blob: 91e7feed56e25974d1ec8d4153d26931e4db7793 [file] [log] [blame]
Emeric Brun46591952012-05-18 15:47:34 +02001/*
2 * SSL data transfer functions between buffers and SOCK_STREAM sockets
3 *
4 * Copyright (C) 2012 EXCELIANCE, Emeric Brun <ebrun@exceliance.fr>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
Willy Tarreau69845df2012-09-10 09:43:09 +020011 * Acknowledgement:
12 * We'd like to specially thank the Stud project authors for a very clean
13 * and well documented code which helped us understand how the OpenSSL API
14 * ought to be used in non-blocking mode. This is one difficult part which
15 * is not easy to get from the OpenSSL doc, and reading the Stud code made
16 * it much more obvious than the examples in the OpenSSL package. Keep up
17 * the good works, guys !
18 *
19 * Stud is an extremely efficient and scalable SSL/TLS proxy which combines
20 * particularly well with haproxy. For more info about this project, visit :
21 * https://github.com/bumptech/stud
22 *
Emeric Brun46591952012-05-18 15:47:34 +020023 */
24
25#define _GNU_SOURCE
Emeric Brunfc0421f2012-09-07 17:30:07 +020026#include <ctype.h>
27#include <dirent.h>
Emeric Brun46591952012-05-18 15:47:34 +020028#include <errno.h>
29#include <fcntl.h>
30#include <stdio.h>
31#include <stdlib.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020032#include <string.h>
33#include <unistd.h>
Emeric Brun46591952012-05-18 15:47:34 +020034
35#include <sys/socket.h>
36#include <sys/stat.h>
37#include <sys/types.h>
38
39#include <netinet/tcp.h>
40
41#include <openssl/ssl.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020042#include <openssl/x509.h>
43#include <openssl/x509v3.h>
44#include <openssl/x509.h>
45#include <openssl/err.h>
Emeric Brun46591952012-05-18 15:47:34 +020046
47#include <common/buffer.h>
48#include <common/compat.h>
49#include <common/config.h>
50#include <common/debug.h>
51#include <common/standard.h>
52#include <common/ticks.h>
53#include <common/time.h>
54
Emeric Brunfc0421f2012-09-07 17:30:07 +020055#include <ebsttree.h>
56
57#include <types/global.h>
58#include <types/ssl_sock.h>
59
Willy Tarreau7875d092012-09-10 08:20:03 +020060#include <proto/acl.h>
61#include <proto/arg.h>
Emeric Brun46591952012-05-18 15:47:34 +020062#include <proto/connection.h>
63#include <proto/fd.h>
64#include <proto/freq_ctr.h>
65#include <proto/frontend.h>
66#include <proto/log.h>
67#include <proto/protocols.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020068#include <proto/shctx.h>
Emeric Brun46591952012-05-18 15:47:34 +020069#include <proto/ssl_sock.h>
70#include <proto/task.h>
71
Willy Tarreau403edff2012-09-06 11:58:37 +020072static int sslconns = 0;
Emeric Brune1f38db2012-09-03 20:36:47 +020073
74void ssl_sock_infocbk(const SSL *ssl, int where, int ret)
75{
76 struct connection *conn = (struct connection *)SSL_get_app_data(ssl);
77 (void)ret; /* shut gcc stupid warning */
78
79 if (where & SSL_CB_HANDSHAKE_START) {
80 /* Disable renegotiation (CVE-2009-3555) */
81 if (conn->flags & CO_FL_CONNECTED)
82 conn->flags |= CO_FL_ERROR;
83 }
Emeric Brunfc0421f2012-09-07 17:30:07 +020084}
85
86#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
87/* Sets the SSL ctx of <ssl> to match the advertised server name. Returns a
88 * warning when no match is found, which implies the default (first) cert
89 * will keep being used.
90 */
91static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, struct ssl_conf *s)
92{
93 const char *servername;
94 const char *wildp = NULL;
95 struct ebmb_node *node;
96 int i;
97 (void)al; /* shut gcc stupid warning */
98
99 servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
100 if (!servername)
101 return SSL_TLSEXT_ERR_NOACK;
102
103 for (i = 0; i < trashlen; i++) {
104 if (!servername[i])
105 break;
106 trash[i] = tolower(servername[i]);
107 if (!wildp && (trash[i] == '.'))
108 wildp = &trash[i];
109 }
110 trash[i] = 0;
111
112 /* lookup in full qualified names */
113 node = ebst_lookup(&s->sni_ctx, trash);
114 if (!node) {
115 if (!wildp)
116 return SSL_TLSEXT_ERR_ALERT_WARNING;
117
118 /* lookup in full wildcards names */
119 node = ebst_lookup(&s->sni_w_ctx, wildp);
120 if (!node)
121 return SSL_TLSEXT_ERR_ALERT_WARNING;
122 }
123
124 /* switch ctx */
125 SSL_set_SSL_CTX(ssl, container_of(node, struct sni_ctx, name)->ctx);
126 return SSL_TLSEXT_ERR_OK;
127}
128#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
129
130/* Loads a certificate key and CA chain from a file. Returns 0 on error, -1 if
131 * an early error happens and the caller must call SSL_CTX_free() by itelf.
132 */
133int ssl_sock_load_cert_chain_file(SSL_CTX *ctx, const char *file, struct ssl_conf *s)
134{
135 BIO *in;
136 X509 *x = NULL, *ca;
137 int i, len, err;
138 int ret = -1;
139 int order = 0;
140 X509_NAME *xname;
141 char *str;
142 struct sni_ctx *sc;
143#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
144 STACK_OF(GENERAL_NAME) *names;
145#endif
146
147 in = BIO_new(BIO_s_file());
148 if (in == NULL)
149 goto end;
150
151 if (BIO_read_filename(in, file) <= 0)
152 goto end;
153
154 x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
155 if (x == NULL)
156 goto end;
157
158#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
159 names = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
160 if (names) {
161 for (i = 0; i < sk_GENERAL_NAME_num(names); i++) {
162 GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
163 if (name->type == GEN_DNS) {
164 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
165 if ((len = strlen(str))) {
166 int j;
167
168 if (*str != '*') {
169 sc = malloc(sizeof(struct sni_ctx) + len + 1);
170 for (j = 0; j < len; j++)
171 sc->name.key[j] = tolower(str[j]);
172 sc->name.key[len] = 0;
173 sc->order = order++;
174 sc->ctx = ctx;
175 ebst_insert(&s->sni_ctx, &sc->name);
176 }
177 else {
178 sc = malloc(sizeof(struct sni_ctx) + len);
179 for (j = 1; j < len; j++)
180 sc->name.key[j-1] = tolower(str[j]);
181 sc->name.key[len-1] = 0;
182 sc->order = order++;
183 sc->ctx = ctx;
184 ebst_insert(&s->sni_w_ctx, &sc->name);
185 }
186 }
187 OPENSSL_free(str);
188 }
189 }
190 }
191 sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
192 }
193#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
194
195 xname = X509_get_subject_name(x);
196 i = -1;
197 while ((i = X509_NAME_get_index_by_NID(xname, NID_commonName, i)) != -1) {
198 X509_NAME_ENTRY *entry = X509_NAME_get_entry(xname, i);
199 if (ASN1_STRING_to_UTF8((unsigned char **)&str, entry->value) >= 0) {
200 if ((len = strlen(str))) {
201 int j;
202
203 if (*str != '*') {
204 sc = malloc(sizeof(struct sni_ctx) + len + 1);
205 for (j = 0; j < len; j++)
206 sc->name.key[j] = tolower(str[j]);
207 sc->name.key[len] = 0;
208 sc->order = order++;
209 sc->ctx = ctx;
210 ebst_insert(&s->sni_ctx, &sc->name);
211 }
212 else {
213 sc = malloc(sizeof(struct sni_ctx) + len);
214 for (j = 1; j < len; j++)
215 sc->name.key[j-1] = tolower(str[j]);
216 sc->name.key[len-1] = 0;
217 sc->order = order++;
218 sc->ctx = ctx;
219 ebst_insert(&s->sni_w_ctx, &sc->name);
220 }
221 }
222 OPENSSL_free(str);
223 }
224 }
225
226 ret = 0; /* the caller must not free the SSL_CTX argument anymore */
227 if (!SSL_CTX_use_certificate(ctx, x))
228 goto end;
229
230 if (ctx->extra_certs != NULL) {
231 sk_X509_pop_free(ctx->extra_certs, X509_free);
232 ctx->extra_certs = NULL;
233 }
234
235 while ((ca = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata))) {
236 if (!SSL_CTX_add_extra_chain_cert(ctx, ca)) {
237 X509_free(ca);
238 goto end;
239 }
240 }
241
242 err = ERR_get_error();
243 if (!err || (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)) {
244 /* we successfully reached the last cert in the file */
245 ret = 1;
246 }
247 ERR_clear_error();
248
249end:
250 if (x)
251 X509_free(x);
252
253 if (in)
254 BIO_free(in);
255
256 return ret;
257}
258
259int ssl_sock_load_cert_file(const char *path, struct ssl_conf *ssl_conf, struct proxy *curproxy)
260{
261 int ret;
262 SSL_CTX *ctx;
263
264 ctx = SSL_CTX_new(SSLv23_server_method());
265 if (!ctx) {
266 Alert("Proxy '%s': unable to allocate SSL context for bind '%s' at [%s:%d] using cert '%s'.\n",
267 curproxy->id, ssl_conf->arg, ssl_conf->file, ssl_conf->line, path);
268 return 1;
269 }
270
271 if (SSL_CTX_use_PrivateKey_file(ctx, path, SSL_FILETYPE_PEM) <= 0) {
272 Alert("Proxy '%s': unable to load SSL private key from file '%s' in bind '%s' at [%s:%d].\n",
273 curproxy->id, path, ssl_conf->arg, ssl_conf->file, ssl_conf->line);
274 SSL_CTX_free(ctx);
275 return 1;
276 }
277
278 ret = ssl_sock_load_cert_chain_file(ctx, path, ssl_conf);
279 if (ret <= 0) {
280 Alert("Proxy '%s': unable to load SSL certificate from file '%s' in bind '%s' at [%s:%d].\n",
281 curproxy->id, path, ssl_conf->arg, ssl_conf->file, ssl_conf->line);
282 if (ret < 0) /* serious error, must do that ourselves */
283 SSL_CTX_free(ctx);
284 return 1;
285 }
286 /* we must not free the SSL_CTX anymore below, since it's already in
287 * the tree, so it will be discovered and cleaned in time.
288 */
289#ifndef SSL_CTRL_SET_TLSEXT_HOSTNAME
290 if (ssl_conf->default_ctx) {
291 Alert("Proxy '%s': file '%s' : this version of openssl cannot load multiple SSL certificates in bind '%s' at [%s:%d].\n",
292 curproxy->id, path, ssl_conf->arg, ssl_conf->file, ssl_conf->line);
293 return 1;
294 }
295#endif
296 if (!ssl_conf->default_ctx)
297 ssl_conf->default_ctx = ctx;
298
299 return 0;
300}
301
302int ssl_sock_load_cert(char *path, struct ssl_conf *ssl_conf, struct proxy *curproxy)
303{
304 struct dirent *de;
305 DIR *dir;
306 struct stat buf;
307 int pathlen = 0;
308 char *end, *fp;
309 int cfgerr = 0;
310
311 if (!(dir = opendir(path)))
312 return ssl_sock_load_cert_file(path, ssl_conf, curproxy);
313
314 /* strip trailing slashes, including first one */
315 for (end = path + strlen(path) - 1; end >= path && *end == '/'; end--)
316 *end = 0;
317
318 if (end >= path)
319 pathlen = end + 1 - path;
320 fp = malloc(pathlen + 1 + NAME_MAX + 1);
321
322 while ((de = readdir(dir))) {
323 snprintf(fp, pathlen + 1 + NAME_MAX + 1, "%s/%s", path, de->d_name);
324 if (stat(fp, &buf) != 0) {
325 Alert("Proxy '%s': unable to stat SSL certificate from file '%s' in bind '%s' at [%s:%d] : %s.\n",
326 curproxy->id, fp, ssl_conf->arg, ssl_conf->file, ssl_conf->line, strerror(errno));
327 cfgerr++;
328 continue;
329 }
330 if (!S_ISREG(buf.st_mode))
331 continue;
332 cfgerr += ssl_sock_load_cert_file(fp, ssl_conf, curproxy);
333 }
334 free(fp);
335 closedir(dir);
336 return cfgerr;
337}
338
339#ifndef SSL_OP_CIPHER_SERVER_PREFERENCE /* needs OpenSSL >= 0.9.7 */
340#define SSL_OP_CIPHER_SERVER_PREFERENCE 0
341#endif
342
343#ifndef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION /* needs OpenSSL >= 0.9.7 */
344#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0
345#endif
346#ifndef SSL_OP_NO_COMPRESSION /* needs OpenSSL >= 0.9.9 */
347#define SSL_OP_NO_COMPRESSION 0
348#endif
349#ifndef SSL_MODE_RELEASE_BUFFERS /* needs OpenSSL >= 1.0.0 */
350#define SSL_MODE_RELEASE_BUFFERS 0
351#endif
352int ssl_sock_prepare_ctx(struct ssl_conf *ssl_conf, SSL_CTX *ctx, struct proxy *curproxy)
353{
354 int cfgerr = 0;
355 int ssloptions =
356 SSL_OP_ALL | /* all known workarounds for bugs */
357 SSL_OP_NO_SSLv2 |
358 SSL_OP_NO_COMPRESSION |
359 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION;
360 int sslmode =
361 SSL_MODE_ENABLE_PARTIAL_WRITE |
362 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
363 SSL_MODE_RELEASE_BUFFERS;
364
365 if (ssl_conf->nosslv3)
366 ssloptions |= SSL_OP_NO_SSLv3;
367 if (ssl_conf->notlsv1)
368 ssloptions |= SSL_OP_NO_TLSv1;
369 if (ssl_conf->prefer_server_ciphers)
370 ssloptions |= SSL_OP_CIPHER_SERVER_PREFERENCE;
371
372 SSL_CTX_set_options(ctx, ssloptions);
373 SSL_CTX_set_mode(ctx, sslmode);
374 SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
375
376 shared_context_set_cache(ctx);
377 if (ssl_conf->ciphers &&
378 !SSL_CTX_set_cipher_list(ctx, ssl_conf->ciphers)) {
379 Alert("Proxy '%s': unable to set SSL cipher list to '%s' for bind '%s' at [%s:%d].\n",
380 curproxy->id, ssl_conf->ciphers, ssl_conf->arg, ssl_conf->file, ssl_conf->line);
381 cfgerr++;
382 }
383
384 SSL_CTX_set_info_callback(ctx, ssl_sock_infocbk);
385#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
386 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_cbk);
387 SSL_CTX_set_tlsext_servername_arg(ctx, ssl_conf);
388#endif
389 return cfgerr;
390}
391
392/* Walks down the two trees in ssl_conf and prepares all certs. The pointer may
393 * be NULL, in which case nothing is done. Returns the number of errors
394 * encountered.
395 */
396int ssl_sock_prepare_all_ctx(struct ssl_conf *ssl_conf, struct proxy *px)
397{
398 struct ebmb_node *node;
399 struct sni_ctx *sni;
400 int err = 0;
401
402 if (!ssl_conf)
403 return 0;
404
405 node = ebmb_first(&ssl_conf->sni_ctx);
406 while (node) {
407 sni = ebmb_entry(node, struct sni_ctx, name);
408 if (!sni->order) /* only initialize the CTX on its first occurrence */
409 err += ssl_sock_prepare_ctx(ssl_conf, sni->ctx, px);
410 node = ebmb_next(node);
411 }
412
413 node = ebmb_first(&ssl_conf->sni_w_ctx);
414 while (node) {
415 sni = ebmb_entry(node, struct sni_ctx, name);
416 if (!sni->order) /* only initialize the CTX on its first occurrence */
417 err += ssl_sock_prepare_ctx(ssl_conf, sni->ctx, px);
418 node = ebmb_next(node);
419 }
420 return err;
421}
422
423/* Walks down the two trees in ssl_conf and frees all the certs. The pointer may
424 * be NULL, in which case nothing is done. The default_ctx is nullified too.
425 */
426void ssl_sock_free_all_ctx(struct ssl_conf *ssl_conf)
427{
428 struct ebmb_node *node, *back;
429 struct sni_ctx *sni;
430
431 if (!ssl_conf)
432 return;
433
434 node = ebmb_first(&ssl_conf->sni_ctx);
435 while (node) {
436 sni = ebmb_entry(node, struct sni_ctx, name);
437 back = ebmb_next(node);
438 ebmb_delete(node);
439 if (!sni->order) /* only free the CTX on its first occurrence */
440 SSL_CTX_free(sni->ctx);
441 free(sni);
442 node = back;
443 }
444
445 node = ebmb_first(&ssl_conf->sni_w_ctx);
446 while (node) {
447 sni = ebmb_entry(node, struct sni_ctx, name);
448 back = ebmb_next(node);
449 ebmb_delete(node);
450 if (!sni->order) /* only free the CTX on its first occurrence */
451 SSL_CTX_free(sni->ctx);
452 free(sni);
453 node = back;
454 }
455
456 ssl_conf->default_ctx = NULL;
Emeric Brune1f38db2012-09-03 20:36:47 +0200457}
458
Emeric Brun46591952012-05-18 15:47:34 +0200459/*
460 * This function is called if SSL * context is not yet allocated. The function
461 * is designed to be called before any other data-layer operation and sets the
462 * handshake flag on the connection. It is safe to call it multiple times.
463 * It returns 0 on success and -1 in error case.
464 */
465static int ssl_sock_init(struct connection *conn)
466{
467 /* already initialized */
468 if (conn->data_ctx)
469 return 0;
470
Willy Tarreau403edff2012-09-06 11:58:37 +0200471 if (global.maxsslconn && sslconns >= global.maxsslconn)
472 return -1;
473
Emeric Brun46591952012-05-18 15:47:34 +0200474 /* If it is in client mode initiate SSL session
475 in connect state otherwise accept state */
476 if (target_srv(&conn->target)) {
Emeric Brun46591952012-05-18 15:47:34 +0200477 /* Alloc a new SSL session ctx */
478 conn->data_ctx = SSL_new(target_srv(&conn->target)->ssl_ctx.ctx);
479 if (!conn->data_ctx)
480 return -1;
481
482 SSL_set_connect_state(conn->data_ctx);
483 if (target_srv(&conn->target)->ssl_ctx.reused_sess)
484 SSL_set_session(conn->data_ctx, target_srv(&conn->target)->ssl_ctx.reused_sess);
485
486 /* set fd on SSL session context */
487 SSL_set_fd(conn->data_ctx, conn->t.sock.fd);
488
489 /* leave init state and start handshake */
Willy Tarreau05737472012-09-04 08:03:39 +0200490 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Willy Tarreau403edff2012-09-06 11:58:37 +0200491
492 sslconns++;
Emeric Brun46591952012-05-18 15:47:34 +0200493 return 0;
494 }
495 else if (target_client(&conn->target)) {
Emeric Brun46591952012-05-18 15:47:34 +0200496 /* Alloc a new SSL session ctx */
Emeric Brunfc0421f2012-09-07 17:30:07 +0200497 conn->data_ctx = SSL_new(target_client(&conn->target)->ssl_conf->default_ctx);
Emeric Brun46591952012-05-18 15:47:34 +0200498 if (!conn->data_ctx)
499 return -1;
500
501 SSL_set_accept_state(conn->data_ctx);
502
503 /* set fd on SSL session context */
504 SSL_set_fd(conn->data_ctx, conn->t.sock.fd);
505
Emeric Brune1f38db2012-09-03 20:36:47 +0200506 /* set connection pointer */
507 SSL_set_app_data(conn->data_ctx, conn);
508
Emeric Brun46591952012-05-18 15:47:34 +0200509 /* leave init state and start handshake */
Willy Tarreau05737472012-09-04 08:03:39 +0200510 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Willy Tarreau403edff2012-09-06 11:58:37 +0200511
512 sslconns++;
Emeric Brun46591952012-05-18 15:47:34 +0200513 return 0;
514 }
515 /* don't know how to handle such a target */
516 return -1;
517}
518
519
520/* This is the callback which is used when an SSL handshake is pending. It
521 * updates the FD status if it wants some polling before being called again.
522 * It returns 0 if it fails in a fatal way or needs to poll to go further,
523 * otherwise it returns non-zero and removes itself from the connection's
524 * flags (the bit is provided in <flag> by the caller).
525 */
526int ssl_sock_handshake(struct connection *conn, unsigned int flag)
527{
528 int ret;
529
530 if (!conn->data_ctx)
531 goto out_error;
532
533 ret = SSL_do_handshake(conn->data_ctx);
534 if (ret != 1) {
535 /* handshake did not complete, let's find why */
536 ret = SSL_get_error(conn->data_ctx, ret);
537
538 if (ret == SSL_ERROR_WANT_WRITE) {
539 /* SSL handshake needs to write, L4 connection may not be ready */
540 __conn_sock_stop_recv(conn);
541 __conn_sock_poll_send(conn);
542 return 0;
543 }
544 else if (ret == SSL_ERROR_WANT_READ) {
545 /* SSL handshake needs to read, L4 connection is ready */
546 if (conn->flags & CO_FL_WAIT_L4_CONN)
547 conn->flags &= ~CO_FL_WAIT_L4_CONN;
548 __conn_sock_stop_send(conn);
549 __conn_sock_poll_recv(conn);
550 return 0;
551 }
552 else {
553 /* Fail on all other handshake errors */
554 goto out_error;
555 }
556 }
557
558 /* Handshake succeeded */
559 if (target_srv(&conn->target)) {
560 if (!SSL_session_reused(conn->data_ctx)) {
561 /* check if session was reused, if not store current session on server for reuse */
562 if (target_srv(&conn->target)->ssl_ctx.reused_sess)
563 SSL_SESSION_free(target_srv(&conn->target)->ssl_ctx.reused_sess);
564
565 target_srv(&conn->target)->ssl_ctx.reused_sess = SSL_get1_session(conn->data_ctx);
566 }
567 }
568
569 /* The connection is now established at both layers, it's time to leave */
570 conn->flags &= ~(flag | CO_FL_WAIT_L4_CONN | CO_FL_WAIT_L6_CONN);
571 return 1;
572
573 out_error:
574 /* Fail on all other handshake errors */
575 conn->flags |= CO_FL_ERROR;
576 conn->flags &= ~flag;
577 return 0;
578}
579
580/* Receive up to <count> bytes from connection <conn>'s socket and store them
581 * into buffer <buf>. The caller must ensure that <count> is always smaller
582 * than the buffer's size. Only one call to recv() is performed, unless the
583 * buffer wraps, in which case a second call may be performed. The connection's
584 * flags are updated with whatever special event is detected (error, read0,
585 * empty). The caller is responsible for taking care of those events and
586 * avoiding the call if inappropriate. The function does not call the
587 * connection's polling update function, so the caller is responsible for this.
588 */
589static int ssl_sock_to_buf(struct connection *conn, struct buffer *buf, int count)
590{
591 int ret, done = 0;
592 int try = count;
593
594 if (!conn->data_ctx)
595 goto out_error;
596
597 if (conn->flags & CO_FL_HANDSHAKE)
598 /* a handshake was requested */
599 return 0;
600
601 /* compute the maximum block size we can read at once. */
602 if (buffer_empty(buf)) {
603 /* let's realign the buffer to optimize I/O */
604 buf->p = buf->data;
605 }
606 else if (buf->data + buf->o < buf->p &&
607 buf->p + buf->i < buf->data + buf->size) {
608 /* remaining space wraps at the end, with a moving limit */
609 if (try > buf->data + buf->size - (buf->p + buf->i))
610 try = buf->data + buf->size - (buf->p + buf->i);
611 }
612
613 /* read the largest possible block. For this, we perform only one call
614 * to recv() unless the buffer wraps and we exactly fill the first hunk,
615 * in which case we accept to do it once again. A new attempt is made on
616 * EINTR too.
617 */
618 while (try) {
619 ret = SSL_read(conn->data_ctx, bi_end(buf), try);
Emeric Brune1f38db2012-09-03 20:36:47 +0200620 if (conn->flags & CO_FL_ERROR) {
621 /* CO_FL_ERROR may be set by ssl_sock_infocbk */
622 break;
623 }
Emeric Brun46591952012-05-18 15:47:34 +0200624 if (ret > 0) {
625 buf->i += ret;
626 done += ret;
627 if (ret < try)
628 break;
629 count -= ret;
630 try = count;
631 }
632 else if (ret == 0) {
633 goto read0;
634 }
635 else {
636 ret = SSL_get_error(conn->data_ctx, ret);
637 if (ret == SSL_ERROR_WANT_WRITE) {
638 /* handshake is running, and it needs to poll for a write event */
639 conn->flags |= CO_FL_SSL_WAIT_HS;
640 __conn_sock_poll_send(conn);
641 break;
642 }
643 else if (ret == SSL_ERROR_WANT_READ) {
644 /* we need to poll for retry a read later */
645 __conn_data_poll_recv(conn);
646 break;
647 }
648 /* otherwise it's a real error */
649 goto out_error;
650 }
651 }
652 return done;
653
654 read0:
655 conn_sock_read0(conn);
656 return done;
657 out_error:
658 conn->flags |= CO_FL_ERROR;
659 return done;
660}
661
662
663/* Send all pending bytes from buffer <buf> to connection <conn>'s socket.
664 * <flags> may contain MSG_MORE to make the system hold on without sending
665 * data too fast, but this flag is ignored at the moment.
666 * Only one call to send() is performed, unless the buffer wraps, in which case
667 * a second call may be performed. The connection's flags are updated with
668 * whatever special event is detected (error, empty). The caller is responsible
669 * for taking care of those events and avoiding the call if inappropriate. The
670 * function does not call the connection's polling update function, so the caller
671 * is responsible for this.
672 */
673static int ssl_sock_from_buf(struct connection *conn, struct buffer *buf, int flags)
674{
675 int ret, try, done;
676
677 done = 0;
678
679 if (!conn->data_ctx)
680 goto out_error;
681
682 if (conn->flags & CO_FL_HANDSHAKE)
683 /* a handshake was requested */
684 return 0;
685
686 /* send the largest possible block. For this we perform only one call
687 * to send() unless the buffer wraps and we exactly fill the first hunk,
688 * in which case we accept to do it once again.
689 */
690 while (buf->o) {
691 try = buf->o;
692 /* outgoing data may wrap at the end */
693 if (buf->data + try > buf->p)
694 try = buf->data + try - buf->p;
695
696 ret = SSL_write(conn->data_ctx, bo_ptr(buf), try);
Emeric Brune1f38db2012-09-03 20:36:47 +0200697 if (conn->flags & CO_FL_ERROR) {
698 /* CO_FL_ERROR may be set by ssl_sock_infocbk */
699 break;
700 }
Emeric Brun46591952012-05-18 15:47:34 +0200701 if (ret > 0) {
702 buf->o -= ret;
703 done += ret;
704
705 if (likely(!buffer_len(buf)))
706 /* optimize data alignment in the buffer */
707 buf->p = buf->data;
708
709 /* if the system buffer is full, don't insist */
710 if (ret < try)
711 break;
712 }
713 else {
714 ret = SSL_get_error(conn->data_ctx, ret);
715 if (ret == SSL_ERROR_WANT_WRITE) {
716 /* we need to poll to retry a write later */
717 __conn_data_poll_send(conn);
718 break;
719 }
720 else if (ret == SSL_ERROR_WANT_READ) {
721 /* handshake is running, and
722 it needs to poll for a read event,
723 write polling must be disabled cause
724 we are sure we can't write anything more
725 before handshake re-performed */
726 conn->flags |= CO_FL_SSL_WAIT_HS;
727 __conn_sock_poll_recv(conn);
728 break;
729 }
730 goto out_error;
731 }
732 }
733 return done;
734
735 out_error:
736 conn->flags |= CO_FL_ERROR;
737 return done;
738}
739
740
741static void ssl_sock_close(struct connection *conn) {
742
743 if (conn->data_ctx) {
744 SSL_free(conn->data_ctx);
745 conn->data_ctx = NULL;
Willy Tarreau403edff2012-09-06 11:58:37 +0200746 sslconns--;
Emeric Brun46591952012-05-18 15:47:34 +0200747 }
Emeric Brun46591952012-05-18 15:47:34 +0200748}
749
750/* This function tries to perform a clean shutdown on an SSL connection, and in
751 * any case, flags the connection as reusable if no handshake was in progress.
752 */
753static void ssl_sock_shutw(struct connection *conn, int clean)
754{
755 if (conn->flags & CO_FL_HANDSHAKE)
756 return;
757 /* no handshake was in progress, try a clean ssl shutdown */
758 if (clean)
759 SSL_shutdown(conn->data_ctx);
760
761 /* force flag on ssl to keep session in cache regardless shutdown result */
762 SSL_set_shutdown(conn->data_ctx, SSL_SENT_SHUTDOWN);
763}
764
Willy Tarreau7875d092012-09-10 08:20:03 +0200765/***** Below are some sample fetching functions for ACL/patterns *****/
766
767/* boolean, returns true if data layer is SSL */
768static int
769smp_fetch_is_ssl(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
770 const struct arg *args, struct sample *smp)
771{
772 smp->type = SMP_T_BOOL;
773 smp->data.uint = (l4->si[0].conn.data == &ssl_sock);
774 return 1;
775}
776
777/* boolean, returns true if data layer is SSL */
778static int
779smp_fetch_has_sni(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
780 const struct arg *args, struct sample *smp)
781{
782#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
783 smp->type = SMP_T_BOOL;
784 smp->data.uint = (l4->si[0].conn.data == &ssl_sock) &&
785 SSL_get_servername(l4->si[0].conn.data_ctx, TLSEXT_NAMETYPE_host_name) != NULL;
786 return 1;
787#else
788 return 0;
789#endif
790}
791
792static int
793smp_fetch_ssl_sni(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
794 const struct arg *args, struct sample *smp)
795{
796#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
797 smp->flags = 0;
798 smp->type = SMP_T_CSTR;
799
800 if (!l4 || l4->si[0].conn.data != &ssl_sock)
801 return 0;
802
803 /* data points to cookie value */
804 smp->data.str.str = (char *)SSL_get_servername(l4->si[0].conn.data_ctx, TLSEXT_NAMETYPE_host_name);
805 smp->data.str.len = strlen(smp->data.str.str);
806 return 1;
807#else
808 return 0;
809#endif
810}
811
812/* Note: must not be declared <const> as its list will be overwritten.
813 * Please take care of keeping this list alphabetically sorted.
814 */
815static struct sample_fetch_kw_list sample_fetch_keywords = {{ },{
816 { "is_ssl", smp_fetch_is_ssl, 0, NULL, SMP_T_BOOL, SMP_CAP_REQ|SMP_CAP_RES },
817 { "ssl_has_sni", smp_fetch_has_sni, 0, NULL, SMP_T_BOOL, SMP_CAP_REQ|SMP_CAP_RES },
818 { "ssl_sni", smp_fetch_ssl_sni, 0, NULL, SMP_T_CSTR, SMP_CAP_REQ|SMP_CAP_RES },
819 { NULL, NULL, 0, 0, 0 },
820}};
821
822/* Note: must not be declared <const> as its list will be overwritten.
823 * Please take care of keeping this list alphabetically sorted.
824 */
825static struct acl_kw_list acl_kws = {{ },{
826 { "is_ssl", acl_parse_int, smp_fetch_is_ssl, acl_match_nothing, ACL_USE_L6REQ_PERMANENT, 0 },
827 { "ssl_has_sni", acl_parse_int, smp_fetch_has_sni, acl_match_nothing, ACL_USE_L6REQ_PERMANENT, 0 },
828 { "ssl_sni", acl_parse_str, smp_fetch_ssl_sni, acl_match_str, ACL_USE_L6REQ_PERMANENT|ACL_MAY_LOOKUP, 0 },
829 { "ssl_sni_end", acl_parse_str, smp_fetch_ssl_sni, acl_match_end, ACL_USE_L6REQ_PERMANENT|ACL_MAY_LOOKUP, 0 },
830 { "ssl_sni_reg", acl_parse_str, smp_fetch_ssl_sni, acl_match_reg, ACL_USE_L6REQ_PERMANENT|ACL_MAY_LOOKUP, 0 },
831 { NULL, NULL, NULL, NULL },
832}};
833
Emeric Brun46591952012-05-18 15:47:34 +0200834
835/* data-layer operations for SSL sockets */
836struct data_ops ssl_sock = {
837 .snd_buf = ssl_sock_from_buf,
838 .rcv_buf = ssl_sock_to_buf,
839 .rcv_pipe = NULL,
840 .snd_pipe = NULL,
841 .shutr = NULL,
842 .shutw = ssl_sock_shutw,
843 .close = ssl_sock_close,
844 .init = ssl_sock_init,
845};
846
847__attribute__((constructor))
848static void __ssl_sock_init(void) {
849 STACK_OF(SSL_COMP)* cm;
850
851 SSL_library_init();
852 cm = SSL_COMP_get_compression_methods();
853 sk_SSL_COMP_zero(cm);
Willy Tarreau7875d092012-09-10 08:20:03 +0200854 sample_register_fetches(&sample_fetch_keywords);
855 acl_register_keywords(&acl_kws);
Emeric Brun46591952012-05-18 15:47:34 +0200856}
857
858/*
859 * Local variables:
860 * c-indent-level: 8
861 * c-basic-offset: 8
862 * End:
863 */