
942
Willy Tarreau6c9a3d52012-10-18 18:57:14 +0200943#ifdef OPENSSL_NPN_NEGOTIATED
944/* This callback is used so that the server advertises the list of
945 * negociable protocols for NPN.
946 */
947static int ssl_sock_advertise_npn_protos(SSL *s, const unsigned char **data,
948 unsigned int *len, void *arg)
949{
950 struct bind_conf *conf = arg;
951
952 *data = (const unsigned char *)conf->npn_str;
953 *len = conf->npn_len;
954 return SSL_TLSEXT_ERR_OK;
955}
956#endif
957
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +0100958#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Willy Tarreauab861d32013-04-02 02:30:41 +0200959/* This callback is used so that the server advertises the list of
960 * negociable protocols for ALPN.
961 */
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +0100962static int ssl_sock_advertise_alpn_protos(SSL *s, const unsigned char **out,
963 unsigned char *outlen,
964 const unsigned char *server,
965 unsigned int server_len, void *arg)
Willy Tarreauab861d32013-04-02 02:30:41 +0200966{
967 struct bind_conf *conf = arg;
968
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +0100969 if (SSL_select_next_proto((unsigned char**) out, outlen, (const unsigned char *)conf->alpn_str,
970 conf->alpn_len, server, server_len) != OPENSSL_NPN_NEGOTIATED) {
971 return SSL_TLSEXT_ERR_NOACK;
972 }
Willy Tarreauab861d32013-04-02 02:30:41 +0200973 return SSL_TLSEXT_ERR_OK;
974}
975#endif
976
Emeric Brunfc0421f2012-09-07 17:30:07 +0200977#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
978/* Sets the SSL ctx of <ssl> to match the advertised server name. Returns a
979 * warning when no match is found, which implies the default (first) cert
980 * will keep being used.
981 */
Willy Tarreau2a65ff02012-09-13 17:54:29 +0200982static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, struct bind_conf *s)
Emeric Brunfc0421f2012-09-07 17:30:07 +0200983{
984 const char *servername;
985 const char *wildp = NULL;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +0200986 struct ebmb_node *node, *n;
Emeric Brunfc0421f2012-09-07 17:30:07 +0200987 int i;
988 (void)al; /* shut gcc stupid warning */
989
990 servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
Emmanuel Hocdet65623372013-01-24 17:17:15 +0100991 if (!servername) {
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +0200992 return (s->strict_sni ?
993 SSL_TLSEXT_ERR_ALERT_FATAL :
Emmanuel Hocdet79274e22013-05-31 12:47:44 +0200994 SSL_TLSEXT_ERR_NOACK);
Emmanuel Hocdet65623372013-01-24 17:17:15 +0100995 }
Emeric Brunfc0421f2012-09-07 17:30:07 +0200996
Willy Tarreau19d14ef2012-10-29 16:51:55 +0100997 for (i = 0; i < trash.size; i++) {
Emeric Brunfc0421f2012-09-07 17:30:07 +0200998 if (!servername[i])
999 break;
Willy Tarreau19d14ef2012-10-29 16:51:55 +01001000 trash.str[i] = tolower(servername[i]);
1001 if (!wildp && (trash.str[i] == '.'))
1002 wildp = &trash.str[i];
Emeric Brunfc0421f2012-09-07 17:30:07 +02001003 }
Willy Tarreau19d14ef2012-10-29 16:51:55 +01001004 trash.str[i] = 0;
Emeric Brunfc0421f2012-09-07 17:30:07 +02001005
1006 /* lookup in full qualified names */
Willy Tarreau19d14ef2012-10-29 16:51:55 +01001007 node = ebst_lookup(&s->sni_ctx, trash.str);
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02001008
1009 /* lookup a not neg filter */
1010 for (n = node; n; n = ebmb_next_dup(n)) {
1011 if (!container_of(n, struct sni_ctx, name)->neg) {
1012 node = n;
1013 break;
Emmanuel Hocdet65623372013-01-24 17:17:15 +01001014 }
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02001015 }
1016 if (!node && wildp) {
1017 /* lookup in wildcards names */
Emeric Brunfc0421f2012-09-07 17:30:07 +02001018 node = ebst_lookup(&s->sni_w_ctx, wildp);
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02001019 }
1020 if (!node || container_of(node, struct sni_ctx, name)->neg) {
1021 return (s->strict_sni ?
1022 SSL_TLSEXT_ERR_ALERT_FATAL :
1023 SSL_TLSEXT_ERR_ALERT_WARNING);
Emeric Brunfc0421f2012-09-07 17:30:07 +02001024 }
1025
1026 /* switch ctx */
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02001027 SSL_set_SSL_CTX(ssl, container_of(node, struct sni_ctx, name)->ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02001028 return SSL_TLSEXT_ERR_OK;
1029}
1030#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
1031
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02001032#ifndef OPENSSL_NO_DH
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001033
1034static DH * ssl_get_dh_1024(void)
1035{
Lukas Tribus4c0d45a2014-08-18 00:56:32 +02001036#if (OPENSSL_VERSION_NUMBER < 0x0090801fL || defined OPENSSL_IS_BORINGSSL)
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001037 static const unsigned char rfc_2409_prime_1024[] = {
1038 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
1039 0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
1040 0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
1041 0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
1042 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
1043 0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
1044 0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
1045 0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
1046 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
1047 0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE6,0x53,0x81,
1048 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
1049 };
1050#endif
1051 DH *dh = DH_new();
1052 if (dh) {
Lukas Tribus4c0d45a2014-08-18 00:56:32 +02001053#if (OPENSSL_VERSION_NUMBER >= 0x0090801fL && !defined OPENSSL_IS_BORINGSSL)
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001054 dh->p = get_rfc2409_prime_1024(NULL);
1055#else
1056 dh->p = BN_bin2bn(rfc_2409_prime_1024, sizeof rfc_2409_prime_1024, NULL);
1057#endif
1058 /* See RFC 2409, Section 6 "Oakley Groups"
1059 for the reason why 2 is used as generator.
1060 */
1061 BN_dec2bn(&dh->g, "2");
1062 if (!dh->p || !dh->g) {
1063 DH_free(dh);
1064 dh = NULL;
1065 }
1066 }
1067 return dh;
1068}
1069
1070static DH *ssl_get_dh_2048(void)
1071{
Lukas Tribus4c0d45a2014-08-18 00:56:32 +02001072#if (OPENSSL_VERSION_NUMBER < 0x0090801fL || defined OPENSSL_IS_BORINGSSL)
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001073 static const unsigned char rfc_3526_prime_2048[] = {
1074 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
1075 0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
1076 0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
1077 0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
1078 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
1079 0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
1080 0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
1081 0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
1082 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
1083 0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
1084 0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
1085 0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
1086 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
1087 0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
1088 0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
1089 0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
1090 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
1091 0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
1092 0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
1093 0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
1094 0x15,0x72,0x8E,0x5A,0x8A,0xAC,0xAA,0x68,0xFF,0xFF,0xFF,0xFF,
1095 0xFF,0xFF,0xFF,0xFF,
1096 };
1097#endif
1098 DH *dh = DH_new();
1099 if (dh) {
Lukas Tribus4c0d45a2014-08-18 00:56:32 +02001100#if (OPENSSL_VERSION_NUMBER >= 0x0090801fL && !defined OPENSSL_IS_BORINGSSL)
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001101 dh->p = get_rfc3526_prime_2048(NULL);
1102#else
1103 dh->p = BN_bin2bn(rfc_3526_prime_2048, sizeof rfc_3526_prime_2048, NULL);
1104#endif
1105 /* See RFC 3526, Section 3 "2048-bit MODP Group"
1106 for the reason why 2 is used as generator.
1107 */
1108 BN_dec2bn(&dh->g, "2");
1109 if (!dh->p || !dh->g) {
1110 DH_free(dh);
1111 dh = NULL;
1112 }
1113 }
1114 return dh;
1115}
1116
1117static DH *ssl_get_dh_4096(void)
1118{
Lukas Tribus4c0d45a2014-08-18 00:56:32 +02001119#if (OPENSSL_VERSION_NUMBER < 0x0090801fL || defined OPENSSL_IS_BORINGSSL)
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001120 static const unsigned char rfc_3526_prime_4096[] = {
1121 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
1122 0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
1123 0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
1124 0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
1125 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
1126 0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
1127 0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
1128 0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
1129 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
1130 0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
1131 0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
1132 0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
1133 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
1134 0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
1135 0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
1136 0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
1137 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
1138 0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
1139 0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
1140 0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
1141 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,
1142 0x04,0x50,0x7A,0x33,0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,
1143 0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,0x8A,0xEA,0x71,0x57,
1144 0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
1145 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,
1146 0x4A,0x25,0x61,0x9D,0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,
1147 0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,0xD8,0x76,0x02,0x73,
1148 0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
1149 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,
1150 0xBA,0xD9,0x46,0xE2,0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,
1151 0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,0x4B,0x82,0xD1,0x20,
1152 0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
1153 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,
1154 0x6A,0xF4,0xE2,0x3C,0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,
1155 0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,0xDB,0xBB,0xC2,0xDB,
1156 0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
1157 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,
1158 0xA0,0x90,0xC3,0xA2,0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,
1159 0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,0xB8,0x1B,0xDD,0x76,
1160 0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
1161 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,
1162 0x90,0xA6,0xC0,0x8F,0x4D,0xF4,0x35,0xC9,0x34,0x06,0x31,0x99,
1163 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
1164 };
1165#endif
1166 DH *dh = DH_new();
1167 if (dh) {
Lukas Tribus4c0d45a2014-08-18 00:56:32 +02001168#if (OPENSSL_VERSION_NUMBER >= 0x0090801fL && !defined OPENSSL_IS_BORINGSSL)
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001169 dh->p = get_rfc3526_prime_4096(NULL);
1170#else
1171 dh->p = BN_bin2bn(rfc_3526_prime_4096, sizeof rfc_3526_prime_4096, NULL);
1172#endif
1173 /* See RFC 3526, Section 5 "4096-bit MODP Group"
1174 for the reason why 2 is used as generator.
1175 */
1176 BN_dec2bn(&dh->g, "2");
1177 if (!dh->p || !dh->g) {
1178 DH_free(dh);
1179 dh = NULL;
1180 }
1181 }
1182 return dh;
1183}
1184
1185static DH *ssl_get_dh_8192(void)
1186{
Lukas Tribus4c0d45a2014-08-18 00:56:32 +02001187#if (OPENSSL_VERSION_NUMBER < 0x0090801fL || defined OPENSSL_IS_BORINGSSL)
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001188 static const unsigned char rfc_3526_prime_8192[] = {
1189 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,
1190 0x21,0x68,0xC2,0x34,0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,
1191 0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,0x02,0x0B,0xBE,0xA6,
1192 0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
1193 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,
1194 0xF2,0x5F,0x14,0x37,0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,
1195 0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,0xF4,0x4C,0x42,0xE9,
1196 0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
1197 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,
1198 0x7C,0x4B,0x1F,0xE6,0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,
1199 0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,0x98,0xDA,0x48,0x36,
1200 0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
1201 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,
1202 0x20,0x85,0x52,0xBB,0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,
1203 0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,0xF1,0x74,0x6C,0x08,
1204 0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
1205 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,
1206 0xEC,0x07,0xA2,0x8F,0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,
1207 0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,0x39,0x95,0x49,0x7C,
1208 0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
1209 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,
1210 0x04,0x50,0x7A,0x33,0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,
1211 0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,0x8A,0xEA,0x71,0x57,
1212 0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
1213 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,
1214 0x4A,0x25,0x61,0x9D,0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,
1215 0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,0xD8,0x76,0x02,0x73,
1216 0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
1217 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,
1218 0xBA,0xD9,0x46,0xE2,0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,
1219 0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,0x4B,0x82,0xD1,0x20,
1220 0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
1221 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,
1222 0x6A,0xF4,0xE2,0x3C,0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,
1223 0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,0xDB,0xBB,0xC2,0xDB,
1224 0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
1225 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,
1226 0xA0,0x90,0xC3,0xA2,0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,
1227 0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,0xB8,0x1B,0xDD,0x76,
1228 0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
1229 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,
1230 0x90,0xA6,0xC0,0x8F,0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,
1231 0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,0xC1,0xD4,0xDC,0xB2,
1232 0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
1233 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,
1234 0x41,0x30,0x01,0xAE,0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,
1235 0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,0xDA,0x3E,0xDB,0xEB,
1236 0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
1237 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,
1238 0x2B,0xD7,0xAF,0x42,0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,
1239 0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,0xF0,0x32,0xEA,0x15,
1240 0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
1241 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,
1242 0x90,0x0B,0x1C,0x9E,0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,
1243 0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,0x0F,0x1D,0x45,0xB7,
1244 0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
1245 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,
1246 0x0F,0x80,0x37,0xE0,0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,
1247 0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,0xF5,0x50,0xAA,0x3D,
1248 0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
1249 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,
1250 0x6E,0x3C,0x04,0x68,0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,
1251 0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,0xE6,0x94,0xF9,0x1E,
1252 0x6D,0xBE,0x11,0x59,0x74,0xA3,0x92,0x6F,0x12,0xFE,0xE5,0xE4,
1253 0x38,0x77,0x7C,0xB6,0xA9,0x32,0xDF,0x8C,0xD8,0xBE,0xC4,0xD0,
1254 0x73,0xB9,0x31,0xBA,0x3B,0xC8,0x32,0xB6,0x8D,0x9D,0xD3,0x00,
1255 0x74,0x1F,0xA7,0xBF,0x8A,0xFC,0x47,0xED,0x25,0x76,0xF6,0x93,
1256 0x6B,0xA4,0x24,0x66,0x3A,0xAB,0x63,0x9C,0x5A,0xE4,0xF5,0x68,
1257 0x34,0x23,0xB4,0x74,0x2B,0xF1,0xC9,0x78,0x23,0x8F,0x16,0xCB,
1258 0xE3,0x9D,0x65,0x2D,0xE3,0xFD,0xB8,0xBE,0xFC,0x84,0x8A,0xD9,
1259 0x22,0x22,0x2E,0x04,0xA4,0x03,0x7C,0x07,0x13,0xEB,0x57,0xA8,
1260 0x1A,0x23,0xF0,0xC7,0x34,0x73,0xFC,0x64,0x6C,0xEA,0x30,0x6B,
1261 0x4B,0xCB,0xC8,0x86,0x2F,0x83,0x85,0xDD,0xFA,0x9D,0x4B,0x7F,
1262 0xA2,0xC0,0x87,0xE8,0x79,0x68,0x33,0x03,0xED,0x5B,0xDD,0x3A,
1263 0x06,0x2B,0x3C,0xF5,0xB3,0xA2,0x78,0xA6,0x6D,0x2A,0x13,0xF8,
1264 0x3F,0x44,0xF8,0x2D,0xDF,0x31,0x0E,0xE0,0x74,0xAB,0x6A,0x36,
1265 0x45,0x97,0xE8,0x99,0xA0,0x25,0x5D,0xC1,0x64,0xF3,0x1C,0xC5,
1266 0x08,0x46,0x85,0x1D,0xF9,0xAB,0x48,0x19,0x5D,0xED,0x7E,0xA1,
1267 0xB1,0xD5,0x10,0xBD,0x7E,0xE7,0x4D,0x73,0xFA,0xF3,0x6B,0xC3,
1268 0x1E,0xCF,0xA2,0x68,0x35,0x90,0x46,0xF4,0xEB,0x87,0x9F,0x92,
1269 0x40,0x09,0x43,0x8B,0x48,0x1C,0x6C,0xD7,0x88,0x9A,0x00,0x2E,
1270 0xD5,0xEE,0x38,0x2B,0xC9,0x19,0x0D,0xA6,0xFC,0x02,0x6E,0x47,
1271 0x95,0x58,0xE4,0x47,0x56,0x77,0xE9,0xAA,0x9E,0x30,0x50,0xE2,
1272 0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71,
1273 0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,
1274 0xFF,0xFF,0xFF,0xFF,
1275 };
1276#endif
1277 DH *dh = DH_new();
1278 if (dh) {
Lukas Tribus4c0d45a2014-08-18 00:56:32 +02001279#if (OPENSSL_VERSION_NUMBER >= 0x0090801fL && !defined OPENSSL_IS_BORINGSSL)
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001280 dh->p = get_rfc3526_prime_8192(NULL);
1281#else
1282 dh->p = BN_bin2bn(rfc_3526_prime_8192, sizeof rfc_3526_prime_8192, NULL);
1283#endif
1284 /* See RFC 3526, Section 7 "8192-bit MODP Group"
1285 for the reason why 2 is used as generator.
1286 */
1287 BN_dec2bn(&dh->g, "2");
1288 if (!dh->p || !dh->g) {
1289 DH_free(dh);
1290 dh = NULL;
1291 }
1292 }
1293 return dh;
1294}
1295
1296/* Returns Diffie-Hellman parameters matching the private key length
1297 but not exceeding global.tune.ssl_default_dh_param */
1298static DH *ssl_get_tmp_dh(SSL *ssl, int export, int keylen)
1299{
1300 DH *dh = NULL;
1301 EVP_PKEY *pkey = SSL_get_privatekey(ssl);
1302 int type = pkey ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;
1303
1304 /* The keylen supplied by OpenSSL can only be 512 or 1024.
1305 See ssl3_send_server_key_exchange() in ssl/s3_srvr.c
1306 */
1307 if (type == EVP_PKEY_RSA || type == EVP_PKEY_DSA) {
1308 keylen = EVP_PKEY_bits(pkey);
1309 }
1310
1311 if (keylen > global.tune.ssl_default_dh_param) {
1312 keylen = global.tune.ssl_default_dh_param;
1313 }
1314
1315 if (keylen >= 8192) {
Remi Gacogne8de54152014-07-15 11:36:40 +02001316 dh = local_dh_8192;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001317 }
1318 else if (keylen >= 4096) {
Remi Gacogne8de54152014-07-15 11:36:40 +02001319 dh = local_dh_4096;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001320 }
1321 else if (keylen >= 2048) {
Remi Gacogne8de54152014-07-15 11:36:40 +02001322 dh = local_dh_2048;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001323 }
1324 else {
Remi Gacogne8de54152014-07-15 11:36:40 +02001325 dh = local_dh_1024;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001326 }
1327
1328 return dh;
1329}
1330
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02001331/* Loads Diffie-Hellman parameter from a file. Returns 1 if loaded, else -1
1332 if an error occured, and 0 if parameter not found. */
Willy Tarreau6e774b42014-04-25 21:35:23 +02001333int ssl_sock_load_dh_params(SSL_CTX *ctx, const char *file)
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02001334{
1335 int ret = -1;
1336 BIO *in;
1337 DH *dh = NULL;
1338
1339 in = BIO_new(BIO_s_file());
1340 if (in == NULL)
1341 goto end;
1342
1343 if (BIO_read_filename(in, file) <= 0)
1344 goto end;
1345
1346 dh = PEM_read_bio_DHparams(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001347 if (dh) {
1348 ret = 1;
1349 SSL_CTX_set_tmp_dh(ctx, dh);
1350 /* Setting ssl default dh param to the size of the static DH params
1351 found in the file. This way we know that there is no use
1352 complaining later about ssl-default-dh-param not being set. */
1353 global.tune.ssl_default_dh_param = DH_size(dh) * 8;
1354 }
1355 else {
Emeric Brun41fdb3c2013-04-26 11:05:44 +02001356 /* Clear openssl global errors stack */
1357 ERR_clear_error();
1358
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001359 if (global.tune.ssl_default_dh_param <= 1024) {
1360 /* we are limited to DH parameter of 1024 bits anyway */
Remi Gacogne8de54152014-07-15 11:36:40 +02001361 local_dh_1024 = ssl_get_dh_1024();
1362 if (local_dh_1024 == NULL)
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001363 goto end;
Willy Tarreau6e774b42014-04-25 21:35:23 +02001364
Remi Gacogne8de54152014-07-15 11:36:40 +02001365 SSL_CTX_set_tmp_dh(ctx, local_dh_1024);
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001366 }
1367 else {
1368 SSL_CTX_set_tmp_dh_callback(ctx, ssl_get_tmp_dh);
1369 }
Willy Tarreau6e774b42014-04-25 21:35:23 +02001370
Emeric Brun41fdb3c2013-04-26 11:05:44 +02001371 ret = 0; /* DH params not found */
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02001372 }
Emeric Brun644cde02012-12-14 11:21:13 +01001373
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02001374end:
1375 if (dh)
1376 DH_free(dh);
1377
1378 if (in)
Emeric Brun41fdb3c2013-04-26 11:05:44 +02001379 BIO_free(in);
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02001380
1381 return ret;
1382}
1383#endif
1384
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02001385static int ssl_sock_add_cert_sni(SSL_CTX *ctx, struct bind_conf *s, char *name, int order)
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001386{
1387 struct sni_ctx *sc;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02001388 int wild = 0, neg = 0;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001389
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02001390 if (*name == '!') {
1391 neg = 1;
1392 name++;
1393 }
1394 if (*name == '*') {
1395 wild = 1;
1396 name++;
1397 }
1398 /* !* filter is a nop */
1399 if (neg && wild)
1400 return order;
1401 if (*name) {
1402 int j, len;
1403 len = strlen(name);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001404 sc = malloc(sizeof(struct sni_ctx) + len + 1);
1405 for (j = 0; j < len; j++)
1406 sc->name.key[j] = tolower(name[j]);
1407 sc->name.key[len] = 0;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001408 sc->ctx = ctx;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02001409 sc->order = order++;
1410 sc->neg = neg;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001411 if (wild)
1412 ebst_insert(&s->sni_w_ctx, &sc->name);
1413 else
1414 ebst_insert(&s->sni_ctx, &sc->name);
1415 }
1416 return order;
1417}
1418
Emeric Brunfc0421f2012-09-07 17:30:07 +02001419/* Loads a certificate key and CA chain from a file. Returns 0 on error, -1 if
1420 * an early error happens and the caller must call SSL_CTX_free() by itelf.
1421 */
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02001422static int ssl_sock_load_cert_chain_file(SSL_CTX *ctx, const char *file, struct bind_conf *s, char **sni_filter, int fcount)
Emeric Brunfc0421f2012-09-07 17:30:07 +02001423{
1424 BIO *in;
1425 X509 *x = NULL, *ca;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02001426 int i, err;
Emeric Brunfc0421f2012-09-07 17:30:07 +02001427 int ret = -1;
1428 int order = 0;
1429 X509_NAME *xname;
1430 char *str;
Emeric Brunfc0421f2012-09-07 17:30:07 +02001431#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
1432 STACK_OF(GENERAL_NAME) *names;
1433#endif
1434
1435 in = BIO_new(BIO_s_file());
1436 if (in == NULL)
1437 goto end;
1438
1439 if (BIO_read_filename(in, file) <= 0)
1440 goto end;
1441
1442 x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
1443 if (x == NULL)
1444 goto end;
1445
Emeric Brun50bcecc2013-04-22 13:05:23 +02001446 if (fcount) {
1447 while (fcount--)
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02001448 order = ssl_sock_add_cert_sni(ctx, s, sni_filter[fcount], order);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001449 }
1450 else {
Emeric Brunfc0421f2012-09-07 17:30:07 +02001451#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001452 names = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
1453 if (names) {
1454 for (i = 0; i < sk_GENERAL_NAME_num(names); i++) {
1455 GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
1456 if (name->type == GEN_DNS) {
1457 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02001458 order = ssl_sock_add_cert_sni(ctx, s, str, order);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001459 OPENSSL_free(str);
Emeric Brunfc0421f2012-09-07 17:30:07 +02001460 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02001461 }
1462 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001463 sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
Emeric Brunfc0421f2012-09-07 17:30:07 +02001464 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02001465#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001466 xname = X509_get_subject_name(x);
1467 i = -1;
1468 while ((i = X509_NAME_get_index_by_NID(xname, NID_commonName, i)) != -1) {
1469 X509_NAME_ENTRY *entry = X509_NAME_get_entry(xname, i);
1470 if (ASN1_STRING_to_UTF8((unsigned char **)&str, entry->value) >= 0) {
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02001471 order = ssl_sock_add_cert_sni(ctx, s, str, order);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001472 OPENSSL_free(str);
Emeric Brunfc0421f2012-09-07 17:30:07 +02001473 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02001474 }
1475 }
1476
1477 ret = 0; /* the caller must not free the SSL_CTX argument anymore */
1478 if (!SSL_CTX_use_certificate(ctx, x))
1479 goto end;
1480
1481 if (ctx->extra_certs != NULL) {
1482 sk_X509_pop_free(ctx->extra_certs, X509_free);
1483 ctx->extra_certs = NULL;
1484 }
1485
1486 while ((ca = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata))) {
1487 if (!SSL_CTX_add_extra_chain_cert(ctx, ca)) {
1488 X509_free(ca);
1489 goto end;
1490 }
1491 }
1492
1493 err = ERR_get_error();
1494 if (!err || (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)) {
1495 /* we successfully reached the last cert in the file */
1496 ret = 1;
1497 }
1498 ERR_clear_error();
1499
1500end:
1501 if (x)
1502 X509_free(x);
1503
1504 if (in)
1505 BIO_free(in);
1506
1507 return ret;
1508}
1509
Emeric Brun50bcecc2013-04-22 13:05:23 +02001510static int ssl_sock_load_cert_file(const char *path, struct bind_conf *bind_conf, struct proxy *curproxy, char **sni_filter, int fcount, char **err)
Emeric Brunfc0421f2012-09-07 17:30:07 +02001511{
1512 int ret;
1513 SSL_CTX *ctx;
1514
1515 ctx = SSL_CTX_new(SSLv23_server_method());
1516 if (!ctx) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +02001517 memprintf(err, "%sunable to allocate SSL context for cert '%s'.\n",
1518 err && *err ? *err : "", path);
Emeric Brunfc0421f2012-09-07 17:30:07 +02001519 return 1;
1520 }
1521
1522 if (SSL_CTX_use_PrivateKey_file(ctx, path, SSL_FILETYPE_PEM) <= 0) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +02001523 memprintf(err, "%sunable to load SSL private key from PEM file '%s'.\n",
1524 err && *err ? *err : "", path);
Emeric Brunfc0421f2012-09-07 17:30:07 +02001525 SSL_CTX_free(ctx);
1526 return 1;
1527 }
1528
Emeric Brun50bcecc2013-04-22 13:05:23 +02001529 ret = ssl_sock_load_cert_chain_file(ctx, path, bind_conf, sni_filter, fcount);
Emeric Brunfc0421f2012-09-07 17:30:07 +02001530 if (ret <= 0) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +02001531 memprintf(err, "%sunable to load SSL certificate from PEM file '%s'.\n",
1532 err && *err ? *err : "", path);
Emeric Brunfc0421f2012-09-07 17:30:07 +02001533 if (ret < 0) /* serious error, must do that ourselves */
1534 SSL_CTX_free(ctx);
1535 return 1;
1536 }
Emeric Brun61694ab2012-10-26 13:35:33 +02001537
1538 if (SSL_CTX_check_private_key(ctx) <= 0) {
1539 memprintf(err, "%sinconsistencies between private key and certificate loaded from PEM file '%s'.\n",
1540 err && *err ? *err : "", path);
1541 return 1;
1542 }
1543
Emeric Brunfc0421f2012-09-07 17:30:07 +02001544 /* we must not free the SSL_CTX anymore below, since it's already in
1545 * the tree, so it will be discovered and cleaned in time.
1546 */
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02001547#ifndef OPENSSL_NO_DH
1548 ret = ssl_sock_load_dh_params(ctx, path);
1549 if (ret < 0) {
1550 if (err)
1551 memprintf(err, "%sunable to load DH parameters from file '%s'.\n",
1552 *err ? *err : "", path);
1553 return 1;
1554 }
1555#endif
1556
Lukas Tribuse4e30f72014-12-09 16:32:51 +01001557#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001558 ret = ssl_sock_load_ocsp(ctx, path);
1559 if (ret < 0) {
1560 if (err)
1561 memprintf(err, "%s '%s.ocsp' is present and activates OCSP but it is impossible to compute the OCSP certificate ID (maybe the issuer could not be found)'.\n",
1562 *err ? *err : "", path);
1563 return 1;
1564 }
1565#endif
1566
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001567#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
1568 if (sctl_ex_index >= 0) {
1569 ret = ssl_sock_load_sctl(ctx, path);
1570 if (ret < 0) {
1571 if (err)
1572 memprintf(err, "%s '%s.sctl' is present but cannot be read or parsed'.\n",
1573 *err ? *err : "", path);
1574 return 1;
1575 }
1576 }
1577#endif
1578
Emeric Brunfc0421f2012-09-07 17:30:07 +02001579#ifndef SSL_CTRL_SET_TLSEXT_HOSTNAME
Willy Tarreau2a65ff02012-09-13 17:54:29 +02001580 if (bind_conf->default_ctx) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +02001581 memprintf(err, "%sthis version of openssl cannot load multiple SSL certificates.\n",
1582 err && *err ? *err : "");
Emeric Brunfc0421f2012-09-07 17:30:07 +02001583 return 1;
1584 }
1585#endif
Willy Tarreau2a65ff02012-09-13 17:54:29 +02001586 if (!bind_conf->default_ctx)
1587 bind_conf->default_ctx = ctx;
Emeric Brunfc0421f2012-09-07 17:30:07 +02001588
1589 return 0;
1590}
1591
Willy Tarreau79eeafa2012-09-14 07:53:05 +02001592int ssl_sock_load_cert(char *path, struct bind_conf *bind_conf, struct proxy *curproxy, char **err)
Emeric Brunfc0421f2012-09-07 17:30:07 +02001593{
Cyril Bonté3180f7b2015-01-25 00:16:08 +01001594 struct dirent **de_list;
1595 int i, n;
Emeric Brunfc0421f2012-09-07 17:30:07 +02001596 DIR *dir;
1597 struct stat buf;
Willy Tarreauee2663b2012-12-06 11:36:59 +01001598 char *end;
1599 char fp[MAXPATHLEN+1];
Emeric Brunfc0421f2012-09-07 17:30:07 +02001600 int cfgerr = 0;
1601
1602 if (!(dir = opendir(path)))
Emeric Brun50bcecc2013-04-22 13:05:23 +02001603 return ssl_sock_load_cert_file(path, bind_conf, curproxy, NULL, 0, err);
Emeric Brunfc0421f2012-09-07 17:30:07 +02001604
1605 /* strip trailing slashes, including first one */
1606 for (end = path + strlen(path) - 1; end >= path && *end == '/'; end--)
1607 *end = 0;
1608
Cyril Bonté3180f7b2015-01-25 00:16:08 +01001609 n = scandir(path, &de_list, 0, alphasort);
1610 if (n < 0) {
1611 memprintf(err, "%sunable to scan directory '%s' : %s.\n",
1612 err && *err ? *err : "", path, strerror(errno));
1613 cfgerr++;
1614 }
1615 else {
1616 for (i = 0; i < n; i++) {
1617 struct dirent *de = de_list[i];
Emeric Brun2aab7222014-06-18 18:15:09 +02001618
Cyril Bonté3180f7b2015-01-25 00:16:08 +01001619 end = strrchr(de->d_name, '.');
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001620 if (end && (!strcmp(end, ".issuer") || !strcmp(end, ".ocsp") || !strcmp(end, ".sctl")))
Cyril Bonté3180f7b2015-01-25 00:16:08 +01001621 goto ignore_entry;
1622
1623 snprintf(fp, sizeof(fp), "%s/%s", path, de->d_name);
1624 if (stat(fp, &buf) != 0) {
1625 memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
1626 err && *err ? *err : "", fp, strerror(errno));
1627 cfgerr++;
1628 goto ignore_entry;
1629 }
1630 if (!S_ISREG(buf.st_mode))
1631 goto ignore_entry;
1632 cfgerr += ssl_sock_load_cert_file(fp, bind_conf, curproxy, NULL, 0, err);
1633 ignore_entry:
1634 free(de);
Emeric Brunfc0421f2012-09-07 17:30:07 +02001635 }
Cyril Bonté3180f7b2015-01-25 00:16:08 +01001636 free(de_list);
Emeric Brunfc0421f2012-09-07 17:30:07 +02001637 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02001638 closedir(dir);
1639 return cfgerr;
1640}
1641
Thierry Fournier383085f2013-01-24 14:15:43 +01001642/* Make sure openssl opens /dev/urandom before the chroot. The work is only
1643 * done once. Zero is returned if the operation fails. No error is returned
1644 * if the random is said as not implemented, because we expect that openssl
1645 * will use another method once needed.
1646 */
1647static int ssl_initialize_random()
1648{
1649 unsigned char random;
1650 static int random_initialized = 0;
1651
1652 if (!random_initialized && RAND_bytes(&random, 1) != 0)
1653 random_initialized = 1;
1654
1655 return random_initialized;
1656}
1657
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001658int ssl_sock_load_cert_list_file(char *file, struct bind_conf *bind_conf, struct proxy *curproxy, char **err)
1659{
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02001660 char thisline[LINESIZE];
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001661 FILE *f;
1662 int linenum = 0;
1663 int cfgerr = 0;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001664
Willy Tarreauad1731d2013-04-02 17:35:58 +02001665 if ((f = fopen(file, "r")) == NULL) {
1666 memprintf(err, "cannot open file '%s' : %s", file, strerror(errno));
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001667 return 1;
Willy Tarreauad1731d2013-04-02 17:35:58 +02001668 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001669
1670 while (fgets(thisline, sizeof(thisline), f) != NULL) {
1671 int arg;
Emeric Brun50bcecc2013-04-22 13:05:23 +02001672 int newarg;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001673 char *end;
1674 char *args[MAX_LINE_ARGS + 1];
1675 char *line = thisline;
1676
1677 linenum++;
1678 end = line + strlen(line);
1679 if (end-line == sizeof(thisline)-1 && *(end-1) != '\n') {
1680 /* Check if we reached the limit and the last char is not \n.
1681 * Watch out for the last line without the terminating '\n'!
1682 */
Willy Tarreauad1731d2013-04-02 17:35:58 +02001683 memprintf(err, "line %d too long in file '%s', limit is %d characters",
1684 linenum, file, (int)sizeof(thisline)-1);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001685 cfgerr = 1;
Willy Tarreauad1731d2013-04-02 17:35:58 +02001686 break;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001687 }
1688
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001689 arg = 0;
Emeric Brun50bcecc2013-04-22 13:05:23 +02001690 newarg = 1;
1691 while (*line) {
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001692 if (*line == '#' || *line == '\n' || *line == '\r') {
1693 /* end of string, end of loop */
1694 *line = 0;
1695 break;
1696 }
1697 else if (isspace(*line)) {
Emeric Brun50bcecc2013-04-22 13:05:23 +02001698 newarg = 1;
1699 *line = 0;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001700 }
Emeric Brun50bcecc2013-04-22 13:05:23 +02001701 else if (newarg) {
1702 if (arg == MAX_LINE_ARGS) {
1703 memprintf(err, "too many args on line %d in file '%s'.",
1704 linenum, file);
1705 cfgerr = 1;
1706 break;
1707 }
1708 newarg = 0;
1709 args[arg++] = line;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001710 }
Emeric Brun50bcecc2013-04-22 13:05:23 +02001711 line++;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001712 }
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02001713 if (cfgerr)
1714 break;
Willy Tarreauad1731d2013-04-02 17:35:58 +02001715
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001716 /* empty line */
Emeric Brun50bcecc2013-04-22 13:05:23 +02001717 if (!arg)
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001718 continue;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001719
Emeric Brun50bcecc2013-04-22 13:05:23 +02001720 cfgerr = ssl_sock_load_cert_file(args[0], bind_conf, curproxy, &args[1], arg-1, err);
Willy Tarreauad1731d2013-04-02 17:35:58 +02001721 if (cfgerr) {
1722 memprintf(err, "error processing line %d in file '%s' : %s", linenum, file, *err);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001723 break;
Willy Tarreauad1731d2013-04-02 17:35:58 +02001724 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001725 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01001726 fclose(f);
1727 return cfgerr;
1728}
1729
Emeric Brunfc0421f2012-09-07 17:30:07 +02001730#ifndef SSL_OP_CIPHER_SERVER_PREFERENCE /* needs OpenSSL >= 0.9.7 */
1731#define SSL_OP_CIPHER_SERVER_PREFERENCE 0
1732#endif
1733
1734#ifndef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION /* needs OpenSSL >= 0.9.7 */
1735#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0
Willy Tarreau7d588ee2012-11-26 18:47:31 +01001736#define SSL_renegotiate_pending(arg) 0
Emeric Brunfc0421f2012-09-07 17:30:07 +02001737#endif
Emeric Brun2b58d042012-09-20 17:10:03 +02001738#ifndef SSL_OP_SINGLE_ECDH_USE /* needs OpenSSL >= 0.9.8 */
1739#define SSL_OP_SINGLE_ECDH_USE 0
1740#endif
Emeric Brun2d0c4822012-10-02 13:45:20 +02001741#ifndef SSL_OP_NO_TICKET /* needs OpenSSL >= 0.9.8 */
1742#define SSL_OP_NO_TICKET 0
1743#endif
Emeric Brunfc0421f2012-09-07 17:30:07 +02001744#ifndef SSL_OP_NO_COMPRESSION /* needs OpenSSL >= 0.9.9 */
1745#define SSL_OP_NO_COMPRESSION 0
1746#endif
Emeric Brunc0ff4922012-09-28 19:37:02 +02001747#ifndef SSL_OP_NO_TLSv1_1 /* needs OpenSSL >= 1.0.1 */
1748#define SSL_OP_NO_TLSv1_1 0
1749#endif
1750#ifndef SSL_OP_NO_TLSv1_2 /* needs OpenSSL >= 1.0.1 */
1751#define SSL_OP_NO_TLSv1_2 0
1752#endif
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02001753#ifndef SSL_OP_SINGLE_DH_USE /* needs OpenSSL >= 0.9.6 */
1754#define SSL_OP_SINGLE_DH_USE 0
1755#endif
Emeric Brun2b58d042012-09-20 17:10:03 +02001756#ifndef SSL_OP_SINGLE_ECDH_USE /* needs OpenSSL >= 1.0.0 */
1757#define SSL_OP_SINGLE_ECDH_USE 0
1758#endif
Emeric Brunfc0421f2012-09-07 17:30:07 +02001759#ifndef SSL_MODE_RELEASE_BUFFERS /* needs OpenSSL >= 1.0.0 */
1760#define SSL_MODE_RELEASE_BUFFERS 0
1761#endif
Willy Tarreau396a1862014-11-13 14:06:52 +01001762#ifndef SSL_MODE_SMALL_BUFFERS /* needs small_records.patch */
1763#define SSL_MODE_SMALL_BUFFERS 0
1764#endif
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001765
Willy Tarreau2a65ff02012-09-13 17:54:29 +02001766int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, SSL_CTX *ctx, struct proxy *curproxy)
Emeric Brunfc0421f2012-09-07 17:30:07 +02001767{
1768 int cfgerr = 0;
Emeric Brun850efd52014-01-29 12:24:34 +01001769 int verify = SSL_VERIFY_NONE;
Remi Gacogneaf5c3da2014-05-19 10:29:58 +02001770 long ssloptions =
Emeric Brunfc0421f2012-09-07 17:30:07 +02001771 SSL_OP_ALL | /* all known workarounds for bugs */
1772 SSL_OP_NO_SSLv2 |
1773 SSL_OP_NO_COMPRESSION |
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02001774 SSL_OP_SINGLE_DH_USE |
Emeric Brun2b58d042012-09-20 17:10:03 +02001775 SSL_OP_SINGLE_ECDH_USE |
Emeric Brun3c4bc6e2012-10-04 18:44:19 +02001776 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION |
1777 SSL_OP_CIPHER_SERVER_PREFERENCE;
Remi Gacogneaf5c3da2014-05-19 10:29:58 +02001778 long sslmode =
Emeric Brunfc0421f2012-09-07 17:30:07 +02001779 SSL_MODE_ENABLE_PARTIAL_WRITE |
1780 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
Willy Tarreau396a1862014-11-13 14:06:52 +01001781 SSL_MODE_RELEASE_BUFFERS |
1782 SSL_MODE_SMALL_BUFFERS;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001783 STACK_OF(SSL_CIPHER) * ciphers = NULL;
Willy Tarreaua616ba62014-10-26 06:49:19 +01001784 SSL_CIPHER * cipher = NULL;
Remi Gacognec1eab8c2014-06-12 18:20:11 +02001785 char cipher_description[128];
1786 /* The description of ciphers using an Ephemeral Diffie Hellman key exchange
1787 contains " Kx=DH " or " Kx=DH(". Beware of " Kx=DH/",
1788 which is not ephemeral DH. */
1789 const char dhe_description[] = " Kx=DH ";
1790 const char dhe_export_description[] = " Kx=DH(";
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001791 int idx = 0;
1792 int dhe_found = 0;
Remi Gacogne23d5d372014-10-10 17:04:26 +02001793 SSL *ssl = NULL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02001794
Thierry Fournier383085f2013-01-24 14:15:43 +01001795 /* Make sure openssl opens /dev/urandom before the chroot */
1796 if (!ssl_initialize_random()) {
1797 Alert("OpenSSL random data generator initialization failed.\n");
1798 cfgerr++;
1799 }
1800
Emeric Brun89675492012-10-05 13:48:26 +02001801 if (bind_conf->ssl_options & BC_SSL_O_NO_SSLV3)
Emeric Brunfc0421f2012-09-07 17:30:07 +02001802 ssloptions |= SSL_OP_NO_SSLv3;
Emeric Brun89675492012-10-05 13:48:26 +02001803 if (bind_conf->ssl_options & BC_SSL_O_NO_TLSV10)
Emeric Brunfc0421f2012-09-07 17:30:07 +02001804 ssloptions |= SSL_OP_NO_TLSv1;
Emeric Brun89675492012-10-05 13:48:26 +02001805 if (bind_conf->ssl_options & BC_SSL_O_NO_TLSV11)
Emeric Brunc0ff4922012-09-28 19:37:02 +02001806 ssloptions |= SSL_OP_NO_TLSv1_1;
Emeric Brun89675492012-10-05 13:48:26 +02001807 if (bind_conf->ssl_options & BC_SSL_O_NO_TLSV12)
Emeric Brunc0ff4922012-09-28 19:37:02 +02001808 ssloptions |= SSL_OP_NO_TLSv1_2;
Emeric Brun89675492012-10-05 13:48:26 +02001809 if (bind_conf->ssl_options & BC_SSL_O_NO_TLS_TICKETS)
Emeric Brun2d0c4822012-10-02 13:45:20 +02001810 ssloptions |= SSL_OP_NO_TICKET;
Emeric Brun2cb7ae52012-10-05 14:14:21 +02001811 if (bind_conf->ssl_options & BC_SSL_O_USE_SSLV3)
1812 SSL_CTX_set_ssl_version(ctx, SSLv3_server_method());
1813 if (bind_conf->ssl_options & BC_SSL_O_USE_TLSV10)
1814 SSL_CTX_set_ssl_version(ctx, TLSv1_server_method());
1815#if SSL_OP_NO_TLSv1_1
1816 if (bind_conf->ssl_options & BC_SSL_O_USE_TLSV11)
1817 SSL_CTX_set_ssl_version(ctx, TLSv1_1_server_method());
1818#endif
1819#if SSL_OP_NO_TLSv1_2
1820 if (bind_conf->ssl_options & BC_SSL_O_USE_TLSV12)
1821 SSL_CTX_set_ssl_version(ctx, TLSv1_2_server_method());
1822#endif
Emeric Brunfc0421f2012-09-07 17:30:07 +02001823
1824 SSL_CTX_set_options(ctx, ssloptions);
1825 SSL_CTX_set_mode(ctx, sslmode);
Emeric Brun850efd52014-01-29 12:24:34 +01001826 switch (bind_conf->verify) {
1827 case SSL_SOCK_VERIFY_NONE:
1828 verify = SSL_VERIFY_NONE;
1829 break;
1830 case SSL_SOCK_VERIFY_OPTIONAL:
1831 verify = SSL_VERIFY_PEER;
1832 break;
1833 case SSL_SOCK_VERIFY_REQUIRED:
1834 verify = SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
1835 break;
1836 }
1837 SSL_CTX_set_verify(ctx, verify, ssl_sock_bind_verifycbk);
1838 if (verify & SSL_VERIFY_PEER) {
Emeric Brunfb510ea2012-10-05 12:00:26 +02001839 if (bind_conf->ca_file) {
Emeric Brund94b3fe2012-09-20 18:23:56 +02001840 /* load CAfile to verify */
Emeric Brunfb510ea2012-10-05 12:00:26 +02001841 if (!SSL_CTX_load_verify_locations(ctx, bind_conf->ca_file, NULL)) {
Emeric Brund94b3fe2012-09-20 18:23:56 +02001842 Alert("Proxy '%s': unable to load CA file '%s' for bind '%s' at [%s:%d].\n",
Emeric Brunfb510ea2012-10-05 12:00:26 +02001843 curproxy->id, bind_conf->ca_file, bind_conf->arg, bind_conf->file, bind_conf->line);
Emeric Brund94b3fe2012-09-20 18:23:56 +02001844 cfgerr++;
1845 }
1846 /* set CA names fo client cert request, function returns void */
Emeric Brunfb510ea2012-10-05 12:00:26 +02001847 SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(bind_conf->ca_file));
Emeric Brund94b3fe2012-09-20 18:23:56 +02001848 }
Emeric Brun850efd52014-01-29 12:24:34 +01001849 else {
1850 Alert("Proxy '%s': verify is enabled but no CA file specified for bind '%s' at [%s:%d].\n",
1851 curproxy->id, bind_conf->arg, bind_conf->file, bind_conf->line);
1852 cfgerr++;
1853 }
Emeric Brun051cdab2012-10-02 19:25:50 +02001854#ifdef X509_V_FLAG_CRL_CHECK
Emeric Brunfb510ea2012-10-05 12:00:26 +02001855 if (bind_conf->crl_file) {
Emeric Brund94b3fe2012-09-20 18:23:56 +02001856 X509_STORE *store = SSL_CTX_get_cert_store(ctx);
1857
Emeric Brunfb510ea2012-10-05 12:00:26 +02001858 if (!store || !X509_STORE_load_locations(store, bind_conf->crl_file, NULL)) {
Emeric Brund94b3fe2012-09-20 18:23:56 +02001859 Alert("Proxy '%s': unable to configure CRL file '%s' for bind '%s' at [%s:%d].\n",
Alexander Rigbofc65af02015-04-07 14:02:16 +02001860 curproxy->id, bind_conf->crl_file, bind_conf->arg, bind_conf->file, bind_conf->line);
Emeric Brund94b3fe2012-09-20 18:23:56 +02001861 cfgerr++;
1862 }
Emeric Brun561e5742012-10-02 15:20:55 +02001863 else {
1864 X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
1865 }
Emeric Brund94b3fe2012-09-20 18:23:56 +02001866 }
Emeric Brun051cdab2012-10-02 19:25:50 +02001867#endif
Emeric Brun644cde02012-12-14 11:21:13 +01001868 ERR_clear_error();
Emeric Brund94b3fe2012-09-20 18:23:56 +02001869 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02001870
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001871#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
Nenad Merdanovic146defa2015-05-09 08:46:00 +02001872 if(bind_conf->keys_ref) {
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001873 if (!SSL_CTX_set_tlsext_ticket_key_cb(ctx, ssl_tlsext_ticket_key_cb)) {
1874 Alert("Proxy '%s': unable to set callback for TLS ticket validation for bind '%s' at [%s:%d].\n",
1875 curproxy->id, bind_conf->arg, bind_conf->file, bind_conf->line);
1876 cfgerr++;
1877 }
1878 }
1879#endif
1880
Emeric Brun4f65bff2012-11-16 15:11:00 +01001881 if (global.tune.ssllifetime)
1882 SSL_CTX_set_timeout(ctx, global.tune.ssllifetime);
1883
Emeric Brunfc0421f2012-09-07 17:30:07 +02001884 shared_context_set_cache(ctx);
Willy Tarreau2a65ff02012-09-13 17:54:29 +02001885 if (bind_conf->ciphers &&
1886 !SSL_CTX_set_cipher_list(ctx, bind_conf->ciphers)) {
Emeric Brunfc0421f2012-09-07 17:30:07 +02001887 Alert("Proxy '%s': unable to set SSL cipher list to '%s' for bind '%s' at [%s:%d].\n",
Willy Tarreau2a65ff02012-09-13 17:54:29 +02001888 curproxy->id, bind_conf->ciphers, bind_conf->arg, bind_conf->file, bind_conf->line);
Emeric Brunfc0421f2012-09-07 17:30:07 +02001889 cfgerr++;
1890 }
1891
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001892 /* If tune.ssl.default-dh-param has not been set and
1893 no static DH params were in the certificate file. */
1894 if (global.tune.ssl_default_dh_param == 0) {
Lukas Tribus90132722014-08-18 00:56:33 +02001895
Remi Gacogne23d5d372014-10-10 17:04:26 +02001896 ssl = SSL_new(ctx);
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001897
Remi Gacogne23d5d372014-10-10 17:04:26 +02001898 if (ssl) {
1899 ciphers = SSL_get_ciphers(ssl);
1900
1901 if (ciphers) {
1902 for (idx = 0; idx < sk_SSL_CIPHER_num(ciphers); idx++) {
1903 cipher = sk_SSL_CIPHER_value(ciphers, idx);
1904 if (SSL_CIPHER_description(cipher, cipher_description, sizeof (cipher_description)) == cipher_description) {
1905 if (strstr(cipher_description, dhe_description) != NULL ||
1906 strstr(cipher_description, dhe_export_description) != NULL) {
1907 dhe_found = 1;
1908 break;
1909 }
Remi Gacognec1eab8c2014-06-12 18:20:11 +02001910 }
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001911 }
1912 }
Remi Gacogne23d5d372014-10-10 17:04:26 +02001913 SSL_free(ssl);
1914 ssl = NULL;
Lukas Tribus90132722014-08-18 00:56:33 +02001915 }
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001916
Lukas Tribus90132722014-08-18 00:56:33 +02001917 if (dhe_found) {
1918 Warning("Setting tune.ssl.default-dh-param to 1024 by default, if your workload permits it you should set it to at least 2048. Please set a value >= 1024 to make this warning disappear.\n");
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001919 }
1920
1921 global.tune.ssl_default_dh_param = 1024;
1922 }
Remi Gacogne8de54152014-07-15 11:36:40 +02001923
1924#ifndef OPENSSL_NO_DH
1925 if (global.tune.ssl_default_dh_param >= 1024) {
1926 if (local_dh_1024 == NULL) {
1927 local_dh_1024 = ssl_get_dh_1024();
1928 }
1929 if (global.tune.ssl_default_dh_param >= 2048) {
1930 if (local_dh_2048 == NULL) {
1931 local_dh_2048 = ssl_get_dh_2048();
1932 }
1933 if (global.tune.ssl_default_dh_param >= 4096) {
1934 if (local_dh_4096 == NULL) {
1935 local_dh_4096 = ssl_get_dh_4096();
1936 }
1937 if (global.tune.ssl_default_dh_param >= 8192 &&
1938 local_dh_8192 == NULL) {
1939 local_dh_8192 = ssl_get_dh_8192();
1940 }
1941 }
1942 }
1943 }
1944#endif /* OPENSSL_NO_DH */
Remi Gacognef46cd6e2014-06-12 14:58:40 +02001945
Emeric Brunfc0421f2012-09-07 17:30:07 +02001946 SSL_CTX_set_info_callback(ctx, ssl_sock_infocbk);
Willy Tarreau5cbe4ef2014-05-08 22:45:11 +02001947#if OPENSSL_VERSION_NUMBER >= 0x00907000L
Emeric Brun29f037d2014-04-25 19:05:36 +02001948 SSL_CTX_set_msg_callback(ctx, ssl_sock_msgcbk);
Willy Tarreau5cbe4ef2014-05-08 22:45:11 +02001949#endif
Emeric Brun29f037d2014-04-25 19:05:36 +02001950
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02001951#ifdef OPENSSL_NPN_NEGOTIATED
1952 if (bind_conf->npn_str)
1953 SSL_CTX_set_next_protos_advertised_cb(ctx, ssl_sock_advertise_npn_protos, bind_conf);
1954#endif
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01001955#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Willy Tarreauab861d32013-04-02 02:30:41 +02001956 if (bind_conf->alpn_str)
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01001957 SSL_CTX_set_alpn_select_cb(ctx, ssl_sock_advertise_alpn_protos, bind_conf);
Willy Tarreauab861d32013-04-02 02:30:41 +02001958#endif
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02001959
Emeric Brunfc0421f2012-09-07 17:30:07 +02001960#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
1961 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_cbk);
Willy Tarreau2a65ff02012-09-13 17:54:29 +02001962 SSL_CTX_set_tlsext_servername_arg(ctx, bind_conf);
Emeric Brunfc0421f2012-09-07 17:30:07 +02001963#endif
Emeric Brun2b58d042012-09-20 17:10:03 +02001964#if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)
Emeric Brun6924ef82013-03-06 14:08:53 +01001965 {
Emeric Brun2b58d042012-09-20 17:10:03 +02001966 int i;
1967 EC_KEY *ecdh;
1968
Emeric Brun6924ef82013-03-06 14:08:53 +01001969 i = OBJ_sn2nid(bind_conf->ecdhe ? bind_conf->ecdhe : ECDHE_DEFAULT_CURVE);
Emeric Brun2b58d042012-09-20 17:10:03 +02001970 if (!i || ((ecdh = EC_KEY_new_by_curve_name(i)) == NULL)) {
1971 Alert("Proxy '%s': unable to set elliptic named curve to '%s' for bind '%s' at [%s:%d].\n",
Emeric Brun6924ef82013-03-06 14:08:53 +01001972 curproxy->id, bind_conf->ecdhe ? bind_conf->ecdhe : ECDHE_DEFAULT_CURVE,
1973 bind_conf->arg, bind_conf->file, bind_conf->line);
Emeric Brun2b58d042012-09-20 17:10:03 +02001974 cfgerr++;
1975 }
1976 else {
1977 SSL_CTX_set_tmp_ecdh(ctx, ecdh);
1978 EC_KEY_free(ecdh);
1979 }
1980 }
1981#endif
1982
Emeric Brunfc0421f2012-09-07 17:30:07 +02001983 return cfgerr;
1984}
1985
Evan Broderbe554312013-06-27 00:05:25 -07001986static int ssl_sock_srv_hostcheck(const char *pattern, const char *hostname)
1987{
1988 const char *pattern_wildcard, *pattern_left_label_end, *hostname_left_label_end;
1989 size_t prefixlen, suffixlen;
1990
1991 /* Trivial case */
1992 if (strcmp(pattern, hostname) == 0)
1993 return 1;
1994
Evan Broderbe554312013-06-27 00:05:25 -07001995 /* The rest of this logic is based on RFC 6125, section 6.4.3
1996 * (http://tools.ietf.org/html/rfc6125#section-6.4.3) */
1997
Emeric Bruna848dae2013-10-08 11:27:28 +02001998 pattern_wildcard = NULL;
1999 pattern_left_label_end = pattern;
2000 while (*pattern_left_label_end != '.') {
2001 switch (*pattern_left_label_end) {
2002 case 0:
2003 /* End of label not found */
2004 return 0;
2005 case '*':
2006 /* If there is more than one wildcards */
2007 if (pattern_wildcard)
2008 return 0;
2009 pattern_wildcard = pattern_left_label_end;
2010 break;
2011 }
2012 pattern_left_label_end++;
2013 }
2014
2015 /* If it's not trivial and there is no wildcard, it can't
2016 * match */
2017 if (!pattern_wildcard)
Evan Broderbe554312013-06-27 00:05:25 -07002018 return 0;
2019
2020 /* Make sure all labels match except the leftmost */
2021 hostname_left_label_end = strchr(hostname, '.');
2022 if (!hostname_left_label_end
2023 || strcmp(pattern_left_label_end, hostname_left_label_end) != 0)
2024 return 0;
2025
2026 /* Make sure the leftmost label of the hostname is long enough
2027 * that the wildcard can match */
Emeric Brun369da852013-10-08 11:39:35 +02002028 if (hostname_left_label_end - hostname < (pattern_left_label_end - pattern) - 1)
Evan Broderbe554312013-06-27 00:05:25 -07002029 return 0;
2030
2031 /* Finally compare the string on either side of the
2032 * wildcard */
2033 prefixlen = pattern_wildcard - pattern;
2034 suffixlen = pattern_left_label_end - (pattern_wildcard + 1);
Emeric Bruna848dae2013-10-08 11:27:28 +02002035 if ((prefixlen && (memcmp(pattern, hostname, prefixlen) != 0))
2036 || (suffixlen && (memcmp(pattern_wildcard + 1, hostname_left_label_end - suffixlen, suffixlen) != 0)))
Evan Broderbe554312013-06-27 00:05:25 -07002037 return 0;
2038
2039 return 1;
2040}
2041
2042static int ssl_sock_srv_verifycbk(int ok, X509_STORE_CTX *ctx)
2043{
2044 SSL *ssl;
2045 struct connection *conn;
2046 char *servername;
2047
2048 int depth;
2049 X509 *cert;
2050 STACK_OF(GENERAL_NAME) *alt_names;
2051 int i;
2052 X509_NAME *cert_subject;
2053 char *str;
2054
2055 if (ok == 0)
2056 return ok;
2057
2058 ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
2059 conn = (struct connection *)SSL_get_app_data(ssl);
2060
2061 servername = objt_server(conn->target)->ssl_ctx.verify_host;
2062
2063 /* We only need to verify the CN on the actual server cert,
2064 * not the indirect CAs */
2065 depth = X509_STORE_CTX_get_error_depth(ctx);
2066 if (depth != 0)
2067 return ok;
2068
2069 /* At this point, the cert is *not* OK unless we can find a
2070 * hostname match */
2071 ok = 0;
2072
2073 cert = X509_STORE_CTX_get_current_cert(ctx);
2074 /* It seems like this might happen if verify peer isn't set */
2075 if (!cert)
2076 return ok;
2077
2078 alt_names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
2079 if (alt_names) {
2080 for (i = 0; !ok && i < sk_GENERAL_NAME_num(alt_names); i++) {
2081 GENERAL_NAME *name = sk_GENERAL_NAME_value(alt_names, i);
2082 if (name->type == GEN_DNS) {
Emeric Bruna33410c2013-09-17 15:47:48 +02002083#if OPENSSL_VERSION_NUMBER < 0x00907000L
2084 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.ia5) >= 0) {
2085#else
Evan Broderbe554312013-06-27 00:05:25 -07002086 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
Emeric Bruna33410c2013-09-17 15:47:48 +02002087#endif
Evan Broderbe554312013-06-27 00:05:25 -07002088 ok = ssl_sock_srv_hostcheck(str, servername);
2089 OPENSSL_free(str);
2090 }
2091 }
2092 }
Emeric Brun4ad50a42013-09-17 15:19:54 +02002093 sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
Evan Broderbe554312013-06-27 00:05:25 -07002094 }
2095
2096 cert_subject = X509_get_subject_name(cert);
2097 i = -1;
2098 while (!ok && (i = X509_NAME_get_index_by_NID(cert_subject, NID_commonName, i)) != -1) {
2099 X509_NAME_ENTRY *entry = X509_NAME_get_entry(cert_subject, i);
2100 if (ASN1_STRING_to_UTF8((unsigned char **)&str, entry->value) >= 0) {
2101 ok = ssl_sock_srv_hostcheck(str, servername);
2102 OPENSSL_free(str);
2103 }
2104 }
2105
2106 return ok;
2107}
2108
Emeric Brun94324a42012-10-11 14:00:19 +02002109/* prepare ssl context from servers options. Returns an error count */
2110int ssl_sock_prepare_srv_ctx(struct server *srv, struct proxy *curproxy)
2111{
2112 int cfgerr = 0;
Remi Gacogneaf5c3da2014-05-19 10:29:58 +02002113 long options =
Emeric Brun94324a42012-10-11 14:00:19 +02002114 SSL_OP_ALL | /* all known workarounds for bugs */
2115 SSL_OP_NO_SSLv2 |
2116 SSL_OP_NO_COMPRESSION;
Remi Gacogneaf5c3da2014-05-19 10:29:58 +02002117 long mode =
Emeric Brun94324a42012-10-11 14:00:19 +02002118 SSL_MODE_ENABLE_PARTIAL_WRITE |
2119 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
Willy Tarreau396a1862014-11-13 14:06:52 +01002120 SSL_MODE_RELEASE_BUFFERS |
2121 SSL_MODE_SMALL_BUFFERS;
Emeric Brun850efd52014-01-29 12:24:34 +01002122 int verify = SSL_VERIFY_NONE;
Emeric Brun94324a42012-10-11 14:00:19 +02002123
Thierry Fournier383085f2013-01-24 14:15:43 +01002124 /* Make sure openssl opens /dev/urandom before the chroot */
2125 if (!ssl_initialize_random()) {
2126 Alert("OpenSSL random data generator initialization failed.\n");
2127 cfgerr++;
2128 }
2129
Willy Tarreaufce03112015-01-15 21:32:40 +01002130 /* Automatic memory computations need to know we use SSL there */
2131 global.ssl_used_backend = 1;
2132
2133 /* Initiate SSL context for current server */
Emeric Brun94324a42012-10-11 14:00:19 +02002134 srv->ssl_ctx.reused_sess = NULL;
2135 if (srv->use_ssl)
2136 srv->xprt = &ssl_sock;
2137 if (srv->check.use_ssl)
Cyril Bonté9ce13112014-11-15 22:41:27 +01002138 srv->check.xprt = &ssl_sock;
Emeric Brun94324a42012-10-11 14:00:19 +02002139
2140 srv->ssl_ctx.ctx = SSL_CTX_new(SSLv23_client_method());
2141 if (!srv->ssl_ctx.ctx) {
2142 Alert("config : %s '%s', server '%s': unable to allocate ssl context.\n",
2143 proxy_type_str(curproxy), curproxy->id,
2144 srv->id);
2145 cfgerr++;
2146 return cfgerr;
2147 }
Emeric Bruna7aa3092012-10-26 12:58:00 +02002148 if (srv->ssl_ctx.client_crt) {
2149 if (SSL_CTX_use_PrivateKey_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt, SSL_FILETYPE_PEM) <= 0) {
2150 Alert("config : %s '%s', server '%s': unable to load SSL private key from PEM file '%s'.\n",
2151 proxy_type_str(curproxy), curproxy->id,
2152 srv->id, srv->ssl_ctx.client_crt);
2153 cfgerr++;
2154 }
2155 else if (SSL_CTX_use_certificate_chain_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt) <= 0) {
2156 Alert("config : %s '%s', server '%s': unable to load ssl certificate from PEM file '%s'.\n",
2157 proxy_type_str(curproxy), curproxy->id,
2158 srv->id, srv->ssl_ctx.client_crt);
2159 cfgerr++;
2160 }
2161 else if (SSL_CTX_check_private_key(srv->ssl_ctx.ctx) <= 0) {
2162 Alert("config : %s '%s', server '%s': inconsistencies between private key and certificate loaded from PEM file '%s'.\n",
2163 proxy_type_str(curproxy), curproxy->id,
2164 srv->id, srv->ssl_ctx.client_crt);
2165 cfgerr++;
2166 }
2167 }
Emeric Brun94324a42012-10-11 14:00:19 +02002168
2169 if (srv->ssl_ctx.options & SRV_SSL_O_NO_SSLV3)
2170 options |= SSL_OP_NO_SSLv3;
2171 if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLSV10)
2172 options |= SSL_OP_NO_TLSv1;
2173 if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLSV11)
2174 options |= SSL_OP_NO_TLSv1_1;
2175 if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLSV12)
2176 options |= SSL_OP_NO_TLSv1_2;
Emeric Brunf9c5c472012-10-11 15:28:34 +02002177 if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLS_TICKETS)
2178 options |= SSL_OP_NO_TICKET;
Emeric Brun94324a42012-10-11 14:00:19 +02002179 if (srv->ssl_ctx.options & SRV_SSL_O_USE_SSLV3)
2180 SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, SSLv3_client_method());
2181 if (srv->ssl_ctx.options & SRV_SSL_O_USE_TLSV10)
2182 SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, TLSv1_client_method());
2183#if SSL_OP_NO_TLSv1_1
2184 if (srv->ssl_ctx.options & SRV_SSL_O_USE_TLSV11)
2185 SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, TLSv1_1_client_method());
2186#endif
2187#if SSL_OP_NO_TLSv1_2
2188 if (srv->ssl_ctx.options & SRV_SSL_O_USE_TLSV12)
2189 SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, TLSv1_2_client_method());
2190#endif
2191
2192 SSL_CTX_set_options(srv->ssl_ctx.ctx, options);
2193 SSL_CTX_set_mode(srv->ssl_ctx.ctx, mode);
Emeric Brun850efd52014-01-29 12:24:34 +01002194
2195 if (global.ssl_server_verify == SSL_SERVER_VERIFY_REQUIRED)
2196 verify = SSL_VERIFY_PEER;
2197
2198 switch (srv->ssl_ctx.verify) {
2199 case SSL_SOCK_VERIFY_NONE:
2200 verify = SSL_VERIFY_NONE;
2201 break;
2202 case SSL_SOCK_VERIFY_REQUIRED:
2203 verify = SSL_VERIFY_PEER;
2204 break;
2205 }
Evan Broderbe554312013-06-27 00:05:25 -07002206 SSL_CTX_set_verify(srv->ssl_ctx.ctx,
Emeric Brun850efd52014-01-29 12:24:34 +01002207 verify,
Evan Broderbe554312013-06-27 00:05:25 -07002208 srv->ssl_ctx.verify_host ? ssl_sock_srv_verifycbk : NULL);
Emeric Brun850efd52014-01-29 12:24:34 +01002209 if (verify & SSL_VERIFY_PEER) {
Emeric Brunef42d922012-10-11 16:11:36 +02002210 if (srv->ssl_ctx.ca_file) {
2211 /* load CAfile to verify */
2212 if (!SSL_CTX_load_verify_locations(srv->ssl_ctx.ctx, srv->ssl_ctx.ca_file, NULL)) {
Willy Tarreau07ba08b2014-02-16 19:22:08 +01002213 Alert("Proxy '%s', server '%s' [%s:%d] unable to load CA file '%s'.\n",
Emeric Brunef42d922012-10-11 16:11:36 +02002214 curproxy->id, srv->id,
2215 srv->conf.file, srv->conf.line, srv->ssl_ctx.ca_file);
2216 cfgerr++;
2217 }
2218 }
Emeric Brun850efd52014-01-29 12:24:34 +01002219 else {
2220 if (global.ssl_server_verify == SSL_SERVER_VERIFY_REQUIRED)
Willy Tarreau07ba08b2014-02-16 19:22:08 +01002221 Alert("Proxy '%s', server '%s' [%s:%d] verify is enabled by default but no CA file specified. If you're running on a LAN where you're certain to trust the server's certificate, please set an explicit 'verify none' statement on the 'server' line, or use 'ssl-server-verify none' in the global section to disable server-side verifications by default.\n",
Emeric Brun850efd52014-01-29 12:24:34 +01002222 curproxy->id, srv->id,
2223 srv->conf.file, srv->conf.line);
2224 else
Willy Tarreau07ba08b2014-02-16 19:22:08 +01002225 Alert("Proxy '%s', server '%s' [%s:%d] verify is enabled but no CA file specified.\n",
Emeric Brun850efd52014-01-29 12:24:34 +01002226 curproxy->id, srv->id,
2227 srv->conf.file, srv->conf.line);
2228 cfgerr++;
2229 }
Emeric Brunef42d922012-10-11 16:11:36 +02002230#ifdef X509_V_FLAG_CRL_CHECK
2231 if (srv->ssl_ctx.crl_file) {
2232 X509_STORE *store = SSL_CTX_get_cert_store(srv->ssl_ctx.ctx);
2233
2234 if (!store || !X509_STORE_load_locations(store, srv->ssl_ctx.crl_file, NULL)) {
Willy Tarreau07ba08b2014-02-16 19:22:08 +01002235 Alert("Proxy '%s', server '%s' [%s:%d] unable to configure CRL file '%s'.\n",
Emeric Brunef42d922012-10-11 16:11:36 +02002236 curproxy->id, srv->id,
2237 srv->conf.file, srv->conf.line, srv->ssl_ctx.crl_file);
2238 cfgerr++;
2239 }
2240 else {
2241 X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
2242 }
2243 }
2244#endif
2245 }
2246
Emeric Brun4f65bff2012-11-16 15:11:00 +01002247 if (global.tune.ssllifetime)
2248 SSL_CTX_set_timeout(srv->ssl_ctx.ctx, global.tune.ssllifetime);
2249
Emeric Brun94324a42012-10-11 14:00:19 +02002250 SSL_CTX_set_session_cache_mode(srv->ssl_ctx.ctx, SSL_SESS_CACHE_OFF);
2251 if (srv->ssl_ctx.ciphers &&
2252 !SSL_CTX_set_cipher_list(srv->ssl_ctx.ctx, srv->ssl_ctx.ciphers)) {
2253 Alert("Proxy '%s', server '%s' [%s:%d] : unable to set SSL cipher list to '%s'.\n",
2254 curproxy->id, srv->id,
2255 srv->conf.file, srv->conf.line, srv->ssl_ctx.ciphers);
2256 cfgerr++;
2257 }
2258
2259 return cfgerr;
2260}
2261
Willy Tarreau2a65ff02012-09-13 17:54:29 +02002262/* Walks down the two trees in bind_conf and prepares all certs. The pointer may
Emeric Brunfc0421f2012-09-07 17:30:07 +02002263 * be NULL, in which case nothing is done. Returns the number of errors
2264 * encountered.
2265 */
Willy Tarreau2a65ff02012-09-13 17:54:29 +02002266int ssl_sock_prepare_all_ctx(struct bind_conf *bind_conf, struct proxy *px)
Emeric Brunfc0421f2012-09-07 17:30:07 +02002267{
2268 struct ebmb_node *node;
2269 struct sni_ctx *sni;
2270 int err = 0;
2271
Willy Tarreau2a65ff02012-09-13 17:54:29 +02002272 if (!bind_conf || !bind_conf->is_ssl)
Emeric Brunfc0421f2012-09-07 17:30:07 +02002273 return 0;
2274
Willy Tarreaufce03112015-01-15 21:32:40 +01002275 /* Automatic memory computations need to know we use SSL there */
2276 global.ssl_used_frontend = 1;
2277
Emeric Brun0bed9942014-10-30 19:25:24 +01002278 if (bind_conf->default_ctx)
2279 err += ssl_sock_prepare_ctx(bind_conf, bind_conf->default_ctx, px);
2280
Willy Tarreau2a65ff02012-09-13 17:54:29 +02002281 node = ebmb_first(&bind_conf->sni_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02002282 while (node) {
2283 sni = ebmb_entry(node, struct sni_ctx, name);
Emeric Brun0bed9942014-10-30 19:25:24 +01002284 if (!sni->order && sni->ctx != bind_conf->default_ctx)
2285 /* only initialize the CTX on its first occurrence and
2286 if it is not the default_ctx */
Willy Tarreau2a65ff02012-09-13 17:54:29 +02002287 err += ssl_sock_prepare_ctx(bind_conf, sni->ctx, px);
Emeric Brunfc0421f2012-09-07 17:30:07 +02002288 node = ebmb_next(node);
2289 }
2290
Willy Tarreau2a65ff02012-09-13 17:54:29 +02002291 node = ebmb_first(&bind_conf->sni_w_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02002292 while (node) {
2293 sni = ebmb_entry(node, struct sni_ctx, name);
Emeric Brun0bed9942014-10-30 19:25:24 +01002294 if (!sni->order && sni->ctx != bind_conf->default_ctx)
2295 /* only initialize the CTX on its first occurrence and
2296 if it is not the default_ctx */
Willy Tarreau2a65ff02012-09-13 17:54:29 +02002297 err += ssl_sock_prepare_ctx(bind_conf, sni->ctx, px);
Emeric Brunfc0421f2012-09-07 17:30:07 +02002298 node = ebmb_next(node);
2299 }
2300 return err;
2301}
2302
Willy Tarreau2a65ff02012-09-13 17:54:29 +02002303/* Walks down the two trees in bind_conf and frees all the certs. The pointer may
Emeric Brunfc0421f2012-09-07 17:30:07 +02002304 * be NULL, in which case nothing is done. The default_ctx is nullified too.
2305 */
Willy Tarreau2a65ff02012-09-13 17:54:29 +02002306void ssl_sock_free_all_ctx(struct bind_conf *bind_conf)
Emeric Brunfc0421f2012-09-07 17:30:07 +02002307{
2308 struct ebmb_node *node, *back;
2309 struct sni_ctx *sni;
2310
Willy Tarreau2a65ff02012-09-13 17:54:29 +02002311 if (!bind_conf || !bind_conf->is_ssl)
Emeric Brunfc0421f2012-09-07 17:30:07 +02002312 return;
2313
Willy Tarreau2a65ff02012-09-13 17:54:29 +02002314 node = ebmb_first(&bind_conf->sni_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02002315 while (node) {
2316 sni = ebmb_entry(node, struct sni_ctx, name);
2317 back = ebmb_next(node);
2318 ebmb_delete(node);
2319 if (!sni->order) /* only free the CTX on its first occurrence */
2320 SSL_CTX_free(sni->ctx);
2321 free(sni);
2322 node = back;
2323 }
2324
Willy Tarreau2a65ff02012-09-13 17:54:29 +02002325 node = ebmb_first(&bind_conf->sni_w_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02002326 while (node) {
2327 sni = ebmb_entry(node, struct sni_ctx, name);
2328 back = ebmb_next(node);
2329 ebmb_delete(node);
2330 if (!sni->order) /* only free the CTX on its first occurrence */
2331 SSL_CTX_free(sni->ctx);
2332 free(sni);
2333 node = back;
2334 }
2335
Willy Tarreau2a65ff02012-09-13 17:54:29 +02002336 bind_conf->default_ctx = NULL;
Emeric Brune1f38db2012-09-03 20:36:47 +02002337}
2338
Emeric Brun46591952012-05-18 15:47:34 +02002339/*
2340 * This function is called if SSL * context is not yet allocated. The function
2341 * is designed to be called before any other data-layer operation and sets the
2342 * handshake flag on the connection. It is safe to call it multiple times.
2343 * It returns 0 on success and -1 in error case.
2344 */
2345static int ssl_sock_init(struct connection *conn)
2346{
2347 /* already initialized */
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02002348 if (conn->xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +02002349 return 0;
2350
Willy Tarreau3c728722014-01-23 13:50:42 +01002351 if (!conn_ctrl_ready(conn))
Willy Tarreauf79c8172013-10-21 16:30:56 +02002352 return 0;
2353
Willy Tarreau20879a02012-12-03 16:32:10 +01002354 if (global.maxsslconn && sslconns >= global.maxsslconn) {
2355 conn->err_code = CO_ER_SSL_TOO_MANY;
Willy Tarreau403edff2012-09-06 11:58:37 +02002356 return -1;
Willy Tarreau20879a02012-12-03 16:32:10 +01002357 }
Willy Tarreau403edff2012-09-06 11:58:37 +02002358
Emeric Brun46591952012-05-18 15:47:34 +02002359 /* If it is in client mode initiate SSL session
2360 in connect state otherwise accept state */
Willy Tarreau3fdb3662012-11-12 00:42:33 +01002361 if (objt_server(conn->target)) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01002362 int may_retry = 1;
2363
2364 retry_connect:
Emeric Brun46591952012-05-18 15:47:34 +02002365 /* Alloc a new SSL session ctx */
Willy Tarreau3fdb3662012-11-12 00:42:33 +01002366 conn->xprt_ctx = SSL_new(objt_server(conn->target)->ssl_ctx.ctx);
Willy Tarreau20879a02012-12-03 16:32:10 +01002367 if (!conn->xprt_ctx) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01002368 if (may_retry--) {
2369 pool_gc2();
2370 goto retry_connect;
2371 }
Willy Tarreau20879a02012-12-03 16:32:10 +01002372 conn->err_code = CO_ER_SSL_NO_MEM;
Emeric Brun46591952012-05-18 15:47:34 +02002373 return -1;
Willy Tarreau20879a02012-12-03 16:32:10 +01002374 }
Emeric Brun46591952012-05-18 15:47:34 +02002375
Emeric Brun46591952012-05-18 15:47:34 +02002376 /* set fd on SSL session context */
Emeric Brun55476152014-11-12 17:35:37 +01002377 if (!SSL_set_fd(conn->xprt_ctx, conn->t.sock.fd)) {
2378 SSL_free(conn->xprt_ctx);
2379 conn->xprt_ctx = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01002380 if (may_retry--) {
2381 pool_gc2();
2382 goto retry_connect;
2383 }
Emeric Brun55476152014-11-12 17:35:37 +01002384 conn->err_code = CO_ER_SSL_NO_MEM;
2385 return -1;
2386 }
Emeric Brun46591952012-05-18 15:47:34 +02002387
Evan Broderbe554312013-06-27 00:05:25 -07002388 /* set connection pointer */
Emeric Brun55476152014-11-12 17:35:37 +01002389 if (!SSL_set_app_data(conn->xprt_ctx, conn)) {
2390 SSL_free(conn->xprt_ctx);
2391 conn->xprt_ctx = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01002392 if (may_retry--) {
2393 pool_gc2();
2394 goto retry_connect;
2395 }
Emeric Brun55476152014-11-12 17:35:37 +01002396 conn->err_code = CO_ER_SSL_NO_MEM;
2397 return -1;
2398 }
2399
2400 SSL_set_connect_state(conn->xprt_ctx);
2401 if (objt_server(conn->target)->ssl_ctx.reused_sess) {
2402 if(!SSL_set_session(conn->xprt_ctx, objt_server(conn->target)->ssl_ctx.reused_sess)) {
2403 SSL_SESSION_free(objt_server(conn->target)->ssl_ctx.reused_sess);
2404 objt_server(conn->target)->ssl_ctx.reused_sess = NULL;
2405 }
2406 }
Evan Broderbe554312013-06-27 00:05:25 -07002407
Emeric Brun46591952012-05-18 15:47:34 +02002408 /* leave init state and start handshake */
Willy Tarreau05737472012-09-04 08:03:39 +02002409 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Willy Tarreau403edff2012-09-06 11:58:37 +02002410
2411 sslconns++;
Willy Tarreau71b734c2014-01-28 15:19:44 +01002412 totalsslconns++;
Emeric Brun46591952012-05-18 15:47:34 +02002413 return 0;
2414 }
Willy Tarreau3fdb3662012-11-12 00:42:33 +01002415 else if (objt_listener(conn->target)) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01002416 int may_retry = 1;
2417
2418 retry_accept:
Emeric Brun46591952012-05-18 15:47:34 +02002419 /* Alloc a new SSL session ctx */
Willy Tarreau3fdb3662012-11-12 00:42:33 +01002420 conn->xprt_ctx = SSL_new(objt_listener(conn->target)->bind_conf->default_ctx);
Willy Tarreau20879a02012-12-03 16:32:10 +01002421 if (!conn->xprt_ctx) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01002422 if (may_retry--) {
2423 pool_gc2();
2424 goto retry_accept;
2425 }
Willy Tarreau20879a02012-12-03 16:32:10 +01002426 conn->err_code = CO_ER_SSL_NO_MEM;
Emeric Brun46591952012-05-18 15:47:34 +02002427 return -1;
Willy Tarreau20879a02012-12-03 16:32:10 +01002428 }
Emeric Brun46591952012-05-18 15:47:34 +02002429
Emeric Brun46591952012-05-18 15:47:34 +02002430 /* set fd on SSL session context */
Emeric Brun55476152014-11-12 17:35:37 +01002431 if (!SSL_set_fd(conn->xprt_ctx, conn->t.sock.fd)) {
2432 SSL_free(conn->xprt_ctx);
2433 conn->xprt_ctx = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01002434 if (may_retry--) {
2435 pool_gc2();
2436 goto retry_accept;
2437 }
Emeric Brun55476152014-11-12 17:35:37 +01002438 conn->err_code = CO_ER_SSL_NO_MEM;
2439 return -1;
2440 }
Emeric Brun46591952012-05-18 15:47:34 +02002441
Emeric Brune1f38db2012-09-03 20:36:47 +02002442 /* set connection pointer */
Emeric Brun55476152014-11-12 17:35:37 +01002443 if (!SSL_set_app_data(conn->xprt_ctx, conn)) {
2444 SSL_free(conn->xprt_ctx);
2445 conn->xprt_ctx = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01002446 if (may_retry--) {
2447 pool_gc2();
2448 goto retry_accept;
2449 }
Emeric Brun55476152014-11-12 17:35:37 +01002450 conn->err_code = CO_ER_SSL_NO_MEM;
2451 return -1;
2452 }
2453
2454 SSL_set_accept_state(conn->xprt_ctx);
Emeric Brune1f38db2012-09-03 20:36:47 +02002455
Emeric Brun46591952012-05-18 15:47:34 +02002456 /* leave init state and start handshake */
Willy Tarreau05737472012-09-04 08:03:39 +02002457 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Willy Tarreau403edff2012-09-06 11:58:37 +02002458
2459 sslconns++;
Willy Tarreau71b734c2014-01-28 15:19:44 +01002460 totalsslconns++;
Emeric Brun46591952012-05-18 15:47:34 +02002461 return 0;
2462 }
2463 /* don't know how to handle such a target */
Willy Tarreau20879a02012-12-03 16:32:10 +01002464 conn->err_code = CO_ER_SSL_NO_TARGET;
Emeric Brun46591952012-05-18 15:47:34 +02002465 return -1;
2466}
2467
2468
2469/* This is the callback which is used when an SSL handshake is pending. It
2470 * updates the FD status if it wants some polling before being called again.
2471 * It returns 0 if it fails in a fatal way or needs to poll to go further,
2472 * otherwise it returns non-zero and removes itself from the connection's
2473 * flags (the bit is provided in <flag> by the caller).
2474 */
2475int ssl_sock_handshake(struct connection *conn, unsigned int flag)
2476{
2477 int ret;
2478
Willy Tarreau3c728722014-01-23 13:50:42 +01002479 if (!conn_ctrl_ready(conn))
Willy Tarreauf79c8172013-10-21 16:30:56 +02002480 return 0;
2481
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02002482 if (!conn->xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +02002483 goto out_error;
2484
Emeric Brun674b7432012-11-08 19:21:55 +01002485 /* If we use SSL_do_handshake to process a reneg initiated by
2486 * the remote peer, it sometimes returns SSL_ERROR_SSL.
2487 * Usually SSL_write and SSL_read are used and process implicitly
2488 * the reneg handshake.
2489 * Here we use SSL_peek as a workaround for reneg.
2490 */
2491 if ((conn->flags & CO_FL_CONNECTED) && SSL_renegotiate_pending(conn->xprt_ctx)) {
2492 char c;
2493
2494 ret = SSL_peek(conn->xprt_ctx, &c, 1);
2495 if (ret <= 0) {
2496 /* handshake may have not been completed, let's find why */
2497 ret = SSL_get_error(conn->xprt_ctx, ret);
2498 if (ret == SSL_ERROR_WANT_WRITE) {
2499 /* SSL handshake needs to write, L4 connection may not be ready */
2500 __conn_sock_stop_recv(conn);
Willy Tarreaue1f50c42014-01-22 20:02:06 +01002501 __conn_sock_want_send(conn);
2502 fd_cant_send(conn->t.sock.fd);
Emeric Brun674b7432012-11-08 19:21:55 +01002503 return 0;
2504 }
2505 else if (ret == SSL_ERROR_WANT_READ) {
2506 /* handshake may have been completed but we have
2507 * no more data to read.
2508 */
2509 if (!SSL_renegotiate_pending(conn->xprt_ctx)) {
2510 ret = 1;
2511 goto reneg_ok;
2512 }
2513 /* SSL handshake needs to read, L4 connection is ready */
2514 if (conn->flags & CO_FL_WAIT_L4_CONN)
2515 conn->flags &= ~CO_FL_WAIT_L4_CONN;
2516 __conn_sock_stop_send(conn);
Willy Tarreaue1f50c42014-01-22 20:02:06 +01002517 __conn_sock_want_recv(conn);
2518 fd_cant_recv(conn->t.sock.fd);
Emeric Brun674b7432012-11-08 19:21:55 +01002519 return 0;
2520 }
2521 else if (ret == SSL_ERROR_SYSCALL) {
2522 /* if errno is null, then connection was successfully established */
2523 if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
2524 conn->flags &= ~CO_FL_WAIT_L4_CONN;
Willy Tarreau20879a02012-12-03 16:32:10 +01002525 if (!conn->err_code) {
Emeric Brun29f037d2014-04-25 19:05:36 +02002526 if (!((SSL *)conn->xprt_ctx)->packet_length) {
2527 if (!errno) {
2528 if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2529 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2530 else
2531 conn->err_code = CO_ER_SSL_EMPTY;
2532 }
2533 else {
2534 if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2535 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2536 else
2537 conn->err_code = CO_ER_SSL_ABORT;
2538 }
2539 }
2540 else {
2541 if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2542 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
Willy Tarreau20879a02012-12-03 16:32:10 +01002543 else
Emeric Brun29f037d2014-04-25 19:05:36 +02002544 conn->err_code = CO_ER_SSL_HANDSHAKE;
2545 }
Willy Tarreau20879a02012-12-03 16:32:10 +01002546 }
Emeric Brun674b7432012-11-08 19:21:55 +01002547 goto out_error;
2548 }
2549 else {
2550 /* Fail on all other handshake errors */
2551 /* Note: OpenSSL may leave unread bytes in the socket's
2552 * buffer, causing an RST to be emitted upon close() on
2553 * TCP sockets. We first try to drain possibly pending
2554 * data to avoid this as much as possible.
2555 */
Willy Tarreaud85c4852015-03-13 00:40:28 +01002556 conn_sock_drain(conn);
Willy Tarreau20879a02012-12-03 16:32:10 +01002557 if (!conn->err_code)
Willy Tarreauf51c6982014-04-25 20:02:39 +02002558 conn->err_code = (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT) ?
2559 CO_ER_SSL_KILLED_HB : CO_ER_SSL_HANDSHAKE;
Emeric Brun674b7432012-11-08 19:21:55 +01002560 goto out_error;
2561 }
2562 }
2563 /* read some data: consider handshake completed */
2564 goto reneg_ok;
2565 }
2566
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02002567 ret = SSL_do_handshake(conn->xprt_ctx);
Emeric Brun46591952012-05-18 15:47:34 +02002568 if (ret != 1) {
2569 /* handshake did not complete, let's find why */
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02002570 ret = SSL_get_error(conn->xprt_ctx, ret);
Emeric Brun46591952012-05-18 15:47:34 +02002571
2572 if (ret == SSL_ERROR_WANT_WRITE) {
2573 /* SSL handshake needs to write, L4 connection may not be ready */
2574 __conn_sock_stop_recv(conn);
Willy Tarreaue1f50c42014-01-22 20:02:06 +01002575 __conn_sock_want_send(conn);
2576 fd_cant_send(conn->t.sock.fd);
Emeric Brun46591952012-05-18 15:47:34 +02002577 return 0;
2578 }
2579 else if (ret == SSL_ERROR_WANT_READ) {
2580 /* SSL handshake needs to read, L4 connection is ready */
2581 if (conn->flags & CO_FL_WAIT_L4_CONN)
2582 conn->flags &= ~CO_FL_WAIT_L4_CONN;
2583 __conn_sock_stop_send(conn);
Willy Tarreaue1f50c42014-01-22 20:02:06 +01002584 __conn_sock_want_recv(conn);
2585 fd_cant_recv(conn->t.sock.fd);
Emeric Brun46591952012-05-18 15:47:34 +02002586 return 0;
2587 }
Willy Tarreau89230192012-09-28 20:22:13 +02002588 else if (ret == SSL_ERROR_SYSCALL) {
2589 /* if errno is null, then connection was successfully established */
2590 if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
2591 conn->flags &= ~CO_FL_WAIT_L4_CONN;
Willy Tarreau20879a02012-12-03 16:32:10 +01002592
Emeric Brun29f037d2014-04-25 19:05:36 +02002593 if (!((SSL *)conn->xprt_ctx)->packet_length) {
2594 if (!errno) {
2595 if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2596 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2597 else
2598 conn->err_code = CO_ER_SSL_EMPTY;
2599 }
2600 else {
2601 if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2602 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
2603 else
2604 conn->err_code = CO_ER_SSL_ABORT;
2605 }
2606 }
2607 else {
2608 if (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
2609 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
Willy Tarreau20879a02012-12-03 16:32:10 +01002610 else
Emeric Brun29f037d2014-04-25 19:05:36 +02002611 conn->err_code = CO_ER_SSL_HANDSHAKE;
2612 }
Willy Tarreau89230192012-09-28 20:22:13 +02002613 goto out_error;
2614 }
Emeric Brun46591952012-05-18 15:47:34 +02002615 else {
2616 /* Fail on all other handshake errors */
Willy Tarreau566dc552012-10-19 20:52:18 +02002617 /* Note: OpenSSL may leave unread bytes in the socket's
2618 * buffer, causing an RST to be emitted upon close() on
2619 * TCP sockets. We first try to drain possibly pending
2620 * data to avoid this as much as possible.
2621 */
Willy Tarreaud85c4852015-03-13 00:40:28 +01002622 conn_sock_drain(conn);
Willy Tarreau20879a02012-12-03 16:32:10 +01002623 if (!conn->err_code)
Willy Tarreauf51c6982014-04-25 20:02:39 +02002624 conn->err_code = (conn->xprt_st & SSL_SOCK_RECV_HEARTBEAT) ?
2625 CO_ER_SSL_KILLED_HB : CO_ER_SSL_HANDSHAKE;
Emeric Brun46591952012-05-18 15:47:34 +02002626 goto out_error;
2627 }
2628 }
2629
Emeric Brun674b7432012-11-08 19:21:55 +01002630reneg_ok:
2631
Emeric Brun46591952012-05-18 15:47:34 +02002632 /* Handshake succeeded */
Willy Tarreau0c9c2722014-05-28 12:28:58 +02002633 if (!SSL_session_reused(conn->xprt_ctx)) {
2634 if (objt_server(conn->target)) {
2635 update_freq_ctr(&global.ssl_be_keys_per_sec, 1);
2636 if (global.ssl_be_keys_per_sec.curr_ctr > global.ssl_be_keys_max)
2637 global.ssl_be_keys_max = global.ssl_be_keys_per_sec.curr_ctr;
2638
Emeric Brun46591952012-05-18 15:47:34 +02002639 /* check if session was reused, if not store current session on server for reuse */
Willy Tarreau3fdb3662012-11-12 00:42:33 +01002640 if (objt_server(conn->target)->ssl_ctx.reused_sess)
2641 SSL_SESSION_free(objt_server(conn->target)->ssl_ctx.reused_sess);
Emeric Brun46591952012-05-18 15:47:34 +02002642
Willy Tarreau2a3fb1c2015-02-05 16:47:07 +01002643 if (!(objt_server(conn->target)->ssl_ctx.options & SRV_SSL_O_NO_REUSE))
2644 objt_server(conn->target)->ssl_ctx.reused_sess = SSL_get1_session(conn->xprt_ctx);
Emeric Brun46591952012-05-18 15:47:34 +02002645 }
Willy Tarreau0c9c2722014-05-28 12:28:58 +02002646 else {
2647 update_freq_ctr(&global.ssl_fe_keys_per_sec, 1);
2648 if (global.ssl_fe_keys_per_sec.curr_ctr > global.ssl_fe_keys_max)
2649 global.ssl_fe_keys_max = global.ssl_fe_keys_per_sec.curr_ctr;
2650 }
Emeric Brun46591952012-05-18 15:47:34 +02002651 }
2652
2653 /* The connection is now established at both layers, it's time to leave */
2654 conn->flags &= ~(flag | CO_FL_WAIT_L4_CONN | CO_FL_WAIT_L6_CONN);
2655 return 1;
2656
2657 out_error:
Emeric Brun644cde02012-12-14 11:21:13 +01002658 /* Clear openssl global errors stack */
2659 ERR_clear_error();
2660
Emeric Brun9fa89732012-10-04 17:09:56 +02002661 /* free resumed session if exists */
Willy Tarreau3fdb3662012-11-12 00:42:33 +01002662 if (objt_server(conn->target) && objt_server(conn->target)->ssl_ctx.reused_sess) {
2663 SSL_SESSION_free(objt_server(conn->target)->ssl_ctx.reused_sess);
2664 objt_server(conn->target)->ssl_ctx.reused_sess = NULL;
Emeric Brun9fa89732012-10-04 17:09:56 +02002665 }
2666
Emeric Brun46591952012-05-18 15:47:34 +02002667 /* Fail on all other handshake errors */
2668 conn->flags |= CO_FL_ERROR;
Willy Tarreau20879a02012-12-03 16:32:10 +01002669 if (!conn->err_code)
2670 conn->err_code = CO_ER_SSL_HANDSHAKE;
Emeric Brun46591952012-05-18 15:47:34 +02002671 return 0;
2672}
2673
2674/* Receive up to <count> bytes from connection <conn>'s socket and store them
Willy Tarreauabf08d92014-01-14 11:31:27 +01002675 * into buffer <buf>. Only one call to recv() is performed, unless the
Emeric Brun46591952012-05-18 15:47:34 +02002676 * buffer wraps, in which case a second call may be performed. The connection's
2677 * flags are updated with whatever special event is detected (error, read0,
2678 * empty). The caller is responsible for taking care of those events and
2679 * avoiding the call if inappropriate. The function does not call the
2680 * connection's polling update function, so the caller is responsible for this.
2681 */
2682static int ssl_sock_to_buf(struct connection *conn, struct buffer *buf, int count)
2683{
2684 int ret, done = 0;
Willy Tarreauabf08d92014-01-14 11:31:27 +01002685 int try;
Emeric Brun46591952012-05-18 15:47:34 +02002686
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02002687 if (!conn->xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +02002688 goto out_error;
2689
2690 if (conn->flags & CO_FL_HANDSHAKE)
2691 /* a handshake was requested */
2692 return 0;
2693
Willy Tarreauabf08d92014-01-14 11:31:27 +01002694 /* let's realign the buffer to optimize I/O */
2695 if (buffer_empty(buf))
Emeric Brun46591952012-05-18 15:47:34 +02002696 buf->p = buf->data;
Emeric Brun46591952012-05-18 15:47:34 +02002697
2698 /* read the largest possible block. For this, we perform only one call
2699 * to recv() unless the buffer wraps and we exactly fill the first hunk,
2700 * in which case we accept to do it once again. A new attempt is made on
2701 * EINTR too.
2702 */
Willy Tarreau00b0fb92014-01-17 11:09:40 +01002703 while (count > 0) {
Willy Tarreauabf08d92014-01-14 11:31:27 +01002704 /* first check if we have some room after p+i */
2705 try = buf->data + buf->size - (buf->p + buf->i);
2706 /* otherwise continue between data and p-o */
2707 if (try <= 0) {
2708 try = buf->p - (buf->data + buf->o);
2709 if (try <= 0)
2710 break;
2711 }
2712 if (try > count)
2713 try = count;
2714
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02002715 ret = SSL_read(conn->xprt_ctx, bi_end(buf), try);
Emeric Brune1f38db2012-09-03 20:36:47 +02002716 if (conn->flags & CO_FL_ERROR) {
2717 /* CO_FL_ERROR may be set by ssl_sock_infocbk */
Emeric Brun644cde02012-12-14 11:21:13 +01002718 goto out_error;
Emeric Brune1f38db2012-09-03 20:36:47 +02002719 }
Emeric Brun46591952012-05-18 15:47:34 +02002720 if (ret > 0) {
2721 buf->i += ret;
2722 done += ret;
2723 if (ret < try)
2724 break;
2725 count -= ret;
Emeric Brun46591952012-05-18 15:47:34 +02002726 }
2727 else if (ret == 0) {
Emeric Brun644cde02012-12-14 11:21:13 +01002728 ret = SSL_get_error(conn->xprt_ctx, ret);
2729 if (ret != SSL_ERROR_ZERO_RETURN) {
Emeric Brun1c646862012-12-14 12:33:41 +01002730 /* error on protocol or underlying transport */
2731 if ((ret != SSL_ERROR_SYSCALL)
2732 || (errno && (errno != EAGAIN)))
2733 conn->flags |= CO_FL_ERROR;
2734
Emeric Brun644cde02012-12-14 11:21:13 +01002735 /* Clear openssl global errors stack */
2736 ERR_clear_error();
2737 }
Emeric Brun46591952012-05-18 15:47:34 +02002738 goto read0;
2739 }
2740 else {
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02002741 ret = SSL_get_error(conn->xprt_ctx, ret);
Emeric Brun46591952012-05-18 15:47:34 +02002742 if (ret == SSL_ERROR_WANT_WRITE) {
Emeric Brun8af8dd12012-11-08 17:56:20 +01002743 /* handshake is running, and it needs to enable write */
Emeric Brun46591952012-05-18 15:47:34 +02002744 conn->flags |= CO_FL_SSL_WAIT_HS;
Emeric Brun8af8dd12012-11-08 17:56:20 +01002745 __conn_sock_want_send(conn);
Emeric Brun46591952012-05-18 15:47:34 +02002746 break;
2747 }
2748 else if (ret == SSL_ERROR_WANT_READ) {
Emeric Brun282a76a2012-11-08 18:02:56 +01002749 if (SSL_renegotiate_pending(conn->xprt_ctx)) {
2750 /* handshake is running, and it may need to re-enable read */
2751 conn->flags |= CO_FL_SSL_WAIT_HS;
2752 __conn_sock_want_recv(conn);
2753 break;
2754 }
Emeric Brun46591952012-05-18 15:47:34 +02002755 /* we need to poll for retry a read later */
Willy Tarreaue1f50c42014-01-22 20:02:06 +01002756 fd_cant_recv(conn->t.sock.fd);
Emeric Brun46591952012-05-18 15:47:34 +02002757 break;
2758 }
2759 /* otherwise it's a real error */
2760 goto out_error;
2761 }
2762 }
2763 return done;
2764
2765 read0:
2766 conn_sock_read0(conn);
2767 return done;
2768 out_error:
Emeric Brun644cde02012-12-14 11:21:13 +01002769 /* Clear openssl global errors stack */
2770 ERR_clear_error();
2771
Emeric Brun46591952012-05-18 15:47:34 +02002772 conn->flags |= CO_FL_ERROR;
2773 return done;
2774}
2775
2776
2777/* Send all pending bytes from buffer <buf> to connection <conn>'s socket.
Willy Tarreau1049b1f2014-02-02 01:51:17 +01002778 * <flags> may contain some CO_SFL_* flags to hint the system about other
2779 * pending data for example, but this flag is ignored at the moment.
Emeric Brun46591952012-05-18 15:47:34 +02002780 * Only one call to send() is performed, unless the buffer wraps, in which case
2781 * a second call may be performed. The connection's flags are updated with
2782 * whatever special event is detected (error, empty). The caller is responsible
2783 * for taking care of those events and avoiding the call if inappropriate. The
2784 * function does not call the connection's polling update function, so the caller
2785 * is responsible for this.
2786 */
2787static int ssl_sock_from_buf(struct connection *conn, struct buffer *buf, int flags)
2788{
2789 int ret, try, done;
2790
2791 done = 0;
2792
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02002793 if (!conn->xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +02002794 goto out_error;
2795
2796 if (conn->flags & CO_FL_HANDSHAKE)
2797 /* a handshake was requested */
2798 return 0;
2799
2800 /* send the largest possible block. For this we perform only one call
2801 * to send() unless the buffer wraps and we exactly fill the first hunk,
2802 * in which case we accept to do it once again.
2803 */
2804 while (buf->o) {
Kevin Hestercad82342013-05-30 15:12:41 -07002805 try = bo_contig_data(buf);
Willy Tarreaubfd59462013-02-21 07:46:09 +01002806
Willy Tarreau7bed9452014-02-02 02:00:24 +01002807 if (!(flags & CO_SFL_STREAMER) &&
Willy Tarreau518cedd2014-02-17 15:43:01 +01002808 !(conn->xprt_st & SSL_SOCK_SEND_UNLIMITED) &&
2809 global.tune.ssl_max_record && try > global.tune.ssl_max_record) {
Willy Tarreaubfd59462013-02-21 07:46:09 +01002810 try = global.tune.ssl_max_record;
Willy Tarreau518cedd2014-02-17 15:43:01 +01002811 }
2812 else {
2813 /* we need to keep the information about the fact that
2814 * we're not limiting the upcoming send(), because if it
2815 * fails, we'll have to retry with at least as many data.
2816 */
2817 conn->xprt_st |= SSL_SOCK_SEND_UNLIMITED;
2818 }
Willy Tarreaubfd59462013-02-21 07:46:09 +01002819
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02002820 ret = SSL_write(conn->xprt_ctx, bo_ptr(buf), try);
Willy Tarreau518cedd2014-02-17 15:43:01 +01002821
Emeric Brune1f38db2012-09-03 20:36:47 +02002822 if (conn->flags & CO_FL_ERROR) {
2823 /* CO_FL_ERROR may be set by ssl_sock_infocbk */
Emeric Brun644cde02012-12-14 11:21:13 +01002824 goto out_error;
Emeric Brune1f38db2012-09-03 20:36:47 +02002825 }
Emeric Brun46591952012-05-18 15:47:34 +02002826 if (ret > 0) {
Willy Tarreau518cedd2014-02-17 15:43:01 +01002827 conn->xprt_st &= ~SSL_SOCK_SEND_UNLIMITED;
2828
Emeric Brun46591952012-05-18 15:47:34 +02002829 buf->o -= ret;
2830 done += ret;
2831
Willy Tarreau5fb38032012-12-16 19:39:09 +01002832 if (likely(buffer_empty(buf)))
Emeric Brun46591952012-05-18 15:47:34 +02002833 /* optimize data alignment in the buffer */
2834 buf->p = buf->data;
2835
2836 /* if the system buffer is full, don't insist */
2837 if (ret < try)
2838 break;
2839 }
2840 else {
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02002841 ret = SSL_get_error(conn->xprt_ctx, ret);
Emeric Brun46591952012-05-18 15:47:34 +02002842 if (ret == SSL_ERROR_WANT_WRITE) {
Emeric Brun282a76a2012-11-08 18:02:56 +01002843 if (SSL_renegotiate_pending(conn->xprt_ctx)) {
2844 /* handshake is running, and it may need to re-enable write */
2845 conn->flags |= CO_FL_SSL_WAIT_HS;
2846 __conn_sock_want_send(conn);
2847 break;
2848 }
Emeric Brun46591952012-05-18 15:47:34 +02002849 /* we need to poll to retry a write later */
Willy Tarreaue1f50c42014-01-22 20:02:06 +01002850 fd_cant_send(conn->t.sock.fd);
Emeric Brun46591952012-05-18 15:47:34 +02002851 break;
2852 }
2853 else if (ret == SSL_ERROR_WANT_READ) {
Emeric Brun8af8dd12012-11-08 17:56:20 +01002854 /* handshake is running, and it needs to enable read */
Emeric Brun46591952012-05-18 15:47:34 +02002855 conn->flags |= CO_FL_SSL_WAIT_HS;
Emeric Brun8af8dd12012-11-08 17:56:20 +01002856 __conn_sock_want_recv(conn);
Emeric Brun46591952012-05-18 15:47:34 +02002857 break;
2858 }
2859 goto out_error;
2860 }
2861 }
2862 return done;
2863
2864 out_error:
Emeric Brun644cde02012-12-14 11:21:13 +01002865 /* Clear openssl global errors stack */
2866 ERR_clear_error();
2867
Emeric Brun46591952012-05-18 15:47:34 +02002868 conn->flags |= CO_FL_ERROR;
2869 return done;
2870}
2871
Emeric Brun46591952012-05-18 15:47:34 +02002872static void ssl_sock_close(struct connection *conn) {
2873
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02002874 if (conn->xprt_ctx) {
2875 SSL_free(conn->xprt_ctx);
2876 conn->xprt_ctx = NULL;
Willy Tarreau403edff2012-09-06 11:58:37 +02002877 sslconns--;
Emeric Brun46591952012-05-18 15:47:34 +02002878 }
Emeric Brun46591952012-05-18 15:47:34 +02002879}
2880
2881/* This function tries to perform a clean shutdown on an SSL connection, and in
2882 * any case, flags the connection as reusable if no handshake was in progress.
2883 */
2884static void ssl_sock_shutw(struct connection *conn, int clean)
2885{
2886 if (conn->flags & CO_FL_HANDSHAKE)
2887 return;
2888 /* no handshake was in progress, try a clean ssl shutdown */
Emeric Brun644cde02012-12-14 11:21:13 +01002889 if (clean && (SSL_shutdown(conn->xprt_ctx) <= 0)) {
2890 /* Clear openssl global errors stack */
2891 ERR_clear_error();
2892 }
Emeric Brun46591952012-05-18 15:47:34 +02002893
2894 /* force flag on ssl to keep session in cache regardless shutdown result */
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02002895 SSL_set_shutdown(conn->xprt_ctx, SSL_SENT_SHUTDOWN);
Emeric Brun46591952012-05-18 15:47:34 +02002896}
2897
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02002898/* used for logging, may be changed for a sample fetch later */
2899const char *ssl_sock_get_cipher_name(struct connection *conn)
2900{
2901 if (!conn->xprt && !conn->xprt_ctx)
2902 return NULL;
2903 return SSL_get_cipher_name(conn->xprt_ctx);
2904}
2905
2906/* used for logging, may be changed for a sample fetch later */
2907const char *ssl_sock_get_proto_version(struct connection *conn)
2908{
2909 if (!conn->xprt && !conn->xprt_ctx)
2910 return NULL;
2911 return SSL_get_version(conn->xprt_ctx);
2912}
2913
Willy Tarreau8d598402012-10-22 17:58:39 +02002914/* Extract a serial from a cert, and copy it to a chunk.
2915 * Returns 1 if serial is found and copied, 0 if no serial found and
2916 * -1 if output is not large enough.
2917 */
2918static int
2919ssl_sock_get_serial(X509 *crt, struct chunk *out)
2920{
2921 ASN1_INTEGER *serial;
2922
2923 serial = X509_get_serialNumber(crt);
2924 if (!serial)
2925 return 0;
2926
2927 if (out->size < serial->length)
2928 return -1;
2929
2930 memcpy(out->str, serial->data, serial->length);
2931 out->len = serial->length;
2932 return 1;
2933}
2934
Emeric Brun43e79582014-10-29 19:03:26 +01002935/* Extract a cert to der, and copy it to a chunk.
2936 * Returns 1 if cert is found and copied, 0 on der convertion failure and
2937 * -1 if output is not large enough.
2938 */
2939static int
2940ssl_sock_crt2der(X509 *crt, struct chunk *out)
2941{
2942 int len;
2943 unsigned char *p = (unsigned char *)out->str;;
2944
2945 len =i2d_X509(crt, NULL);
2946 if (len <= 0)
2947 return 1;
2948
2949 if (out->size < len)
2950 return -1;
2951
2952 i2d_X509(crt,&p);
2953 out->len = len;
2954 return 1;
2955}
2956
Emeric Brunce5ad802012-10-22 14:11:22 +02002957
2958/* Copy Date in ASN1_UTCTIME format in struct chunk out.
2959 * Returns 1 if serial is found and copied, 0 if no valid time found
2960 * and -1 if output is not large enough.
2961 */
2962static int
2963ssl_sock_get_time(ASN1_TIME *tm, struct chunk *out)
2964{
2965 if (tm->type == V_ASN1_GENERALIZEDTIME) {
2966 ASN1_GENERALIZEDTIME *gentm = (ASN1_GENERALIZEDTIME *)tm;
2967
2968 if (gentm->length < 12)
2969 return 0;
2970 if (gentm->data[0] != 0x32 || gentm->data[1] != 0x30)
2971 return 0;
2972 if (out->size < gentm->length-2)
2973 return -1;
2974
2975 memcpy(out->str, gentm->data+2, gentm->length-2);
2976 out->len = gentm->length-2;
2977 return 1;
2978 }
2979 else if (tm->type == V_ASN1_UTCTIME) {
2980 ASN1_UTCTIME *utctm = (ASN1_UTCTIME *)tm;
2981
2982 if (utctm->length < 10)
2983 return 0;
2984 if (utctm->data[0] >= 0x35)
2985 return 0;
2986 if (out->size < utctm->length)
2987 return -1;
2988
2989 memcpy(out->str, utctm->data, utctm->length);
2990 out->len = utctm->length;
2991 return 1;
2992 }
2993
2994 return 0;
2995}
2996
Emeric Brun87855892012-10-17 17:39:35 +02002997/* Extract an entry from a X509_NAME and copy its value to an output chunk.
2998 * Returns 1 if entry found, 0 if entry not found, or -1 if output not large enough.
2999 */
3000static int
3001ssl_sock_get_dn_entry(X509_NAME *a, const struct chunk *entry, int pos, struct chunk *out)
3002{
3003 X509_NAME_ENTRY *ne;
3004 int i, j, n;
3005 int cur = 0;
3006 const char *s;
3007 char tmp[128];
3008
3009 out->len = 0;
3010 for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
3011 if (pos < 0)
3012 j = (sk_X509_NAME_ENTRY_num(a->entries)-1) - i;
3013 else
3014 j = i;
3015
3016 ne = sk_X509_NAME_ENTRY_value(a->entries, j);
3017 n = OBJ_obj2nid(ne->object);
3018 if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
3019 i2t_ASN1_OBJECT(tmp, sizeof(tmp), ne->object);
3020 s = tmp;
3021 }
3022
3023 if (chunk_strcasecmp(entry, s) != 0)
3024 continue;
3025
3026 if (pos < 0)
3027 cur--;
3028 else
3029 cur++;
3030
3031 if (cur != pos)
3032 continue;
3033
3034 if (ne->value->length > out->size)
3035 return -1;
3036
3037 memcpy(out->str, ne->value->data, ne->value->length);
3038 out->len = ne->value->length;
3039 return 1;
3040 }
3041
3042 return 0;
3043
3044}
3045
3046/* Extract and format full DN from a X509_NAME and copy result into a chunk
3047 * Returns 1 if dn entries exits, 0 if no dn entry found or -1 if output is not large enough.
3048 */
3049static int
3050ssl_sock_get_dn_oneline(X509_NAME *a, struct chunk *out)
3051{
3052 X509_NAME_ENTRY *ne;
3053 int i, n, ln;
3054 int l = 0;
3055 const char *s;
3056 char *p;
3057 char tmp[128];
3058
3059 out->len = 0;
3060 p = out->str;
3061 for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
3062 ne = sk_X509_NAME_ENTRY_value(a->entries, i);
3063 n = OBJ_obj2nid(ne->object);
3064 if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
3065 i2t_ASN1_OBJECT(tmp, sizeof(tmp), ne->object);
3066 s = tmp;
3067 }
3068 ln = strlen(s);
3069
3070 l += 1 + ln + 1 + ne->value->length;
3071 if (l > out->size)
3072 return -1;
3073 out->len = l;
3074
3075 *(p++)='/';
3076 memcpy(p, s, ln);
3077 p += ln;
3078 *(p++)='=';
3079 memcpy(p, ne->value->data, ne->value->length);
3080 p += ne->value->length;
3081 }
3082
3083 if (!out->len)
3084 return 0;
3085
3086 return 1;
3087}
3088
David Safb76832014-05-08 23:42:08 -04003089char *ssl_sock_get_version(struct connection *conn)
3090{
3091 if (!ssl_sock_is_ssl(conn))
3092 return NULL;
3093
3094 return (char *)SSL_get_version(conn->xprt_ctx);
3095}
3096
Emeric Brun0abf8362014-06-24 18:26:41 +02003097/* Extract peer certificate's common name into the chunk dest
3098 * Returns
3099 * the len of the extracted common name
3100 * or 0 if no CN found in DN
3101 * or -1 on error case (i.e. no peer certificate)
3102 */
3103int ssl_sock_get_remote_common_name(struct connection *conn, struct chunk *dest)
David Safb76832014-05-08 23:42:08 -04003104{
3105 X509 *crt = NULL;
3106 X509_NAME *name;
David Safb76832014-05-08 23:42:08 -04003107 const char find_cn[] = "CN";
3108 const struct chunk find_cn_chunk = {
3109 .str = (char *)&find_cn,
3110 .len = sizeof(find_cn)-1
3111 };
Emeric Brun0abf8362014-06-24 18:26:41 +02003112 int result = -1;
David Safb76832014-05-08 23:42:08 -04003113
3114 if (!ssl_sock_is_ssl(conn))
Emeric Brun0abf8362014-06-24 18:26:41 +02003115 goto out;
David Safb76832014-05-08 23:42:08 -04003116
3117 /* SSL_get_peer_certificate, it increase X509 * ref count */
3118 crt = SSL_get_peer_certificate(conn->xprt_ctx);
3119 if (!crt)
3120 goto out;
3121
3122 name = X509_get_subject_name(crt);
3123 if (!name)
3124 goto out;
David Safb76832014-05-08 23:42:08 -04003125
Emeric Brun0abf8362014-06-24 18:26:41 +02003126 result = ssl_sock_get_dn_entry(name, &find_cn_chunk, 1, dest);
3127out:
David Safb76832014-05-08 23:42:08 -04003128 if (crt)
3129 X509_free(crt);
3130
3131 return result;
3132}
3133
Dave McCowan328fb582014-07-30 10:39:13 -04003134/* returns 1 if client passed a certificate for this session, 0 if not */
3135int ssl_sock_get_cert_used_sess(struct connection *conn)
3136{
3137 X509 *crt = NULL;
3138
3139 if (!ssl_sock_is_ssl(conn))
3140 return 0;
3141
3142 /* SSL_get_peer_certificate, it increase X509 * ref count */
3143 crt = SSL_get_peer_certificate(conn->xprt_ctx);
3144 if (!crt)
3145 return 0;
3146
3147 X509_free(crt);
3148 return 1;
3149}
3150
3151/* returns 1 if client passed a certificate for this connection, 0 if not */
3152int ssl_sock_get_cert_used_conn(struct connection *conn)
David Safb76832014-05-08 23:42:08 -04003153{
3154 if (!ssl_sock_is_ssl(conn))
3155 return 0;
3156
3157 return SSL_SOCK_ST_FL_VERIFY_DONE & conn->xprt_st ? 1 : 0;
3158}
3159
3160/* returns result from SSL verify */
3161unsigned int ssl_sock_get_verify_result(struct connection *conn)
3162{
3163 if (!ssl_sock_is_ssl(conn))
3164 return (unsigned int)X509_V_ERR_APPLICATION_VERIFICATION;
3165
3166 return (unsigned int)SSL_get_verify_result(conn->xprt_ctx);
3167}
3168
Willy Tarreau7875d092012-09-10 08:20:03 +02003169/***** Below are some sample fetching functions for ACL/patterns *****/
3170
Emeric Brune64aef12012-09-21 13:15:06 +02003171/* boolean, returns true if client cert was present */
3172static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003173smp_fetch_ssl_fc_has_crt(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brune64aef12012-09-21 13:15:06 +02003174{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003175 struct connection *conn;
3176
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003177 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003178 if (!conn || conn->xprt != &ssl_sock)
Emeric Brune64aef12012-09-21 13:15:06 +02003179 return 0;
3180
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003181 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brune64aef12012-09-21 13:15:06 +02003182 smp->flags |= SMP_F_MAY_CHANGE;
3183 return 0;
3184 }
3185
3186 smp->flags = 0;
3187 smp->type = SMP_T_BOOL;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003188 smp->data.uint = SSL_SOCK_ST_FL_VERIFY_DONE & conn->xprt_st ? 1 : 0;
Emeric Brune64aef12012-09-21 13:15:06 +02003189
3190 return 1;
3191}
3192
Emeric Brun43e79582014-10-29 19:03:26 +01003193/* binary, returns a certificate in a binary chunk (der/raw).
3194 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3195 * should be use.
3196 */
3197static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003198smp_fetch_ssl_x_der(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun43e79582014-10-29 19:03:26 +01003199{
3200 int cert_peer = (kw[4] == 'c') ? 1 : 0;
3201 X509 *crt = NULL;
3202 int ret = 0;
3203 struct chunk *smp_trash;
3204 struct connection *conn;
3205
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003206 conn = objt_conn(smp->sess->origin);
Emeric Brun43e79582014-10-29 19:03:26 +01003207 if (!conn || conn->xprt != &ssl_sock)
3208 return 0;
3209
3210 if (!(conn->flags & CO_FL_CONNECTED)) {
3211 smp->flags |= SMP_F_MAY_CHANGE;
3212 return 0;
3213 }
3214
3215 if (cert_peer)
3216 crt = SSL_get_peer_certificate(conn->xprt_ctx);
3217 else
3218 crt = SSL_get_certificate(conn->xprt_ctx);
3219
3220 if (!crt)
3221 goto out;
3222
3223 smp_trash = get_trash_chunk();
3224 if (ssl_sock_crt2der(crt, smp_trash) <= 0)
3225 goto out;
3226
3227 smp->data.str = *smp_trash;
3228 smp->type = SMP_T_BIN;
3229 ret = 1;
3230out:
3231 /* SSL_get_peer_certificate, it increase X509 * ref count */
3232 if (cert_peer && crt)
3233 X509_free(crt);
3234 return ret;
3235}
3236
Emeric Brunba841a12014-04-30 17:05:08 +02003237/* binary, returns serial of certificate in a binary chunk.
3238 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3239 * should be use.
3240 */
Willy Tarreau8d598402012-10-22 17:58:39 +02003241static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003242smp_fetch_ssl_x_serial(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau8d598402012-10-22 17:58:39 +02003243{
Emeric Brunba841a12014-04-30 17:05:08 +02003244 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Willy Tarreau8d598402012-10-22 17:58:39 +02003245 X509 *crt = NULL;
3246 int ret = 0;
3247 struct chunk *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003248 struct connection *conn;
3249
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003250 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003251 if (!conn || conn->xprt != &ssl_sock)
Willy Tarreau8d598402012-10-22 17:58:39 +02003252 return 0;
3253
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003254 if (!(conn->flags & CO_FL_CONNECTED)) {
Willy Tarreau8d598402012-10-22 17:58:39 +02003255 smp->flags |= SMP_F_MAY_CHANGE;
3256 return 0;
3257 }
3258
Emeric Brunba841a12014-04-30 17:05:08 +02003259 if (cert_peer)
3260 crt = SSL_get_peer_certificate(conn->xprt_ctx);
3261 else
3262 crt = SSL_get_certificate(conn->xprt_ctx);
3263
Willy Tarreau8d598402012-10-22 17:58:39 +02003264 if (!crt)
3265 goto out;
3266
Willy Tarreau47ca5452012-12-23 20:22:19 +01003267 smp_trash = get_trash_chunk();
Willy Tarreau8d598402012-10-22 17:58:39 +02003268 if (ssl_sock_get_serial(crt, smp_trash) <= 0)
3269 goto out;
3270
3271 smp->data.str = *smp_trash;
3272 smp->type = SMP_T_BIN;
3273 ret = 1;
3274out:
Emeric Brunba841a12014-04-30 17:05:08 +02003275 /* SSL_get_peer_certificate, it increase X509 * ref count */
3276 if (cert_peer && crt)
Willy Tarreau8d598402012-10-22 17:58:39 +02003277 X509_free(crt);
3278 return ret;
3279}
Emeric Brune64aef12012-09-21 13:15:06 +02003280
Emeric Brunba841a12014-04-30 17:05:08 +02003281/* binary, returns the client certificate's SHA-1 fingerprint (SHA-1 hash of DER-encoded certificate) in a binary chunk.
3282 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3283 * should be use.
3284 */
James Votha051b4a2013-05-14 20:37:59 +02003285static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003286smp_fetch_ssl_x_sha1(const struct arg *args, struct sample *smp, const char *kw, void *private)
James Votha051b4a2013-05-14 20:37:59 +02003287{
Emeric Brunba841a12014-04-30 17:05:08 +02003288 int cert_peer = (kw[4] == 'c') ? 1 : 0;
James Votha051b4a2013-05-14 20:37:59 +02003289 X509 *crt = NULL;
3290 const EVP_MD *digest;
3291 int ret = 0;
3292 struct chunk *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003293 struct connection *conn;
James Votha051b4a2013-05-14 20:37:59 +02003294
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003295 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003296 if (!conn || conn->xprt != &ssl_sock)
3297 return 0;
3298
3299 if (!(conn->flags & CO_FL_CONNECTED)) {
James Votha051b4a2013-05-14 20:37:59 +02003300 smp->flags |= SMP_F_MAY_CHANGE;
3301 return 0;
3302 }
3303
Emeric Brunba841a12014-04-30 17:05:08 +02003304 if (cert_peer)
3305 crt = SSL_get_peer_certificate(conn->xprt_ctx);
3306 else
3307 crt = SSL_get_certificate(conn->xprt_ctx);
James Votha051b4a2013-05-14 20:37:59 +02003308 if (!crt)
3309 goto out;
3310
3311 smp_trash = get_trash_chunk();
3312 digest = EVP_sha1();
3313 X509_digest(crt, digest, (unsigned char *)smp_trash->str, (unsigned int *)&smp_trash->len);
3314
3315 smp->data.str = *smp_trash;
3316 smp->type = SMP_T_BIN;
3317 ret = 1;
3318out:
Emeric Brunba841a12014-04-30 17:05:08 +02003319 /* SSL_get_peer_certificate, it increase X509 * ref count */
3320 if (cert_peer && crt)
James Votha051b4a2013-05-14 20:37:59 +02003321 X509_free(crt);
3322 return ret;
3323}
3324
Emeric Brunba841a12014-04-30 17:05:08 +02003325/* string, returns certificate's notafter date in ASN1_UTCTIME format.
3326 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3327 * should be use.
3328 */
Emeric Brunce5ad802012-10-22 14:11:22 +02003329static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003330smp_fetch_ssl_x_notafter(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunce5ad802012-10-22 14:11:22 +02003331{
Emeric Brunba841a12014-04-30 17:05:08 +02003332 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brunce5ad802012-10-22 14:11:22 +02003333 X509 *crt = NULL;
3334 int ret = 0;
3335 struct chunk *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003336 struct connection *conn;
Emeric Brunce5ad802012-10-22 14:11:22 +02003337
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003338 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003339 if (!conn || conn->xprt != &ssl_sock)
3340 return 0;
3341
3342 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brunce5ad802012-10-22 14:11:22 +02003343 smp->flags |= SMP_F_MAY_CHANGE;
3344 return 0;
3345 }
3346
Emeric Brunba841a12014-04-30 17:05:08 +02003347 if (cert_peer)
3348 crt = SSL_get_peer_certificate(conn->xprt_ctx);
3349 else
3350 crt = SSL_get_certificate(conn->xprt_ctx);
Emeric Brunce5ad802012-10-22 14:11:22 +02003351 if (!crt)
3352 goto out;
3353
Willy Tarreau47ca5452012-12-23 20:22:19 +01003354 smp_trash = get_trash_chunk();
Emeric Brunce5ad802012-10-22 14:11:22 +02003355 if (ssl_sock_get_time(X509_get_notAfter(crt), smp_trash) <= 0)
3356 goto out;
3357
3358 smp->data.str = *smp_trash;
3359 smp->type = SMP_T_STR;
3360 ret = 1;
3361out:
Emeric Brunba841a12014-04-30 17:05:08 +02003362 /* SSL_get_peer_certificate, it increase X509 * ref count */
3363 if (cert_peer && crt)
Emeric Brunce5ad802012-10-22 14:11:22 +02003364 X509_free(crt);
3365 return ret;
3366}
3367
Emeric Brunba841a12014-04-30 17:05:08 +02003368/* string, returns a string of a formatted full dn \C=..\O=..\OU=.. \CN=.. of certificate's issuer
3369 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3370 * should be use.
3371 */
Emeric Brun87855892012-10-17 17:39:35 +02003372static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003373smp_fetch_ssl_x_i_dn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun87855892012-10-17 17:39:35 +02003374{
Emeric Brunba841a12014-04-30 17:05:08 +02003375 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun87855892012-10-17 17:39:35 +02003376 X509 *crt = NULL;
3377 X509_NAME *name;
3378 int ret = 0;
3379 struct chunk *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003380 struct connection *conn;
Emeric Brun87855892012-10-17 17:39:35 +02003381
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003382 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003383 if (!conn || conn->xprt != &ssl_sock)
3384 return 0;
3385
3386 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brun87855892012-10-17 17:39:35 +02003387 smp->flags |= SMP_F_MAY_CHANGE;
3388 return 0;
3389 }
3390
Emeric Brunba841a12014-04-30 17:05:08 +02003391 if (cert_peer)
3392 crt = SSL_get_peer_certificate(conn->xprt_ctx);
3393 else
3394 crt = SSL_get_certificate(conn->xprt_ctx);
Emeric Brun87855892012-10-17 17:39:35 +02003395 if (!crt)
3396 goto out;
3397
3398 name = X509_get_issuer_name(crt);
3399 if (!name)
3400 goto out;
3401
Willy Tarreau47ca5452012-12-23 20:22:19 +01003402 smp_trash = get_trash_chunk();
Emeric Brun87855892012-10-17 17:39:35 +02003403 if (args && args[0].type == ARGT_STR) {
3404 int pos = 1;
3405
3406 if (args[1].type == ARGT_SINT)
3407 pos = args[1].data.sint;
3408 else if (args[1].type == ARGT_UINT)
3409 pos =(int)args[1].data.uint;
3410
3411 if (ssl_sock_get_dn_entry(name, &args[0].data.str, pos, smp_trash) <= 0)
3412 goto out;
3413 }
3414 else if (ssl_sock_get_dn_oneline(name, smp_trash) <= 0)
3415 goto out;
3416
3417 smp->type = SMP_T_STR;
3418 smp->data.str = *smp_trash;
3419 ret = 1;
3420out:
Emeric Brunba841a12014-04-30 17:05:08 +02003421 /* SSL_get_peer_certificate, it increase X509 * ref count */
3422 if (cert_peer && crt)
Emeric Brun87855892012-10-17 17:39:35 +02003423 X509_free(crt);
3424 return ret;
3425}
3426
Emeric Brunba841a12014-04-30 17:05:08 +02003427/* string, returns notbefore date in ASN1_UTCTIME format.
3428 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3429 * should be use.
3430 */
Emeric Brunce5ad802012-10-22 14:11:22 +02003431static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003432smp_fetch_ssl_x_notbefore(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunce5ad802012-10-22 14:11:22 +02003433{
Emeric Brunba841a12014-04-30 17:05:08 +02003434 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brunce5ad802012-10-22 14:11:22 +02003435 X509 *crt = NULL;
3436 int ret = 0;
3437 struct chunk *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003438 struct connection *conn;
3439
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003440 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003441 if (!conn || conn->xprt != &ssl_sock)
Emeric Brunce5ad802012-10-22 14:11:22 +02003442 return 0;
3443
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003444 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brunce5ad802012-10-22 14:11:22 +02003445 smp->flags |= SMP_F_MAY_CHANGE;
3446 return 0;
3447 }
3448
Emeric Brunba841a12014-04-30 17:05:08 +02003449 if (cert_peer)
3450 crt = SSL_get_peer_certificate(conn->xprt_ctx);
3451 else
3452 crt = SSL_get_certificate(conn->xprt_ctx);
Emeric Brunce5ad802012-10-22 14:11:22 +02003453 if (!crt)
3454 goto out;
3455
Willy Tarreau47ca5452012-12-23 20:22:19 +01003456 smp_trash = get_trash_chunk();
Emeric Brunce5ad802012-10-22 14:11:22 +02003457 if (ssl_sock_get_time(X509_get_notBefore(crt), smp_trash) <= 0)
3458 goto out;
3459
3460 smp->data.str = *smp_trash;
3461 smp->type = SMP_T_STR;
3462 ret = 1;
3463out:
Emeric Brunba841a12014-04-30 17:05:08 +02003464 /* SSL_get_peer_certificate, it increase X509 * ref count */
3465 if (cert_peer && crt)
Emeric Brunce5ad802012-10-22 14:11:22 +02003466 X509_free(crt);
3467 return ret;
3468}
3469
Emeric Brunba841a12014-04-30 17:05:08 +02003470/* string, returns a string of a formatted full dn \C=..\O=..\OU=.. \CN=.. of certificate's subject
3471 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3472 * should be use.
3473 */
Emeric Brun87855892012-10-17 17:39:35 +02003474static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003475smp_fetch_ssl_x_s_dn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun87855892012-10-17 17:39:35 +02003476{
Emeric Brunba841a12014-04-30 17:05:08 +02003477 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun87855892012-10-17 17:39:35 +02003478 X509 *crt = NULL;
3479 X509_NAME *name;
3480 int ret = 0;
3481 struct chunk *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003482 struct connection *conn;
Emeric Brun87855892012-10-17 17:39:35 +02003483
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003484 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003485 if (!conn || conn->xprt != &ssl_sock)
3486 return 0;
3487
3488 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brun87855892012-10-17 17:39:35 +02003489 smp->flags |= SMP_F_MAY_CHANGE;
3490 return 0;
3491 }
3492
Emeric Brunba841a12014-04-30 17:05:08 +02003493 if (cert_peer)
3494 crt = SSL_get_peer_certificate(conn->xprt_ctx);
3495 else
3496 crt = SSL_get_certificate(conn->xprt_ctx);
Emeric Brun87855892012-10-17 17:39:35 +02003497 if (!crt)
3498 goto out;
3499
3500 name = X509_get_subject_name(crt);
3501 if (!name)
3502 goto out;
3503
Willy Tarreau47ca5452012-12-23 20:22:19 +01003504 smp_trash = get_trash_chunk();
Emeric Brun87855892012-10-17 17:39:35 +02003505 if (args && args[0].type == ARGT_STR) {
3506 int pos = 1;
3507
3508 if (args[1].type == ARGT_SINT)
3509 pos = args[1].data.sint;
3510 else if (args[1].type == ARGT_UINT)
3511 pos =(int)args[1].data.uint;
3512
3513 if (ssl_sock_get_dn_entry(name, &args[0].data.str, pos, smp_trash) <= 0)
3514 goto out;
3515 }
3516 else if (ssl_sock_get_dn_oneline(name, smp_trash) <= 0)
3517 goto out;
3518
3519 smp->type = SMP_T_STR;
3520 smp->data.str = *smp_trash;
3521 ret = 1;
3522out:
Emeric Brunba841a12014-04-30 17:05:08 +02003523 /* SSL_get_peer_certificate, it increase X509 * ref count */
3524 if (cert_peer && crt)
Emeric Brun87855892012-10-17 17:39:35 +02003525 X509_free(crt);
3526 return ret;
3527}
Emeric Brun9143d372012-12-20 15:44:16 +01003528
3529/* integer, returns true if current session use a client certificate */
3530static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003531smp_fetch_ssl_c_used(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun9143d372012-12-20 15:44:16 +01003532{
3533 X509 *crt;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003534 struct connection *conn;
Emeric Brun9143d372012-12-20 15:44:16 +01003535
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003536 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003537 if (!conn || conn->xprt != &ssl_sock)
3538 return 0;
3539
3540 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brun9143d372012-12-20 15:44:16 +01003541 smp->flags |= SMP_F_MAY_CHANGE;
3542 return 0;
3543 }
3544
3545 /* SSL_get_peer_certificate returns a ptr on allocated X509 struct */
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003546 crt = SSL_get_peer_certificate(conn->xprt_ctx);
Emeric Brun9143d372012-12-20 15:44:16 +01003547 if (crt) {
3548 X509_free(crt);
3549 }
3550
3551 smp->type = SMP_T_BOOL;
3552 smp->data.uint = (crt != NULL);
3553 return 1;
3554}
3555
Emeric Brunba841a12014-04-30 17:05:08 +02003556/* integer, returns the certificate version
3557 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3558 * should be use.
3559 */
Emeric Bruna7359fd2012-10-17 15:03:11 +02003560static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003561smp_fetch_ssl_x_version(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Bruna7359fd2012-10-17 15:03:11 +02003562{
Emeric Brunba841a12014-04-30 17:05:08 +02003563 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Bruna7359fd2012-10-17 15:03:11 +02003564 X509 *crt;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003565 struct connection *conn;
3566
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003567 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003568 if (!conn || conn->xprt != &ssl_sock)
Emeric Bruna7359fd2012-10-17 15:03:11 +02003569 return 0;
3570
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003571 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Bruna7359fd2012-10-17 15:03:11 +02003572 smp->flags |= SMP_F_MAY_CHANGE;
3573 return 0;
3574 }
3575
Emeric Brunba841a12014-04-30 17:05:08 +02003576 if (cert_peer)
3577 crt = SSL_get_peer_certificate(conn->xprt_ctx);
3578 else
3579 crt = SSL_get_certificate(conn->xprt_ctx);
Emeric Bruna7359fd2012-10-17 15:03:11 +02003580 if (!crt)
3581 return 0;
3582
3583 smp->data.uint = (unsigned int)(1 + X509_get_version(crt));
Emeric Brunba841a12014-04-30 17:05:08 +02003584 /* SSL_get_peer_certificate increase X509 * ref count */
3585 if (cert_peer)
3586 X509_free(crt);
Emeric Bruna7359fd2012-10-17 15:03:11 +02003587 smp->type = SMP_T_UINT;
3588
3589 return 1;
3590}
3591
Emeric Brunba841a12014-04-30 17:05:08 +02003592/* string, returns the certificate's signature algorithm.
3593 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3594 * should be use.
3595 */
Emeric Brun7f56e742012-10-19 18:15:40 +02003596static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003597smp_fetch_ssl_x_sig_alg(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun7f56e742012-10-19 18:15:40 +02003598{
Emeric Brunba841a12014-04-30 17:05:08 +02003599 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun7f56e742012-10-19 18:15:40 +02003600 X509 *crt;
3601 int nid;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003602 struct connection *conn;
Emeric Brun7f56e742012-10-19 18:15:40 +02003603
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003604 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003605 if (!conn || conn->xprt != &ssl_sock)
3606 return 0;
3607
3608 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brun7f56e742012-10-19 18:15:40 +02003609 smp->flags |= SMP_F_MAY_CHANGE;
3610 return 0;
3611 }
3612
Emeric Brunba841a12014-04-30 17:05:08 +02003613 if (cert_peer)
3614 crt = SSL_get_peer_certificate(conn->xprt_ctx);
3615 else
3616 crt = SSL_get_certificate(conn->xprt_ctx);
Emeric Brun7f56e742012-10-19 18:15:40 +02003617 if (!crt)
3618 return 0;
3619
3620 nid = OBJ_obj2nid((ASN1_OBJECT *)(crt->cert_info->signature->algorithm));
3621
3622 smp->data.str.str = (char *)OBJ_nid2sn(nid);
Emeric Brun9bf3ba22013-10-07 14:31:44 +02003623 if (!smp->data.str.str) {
Emeric Brunba841a12014-04-30 17:05:08 +02003624 /* SSL_get_peer_certificate increase X509 * ref count */
3625 if (cert_peer)
3626 X509_free(crt);
Emeric Brun7f56e742012-10-19 18:15:40 +02003627 return 0;
Emeric Brun9bf3ba22013-10-07 14:31:44 +02003628 }
Emeric Brun7f56e742012-10-19 18:15:40 +02003629
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01003630 smp->type = SMP_T_STR;
3631 smp->flags |= SMP_F_CONST;
Emeric Brun7f56e742012-10-19 18:15:40 +02003632 smp->data.str.len = strlen(smp->data.str.str);
Emeric Brunba841a12014-04-30 17:05:08 +02003633 /* SSL_get_peer_certificate increase X509 * ref count */
3634 if (cert_peer)
3635 X509_free(crt);
Emeric Brun7f56e742012-10-19 18:15:40 +02003636
3637 return 1;
3638}
3639
Emeric Brunba841a12014-04-30 17:05:08 +02003640/* string, returns the certificate's key algorithm.
3641 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
3642 * should be use.
3643 */
Emeric Brun521a0112012-10-22 12:22:55 +02003644static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003645smp_fetch_ssl_x_key_alg(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun521a0112012-10-22 12:22:55 +02003646{
Emeric Brunba841a12014-04-30 17:05:08 +02003647 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun521a0112012-10-22 12:22:55 +02003648 X509 *crt;
3649 int nid;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003650 struct connection *conn;
Emeric Brun521a0112012-10-22 12:22:55 +02003651
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003652 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003653 if (!conn || conn->xprt != &ssl_sock)
3654 return 0;
3655
3656 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brun521a0112012-10-22 12:22:55 +02003657 smp->flags |= SMP_F_MAY_CHANGE;
3658 return 0;
3659 }
3660
Emeric Brunba841a12014-04-30 17:05:08 +02003661 if (cert_peer)
3662 crt = SSL_get_peer_certificate(conn->xprt_ctx);
3663 else
3664 crt = SSL_get_certificate(conn->xprt_ctx);
Emeric Brun521a0112012-10-22 12:22:55 +02003665 if (!crt)
3666 return 0;
3667
3668 nid = OBJ_obj2nid((ASN1_OBJECT *)(crt->cert_info->key->algor->algorithm));
3669
3670 smp->data.str.str = (char *)OBJ_nid2sn(nid);
Emeric Brun9bf3ba22013-10-07 14:31:44 +02003671 if (!smp->data.str.str) {
Emeric Brunba841a12014-04-30 17:05:08 +02003672 /* SSL_get_peer_certificate increase X509 * ref count */
3673 if (cert_peer)
3674 X509_free(crt);
Emeric Brun521a0112012-10-22 12:22:55 +02003675 return 0;
Emeric Brun9bf3ba22013-10-07 14:31:44 +02003676 }
Emeric Brun521a0112012-10-22 12:22:55 +02003677
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01003678 smp->type = SMP_T_STR;
3679 smp->flags |= SMP_F_CONST;
Emeric Brun521a0112012-10-22 12:22:55 +02003680 smp->data.str.len = strlen(smp->data.str.str);
Emeric Brunba841a12014-04-30 17:05:08 +02003681 if (cert_peer)
3682 X509_free(crt);
Emeric Brun521a0112012-10-22 12:22:55 +02003683
3684 return 1;
3685}
3686
Emeric Brun645ae792014-04-30 14:21:06 +02003687/* boolean, returns true if front conn. transport layer is SSL.
3688 * This function is also usable on backend conn if the fetch keyword 5th
3689 * char is 'b'.
3690 */
Willy Tarreau7875d092012-09-10 08:20:03 +02003691static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003692smp_fetch_ssl_fc(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau7875d092012-09-10 08:20:03 +02003693{
Emeric Brun645ae792014-04-30 14:21:06 +02003694 int back_conn = (kw[4] == 'b') ? 1 : 0;
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003695 struct connection *conn = objt_conn(smp->strm->si[back_conn].end);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003696
Willy Tarreau7875d092012-09-10 08:20:03 +02003697 smp->type = SMP_T_BOOL;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003698 smp->data.uint = (conn && conn->xprt == &ssl_sock);
Willy Tarreau7875d092012-09-10 08:20:03 +02003699 return 1;
3700}
3701
Emeric Brun2525b6b2012-10-18 15:59:43 +02003702/* boolean, returns true if client present a SNI */
Willy Tarreau7875d092012-09-10 08:20:03 +02003703static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003704smp_fetch_ssl_fc_has_sni(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau7875d092012-09-10 08:20:03 +02003705{
3706#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003707 struct connection *conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003708
Willy Tarreau7875d092012-09-10 08:20:03 +02003709 smp->type = SMP_T_BOOL;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003710 smp->data.uint = (conn && conn->xprt == &ssl_sock) &&
3711 conn->xprt_ctx &&
3712 SSL_get_servername(conn->xprt_ctx, TLSEXT_NAMETYPE_host_name) != NULL;
Willy Tarreau7875d092012-09-10 08:20:03 +02003713 return 1;
3714#else
3715 return 0;
3716#endif
3717}
3718
Nenad Merdanovic26ea8222015-05-18 02:28:57 +02003719/* boolean, returns true if client session has been resumed */
3720static int
3721smp_fetch_ssl_fc_is_resumed(const struct arg *args, struct sample *smp, const char *kw, void *private)
3722{
3723 struct connection *conn = objt_conn(smp->sess->origin);
3724
3725 smp->type = SMP_T_BOOL;
3726 smp->data.uint = (conn && conn->xprt == &ssl_sock) &&
3727 conn->xprt_ctx &&
3728 SSL_session_reused(conn->xprt_ctx);
3729 return 1;
3730}
3731
Emeric Brun645ae792014-04-30 14:21:06 +02003732/* string, returns the used cipher if front conn. transport layer is SSL.
3733 * This function is also usable on backend conn if the fetch keyword 5th
3734 * char is 'b'.
3735 */
Emeric Brun589fcad2012-10-16 14:13:26 +02003736static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003737smp_fetch_ssl_fc_cipher(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02003738{
Emeric Brun645ae792014-04-30 14:21:06 +02003739 int back_conn = (kw[4] == 'b') ? 1 : 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003740 struct connection *conn;
3741
Emeric Brun589fcad2012-10-16 14:13:26 +02003742 smp->flags = 0;
3743
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003744 conn = objt_conn(smp->strm->si[back_conn].end);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003745 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
Emeric Brun589fcad2012-10-16 14:13:26 +02003746 return 0;
3747
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003748 smp->data.str.str = (char *)SSL_get_cipher_name(conn->xprt_ctx);
Emeric Brun589fcad2012-10-16 14:13:26 +02003749 if (!smp->data.str.str)
3750 return 0;
3751
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01003752 smp->type = SMP_T_STR;
3753 smp->flags |= SMP_F_CONST;
Emeric Brun589fcad2012-10-16 14:13:26 +02003754 smp->data.str.len = strlen(smp->data.str.str);
3755
3756 return 1;
3757}
3758
Emeric Brun645ae792014-04-30 14:21:06 +02003759/* integer, returns the algoritm's keysize if front conn. transport layer
3760 * is SSL.
3761 * This function is also usable on backend conn if the fetch keyword 5th
3762 * char is 'b'.
3763 */
Emeric Brun589fcad2012-10-16 14:13:26 +02003764static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003765smp_fetch_ssl_fc_alg_keysize(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02003766{
Emeric Brun645ae792014-04-30 14:21:06 +02003767 int back_conn = (kw[4] == 'b') ? 1 : 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003768 struct connection *conn;
3769
Emeric Brun589fcad2012-10-16 14:13:26 +02003770 smp->flags = 0;
3771
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003772 conn = objt_conn(smp->strm->si[back_conn].end);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003773 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
Emeric Brun589fcad2012-10-16 14:13:26 +02003774 return 0;
3775
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003776 if (!SSL_get_cipher_bits(conn->xprt_ctx, (int *)&smp->data.uint))
3777 return 0;
3778
Emeric Brun589fcad2012-10-16 14:13:26 +02003779 smp->type = SMP_T_UINT;
3780
3781 return 1;
3782}
3783
Emeric Brun645ae792014-04-30 14:21:06 +02003784/* integer, returns the used keysize if front conn. transport layer is SSL.
3785 * This function is also usable on backend conn if the fetch keyword 5th
3786 * char is 'b'.
3787 */
Emeric Brun589fcad2012-10-16 14:13:26 +02003788static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003789smp_fetch_ssl_fc_use_keysize(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02003790{
Emeric Brun645ae792014-04-30 14:21:06 +02003791 int back_conn = (kw[4] == 'b') ? 1 : 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003792 struct connection *conn;
3793
Emeric Brun589fcad2012-10-16 14:13:26 +02003794 smp->flags = 0;
3795
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003796 conn = objt_conn(smp->strm->si[back_conn].end);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003797 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3798 return 0;
3799
3800 smp->data.uint = (unsigned int)SSL_get_cipher_bits(conn->xprt_ctx, NULL);
Emeric Brun589fcad2012-10-16 14:13:26 +02003801 if (!smp->data.uint)
3802 return 0;
3803
3804 smp->type = SMP_T_UINT;
3805
3806 return 1;
3807}
3808
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02003809#ifdef OPENSSL_NPN_NEGOTIATED
Willy Tarreau7875d092012-09-10 08:20:03 +02003810static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003811smp_fetch_ssl_fc_npn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreaua33c6542012-10-15 13:19:06 +02003812{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003813 struct connection *conn;
3814
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01003815 smp->flags = SMP_F_CONST;
3816 smp->type = SMP_T_STR;
Willy Tarreaua33c6542012-10-15 13:19:06 +02003817
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003818 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003819 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3820 return 0;
3821
Willy Tarreaua33c6542012-10-15 13:19:06 +02003822 smp->data.str.str = NULL;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003823 SSL_get0_next_proto_negotiated(conn->xprt_ctx,
Willy Tarreaua33c6542012-10-15 13:19:06 +02003824 (const unsigned char **)&smp->data.str.str, (unsigned *)&smp->data.str.len);
3825
3826 if (!smp->data.str.str)
3827 return 0;
3828
3829 return 1;
Willy Tarreaua33c6542012-10-15 13:19:06 +02003830}
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02003831#endif
Willy Tarreaua33c6542012-10-15 13:19:06 +02003832
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01003833#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Willy Tarreauab861d32013-04-02 02:30:41 +02003834static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003835smp_fetch_ssl_fc_alpn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreauab861d32013-04-02 02:30:41 +02003836{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003837 struct connection *conn;
3838
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01003839 smp->flags = SMP_F_CONST;
3840 smp->type = SMP_T_STR;
Willy Tarreauab861d32013-04-02 02:30:41 +02003841
Willy Tarreaue26bf052015-05-12 10:30:12 +02003842 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003843 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
Willy Tarreauab861d32013-04-02 02:30:41 +02003844 return 0;
3845
3846 smp->data.str.str = NULL;
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01003847 SSL_get0_alpn_selected(conn->xprt_ctx,
Willy Tarreauab861d32013-04-02 02:30:41 +02003848 (const unsigned char **)&smp->data.str.str, (unsigned *)&smp->data.str.len);
3849
3850 if (!smp->data.str.str)
3851 return 0;
3852
3853 return 1;
3854}
3855#endif
3856
Emeric Brun645ae792014-04-30 14:21:06 +02003857/* string, returns the used protocol if front conn. transport layer is SSL.
3858 * This function is also usable on backend conn if the fetch keyword 5th
3859 * char is 'b'.
3860 */
Willy Tarreaua33c6542012-10-15 13:19:06 +02003861static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003862smp_fetch_ssl_fc_protocol(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02003863{
Emeric Brun645ae792014-04-30 14:21:06 +02003864 int back_conn = (kw[4] == 'b') ? 1 : 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003865 struct connection *conn;
3866
Emeric Brun589fcad2012-10-16 14:13:26 +02003867 smp->flags = 0;
3868
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003869 conn = objt_conn(smp->strm->si[back_conn].end);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003870 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3871 return 0;
3872
3873 smp->data.str.str = (char *)SSL_get_version(conn->xprt_ctx);
Emeric Brun589fcad2012-10-16 14:13:26 +02003874 if (!smp->data.str.str)
3875 return 0;
3876
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01003877 smp->type = SMP_T_STR;
3878 smp->flags = SMP_F_CONST;
Emeric Brun589fcad2012-10-16 14:13:26 +02003879 smp->data.str.len = strlen(smp->data.str.str);
3880
3881 return 1;
3882}
3883
Willy Tarreau87b09662015-04-03 00:22:06 +02003884/* binary, returns the SSL stream id if front conn. transport layer is SSL.
Emeric Brun645ae792014-04-30 14:21:06 +02003885 * This function is also usable on backend conn if the fetch keyword 5th
3886 * char is 'b'.
3887 */
Emeric Brun589fcad2012-10-16 14:13:26 +02003888static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003889smp_fetch_ssl_fc_session_id(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunfe68f682012-10-16 14:59:28 +02003890{
3891#if OPENSSL_VERSION_NUMBER > 0x0090800fL
Emeric Brun645ae792014-04-30 14:21:06 +02003892 int back_conn = (kw[4] == 'b') ? 1 : 0;
Willy Tarreau192252e2015-04-04 01:47:55 +02003893 SSL_SESSION *ssl_sess;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003894 struct connection *conn;
Emeric Brunfe68f682012-10-16 14:59:28 +02003895
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01003896 smp->flags = SMP_F_CONST;
3897 smp->type = SMP_T_BIN;
Emeric Brunfe68f682012-10-16 14:59:28 +02003898
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003899 conn = objt_conn(smp->strm->si[back_conn].end);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003900 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3901 return 0;
3902
Willy Tarreau192252e2015-04-04 01:47:55 +02003903 ssl_sess = SSL_get_session(conn->xprt_ctx);
3904 if (!ssl_sess)
Emeric Brunfe68f682012-10-16 14:59:28 +02003905 return 0;
3906
Willy Tarreau192252e2015-04-04 01:47:55 +02003907 smp->data.str.str = (char *)SSL_SESSION_get_id(ssl_sess, (unsigned int *)&smp->data.str.len);
Emeric Brunfe68f682012-10-16 14:59:28 +02003908 if (!smp->data.str.str || !&smp->data.str.len)
3909 return 0;
3910
3911 return 1;
3912#else
3913 return 0;
3914#endif
3915}
3916
3917static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003918smp_fetch_ssl_fc_sni(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau7875d092012-09-10 08:20:03 +02003919{
3920#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003921 struct connection *conn;
3922
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01003923 smp->flags = SMP_F_CONST;
3924 smp->type = SMP_T_STR;
Willy Tarreau7875d092012-09-10 08:20:03 +02003925
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003926 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003927 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3928 return 0;
3929
3930 smp->data.str.str = (char *)SSL_get_servername(conn->xprt_ctx, TLSEXT_NAMETYPE_host_name);
Willy Tarreau3e394c92012-09-14 23:56:58 +02003931 if (!smp->data.str.str)
3932 return 0;
3933
Willy Tarreau7875d092012-09-10 08:20:03 +02003934 smp->data.str.len = strlen(smp->data.str.str);
3935 return 1;
3936#else
3937 return 0;
3938#endif
3939}
3940
David Sc1ad52e2014-04-08 18:48:47 -04003941static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003942smp_fetch_ssl_fc_unique_id(const struct arg *args, struct sample *smp, const char *kw, void *private)
David Sc1ad52e2014-04-08 18:48:47 -04003943{
3944#if OPENSSL_VERSION_NUMBER > 0x0090800fL
Emeric Brun645ae792014-04-30 14:21:06 +02003945 int back_conn = (kw[4] == 'b') ? 1 : 0;
David Sc1ad52e2014-04-08 18:48:47 -04003946 struct connection *conn;
3947 int finished_len;
David Sc1ad52e2014-04-08 18:48:47 -04003948 struct chunk *finished_trash;
David Sc1ad52e2014-04-08 18:48:47 -04003949
3950 smp->flags = 0;
3951
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003952 conn = objt_conn(smp->strm->si[back_conn].end);
David Sc1ad52e2014-04-08 18:48:47 -04003953 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
3954 return 0;
3955
3956 if (!(conn->flags & CO_FL_CONNECTED)) {
3957 smp->flags |= SMP_F_MAY_CHANGE;
3958 return 0;
3959 }
3960
3961 finished_trash = get_trash_chunk();
3962 if (!SSL_session_reused(conn->xprt_ctx))
3963 finished_len = SSL_get_peer_finished(conn->xprt_ctx, finished_trash->str, finished_trash->size);
3964 else
3965 finished_len = SSL_get_finished(conn->xprt_ctx, finished_trash->str, finished_trash->size);
3966
3967 if (!finished_len)
3968 return 0;
3969
Emeric Brunb73a9b02014-04-30 18:49:19 +02003970 finished_trash->len = finished_len;
3971 smp->data.str = *finished_trash;
3972 smp->type = SMP_T_BIN;
David Sc1ad52e2014-04-08 18:48:47 -04003973
3974 return 1;
3975#else
3976 return 0;
3977#endif
3978}
3979
Emeric Brun2525b6b2012-10-18 15:59:43 +02003980/* integer, returns the first verify error in CA chain of client certificate chain. */
Emeric Brunf282a812012-09-21 15:27:54 +02003981static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02003982smp_fetch_ssl_c_ca_err(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunf282a812012-09-21 15:27:54 +02003983{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003984 struct connection *conn;
3985
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02003986 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003987 if (!conn || conn->xprt != &ssl_sock)
3988 return 0;
3989
3990 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brunf282a812012-09-21 15:27:54 +02003991 smp->flags = SMP_F_MAY_CHANGE;
3992 return 0;
3993 }
3994
3995 smp->type = SMP_T_UINT;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02003996 smp->data.uint = (unsigned int)SSL_SOCK_ST_TO_CA_ERROR(conn->xprt_st);
Emeric Brunf282a812012-09-21 15:27:54 +02003997 smp->flags = 0;
3998
3999 return 1;
4000}
4001
Emeric Brun2525b6b2012-10-18 15:59:43 +02004002/* integer, returns the depth of the first verify error in CA chain of client certificate chain. */
Emeric Brunf282a812012-09-21 15:27:54 +02004003static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02004004smp_fetch_ssl_c_ca_err_depth(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunf282a812012-09-21 15:27:54 +02004005{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02004006 struct connection *conn;
4007
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02004008 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02004009 if (!conn || conn->xprt != &ssl_sock)
Emeric Brunf282a812012-09-21 15:27:54 +02004010 return 0;
4011
Willy Tarreaub363a1f2013-10-01 10:45:07 +02004012 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brunf282a812012-09-21 15:27:54 +02004013 smp->flags = SMP_F_MAY_CHANGE;
4014 return 0;
4015 }
4016
4017 smp->type = SMP_T_UINT;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02004018 smp->data.uint = (unsigned int)SSL_SOCK_ST_TO_CAEDEPTH(conn->xprt_st);
Emeric Brunf282a812012-09-21 15:27:54 +02004019 smp->flags = 0;
4020
4021 return 1;
4022}
4023
Emeric Brun2525b6b2012-10-18 15:59:43 +02004024/* integer, returns the first verify error on client certificate */
Emeric Brunf282a812012-09-21 15:27:54 +02004025static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02004026smp_fetch_ssl_c_err(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunf282a812012-09-21 15:27:54 +02004027{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02004028 struct connection *conn;
4029
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02004030 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02004031 if (!conn || conn->xprt != &ssl_sock)
4032 return 0;
4033
4034 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brunf282a812012-09-21 15:27:54 +02004035 smp->flags = SMP_F_MAY_CHANGE;
4036 return 0;
4037 }
4038
4039 smp->type = SMP_T_UINT;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02004040 smp->data.uint = (unsigned int)SSL_SOCK_ST_TO_CRTERROR(conn->xprt_st);
Emeric Brunf282a812012-09-21 15:27:54 +02004041 smp->flags = 0;
4042
4043 return 1;
4044}
4045
Emeric Brun2525b6b2012-10-18 15:59:43 +02004046/* integer, returns the verify result on client cert */
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02004047static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02004048smp_fetch_ssl_c_verify(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02004049{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02004050 struct connection *conn;
4051
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02004052 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02004053 if (!conn || conn->xprt != &ssl_sock)
4054 return 0;
4055
4056 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02004057 smp->flags = SMP_F_MAY_CHANGE;
4058 return 0;
4059 }
4060
Willy Tarreaub363a1f2013-10-01 10:45:07 +02004061 if (!conn->xprt_ctx)
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02004062 return 0;
4063
4064 smp->type = SMP_T_UINT;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02004065 smp->data.uint = (unsigned int)SSL_get_verify_result(conn->xprt_ctx);
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02004066 smp->flags = 0;
4067
4068 return 1;
4069}
4070
Emeric Brunfb510ea2012-10-05 12:00:26 +02004071/* parse the "ca-file" bind keyword */
4072static int bind_parse_ca_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Emeric Brund94b3fe2012-09-20 18:23:56 +02004073{
4074 if (!*args[cur_arg + 1]) {
4075 if (err)
4076 memprintf(err, "'%s' : missing CAfile path", args[cur_arg]);
4077 return ERR_ALERT | ERR_FATAL;
4078 }
4079
Emeric Brunef42d922012-10-11 16:11:36 +02004080 if ((*args[cur_arg + 1] != '/') && global.ca_base)
4081 memprintf(&conf->ca_file, "%s/%s", global.ca_base, args[cur_arg + 1]);
4082 else
4083 memprintf(&conf->ca_file, "%s", args[cur_arg + 1]);
Emeric Brunc8e8d122012-10-02 18:42:10 +02004084
Emeric Brund94b3fe2012-09-20 18:23:56 +02004085 return 0;
4086}
4087
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004088/* parse the "ciphers" bind keyword */
Willy Tarreau4348fad2012-09-20 16:48:07 +02004089static int bind_parse_ciphers(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004090{
4091 if (!*args[cur_arg + 1]) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +02004092 memprintf(err, "'%s' : missing cipher suite", args[cur_arg]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004093 return ERR_ALERT | ERR_FATAL;
4094 }
4095
Emeric Brun76d88952012-10-05 15:47:31 +02004096 free(conf->ciphers);
Willy Tarreau4348fad2012-09-20 16:48:07 +02004097 conf->ciphers = strdup(args[cur_arg + 1]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004098 return 0;
4099}
4100
4101/* parse the "crt" bind keyword */
Willy Tarreau4348fad2012-09-20 16:48:07 +02004102static int bind_parse_crt(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004103{
Willy Tarreau38011032013-08-13 16:59:39 +02004104 char path[MAXPATHLEN];
Willy Tarreaub75d6922014-04-14 18:05:41 +02004105
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004106 if (!*args[cur_arg + 1]) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +02004107 memprintf(err, "'%s' : missing certificate location", args[cur_arg]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004108 return ERR_ALERT | ERR_FATAL;
4109 }
4110
Emeric Brunc8e8d122012-10-02 18:42:10 +02004111 if ((*args[cur_arg + 1] != '/' ) && global.crt_base) {
Willy Tarreau38011032013-08-13 16:59:39 +02004112 if ((strlen(global.crt_base) + 1 + strlen(args[cur_arg + 1]) + 1) > MAXPATHLEN) {
Emeric Brunc8e8d122012-10-02 18:42:10 +02004113 memprintf(err, "'%s' : path too long", args[cur_arg]);
4114 return ERR_ALERT | ERR_FATAL;
4115 }
Willy Tarreaub75d6922014-04-14 18:05:41 +02004116 snprintf(path, sizeof(path), "%s/%s", global.crt_base, args[cur_arg + 1]);
Emeric Brunc8e8d122012-10-02 18:42:10 +02004117 if (ssl_sock_load_cert(path, conf, px, err) > 0)
4118 return ERR_ALERT | ERR_FATAL;
4119
4120 return 0;
4121 }
4122
Willy Tarreau4348fad2012-09-20 16:48:07 +02004123 if (ssl_sock_load_cert(args[cur_arg + 1], conf, px, err) > 0)
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004124 return ERR_ALERT | ERR_FATAL;
Emeric Brund94b3fe2012-09-20 18:23:56 +02004125
4126 return 0;
4127}
4128
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004129/* parse the "crt-list" bind keyword */
4130static int bind_parse_crt_list(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4131{
4132 if (!*args[cur_arg + 1]) {
4133 memprintf(err, "'%s' : missing certificate location", args[cur_arg]);
4134 return ERR_ALERT | ERR_FATAL;
4135 }
4136
Willy Tarreauad1731d2013-04-02 17:35:58 +02004137 if (ssl_sock_load_cert_list_file(args[cur_arg + 1], conf, px, err) > 0) {
4138 memprintf(err, "'%s' : %s", args[cur_arg], *err);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004139 return ERR_ALERT | ERR_FATAL;
Willy Tarreauad1731d2013-04-02 17:35:58 +02004140 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004141
4142 return 0;
4143}
4144
Emeric Brunfb510ea2012-10-05 12:00:26 +02004145/* parse the "crl-file" bind keyword */
4146static int bind_parse_crl_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Emeric Brund94b3fe2012-09-20 18:23:56 +02004147{
Emeric Brun051cdab2012-10-02 19:25:50 +02004148#ifndef X509_V_FLAG_CRL_CHECK
4149 if (err)
4150 memprintf(err, "'%s' : library does not support CRL verify", args[cur_arg]);
4151 return ERR_ALERT | ERR_FATAL;
4152#else
Emeric Brund94b3fe2012-09-20 18:23:56 +02004153 if (!*args[cur_arg + 1]) {
4154 if (err)
4155 memprintf(err, "'%s' : missing CRLfile path", args[cur_arg]);
4156 return ERR_ALERT | ERR_FATAL;
4157 }
Emeric Brun2b58d042012-09-20 17:10:03 +02004158
Emeric Brunef42d922012-10-11 16:11:36 +02004159 if ((*args[cur_arg + 1] != '/') && global.ca_base)
4160 memprintf(&conf->crl_file, "%s/%s", global.ca_base, args[cur_arg + 1]);
4161 else
4162 memprintf(&conf->crl_file, "%s", args[cur_arg + 1]);
Emeric Brunc8e8d122012-10-02 18:42:10 +02004163
Emeric Brun2b58d042012-09-20 17:10:03 +02004164 return 0;
Emeric Brun051cdab2012-10-02 19:25:50 +02004165#endif
Emeric Brun2b58d042012-09-20 17:10:03 +02004166}
4167
4168/* parse the "ecdhe" bind keyword keywords */
4169static int bind_parse_ecdhe(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4170{
4171#if OPENSSL_VERSION_NUMBER < 0x0090800fL
4172 if (err)
4173 memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (too old)", args[cur_arg]);
4174 return ERR_ALERT | ERR_FATAL;
4175#elif defined(OPENSSL_NO_ECDH)
4176 if (err)
4177 memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (disabled via OPENSSL_NO_ECDH)", args[cur_arg]);
4178 return ERR_ALERT | ERR_FATAL;
4179#else
4180 if (!*args[cur_arg + 1]) {
4181 if (err)
4182 memprintf(err, "'%s' : missing named curve", args[cur_arg]);
4183 return ERR_ALERT | ERR_FATAL;
4184 }
4185
4186 conf->ecdhe = strdup(args[cur_arg + 1]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004187
4188 return 0;
Emeric Brun2b58d042012-09-20 17:10:03 +02004189#endif
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004190}
4191
Emeric Brun81c00f02012-09-21 14:31:21 +02004192/* parse the "crt_ignerr" and "ca_ignerr" bind keywords */
4193static int bind_parse_ignore_err(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4194{
4195 int code;
4196 char *p = args[cur_arg + 1];
4197 unsigned long long *ignerr = &conf->crt_ignerr;
4198
4199 if (!*p) {
4200 if (err)
4201 memprintf(err, "'%s' : missing error IDs list", args[cur_arg]);
4202 return ERR_ALERT | ERR_FATAL;
4203 }
4204
4205 if (strcmp(args[cur_arg], "ca-ignore-err") == 0)
4206 ignerr = &conf->ca_ignerr;
4207
4208 if (strcmp(p, "all") == 0) {
4209 *ignerr = ~0ULL;
4210 return 0;
4211 }
4212
4213 while (p) {
4214 code = atoi(p);
4215 if ((code <= 0) || (code > 63)) {
4216 if (err)
4217 memprintf(err, "'%s' : ID '%d' out of range (1..63) in error IDs list '%s'",
4218 args[cur_arg], code, args[cur_arg + 1]);
4219 return ERR_ALERT | ERR_FATAL;
4220 }
4221 *ignerr |= 1ULL << code;
4222 p = strchr(p, ',');
4223 if (p)
4224 p++;
4225 }
4226
Emeric Brun2cb7ae52012-10-05 14:14:21 +02004227 return 0;
4228}
4229
4230/* parse the "force-sslv3" bind keyword */
4231static int bind_parse_force_sslv3(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4232{
4233 conf->ssl_options |= BC_SSL_O_USE_SSLV3;
4234 return 0;
4235}
4236
4237/* parse the "force-tlsv10" bind keyword */
4238static int bind_parse_force_tlsv10(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4239{
4240 conf->ssl_options |= BC_SSL_O_USE_TLSV10;
Emeric Brun2d0c4822012-10-02 13:45:20 +02004241 return 0;
4242}
4243
Emeric Brun2cb7ae52012-10-05 14:14:21 +02004244/* parse the "force-tlsv11" bind keyword */
4245static int bind_parse_force_tlsv11(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4246{
4247#if SSL_OP_NO_TLSv1_1
4248 conf->ssl_options |= BC_SSL_O_USE_TLSV11;
4249 return 0;
4250#else
4251 if (err)
4252 memprintf(err, "'%s' : library does not support protocol TLSv1.1", args[cur_arg]);
4253 return ERR_ALERT | ERR_FATAL;
4254#endif
4255}
4256
4257/* parse the "force-tlsv12" bind keyword */
4258static int bind_parse_force_tlsv12(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4259{
4260#if SSL_OP_NO_TLSv1_2
4261 conf->ssl_options |= BC_SSL_O_USE_TLSV12;
4262 return 0;
4263#else
4264 if (err)
4265 memprintf(err, "'%s' : library does not support protocol TLSv1.2", args[cur_arg]);
4266 return ERR_ALERT | ERR_FATAL;
4267#endif
4268}
4269
4270
Emeric Brun2d0c4822012-10-02 13:45:20 +02004271/* parse the "no-tls-tickets" bind keyword */
4272static int bind_parse_no_tls_tickets(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4273{
Emeric Brun89675492012-10-05 13:48:26 +02004274 conf->ssl_options |= BC_SSL_O_NO_TLS_TICKETS;
Emeric Brun81c00f02012-09-21 14:31:21 +02004275 return 0;
4276}
4277
Emeric Brun2d0c4822012-10-02 13:45:20 +02004278
Emeric Brun9b3009b2012-10-05 11:55:06 +02004279/* parse the "no-sslv3" bind keyword */
4280static int bind_parse_no_sslv3(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004281{
Emeric Brun89675492012-10-05 13:48:26 +02004282 conf->ssl_options |= BC_SSL_O_NO_SSLV3;
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004283 return 0;
4284}
4285
Emeric Brun9b3009b2012-10-05 11:55:06 +02004286/* parse the "no-tlsv10" bind keyword */
4287static int bind_parse_no_tlsv10(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Emeric Brunc0ff4922012-09-28 19:37:02 +02004288{
Emeric Brun89675492012-10-05 13:48:26 +02004289 conf->ssl_options |= BC_SSL_O_NO_TLSV10;
Emeric Brunc0ff4922012-09-28 19:37:02 +02004290 return 0;
4291}
4292
Emeric Brun9b3009b2012-10-05 11:55:06 +02004293/* parse the "no-tlsv11" bind keyword */
4294static int bind_parse_no_tlsv11(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Emeric Brunc0ff4922012-09-28 19:37:02 +02004295{
Emeric Brun89675492012-10-05 13:48:26 +02004296 conf->ssl_options |= BC_SSL_O_NO_TLSV11;
Emeric Brunc0ff4922012-09-28 19:37:02 +02004297 return 0;
4298}
4299
Emeric Brun9b3009b2012-10-05 11:55:06 +02004300/* parse the "no-tlsv12" bind keyword */
4301static int bind_parse_no_tlsv12(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004302{
Emeric Brun89675492012-10-05 13:48:26 +02004303 conf->ssl_options |= BC_SSL_O_NO_TLSV12;
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004304 return 0;
4305}
4306
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02004307/* parse the "npn" bind keyword */
4308static int bind_parse_npn(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4309{
4310#ifdef OPENSSL_NPN_NEGOTIATED
4311 char *p1, *p2;
4312
4313 if (!*args[cur_arg + 1]) {
4314 memprintf(err, "'%s' : missing the comma-delimited NPN protocol suite", args[cur_arg]);
4315 return ERR_ALERT | ERR_FATAL;
4316 }
4317
4318 free(conf->npn_str);
4319
4320 /* the NPN string is built as a suite of (<len> <name>)* */
4321 conf->npn_len = strlen(args[cur_arg + 1]) + 1;
4322 conf->npn_str = calloc(1, conf->npn_len);
4323 memcpy(conf->npn_str + 1, args[cur_arg + 1], conf->npn_len);
4324
4325 /* replace commas with the name length */
4326 p1 = conf->npn_str;
4327 p2 = p1 + 1;
4328 while (1) {
4329 p2 = memchr(p1 + 1, ',', conf->npn_str + conf->npn_len - (p1 + 1));
4330 if (!p2)
4331 p2 = p1 + 1 + strlen(p1 + 1);
4332
4333 if (p2 - (p1 + 1) > 255) {
4334 *p2 = '\0';
4335 memprintf(err, "'%s' : NPN protocol name too long : '%s'", args[cur_arg], p1 + 1);
4336 return ERR_ALERT | ERR_FATAL;
4337 }
4338
4339 *p1 = p2 - (p1 + 1);
4340 p1 = p2;
4341
4342 if (!*p2)
4343 break;
4344
4345 *(p2++) = '\0';
4346 }
4347 return 0;
4348#else
4349 if (err)
4350 memprintf(err, "'%s' : library does not support TLS NPN extension", args[cur_arg]);
4351 return ERR_ALERT | ERR_FATAL;
4352#endif
4353}
4354
Willy Tarreauab861d32013-04-02 02:30:41 +02004355/* parse the "alpn" bind keyword */
4356static int bind_parse_alpn(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4357{
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01004358#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Willy Tarreauab861d32013-04-02 02:30:41 +02004359 char *p1, *p2;
4360
4361 if (!*args[cur_arg + 1]) {
4362 memprintf(err, "'%s' : missing the comma-delimited ALPN protocol suite", args[cur_arg]);
4363 return ERR_ALERT | ERR_FATAL;
4364 }
4365
4366 free(conf->alpn_str);
4367
4368 /* the ALPN string is built as a suite of (<len> <name>)* */
4369 conf->alpn_len = strlen(args[cur_arg + 1]) + 1;
4370 conf->alpn_str = calloc(1, conf->alpn_len);
4371 memcpy(conf->alpn_str + 1, args[cur_arg + 1], conf->alpn_len);
4372
4373 /* replace commas with the name length */
4374 p1 = conf->alpn_str;
4375 p2 = p1 + 1;
4376 while (1) {
4377 p2 = memchr(p1 + 1, ',', conf->alpn_str + conf->alpn_len - (p1 + 1));
4378 if (!p2)
4379 p2 = p1 + 1 + strlen(p1 + 1);
4380
4381 if (p2 - (p1 + 1) > 255) {
4382 *p2 = '\0';
4383 memprintf(err, "'%s' : ALPN protocol name too long : '%s'", args[cur_arg], p1 + 1);
4384 return ERR_ALERT | ERR_FATAL;
4385 }
4386
4387 *p1 = p2 - (p1 + 1);
4388 p1 = p2;
4389
4390 if (!*p2)
4391 break;
4392
4393 *(p2++) = '\0';
4394 }
4395 return 0;
4396#else
4397 if (err)
4398 memprintf(err, "'%s' : library does not support TLS ALPN extension", args[cur_arg]);
4399 return ERR_ALERT | ERR_FATAL;
4400#endif
4401}
4402
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004403/* parse the "ssl" bind keyword */
Willy Tarreau4348fad2012-09-20 16:48:07 +02004404static int bind_parse_ssl(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004405{
Willy Tarreau81796be2012-09-22 19:11:47 +02004406 struct listener *l;
4407
Willy Tarreau4348fad2012-09-20 16:48:07 +02004408 conf->is_ssl = 1;
Emeric Brun76d88952012-10-05 15:47:31 +02004409
4410 if (global.listen_default_ciphers && !conf->ciphers)
4411 conf->ciphers = strdup(global.listen_default_ciphers);
Emeric Brun2c86cbf2014-10-30 15:56:50 +01004412 conf->ssl_options |= global.listen_default_ssloptions;
Emeric Brun76d88952012-10-05 15:47:31 +02004413
Willy Tarreau81796be2012-09-22 19:11:47 +02004414 list_for_each_entry(l, &conf->listeners, by_bind)
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02004415 l->xprt = &ssl_sock;
Willy Tarreau81796be2012-09-22 19:11:47 +02004416
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004417 return 0;
4418}
4419
Emmanuel Hocdet65623372013-01-24 17:17:15 +01004420/* parse the "strict-sni" bind keyword */
4421static int bind_parse_strict_sni(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4422{
4423 conf->strict_sni = 1;
4424 return 0;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01004425}
4426
4427/* parse the "tls-ticket-keys" bind keyword */
4428static int bind_parse_tls_ticket_keys(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4429{
4430#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
4431 FILE *f;
4432 int i = 0;
4433 char thisline[LINESIZE];
Nenad Merdanovic146defa2015-05-09 08:46:00 +02004434 struct tls_keys_ref *keys_ref;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01004435
4436 if (!*args[cur_arg + 1]) {
4437 if (err)
4438 memprintf(err, "'%s' : missing TLS ticket keys file path", args[cur_arg]);
4439 return ERR_ALERT | ERR_FATAL;
4440 }
4441
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02004442 keys_ref = tlskeys_ref_lookup(args[cur_arg + 1]);
4443 if(keys_ref) {
4444 conf->keys_ref = keys_ref;
4445 return 0;
4446 }
4447
Nenad Merdanovic146defa2015-05-09 08:46:00 +02004448 keys_ref = malloc(sizeof(struct tls_keys_ref));
4449 keys_ref->tlskeys = malloc(TLS_TICKETS_NO * sizeof(struct tls_sess_key));
Nenad Merdanovic05552d42015-02-27 19:56:49 +01004450
4451 if ((f = fopen(args[cur_arg + 1], "r")) == NULL) {
4452 if (err)
4453 memprintf(err, "'%s' : unable to load ssl tickets keys file", args[cur_arg+1]);
4454 return ERR_ALERT | ERR_FATAL;
4455 }
4456
Nenad Merdanovic146defa2015-05-09 08:46:00 +02004457 keys_ref->filename = strdup(args[cur_arg + 1]);
4458
Nenad Merdanovic05552d42015-02-27 19:56:49 +01004459 while (fgets(thisline, sizeof(thisline), f) != NULL) {
4460 int len = strlen(thisline);
4461 /* Strip newline characters from the end */
4462 if(thisline[len - 1] == '\n')
4463 thisline[--len] = 0;
4464
4465 if(thisline[len - 1] == '\r')
4466 thisline[--len] = 0;
4467
Nenad Merdanovic146defa2015-05-09 08:46:00 +02004468 if (base64dec(thisline, len, (char *) (keys_ref->tlskeys + i % TLS_TICKETS_NO), sizeof(struct tls_sess_key)) != sizeof(struct tls_sess_key)) {
Nenad Merdanovic05552d42015-02-27 19:56:49 +01004469 if (err)
4470 memprintf(err, "'%s' : unable to decode base64 key on line %d", args[cur_arg+1], i + 1);
4471 return ERR_ALERT | ERR_FATAL;
4472 }
4473 i++;
4474 }
4475
4476 if (i < TLS_TICKETS_NO) {
4477 if (err)
4478 memprintf(err, "'%s' : please supply at least %d keys in the tls-tickets-file", args[cur_arg+1], TLS_TICKETS_NO);
4479 return ERR_ALERT | ERR_FATAL;
4480 }
4481
4482 fclose(f);
4483
4484 /* Use penultimate key for encryption, handle when TLS_TICKETS_NO = 1 */
4485 i-=2;
Nenad Merdanovic146defa2015-05-09 08:46:00 +02004486 keys_ref->tls_ticket_enc_index = i < 0 ? 0 : i;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02004487 keys_ref->unique_id = -1;
Nenad Merdanovic146defa2015-05-09 08:46:00 +02004488 conf->keys_ref = keys_ref;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01004489
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02004490 LIST_ADD(&tlskeys_reference, &keys_ref->list);
4491
Nenad Merdanovic05552d42015-02-27 19:56:49 +01004492 return 0;
4493#else
4494 if (err)
4495 memprintf(err, "'%s' : TLS ticket callback extension not supported", args[cur_arg]);
4496 return ERR_ALERT | ERR_FATAL;
4497#endif /* SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB */
Emmanuel Hocdet65623372013-01-24 17:17:15 +01004498}
4499
Emeric Brund94b3fe2012-09-20 18:23:56 +02004500/* parse the "verify" bind keyword */
4501static int bind_parse_verify(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4502{
4503 if (!*args[cur_arg + 1]) {
4504 if (err)
4505 memprintf(err, "'%s' : missing verify method", args[cur_arg]);
4506 return ERR_ALERT | ERR_FATAL;
4507 }
4508
4509 if (strcmp(args[cur_arg + 1], "none") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01004510 conf->verify = SSL_SOCK_VERIFY_NONE;
Emeric Brund94b3fe2012-09-20 18:23:56 +02004511 else if (strcmp(args[cur_arg + 1], "optional") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01004512 conf->verify = SSL_SOCK_VERIFY_OPTIONAL;
Emeric Brund94b3fe2012-09-20 18:23:56 +02004513 else if (strcmp(args[cur_arg + 1], "required") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01004514 conf->verify = SSL_SOCK_VERIFY_REQUIRED;
Emeric Brund94b3fe2012-09-20 18:23:56 +02004515 else {
4516 if (err)
4517 memprintf(err, "'%s' : unknown verify method '%s', only 'none', 'optional', and 'required' are supported\n",
4518 args[cur_arg], args[cur_arg + 1]);
4519 return ERR_ALERT | ERR_FATAL;
4520 }
4521
4522 return 0;
4523}
4524
Willy Tarreau92faadf2012-10-10 23:04:25 +02004525/************** "server" keywords ****************/
4526
Emeric Brunef42d922012-10-11 16:11:36 +02004527/* parse the "ca-file" server keyword */
4528static int srv_parse_ca_file(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4529{
4530 if (!*args[*cur_arg + 1]) {
4531 if (err)
4532 memprintf(err, "'%s' : missing CAfile path", args[*cur_arg]);
4533 return ERR_ALERT | ERR_FATAL;
4534 }
4535
4536 if ((*args[*cur_arg + 1] != '/') && global.ca_base)
4537 memprintf(&newsrv->ssl_ctx.ca_file, "%s/%s", global.ca_base, args[*cur_arg + 1]);
4538 else
4539 memprintf(&newsrv->ssl_ctx.ca_file, "%s", args[*cur_arg + 1]);
4540
4541 return 0;
4542}
4543
Willy Tarreau92faadf2012-10-10 23:04:25 +02004544/* parse the "check-ssl" server keyword */
4545static int srv_parse_check_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4546{
4547 newsrv->check.use_ssl = 1;
4548 if (global.connect_default_ciphers && !newsrv->ssl_ctx.ciphers)
4549 newsrv->ssl_ctx.ciphers = strdup(global.connect_default_ciphers);
Emeric Brun2c86cbf2014-10-30 15:56:50 +01004550 newsrv->ssl_ctx.options |= global.connect_default_ssloptions;
Willy Tarreau92faadf2012-10-10 23:04:25 +02004551 return 0;
4552}
4553
4554/* parse the "ciphers" server keyword */
4555static int srv_parse_ciphers(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4556{
4557 if (!*args[*cur_arg + 1]) {
4558 memprintf(err, "'%s' : missing cipher suite", args[*cur_arg]);
4559 return ERR_ALERT | ERR_FATAL;
4560 }
4561
4562 free(newsrv->ssl_ctx.ciphers);
4563 newsrv->ssl_ctx.ciphers = strdup(args[*cur_arg + 1]);
4564 return 0;
4565}
4566
Emeric Brunef42d922012-10-11 16:11:36 +02004567/* parse the "crl-file" server keyword */
4568static int srv_parse_crl_file(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4569{
4570#ifndef X509_V_FLAG_CRL_CHECK
4571 if (err)
4572 memprintf(err, "'%s' : library does not support CRL verify", args[*cur_arg]);
4573 return ERR_ALERT | ERR_FATAL;
4574#else
4575 if (!*args[*cur_arg + 1]) {
4576 if (err)
4577 memprintf(err, "'%s' : missing CRLfile path", args[*cur_arg]);
4578 return ERR_ALERT | ERR_FATAL;
4579 }
4580
4581 if ((*args[*cur_arg + 1] != '/') && global.ca_base)
4582 memprintf(&newsrv->ssl_ctx.crl_file, "%s/%s", global.ca_base, args[*cur_arg + 1]);
4583 else
4584 memprintf(&newsrv->ssl_ctx.crl_file, "%s", args[*cur_arg + 1]);
4585
4586 return 0;
4587#endif
4588}
4589
Emeric Bruna7aa3092012-10-26 12:58:00 +02004590/* parse the "crt" server keyword */
4591static int srv_parse_crt(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4592{
4593 if (!*args[*cur_arg + 1]) {
4594 if (err)
4595 memprintf(err, "'%s' : missing certificate file path", args[*cur_arg]);
4596 return ERR_ALERT | ERR_FATAL;
4597 }
4598
4599 if ((*args[*cur_arg + 1] != '/') && global.crt_base)
4600 memprintf(&newsrv->ssl_ctx.client_crt, "%s/%s", global.ca_base, args[*cur_arg + 1]);
4601 else
4602 memprintf(&newsrv->ssl_ctx.client_crt, "%s", args[*cur_arg + 1]);
4603
4604 return 0;
4605}
Emeric Brunef42d922012-10-11 16:11:36 +02004606
Willy Tarreau92faadf2012-10-10 23:04:25 +02004607/* parse the "force-sslv3" server keyword */
4608static int srv_parse_force_sslv3(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4609{
4610 newsrv->ssl_ctx.options |= SRV_SSL_O_USE_SSLV3;
4611 return 0;
4612}
4613
4614/* parse the "force-tlsv10" server keyword */
4615static int srv_parse_force_tlsv10(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4616{
4617 newsrv->ssl_ctx.options |= SRV_SSL_O_USE_TLSV10;
4618 return 0;
4619}
4620
4621/* parse the "force-tlsv11" server keyword */
4622static int srv_parse_force_tlsv11(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4623{
4624#if SSL_OP_NO_TLSv1_1
4625 newsrv->ssl_ctx.options |= SRV_SSL_O_USE_TLSV11;
4626 return 0;
4627#else
4628 if (err)
4629 memprintf(err, "'%s' : library does not support protocol TLSv1.1", args[*cur_arg]);
4630 return ERR_ALERT | ERR_FATAL;
4631#endif
4632}
4633
4634/* parse the "force-tlsv12" server keyword */
4635static int srv_parse_force_tlsv12(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4636{
4637#if SSL_OP_NO_TLSv1_2
4638 newsrv->ssl_ctx.options |= SRV_SSL_O_USE_TLSV12;
4639 return 0;
4640#else
4641 if (err)
4642 memprintf(err, "'%s' : library does not support protocol TLSv1.2", args[*cur_arg]);
4643 return ERR_ALERT | ERR_FATAL;
4644#endif
4645}
4646
Willy Tarreau2a3fb1c2015-02-05 16:47:07 +01004647/* parse the "no-ssl-reuse" server keyword */
4648static int srv_parse_no_ssl_reuse(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4649{
4650 newsrv->ssl_ctx.options |= SRV_SSL_O_NO_REUSE;
4651 return 0;
4652}
4653
Willy Tarreau92faadf2012-10-10 23:04:25 +02004654/* parse the "no-sslv3" server keyword */
4655static int srv_parse_no_sslv3(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4656{
4657 newsrv->ssl_ctx.options |= SRV_SSL_O_NO_SSLV3;
4658 return 0;
4659}
4660
4661/* parse the "no-tlsv10" server keyword */
4662static int srv_parse_no_tlsv10(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4663{
4664 newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLSV10;
4665 return 0;
4666}
4667
4668/* parse the "no-tlsv11" server keyword */
4669static int srv_parse_no_tlsv11(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4670{
4671 newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLSV11;
4672 return 0;
4673}
4674
4675/* parse the "no-tlsv12" server keyword */
4676static int srv_parse_no_tlsv12(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4677{
4678 newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLSV12;
4679 return 0;
4680}
4681
Emeric Brunf9c5c472012-10-11 15:28:34 +02004682/* parse the "no-tls-tickets" server keyword */
4683static int srv_parse_no_tls_tickets(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4684{
4685 newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLS_TICKETS;
4686 return 0;
4687}
David Safb76832014-05-08 23:42:08 -04004688/* parse the "send-proxy-v2-ssl" server keyword */
4689static int srv_parse_send_proxy_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4690{
4691 newsrv->pp_opts |= SRV_PP_V2;
4692 newsrv->pp_opts |= SRV_PP_V2_SSL;
4693 return 0;
4694}
4695
4696/* parse the "send-proxy-v2-ssl-cn" server keyword */
4697static int srv_parse_send_proxy_cn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4698{
4699 newsrv->pp_opts |= SRV_PP_V2;
4700 newsrv->pp_opts |= SRV_PP_V2_SSL;
4701 newsrv->pp_opts |= SRV_PP_V2_SSL_CN;
4702 return 0;
4703}
Emeric Brunf9c5c472012-10-11 15:28:34 +02004704
Willy Tarreau92faadf2012-10-10 23:04:25 +02004705/* parse the "ssl" server keyword */
4706static int srv_parse_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4707{
4708 newsrv->use_ssl = 1;
4709 if (global.connect_default_ciphers && !newsrv->ssl_ctx.ciphers)
4710 newsrv->ssl_ctx.ciphers = strdup(global.connect_default_ciphers);
4711 return 0;
4712}
4713
Emeric Brunef42d922012-10-11 16:11:36 +02004714/* parse the "verify" server keyword */
4715static int srv_parse_verify(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4716{
4717 if (!*args[*cur_arg + 1]) {
4718 if (err)
4719 memprintf(err, "'%s' : missing verify method", args[*cur_arg]);
4720 return ERR_ALERT | ERR_FATAL;
4721 }
4722
4723 if (strcmp(args[*cur_arg + 1], "none") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01004724 newsrv->ssl_ctx.verify = SSL_SOCK_VERIFY_NONE;
Emeric Brunef42d922012-10-11 16:11:36 +02004725 else if (strcmp(args[*cur_arg + 1], "required") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01004726 newsrv->ssl_ctx.verify = SSL_SOCK_VERIFY_REQUIRED;
Emeric Brunef42d922012-10-11 16:11:36 +02004727 else {
4728 if (err)
4729 memprintf(err, "'%s' : unknown verify method '%s', only 'none' and 'required' are supported\n",
4730 args[*cur_arg], args[*cur_arg + 1]);
4731 return ERR_ALERT | ERR_FATAL;
4732 }
4733
Evan Broderbe554312013-06-27 00:05:25 -07004734 return 0;
4735}
4736
4737/* parse the "verifyhost" server keyword */
4738static int srv_parse_verifyhost(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
4739{
4740 if (!*args[*cur_arg + 1]) {
4741 if (err)
4742 memprintf(err, "'%s' : missing hostname to verify against", args[*cur_arg]);
4743 return ERR_ALERT | ERR_FATAL;
4744 }
4745
4746 newsrv->ssl_ctx.verify_host = strdup(args[*cur_arg + 1]);
4747
Emeric Brunef42d922012-10-11 16:11:36 +02004748 return 0;
4749}
4750
Emeric Brun2c86cbf2014-10-30 15:56:50 +01004751/* parse the "ssl-default-bind-options" keyword in global section */
4752static int ssl_parse_default_bind_options(char **args, int section_type, struct proxy *curpx,
4753 struct proxy *defpx, const char *file, int line,
4754 char **err) {
4755 int i = 1;
4756
4757 if (*(args[i]) == 0) {
4758 memprintf(err, "global statement '%s' expects an option as an argument.", args[0]);
4759 return -1;
4760 }
4761 while (*(args[i])) {
4762 if (!strcmp(args[i], "no-sslv3"))
4763 global.listen_default_ssloptions |= BC_SSL_O_NO_SSLV3;
4764 else if (!strcmp(args[i], "no-tlsv10"))
4765 global.listen_default_ssloptions |= BC_SSL_O_NO_TLSV10;
4766 else if (!strcmp(args[i], "no-tlsv11"))
4767 global.listen_default_ssloptions |= BC_SSL_O_NO_TLSV11;
4768 else if (!strcmp(args[i], "no-tlsv12"))
4769 global.listen_default_ssloptions |= BC_SSL_O_NO_TLSV12;
4770 else if (!strcmp(args[i], "force-sslv3"))
4771 global.listen_default_ssloptions |= BC_SSL_O_USE_SSLV3;
4772 else if (!strcmp(args[i], "force-tlsv10"))
4773 global.listen_default_ssloptions |= BC_SSL_O_USE_TLSV10;
4774 else if (!strcmp(args[i], "force-tlsv11")) {
4775#if SSL_OP_NO_TLSv1_1
4776 global.listen_default_ssloptions |= BC_SSL_O_USE_TLSV11;
4777#else
4778 memprintf(err, "'%s' '%s': library does not support protocol TLSv1.1", args[0], args[i]);
4779 return -1;
4780#endif
4781 }
4782 else if (!strcmp(args[i], "force-tlsv12")) {
4783#if SSL_OP_NO_TLSv1_2
4784 global.listen_default_ssloptions |= BC_SSL_O_USE_TLSV12;
4785#else
4786 memprintf(err, "'%s' '%s': library does not support protocol TLSv1.2", args[0], args[i]);
4787 return -1;
4788#endif
4789 }
4790 else if (!strcmp(args[i], "no-tls-tickets"))
4791 global.listen_default_ssloptions |= BC_SSL_O_NO_TLS_TICKETS;
4792 else {
4793 memprintf(err, "unknown option '%s' on global statement '%s'.", args[i], args[0]);
4794 return -1;
4795 }
4796 i++;
4797 }
4798 return 0;
4799}
4800
4801/* parse the "ssl-default-server-options" keyword in global section */
4802static int ssl_parse_default_server_options(char **args, int section_type, struct proxy *curpx,
4803 struct proxy *defpx, const char *file, int line,
4804 char **err) {
4805 int i = 1;
4806
4807 if (*(args[i]) == 0) {
4808 memprintf(err, "global statement '%s' expects an option as an argument.", args[0]);
4809 return -1;
4810 }
4811 while (*(args[i])) {
4812 if (!strcmp(args[i], "no-sslv3"))
4813 global.connect_default_ssloptions |= SRV_SSL_O_NO_SSLV3;
4814 else if (!strcmp(args[i], "no-tlsv10"))
4815 global.connect_default_ssloptions |= SRV_SSL_O_NO_TLSV10;
4816 else if (!strcmp(args[i], "no-tlsv11"))
4817 global.connect_default_ssloptions |= SRV_SSL_O_NO_TLSV11;
4818 else if (!strcmp(args[i], "no-tlsv12"))
4819 global.connect_default_ssloptions |= SRV_SSL_O_NO_TLSV12;
4820 else if (!strcmp(args[i], "force-sslv3"))
4821 global.connect_default_ssloptions |= SRV_SSL_O_USE_SSLV3;
4822 else if (!strcmp(args[i], "force-tlsv10"))
4823 global.connect_default_ssloptions |= SRV_SSL_O_USE_TLSV10;
4824 else if (!strcmp(args[i], "force-tlsv11")) {
4825#if SSL_OP_NO_TLSv1_1
4826 global.connect_default_ssloptions |= SRV_SSL_O_USE_TLSV11;
4827#else
4828 memprintf(err, "'%s' '%s': library does not support protocol TLSv1.1", args[0], args[i]);
4829 return -1;
4830#endif
4831 }
4832 else if (!strcmp(args[i], "force-tlsv12")) {
4833#if SSL_OP_NO_TLSv1_2
4834 global.connect_default_ssloptions |= SRV_SSL_O_USE_TLSV12;
4835#else
4836 memprintf(err, "'%s' '%s': library does not support protocol TLSv1.2", args[0], args[i]);
4837 return -1;
4838#endif
4839 }
4840 else if (!strcmp(args[i], "no-tls-tickets"))
4841 global.connect_default_ssloptions |= SRV_SSL_O_NO_TLS_TICKETS;
4842 else {
4843 memprintf(err, "unknown option '%s' on global statement '%s'.", args[i], args[0]);
4844 return -1;
4845 }
4846 i++;
4847 }
4848 return 0;
4849}
4850
Willy Tarreau7875d092012-09-10 08:20:03 +02004851/* Note: must not be declared <const> as its list will be overwritten.
4852 * Please take care of keeping this list alphabetically sorted.
4853 */
Willy Tarreaudc13c112013-06-21 23:16:39 +02004854static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
Emeric Brun645ae792014-04-30 14:21:06 +02004855 { "ssl_bc", smp_fetch_ssl_fc, 0, NULL, SMP_T_BOOL, SMP_USE_L5SRV },
4856 { "ssl_bc_alg_keysize", smp_fetch_ssl_fc_alg_keysize, 0, NULL, SMP_T_UINT, SMP_USE_L5SRV },
4857 { "ssl_bc_cipher", smp_fetch_ssl_fc_cipher, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
4858 { "ssl_bc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
Emeric Brunb73a9b02014-04-30 18:49:19 +02004859 { "ssl_bc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
Emeric Brun645ae792014-04-30 14:21:06 +02004860 { "ssl_bc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_UINT, SMP_USE_L5SRV },
4861 { "ssl_bc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
Willy Tarreau80aca902013-01-07 15:42:20 +01004862 { "ssl_c_ca_err", smp_fetch_ssl_c_ca_err, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
4863 { "ssl_c_ca_err_depth", smp_fetch_ssl_c_ca_err_depth, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
Emeric Brun43e79582014-10-29 19:03:26 +01004864 { "ssl_c_der", smp_fetch_ssl_x_der, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +01004865 { "ssl_c_err", smp_fetch_ssl_c_err, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +02004866 { "ssl_c_i_dn", smp_fetch_ssl_x_i_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
4867 { "ssl_c_key_alg", smp_fetch_ssl_x_key_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4868 { "ssl_c_notafter", smp_fetch_ssl_x_notafter, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4869 { "ssl_c_notbefore", smp_fetch_ssl_x_notbefore, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4870 { "ssl_c_sig_alg", smp_fetch_ssl_x_sig_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4871 { "ssl_c_s_dn", smp_fetch_ssl_x_s_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
4872 { "ssl_c_serial", smp_fetch_ssl_x_serial, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4873 { "ssl_c_sha1", smp_fetch_ssl_x_sha1, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +01004874 { "ssl_c_used", smp_fetch_ssl_c_used, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
4875 { "ssl_c_verify", smp_fetch_ssl_c_verify, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +02004876 { "ssl_c_version", smp_fetch_ssl_x_version, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
Emeric Brun43e79582014-10-29 19:03:26 +01004877 { "ssl_f_der", smp_fetch_ssl_x_der, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +02004878 { "ssl_f_i_dn", smp_fetch_ssl_x_i_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
4879 { "ssl_f_key_alg", smp_fetch_ssl_x_key_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4880 { "ssl_f_notafter", smp_fetch_ssl_x_notafter, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4881 { "ssl_f_notbefore", smp_fetch_ssl_x_notbefore, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4882 { "ssl_f_sig_alg", smp_fetch_ssl_x_sig_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
4883 { "ssl_f_s_dn", smp_fetch_ssl_x_s_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
4884 { "ssl_f_serial", smp_fetch_ssl_x_serial, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Emeric Brun55f4fa82014-04-30 17:11:25 +02004885 { "ssl_f_sha1", smp_fetch_ssl_x_sha1, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +02004886 { "ssl_f_version", smp_fetch_ssl_x_version, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +01004887 { "ssl_fc", smp_fetch_ssl_fc, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
4888 { "ssl_fc_alg_keysize", smp_fetch_ssl_fc_alg_keysize, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01004889 { "ssl_fc_cipher", smp_fetch_ssl_fc_cipher, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +01004890 { "ssl_fc_has_crt", smp_fetch_ssl_fc_has_crt, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
4891 { "ssl_fc_has_sni", smp_fetch_ssl_fc_has_sni, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Nenad Merdanovic26ea8222015-05-18 02:28:57 +02004892 { "ssl_fc_is_resumed", smp_fetch_ssl_fc_is_resumed, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Willy Tarreaua33c6542012-10-15 13:19:06 +02004893#ifdef OPENSSL_NPN_NEGOTIATED
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01004894 { "ssl_fc_npn", smp_fetch_ssl_fc_npn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreaua33c6542012-10-15 13:19:06 +02004895#endif
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01004896#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01004897 { "ssl_fc_alpn", smp_fetch_ssl_fc_alpn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreauab861d32013-04-02 02:30:41 +02004898#endif
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01004899 { "ssl_fc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Emeric Brunb73a9b02014-04-30 18:49:19 +02004900 { "ssl_fc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +01004901 { "ssl_fc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_UINT, SMP_USE_L5CLI },
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01004902 { "ssl_fc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
4903 { "ssl_fc_sni", smp_fetch_ssl_fc_sni, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreau7875d092012-09-10 08:20:03 +02004904 { NULL, NULL, 0, 0, 0 },
4905}};
4906
4907/* Note: must not be declared <const> as its list will be overwritten.
4908 * Please take care of keeping this list alphabetically sorted.
4909 */
Willy Tarreaudc13c112013-06-21 23:16:39 +02004910static struct acl_kw_list acl_kws = {ILH, {
Thierry FOURNIERc5a4e982014-03-05 16:07:08 +01004911 { "ssl_fc_sni_end", "ssl_fc_sni", PAT_MATCH_END },
4912 { "ssl_fc_sni_reg", "ssl_fc_sni", PAT_MATCH_REG },
Willy Tarreau8ed669b2013-01-11 15:49:37 +01004913 { /* END */ },
Willy Tarreau7875d092012-09-10 08:20:03 +02004914}};
4915
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004916/* Note: must not be declared <const> as its list will be overwritten.
4917 * Please take care of keeping this list alphabetically sorted, doing so helps
4918 * all code contributors.
4919 * Optional keywords are also declared with a NULL ->parse() function so that
4920 * the config parser can report an appropriate error when a known keyword was
4921 * not enabled.
4922 */
Willy Tarreau51fb7652012-09-18 18:24:39 +02004923static struct bind_kw_list bind_kws = { "SSL", { }, {
Nenad Merdanovic05552d42015-02-27 19:56:49 +01004924 { "alpn", bind_parse_alpn, 1 }, /* set ALPN supported protocols */
4925 { "ca-file", bind_parse_ca_file, 1 }, /* set CAfile to process verify on client cert */
4926 { "ca-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ignore on verify depth > 0 */
4927 { "ciphers", bind_parse_ciphers, 1 }, /* set SSL cipher suite */
4928 { "crl-file", bind_parse_crl_file, 1 }, /* set certificat revocation list file use on client cert verify */
4929 { "crt", bind_parse_crt, 1 }, /* load SSL certificates from this location */
4930 { "crt-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ingore on verify depth == 0 */
4931 { "crt-list", bind_parse_crt_list, 1 }, /* load a list of crt from this location */
4932 { "ecdhe", bind_parse_ecdhe, 1 }, /* defines named curve for elliptic curve Diffie-Hellman */
4933 { "force-sslv3", bind_parse_force_sslv3, 0 }, /* force SSLv3 */
4934 { "force-tlsv10", bind_parse_force_tlsv10, 0 }, /* force TLSv10 */
4935 { "force-tlsv11", bind_parse_force_tlsv11, 0 }, /* force TLSv11 */
4936 { "force-tlsv12", bind_parse_force_tlsv12, 0 }, /* force TLSv12 */
4937 { "no-sslv3", bind_parse_no_sslv3, 0 }, /* disable SSLv3 */
4938 { "no-tlsv10", bind_parse_no_tlsv10, 0 }, /* disable TLSv10 */
4939 { "no-tlsv11", bind_parse_no_tlsv11, 0 }, /* disable TLSv11 */
4940 { "no-tlsv12", bind_parse_no_tlsv12, 0 }, /* disable TLSv12 */
4941 { "no-tls-tickets", bind_parse_no_tls_tickets, 0 }, /* disable session resumption tickets */
4942 { "ssl", bind_parse_ssl, 0 }, /* enable SSL processing */
4943 { "strict-sni", bind_parse_strict_sni, 0 }, /* refuse negotiation if sni doesn't match a certificate */
4944 { "tls-ticket-keys", bind_parse_tls_ticket_keys, 1 }, /* set file to load TLS ticket keys from */
4945 { "verify", bind_parse_verify, 1 }, /* set SSL verify method */
4946 { "npn", bind_parse_npn, 1 }, /* set NPN supported protocols */
Willy Tarreau79eeafa2012-09-14 07:53:05 +02004947 { NULL, NULL, 0 },
4948}};
Emeric Brun46591952012-05-18 15:47:34 +02004949
Willy Tarreau92faadf2012-10-10 23:04:25 +02004950/* Note: must not be declared <const> as its list will be overwritten.
4951 * Please take care of keeping this list alphabetically sorted, doing so helps
4952 * all code contributors.
4953 * Optional keywords are also declared with a NULL ->parse() function so that
4954 * the config parser can report an appropriate error when a known keyword was
4955 * not enabled.
4956 */
4957static struct srv_kw_list srv_kws = { "SSL", { }, {
Emeric Brunef42d922012-10-11 16:11:36 +02004958 { "ca-file", srv_parse_ca_file, 1, 0 }, /* set CAfile to process verify server cert */
Emeric Brunecc91fe2012-10-11 15:05:10 +02004959 { "check-ssl", srv_parse_check_ssl, 0, 0 }, /* enable SSL for health checks */
4960 { "ciphers", srv_parse_ciphers, 1, 0 }, /* select the cipher suite */
Emeric Brunef42d922012-10-11 16:11:36 +02004961 { "crl-file", srv_parse_crl_file, 1, 0 }, /* set certificate revocation list file use on server cert verify */
Emeric Bruna7aa3092012-10-26 12:58:00 +02004962 { "crt", srv_parse_crt, 1, 0 }, /* set client certificate */
Emeric Brunecc91fe2012-10-11 15:05:10 +02004963 { "force-sslv3", srv_parse_force_sslv3, 0, 0 }, /* force SSLv3 */
4964 { "force-tlsv10", srv_parse_force_tlsv10, 0, 0 }, /* force TLSv10 */
4965 { "force-tlsv11", srv_parse_force_tlsv11, 0, 0 }, /* force TLSv11 */
4966 { "force-tlsv12", srv_parse_force_tlsv12, 0, 0 }, /* force TLSv12 */
Willy Tarreau2a3fb1c2015-02-05 16:47:07 +01004967 { "no-ssl-reuse", srv_parse_no_ssl_reuse, 0, 0 }, /* disable session reuse */
Emeric Brunecc91fe2012-10-11 15:05:10 +02004968 { "no-sslv3", srv_parse_no_sslv3, 0, 0 }, /* disable SSLv3 */
4969 { "no-tlsv10", srv_parse_no_tlsv10, 0, 0 }, /* disable TLSv10 */
4970 { "no-tlsv11", srv_parse_no_tlsv11, 0, 0 }, /* disable TLSv11 */
4971 { "no-tlsv12", srv_parse_no_tlsv12, 0, 0 }, /* disable TLSv12 */
Emeric Brunf9c5c472012-10-11 15:28:34 +02004972 { "no-tls-tickets", srv_parse_no_tls_tickets, 0, 0 }, /* disable session resumption tickets */
David Safb76832014-05-08 23:42:08 -04004973 { "send-proxy-v2-ssl", srv_parse_send_proxy_ssl, 0, 0 }, /* send PROXY protocol header v2 with SSL info */
4974 { "send-proxy-v2-ssl-cn", srv_parse_send_proxy_cn, 0, 0 }, /* send PROXY protocol header v2 with CN */
Emeric Brunecc91fe2012-10-11 15:05:10 +02004975 { "ssl", srv_parse_ssl, 0, 0 }, /* enable SSL processing */
Emeric Brunef42d922012-10-11 16:11:36 +02004976 { "verify", srv_parse_verify, 1, 0 }, /* set SSL verify method */
Evan Broderbe554312013-06-27 00:05:25 -07004977 { "verifyhost", srv_parse_verifyhost, 1, 0 }, /* require that SSL cert verifies for hostname */
Willy Tarreau92faadf2012-10-10 23:04:25 +02004978 { NULL, NULL, 0, 0 },
4979}};
4980
Emeric Brun2c86cbf2014-10-30 15:56:50 +01004981static struct cfg_kw_list cfg_kws = {ILH, {
4982 { CFG_GLOBAL, "ssl-default-bind-options", ssl_parse_default_bind_options },
4983 { CFG_GLOBAL, "ssl-default-server-options", ssl_parse_default_server_options },
4984 { 0, NULL, NULL },
4985}};
4986
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02004987/* transport-layer operations for SSL sockets */
4988struct xprt_ops ssl_sock = {
Emeric Brun46591952012-05-18 15:47:34 +02004989 .snd_buf = ssl_sock_from_buf,
4990 .rcv_buf = ssl_sock_to_buf,
4991 .rcv_pipe = NULL,
4992 .snd_pipe = NULL,
4993 .shutr = NULL,
4994 .shutw = ssl_sock_shutw,
4995 .close = ssl_sock_close,
4996 .init = ssl_sock_init,
4997};
4998
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01004999#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
5000
5001static void ssl_sock_sctl_free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp)
5002{
5003 if (ptr) {
5004 chunk_destroy(ptr);
5005 free(ptr);
5006 }
5007}
5008
5009#endif
5010
Emeric Brun46591952012-05-18 15:47:34 +02005011__attribute__((constructor))
Willy Tarreau92faadf2012-10-10 23:04:25 +02005012static void __ssl_sock_init(void)
5013{
Emeric Brun46591952012-05-18 15:47:34 +02005014 STACK_OF(SSL_COMP)* cm;
5015
Willy Tarreau610f04b2014-02-13 11:36:41 +01005016#ifdef LISTEN_DEFAULT_CIPHERS
5017 global.listen_default_ciphers = LISTEN_DEFAULT_CIPHERS;
5018#endif
5019#ifdef CONNECT_DEFAULT_CIPHERS
5020 global.connect_default_ciphers = CONNECT_DEFAULT_CIPHERS;
5021#endif
5022 if (global.listen_default_ciphers)
5023 global.listen_default_ciphers = strdup(global.listen_default_ciphers);
5024 if (global.connect_default_ciphers)
5025 global.connect_default_ciphers = strdup(global.connect_default_ciphers);
Emeric Brun2c86cbf2014-10-30 15:56:50 +01005026 global.listen_default_ssloptions = BC_SSL_O_NONE;
5027 global.connect_default_ssloptions = SRV_SSL_O_NONE;
Willy Tarreau610f04b2014-02-13 11:36:41 +01005028
Emeric Brun46591952012-05-18 15:47:34 +02005029 SSL_library_init();
5030 cm = SSL_COMP_get_compression_methods();
5031 sk_SSL_COMP_zero(cm);
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01005032#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
5033 sctl_ex_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, ssl_sock_sctl_free_func);
5034#endif
Willy Tarreau7875d092012-09-10 08:20:03 +02005035 sample_register_fetches(&sample_fetch_keywords);
5036 acl_register_keywords(&acl_kws);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02005037 bind_register_keywords(&bind_kws);
Willy Tarreau92faadf2012-10-10 23:04:25 +02005038 srv_register_keywords(&srv_kws);
Emeric Brun2c86cbf2014-10-30 15:56:50 +01005039 cfg_register_keywords(&cfg_kws);
Willy Tarreaud92aa5c2015-01-15 21:34:39 +01005040
5041 global.ssl_session_max_cost = SSL_SESSION_MAX_COST;
5042 global.ssl_handshake_max_cost = SSL_HANDSHAKE_MAX_COST;
Emeric Brun46591952012-05-18 15:47:34 +02005043}
5044
5045/*
5046 * Local variables:
5047 * c-indent-level: 8
5048 * c-basic-offset: 8
5049 * End:
5050 */