Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 5db847ab6530eb2da7ba246243d1a9ac791417e3 / . / src / ssl_sock.c
blob: 794b6c9c489d919d68ebea946d3d1cb975e64671 [file] [log] [blame]
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]1
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]2/*
Willy Tarreauf7bc57c2012-10-03 00:19:48 +0200[diff] [blame]3 * SSL/TLS transport layer over SOCK_STREAM sockets
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]4 *
5 * Copyright (C) 2012 EXCELIANCE, Emeric Brun <ebrun@exceliance.fr>
6 *
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version
10 * 2 of the License, or (at your option) any later version.
11 *
Willy Tarreau69845df2012-09-10 09:43:09 +0200[diff] [blame]12 * Acknowledgement:
13 * We'd like to specially thank the Stud project authors for a very clean
14 * and well documented code which helped us understand how the OpenSSL API
15 * ought to be used in non-blocking mode. This is one difficult part which
16 * is not easy to get from the OpenSSL doc, and reading the Stud code made
17 * it much more obvious than the examples in the OpenSSL package. Keep up
18 * the good works, guys !
19 *
20 * Stud is an extremely efficient and scalable SSL/TLS proxy which combines
21 * particularly well with haproxy. For more info about this project, visit :
22 * https://github.com/bumptech/stud
23 *
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]24 */
25
26#define _GNU_SOURCE
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]27#include <ctype.h>
28#include <dirent.h>
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]29#include <errno.h>
30#include <fcntl.h>
31#include <stdio.h>
32#include <stdlib.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]33#include <string.h>
34#include <unistd.h>
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]35
36#include <sys/socket.h>
37#include <sys/stat.h>
38#include <sys/types.h>
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]39#include <netdb.h>
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]40#include <netinet/tcp.h>
41
Rosen Penev68185952018-12-14 08:47:02 -0800[diff] [blame]42#include <openssl/bn.h>
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]43#include <openssl/crypto.h>
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]44#include <openssl/ssl.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]45#include <openssl/x509.h>
46#include <openssl/x509v3.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]47#include <openssl/err.h>
Thierry Fournier383085f2013-01-24 14:15:43 +0100[diff] [blame]48#include <openssl/rand.h>
Emmanuel Hocdet019f9b12017-10-02 17:12:06 +0200[diff] [blame]49#include <openssl/hmac.h>
Lukas Tribuse4e30f72014-12-09 16:32:51 +0100[diff] [blame]50#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]51#include <openssl/ocsp.h>
52#endif
Remi Gacogne4f902b82015-05-28 16:23:00 +0200[diff] [blame]53#ifndef OPENSSL_NO_DH
54#include <openssl/dh.h>
55#endif
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200[diff] [blame]56#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]57#include <openssl/engine.h>
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200[diff] [blame]58#endif
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]59
Ilya Shipitsin54832b92019-05-05 23:27:54 +0500[diff] [blame]60#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC) && !defined(LIBRESSL_VERSION_NUMBER)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]61#include <openssl/async.h>
62#endif
63
Rosen Penev68185952018-12-14 08:47:02 -0800[diff] [blame]64#ifndef OPENSSL_VERSION
65#define OPENSSL_VERSION SSLEAY_VERSION
66#define OpenSSL_version(x) SSLeay_version(x)
67#define OpenSSL_version_num SSLeay
68#endif
69
70#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || (LIBRESSL_VERSION_NUMBER < 0x20700000L)
71#define X509_getm_notBefore X509_get_notBefore
72#define X509_getm_notAfter X509_get_notAfter
73#endif
74
Emmanuel Hocdet2b4edfb2019-04-01 18:24:38 +0200[diff] [blame]75#if (OPENSSL_VERSION_NUMBER < 0x1010000fL && !defined LIBRESSL_VERSION_NUMBER)
Nenad Merdanovicc31499d2019-03-23 11:00:32 +0100[diff] [blame]76#define EVP_CTRL_AEAD_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
77#define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG
78#endif
79
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]80#include <import/lru.h>
81#include <import/xxhash.h>
82
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]83#include <common/buffer.h>
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]84#include <common/chunk.h>
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]85#include <common/compat.h>
86#include <common/config.h>
87#include <common/debug.h>
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]88#include <common/errors.h>
Willy Tarreau0108d902018-11-25 19:14:37 +0100[diff] [blame]89#include <common/initcall.h>
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]90#include <common/standard.h>
91#include <common/ticks.h>
92#include <common/time.h>
Emeric Brun2c86cbf2014-10-30 15:56:50 +0100[diff] [blame]93#include <common/cfgparse.h>
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]94#include <common/base64.h>
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]95
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]96#include <ebsttree.h>
97
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]98#include <types/applet.h>
99#include <types/cli.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]100#include <types/global.h>
101#include <types/ssl_sock.h>
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]102#include <types/stats.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]103
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]104#include <proto/acl.h>
105#include <proto/arg.h>
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]106#include <proto/channel.h>
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]107#include <proto/connection.h>
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]108#include <proto/cli.h>
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]109#include <proto/fd.h>
110#include <proto/freq_ctr.h>
111#include <proto/frontend.h>
Willy Tarreau61c112a2018-10-02 16:43:32 +0200[diff] [blame]112#include <proto/http_rules.h>
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]113#include <proto/listener.h>
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]114#include <proto/openssl-compat.h>
Thierry FOURNIERed66c292013-11-28 11:05:19 +0100[diff] [blame]115#include <proto/pattern.h>
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]116#include <proto/proto_tcp.h>
Olivier Houchardccaa7de2017-10-02 11:51:03 +0200[diff] [blame]117#include <proto/proto_http.h>
Willy Tarreau92faadf2012-10-10 23:04:25 +0200[diff] [blame]118#include <proto/server.h>
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]119#include <proto/stream_interface.h>
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]120#include <proto/log.h>
Emeric Brun94324a42012-10-11 14:00:19 +0200[diff] [blame]121#include <proto/proxy.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]122#include <proto/shctx.h>
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]123#include <proto/ssl_sock.h>
Willy Tarreau9ad7bd42015-04-03 19:19:59 +0200[diff] [blame]124#include <proto/stream.h>
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]125#include <proto/task.h>
Nenad Merdanovicc31499d2019-03-23 11:00:32 +0100[diff] [blame]126#include <proto/vars.h>
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]127
Willy Tarreau518cedd2014-02-17 15:43:01 +0100[diff] [blame]128/* Warning, these are bits, not integers! */
Emeric Brune64aef12012-09-21 13:15:06 +0200[diff] [blame]129#define SSL_SOCK_ST_FL_VERIFY_DONE 0x00000001
Emeric Brund8b2bb52014-01-28 15:43:53 +0100[diff] [blame]130#define SSL_SOCK_ST_FL_16K_WBFSIZE 0x00000002
Willy Tarreau518cedd2014-02-17 15:43:01 +0100[diff] [blame]131#define SSL_SOCK_SEND_UNLIMITED 0x00000004
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]132#define SSL_SOCK_RECV_HEARTBEAT 0x00000008
133
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]134/* bits 0xFFFF0000 are reserved to store verify errors */
135
136/* Verify errors macros */
137#define SSL_SOCK_CA_ERROR_TO_ST(e) (((e > 63) ? 63 : e) << (16))
138#define SSL_SOCK_CAEDEPTH_TO_ST(d) (((d > 15) ? 15 : d) << (6+16))
139#define SSL_SOCK_CRTERROR_TO_ST(e) (((e > 63) ? 63 : e) << (4+6+16))
140
141#define SSL_SOCK_ST_TO_CA_ERROR(s) ((s >> (16)) & 63)
142#define SSL_SOCK_ST_TO_CAEDEPTH(s) ((s >> (6+16)) & 15)
143#define SSL_SOCK_ST_TO_CRTERROR(s) ((s >> (4+6+16)) & 63)
Emeric Brune64aef12012-09-21 13:15:06 +0200[diff] [blame]144
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]145/* Supported hash function for TLS tickets */
146#ifdef OPENSSL_NO_SHA256
147#define HASH_FUNCT EVP_sha1
148#else
149#define HASH_FUNCT EVP_sha256
150#endif /* OPENSSL_NO_SHA256 */
151
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]152/* ssl_methods flags for ssl options */
153#define MC_SSL_O_ALL 0x0000
154#define MC_SSL_O_NO_SSLV3 0x0001 /* disable SSLv3 */
155#define MC_SSL_O_NO_TLSV10 0x0002 /* disable TLSv10 */
156#define MC_SSL_O_NO_TLSV11 0x0004 /* disable TLSv11 */
157#define MC_SSL_O_NO_TLSV12 0x0008 /* disable TLSv12 */
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +0200[diff] [blame]158#define MC_SSL_O_NO_TLSV13 0x0010 /* disable TLSv13 */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]159
160/* ssl_methods versions */
161enum {
162 CONF_TLSV_NONE = 0,
163 CONF_TLSV_MIN = 1,
164 CONF_SSLV3 = 1,
165 CONF_TLSV10 = 2,
166 CONF_TLSV11 = 3,
167 CONF_TLSV12 = 4,
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +0200[diff] [blame]168 CONF_TLSV13 = 5,
169 CONF_TLSV_MAX = 5,
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]170};
171
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]172/* server and bind verify method, it uses a global value as default */
173enum {
174 SSL_SOCK_VERIFY_DEFAULT = 0,
175 SSL_SOCK_VERIFY_REQUIRED = 1,
176 SSL_SOCK_VERIFY_OPTIONAL = 2,
177 SSL_SOCK_VERIFY_NONE = 3,
178};
179
William Lallemand3f85c9a2017-10-09 16:30:50 +0200[diff] [blame]180
Willy Tarreau71b734c2014-01-28 15:19:44 +0100[diff] [blame]181int sslconns = 0;
182int totalsslconns = 0;
Willy Tarreaud9f5cca2016-12-22 21:08:52 +0100[diff] [blame]183static struct xprt_ops ssl_sock;
Emeric Brunece0c332017-12-06 13:51:49 +0100[diff] [blame]184int nb_engines = 0;
Emeric Brune1f38db2012-09-03 20:36:47 +0200[diff] [blame]185
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]186static struct {
187 char *crt_base; /* base directory path for certificates */
188 char *ca_base; /* base directory path for CAs and CRLs */
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]189 int async; /* whether we use ssl async mode */
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]190
191 char *listen_default_ciphers;
192 char *connect_default_ciphers;
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]193#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]194 char *listen_default_ciphersuites;
195 char *connect_default_ciphersuites;
196#endif
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]197 int listen_default_ssloptions;
198 int connect_default_ssloptions;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]199 struct tls_version_filter listen_default_sslmethods;
200 struct tls_version_filter connect_default_sslmethods;
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]201
202 int private_cache; /* Force to use a private session cache even if nbproc > 1 */
203 unsigned int life_time; /* SSL session lifetime in seconds */
204 unsigned int max_record; /* SSL max record size */
205 unsigned int default_dh_param; /* SSL maximum DH parameter size */
206 int ctx_cache; /* max number of entries in the ssl_ctx cache. */
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]207 int capture_cipherlist; /* Size of the cipherlist buffer. */
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]208} global_ssl = {
209#ifdef LISTEN_DEFAULT_CIPHERS
210 .listen_default_ciphers = LISTEN_DEFAULT_CIPHERS,
211#endif
212#ifdef CONNECT_DEFAULT_CIPHERS
213 .connect_default_ciphers = CONNECT_DEFAULT_CIPHERS,
214#endif
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]215#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]216#ifdef LISTEN_DEFAULT_CIPHERSUITES
217 .listen_default_ciphersuites = LISTEN_DEFAULT_CIPHERSUITES,
218#endif
219#ifdef CONNECT_DEFAULT_CIPHERSUITES
220 .connect_default_ciphersuites = CONNECT_DEFAULT_CIPHERSUITES,
221#endif
222#endif
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]223 .listen_default_ssloptions = BC_SSL_O_NONE,
224 .connect_default_ssloptions = SRV_SSL_O_NONE,
225
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]226 .listen_default_sslmethods.flags = MC_SSL_O_ALL,
227 .listen_default_sslmethods.min = CONF_TLSV_NONE,
228 .listen_default_sslmethods.max = CONF_TLSV_NONE,
229 .connect_default_sslmethods.flags = MC_SSL_O_ALL,
230 .connect_default_sslmethods.min = CONF_TLSV_NONE,
231 .connect_default_sslmethods.max = CONF_TLSV_NONE,
232
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]233#ifdef DEFAULT_SSL_MAX_RECORD
234 .max_record = DEFAULT_SSL_MAX_RECORD,
235#endif
236 .default_dh_param = SSL_DEFAULT_DH_PARAM,
237 .ctx_cache = DEFAULT_SSL_CTX_CACHE,
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]238 .capture_cipherlist = 0,
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]239};
240
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]241static BIO_METHOD *ha_meth;
242
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]243struct ssl_sock_ctx {
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]244 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]245 SSL *ssl;
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]246 BIO *bio;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]247 struct xprt_ops *xprt;
248 void *xprt_ctx;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]249 int xprt_st; /* transport layer state, initialized to zero */
250 int tmp_early_data; /* 1st byte of early data, if any */
251 int sent_early_data; /* Amount of early data we sent so far */
252
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]253};
254
255DECLARE_STATIC_POOL(ssl_sock_ctx_pool, "ssl_sock_ctx_pool", sizeof(struct ssl_sock_ctx));
256
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]257/* Methods to implement OpenSSL BIO */
258static int ha_ssl_write(BIO *h, const char *buf, int num)
259{
260 struct buffer tmpbuf;
261 struct ssl_sock_ctx *ctx;
262 int ret;
263
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]264#if HA_OPENSSL_VERSION_NUMBER < 0x10100000
Olivier Houchard66a7b332019-04-18 15:58:15 +0200[diff] [blame]265 ctx = h->ptr;
266#else
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]267 ctx = BIO_get_data(h);
Olivier Houchard66a7b332019-04-18 15:58:15 +0200[diff] [blame]268#endif
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]269 tmpbuf.size = num;
270 tmpbuf.area = (void *)(uintptr_t)buf;
271 tmpbuf.data = num;
272 tmpbuf.head = 0;
273 ret = ctx->xprt->snd_buf(ctx->conn, ctx->xprt_ctx, &tmpbuf, num, 0);
Olivier Houchardb51937e2019-05-01 17:24:36 +0200[diff] [blame]274 if (ret == 0 && !(ctx->conn->flags & (CO_FL_ERROR | CO_FL_SOCK_WR_SH))) {
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]275 BIO_set_retry_write(h);
Olivier Houcharda28454e2019-04-24 12:04:36 +0200[diff] [blame]276 ret = -1;
Olivier Houchardb51937e2019-05-01 17:24:36 +0200[diff] [blame]277 } else if (ret == 0)
278 BIO_clear_retry_flags(h);
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]279 return ret;
280}
281
282static int ha_ssl_gets(BIO *h, char *buf, int size)
283{
284
285 return 0;
286}
287
288static int ha_ssl_puts(BIO *h, const char *str)
289{
290
291 return ha_ssl_write(h, str, strlen(str));
292}
293
294static int ha_ssl_read(BIO *h, char *buf, int size)
295{
296 struct buffer tmpbuf;
297 struct ssl_sock_ctx *ctx;
298 int ret;
299
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]300#if HA_OPENSSL_VERSION_NUMBER < 0x10100000
Olivier Houchard66a7b332019-04-18 15:58:15 +0200[diff] [blame]301 ctx = h->ptr;
302#else
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]303 ctx = BIO_get_data(h);
Olivier Houchard66a7b332019-04-18 15:58:15 +0200[diff] [blame]304#endif
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]305 tmpbuf.size = size;
306 tmpbuf.area = buf;
307 tmpbuf.data = 0;
308 tmpbuf.head = 0;
309 ret = ctx->xprt->rcv_buf(ctx->conn, ctx->xprt_ctx, &tmpbuf, size, 0);
Olivier Houchardb51937e2019-05-01 17:24:36 +0200[diff] [blame]310 if (ret == 0 && !(ctx->conn->flags & (CO_FL_ERROR | CO_FL_SOCK_RD_SH))) {
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]311 BIO_set_retry_read(h);
Olivier Houcharda28454e2019-04-24 12:04:36 +0200[diff] [blame]312 ret = -1;
Olivier Houchardb51937e2019-05-01 17:24:36 +0200[diff] [blame]313 } else if (ret == 0)
314 BIO_clear_retry_flags(h);
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]315
316 return ret;
317}
318
319static long ha_ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2)
320{
321 int ret = 0;
322 switch (cmd) {
323 case BIO_CTRL_DUP:
324 case BIO_CTRL_FLUSH:
325 ret = 1;
326 break;
327 }
328 return ret;
329}
330
331static int ha_ssl_new(BIO *h)
332{
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]333#if HA_OPENSSL_VERSION_NUMBER < 0x10100000L
Olivier Houchard66a7b332019-04-18 15:58:15 +0200[diff] [blame]334 h->init = 1;
335 h->ptr = NULL;
336#else
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]337 BIO_set_init(h, 1);
338 BIO_set_data(h, NULL);
Olivier Houchard66a7b332019-04-18 15:58:15 +0200[diff] [blame]339#endif
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]340 BIO_clear_flags(h, ~0);
341 return 1;
342}
343
344static int ha_ssl_free(BIO *data)
345{
346
347 return 1;
348}
349
350
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]351#if defined(USE_THREAD) && (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Christopher Faulet9dcf9b62017-11-13 10:34:01 +0100[diff] [blame]352
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]353static HA_RWLOCK_T *ssl_rwlocks;
354
355
356unsigned long ssl_id_function(void)
357{
358 return (unsigned long)tid;
359}
360
361void ssl_locking_function(int mode, int n, const char * file, int line)
362{
363 if (mode & CRYPTO_LOCK) {
364 if (mode & CRYPTO_READ)
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100[diff] [blame]365 HA_RWLOCK_RDLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]366 else
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100[diff] [blame]367 HA_RWLOCK_WRLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]368 }
369 else {
370 if (mode & CRYPTO_READ)
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100[diff] [blame]371 HA_RWLOCK_RDUNLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]372 else
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100[diff] [blame]373 HA_RWLOCK_WRUNLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]374 }
375}
376
377static int ssl_locking_init(void)
378{
379 int i;
380
381 ssl_rwlocks = malloc(sizeof(HA_RWLOCK_T)*CRYPTO_num_locks());
382 if (!ssl_rwlocks)
383 return -1;
384
385 for (i = 0 ; i < CRYPTO_num_locks() ; i++)
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100[diff] [blame]386 HA_RWLOCK_INIT(&ssl_rwlocks[i]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]387
388 CRYPTO_set_id_callback(ssl_id_function);
389 CRYPTO_set_locking_callback(ssl_locking_function);
390
391 return 0;
392}
Christopher Faulet9dcf9b62017-11-13 10:34:01 +0100[diff] [blame]393
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]394#endif
395
396
397
Emmanuel Hocdetaaee7502017-03-07 18:34:58 +0100[diff] [blame]398/* This memory pool is used for capturing clienthello parameters. */
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]399struct ssl_capture {
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]400 unsigned long long int xxh64;
401 unsigned char ciphersuite_len;
402 char ciphersuite[0];
403};
Willy Tarreaubafbe012017-11-24 17:34:44 +0100[diff] [blame]404struct pool_head *pool_head_ssl_capture = NULL;
Emmanuel Hocdetaaee7502017-03-07 18:34:58 +0100[diff] [blame]405static int ssl_capture_ptr_index = -1;
Thierry FOURNIER28962c92018-06-17 21:37:05 +0200[diff] [blame]406static int ssl_app_data_index = -1;
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]407
Emmanuel Hocdet96b78342017-10-31 15:46:07 +0100[diff] [blame]408static int ssl_pkey_info_index = -1;
409
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200[diff] [blame]410#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
411struct list tlskeys_reference = LIST_HEAD_INIT(tlskeys_reference);
412#endif
413
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200[diff] [blame]414#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]415static unsigned int openssl_engines_initialized;
416struct list openssl_engines = LIST_HEAD_INIT(openssl_engines);
417struct ssl_engine_list {
418 struct list list;
419 ENGINE *e;
420};
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200[diff] [blame]421#endif
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]422
Remi Gacogne8de54152014-07-15 11:36:40 +0200[diff] [blame]423#ifndef OPENSSL_NO_DH
Remi Gacogne4f902b82015-05-28 16:23:00 +0200[diff] [blame]424static int ssl_dh_ptr_index = -1;
Remi Gacogne47783ef2015-05-29 15:53:22 +0200[diff] [blame]425static DH *global_dh = NULL;
Remi Gacogne8de54152014-07-15 11:36:40 +0200[diff] [blame]426static DH *local_dh_1024 = NULL;
427static DH *local_dh_2048 = NULL;
428static DH *local_dh_4096 = NULL;
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +0100[diff] [blame]429static DH *ssl_get_tmp_dh(SSL *ssl, int export, int keylen);
Remi Gacogne8de54152014-07-15 11:36:40 +0200[diff] [blame]430#endif /* OPENSSL_NO_DH */
431
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]432#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]433/* X509V3 Extensions that will be added on generated certificates */
434#define X509V3_EXT_SIZE 5
435static char *x509v3_ext_names[X509V3_EXT_SIZE] = {
436 "basicConstraints",
437 "nsComment",
438 "subjectKeyIdentifier",
439 "authorityKeyIdentifier",
440 "keyUsage",
441};
442static char *x509v3_ext_values[X509V3_EXT_SIZE] = {
443 "CA:FALSE",
444 "\"OpenSSL Generated Certificate\"",
445 "hash",
446 "keyid,issuer:always",
447 "nonRepudiation,digitalSignature,keyEncipherment"
448};
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]449/* LRU cache to store generated certificate */
450static struct lru64_head *ssl_ctx_lru_tree = NULL;
451static unsigned int ssl_ctx_lru_seed = 0;
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]452static unsigned int ssl_ctx_serial;
Willy Tarreau86abe442018-11-25 20:12:18 +0100[diff] [blame]453__decl_rwlock(ssl_ctx_lru_rwlock);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]454
Willy Tarreauc8ad3be2015-06-17 15:48:26 +0200[diff] [blame]455#endif // SSL_CTRL_SET_TLSEXT_HOSTNAME
456
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]457static struct ssl_bind_kw ssl_bind_kws[];
458
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]459#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]460/* The order here matters for picking a default context,
461 * keep the most common keytype at the bottom of the list
462 */
463const char *SSL_SOCK_KEYTYPE_NAMES[] = {
464 "dsa",
465 "ecdsa",
466 "rsa"
467};
468#define SSL_SOCK_NUM_KEYTYPES 3
Willy Tarreau30da7ad2015-12-14 11:28:33 +0100[diff] [blame]469#else
470#define SSL_SOCK_NUM_KEYTYPES 1
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]471#endif
472
William Lallemandc3cd35f2017-11-28 11:04:43 +0100[diff] [blame]473static struct shared_context *ssl_shctx = NULL; /* ssl shared session cache */
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]474static struct eb_root *sh_ssl_sess_tree; /* ssl shared session tree */
475
476#define sh_ssl_sess_tree_delete(s) ebmb_delete(&(s)->key);
477
478#define sh_ssl_sess_tree_insert(s) (struct sh_ssl_sess_hdr *)ebmb_insert(sh_ssl_sess_tree, \
479 &(s)->key, SSL_MAX_SSL_SESSION_ID_LENGTH);
480
481#define sh_ssl_sess_tree_lookup(k) (struct sh_ssl_sess_hdr *)ebmb_lookup(sh_ssl_sess_tree, \
482 (k), SSL_MAX_SSL_SESSION_ID_LENGTH);
William Lallemand3f85c9a2017-10-09 16:30:50 +0200[diff] [blame]483
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]484/*
485 * This function gives the detail of the SSL error. It is used only
486 * if the debug mode and the verbose mode are activated. It dump all
487 * the SSL error until the stack was empty.
488 */
489static forceinline void ssl_sock_dump_errors(struct connection *conn)
490{
491 unsigned long ret;
492
493 if (unlikely(global.mode & MODE_DEBUG)) {
494 while(1) {
495 ret = ERR_get_error();
496 if (ret == 0)
497 return;
498 fprintf(stderr, "fd[%04x] OpenSSL error[0x%lx] %s: %s\n",
Willy Tarreau585744b2017-08-24 14:31:19 +0200[diff] [blame]499 (unsigned short)conn->handle.fd, ret,
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]500 ERR_func_error_string(ret), ERR_reason_error_string(ret));
501 }
502 }
503}
504
Willy Tarreauc8ad3be2015-06-17 15:48:26 +0200[diff] [blame]505#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]506/*
507 * struct alignment works here such that the key.key is the same as key_data
508 * Do not change the placement of key_data
509 */
Willy Tarreauc8ad3be2015-06-17 15:48:26 +0200[diff] [blame]510struct certificate_ocsp {
511 struct ebmb_node key;
512 unsigned char key_data[OCSP_MAX_CERTID_ASN1_LENGTH];
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]513 struct buffer response;
Willy Tarreauc8ad3be2015-06-17 15:48:26 +0200[diff] [blame]514 long expire;
515};
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]516
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]517struct ocsp_cbk_arg {
518 int is_single;
519 int single_kt;
520 union {
521 struct certificate_ocsp *s_ocsp;
522 /*
523 * m_ocsp will have multiple entries dependent on key type
524 * Entry 0 - DSA
525 * Entry 1 - ECDSA
526 * Entry 2 - RSA
527 */
528 struct certificate_ocsp *m_ocsp[SSL_SOCK_NUM_KEYTYPES];
529 };
530};
531
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200[diff] [blame]532#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]533static int ssl_init_single_engine(const char *engine_id, const char *def_algorithms)
534{
535 int err_code = ERR_ABORT;
536 ENGINE *engine;
537 struct ssl_engine_list *el;
538
539 /* grab the structural reference to the engine */
540 engine = ENGINE_by_id(engine_id);
541 if (engine == NULL) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]542 ha_alert("ssl-engine %s: failed to get structural reference\n", engine_id);
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]543 goto fail_get;
544 }
545
546 if (!ENGINE_init(engine)) {
547 /* the engine couldn't initialise, release it */
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]548 ha_alert("ssl-engine %s: failed to initialize\n", engine_id);
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]549 goto fail_init;
550 }
551
552 if (ENGINE_set_default_string(engine, def_algorithms) == 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]553 ha_alert("ssl-engine %s: failed on ENGINE_set_default_string\n", engine_id);
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]554 goto fail_set_method;
555 }
556
557 el = calloc(1, sizeof(*el));
558 el->e = engine;
559 LIST_ADD(&openssl_engines, &el->list);
Emeric Brunece0c332017-12-06 13:51:49 +0100[diff] [blame]560 nb_engines++;
561 if (global_ssl.async)
562 global.ssl_used_async_engines = nb_engines;
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]563 return 0;
564
565fail_set_method:
566 /* release the functional reference from ENGINE_init() */
567 ENGINE_finish(engine);
568
569fail_init:
570 /* release the structural reference from ENGINE_by_id() */
571 ENGINE_free(engine);
572
573fail_get:
574 return err_code;
575}
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200[diff] [blame]576#endif
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]577
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]578#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]579/*
580 * openssl async fd handler
581 */
Emeric Brund0e095c2019-04-19 17:15:28 +0200[diff] [blame]582void ssl_async_fd_handler(int fd)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]583{
584 struct connection *conn = fdtab[fd].owner;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]585
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]586 /* fd is an async enfine fd, we must stop
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]587 * to poll this fd until it is requested
588 */
Emeric Brunbbc16542017-06-02 15:54:06 +0000[diff] [blame]589 fd_stop_recv(fd);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]590 fd_cant_recv(fd);
591
592 /* crypto engine is available, let's notify the associated
593 * connection that it can pursue its processing.
594 */
Emeric Brunbbc16542017-06-02 15:54:06 +0000[diff] [blame]595 __conn_sock_want_recv(conn);
596 __conn_sock_want_send(conn);
597 conn_update_sock_polling(conn);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]598}
599
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]600/*
601 * openssl async delayed SSL_free handler
602 */
Emeric Brund0e095c2019-04-19 17:15:28 +0200[diff] [blame]603void ssl_async_fd_free(int fd)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]604{
605 SSL *ssl = fdtab[fd].owner;
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]606 OSSL_ASYNC_FD all_fd[32];
607 size_t num_all_fds = 0;
608 int i;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]609
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]610 /* We suppose that the async job for a same SSL *
611 * are serialized. So if we are awake it is
612 * because the running job has just finished
613 * and we can remove all async fds safely
614 */
615 SSL_get_all_async_fds(ssl, NULL, &num_all_fds);
616 if (num_all_fds > 32) {
617 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
618 return;
619 }
620
621 SSL_get_all_async_fds(ssl, all_fd, &num_all_fds);
622 for (i=0 ; i < num_all_fds ; i++)
623 fd_remove(all_fd[i]);
624
625 /* Now we can safely call SSL_free, no more pending job in engines */
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]626 SSL_free(ssl);
Olivier Houchard2be5a4c2019-03-08 18:54:43 +0100[diff] [blame]627 _HA_ATOMIC_SUB(&sslconns, 1);
628 _HA_ATOMIC_SUB(&jobs, 1);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]629}
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]630/*
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]631 * function used to manage a returned SSL_ERROR_WANT_ASYNC
632 * and enable/disable polling for async fds
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]633 */
Willy Tarreau0e492e22019-04-15 21:25:03 +0200[diff] [blame]634static inline void ssl_async_process_fds(struct connection *conn, SSL *ssl)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]635{
Willy Tarreaua9786b62018-01-25 07:22:13 +0100[diff] [blame]636 OSSL_ASYNC_FD add_fd[32];
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]637 OSSL_ASYNC_FD del_fd[32];
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]638 size_t num_add_fds = 0;
639 size_t num_del_fds = 0;
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]640 int i;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]641
642 SSL_get_changed_async_fds(ssl, NULL, &num_add_fds, NULL,
643 &num_del_fds);
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]644 if (num_add_fds > 32 || num_del_fds > 32) {
645 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]646 return;
647 }
648
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]649 SSL_get_changed_async_fds(ssl, add_fd, &num_add_fds, del_fd, &num_del_fds);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]650
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]651 /* We remove unused fds from the fdtab */
652 for (i=0 ; i < num_del_fds ; i++)
653 fd_remove(del_fd[i]);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]654
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]655 /* We add new fds to the fdtab */
656 for (i=0 ; i < num_add_fds ; i++) {
Willy Tarreaua9786b62018-01-25 07:22:13 +0100[diff] [blame]657 fd_insert(add_fd[i], conn, ssl_async_fd_handler, tid_bit);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]658 }
659
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]660 num_add_fds = 0;
661 SSL_get_all_async_fds(ssl, NULL, &num_add_fds);
662 if (num_add_fds > 32) {
663 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
664 return;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]665 }
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]666
667 /* We activate the polling for all known async fds */
668 SSL_get_all_async_fds(ssl, add_fd, &num_add_fds);
Emeric Brunce9e01c2017-05-31 10:02:53 +0000[diff] [blame]669 for (i=0 ; i < num_add_fds ; i++) {
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]670 fd_want_recv(add_fd[i]);
Emeric Brunce9e01c2017-05-31 10:02:53 +0000[diff] [blame]671 /* To ensure that the fd cache won't be used
672 * We'll prefer to catch a real RD event
673 * because handling an EAGAIN on this fd will
674 * result in a context switch and also
675 * some engines uses a fd in blocking mode.
676 */
677 fd_cant_recv(add_fd[i]);
678 }
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]679
680 /* We must also prevent the conn_handler
681 * to be called until a read event was
682 * polled on an async fd
683 */
684 __conn_sock_stop_both(conn);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]685}
686#endif
687
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200[diff] [blame]688/*
689 * This function returns the number of seconds elapsed
690 * since the Epoch, 1970-01-01 00:00:00 +0000 (UTC) and the
691 * date presented un ASN1_GENERALIZEDTIME.
692 *
693 * In parsing error case, it returns -1.
694 */
695static long asn1_generalizedtime_to_epoch(ASN1_GENERALIZEDTIME *d)
696{
697 long epoch;
698 char *p, *end;
699 const unsigned short month_offset[12] = {
700 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334
701 };
702 int year, month;
703
704 if (!d || (d->type != V_ASN1_GENERALIZEDTIME)) return -1;
705
706 p = (char *)d->data;
707 end = p + d->length;
708
709 if (end - p < 4) return -1;
710 year = 1000 * (p[0] - '0') + 100 * (p[1] - '0') + 10 * (p[2] - '0') + p[3] - '0';
711 p += 4;
712 if (end - p < 2) return -1;
713 month = 10 * (p[0] - '0') + p[1] - '0';
714 if (month < 1 || month > 12) return -1;
715 /* Compute the number of seconds since 1 jan 1970 and the beginning of current month
716 We consider leap years and the current month (<marsh or not) */
717 epoch = ( ((year - 1970) * 365)
718 + ((year - (month < 3)) / 4 - (year - (month < 3)) / 100 + (year - (month < 3)) / 400)
719 - ((1970 - 1) / 4 - (1970 - 1) / 100 + (1970 - 1) / 400)
720 + month_offset[month-1]
721 ) * 24 * 60 * 60;
722 p += 2;
723 if (end - p < 2) return -1;
724 /* Add the number of seconds of completed days of current month */
725 epoch += (10 * (p[0] - '0') + p[1] - '0' - 1) * 24 * 60 * 60;
726 p += 2;
727 if (end - p < 2) return -1;
728 /* Add the completed hours of the current day */
729 epoch += (10 * (p[0] - '0') + p[1] - '0') * 60 * 60;
730 p += 2;
731 if (end - p < 2) return -1;
732 /* Add the completed minutes of the current hour */
733 epoch += (10 * (p[0] - '0') + p[1] - '0') * 60;
734 p += 2;
735 if (p == end) return -1;
736 /* Test if there is available seconds */
737 if (p[0] < '0' || p[0] > '9')
738 goto nosec;
739 if (end - p < 2) return -1;
740 /* Add the seconds of the current minute */
741 epoch += 10 * (p[0] - '0') + p[1] - '0';
742 p += 2;
743 if (p == end) return -1;
744 /* Ignore seconds float part if present */
745 if (p[0] == '.') {
746 do {
747 if (++p == end) return -1;
748 } while (p[0] >= '0' && p[0] <= '9');
749 }
750
751nosec:
752 if (p[0] == 'Z') {
753 if (end - p != 1) return -1;
754 return epoch;
755 }
756 else if (p[0] == '+') {
757 if (end - p != 5) return -1;
758 /* Apply timezone offset */
Frederik Deweerdt953917a2017-10-16 07:37:31 -0700[diff] [blame]759 return epoch - ((10 * (p[1] - '0') + p[2] - '0') * 60 * 60 + (10 * (p[3] - '0') + p[4] - '0')) * 60;
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200[diff] [blame]760 }
761 else if (p[0] == '-') {
762 if (end - p != 5) return -1;
763 /* Apply timezone offset */
Frederik Deweerdt953917a2017-10-16 07:37:31 -0700[diff] [blame]764 return epoch + ((10 * (p[1] - '0') + p[2] - '0') * 60 * 60 + (10 * (p[3] - '0') + p[4] - '0')) * 60;
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200[diff] [blame]765 }
766
767 return -1;
768}
769
Emeric Brun1d3865b2014-06-20 15:37:32 +0200[diff] [blame]770static struct eb_root cert_ocsp_tree = EB_ROOT_UNIQUE;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]771
772/* This function starts to check if the OCSP response (in DER format) contained
773 * in chunk 'ocsp_response' is valid (else exits on error).
774 * If 'cid' is not NULL, it will be compared to the OCSP certificate ID
775 * contained in the OCSP Response and exits on error if no match.
776 * If it's a valid OCSP Response:
777 * If 'ocsp' is not NULL, the chunk is copied in the OCSP response's container
778 * pointed by 'ocsp'.
779 * If 'ocsp' is NULL, the function looks up into the OCSP response's
780 * containers tree (using as index the ASN1 form of the OCSP Certificate ID extracted
781 * from the response) and exits on error if not found. Finally, If an OCSP response is
782 * already present in the container, it will be overwritten.
783 *
784 * Note: OCSP response containing more than one OCSP Single response is not
785 * considered valid.
786 *
787 * Returns 0 on success, 1 in error case.
788 */
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]789static int ssl_sock_load_ocsp_response(struct buffer *ocsp_response,
790 struct certificate_ocsp *ocsp,
791 OCSP_CERTID *cid, char **err)
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]792{
793 OCSP_RESPONSE *resp;
794 OCSP_BASICRESP *bs = NULL;
795 OCSP_SINGLERESP *sr;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]796 OCSP_CERTID *id;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]797 unsigned char *p = (unsigned char *) ocsp_response->area;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]798 int rc , count_sr;
Emeric Brun13a6b482014-06-20 15:44:34 +0200[diff] [blame]799 ASN1_GENERALIZEDTIME *revtime, *thisupd, *nextupd = NULL;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]800 int reason;
801 int ret = 1;
802
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]803 resp = d2i_OCSP_RESPONSE(NULL, (const unsigned char **)&p,
804 ocsp_response->data);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]805 if (!resp) {
806 memprintf(err, "Unable to parse OCSP response");
807 goto out;
808 }
809
810 rc = OCSP_response_status(resp);
811 if (rc != OCSP_RESPONSE_STATUS_SUCCESSFUL) {
812 memprintf(err, "OCSP response status not successful");
813 goto out;
814 }
815
816 bs = OCSP_response_get1_basic(resp);
817 if (!bs) {
818 memprintf(err, "Failed to get basic response from OCSP Response");
819 goto out;
820 }
821
822 count_sr = OCSP_resp_count(bs);
823 if (count_sr > 1) {
824 memprintf(err, "OCSP response ignored because contains multiple single responses (%d)", count_sr);
825 goto out;
826 }
827
828 sr = OCSP_resp_get0(bs, 0);
829 if (!sr) {
830 memprintf(err, "Failed to get OCSP single response");
831 goto out;
832 }
833
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]834 id = (OCSP_CERTID*)OCSP_SINGLERESP_get0_id(sr);
835
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]836 rc = OCSP_single_get0_status(sr, &reason, &revtime, &thisupd, &nextupd);
Emmanuel Hocdetef607052017-10-24 14:57:16 +0200[diff] [blame]837 if (rc != V_OCSP_CERTSTATUS_GOOD && rc != V_OCSP_CERTSTATUS_REVOKED) {
Emmanuel Hocdet872085c2017-10-10 15:18:52 +0200[diff] [blame]838 memprintf(err, "OCSP single response: certificate status is unknown");
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]839 goto out;
840 }
841
Emeric Brun13a6b482014-06-20 15:44:34 +0200[diff] [blame]842 if (!nextupd) {
843 memprintf(err, "OCSP single response: missing nextupdate");
844 goto out;
845 }
846
Emeric Brunc8b27b62014-06-19 14:16:17 +0200[diff] [blame]847 rc = OCSP_check_validity(thisupd, nextupd, OCSP_MAX_RESPONSE_TIME_SKEW, -1);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]848 if (!rc) {
849 memprintf(err, "OCSP single response: no longer valid.");
850 goto out;
851 }
852
853 if (cid) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]854 if (OCSP_id_cmp(id, cid)) {
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]855 memprintf(err, "OCSP single response: Certificate ID does not match certificate and issuer");
856 goto out;
857 }
858 }
859
860 if (!ocsp) {
861 unsigned char key[OCSP_MAX_CERTID_ASN1_LENGTH];
862 unsigned char *p;
863
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]864 rc = i2d_OCSP_CERTID(id, NULL);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]865 if (!rc) {
866 memprintf(err, "OCSP single response: Unable to encode Certificate ID");
867 goto out;
868 }
869
870 if (rc > OCSP_MAX_CERTID_ASN1_LENGTH) {
871 memprintf(err, "OCSP single response: Certificate ID too long");
872 goto out;
873 }
874
875 p = key;
876 memset(key, 0, OCSP_MAX_CERTID_ASN1_LENGTH);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]877 i2d_OCSP_CERTID(id, &p);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]878 ocsp = (struct certificate_ocsp *)ebmb_lookup(&cert_ocsp_tree, key, OCSP_MAX_CERTID_ASN1_LENGTH);
879 if (!ocsp) {
880 memprintf(err, "OCSP single response: Certificate ID does not match any certificate or issuer");
881 goto out;
882 }
883 }
884
885 /* According to comments on "chunk_dup", the
886 previous chunk buffer will be freed */
887 if (!chunk_dup(&ocsp->response, ocsp_response)) {
888 memprintf(err, "OCSP response: Memory allocation error");
889 goto out;
890 }
891
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200[diff] [blame]892 ocsp->expire = asn1_generalizedtime_to_epoch(nextupd) - OCSP_MAX_RESPONSE_TIME_SKEW;
893
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]894 ret = 0;
895out:
Janusz Dziemidowicz8d710492017-03-08 16:59:41 +0100[diff] [blame]896 ERR_clear_error();
897
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]898 if (bs)
899 OCSP_BASICRESP_free(bs);
900
901 if (resp)
902 OCSP_RESPONSE_free(resp);
903
904 return ret;
905}
906/*
907 * External function use to update the OCSP response in the OCSP response's
908 * containers tree. The chunk 'ocsp_response' must contain the OCSP response
909 * to update in DER format.
910 *
911 * Returns 0 on success, 1 in error case.
912 */
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]913int ssl_sock_update_ocsp_response(struct buffer *ocsp_response, char **err)
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]914{
915 return ssl_sock_load_ocsp_response(ocsp_response, NULL, NULL, err);
916}
917
918/*
919 * This function load the OCSP Resonse in DER format contained in file at
920 * path 'ocsp_path' and call 'ssl_sock_load_ocsp_response'
921 *
922 * Returns 0 on success, 1 in error case.
923 */
924static int ssl_sock_load_ocsp_response_from_file(const char *ocsp_path, struct certificate_ocsp *ocsp, OCSP_CERTID *cid, char **err)
925{
926 int fd = -1;
927 int r = 0;
928 int ret = 1;
929
930 fd = open(ocsp_path, O_RDONLY);
931 if (fd == -1) {
932 memprintf(err, "Error opening OCSP response file");
933 goto end;
934 }
935
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]936 trash.data = 0;
937 while (trash.data < trash.size) {
938 r = read(fd, trash.area + trash.data, trash.size - trash.data);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]939 if (r < 0) {
940 if (errno == EINTR)
941 continue;
942
943 memprintf(err, "Error reading OCSP response from file");
944 goto end;
945 }
946 else if (r == 0) {
947 break;
948 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]949 trash.data += r;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]950 }
951
952 close(fd);
953 fd = -1;
954
955 ret = ssl_sock_load_ocsp_response(&trash, ocsp, cid, err);
956end:
957 if (fd != -1)
958 close(fd);
959
960 return ret;
961}
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]962#endif
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]963
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]964#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
965static int ssl_tlsext_ticket_key_cb(SSL *s, unsigned char key_name[16], unsigned char *iv, EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc)
966{
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]967 struct tls_keys_ref *ref;
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]968 union tls_sess_key *keys;
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]969 struct connection *conn;
970 int head;
971 int i;
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]972 int ret = -1; /* error by default */
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]973
Thierry FOURNIER28962c92018-06-17 21:37:05 +0200[diff] [blame]974 conn = SSL_get_ex_data(s, ssl_app_data_index);
Willy Tarreau07d94e42018-09-20 10:57:52 +0200[diff] [blame]975 ref = __objt_listener(conn->target)->bind_conf->keys_ref;
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]976 HA_RWLOCK_RDLOCK(TLSKEYS_REF_LOCK, &ref->lock);
977
978 keys = ref->tlskeys;
979 head = ref->tls_ticket_enc_index;
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]980
981 if (enc) {
982 memcpy(key_name, keys[head].name, 16);
983
984 if(!RAND_pseudo_bytes(iv, EVP_MAX_IV_LENGTH))
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]985 goto end;
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]986
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]987 if (ref->key_size_bits == 128) {
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]988
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]989 if(!EVP_EncryptInit_ex(ectx, EVP_aes_128_cbc(), NULL, keys[head].key_128.aes_key, iv))
990 goto end;
991
992 HMAC_Init_ex(hctx, keys[head].key_128.hmac_key, 16, HASH_FUNCT(), NULL);
993 ret = 1;
994 }
995 else if (ref->key_size_bits == 256 ) {
996
997 if(!EVP_EncryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, keys[head].key_256.aes_key, iv))
998 goto end;
999
1000 HMAC_Init_ex(hctx, keys[head].key_256.hmac_key, 32, HASH_FUNCT(), NULL);
1001 ret = 1;
1002 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]1003 } else {
1004 for (i = 0; i < TLS_TICKETS_NO; i++) {
1005 if (!memcmp(key_name, keys[(head + i) % TLS_TICKETS_NO].name, 16))
1006 goto found;
1007 }
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]1008 ret = 0;
1009 goto end;
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]1010
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]1011 found:
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]1012 if (ref->key_size_bits == 128) {
1013 HMAC_Init_ex(hctx, keys[(head + i) % TLS_TICKETS_NO].key_128.hmac_key, 16, HASH_FUNCT(), NULL);
1014 if(!EVP_DecryptInit_ex(ectx, EVP_aes_128_cbc(), NULL, keys[(head + i) % TLS_TICKETS_NO].key_128.aes_key, iv))
1015 goto end;
1016 /* 2 for key renewal, 1 if current key is still valid */
1017 ret = i ? 2 : 1;
1018 }
1019 else if (ref->key_size_bits == 256) {
1020 HMAC_Init_ex(hctx, keys[(head + i) % TLS_TICKETS_NO].key_256.hmac_key, 32, HASH_FUNCT(), NULL);
1021 if(!EVP_DecryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, keys[(head + i) % TLS_TICKETS_NO].key_256.aes_key, iv))
1022 goto end;
1023 /* 2 for key renewal, 1 if current key is still valid */
1024 ret = i ? 2 : 1;
1025 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]1026 }
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]1027
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]1028 end:
1029 HA_RWLOCK_RDUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
1030 return ret;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200[diff] [blame]1031}
1032
1033struct tls_keys_ref *tlskeys_ref_lookup(const char *filename)
1034{
1035 struct tls_keys_ref *ref;
1036
1037 list_for_each_entry(ref, &tlskeys_reference, list)
1038 if (ref->filename && strcmp(filename, ref->filename) == 0)
1039 return ref;
1040 return NULL;
1041}
1042
1043struct tls_keys_ref *tlskeys_ref_lookupid(int unique_id)
1044{
1045 struct tls_keys_ref *ref;
1046
1047 list_for_each_entry(ref, &tlskeys_reference, list)
1048 if (ref->unique_id == unique_id)
1049 return ref;
1050 return NULL;
1051}
1052
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]1053/* Update the key into ref: if keysize doesnt
1054 * match existing ones, this function returns -1
1055 * else it returns 0 on success.
1056 */
1057int ssl_sock_update_tlskey_ref(struct tls_keys_ref *ref,
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]1058 struct buffer *tlskey)
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]1059{
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]1060 if (ref->key_size_bits == 128) {
1061 if (tlskey->data != sizeof(struct tls_sess_key_128))
1062 return -1;
1063 }
1064 else if (ref->key_size_bits == 256) {
1065 if (tlskey->data != sizeof(struct tls_sess_key_256))
1066 return -1;
1067 }
1068 else
1069 return -1;
1070
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]1071 HA_RWLOCK_WRLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]1072 memcpy((char *) (ref->tlskeys + ((ref->tls_ticket_enc_index + 2) % TLS_TICKETS_NO)),
1073 tlskey->area, tlskey->data);
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]1074 ref->tls_ticket_enc_index = (ref->tls_ticket_enc_index + 1) % TLS_TICKETS_NO;
1075 HA_RWLOCK_WRUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]1076
1077 return 0;
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]1078}
1079
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]1080int ssl_sock_update_tlskey(char *filename, struct buffer *tlskey, char **err)
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]1081{
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200[diff] [blame]1082 struct tls_keys_ref *ref = tlskeys_ref_lookup(filename);
1083
1084 if(!ref) {
1085 memprintf(err, "Unable to locate the referenced filename: %s", filename);
1086 return 1;
1087 }
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]1088 if (ssl_sock_update_tlskey_ref(ref, tlskey) < 0) {
1089 memprintf(err, "Invalid key size");
1090 return 1;
1091 }
1092
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200[diff] [blame]1093 return 0;
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]1094}
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200[diff] [blame]1095
1096/* This function finalize the configuration parsing. Its set all the
Willy Tarreaud1c57502016-12-22 22:46:15 +0100[diff] [blame]1097 * automatic ids. It's called just after the basic checks. It returns
1098 * 0 on success otherwise ERR_*.
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200[diff] [blame]1099 */
Willy Tarreaud1c57502016-12-22 22:46:15 +0100[diff] [blame]1100static int tlskeys_finalize_config(void)
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200[diff] [blame]1101{
1102 int i = 0;
1103 struct tls_keys_ref *ref, *ref2, *ref3;
1104 struct list tkr = LIST_HEAD_INIT(tkr);
1105
1106 list_for_each_entry(ref, &tlskeys_reference, list) {
1107 if (ref->unique_id == -1) {
1108 /* Look for the first free id. */
1109 while (1) {
1110 list_for_each_entry(ref2, &tlskeys_reference, list) {
1111 if (ref2->unique_id == i) {
1112 i++;
1113 break;
1114 }
1115 }
1116 if (&ref2->list == &tlskeys_reference)
1117 break;
1118 }
1119
1120 /* Uses the unique id and increment it for the next entry. */
1121 ref->unique_id = i;
1122 i++;
1123 }
1124 }
1125
1126 /* This sort the reference list by id. */
1127 list_for_each_entry_safe(ref, ref2, &tlskeys_reference, list) {
1128 LIST_DEL(&ref->list);
1129 list_for_each_entry(ref3, &tkr, list) {
1130 if (ref->unique_id < ref3->unique_id) {
1131 LIST_ADDQ(&ref3->list, &ref->list);
1132 break;
1133 }
1134 }
1135 if (&ref3->list == &tkr)
1136 LIST_ADDQ(&tkr, &ref->list);
1137 }
1138
1139 /* swap root */
1140 LIST_ADD(&tkr, &tlskeys_reference);
1141 LIST_DEL(&tkr);
Willy Tarreaud1c57502016-12-22 22:46:15 +0100[diff] [blame]1142 return 0;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200[diff] [blame]1143}
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]1144#endif /* SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB */
1145
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]1146#ifndef OPENSSL_NO_OCSP
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]1147int ssl_sock_get_ocsp_arg_kt_index(int evp_keytype)
1148{
1149 switch (evp_keytype) {
1150 case EVP_PKEY_RSA:
1151 return 2;
1152 case EVP_PKEY_DSA:
1153 return 0;
1154 case EVP_PKEY_EC:
1155 return 1;
1156 }
1157
1158 return -1;
1159}
1160
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]1161/*
1162 * Callback used to set OCSP status extension content in server hello.
1163 */
1164int ssl_sock_ocsp_stapling_cbk(SSL *ssl, void *arg)
1165{
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]1166 struct certificate_ocsp *ocsp;
1167 struct ocsp_cbk_arg *ocsp_arg;
1168 char *ssl_buf;
1169 EVP_PKEY *ssl_pkey;
1170 int key_type;
1171 int index;
1172
Vincent Bernat3c2f2f22016-04-03 13:48:42 +0200[diff] [blame]1173 ocsp_arg = arg;
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]1174
1175 ssl_pkey = SSL_get_privatekey(ssl);
1176 if (!ssl_pkey)
1177 return SSL_TLSEXT_ERR_NOACK;
1178
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]1179 key_type = EVP_PKEY_base_id(ssl_pkey);
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]1180
1181 if (ocsp_arg->is_single && ocsp_arg->single_kt == key_type)
1182 ocsp = ocsp_arg->s_ocsp;
1183 else {
1184 /* For multiple certs per context, we have to find the correct OCSP response based on
1185 * the certificate type
1186 */
1187 index = ssl_sock_get_ocsp_arg_kt_index(key_type);
1188
1189 if (index < 0)
1190 return SSL_TLSEXT_ERR_NOACK;
1191
1192 ocsp = ocsp_arg->m_ocsp[index];
1193
1194 }
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]1195
1196 if (!ocsp ||
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]1197 !ocsp->response.area ||
1198 !ocsp->response.data ||
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200[diff] [blame]1199 (ocsp->expire < now.tv_sec))
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]1200 return SSL_TLSEXT_ERR_NOACK;
1201
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]1202 ssl_buf = OPENSSL_malloc(ocsp->response.data);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]1203 if (!ssl_buf)
1204 return SSL_TLSEXT_ERR_NOACK;
1205
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]1206 memcpy(ssl_buf, ocsp->response.area, ocsp->response.data);
1207 SSL_set_tlsext_status_ocsp_resp(ssl, ssl_buf, ocsp->response.data);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]1208
1209 return SSL_TLSEXT_ERR_OK;
1210}
1211
1212/*
1213 * This function enables the handling of OCSP status extension on 'ctx' if a
1214 * file name 'cert_path' suffixed using ".ocsp" is present.
1215 * To enable OCSP status extension, the issuer's certificate is mandatory.
1216 * It should be present in the certificate's extra chain builded from file
1217 * 'cert_path'. If not found, the issuer certificate is loaded from a file
1218 * named 'cert_path' suffixed using '.issuer'.
1219 *
1220 * In addition, ".ocsp" file content is loaded as a DER format of an OCSP
1221 * response. If file is empty or content is not a valid OCSP response,
1222 * OCSP status extension is enabled but OCSP response is ignored (a warning
1223 * is displayed).
1224 *
1225 * Returns 1 if no ".ocsp" file found, 0 if OCSP status extension is
Joseph Herlant017b3da2018-11-15 09:07:59 -0800[diff] [blame]1226 * successfully enabled, or -1 in other error case.
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]1227 */
1228static int ssl_sock_load_ocsp(SSL_CTX *ctx, const char *cert_path)
1229{
1230
1231 BIO *in = NULL;
1232 X509 *x, *xi = NULL, *issuer = NULL;
1233 STACK_OF(X509) *chain = NULL;
1234 OCSP_CERTID *cid = NULL;
1235 SSL *ssl;
1236 char ocsp_path[MAXPATHLEN+1];
1237 int i, ret = -1;
1238 struct stat st;
1239 struct certificate_ocsp *ocsp = NULL, *iocsp;
1240 char *warn = NULL;
1241 unsigned char *p;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]1242 pem_password_cb *passwd_cb;
1243 void *passwd_cb_userdata;
1244 void (*callback) (void);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]1245
1246 snprintf(ocsp_path, MAXPATHLEN+1, "%s.ocsp", cert_path);
1247
1248 if (stat(ocsp_path, &st))
1249 return 1;
1250
1251 ssl = SSL_new(ctx);
1252 if (!ssl)
1253 goto out;
1254
1255 x = SSL_get_certificate(ssl);
1256 if (!x)
1257 goto out;
1258
1259 /* Try to lookup for issuer in certificate extra chain */
1260#ifdef SSL_CTRL_GET_EXTRA_CHAIN_CERTS
1261 SSL_CTX_get_extra_chain_certs(ctx, &chain);
1262#else
1263 chain = ctx->extra_certs;
1264#endif
1265 for (i = 0; i < sk_X509_num(chain); i++) {
1266 issuer = sk_X509_value(chain, i);
1267 if (X509_check_issued(issuer, x) == X509_V_OK)
1268 break;
1269 else
1270 issuer = NULL;
1271 }
1272
1273 /* If not found try to load issuer from a suffixed file */
1274 if (!issuer) {
1275 char issuer_path[MAXPATHLEN+1];
1276
1277 in = BIO_new(BIO_s_file());
1278 if (!in)
1279 goto out;
1280
1281 snprintf(issuer_path, MAXPATHLEN+1, "%s.issuer", cert_path);
1282 if (BIO_read_filename(in, issuer_path) <= 0)
1283 goto out;
1284
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]1285 passwd_cb = SSL_CTX_get_default_passwd_cb(ctx);
1286 passwd_cb_userdata = SSL_CTX_get_default_passwd_cb_userdata(ctx);
1287
1288 xi = PEM_read_bio_X509_AUX(in, NULL, passwd_cb, passwd_cb_userdata);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]1289 if (!xi)
1290 goto out;
1291
1292 if (X509_check_issued(xi, x) != X509_V_OK)
1293 goto out;
1294
1295 issuer = xi;
1296 }
1297
1298 cid = OCSP_cert_to_id(0, x, issuer);
1299 if (!cid)
1300 goto out;
1301
1302 i = i2d_OCSP_CERTID(cid, NULL);
1303 if (!i || (i > OCSP_MAX_CERTID_ASN1_LENGTH))
1304 goto out;
1305
Vincent Bernat02779b62016-04-03 13:48:43 +0200[diff] [blame]1306 ocsp = calloc(1, sizeof(*ocsp));
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]1307 if (!ocsp)
1308 goto out;
1309
1310 p = ocsp->key_data;
1311 i2d_OCSP_CERTID(cid, &p);
1312
1313 iocsp = (struct certificate_ocsp *)ebmb_insert(&cert_ocsp_tree, &ocsp->key, OCSP_MAX_CERTID_ASN1_LENGTH);
1314 if (iocsp == ocsp)
1315 ocsp = NULL;
1316
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]1317#ifndef SSL_CTX_get_tlsext_status_cb
1318# define SSL_CTX_get_tlsext_status_cb(ctx, cb) \
1319 *cb = (void (*) (void))ctx->tlsext_status_cb;
1320#endif
1321 SSL_CTX_get_tlsext_status_cb(ctx, &callback);
1322
1323 if (!callback) {
Vincent Bernat02779b62016-04-03 13:48:43 +0200[diff] [blame]1324 struct ocsp_cbk_arg *cb_arg = calloc(1, sizeof(*cb_arg));
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +0100[diff] [blame]1325 EVP_PKEY *pkey;
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]1326
1327 cb_arg->is_single = 1;
1328 cb_arg->s_ocsp = iocsp;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]1329
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +0100[diff] [blame]1330 pkey = X509_get_pubkey(x);
1331 cb_arg->single_kt = EVP_PKEY_base_id(pkey);
1332 EVP_PKEY_free(pkey);
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]1333
1334 SSL_CTX_set_tlsext_status_cb(ctx, ssl_sock_ocsp_stapling_cbk);
1335 SSL_CTX_set_tlsext_status_arg(ctx, cb_arg);
1336 } else {
1337 /*
1338 * If the ctx has a status CB, then we have previously set an OCSP staple for this ctx
1339 * Update that cb_arg with the new cert's staple
1340 */
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]1341 struct ocsp_cbk_arg *cb_arg;
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]1342 struct certificate_ocsp *tmp_ocsp;
1343 int index;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]1344 int key_type;
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +0100[diff] [blame]1345 EVP_PKEY *pkey;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]1346
1347#ifdef SSL_CTX_get_tlsext_status_arg
1348 SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG, 0, &cb_arg);
1349#else
1350 cb_arg = ctx->tlsext_status_arg;
1351#endif
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]1352
1353 /*
1354 * The following few lines will convert cb_arg from a single ocsp to multi ocsp
1355 * the order of operations below matter, take care when changing it
1356 */
1357 tmp_ocsp = cb_arg->s_ocsp;
1358 index = ssl_sock_get_ocsp_arg_kt_index(cb_arg->single_kt);
1359 cb_arg->s_ocsp = NULL;
1360 cb_arg->m_ocsp[index] = tmp_ocsp;
1361 cb_arg->is_single = 0;
1362 cb_arg->single_kt = 0;
1363
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +0100[diff] [blame]1364 pkey = X509_get_pubkey(x);
1365 key_type = EVP_PKEY_base_id(pkey);
1366 EVP_PKEY_free(pkey);
1367
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]1368 index = ssl_sock_get_ocsp_arg_kt_index(key_type);
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]1369 if (index >= 0 && !cb_arg->m_ocsp[index])
1370 cb_arg->m_ocsp[index] = iocsp;
1371
1372 }
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]1373
1374 ret = 0;
1375
1376 warn = NULL;
1377 if (ssl_sock_load_ocsp_response_from_file(ocsp_path, iocsp, cid, &warn)) {
1378 memprintf(&warn, "Loading '%s': %s. Content will be ignored", ocsp_path, warn ? warn : "failure");
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]1379 ha_warning("%s.\n", warn);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]1380 }
1381
1382out:
1383 if (ssl)
1384 SSL_free(ssl);
1385
1386 if (in)
1387 BIO_free(in);
1388
1389 if (xi)
1390 X509_free(xi);
1391
1392 if (cid)
1393 OCSP_CERTID_free(cid);
1394
1395 if (ocsp)
1396 free(ocsp);
1397
1398 if (warn)
1399 free(warn);
1400
1401
1402 return ret;
1403}
1404
1405#endif
1406
Emmanuel Hocdet2c32d8f2017-05-22 14:58:00 +0200[diff] [blame]1407#ifdef OPENSSL_IS_BORINGSSL
1408static int ssl_sock_set_ocsp_response_from_file(SSL_CTX *ctx, const char *cert_path)
1409{
1410 char ocsp_path[MAXPATHLEN+1];
1411 struct stat st;
1412 int fd = -1, r = 0;
1413
1414 snprintf(ocsp_path, MAXPATHLEN+1, "%s.ocsp", cert_path);
1415 if (stat(ocsp_path, &st))
1416 return 0;
1417
1418 fd = open(ocsp_path, O_RDONLY);
1419 if (fd == -1) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]1420 ha_warning("Error opening OCSP response file %s.\n", ocsp_path);
Emmanuel Hocdet2c32d8f2017-05-22 14:58:00 +0200[diff] [blame]1421 return -1;
1422 }
1423
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]1424 trash.data = 0;
1425 while (trash.data < trash.size) {
1426 r = read(fd, trash.area + trash.data, trash.size - trash.data);
Emmanuel Hocdet2c32d8f2017-05-22 14:58:00 +0200[diff] [blame]1427 if (r < 0) {
1428 if (errno == EINTR)
1429 continue;
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]1430 ha_warning("Error reading OCSP response from file %s.\n", ocsp_path);
Emmanuel Hocdet2c32d8f2017-05-22 14:58:00 +0200[diff] [blame]1431 close(fd);
1432 return -1;
1433 }
1434 else if (r == 0) {
1435 break;
1436 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]1437 trash.data += r;
Emmanuel Hocdet2c32d8f2017-05-22 14:58:00 +0200[diff] [blame]1438 }
1439 close(fd);
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]1440 return SSL_CTX_set_ocsp_response(ctx, (const uint8_t *) trash.area,
1441 trash.data);
Emmanuel Hocdet2c32d8f2017-05-22 14:58:00 +0200[diff] [blame]1442}
1443#endif
1444
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]1445#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]1446
1447#define CT_EXTENSION_TYPE 18
1448
1449static int sctl_ex_index = -1;
1450
1451/*
1452 * Try to parse Signed Certificate Timestamp List structure. This function
1453 * makes only basic test if the data seems like SCTL. No signature validation
1454 * is performed.
1455 */
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]1456static int ssl_sock_parse_sctl(struct buffer *sctl)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]1457{
1458 int ret = 1;
1459 int len, pos, sct_len;
1460 unsigned char *data;
1461
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]1462 if (sctl->data < 2)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]1463 goto out;
1464
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]1465 data = (unsigned char *) sctl->area;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]1466 len = (data[0] << 8) | data[1];
1467
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]1468 if (len + 2 != sctl->data)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]1469 goto out;
1470
1471 data = data + 2;
1472 pos = 0;
1473 while (pos < len) {
1474 if (len - pos < 2)
1475 goto out;
1476
1477 sct_len = (data[pos] << 8) | data[pos + 1];
1478 if (pos + sct_len + 2 > len)
1479 goto out;
1480
1481 pos += sct_len + 2;
1482 }
1483
1484 ret = 0;
1485
1486out:
1487 return ret;
1488}
1489
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]1490static int ssl_sock_load_sctl_from_file(const char *sctl_path,
1491 struct buffer **sctl)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]1492{
1493 int fd = -1;
1494 int r = 0;
1495 int ret = 1;
1496
1497 *sctl = NULL;
1498
1499 fd = open(sctl_path, O_RDONLY);
1500 if (fd == -1)
1501 goto end;
1502
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]1503 trash.data = 0;
1504 while (trash.data < trash.size) {
1505 r = read(fd, trash.area + trash.data, trash.size - trash.data);
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]1506 if (r < 0) {
1507 if (errno == EINTR)
1508 continue;
1509
1510 goto end;
1511 }
1512 else if (r == 0) {
1513 break;
1514 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]1515 trash.data += r;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]1516 }
1517
1518 ret = ssl_sock_parse_sctl(&trash);
1519 if (ret)
1520 goto end;
1521
Vincent Bernat02779b62016-04-03 13:48:43 +0200[diff] [blame]1522 *sctl = calloc(1, sizeof(**sctl));
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]1523 if (!chunk_dup(*sctl, &trash)) {
1524 free(*sctl);
1525 *sctl = NULL;
1526 goto end;
1527 }
1528
1529end:
1530 if (fd != -1)
1531 close(fd);
1532
1533 return ret;
1534}
1535
1536int ssl_sock_sctl_add_cbk(SSL *ssl, unsigned ext_type, const unsigned char **out, size_t *outlen, int *al, void *add_arg)
1537{
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]1538 struct buffer *sctl = add_arg;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]1539
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]1540 *out = (unsigned char *) sctl->area;
1541 *outlen = sctl->data;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]1542
1543 return 1;
1544}
1545
1546int ssl_sock_sctl_parse_cbk(SSL *s, unsigned int ext_type, const unsigned char *in, size_t inlen, int *al, void *parse_arg)
1547{
1548 return 1;
1549}
1550
1551static int ssl_sock_load_sctl(SSL_CTX *ctx, const char *cert_path)
1552{
1553 char sctl_path[MAXPATHLEN+1];
1554 int ret = -1;
1555 struct stat st;
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]1556 struct buffer *sctl = NULL;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]1557
1558 snprintf(sctl_path, MAXPATHLEN+1, "%s.sctl", cert_path);
1559
1560 if (stat(sctl_path, &st))
1561 return 1;
1562
1563 if (ssl_sock_load_sctl_from_file(sctl_path, &sctl))
1564 goto out;
1565
1566 if (!SSL_CTX_add_server_custom_ext(ctx, CT_EXTENSION_TYPE, ssl_sock_sctl_add_cbk, NULL, sctl, ssl_sock_sctl_parse_cbk, NULL)) {
1567 free(sctl);
1568 goto out;
1569 }
1570
1571 SSL_CTX_set_ex_data(ctx, sctl_ex_index, sctl);
1572
1573 ret = 0;
1574
1575out:
1576 return ret;
1577}
1578
1579#endif
1580
Emeric Brune1f38db2012-09-03 20:36:47 +0200[diff] [blame]1581void ssl_sock_infocbk(const SSL *ssl, int where, int ret)
1582{
Thierry FOURNIER28962c92018-06-17 21:37:05 +0200[diff] [blame]1583 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]1584 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Emeric Brund8b2bb52014-01-28 15:43:53 +0100[diff] [blame]1585 BIO *write_bio;
Willy Tarreau622317d2015-02-27 16:36:16 +0100[diff] [blame]1586 (void)ret; /* shut gcc stupid warning */
Emeric Brune1f38db2012-09-03 20:36:47 +0200[diff] [blame]1587
Dirkjan Bussink526894f2019-01-21 09:35:03 -0800[diff] [blame]1588#ifndef SSL_OP_NO_RENEGOTIATION
1589 /* Please note that BoringSSL defines this macro to zero so don't
1590 * change this to #if and do not assign a default value to this macro!
1591 */
Emeric Brune1f38db2012-09-03 20:36:47 +0200[diff] [blame]1592 if (where & SSL_CB_HANDSHAKE_START) {
1593 /* Disable renegotiation (CVE-2009-3555) */
Olivier Houchard90084a12017-11-23 18:21:29 +0100[diff] [blame]1594 if ((conn->flags & (CO_FL_CONNECTED | CO_FL_EARLY_SSL_HS | CO_FL_EARLY_DATA)) == CO_FL_CONNECTED) {
Emeric Brune1f38db2012-09-03 20:36:47 +0200[diff] [blame]1595 conn->flags |= CO_FL_ERROR;
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]1596 conn->err_code = CO_ER_SSL_RENEG;
1597 }
Emeric Brune1f38db2012-09-03 20:36:47 +0200[diff] [blame]1598 }
Dirkjan Bussink526894f2019-01-21 09:35:03 -0800[diff] [blame]1599#endif
Emeric Brund8b2bb52014-01-28 15:43:53 +0100[diff] [blame]1600
1601 if ((where & SSL_CB_ACCEPT_LOOP) == SSL_CB_ACCEPT_LOOP) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]1602 if (!(ctx->xprt_st & SSL_SOCK_ST_FL_16K_WBFSIZE)) {
Emeric Brund8b2bb52014-01-28 15:43:53 +0100[diff] [blame]1603 /* Long certificate chains optimz
1604 If write and read bios are differents, we
1605 consider that the buffering was activated,
1606 so we rise the output buffer size from 4k
1607 to 16k */
1608 write_bio = SSL_get_wbio(ssl);
1609 if (write_bio != SSL_get_rbio(ssl)) {
1610 BIO_set_write_buffer_size(write_bio, 16384);
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]1611 ctx->xprt_st |= SSL_SOCK_ST_FL_16K_WBFSIZE;
Emeric Brund8b2bb52014-01-28 15:43:53 +0100[diff] [blame]1612 }
1613 }
1614 }
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]1615}
1616
Emeric Brune64aef12012-09-21 13:15:06 +0200[diff] [blame]1617/* Callback is called for each certificate of the chain during a verify
1618 ok is set to 1 if preverify detect no error on current certificate.
1619 Returns 0 to break the handshake, 1 otherwise. */
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]1620int ssl_sock_bind_verifycbk(int ok, X509_STORE_CTX *x_store)
Emeric Brune64aef12012-09-21 13:15:06 +0200[diff] [blame]1621{
1622 SSL *ssl;
1623 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]1624 struct ssl_sock_ctx *ctx;
Emeric Brun81c00f02012-09-21 14:31:21 +0200[diff] [blame]1625 int err, depth;
Emeric Brune64aef12012-09-21 13:15:06 +0200[diff] [blame]1626
1627 ssl = X509_STORE_CTX_get_ex_data(x_store, SSL_get_ex_data_X509_STORE_CTX_idx());
Thierry FOURNIER28962c92018-06-17 21:37:05 +0200[diff] [blame]1628 conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Emeric Brune64aef12012-09-21 13:15:06 +0200[diff] [blame]1629
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]1630 ctx = conn->xprt_ctx;
1631
1632 ctx->xprt_st |= SSL_SOCK_ST_FL_VERIFY_DONE;
Emeric Brune64aef12012-09-21 13:15:06 +0200[diff] [blame]1633
Emeric Brun81c00f02012-09-21 14:31:21 +0200[diff] [blame]1634 if (ok) /* no errors */
1635 return ok;
1636
1637 depth = X509_STORE_CTX_get_error_depth(x_store);
1638 err = X509_STORE_CTX_get_error(x_store);
1639
1640 /* check if CA error needs to be ignored */
1641 if (depth > 0) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]1642 if (!SSL_SOCK_ST_TO_CA_ERROR(ctx->xprt_st)) {
1643 ctx->xprt_st |= SSL_SOCK_CA_ERROR_TO_ST(err);
1644 ctx->xprt_st |= SSL_SOCK_CAEDEPTH_TO_ST(depth);
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]1645 }
1646
Willy Tarreau07d94e42018-09-20 10:57:52 +0200[diff] [blame]1647 if (__objt_listener(conn->target)->bind_conf->ca_ignerr & (1ULL << err)) {
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +0200[diff] [blame]1648 ssl_sock_dump_errors(conn);
Emeric Brun1eb20ef2012-12-03 13:24:29 +0100[diff] [blame]1649 ERR_clear_error();
Emeric Brun81c00f02012-09-21 14:31:21 +0200[diff] [blame]1650 return 1;
Emeric Brun1eb20ef2012-12-03 13:24:29 +0100[diff] [blame]1651 }
Emeric Brun81c00f02012-09-21 14:31:21 +0200[diff] [blame]1652
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]1653 conn->err_code = CO_ER_SSL_CA_FAIL;
Emeric Brun81c00f02012-09-21 14:31:21 +0200[diff] [blame]1654 return 0;
1655 }
1656
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]1657 if (!SSL_SOCK_ST_TO_CRTERROR(ctx->xprt_st))
1658 ctx->xprt_st |= SSL_SOCK_CRTERROR_TO_ST(err);
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]1659
Emeric Brun81c00f02012-09-21 14:31:21 +0200[diff] [blame]1660 /* check if certificate error needs to be ignored */
Willy Tarreau07d94e42018-09-20 10:57:52 +0200[diff] [blame]1661 if (__objt_listener(conn->target)->bind_conf->crt_ignerr & (1ULL << err)) {
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +0200[diff] [blame]1662 ssl_sock_dump_errors(conn);
Emeric Brun1eb20ef2012-12-03 13:24:29 +0100[diff] [blame]1663 ERR_clear_error();
Emeric Brun81c00f02012-09-21 14:31:21 +0200[diff] [blame]1664 return 1;
Emeric Brun1eb20ef2012-12-03 13:24:29 +0100[diff] [blame]1665 }
Emeric Brun81c00f02012-09-21 14:31:21 +0200[diff] [blame]1666
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]1667 conn->err_code = CO_ER_SSL_CRT_FAIL;
Emeric Brun81c00f02012-09-21 14:31:21 +0200[diff] [blame]1668 return 0;
Emeric Brune64aef12012-09-21 13:15:06 +0200[diff] [blame]1669}
1670
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]1671static inline
1672void ssl_sock_parse_clienthello(int write_p, int version, int content_type,
Emmanuel Hocdete3804742017-03-08 11:07:10 +0100[diff] [blame]1673 const void *buf, size_t len, SSL *ssl)
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]1674{
Emmanuel Hocdete3804742017-03-08 11:07:10 +0100[diff] [blame]1675 struct ssl_capture *capture;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]1676 unsigned char *msg;
1677 unsigned char *end;
Emmanuel Hocdete3804742017-03-08 11:07:10 +0100[diff] [blame]1678 size_t rec_len;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]1679
1680 /* This function is called for "from client" and "to server"
1681 * connections. The combination of write_p == 0 and content_type == 22
Joseph Herlant017b3da2018-11-15 09:07:59 -0800[diff] [blame]1682 * is only available during "from client" connection.
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]1683 */
1684
1685 /* "write_p" is set to 0 is the bytes are received messages,
1686 * otherwise it is set to 1.
1687 */
1688 if (write_p != 0)
1689 return;
1690
1691 /* content_type contains the type of message received or sent
1692 * according with the SSL/TLS protocol spec. This message is
1693 * encoded with one byte. The value 256 (two bytes) is used
1694 * for designing the SSL/TLS record layer. According with the
1695 * rfc6101, the expected message (other than 256) are:
1696 * - change_cipher_spec(20)
1697 * - alert(21)
1698 * - handshake(22)
1699 * - application_data(23)
1700 * - (255)
1701 * We are interessed by the handshake and specially the client
1702 * hello.
1703 */
1704 if (content_type != 22)
1705 return;
1706
1707 /* The message length is at least 4 bytes, containing the
1708 * message type and the message length.
1709 */
1710 if (len < 4)
1711 return;
1712
1713 /* First byte of the handshake message id the type of
1714 * message. The konwn types are:
1715 * - hello_request(0)
1716 * - client_hello(1)
1717 * - server_hello(2)
1718 * - certificate(11)
1719 * - server_key_exchange (12)
1720 * - certificate_request(13)
1721 * - server_hello_done(14)
1722 * We are interested by the client hello.
1723 */
1724 msg = (unsigned char *)buf;
1725 if (msg[0] != 1)
1726 return;
1727
1728 /* Next three bytes are the length of the message. The total length
1729 * must be this decoded length + 4. If the length given as argument
1730 * is not the same, we abort the protocol dissector.
1731 */
1732 rec_len = (msg[1] << 16) + (msg[2] << 8) + msg[3];
1733 if (len < rec_len + 4)
1734 return;
1735 msg += 4;
1736 end = msg + rec_len;
1737 if (end < msg)
1738 return;
1739
1740 /* Expect 2 bytes for protocol version (1 byte for major and 1 byte
1741 * for minor, the random, composed by 4 bytes for the unix time and
Baptiste Assmann6be139f2018-11-28 15:20:25 +0100[diff] [blame]1742 * 28 bytes for unix payload. So we jump 1 + 1 + 4 + 28.
1743 */
1744 msg += 1 + 1 + 4 + 28;
1745 if (msg > end)
1746 return;
1747
1748 /* Next, is session id:
1749 * if present, we have to jump by length + 1 for the size information
1750 * if not present, we have to jump by 1 only
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]1751 */
Baptiste Assmann6be139f2018-11-28 15:20:25 +0100[diff] [blame]1752 if (msg[0] > 0)
1753 msg += msg[0];
1754 msg += 1;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]1755 if (msg > end)
1756 return;
1757
1758 /* Next two bytes are the ciphersuite length. */
1759 if (msg + 2 > end)
1760 return;
1761 rec_len = (msg[0] << 8) + msg[1];
1762 msg += 2;
1763 if (msg + rec_len > end || msg + rec_len < msg)
1764 return;
1765
Willy Tarreaubafbe012017-11-24 17:34:44 +0100[diff] [blame]1766 capture = pool_alloc_dirty(pool_head_ssl_capture);
Emmanuel Hocdete3804742017-03-08 11:07:10 +0100[diff] [blame]1767 if (!capture)
1768 return;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]1769 /* Compute the xxh64 of the ciphersuite. */
1770 capture->xxh64 = XXH64(msg, rec_len, 0);
1771
1772 /* Capture the ciphersuite. */
Emmanuel Hocdete3804742017-03-08 11:07:10 +0100[diff] [blame]1773 capture->ciphersuite_len = (global_ssl.capture_cipherlist < rec_len) ?
1774 global_ssl.capture_cipherlist : rec_len;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]1775 memcpy(capture->ciphersuite, msg, capture->ciphersuite_len);
Emmanuel Hocdete3804742017-03-08 11:07:10 +0100[diff] [blame]1776
1777 SSL_set_ex_data(ssl, ssl_capture_ptr_index, capture);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]1778}
1779
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]1780/* Callback is called for ssl protocol analyse */
1781void ssl_sock_msgcbk(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
1782{
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]1783#ifdef TLS1_RT_HEARTBEAT
1784 /* test heartbeat received (write_p is set to 0
1785 for a received record) */
Willy Tarreauf51c6982014-04-25 20:02:39 +0200[diff] [blame]1786 if ((content_type == TLS1_RT_HEARTBEAT) && (write_p == 0)) {
Thierry FOURNIER28962c92018-06-17 21:37:05 +0200[diff] [blame]1787 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]1788 struct ssl_sock_ctx *ctx = conn->ctx;
Willy Tarreauf51c6982014-04-25 20:02:39 +0200[diff] [blame]1789 const unsigned char *p = buf;
1790 unsigned int payload;
1791
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]1792 ctx->xprt_st |= SSL_SOCK_RECV_HEARTBEAT;
Willy Tarreauf51c6982014-04-25 20:02:39 +0200[diff] [blame]1793
1794 /* Check if this is a CVE-2014-0160 exploitation attempt. */
1795 if (*p != TLS1_HB_REQUEST)
1796 return;
1797
Willy Tarreauaeed6722014-04-25 23:59:58 +0200[diff] [blame]1798 if (len < 1 + 2 + 16) /* 1 type + 2 size + 0 payload + 16 padding */
Willy Tarreauf51c6982014-04-25 20:02:39 +0200[diff] [blame]1799 goto kill_it;
1800
1801 payload = (p[1] * 256) + p[2];
Willy Tarreau3b2fdb62014-04-25 23:44:22 +0200[diff] [blame]1802 if (3 + payload + 16 <= len)
Willy Tarreauf51c6982014-04-25 20:02:39 +0200[diff] [blame]1803 return; /* OK no problem */
Willy Tarreauaeed6722014-04-25 23:59:58 +0200[diff] [blame]1804 kill_it:
Willy Tarreau3b2fdb62014-04-25 23:44:22 +0200[diff] [blame]1805 /* We have a clear heartbleed attack (CVE-2014-0160), the
1806 * advertised payload is larger than the advertised packet
1807 * length, so we have garbage in the buffer between the
1808 * payload and the end of the buffer (p+len). We can't know
1809 * if the SSL stack is patched, and we don't know if we can
1810 * safely wipe out the area between p+3+len and payload.
1811 * So instead, we prevent the response from being sent by
1812 * setting the max_send_fragment to 0 and we report an SSL
1813 * error, which will kill this connection. It will be reported
1814 * above as SSL_ERROR_SSL while an other handshake failure with
Willy Tarreauf51c6982014-04-25 20:02:39 +0200[diff] [blame]1815 * a heartbeat message will be reported as SSL_ERROR_SYSCALL.
1816 */
Willy Tarreau3b2fdb62014-04-25 23:44:22 +0200[diff] [blame]1817 ssl->max_send_fragment = 0;
Willy Tarreauf51c6982014-04-25 20:02:39 +0200[diff] [blame]1818 SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_SSL_HANDSHAKE_FAILURE);
1819 return;
1820 }
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]1821#endif
Emmanuel Hocdete3804742017-03-08 11:07:10 +0100[diff] [blame]1822 if (global_ssl.capture_cipherlist > 0)
1823 ssl_sock_parse_clienthello(write_p, version, content_type, buf, len, ssl);
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]1824}
1825
Bernard Spil13c53f82018-02-15 13:34:58 +0100[diff] [blame]1826#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Olivier Houchardc7566002018-11-20 23:33:50 +0100[diff] [blame]1827static int ssl_sock_srv_select_protos(SSL *s, unsigned char **out, unsigned char *outlen,
1828 const unsigned char *in, unsigned int inlen,
1829 void *arg)
1830{
1831 struct server *srv = arg;
1832
1833 if (SSL_select_next_proto(out, outlen, in, inlen, (unsigned char *)srv->ssl_ctx.npn_str,
1834 srv->ssl_ctx.npn_len) == OPENSSL_NPN_NEGOTIATED)
1835 return SSL_TLSEXT_ERR_OK;
1836 return SSL_TLSEXT_ERR_NOACK;
1837}
1838#endif
1839
1840#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Willy Tarreau6c9a3d52012-10-18 18:57:14 +0200[diff] [blame]1841/* This callback is used so that the server advertises the list of
1842 * negociable protocols for NPN.
1843 */
1844static int ssl_sock_advertise_npn_protos(SSL *s, const unsigned char **data,
1845 unsigned int *len, void *arg)
1846{
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]1847 struct ssl_bind_conf *conf = arg;
Willy Tarreau6c9a3d52012-10-18 18:57:14 +0200[diff] [blame]1848
1849 *data = (const unsigned char *)conf->npn_str;
1850 *len = conf->npn_len;
1851 return SSL_TLSEXT_ERR_OK;
1852}
1853#endif
1854
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +0100[diff] [blame]1855#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]1856/* This callback is used so that the server advertises the list of
1857 * negociable protocols for ALPN.
1858 */
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +0100[diff] [blame]1859static int ssl_sock_advertise_alpn_protos(SSL *s, const unsigned char **out,
1860 unsigned char *outlen,
1861 const unsigned char *server,
1862 unsigned int server_len, void *arg)
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]1863{
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]1864 struct ssl_bind_conf *conf = arg;
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]1865
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +0100[diff] [blame]1866 if (SSL_select_next_proto((unsigned char**) out, outlen, (const unsigned char *)conf->alpn_str,
1867 conf->alpn_len, server, server_len) != OPENSSL_NPN_NEGOTIATED) {
1868 return SSL_TLSEXT_ERR_NOACK;
1869 }
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]1870 return SSL_TLSEXT_ERR_OK;
1871}
1872#endif
1873
Willy Tarreauc8ad3be2015-06-17 15:48:26 +0200[diff] [blame]1874#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]1875#ifndef SSL_NO_GENERATE_CERTIFICATES
Christopher Faulet85b5a1a2015-10-09 11:46:32 +0200[diff] [blame]1876
Christopher Faulet30548802015-06-11 13:39:32 +0200[diff] [blame]1877/* Create a X509 certificate with the specified servername and serial. This
1878 * function returns a SSL_CTX object or NULL if an error occurs. */
Christopher Faulet7969a332015-10-09 11:15:03 +0200[diff] [blame]1879static SSL_CTX *
Christopher Faulet635c0ad2015-11-12 11:35:51 +0100[diff] [blame]1880ssl_sock_do_create_cert(const char *servername, struct bind_conf *bind_conf, SSL *ssl)
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]1881{
Christopher Faulet7969a332015-10-09 11:15:03 +0200[diff] [blame]1882 X509 *cacert = bind_conf->ca_sign_cert;
1883 EVP_PKEY *capkey = bind_conf->ca_sign_pkey;
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]1884 SSL_CTX *ssl_ctx = NULL;
1885 X509 *newcrt = NULL;
1886 EVP_PKEY *pkey = NULL;
Emmanuel Hocdet15969292017-08-11 10:56:00 +0200[diff] [blame]1887 SSL *tmp_ssl = NULL;
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +0200[diff] [blame]1888 CONF *ctmp = NULL;
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]1889 X509_NAME *name;
1890 const EVP_MD *digest;
1891 X509V3_CTX ctx;
1892 unsigned int i;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]1893 int key_type;
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]1894
Christopher Faulet48a83322017-07-28 16:56:09 +0200[diff] [blame]1895 /* Get the private key of the default certificate and use it */
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]1896#if (HA_OPENSSL_VERSION_NUMBER >= 0x10002000L)
Emmanuel Hocdet15969292017-08-11 10:56:00 +0200[diff] [blame]1897 pkey = SSL_CTX_get0_privatekey(bind_conf->default_ctx);
1898#else
1899 tmp_ssl = SSL_new(bind_conf->default_ctx);
1900 if (tmp_ssl)
1901 pkey = SSL_get_privatekey(tmp_ssl);
1902#endif
1903 if (!pkey)
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]1904 goto mkcert_error;
1905
1906 /* Create the certificate */
1907 if (!(newcrt = X509_new()))
1908 goto mkcert_error;
1909
1910 /* Set version number for the certificate (X509v3) and the serial
1911 * number */
1912 if (X509_set_version(newcrt, 2L) != 1)
1913 goto mkcert_error;
Olivier Houchard2be5a4c2019-03-08 18:54:43 +0100[diff] [blame]1914 ASN1_INTEGER_set(X509_get_serialNumber(newcrt), _HA_ATOMIC_ADD(&ssl_ctx_serial, 1));
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]1915
1916 /* Set duration for the certificate */
Rosen Penev68185952018-12-14 08:47:02 -0800[diff] [blame]1917 if (!X509_gmtime_adj(X509_getm_notBefore(newcrt), (long)-60*60*24) ||
1918 !X509_gmtime_adj(X509_getm_notAfter(newcrt),(long)60*60*24*365))
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]1919 goto mkcert_error;
1920
1921 /* set public key in the certificate */
1922 if (X509_set_pubkey(newcrt, pkey) != 1)
1923 goto mkcert_error;
1924
1925 /* Set issuer name from the CA */
1926 if (!(name = X509_get_subject_name(cacert)))
1927 goto mkcert_error;
1928 if (X509_set_issuer_name(newcrt, name) != 1)
1929 goto mkcert_error;
1930
1931 /* Set the subject name using the same, but the CN */
1932 name = X509_NAME_dup(name);
1933 if (X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC,
1934 (const unsigned char *)servername,
1935 -1, -1, 0) != 1) {
1936 X509_NAME_free(name);
1937 goto mkcert_error;
1938 }
1939 if (X509_set_subject_name(newcrt, name) != 1) {
1940 X509_NAME_free(name);
1941 goto mkcert_error;
1942 }
1943 X509_NAME_free(name);
1944
1945 /* Add x509v3 extensions as specified */
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +0200[diff] [blame]1946 ctmp = NCONF_new(NULL);
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]1947 X509V3_set_ctx(&ctx, cacert, newcrt, NULL, NULL, 0);
1948 for (i = 0; i < X509V3_EXT_SIZE; i++) {
1949 X509_EXTENSION *ext;
1950
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +0200[diff] [blame]1951 if (!(ext = X509V3_EXT_nconf(ctmp, &ctx, x509v3_ext_names[i], x509v3_ext_values[i])))
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]1952 goto mkcert_error;
1953 if (!X509_add_ext(newcrt, ext, -1)) {
1954 X509_EXTENSION_free(ext);
1955 goto mkcert_error;
1956 }
1957 X509_EXTENSION_free(ext);
1958 }
1959
1960 /* Sign the certificate with the CA private key */
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]1961
1962 key_type = EVP_PKEY_base_id(capkey);
1963
1964 if (key_type == EVP_PKEY_DSA)
1965 digest = EVP_sha1();
1966 else if (key_type == EVP_PKEY_RSA)
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]1967 digest = EVP_sha256();
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]1968 else if (key_type == EVP_PKEY_EC)
Christopher Faulet7969a332015-10-09 11:15:03 +0200[diff] [blame]1969 digest = EVP_sha256();
1970 else {
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]1971#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000000fL) && !defined(OPENSSL_IS_BORINGSSL)
Christopher Faulet7969a332015-10-09 11:15:03 +0200[diff] [blame]1972 int nid;
1973
1974 if (EVP_PKEY_get_default_digest_nid(capkey, &nid) <= 0)
1975 goto mkcert_error;
1976 if (!(digest = EVP_get_digestbynid(nid)))
1977 goto mkcert_error;
Christopher Faulete7db2162015-10-19 13:59:24 +0200[diff] [blame]1978#else
1979 goto mkcert_error;
1980#endif
Christopher Faulet7969a332015-10-09 11:15:03 +0200[diff] [blame]1981 }
1982
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]1983 if (!(X509_sign(newcrt, capkey, digest)))
1984 goto mkcert_error;
1985
1986 /* Create and set the new SSL_CTX */
1987 if (!(ssl_ctx = SSL_CTX_new(SSLv23_server_method())))
1988 goto mkcert_error;
1989 if (!SSL_CTX_use_PrivateKey(ssl_ctx, pkey))
1990 goto mkcert_error;
1991 if (!SSL_CTX_use_certificate(ssl_ctx, newcrt))
1992 goto mkcert_error;
1993 if (!SSL_CTX_check_private_key(ssl_ctx))
1994 goto mkcert_error;
1995
1996 if (newcrt) X509_free(newcrt);
Christopher Faulet7969a332015-10-09 11:15:03 +0200[diff] [blame]1997
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +0100[diff] [blame]1998#ifndef OPENSSL_NO_DH
Christopher Faulet85b5a1a2015-10-09 11:46:32 +0200[diff] [blame]1999 SSL_CTX_set_tmp_dh_callback(ssl_ctx, ssl_get_tmp_dh);
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +0100[diff] [blame]2000#endif
Christopher Faulet85b5a1a2015-10-09 11:46:32 +0200[diff] [blame]2001#if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)
2002 {
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]2003 const char *ecdhe = (bind_conf->ssl_conf.ecdhe ? bind_conf->ssl_conf.ecdhe : ECDHE_DEFAULT_CURVE);
Christopher Faulet85b5a1a2015-10-09 11:46:32 +0200[diff] [blame]2004 EC_KEY *ecc;
2005 int nid;
2006
2007 if ((nid = OBJ_sn2nid(ecdhe)) == NID_undef)
2008 goto end;
2009 if (!(ecc = EC_KEY_new_by_curve_name(nid)))
2010 goto end;
2011 SSL_CTX_set_tmp_ecdh(ssl_ctx, ecc);
2012 EC_KEY_free(ecc);
2013 }
2014#endif
2015 end:
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]2016 return ssl_ctx;
2017
2018 mkcert_error:
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +0200[diff] [blame]2019 if (ctmp) NCONF_free(ctmp);
Emmanuel Hocdet15969292017-08-11 10:56:00 +0200[diff] [blame]2020 if (tmp_ssl) SSL_free(tmp_ssl);
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]2021 if (ssl_ctx) SSL_CTX_free(ssl_ctx);
2022 if (newcrt) X509_free(newcrt);
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]2023 return NULL;
2024}
2025
Christopher Faulet7969a332015-10-09 11:15:03 +0200[diff] [blame]2026SSL_CTX *
Christopher Faulet635c0ad2015-11-12 11:35:51 +0100[diff] [blame]2027ssl_sock_create_cert(struct connection *conn, const char *servername, unsigned int key)
Christopher Faulet7969a332015-10-09 11:15:03 +0200[diff] [blame]2028{
Willy Tarreau07d94e42018-09-20 10:57:52 +0200[diff] [blame]2029 struct bind_conf *bind_conf = __objt_listener(conn->target)->bind_conf;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]2030 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Christopher Faulet635c0ad2015-11-12 11:35:51 +0100[diff] [blame]2031
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]2032 return ssl_sock_do_create_cert(servername, bind_conf, ctx->ssl);
Christopher Faulet7969a332015-10-09 11:15:03 +0200[diff] [blame]2033}
2034
Christopher Faulet30548802015-06-11 13:39:32 +0200[diff] [blame]2035/* Do a lookup for a certificate in the LRU cache used to store generated
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]2036 * certificates and immediately assign it to the SSL session if not null. */
Christopher Faulet30548802015-06-11 13:39:32 +0200[diff] [blame]2037SSL_CTX *
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]2038ssl_sock_assign_generated_cert(unsigned int key, struct bind_conf *bind_conf, SSL *ssl)
Christopher Faulet30548802015-06-11 13:39:32 +0200[diff] [blame]2039{
2040 struct lru64 *lru = NULL;
2041
2042 if (ssl_ctx_lru_tree) {
Willy Tarreau03f4ec42018-05-17 10:56:47 +0200[diff] [blame]2043 HA_RWLOCK_WRLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet635c0ad2015-11-12 11:35:51 +0100[diff] [blame]2044 lru = lru64_lookup(key, ssl_ctx_lru_tree, bind_conf->ca_sign_cert, 0);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]2045 if (lru && lru->domain) {
2046 if (ssl)
2047 SSL_set_SSL_CTX(ssl, (SSL_CTX *)lru->data);
Willy Tarreau03f4ec42018-05-17 10:56:47 +0200[diff] [blame]2048 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet30548802015-06-11 13:39:32 +0200[diff] [blame]2049 return (SSL_CTX *)lru->data;
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]2050 }
Willy Tarreau03f4ec42018-05-17 10:56:47 +0200[diff] [blame]2051 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet30548802015-06-11 13:39:32 +0200[diff] [blame]2052 }
2053 return NULL;
2054}
2055
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]2056/* Same as <ssl_sock_assign_generated_cert> but without SSL session. This
2057 * function is not thread-safe, it should only be used to check if a certificate
2058 * exists in the lru cache (with no warranty it will not be removed by another
2059 * thread). It is kept for backward compatibility. */
2060SSL_CTX *
2061ssl_sock_get_generated_cert(unsigned int key, struct bind_conf *bind_conf)
2062{
2063 return ssl_sock_assign_generated_cert(key, bind_conf, NULL);
2064}
2065
Christopher Fauletd2cab922015-07-28 16:03:47 +0200[diff] [blame]2066/* Set a certificate int the LRU cache used to store generated
2067 * certificate. Return 0 on success, otherwise -1 */
2068int
Christopher Faulet635c0ad2015-11-12 11:35:51 +0100[diff] [blame]2069ssl_sock_set_generated_cert(SSL_CTX *ssl_ctx, unsigned int key, struct bind_conf *bind_conf)
Christopher Faulet30548802015-06-11 13:39:32 +0200[diff] [blame]2070{
2071 struct lru64 *lru = NULL;
2072
2073 if (ssl_ctx_lru_tree) {
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100[diff] [blame]2074 HA_RWLOCK_WRLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet635c0ad2015-11-12 11:35:51 +0100[diff] [blame]2075 lru = lru64_get(key, ssl_ctx_lru_tree, bind_conf->ca_sign_cert, 0);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]2076 if (!lru) {
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100[diff] [blame]2077 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Fauletd2cab922015-07-28 16:03:47 +0200[diff] [blame]2078 return -1;
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]2079 }
Christopher Faulet30548802015-06-11 13:39:32 +0200[diff] [blame]2080 if (lru->domain && lru->data)
2081 lru->free((SSL_CTX *)lru->data);
Christopher Faulet7969a332015-10-09 11:15:03 +0200[diff] [blame]2082 lru64_commit(lru, ssl_ctx, bind_conf->ca_sign_cert, 0, (void (*)(void *))SSL_CTX_free);
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100[diff] [blame]2083 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Fauletd2cab922015-07-28 16:03:47 +0200[diff] [blame]2084 return 0;
Christopher Faulet30548802015-06-11 13:39:32 +0200[diff] [blame]2085 }
Christopher Fauletd2cab922015-07-28 16:03:47 +0200[diff] [blame]2086 return -1;
Christopher Faulet30548802015-06-11 13:39:32 +0200[diff] [blame]2087}
2088
Christopher Faulet635c0ad2015-11-12 11:35:51 +0100[diff] [blame]2089/* Compute the key of the certificate. */
Christopher Faulet30548802015-06-11 13:39:32 +0200[diff] [blame]2090unsigned int
Christopher Faulet635c0ad2015-11-12 11:35:51 +0100[diff] [blame]2091ssl_sock_generated_cert_key(const void *data, size_t len)
Christopher Faulet30548802015-06-11 13:39:32 +0200[diff] [blame]2092{
2093 return XXH32(data, len, ssl_ctx_lru_seed);
2094}
2095
Willy Tarreau2f63ef42015-10-20 15:16:01 +0200[diff] [blame]2096/* Generate a cert and immediately assign it to the SSL session so that the cert's
2097 * refcount is maintained regardless of the cert's presence in the LRU cache.
2098 */
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2099static int
Christopher Faulet7969a332015-10-09 11:15:03 +0200[diff] [blame]2100ssl_sock_generate_certificate(const char *servername, struct bind_conf *bind_conf, SSL *ssl)
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]2101{
2102 X509 *cacert = bind_conf->ca_sign_cert;
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]2103 SSL_CTX *ssl_ctx = NULL;
2104 struct lru64 *lru = NULL;
Christopher Faulet635c0ad2015-11-12 11:35:51 +0100[diff] [blame]2105 unsigned int key;
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]2106
Christopher Faulet635c0ad2015-11-12 11:35:51 +0100[diff] [blame]2107 key = ssl_sock_generated_cert_key(servername, strlen(servername));
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]2108 if (ssl_ctx_lru_tree) {
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100[diff] [blame]2109 HA_RWLOCK_WRLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet635c0ad2015-11-12 11:35:51 +0100[diff] [blame]2110 lru = lru64_get(key, ssl_ctx_lru_tree, cacert, 0);
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]2111 if (lru && lru->domain)
2112 ssl_ctx = (SSL_CTX *)lru->data;
Christopher Fauletd2cab922015-07-28 16:03:47 +0200[diff] [blame]2113 if (!ssl_ctx && lru) {
Christopher Faulet635c0ad2015-11-12 11:35:51 +0100[diff] [blame]2114 ssl_ctx = ssl_sock_do_create_cert(servername, bind_conf, ssl);
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]2115 lru64_commit(lru, ssl_ctx, cacert, 0, (void (*)(void *))SSL_CTX_free);
Christopher Fauletd2cab922015-07-28 16:03:47 +0200[diff] [blame]2116 }
Willy Tarreau2f63ef42015-10-20 15:16:01 +0200[diff] [blame]2117 SSL_set_SSL_CTX(ssl, ssl_ctx);
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100[diff] [blame]2118 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2119 return 1;
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]2120 }
Willy Tarreau2f63ef42015-10-20 15:16:01 +0200[diff] [blame]2121 else {
Christopher Faulet635c0ad2015-11-12 11:35:51 +0100[diff] [blame]2122 ssl_ctx = ssl_sock_do_create_cert(servername, bind_conf, ssl);
Willy Tarreau2f63ef42015-10-20 15:16:01 +0200[diff] [blame]2123 SSL_set_SSL_CTX(ssl, ssl_ctx);
2124 /* No LRU cache, this CTX will be released as soon as the session dies */
2125 SSL_CTX_free(ssl_ctx);
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2126 return 1;
Willy Tarreau2f63ef42015-10-20 15:16:01 +0200[diff] [blame]2127 }
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2128 return 0;
2129}
2130static int
2131ssl_sock_generate_certificate_from_conn(struct bind_conf *bind_conf, SSL *ssl)
2132{
2133 unsigned int key;
Thierry FOURNIER28962c92018-06-17 21:37:05 +0200[diff] [blame]2134 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2135
2136 conn_get_to_addr(conn);
2137 if (conn->flags & CO_FL_ADDR_TO_SET) {
2138 key = ssl_sock_generated_cert_key(&conn->addr.to, get_addr_len(&conn->addr.to));
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]2139 if (ssl_sock_assign_generated_cert(key, bind_conf, ssl))
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2140 return 1;
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2141 }
2142 return 0;
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]2143}
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]2144#endif /* !defined SSL_NO_GENERATE_CERTIFICATES */
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]2145
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2146
2147#ifndef SSL_OP_CIPHER_SERVER_PREFERENCE /* needs OpenSSL >= 0.9.7 */
2148#define SSL_OP_CIPHER_SERVER_PREFERENCE 0
2149#endif
2150
2151#ifndef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION /* needs OpenSSL >= 0.9.7 */
2152#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0
2153#define SSL_renegotiate_pending(arg) 0
2154#endif
2155#ifndef SSL_OP_SINGLE_ECDH_USE /* needs OpenSSL >= 0.9.8 */
2156#define SSL_OP_SINGLE_ECDH_USE 0
2157#endif
2158#ifndef SSL_OP_NO_TICKET /* needs OpenSSL >= 0.9.8 */
2159#define SSL_OP_NO_TICKET 0
2160#endif
2161#ifndef SSL_OP_NO_COMPRESSION /* needs OpenSSL >= 0.9.9 */
2162#define SSL_OP_NO_COMPRESSION 0
2163#endif
Emmanuel Hocdet23877ab2017-07-12 12:53:02 +0200[diff] [blame]2164#ifdef OPENSSL_NO_SSL3 /* SSLv3 support removed */
2165#undef SSL_OP_NO_SSLv3
2166#define SSL_OP_NO_SSLv3 0
2167#endif
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2168#ifndef SSL_OP_NO_TLSv1_1 /* needs OpenSSL >= 1.0.1 */
2169#define SSL_OP_NO_TLSv1_1 0
2170#endif
2171#ifndef SSL_OP_NO_TLSv1_2 /* needs OpenSSL >= 1.0.1 */
2172#define SSL_OP_NO_TLSv1_2 0
2173#endif
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +0200[diff] [blame]2174#ifndef SSL_OP_NO_TLSv1_3 /* needs OpenSSL >= 1.1.1 */
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2175#define SSL_OP_NO_TLSv1_3 0
2176#endif
2177#ifndef SSL_OP_SINGLE_DH_USE /* needs OpenSSL >= 0.9.6 */
2178#define SSL_OP_SINGLE_DH_USE 0
2179#endif
2180#ifndef SSL_OP_SINGLE_ECDH_USE /* needs OpenSSL >= 1.0.0 */
2181#define SSL_OP_SINGLE_ECDH_USE 0
2182#endif
2183#ifndef SSL_MODE_RELEASE_BUFFERS /* needs OpenSSL >= 1.0.0 */
2184#define SSL_MODE_RELEASE_BUFFERS 0
2185#endif
2186#ifndef SSL_MODE_SMALL_BUFFERS /* needs small_records.patch */
2187#define SSL_MODE_SMALL_BUFFERS 0
2188#endif
Lukas Tribus926594f2018-05-18 17:55:57 +0200[diff] [blame]2189#ifndef SSL_OP_PRIORITIZE_CHACHA /* needs OpenSSL >= 1.1.1 */
2190#define SSL_OP_PRIORITIZE_CHACHA 0
2191#endif
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2192
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]2193#if (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2194typedef enum { SET_CLIENT, SET_SERVER } set_context_func;
2195
2196static void ctx_set_SSLv3_func(SSL_CTX *ctx, set_context_func c)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2197{
Emmanuel Hocdet23877ab2017-07-12 12:53:02 +0200[diff] [blame]2198#if SSL_OP_NO_SSLv3
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2199 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, SSLv3_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2200 : SSL_CTX_set_ssl_version(ctx, SSLv3_client_method());
2201#endif
2202}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2203static void ctx_set_TLSv10_func(SSL_CTX *ctx, set_context_func c) {
2204 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, TLSv1_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2205 : SSL_CTX_set_ssl_version(ctx, TLSv1_client_method());
2206}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2207static void ctx_set_TLSv11_func(SSL_CTX *ctx, set_context_func c) {
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2208#if SSL_OP_NO_TLSv1_1
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2209 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, TLSv1_1_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2210 : SSL_CTX_set_ssl_version(ctx, TLSv1_1_client_method());
2211#endif
2212}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2213static void ctx_set_TLSv12_func(SSL_CTX *ctx, set_context_func c) {
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2214#if SSL_OP_NO_TLSv1_2
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2215 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, TLSv1_2_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2216 : SSL_CTX_set_ssl_version(ctx, TLSv1_2_client_method());
2217#endif
2218}
Bertrand Jacquina25282b2018-08-14 00:56:13 +0100[diff] [blame]2219/* TLSv1.2 is the last supported version in this context. */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2220static void ctx_set_TLSv13_func(SSL_CTX *ctx, set_context_func c) {}
2221/* Unusable in this context. */
2222static void ssl_set_SSLv3_func(SSL *ssl, set_context_func c) {}
2223static void ssl_set_TLSv10_func(SSL *ssl, set_context_func c) {}
2224static void ssl_set_TLSv11_func(SSL *ssl, set_context_func c) {}
2225static void ssl_set_TLSv12_func(SSL *ssl, set_context_func c) {}
2226static void ssl_set_TLSv13_func(SSL *ssl, set_context_func c) {}
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2227#else /* openssl >= 1.1.0 */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2228typedef enum { SET_MIN, SET_MAX } set_context_func;
2229
2230static void ctx_set_SSLv3_func(SSL_CTX *ctx, set_context_func c) {
2231 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, SSL3_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2232 : SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION);
2233}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2234static void ssl_set_SSLv3_func(SSL *ssl, set_context_func c) {
2235 c == SET_MAX ? SSL_set_max_proto_version(ssl, SSL3_VERSION)
2236 : SSL_set_min_proto_version(ssl, SSL3_VERSION);
2237}
2238static void ctx_set_TLSv10_func(SSL_CTX *ctx, set_context_func c) {
2239 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2240 : SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION);
2241}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2242static void ssl_set_TLSv10_func(SSL *ssl, set_context_func c) {
2243 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_VERSION)
2244 : SSL_set_min_proto_version(ssl, TLS1_VERSION);
2245}
2246static void ctx_set_TLSv11_func(SSL_CTX *ctx, set_context_func c) {
2247 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_1_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2248 : SSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION);
2249}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2250static void ssl_set_TLSv11_func(SSL *ssl, set_context_func c) {
2251 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_1_VERSION)
2252 : SSL_set_min_proto_version(ssl, TLS1_1_VERSION);
2253}
2254static void ctx_set_TLSv12_func(SSL_CTX *ctx, set_context_func c) {
2255 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2256 : SSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION);
2257}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2258static void ssl_set_TLSv12_func(SSL *ssl, set_context_func c) {
2259 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_2_VERSION)
2260 : SSL_set_min_proto_version(ssl, TLS1_2_VERSION);
2261}
2262static void ctx_set_TLSv13_func(SSL_CTX *ctx, set_context_func c) {
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2263#if SSL_OP_NO_TLSv1_3
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2264 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_3_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2265 : SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION);
2266#endif
2267}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2268static void ssl_set_TLSv13_func(SSL *ssl, set_context_func c) {
2269#if SSL_OP_NO_TLSv1_3
2270 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_3_VERSION)
2271 : SSL_set_min_proto_version(ssl, TLS1_3_VERSION);
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2272#endif
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2273}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2274#endif
2275static void ctx_set_None_func(SSL_CTX *ctx, set_context_func c) { }
2276static void ssl_set_None_func(SSL *ssl, set_context_func c) { }
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2277
2278static struct {
2279 int option;
2280 uint16_t flag;
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2281 void (*ctx_set_version)(SSL_CTX *, set_context_func);
2282 void (*ssl_set_version)(SSL *, set_context_func);
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2283 const char *name;
2284} methodVersions[] = {
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]2285 {0, 0, ctx_set_None_func, ssl_set_None_func, "NONE"}, /* CONF_TLSV_NONE */
2286 {SSL_OP_NO_SSLv3, MC_SSL_O_NO_SSLV3, ctx_set_SSLv3_func, ssl_set_SSLv3_func, "SSLv3"}, /* CONF_SSLV3 */
2287 {SSL_OP_NO_TLSv1, MC_SSL_O_NO_TLSV10, ctx_set_TLSv10_func, ssl_set_TLSv10_func, "TLSv1.0"}, /* CONF_TLSV10 */
2288 {SSL_OP_NO_TLSv1_1, MC_SSL_O_NO_TLSV11, ctx_set_TLSv11_func, ssl_set_TLSv11_func, "TLSv1.1"}, /* CONF_TLSV11 */
2289 {SSL_OP_NO_TLSv1_2, MC_SSL_O_NO_TLSV12, ctx_set_TLSv12_func, ssl_set_TLSv12_func, "TLSv1.2"}, /* CONF_TLSV12 */
2290 {SSL_OP_NO_TLSv1_3, MC_SSL_O_NO_TLSV13, ctx_set_TLSv13_func, ssl_set_TLSv13_func, "TLSv1.3"}, /* CONF_TLSV13 */
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +0200[diff] [blame]2291};
2292
Emmanuel Hocdet530141f2017-03-01 18:54:56 +0100[diff] [blame]2293static void ssl_sock_switchctx_set(SSL *ssl, SSL_CTX *ctx)
2294{
2295 SSL_set_verify(ssl, SSL_CTX_get_verify_mode(ctx), ssl_sock_bind_verifycbk);
2296 SSL_set_client_CA_list(ssl, SSL_dup_CA_list(SSL_CTX_get_client_CA_list(ctx)));
2297 SSL_set_SSL_CTX(ssl, ctx);
2298}
2299
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]2300#if ((HA_OPENSSL_VERSION_NUMBER >= 0x10101000L) || defined(OPENSSL_IS_BORINGSSL))
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2301
2302static int ssl_sock_switchctx_err_cbk(SSL *ssl, int *al, void *priv)
2303{
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2304 struct bind_conf *s = priv;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2305 (void)al; /* shut gcc stupid warning */
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2306
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2307 if (SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name) || s->generate_certs)
2308 return SSL_TLSEXT_ERR_OK;
2309 return SSL_TLSEXT_ERR_NOACK;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2310}
2311
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +0200[diff] [blame]2312#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2313static int ssl_sock_switchctx_cbk(const struct ssl_early_callback_ctx *ctx)
2314{
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2315 SSL *ssl = ctx->ssl;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +0200[diff] [blame]2316#else
2317static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg)
2318{
2319#endif
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2320 struct connection *conn;
2321 struct bind_conf *s;
2322 const uint8_t *extension_data;
2323 size_t extension_len;
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +0200[diff] [blame]2324 int has_rsa_sig = 0, has_ecdsa_sig = 0;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2325
2326 char *wildp = NULL;
2327 const uint8_t *servername;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2328 size_t servername_len;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2329 struct ebmb_node *node, *n, *node_ecdsa = NULL, *node_rsa = NULL, *node_anonymous = NULL;
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]2330 int allow_early = 0;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2331 int i;
2332
Thierry FOURNIER28962c92018-06-17 21:37:05 +0200[diff] [blame]2333 conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Willy Tarreaua8825522018-10-15 13:20:07 +0200[diff] [blame]2334 s = __objt_listener(conn->target)->bind_conf;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2335
Olivier Houchard9679ac92017-10-27 14:58:08 +0200[diff] [blame]2336 if (s->ssl_conf.early_data)
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]2337 allow_early = 1;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +0200[diff] [blame]2338#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2339 if (SSL_early_callback_ctx_extension_get(ctx, TLSEXT_TYPE_server_name,
2340 &extension_data, &extension_len)) {
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +0200[diff] [blame]2341#else
2342 if (SSL_client_hello_get0_ext(ssl, TLSEXT_TYPE_server_name, &extension_data, &extension_len)) {
2343#endif
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2344 /*
2345 * The server_name extension was given too much extensibility when it
2346 * was written, so parsing the normal case is a bit complex.
2347 */
2348 size_t len;
2349 if (extension_len <= 2)
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2350 goto abort;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2351 /* Extract the length of the supplied list of names. */
2352 len = (*extension_data++) << 8;
2353 len |= *extension_data++;
2354 if (len + 2 != extension_len)
2355 goto abort;
2356 /*
2357 * The list in practice only has a single element, so we only consider
2358 * the first one.
2359 */
2360 if (len == 0 || *extension_data++ != TLSEXT_NAMETYPE_host_name)
2361 goto abort;
2362 extension_len = len - 1;
2363 /* Now we can finally pull out the byte array with the actual hostname. */
2364 if (extension_len <= 2)
2365 goto abort;
2366 len = (*extension_data++) << 8;
2367 len |= *extension_data++;
2368 if (len == 0 || len + 2 > extension_len || len > TLSEXT_MAXLEN_host_name
2369 || memchr(extension_data, 0, len) != NULL)
2370 goto abort;
2371 servername = extension_data;
2372 servername_len = len;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2373 } else {
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2374#if (!defined SSL_NO_GENERATE_CERTIFICATES)
2375 if (s->generate_certs && ssl_sock_generate_certificate_from_conn(s, ssl)) {
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]2376 goto allow_early;
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2377 }
2378#endif
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2379 /* without SNI extension, is the default_ctx (need SSL_TLSEXT_ERR_NOACK) */
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]2380 if (!s->strict_sni) {
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2381 ssl_sock_switchctx_set(ssl, s->default_ctx);
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]2382 goto allow_early;
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]2383 }
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2384 goto abort;
2385 }
2386
2387 /* extract/check clientHello informations */
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +0200[diff] [blame]2388#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2389 if (SSL_early_callback_ctx_extension_get(ctx, TLSEXT_TYPE_signature_algorithms, &extension_data, &extension_len)) {
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +0200[diff] [blame]2390#else
2391 if (SSL_client_hello_get0_ext(ssl, TLSEXT_TYPE_signature_algorithms, &extension_data, &extension_len)) {
2392#endif
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2393 uint8_t sign;
2394 size_t len;
2395 if (extension_len < 2)
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2396 goto abort;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2397 len = (*extension_data++) << 8;
2398 len |= *extension_data++;
2399 if (len + 2 != extension_len)
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2400 goto abort;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2401 if (len % 2 != 0)
2402 goto abort;
2403 for (; len > 0; len -= 2) {
2404 extension_data++; /* hash */
2405 sign = *extension_data++;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2406 switch (sign) {
2407 case TLSEXT_signature_rsa:
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +0200[diff] [blame]2408 has_rsa_sig = 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2409 break;
2410 case TLSEXT_signature_ecdsa:
2411 has_ecdsa_sig = 1;
2412 break;
2413 default:
2414 continue;
2415 }
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +0200[diff] [blame]2416 if (has_ecdsa_sig && has_rsa_sig)
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2417 break;
2418 }
2419 } else {
Bertrand Jacquina25282b2018-08-14 00:56:13 +0100[diff] [blame]2420 /* without TLSEXT_TYPE_signature_algorithms extension (< TLSv1.2) */
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +0200[diff] [blame]2421 has_rsa_sig = 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2422 }
2423 if (has_ecdsa_sig) { /* in very rare case: has ecdsa sign but not a ECDSA cipher */
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2424 const SSL_CIPHER *cipher;
2425 size_t len;
2426 const uint8_t *cipher_suites;
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +0200[diff] [blame]2427 has_ecdsa_sig = 0;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +0200[diff] [blame]2428#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2429 len = ctx->cipher_suites_len;
2430 cipher_suites = ctx->cipher_suites;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +0200[diff] [blame]2431#else
2432 len = SSL_client_hello_get0_ciphers(ssl, &cipher_suites);
2433#endif
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2434 if (len % 2 != 0)
2435 goto abort;
2436 for (; len != 0; len -= 2, cipher_suites += 2) {
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +0200[diff] [blame]2437#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2438 uint16_t cipher_suite = (cipher_suites[0] << 8) | cipher_suites[1];
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2439 cipher = SSL_get_cipher_by_value(cipher_suite);
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +0200[diff] [blame]2440#else
2441 cipher = SSL_CIPHER_find(ssl, cipher_suites);
2442#endif
Emmanuel Hocdet019f9b12017-10-02 17:12:06 +0200[diff] [blame]2443 if (cipher && SSL_CIPHER_get_auth_nid(cipher) == NID_auth_ecdsa) {
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +0200[diff] [blame]2444 has_ecdsa_sig = 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2445 break;
2446 }
2447 }
2448 }
2449
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2450 for (i = 0; i < trash.size && i < servername_len; i++) {
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]2451 trash.area[i] = tolower(servername[i]);
2452 if (!wildp && (trash.area[i] == '.'))
2453 wildp = &trash.area[i];
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2454 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]2455 trash.area[i] = 0;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2456
2457 /* lookup in full qualified names */
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]2458 node = ebst_lookup(&s->sni_ctx, trash.area);
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2459
2460 /* lookup a not neg filter */
2461 for (n = node; n; n = ebmb_next_dup(n)) {
2462 if (!container_of(n, struct sni_ctx, name)->neg) {
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]2463 switch(container_of(n, struct sni_ctx, name)->kinfo.sig) {
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2464 case TLSEXT_signature_ecdsa:
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +0200[diff] [blame]2465 if (!node_ecdsa)
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2466 node_ecdsa = n;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2467 break;
2468 case TLSEXT_signature_rsa:
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +0200[diff] [blame]2469 if (!node_rsa)
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2470 node_rsa = n;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2471 break;
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]2472 default: /* TLSEXT_signature_anonymous|dsa */
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2473 if (!node_anonymous)
2474 node_anonymous = n;
2475 break;
2476 }
2477 }
2478 }
2479 if (wildp) {
2480 /* lookup in wildcards names */
2481 node = ebst_lookup(&s->sni_w_ctx, wildp);
2482 for (n = node; n; n = ebmb_next_dup(n)) {
2483 if (!container_of(n, struct sni_ctx, name)->neg) {
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]2484 switch(container_of(n, struct sni_ctx, name)->kinfo.sig) {
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2485 case TLSEXT_signature_ecdsa:
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +0200[diff] [blame]2486 if (!node_ecdsa)
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2487 node_ecdsa = n;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2488 break;
2489 case TLSEXT_signature_rsa:
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +0200[diff] [blame]2490 if (!node_rsa)
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2491 node_rsa = n;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2492 break;
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]2493 default: /* TLSEXT_signature_anonymous|dsa */
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2494 if (!node_anonymous)
2495 node_anonymous = n;
2496 break;
2497 }
2498 }
2499 }
2500 }
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2501 /* select by key_signature priority order */
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +0200[diff] [blame]2502 node = (has_ecdsa_sig && node_ecdsa) ? node_ecdsa
2503 : ((has_rsa_sig && node_rsa) ? node_rsa
2504 : (node_anonymous ? node_anonymous
2505 : (node_ecdsa ? node_ecdsa /* no ecdsa signature case (< TLSv1.2) */
2506 : node_rsa /* no rsa signature case (far far away) */
2507 )));
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2508 if (node) {
2509 /* switch ctx */
Emmanuel Hocdet43664762017-08-09 18:26:20 +0200[diff] [blame]2510 struct ssl_bind_conf *conf = container_of(node, struct sni_ctx, name)->conf;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2511 ssl_sock_switchctx_set(ssl, container_of(node, struct sni_ctx, name)->ctx);
Olivier Houchard35a63cc2017-11-02 19:04:38 +0100[diff] [blame]2512 if (conf) {
2513 methodVersions[conf->ssl_methods.min].ssl_set_version(ssl, SET_MIN);
2514 methodVersions[conf->ssl_methods.max].ssl_set_version(ssl, SET_MAX);
2515 if (conf->early_data)
2516 allow_early = 1;
2517 }
2518 goto allow_early;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2519 }
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2520#if (!defined SSL_NO_GENERATE_CERTIFICATES)
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]2521 if (s->generate_certs && ssl_sock_generate_certificate(trash.area, s, ssl)) {
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2522 /* switch ctx done in ssl_sock_generate_certificate */
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]2523 goto allow_early;
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2524 }
2525#endif
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]2526 if (!s->strict_sni) {
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2527 /* no certificate match, is the default_ctx */
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2528 ssl_sock_switchctx_set(ssl, s->default_ctx);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]2529 }
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]2530allow_early:
2531#ifdef OPENSSL_IS_BORINGSSL
2532 if (allow_early)
2533 SSL_set_early_data_enabled(ssl, 1);
2534#else
2535 if (!allow_early)
2536 SSL_set_max_early_data(ssl, 0);
2537#endif
2538 return 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2539 abort:
2540 /* abort handshake (was SSL_TLSEXT_ERR_ALERT_FATAL) */
2541 conn->err_code = CO_ER_SSL_HANDSHAKE;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +0200[diff] [blame]2542#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet48e87552017-08-16 11:28:44 +0200[diff] [blame]2543 return ssl_select_cert_error;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +0200[diff] [blame]2544#else
2545 *al = SSL_AD_UNRECOGNIZED_NAME;
2546 return 0;
2547#endif
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2548}
2549
2550#else /* OPENSSL_IS_BORINGSSL */
2551
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]2552/* Sets the SSL ctx of <ssl> to match the advertised server name. Returns a
2553 * warning when no match is found, which implies the default (first) cert
2554 * will keep being used.
2555 */
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]2556static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *priv)
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]2557{
2558 const char *servername;
2559 const char *wildp = NULL;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +0200[diff] [blame]2560 struct ebmb_node *node, *n;
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]2561 struct bind_conf *s = priv;
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]2562 int i;
2563 (void)al; /* shut gcc stupid warning */
2564
2565 servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
Emmanuel Hocdet65623372013-01-24 17:17:15 +0100[diff] [blame]2566 if (!servername) {
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]2567#if (!defined SSL_NO_GENERATE_CERTIFICATES)
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2568 if (s->generate_certs && ssl_sock_generate_certificate_from_conn(s, ssl))
2569 return SSL_TLSEXT_ERR_OK;
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]2570#endif
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]2571 if (s->strict_sni)
2572 return SSL_TLSEXT_ERR_ALERT_FATAL;
2573 ssl_sock_switchctx_set(ssl, s->default_ctx);
2574 return SSL_TLSEXT_ERR_NOACK;
Emmanuel Hocdet65623372013-01-24 17:17:15 +0100[diff] [blame]2575 }
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]2576
Willy Tarreau19d14ef2012-10-29 16:51:55 +0100[diff] [blame]2577 for (i = 0; i < trash.size; i++) {
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]2578 if (!servername[i])
2579 break;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]2580 trash.area[i] = tolower(servername[i]);
2581 if (!wildp && (trash.area[i] == '.'))
2582 wildp = &trash.area[i];
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]2583 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]2584 trash.area[i] = 0;
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]2585
2586 /* lookup in full qualified names */
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]2587 node = ebst_lookup(&s->sni_ctx, trash.area);
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +0200[diff] [blame]2588
2589 /* lookup a not neg filter */
2590 for (n = node; n; n = ebmb_next_dup(n)) {
2591 if (!container_of(n, struct sni_ctx, name)->neg) {
2592 node = n;
2593 break;
Emmanuel Hocdet65623372013-01-24 17:17:15 +0100[diff] [blame]2594 }
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +0200[diff] [blame]2595 }
2596 if (!node && wildp) {
2597 /* lookup in wildcards names */
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]2598 node = ebst_lookup(&s->sni_w_ctx, wildp);
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +0200[diff] [blame]2599 }
2600 if (!node || container_of(node, struct sni_ctx, name)->neg) {
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]2601#if (!defined SSL_NO_GENERATE_CERTIFICATES)
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]2602 if (s->generate_certs && ssl_sock_generate_certificate(servername, s, ssl)) {
2603 /* switch ctx done in ssl_sock_generate_certificate */
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]2604 return SSL_TLSEXT_ERR_OK;
2605 }
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]2606#endif
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]2607 if (s->strict_sni)
2608 return SSL_TLSEXT_ERR_ALERT_FATAL;
2609 ssl_sock_switchctx_set(ssl, s->default_ctx);
2610 return SSL_TLSEXT_ERR_OK;
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]2611 }
2612
2613 /* switch ctx */
Emmanuel Hocdet530141f2017-03-01 18:54:56 +0100[diff] [blame]2614 ssl_sock_switchctx_set(ssl, container_of(node, struct sni_ctx, name)->ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]2615 return SSL_TLSEXT_ERR_OK;
2616}
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2617#endif /* (!) OPENSSL_IS_BORINGSSL */
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]2618#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
2619
Emeric Bruna4bcd9a2012-09-20 16:19:02 +0200[diff] [blame]2620#ifndef OPENSSL_NO_DH
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2621
2622static DH * ssl_get_dh_1024(void)
2623{
Remi Gacogned3a341a2015-05-29 16:26:17 +0200[diff] [blame]2624 static unsigned char dh1024_p[]={
2625 0xFA,0xF9,0x2A,0x22,0x2A,0xA7,0x7F,0xE1,0x67,0x4E,0x53,0xF7,
2626 0x56,0x13,0xC3,0xB1,0xE3,0x29,0x6B,0x66,0x31,0x6A,0x7F,0xB3,
2627 0xC2,0x68,0x6B,0xCB,0x1D,0x57,0x39,0x1D,0x1F,0xFF,0x1C,0xC9,
2628 0xA6,0xA4,0x98,0x82,0x31,0x5D,0x25,0xFF,0x8A,0xE0,0x73,0x96,
2629 0x81,0xC8,0x83,0x79,0xC1,0x5A,0x04,0xF8,0x37,0x0D,0xA8,0x3D,
2630 0xAE,0x74,0xBC,0xDB,0xB6,0xA4,0x75,0xD9,0x71,0x8A,0xA0,0x17,
2631 0x9E,0x2D,0xC8,0xA8,0xDF,0x2C,0x5F,0x82,0x95,0xF8,0x92,0x9B,
2632 0xA7,0x33,0x5F,0x89,0x71,0xC8,0x2D,0x6B,0x18,0x86,0xC4,0x94,
2633 0x22,0xA5,0x52,0x8D,0xF6,0xF6,0xD2,0x37,0x92,0x0F,0xA5,0xCC,
2634 0xDB,0x7B,0x1D,0x3D,0xA1,0x31,0xB7,0x80,0x8F,0x0B,0x67,0x5E,
2635 0x36,0xA5,0x60,0x0C,0xF1,0x95,0x33,0x8B,
2636 };
2637 static unsigned char dh1024_g[]={
2638 0x02,
2639 };
2640
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]2641 BIGNUM *p;
2642 BIGNUM *g;
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2643 DH *dh = DH_new();
2644 if (dh) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]2645 p = BN_bin2bn(dh1024_p, sizeof dh1024_p, NULL);
2646 g = BN_bin2bn(dh1024_g, sizeof dh1024_g, NULL);
Remi Gacogned3a341a2015-05-29 16:26:17 +0200[diff] [blame]2647
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]2648 if (!p || !g) {
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2649 DH_free(dh);
2650 dh = NULL;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]2651 } else {
2652 DH_set0_pqg(dh, p, NULL, g);
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2653 }
2654 }
2655 return dh;
2656}
2657
2658static DH *ssl_get_dh_2048(void)
2659{
Remi Gacogned3a341a2015-05-29 16:26:17 +0200[diff] [blame]2660 static unsigned char dh2048_p[]={
2661 0xEC,0x86,0xF8,0x70,0xA0,0x33,0x16,0xEC,0x05,0x1A,0x73,0x59,
2662 0xCD,0x1F,0x8B,0xF8,0x29,0xE4,0xD2,0xCF,0x52,0xDD,0xC2,0x24,
2663 0x8D,0xB5,0x38,0x9A,0xFB,0x5C,0xA4,0xE4,0xB2,0xDA,0xCE,0x66,
2664 0x50,0x74,0xA6,0x85,0x4D,0x4B,0x1D,0x30,0xB8,0x2B,0xF3,0x10,
2665 0xE9,0xA7,0x2D,0x05,0x71,0xE7,0x81,0xDF,0x8B,0x59,0x52,0x3B,
2666 0x5F,0x43,0x0B,0x68,0xF1,0xDB,0x07,0xBE,0x08,0x6B,0x1B,0x23,
2667 0xEE,0x4D,0xCC,0x9E,0x0E,0x43,0xA0,0x1E,0xDF,0x43,0x8C,0xEC,
2668 0xBE,0xBE,0x90,0xB4,0x51,0x54,0xB9,0x2F,0x7B,0x64,0x76,0x4E,
2669 0x5D,0xD4,0x2E,0xAE,0xC2,0x9E,0xAE,0x51,0x43,0x59,0xC7,0x77,
2670 0x9C,0x50,0x3C,0x0E,0xED,0x73,0x04,0x5F,0xF1,0x4C,0x76,0x2A,
2671 0xD8,0xF8,0xCF,0xFC,0x34,0x40,0xD1,0xB4,0x42,0x61,0x84,0x66,
2672 0x42,0x39,0x04,0xF8,0x68,0xB2,0x62,0xD7,0x55,0xED,0x1B,0x74,
2673 0x75,0x91,0xE0,0xC5,0x69,0xC1,0x31,0x5C,0xDB,0x7B,0x44,0x2E,
2674 0xCE,0x84,0x58,0x0D,0x1E,0x66,0x0C,0xC8,0x44,0x9E,0xFD,0x40,
2675 0x08,0x67,0x5D,0xFB,0xA7,0x76,0x8F,0x00,0x11,0x87,0xE9,0x93,
2676 0xF9,0x7D,0xC4,0xBC,0x74,0x55,0x20,0xD4,0x4A,0x41,0x2F,0x43,
2677 0x42,0x1A,0xC1,0xF2,0x97,0x17,0x49,0x27,0x37,0x6B,0x2F,0x88,
2678 0x7E,0x1C,0xA0,0xA1,0x89,0x92,0x27,0xD9,0x56,0x5A,0x71,0xC1,
2679 0x56,0x37,0x7E,0x3A,0x9D,0x05,0xE7,0xEE,0x5D,0x8F,0x82,0x17,
2680 0xBC,0xE9,0xC2,0x93,0x30,0x82,0xF9,0xF4,0xC9,0xAE,0x49,0xDB,
2681 0xD0,0x54,0xB4,0xD9,0x75,0x4D,0xFA,0x06,0xB8,0xD6,0x38,0x41,
2682 0xB7,0x1F,0x77,0xF3,
2683 };
2684 static unsigned char dh2048_g[]={
2685 0x02,
2686 };
2687
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]2688 BIGNUM *p;
2689 BIGNUM *g;
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2690 DH *dh = DH_new();
2691 if (dh) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]2692 p = BN_bin2bn(dh2048_p, sizeof dh2048_p, NULL);
2693 g = BN_bin2bn(dh2048_g, sizeof dh2048_g, NULL);
Remi Gacogned3a341a2015-05-29 16:26:17 +0200[diff] [blame]2694
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]2695 if (!p || !g) {
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2696 DH_free(dh);
2697 dh = NULL;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]2698 } else {
2699 DH_set0_pqg(dh, p, NULL, g);
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2700 }
2701 }
2702 return dh;
2703}
2704
2705static DH *ssl_get_dh_4096(void)
2706{
Remi Gacogned3a341a2015-05-29 16:26:17 +0200[diff] [blame]2707 static unsigned char dh4096_p[]={
2708 0xDE,0x16,0x94,0xCD,0x99,0x58,0x07,0xF1,0xF7,0x32,0x96,0x11,
2709 0x04,0x82,0xD4,0x84,0x72,0x80,0x99,0x06,0xCA,0xF0,0xA3,0x68,
2710 0x07,0xCE,0x64,0x50,0xE7,0x74,0x45,0x20,0x80,0x5E,0x4D,0xAD,
2711 0xA5,0xB6,0xED,0xFA,0x80,0x6C,0x3B,0x35,0xC4,0x9A,0x14,0x6B,
2712 0x32,0xBB,0xFD,0x1F,0x17,0x8E,0xB7,0x1F,0xD6,0xFA,0x3F,0x7B,
2713 0xEE,0x16,0xA5,0x62,0x33,0x0D,0xED,0xBC,0x4E,0x58,0xE5,0x47,
2714 0x4D,0xE9,0xAB,0x8E,0x38,0xD3,0x6E,0x90,0x57,0xE3,0x22,0x15,
2715 0x33,0xBD,0xF6,0x43,0x45,0xB5,0x10,0x0A,0xBE,0x2C,0xB4,0x35,
2716 0xB8,0x53,0x8D,0xAD,0xFB,0xA7,0x1F,0x85,0x58,0x41,0x7A,0x79,
2717 0x20,0x68,0xB3,0xE1,0x3D,0x08,0x76,0xBF,0x86,0x0D,0x49,0xE3,
2718 0x82,0x71,0x8C,0xB4,0x8D,0x81,0x84,0xD4,0xE7,0xBE,0x91,0xDC,
2719 0x26,0x39,0x48,0x0F,0x35,0xC4,0xCA,0x65,0xE3,0x40,0x93,0x52,
2720 0x76,0x58,0x7D,0xDD,0x51,0x75,0xDC,0x69,0x61,0xBF,0x47,0x2C,
2721 0x16,0x68,0x2D,0xC9,0x29,0xD3,0xE6,0xC0,0x99,0x48,0xA0,0x9A,
2722 0xC8,0x78,0xC0,0x6D,0x81,0x67,0x12,0x61,0x3F,0x71,0xBA,0x41,
2723 0x1F,0x6C,0x89,0x44,0x03,0xBA,0x3B,0x39,0x60,0xAA,0x28,0x55,
2724 0x59,0xAE,0xB8,0xFA,0xCB,0x6F,0xA5,0x1A,0xF7,0x2B,0xDD,0x52,
2725 0x8A,0x8B,0xE2,0x71,0xA6,0x5E,0x7E,0xD8,0x2E,0x18,0xE0,0x66,
2726 0xDF,0xDD,0x22,0x21,0x99,0x52,0x73,0xA6,0x33,0x20,0x65,0x0E,
2727 0x53,0xE7,0x6B,0x9B,0xC5,0xA3,0x2F,0x97,0x65,0x76,0xD3,0x47,
2728 0x23,0x77,0x12,0xB6,0x11,0x7B,0x24,0xED,0xF1,0xEF,0xC0,0xE2,
2729 0xA3,0x7E,0x67,0x05,0x3E,0x96,0x4D,0x45,0xC2,0x18,0xD1,0x73,
2730 0x9E,0x07,0xF3,0x81,0x6E,0x52,0x63,0xF6,0x20,0x76,0xB9,0x13,
2731 0xD2,0x65,0x30,0x18,0x16,0x09,0x16,0x9E,0x8F,0xF1,0xD2,0x10,
2732 0x5A,0xD3,0xD4,0xAF,0x16,0x61,0xDA,0x55,0x2E,0x18,0x5E,0x14,
2733 0x08,0x54,0x2E,0x2A,0x25,0xA2,0x1A,0x9B,0x8B,0x32,0xA9,0xFD,
2734 0xC2,0x48,0x96,0xE1,0x80,0xCA,0xE9,0x22,0x17,0xBB,0xCE,0x3E,
2735 0x9E,0xED,0xC7,0xF1,0x1F,0xEC,0x17,0x21,0xDC,0x7B,0x82,0x48,
2736 0x8E,0xBB,0x4B,0x9D,0x5B,0x04,0x04,0xDA,0xDB,0x39,0xDF,0x01,
2737 0x40,0xC3,0xAA,0x26,0x23,0x89,0x75,0xC6,0x0B,0xD0,0xA2,0x60,
2738 0x6A,0xF1,0xCC,0x65,0x18,0x98,0x1B,0x52,0xD2,0x74,0x61,0xCC,
2739 0xBD,0x60,0xAE,0xA3,0xA0,0x66,0x6A,0x16,0x34,0x92,0x3F,0x41,
2740 0x40,0x31,0x29,0xC0,0x2C,0x63,0xB2,0x07,0x8D,0xEB,0x94,0xB8,
2741 0xE8,0x47,0x92,0x52,0x93,0x6A,0x1B,0x7E,0x1A,0x61,0xB3,0x1B,
2742 0xF0,0xD6,0x72,0x9B,0xF1,0xB0,0xAF,0xBF,0x3E,0x65,0xEF,0x23,
2743 0x1D,0x6F,0xFF,0x70,0xCD,0x8A,0x4C,0x8A,0xA0,0x72,0x9D,0xBE,
2744 0xD4,0xBB,0x24,0x47,0x4A,0x68,0xB5,0xF5,0xC6,0xD5,0x7A,0xCD,
2745 0xCA,0x06,0x41,0x07,0xAD,0xC2,0x1E,0xE6,0x54,0xA7,0xAD,0x03,
2746 0xD9,0x12,0xC1,0x9C,0x13,0xB1,0xC9,0x0A,0x43,0x8E,0x1E,0x08,
2747 0xCE,0x50,0x82,0x73,0x5F,0xA7,0x55,0x1D,0xD9,0x59,0xAC,0xB5,
2748 0xEA,0x02,0x7F,0x6C,0x5B,0x74,0x96,0x98,0x67,0x24,0xA3,0x0F,
2749 0x15,0xFC,0xA9,0x7D,0x3E,0x67,0xD1,0x70,0xF8,0x97,0xF3,0x67,
2750 0xC5,0x8C,0x88,0x44,0x08,0x02,0xC7,0x2B,
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2751 };
Remi Gacogned3a341a2015-05-29 16:26:17 +0200[diff] [blame]2752 static unsigned char dh4096_g[]={
2753 0x02,
2754 };
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2755
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]2756 BIGNUM *p;
2757 BIGNUM *g;
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2758 DH *dh = DH_new();
2759 if (dh) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]2760 p = BN_bin2bn(dh4096_p, sizeof dh4096_p, NULL);
2761 g = BN_bin2bn(dh4096_g, sizeof dh4096_g, NULL);
Remi Gacogned3a341a2015-05-29 16:26:17 +0200[diff] [blame]2762
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]2763 if (!p || !g) {
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2764 DH_free(dh);
2765 dh = NULL;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]2766 } else {
2767 DH_set0_pqg(dh, p, NULL, g);
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2768 }
2769 }
2770 return dh;
2771}
2772
2773/* Returns Diffie-Hellman parameters matching the private key length
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]2774 but not exceeding global_ssl.default_dh_param */
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2775static DH *ssl_get_tmp_dh(SSL *ssl, int export, int keylen)
2776{
2777 DH *dh = NULL;
2778 EVP_PKEY *pkey = SSL_get_privatekey(ssl);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]2779 int type;
2780
2781 type = pkey ? EVP_PKEY_base_id(pkey) : EVP_PKEY_NONE;
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2782
2783 /* The keylen supplied by OpenSSL can only be 512 or 1024.
2784 See ssl3_send_server_key_exchange() in ssl/s3_srvr.c
2785 */
2786 if (type == EVP_PKEY_RSA || type == EVP_PKEY_DSA) {
2787 keylen = EVP_PKEY_bits(pkey);
2788 }
2789
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]2790 if (keylen > global_ssl.default_dh_param) {
2791 keylen = global_ssl.default_dh_param;
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2792 }
2793
Remi Gacogned3a341a2015-05-29 16:26:17 +0200[diff] [blame]2794 if (keylen >= 4096) {
Remi Gacogne8de54152014-07-15 11:36:40 +0200[diff] [blame]2795 dh = local_dh_4096;
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2796 }
2797 else if (keylen >= 2048) {
Remi Gacogne8de54152014-07-15 11:36:40 +0200[diff] [blame]2798 dh = local_dh_2048;
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2799 }
2800 else {
Remi Gacogne8de54152014-07-15 11:36:40 +0200[diff] [blame]2801 dh = local_dh_1024;
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2802 }
2803
2804 return dh;
2805}
2806
Remi Gacogne47783ef2015-05-29 15:53:22 +0200[diff] [blame]2807static DH * ssl_sock_get_dh_from_file(const char *filename)
Emeric Bruna4bcd9a2012-09-20 16:19:02 +0200[diff] [blame]2808{
Emeric Bruna4bcd9a2012-09-20 16:19:02 +0200[diff] [blame]2809 DH *dh = NULL;
Remi Gacogne47783ef2015-05-29 15:53:22 +0200[diff] [blame]2810 BIO *in = BIO_new(BIO_s_file());
Emeric Bruna4bcd9a2012-09-20 16:19:02 +0200[diff] [blame]2811
Emeric Bruna4bcd9a2012-09-20 16:19:02 +0200[diff] [blame]2812 if (in == NULL)
2813 goto end;
2814
Remi Gacogne47783ef2015-05-29 15:53:22 +0200[diff] [blame]2815 if (BIO_read_filename(in, filename) <= 0)
Emeric Bruna4bcd9a2012-09-20 16:19:02 +0200[diff] [blame]2816 goto end;
2817
Remi Gacogne47783ef2015-05-29 15:53:22 +0200[diff] [blame]2818 dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
2819
2820end:
2821 if (in)
2822 BIO_free(in);
2823
Emeric Brune1b4ed42018-08-16 15:14:12 +0200[diff] [blame]2824 ERR_clear_error();
2825
Remi Gacogne47783ef2015-05-29 15:53:22 +0200[diff] [blame]2826 return dh;
2827}
2828
2829int ssl_sock_load_global_dh_param_from_file(const char *filename)
2830{
2831 global_dh = ssl_sock_get_dh_from_file(filename);
2832
2833 if (global_dh) {
2834 return 0;
2835 }
2836
2837 return -1;
2838}
2839
2840/* Loads Diffie-Hellman parameter from a file. Returns 1 if loaded, else -1
Joseph Herlant017b3da2018-11-15 09:07:59 -0800[diff] [blame]2841 if an error occurred, and 0 if parameter not found. */
Remi Gacogne47783ef2015-05-29 15:53:22 +0200[diff] [blame]2842int ssl_sock_load_dh_params(SSL_CTX *ctx, const char *file)
2843{
2844 int ret = -1;
2845 DH *dh = ssl_sock_get_dh_from_file(file);
2846
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2847 if (dh) {
2848 ret = 1;
2849 SSL_CTX_set_tmp_dh(ctx, dh);
Remi Gacogne4f902b82015-05-28 16:23:00 +0200[diff] [blame]2850
2851 if (ssl_dh_ptr_index >= 0) {
2852 /* store a pointer to the DH params to avoid complaining about
2853 ssl-default-dh-param not being set for this SSL_CTX */
2854 SSL_CTX_set_ex_data(ctx, ssl_dh_ptr_index, dh);
2855 }
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2856 }
Remi Gacogne47783ef2015-05-29 15:53:22 +0200[diff] [blame]2857 else if (global_dh) {
2858 SSL_CTX_set_tmp_dh(ctx, global_dh);
2859 ret = 0; /* DH params not found */
2860 }
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2861 else {
Emeric Brun41fdb3c2013-04-26 11:05:44 +0200[diff] [blame]2862 /* Clear openssl global errors stack */
2863 ERR_clear_error();
2864
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]2865 if (global_ssl.default_dh_param <= 1024) {
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2866 /* we are limited to DH parameter of 1024 bits anyway */
Remi Gacognec7e12632016-07-02 16:26:10 +0200[diff] [blame]2867 if (local_dh_1024 == NULL)
2868 local_dh_1024 = ssl_get_dh_1024();
2869
Remi Gacogne8de54152014-07-15 11:36:40 +0200[diff] [blame]2870 if (local_dh_1024 == NULL)
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2871 goto end;
Willy Tarreau6e774b42014-04-25 21:35:23 +0200[diff] [blame]2872
Remi Gacogne8de54152014-07-15 11:36:40 +0200[diff] [blame]2873 SSL_CTX_set_tmp_dh(ctx, local_dh_1024);
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]2874 }
2875 else {
2876 SSL_CTX_set_tmp_dh_callback(ctx, ssl_get_tmp_dh);
2877 }
Willy Tarreau6e774b42014-04-25 21:35:23 +0200[diff] [blame]2878
Emeric Brun41fdb3c2013-04-26 11:05:44 +0200[diff] [blame]2879 ret = 0; /* DH params not found */
Emeric Bruna4bcd9a2012-09-20 16:19:02 +0200[diff] [blame]2880 }
Emeric Brun644cde02012-12-14 11:21:13 +0100[diff] [blame]2881
Emeric Bruna4bcd9a2012-09-20 16:19:02 +0200[diff] [blame]2882end:
2883 if (dh)
2884 DH_free(dh);
2885
Emeric Bruna4bcd9a2012-09-20 16:19:02 +0200[diff] [blame]2886 return ret;
2887}
2888#endif
2889
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]2890static int ssl_sock_add_cert_sni(SSL_CTX *ctx, struct bind_conf *s, struct ssl_bind_conf *conf,
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]2891 struct pkey_info kinfo, char *name, int order)
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]2892{
2893 struct sni_ctx *sc;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +0200[diff] [blame]2894 int wild = 0, neg = 0;
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +0200[diff] [blame]2895 struct ebmb_node *node;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]2896
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +0200[diff] [blame]2897 if (*name == '!') {
2898 neg = 1;
2899 name++;
2900 }
2901 if (*name == '*') {
2902 wild = 1;
2903 name++;
2904 }
2905 /* !* filter is a nop */
2906 if (neg && wild)
2907 return order;
2908 if (*name) {
2909 int j, len;
2910 len = strlen(name);
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +0200[diff] [blame]2911 for (j = 0; j < len && j < trash.size; j++)
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]2912 trash.area[j] = tolower(name[j]);
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +0200[diff] [blame]2913 if (j >= trash.size)
2914 return order;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]2915 trash.area[j] = 0;
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +0200[diff] [blame]2916
2917 /* Check for duplicates. */
2918 if (wild)
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]2919 node = ebst_lookup(&s->sni_w_ctx, trash.area);
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +0200[diff] [blame]2920 else
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]2921 node = ebst_lookup(&s->sni_ctx, trash.area);
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +0200[diff] [blame]2922 for (; node; node = ebmb_next_dup(node)) {
2923 sc = ebmb_entry(node, struct sni_ctx, name);
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]2924 if (sc->ctx == ctx && sc->conf == conf && sc->neg == neg)
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +0200[diff] [blame]2925 return order;
2926 }
2927
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]2928 sc = malloc(sizeof(struct sni_ctx) + len + 1);
Thierry FOURNIER / OZON.IO7a3bd3b2016-10-06 10:35:29 +0200[diff] [blame]2929 if (!sc)
2930 return order;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]2931 memcpy(sc->name.key, trash.area, len + 1);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]2932 sc->ctx = ctx;
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]2933 sc->conf = conf;
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]2934 sc->kinfo = kinfo;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +0200[diff] [blame]2935 sc->order = order++;
2936 sc->neg = neg;
Emmanuel Hocdet96b78342017-10-31 15:46:07 +0100[diff] [blame]2937 if (kinfo.sig != TLSEXT_signature_anonymous)
2938 SSL_CTX_set_ex_data(ctx, ssl_pkey_info_index, &sc->kinfo);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]2939 if (wild)
2940 ebst_insert(&s->sni_w_ctx, &sc->name);
2941 else
2942 ebst_insert(&s->sni_ctx, &sc->name);
2943 }
2944 return order;
2945}
2946
yanbzhu488a4d22015-12-01 15:16:07 -0500[diff] [blame]2947
2948/* The following code is used for loading multiple crt files into
2949 * SSL_CTX's based on CN/SAN
2950 */
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]2951#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhu488a4d22015-12-01 15:16:07 -0500[diff] [blame]2952/* This is used to preload the certifcate, private key
2953 * and Cert Chain of a file passed in via the crt
2954 * argument
2955 *
2956 * This way, we do not have to read the file multiple times
2957 */
2958struct cert_key_and_chain {
2959 X509 *cert;
2960 EVP_PKEY *key;
2961 unsigned int num_chain_certs;
2962 /* This is an array of X509 pointers */
2963 X509 **chain_certs;
2964};
2965
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]2966#define SSL_SOCK_POSSIBLE_KT_COMBOS (1<<(SSL_SOCK_NUM_KEYTYPES))
2967
2968struct key_combo_ctx {
2969 SSL_CTX *ctx;
2970 int order;
2971};
2972
2973/* Map used for processing multiple keypairs for a single purpose
2974 *
2975 * This maps CN/SNI name to certificate type
2976 */
2977struct sni_keytype {
2978 int keytypes; /* BITMASK for keytypes */
2979 struct ebmb_node name; /* node holding the servername value */
2980};
2981
2982
yanbzhu488a4d22015-12-01 15:16:07 -0500[diff] [blame]2983/* Frees the contents of a cert_key_and_chain
2984 */
2985static void ssl_sock_free_cert_key_and_chain_contents(struct cert_key_and_chain *ckch)
2986{
2987 int i;
2988
2989 if (!ckch)
2990 return;
2991
2992 /* Free the certificate and set pointer to NULL */
2993 if (ckch->cert)
2994 X509_free(ckch->cert);
2995 ckch->cert = NULL;
2996
2997 /* Free the key and set pointer to NULL */
2998 if (ckch->key)
2999 EVP_PKEY_free(ckch->key);
3000 ckch->key = NULL;
3001
3002 /* Free each certificate in the chain */
3003 for (i = 0; i < ckch->num_chain_certs; i++) {
3004 if (ckch->chain_certs[i])
3005 X509_free(ckch->chain_certs[i]);
3006 }
3007
3008 /* Free the chain obj itself and set to NULL */
3009 if (ckch->num_chain_certs > 0) {
3010 free(ckch->chain_certs);
3011 ckch->num_chain_certs = 0;
3012 ckch->chain_certs = NULL;
3013 }
3014
3015}
3016
3017/* checks if a key and cert exists in the ckch
3018 */
3019static int ssl_sock_is_ckch_valid(struct cert_key_and_chain *ckch)
3020{
3021 return (ckch->cert != NULL && ckch->key != NULL);
3022}
3023
3024
3025/* Loads the contents of a crt file (path) into a cert_key_and_chain
3026 * This allows us to carry the contents of the file without having to
3027 * read the file multiple times.
3028 *
3029 * returns:
3030 * 0 on Success
3031 * 1 on SSL Failure
3032 * 2 on file not found
3033 */
3034static int ssl_sock_load_crt_file_into_ckch(const char *path, struct cert_key_and_chain *ckch, char **err)
3035{
3036
3037 BIO *in;
3038 X509 *ca = NULL;
3039 int ret = 1;
3040
3041 ssl_sock_free_cert_key_and_chain_contents(ckch);
3042
3043 in = BIO_new(BIO_s_file());
3044 if (in == NULL)
3045 goto end;
3046
3047 if (BIO_read_filename(in, path) <= 0)
3048 goto end;
3049
yanbzhu488a4d22015-12-01 15:16:07 -0500[diff] [blame]3050 /* Read Private Key */
3051 ckch->key = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL);
3052 if (ckch->key == NULL) {
3053 memprintf(err, "%sunable to load private key from file '%s'.\n",
3054 err && *err ? *err : "", path);
3055 goto end;
3056 }
3057
Willy Tarreaubb137a82016-04-06 19:02:38 +0200[diff] [blame]3058 /* Seek back to beginning of file */
Thierry FOURNIER / OZON.IOd44ea3f2016-10-14 00:49:21 +0200[diff] [blame]3059 if (BIO_reset(in) == -1) {
3060 memprintf(err, "%san error occurred while reading the file '%s'.\n",
3061 err && *err ? *err : "", path);
3062 goto end;
3063 }
Willy Tarreaubb137a82016-04-06 19:02:38 +0200[diff] [blame]3064
3065 /* Read Certificate */
3066 ckch->cert = PEM_read_bio_X509_AUX(in, NULL, NULL, NULL);
3067 if (ckch->cert == NULL) {
3068 memprintf(err, "%sunable to load certificate from file '%s'.\n",
3069 err && *err ? *err : "", path);
3070 goto end;
3071 }
3072
yanbzhu488a4d22015-12-01 15:16:07 -0500[diff] [blame]3073 /* Read Certificate Chain */
3074 while ((ca = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
3075 /* Grow the chain certs */
3076 ckch->num_chain_certs++;
3077 ckch->chain_certs = realloc(ckch->chain_certs, (ckch->num_chain_certs * sizeof(X509 *)));
3078
3079 /* use - 1 here since we just incremented it above */
3080 ckch->chain_certs[ckch->num_chain_certs - 1] = ca;
3081 }
3082 ret = ERR_get_error();
3083 if (ret && (ERR_GET_LIB(ret) != ERR_LIB_PEM && ERR_GET_REASON(ret) != PEM_R_NO_START_LINE)) {
3084 memprintf(err, "%sunable to load certificate chain from file '%s'.\n",
3085 err && *err ? *err : "", path);
3086 ret = 1;
3087 goto end;
3088 }
3089
3090 ret = 0;
3091
3092end:
3093
3094 ERR_clear_error();
3095 if (in)
3096 BIO_free(in);
3097
3098 /* Something went wrong in one of the reads */
3099 if (ret != 0)
3100 ssl_sock_free_cert_key_and_chain_contents(ckch);
3101
3102 return ret;
3103}
3104
3105/* Loads the info in ckch into ctx
3106 * Currently, this does not process any information about ocsp, dhparams or
3107 * sctl
3108 * Returns
3109 * 0 on success
3110 * 1 on failure
3111 */
3112static int ssl_sock_put_ckch_into_ctx(const char *path, const struct cert_key_and_chain *ckch, SSL_CTX *ctx, char **err)
3113{
3114 int i = 0;
3115
3116 if (SSL_CTX_use_PrivateKey(ctx, ckch->key) <= 0) {
3117 memprintf(err, "%sunable to load SSL private key into SSL Context '%s'.\n",
3118 err && *err ? *err : "", path);
3119 return 1;
3120 }
3121
3122 if (!SSL_CTX_use_certificate(ctx, ckch->cert)) {
3123 memprintf(err, "%sunable to load SSL certificate into SSL Context '%s'.\n",
3124 err && *err ? *err : "", path);
3125 return 1;
3126 }
3127
yanbzhu488a4d22015-12-01 15:16:07 -0500[diff] [blame]3128 /* Load all certs in the ckch into the ctx_chain for the ssl_ctx */
3129 for (i = 0; i < ckch->num_chain_certs; i++) {
3130 if (!SSL_CTX_add1_chain_cert(ctx, ckch->chain_certs[i])) {
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3131 memprintf(err, "%sunable to load chain certificate #%d into SSL Context '%s'. Make sure you are linking against Openssl >= 1.0.2.\n",
3132 err && *err ? *err : "", (i+1), path);
yanbzhu488a4d22015-12-01 15:16:07 -0500[diff] [blame]3133 return 1;
3134 }
3135 }
3136
3137 if (SSL_CTX_check_private_key(ctx) <= 0) {
3138 memprintf(err, "%sinconsistencies between private key and certificate loaded from PEM file '%s'.\n",
3139 err && *err ? *err : "", path);
3140 return 1;
3141 }
3142
3143 return 0;
3144}
3145
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3146
3147static void ssl_sock_populate_sni_keytypes_hplr(const char *str, struct eb_root *sni_keytypes, int key_index)
3148{
3149 struct sni_keytype *s_kt = NULL;
3150 struct ebmb_node *node;
3151 int i;
3152
3153 for (i = 0; i < trash.size; i++) {
3154 if (!str[i])
3155 break;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]3156 trash.area[i] = tolower(str[i]);
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3157 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]3158 trash.area[i] = 0;
3159 node = ebst_lookup(sni_keytypes, trash.area);
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3160 if (!node) {
3161 /* CN not found in tree */
3162 s_kt = malloc(sizeof(struct sni_keytype) + i + 1);
3163 /* Using memcpy here instead of strncpy.
3164 * strncpy will cause sig_abrt errors under certain versions of gcc with -O2
3165 * See: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=60792
3166 */
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]3167 memcpy(s_kt->name.key, trash.area, i+1);
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3168 s_kt->keytypes = 0;
3169 ebst_insert(sni_keytypes, &s_kt->name);
3170 } else {
3171 /* CN found in tree */
3172 s_kt = container_of(node, struct sni_keytype, name);
3173 }
3174
3175 /* Mark that this CN has the keytype of key_index via keytypes mask */
3176 s_kt->keytypes |= 1<<key_index;
3177
3178}
3179
3180
3181/* Given a path that does not exist, try to check for path.rsa, path.dsa and path.ecdsa files.
3182 * If any are found, group these files into a set of SSL_CTX*
3183 * based on shared and unique CN and SAN entries. Add these SSL_CTX* to the SNI tree.
3184 *
Joseph Herlant017b3da2018-11-15 09:07:59 -0800[diff] [blame]3185 * This will allow the user to explicitly group multiple cert/keys for a single purpose
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3186 *
3187 * Returns
3188 * 0 on success
3189 * 1 on failure
3190 */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3191static int ssl_sock_load_multi_cert(const char *path, struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf,
3192 char **sni_filter, int fcount, char **err)
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3193{
3194 char fp[MAXPATHLEN+1] = {0};
3195 int n = 0;
3196 int i = 0;
3197 struct cert_key_and_chain certs_and_keys[SSL_SOCK_NUM_KEYTYPES] = { {0} };
3198 struct eb_root sni_keytypes_map = { {0} };
3199 struct ebmb_node *node;
3200 struct ebmb_node *next;
3201 /* Array of SSL_CTX pointers corresponding to each possible combo
3202 * of keytypes
3203 */
3204 struct key_combo_ctx key_combos[SSL_SOCK_POSSIBLE_KT_COMBOS] = { {0} };
3205 int rv = 0;
3206 X509_NAME *xname = NULL;
3207 char *str = NULL;
3208#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
3209 STACK_OF(GENERAL_NAME) *names = NULL;
3210#endif
3211
3212 /* Load all possible certs and keys */
3213 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
3214 struct stat buf;
3215
3216 snprintf(fp, sizeof(fp), "%s.%s", path, SSL_SOCK_KEYTYPE_NAMES[n]);
3217 if (stat(fp, &buf) == 0) {
3218 if (ssl_sock_load_crt_file_into_ckch(fp, &certs_and_keys[n], err) == 1) {
3219 rv = 1;
3220 goto end;
3221 }
3222 }
3223 }
3224
3225 /* Process each ckch and update keytypes for each CN/SAN
3226 * for example, if CN/SAN www.a.com is associated with
3227 * certs with keytype 0 and 2, then at the end of the loop,
3228 * www.a.com will have:
3229 * keyindex = 0 | 1 | 4 = 5
3230 */
3231 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
3232
3233 if (!ssl_sock_is_ckch_valid(&certs_and_keys[n]))
3234 continue;
3235
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +0200[diff] [blame]3236 if (fcount) {
Willy Tarreau24b892f2016-06-20 23:01:57 +0200[diff] [blame]3237 for (i = 0; i < fcount; i++)
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +0200[diff] [blame]3238 ssl_sock_populate_sni_keytypes_hplr(sni_filter[i], &sni_keytypes_map, n);
3239 } else {
3240 /* A lot of the following code is OpenSSL boilerplate for processing CN's and SAN's,
3241 * so the line that contains logic is marked via comments
3242 */
3243 xname = X509_get_subject_name(certs_and_keys[n].cert);
3244 i = -1;
3245 while ((i = X509_NAME_get_index_by_NID(xname, NID_commonName, i)) != -1) {
3246 X509_NAME_ENTRY *entry = X509_NAME_get_entry(xname, i);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]3247 ASN1_STRING *value;
3248 value = X509_NAME_ENTRY_get_data(entry);
3249 if (ASN1_STRING_to_UTF8((unsigned char **)&str, value) >= 0) {
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +0200[diff] [blame]3250 /* Important line is here */
3251 ssl_sock_populate_sni_keytypes_hplr(str, &sni_keytypes_map, n);
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3252
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +0200[diff] [blame]3253 OPENSSL_free(str);
3254 str = NULL;
3255 }
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3256 }
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3257
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +0200[diff] [blame]3258 /* Do the above logic for each SAN */
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3259#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +0200[diff] [blame]3260 names = X509_get_ext_d2i(certs_and_keys[n].cert, NID_subject_alt_name, NULL, NULL);
3261 if (names) {
3262 for (i = 0; i < sk_GENERAL_NAME_num(names); i++) {
3263 GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3264
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +0200[diff] [blame]3265 if (name->type == GEN_DNS) {
3266 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
3267 /* Important line is here */
3268 ssl_sock_populate_sni_keytypes_hplr(str, &sni_keytypes_map, n);
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3269
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +0200[diff] [blame]3270 OPENSSL_free(str);
3271 str = NULL;
3272 }
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3273 }
3274 }
3275 }
3276 }
3277#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
3278 }
3279
3280 /* If no files found, return error */
3281 if (eb_is_empty(&sni_keytypes_map)) {
3282 memprintf(err, "%sunable to load SSL certificate file '%s' file does not exist.\n",
3283 err && *err ? *err : "", path);
3284 rv = 1;
3285 goto end;
3286 }
3287
3288 /* We now have a map of CN/SAN to keytypes that are loaded in
3289 * Iterate through the map to create the SSL_CTX's (if needed)
3290 * and add each CTX to the SNI tree
3291 *
3292 * Some math here:
Joseph Herlant017b3da2018-11-15 09:07:59 -0800[diff] [blame]3293 * There are 2^n - 1 possible combinations, each unique
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3294 * combination is denoted by the key in the map. Each key
3295 * has a value between 1 and 2^n - 1. Conveniently, the array
3296 * of SSL_CTX* is sized 2^n. So, we can simply use the i'th
3297 * entry in the array to correspond to the unique combo (key)
3298 * associated with i. This unique key combo (i) will be associated
3299 * with combos[i-1]
3300 */
3301
3302 node = ebmb_first(&sni_keytypes_map);
3303 while (node) {
3304 SSL_CTX *cur_ctx;
Bertrand Jacquin33423092016-11-13 16:37:13 +0000[diff] [blame]3305 char cur_file[MAXPATHLEN+1];
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]3306 const struct pkey_info kinfo = { .sig = TLSEXT_signature_anonymous, .bits = 0 };
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3307
3308 str = (char *)container_of(node, struct sni_keytype, name)->name.key;
3309 i = container_of(node, struct sni_keytype, name)->keytypes;
3310 cur_ctx = key_combos[i-1].ctx;
3311
3312 if (cur_ctx == NULL) {
3313 /* need to create SSL_CTX */
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]3314 cur_ctx = SSL_CTX_new(SSLv23_server_method());
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3315 if (cur_ctx == NULL) {
3316 memprintf(err, "%sunable to allocate SSL context.\n",
3317 err && *err ? *err : "");
3318 rv = 1;
3319 goto end;
3320 }
3321
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]3322 /* Load all required certs/keys/chains/OCSPs info into SSL_CTX */
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3323 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
3324 if (i & (1<<n)) {
3325 /* Key combo contains ckch[n] */
Bertrand Jacquin33423092016-11-13 16:37:13 +0000[diff] [blame]3326 snprintf(cur_file, MAXPATHLEN+1, "%s.%s", path, SSL_SOCK_KEYTYPE_NAMES[n]);
3327 if (ssl_sock_put_ckch_into_ctx(cur_file, &certs_and_keys[n], cur_ctx, err) != 0) {
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3328 SSL_CTX_free(cur_ctx);
3329 rv = 1;
3330 goto end;
3331 }
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]3332
3333#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
3334 /* Load OCSP Info into context */
Bertrand Jacquin33423092016-11-13 16:37:13 +0000[diff] [blame]3335 if (ssl_sock_load_ocsp(cur_ctx, cur_file) < 0) {
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]3336 if (err)
3337 memprintf(err, "%s '%s.ocsp' is present and activates OCSP but it is impossible to compute the OCSP certificate ID (maybe the issuer could not be found)'.\n",
Bertrand Jacquin5424ee02016-11-13 16:37:14 +0000[diff] [blame]3338 *err ? *err : "", cur_file);
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]3339 SSL_CTX_free(cur_ctx);
3340 rv = 1;
3341 goto end;
3342 }
Emmanuel Hocdet2c32d8f2017-05-22 14:58:00 +0200[diff] [blame]3343#elif (defined OPENSSL_IS_BORINGSSL)
3344 ssl_sock_set_ocsp_response_from_file(cur_ctx, cur_file);
yanbzhube2774d2015-12-10 15:07:30 -0500[diff] [blame]3345#endif
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3346 }
3347 }
3348
3349 /* Load DH params into the ctx to support DHE keys */
3350#ifndef OPENSSL_NO_DH
3351 if (ssl_dh_ptr_index >= 0)
3352 SSL_CTX_set_ex_data(cur_ctx, ssl_dh_ptr_index, NULL);
3353
3354 rv = ssl_sock_load_dh_params(cur_ctx, NULL);
3355 if (rv < 0) {
3356 if (err)
3357 memprintf(err, "%sunable to load DH parameters from file '%s'.\n",
3358 *err ? *err : "", path);
3359 rv = 1;
3360 goto end;
3361 }
3362#endif
3363
3364 /* Update key_combos */
3365 key_combos[i-1].ctx = cur_ctx;
3366 }
3367
3368 /* Update SNI Tree */
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]3369 key_combos[i-1].order = ssl_sock_add_cert_sni(cur_ctx, bind_conf, ssl_conf,
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]3370 kinfo, str, key_combos[i-1].order);
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3371 node = ebmb_next(node);
3372 }
3373
3374
3375 /* Mark a default context if none exists, using the ctx that has the most shared keys */
3376 if (!bind_conf->default_ctx) {
3377 for (i = SSL_SOCK_POSSIBLE_KT_COMBOS - 1; i >= 0; i--) {
3378 if (key_combos[i].ctx) {
3379 bind_conf->default_ctx = key_combos[i].ctx;
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3380 bind_conf->default_ssl_conf = ssl_conf;
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3381 break;
3382 }
3383 }
3384 }
3385
3386end:
3387
3388 if (names)
3389 sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
3390
3391 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++)
3392 ssl_sock_free_cert_key_and_chain_contents(&certs_and_keys[n]);
3393
3394 node = ebmb_first(&sni_keytypes_map);
3395 while (node) {
3396 next = ebmb_next(node);
3397 ebmb_delete(node);
3398 node = next;
3399 }
3400
3401 return rv;
3402}
3403#else
3404/* This is a dummy, that just logs an error and returns error */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3405static int ssl_sock_load_multi_cert(const char *path, struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf,
3406 char **sni_filter, int fcount, char **err)
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3407{
3408 memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
3409 err && *err ? *err : "", path, strerror(errno));
3410 return 1;
3411}
3412
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]3413#endif /* #if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL: Support for loading multiple certs into a single SSL_CTX */
yanbzhu488a4d22015-12-01 15:16:07 -0500[diff] [blame]3414
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3415/* Loads a certificate key and CA chain from a file. Returns 0 on error, -1 if
3416 * an early error happens and the caller must call SSL_CTX_free() by itelf.
3417 */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3418static int ssl_sock_load_cert_chain_file(SSL_CTX *ctx, const char *file, struct bind_conf *s,
3419 struct ssl_bind_conf *ssl_conf, char **sni_filter, int fcount)
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3420{
3421 BIO *in;
3422 X509 *x = NULL, *ca;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +0200[diff] [blame]3423 int i, err;
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3424 int ret = -1;
3425 int order = 0;
3426 X509_NAME *xname;
3427 char *str;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]3428 pem_password_cb *passwd_cb;
3429 void *passwd_cb_userdata;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]3430 EVP_PKEY *pkey;
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]3431 struct pkey_info kinfo = { .sig = TLSEXT_signature_anonymous, .bits = 0 };
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]3432
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3433#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
3434 STACK_OF(GENERAL_NAME) *names;
3435#endif
3436
3437 in = BIO_new(BIO_s_file());
3438 if (in == NULL)
3439 goto end;
3440
3441 if (BIO_read_filename(in, file) <= 0)
3442 goto end;
3443
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]3444
3445 passwd_cb = SSL_CTX_get_default_passwd_cb(ctx);
3446 passwd_cb_userdata = SSL_CTX_get_default_passwd_cb_userdata(ctx);
3447
3448 x = PEM_read_bio_X509_AUX(in, NULL, passwd_cb, passwd_cb_userdata);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3449 if (x == NULL)
3450 goto end;
3451
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]3452 pkey = X509_get_pubkey(x);
3453 if (pkey) {
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]3454 kinfo.bits = EVP_PKEY_bits(pkey);
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]3455 switch(EVP_PKEY_base_id(pkey)) {
3456 case EVP_PKEY_RSA:
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]3457 kinfo.sig = TLSEXT_signature_rsa;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]3458 break;
3459 case EVP_PKEY_EC:
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]3460 kinfo.sig = TLSEXT_signature_ecdsa;
3461 break;
3462 case EVP_PKEY_DSA:
3463 kinfo.sig = TLSEXT_signature_dsa;
Emmanuel Hocdet05942112017-02-20 16:11:50 +0100[diff] [blame]3464 break;
3465 }
3466 EVP_PKEY_free(pkey);
3467 }
3468
Emeric Brun50bcecc2013-04-22 13:05:23 +0200[diff] [blame]3469 if (fcount) {
3470 while (fcount--)
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]3471 order = ssl_sock_add_cert_sni(ctx, s, ssl_conf, kinfo, sni_filter[fcount], order);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3472 }
3473 else {
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3474#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3475 names = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
3476 if (names) {
3477 for (i = 0; i < sk_GENERAL_NAME_num(names); i++) {
3478 GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
3479 if (name->type == GEN_DNS) {
3480 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]3481 order = ssl_sock_add_cert_sni(ctx, s, ssl_conf, kinfo, str, order);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3482 OPENSSL_free(str);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3483 }
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3484 }
3485 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3486 sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3487 }
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3488#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3489 xname = X509_get_subject_name(x);
3490 i = -1;
3491 while ((i = X509_NAME_get_index_by_NID(xname, NID_commonName, i)) != -1) {
3492 X509_NAME_ENTRY *entry = X509_NAME_get_entry(xname, i);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]3493 ASN1_STRING *value;
3494
3495 value = X509_NAME_ENTRY_get_data(entry);
3496 if (ASN1_STRING_to_UTF8((unsigned char **)&str, value) >= 0) {
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +0200[diff] [blame]3497 order = ssl_sock_add_cert_sni(ctx, s, ssl_conf, kinfo, str, order);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3498 OPENSSL_free(str);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3499 }
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3500 }
3501 }
3502
3503 ret = 0; /* the caller must not free the SSL_CTX argument anymore */
3504 if (!SSL_CTX_use_certificate(ctx, x))
3505 goto end;
3506
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]3507#ifdef SSL_CTX_clear_extra_chain_certs
3508 SSL_CTX_clear_extra_chain_certs(ctx);
3509#else
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3510 if (ctx->extra_certs != NULL) {
3511 sk_X509_pop_free(ctx->extra_certs, X509_free);
3512 ctx->extra_certs = NULL;
3513 }
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]3514#endif
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3515
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]3516 while ((ca = PEM_read_bio_X509(in, NULL, passwd_cb, passwd_cb_userdata))) {
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3517 if (!SSL_CTX_add_extra_chain_cert(ctx, ca)) {
3518 X509_free(ca);
3519 goto end;
3520 }
3521 }
3522
3523 err = ERR_get_error();
3524 if (!err || (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)) {
3525 /* we successfully reached the last cert in the file */
3526 ret = 1;
3527 }
3528 ERR_clear_error();
3529
3530end:
3531 if (x)
3532 X509_free(x);
3533
3534 if (in)
3535 BIO_free(in);
3536
3537 return ret;
3538}
3539
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3540static int ssl_sock_load_cert_file(const char *path, struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf,
3541 char **sni_filter, int fcount, char **err)
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3542{
3543 int ret;
3544 SSL_CTX *ctx;
3545
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]3546 ctx = SSL_CTX_new(SSLv23_server_method());
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3547 if (!ctx) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +0200[diff] [blame]3548 memprintf(err, "%sunable to allocate SSL context for cert '%s'.\n",
3549 err && *err ? *err : "", path);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3550 return 1;
3551 }
3552
3553 if (SSL_CTX_use_PrivateKey_file(ctx, path, SSL_FILETYPE_PEM) <= 0) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +0200[diff] [blame]3554 memprintf(err, "%sunable to load SSL private key from PEM file '%s'.\n",
3555 err && *err ? *err : "", path);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3556 SSL_CTX_free(ctx);
3557 return 1;
3558 }
3559
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3560 ret = ssl_sock_load_cert_chain_file(ctx, path, bind_conf, ssl_conf, sni_filter, fcount);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3561 if (ret <= 0) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +0200[diff] [blame]3562 memprintf(err, "%sunable to load SSL certificate from PEM file '%s'.\n",
3563 err && *err ? *err : "", path);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3564 if (ret < 0) /* serious error, must do that ourselves */
3565 SSL_CTX_free(ctx);
3566 return 1;
3567 }
Emeric Brun61694ab2012-10-26 13:35:33 +0200[diff] [blame]3568
3569 if (SSL_CTX_check_private_key(ctx) <= 0) {
3570 memprintf(err, "%sinconsistencies between private key and certificate loaded from PEM file '%s'.\n",
3571 err && *err ? *err : "", path);
3572 return 1;
3573 }
3574
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3575 /* we must not free the SSL_CTX anymore below, since it's already in
3576 * the tree, so it will be discovered and cleaned in time.
3577 */
Emeric Bruna4bcd9a2012-09-20 16:19:02 +0200[diff] [blame]3578#ifndef OPENSSL_NO_DH
Remi Gacogne4f902b82015-05-28 16:23:00 +0200[diff] [blame]3579 /* store a NULL pointer to indicate we have not yet loaded
3580 a custom DH param file */
3581 if (ssl_dh_ptr_index >= 0) {
3582 SSL_CTX_set_ex_data(ctx, ssl_dh_ptr_index, NULL);
3583 }
3584
Emeric Bruna4bcd9a2012-09-20 16:19:02 +0200[diff] [blame]3585 ret = ssl_sock_load_dh_params(ctx, path);
3586 if (ret < 0) {
3587 if (err)
3588 memprintf(err, "%sunable to load DH parameters from file '%s'.\n",
3589 *err ? *err : "", path);
3590 return 1;
3591 }
3592#endif
3593
Lukas Tribuse4e30f72014-12-09 16:32:51 +0100[diff] [blame]3594#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]3595 ret = ssl_sock_load_ocsp(ctx, path);
3596 if (ret < 0) {
3597 if (err)
3598 memprintf(err, "%s '%s.ocsp' is present and activates OCSP but it is impossible to compute the OCSP certificate ID (maybe the issuer could not be found)'.\n",
3599 *err ? *err : "", path);
3600 return 1;
3601 }
Emmanuel Hocdet2c32d8f2017-05-22 14:58:00 +0200[diff] [blame]3602#elif (defined OPENSSL_IS_BORINGSSL)
3603 ssl_sock_set_ocsp_response_from_file(ctx, path);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200[diff] [blame]3604#endif
3605
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]3606#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]3607 if (sctl_ex_index >= 0) {
3608 ret = ssl_sock_load_sctl(ctx, path);
3609 if (ret < 0) {
3610 if (err)
3611 memprintf(err, "%s '%s.sctl' is present but cannot be read or parsed'.\n",
3612 *err ? *err : "", path);
3613 return 1;
3614 }
3615 }
3616#endif
3617
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3618#ifndef SSL_CTRL_SET_TLSEXT_HOSTNAME
Willy Tarreau2a65ff02012-09-13 17:54:29 +0200[diff] [blame]3619 if (bind_conf->default_ctx) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +0200[diff] [blame]3620 memprintf(err, "%sthis version of openssl cannot load multiple SSL certificates.\n",
3621 err && *err ? *err : "");
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3622 return 1;
3623 }
3624#endif
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3625 if (!bind_conf->default_ctx) {
Willy Tarreau2a65ff02012-09-13 17:54:29 +0200[diff] [blame]3626 bind_conf->default_ctx = ctx;
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3627 bind_conf->default_ssl_conf = ssl_conf;
3628 }
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3629
3630 return 0;
3631}
3632
Willy Tarreau03209342016-12-22 17:08:28 +0100[diff] [blame]3633int ssl_sock_load_cert(char *path, struct bind_conf *bind_conf, char **err)
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3634{
Cyril Bonté3180f7b2015-01-25 00:16:08 +0100[diff] [blame]3635 struct dirent **de_list;
3636 int i, n;
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3637 DIR *dir;
3638 struct stat buf;
Willy Tarreauee2663b2012-12-06 11:36:59 +0100[diff] [blame]3639 char *end;
3640 char fp[MAXPATHLEN+1];
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3641 int cfgerr = 0;
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]3642#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhu63ea8462015-12-09 13:35:14 -0500[diff] [blame]3643 int is_bundle;
3644 int j;
3645#endif
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3646
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3647 if (stat(path, &buf) == 0) {
3648 dir = opendir(path);
3649 if (!dir)
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3650 return ssl_sock_load_cert_file(path, bind_conf, NULL, NULL, 0, err);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3651
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3652 /* strip trailing slashes, including first one */
3653 for (end = path + strlen(path) - 1; end >= path && *end == '/'; end--)
3654 *end = 0;
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3655
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3656 n = scandir(path, &de_list, 0, alphasort);
3657 if (n < 0) {
3658 memprintf(err, "%sunable to scan directory '%s' : %s.\n",
3659 err && *err ? *err : "", path, strerror(errno));
3660 cfgerr++;
3661 }
3662 else {
3663 for (i = 0; i < n; i++) {
3664 struct dirent *de = de_list[i];
Emeric Brun2aab7222014-06-18 18:15:09 +0200[diff] [blame]3665
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3666 end = strrchr(de->d_name, '.');
3667 if (end && (!strcmp(end, ".issuer") || !strcmp(end, ".ocsp") || !strcmp(end, ".sctl")))
3668 goto ignore_entry;
Cyril Bonté3180f7b2015-01-25 00:16:08 +0100[diff] [blame]3669
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3670 snprintf(fp, sizeof(fp), "%s/%s", path, de->d_name);
3671 if (stat(fp, &buf) != 0) {
3672 memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
3673 err && *err ? *err : "", fp, strerror(errno));
3674 cfgerr++;
3675 goto ignore_entry;
3676 }
3677 if (!S_ISREG(buf.st_mode))
3678 goto ignore_entry;
yanbzhu63ea8462015-12-09 13:35:14 -0500[diff] [blame]3679
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]3680#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhu63ea8462015-12-09 13:35:14 -0500[diff] [blame]3681 is_bundle = 0;
3682 /* Check if current entry in directory is part of a multi-cert bundle */
3683
3684 if (end) {
3685 for (j = 0; j < SSL_SOCK_NUM_KEYTYPES; j++) {
3686 if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) {
3687 is_bundle = 1;
3688 break;
3689 }
3690 }
3691
3692 if (is_bundle) {
3693 char dp[MAXPATHLEN+1] = {0}; /* this will be the filename w/o the keytype */
3694 int dp_len;
3695
3696 dp_len = end - de->d_name;
3697 snprintf(dp, dp_len + 1, "%s", de->d_name);
3698
3699 /* increment i and free de until we get to a non-bundle cert
3700 * Note here that we look at de_list[i + 1] before freeing de
3701 * this is important since ignore_entry will free de
3702 */
3703 while (i + 1 < n && !strncmp(de_list[i + 1]->d_name, dp, dp_len)) {
3704 free(de);
3705 i++;
3706 de = de_list[i];
3707 }
3708
3709 snprintf(fp, sizeof(fp), "%s/%s", path, dp);
Emeric Bruneb155b62018-08-16 15:11:12 +0200[diff] [blame]3710 cfgerr += ssl_sock_load_multi_cert(fp, bind_conf, NULL, NULL, 0, err);
yanbzhu63ea8462015-12-09 13:35:14 -0500[diff] [blame]3711
3712 /* Successfully processed the bundle */
3713 goto ignore_entry;
3714 }
3715 }
3716
3717#endif
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3718 cfgerr += ssl_sock_load_cert_file(fp, bind_conf, NULL, NULL, 0, err);
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3719ignore_entry:
3720 free(de);
Cyril Bonté3180f7b2015-01-25 00:16:08 +0100[diff] [blame]3721 }
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3722 free(de_list);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3723 }
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3724 closedir(dir);
3725 return cfgerr;
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3726 }
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3727
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3728 cfgerr = ssl_sock_load_multi_cert(path, bind_conf, NULL, NULL, 0, err);
yanbzhu08ce6ab2015-12-02 13:01:29 -0500[diff] [blame]3729
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3730 return cfgerr;
3731}
3732
Thierry Fournier383085f2013-01-24 14:15:43 +0100[diff] [blame]3733/* Make sure openssl opens /dev/urandom before the chroot. The work is only
3734 * done once. Zero is returned if the operation fails. No error is returned
3735 * if the random is said as not implemented, because we expect that openssl
3736 * will use another method once needed.
3737 */
3738static int ssl_initialize_random()
3739{
3740 unsigned char random;
3741 static int random_initialized = 0;
3742
3743 if (!random_initialized && RAND_bytes(&random, 1) != 0)
3744 random_initialized = 1;
3745
3746 return random_initialized;
3747}
3748
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3749/* release ssl bind conf */
3750void ssl_sock_free_ssl_conf(struct ssl_bind_conf *conf)
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3751{
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3752 if (conf) {
Bernard Spil13c53f82018-02-15 13:34:58 +0100[diff] [blame]3753#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3754 free(conf->npn_str);
3755 conf->npn_str = NULL;
3756#endif
3757#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
3758 free(conf->alpn_str);
3759 conf->alpn_str = NULL;
3760#endif
3761 free(conf->ca_file);
3762 conf->ca_file = NULL;
3763 free(conf->crl_file);
3764 conf->crl_file = NULL;
3765 free(conf->ciphers);
3766 conf->ciphers = NULL;
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]3767#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]3768 free(conf->ciphersuites);
3769 conf->ciphersuites = NULL;
3770#endif
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +0100[diff] [blame]3771 free(conf->curves);
3772 conf->curves = NULL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3773 free(conf->ecdhe);
3774 conf->ecdhe = NULL;
3775 }
3776}
3777
3778int ssl_sock_load_cert_list_file(char *file, struct bind_conf *bind_conf, struct proxy *curproxy, char **err)
3779{
3780 char thisline[CRT_LINESIZE];
3781 char path[MAXPATHLEN+1];
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3782 FILE *f;
yanbzhu1b04e5b2015-12-02 13:54:14 -0500[diff] [blame]3783 struct stat buf;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3784 int linenum = 0;
3785 int cfgerr = 0;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3786
Willy Tarreauad1731d2013-04-02 17:35:58 +0200[diff] [blame]3787 if ((f = fopen(file, "r")) == NULL) {
3788 memprintf(err, "cannot open file '%s' : %s", file, strerror(errno));
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3789 return 1;
Willy Tarreauad1731d2013-04-02 17:35:58 +0200[diff] [blame]3790 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3791
3792 while (fgets(thisline, sizeof(thisline), f) != NULL) {
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3793 int arg, newarg, cur_arg, i, ssl_b = 0, ssl_e = 0;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3794 char *end;
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3795 char *args[MAX_CRT_ARGS + 1];
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3796 char *line = thisline;
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3797 char *crt_path;
3798 struct ssl_bind_conf *ssl_conf = NULL;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3799
3800 linenum++;
3801 end = line + strlen(line);
3802 if (end-line == sizeof(thisline)-1 && *(end-1) != '\n') {
3803 /* Check if we reached the limit and the last char is not \n.
3804 * Watch out for the last line without the terminating '\n'!
3805 */
Willy Tarreauad1731d2013-04-02 17:35:58 +0200[diff] [blame]3806 memprintf(err, "line %d too long in file '%s', limit is %d characters",
3807 linenum, file, (int)sizeof(thisline)-1);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3808 cfgerr = 1;
Willy Tarreauad1731d2013-04-02 17:35:58 +0200[diff] [blame]3809 break;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3810 }
3811
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3812 arg = 0;
Emeric Brun50bcecc2013-04-22 13:05:23 +0200[diff] [blame]3813 newarg = 1;
3814 while (*line) {
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3815 if (*line == '#' || *line == '\n' || *line == '\r') {
3816 /* end of string, end of loop */
3817 *line = 0;
3818 break;
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3819 } else if (isspace(*line)) {
Emeric Brun50bcecc2013-04-22 13:05:23 +0200[diff] [blame]3820 newarg = 1;
3821 *line = 0;
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3822 } else if (*line == '[') {
3823 if (ssl_b) {
3824 memprintf(err, "too many '[' on line %d in file '%s'.", linenum, file);
3825 cfgerr = 1;
3826 break;
3827 }
3828 if (!arg) {
3829 memprintf(err, "file must start with a cert on line %d in file '%s'", linenum, file);
3830 cfgerr = 1;
3831 break;
3832 }
3833 ssl_b = arg;
3834 newarg = 1;
3835 *line = 0;
3836 } else if (*line == ']') {
3837 if (ssl_e) {
3838 memprintf(err, "too many ']' on line %d in file '%s'.", linenum, file);
Emeric Brun50bcecc2013-04-22 13:05:23 +0200[diff] [blame]3839 cfgerr = 1;
3840 break;
3841 }
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3842 if (!ssl_b) {
3843 memprintf(err, "missing '[' in line %d in file '%s'.", linenum, file);
3844 cfgerr = 1;
3845 break;
3846 }
3847 ssl_e = arg;
3848 newarg = 1;
3849 *line = 0;
3850 } else if (newarg) {
3851 if (arg == MAX_CRT_ARGS) {
3852 memprintf(err, "too many args on line %d in file '%s'.", linenum, file);
3853 cfgerr = 1;
3854 break;
3855 }
Emeric Brun50bcecc2013-04-22 13:05:23 +0200[diff] [blame]3856 newarg = 0;
3857 args[arg++] = line;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3858 }
Emeric Brun50bcecc2013-04-22 13:05:23 +0200[diff] [blame]3859 line++;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3860 }
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +0200[diff] [blame]3861 if (cfgerr)
3862 break;
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3863 args[arg++] = line;
Willy Tarreauad1731d2013-04-02 17:35:58 +0200[diff] [blame]3864
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3865 /* empty line */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3866 if (!*args[0])
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3867 continue;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3868
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3869 crt_path = args[0];
3870 if (*crt_path != '/' && global_ssl.crt_base) {
3871 if ((strlen(global_ssl.crt_base) + 1 + strlen(crt_path)) > MAXPATHLEN) {
3872 memprintf(err, "'%s' : path too long on line %d in file '%s'",
3873 crt_path, linenum, file);
3874 cfgerr = 1;
3875 break;
3876 }
3877 snprintf(path, sizeof(path), "%s/%s", global_ssl.crt_base, crt_path);
3878 crt_path = path;
3879 }
3880
3881 ssl_conf = calloc(1, sizeof *ssl_conf);
3882 cur_arg = ssl_b ? ssl_b : 1;
3883 while (cur_arg < ssl_e) {
3884 newarg = 0;
3885 for (i = 0; ssl_bind_kws[i].kw != NULL; i++) {
3886 if (strcmp(ssl_bind_kws[i].kw, args[cur_arg]) == 0) {
3887 newarg = 1;
3888 cfgerr = ssl_bind_kws[i].parse(args, cur_arg, curproxy, ssl_conf, err);
3889 if (cur_arg + 1 + ssl_bind_kws[i].skip > ssl_e) {
3890 memprintf(err, "ssl args out of '[]' for %s on line %d in file '%s'",
3891 args[cur_arg], linenum, file);
3892 cfgerr = 1;
3893 }
3894 cur_arg += 1 + ssl_bind_kws[i].skip;
3895 break;
3896 }
3897 }
3898 if (!cfgerr && !newarg) {
3899 memprintf(err, "unknown ssl keyword %s on line %d in file '%s'.",
3900 args[cur_arg], linenum, file);
3901 cfgerr = 1;
3902 break;
3903 }
3904 }
3905 if (cfgerr) {
3906 ssl_sock_free_ssl_conf(ssl_conf);
3907 free(ssl_conf);
3908 ssl_conf = NULL;
3909 break;
3910 }
3911
3912 if (stat(crt_path, &buf) == 0) {
3913 cfgerr = ssl_sock_load_cert_file(crt_path, bind_conf, ssl_conf,
3914 &args[cur_arg], arg - cur_arg - 1, err);
yanbzhu1b04e5b2015-12-02 13:54:14 -0500[diff] [blame]3915 } else {
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]3916 cfgerr = ssl_sock_load_multi_cert(crt_path, bind_conf, ssl_conf,
3917 &args[cur_arg], arg - cur_arg - 1, err);
yanbzhu1b04e5b2015-12-02 13:54:14 -0500[diff] [blame]3918 }
3919
Willy Tarreauad1731d2013-04-02 17:35:58 +0200[diff] [blame]3920 if (cfgerr) {
3921 memprintf(err, "error processing line %d in file '%s' : %s", linenum, file, *err);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3922 break;
Willy Tarreauad1731d2013-04-02 17:35:58 +0200[diff] [blame]3923 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3924 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]3925 fclose(f);
3926 return cfgerr;
3927}
3928
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]3929/* Create an initial CTX used to start the SSL connection before switchctx */
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]3930static int
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]3931ssl_sock_initial_ctx(struct bind_conf *bind_conf)
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3932{
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +0100[diff] [blame]3933 SSL_CTX *ctx = NULL;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]3934 long options =
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3935 SSL_OP_ALL | /* all known workarounds for bugs */
3936 SSL_OP_NO_SSLv2 |
3937 SSL_OP_NO_COMPRESSION |
Emeric Bruna4bcd9a2012-09-20 16:19:02 +0200[diff] [blame]3938 SSL_OP_SINGLE_DH_USE |
Emeric Brun2b58d042012-09-20 17:10:03 +0200[diff] [blame]3939 SSL_OP_SINGLE_ECDH_USE |
Emeric Brun3c4bc6e2012-10-04 18:44:19 +0200[diff] [blame]3940 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION |
Lukas Tribus926594f2018-05-18 17:55:57 +0200[diff] [blame]3941 SSL_OP_PRIORITIZE_CHACHA |
Emeric Brun3c4bc6e2012-10-04 18:44:19 +0200[diff] [blame]3942 SSL_OP_CIPHER_SERVER_PREFERENCE;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]3943 long mode =
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]3944 SSL_MODE_ENABLE_PARTIAL_WRITE |
3945 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
Willy Tarreau396a1862014-11-13 14:06:52 +0100[diff] [blame]3946 SSL_MODE_RELEASE_BUFFERS |
3947 SSL_MODE_SMALL_BUFFERS;
Emmanuel Hocdet43664762017-08-09 18:26:20 +0200[diff] [blame]3948 struct tls_version_filter *conf_ssl_methods = &bind_conf->ssl_conf.ssl_methods;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]3949 int i, min, max, hole;
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]3950 int flags = MC_SSL_O_ALL;
3951 int cfgerr = 0;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +0100[diff] [blame]3952
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]3953 ctx = SSL_CTX_new(SSLv23_server_method());
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]3954 bind_conf->initial_ctx = ctx;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]3955
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]3956 if (conf_ssl_methods->flags && (conf_ssl_methods->min || conf_ssl_methods->max))
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]3957 ha_warning("Proxy '%s': no-sslv3/no-tlsv1x are ignored for bind '%s' at [%s:%d]. "
3958 "Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
3959 bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]3960 else
3961 flags = conf_ssl_methods->flags;
3962
Emmanuel Hocdetbd695fe2017-05-15 15:53:41 +0200[diff] [blame]3963 min = conf_ssl_methods->min;
3964 max = conf_ssl_methods->max;
3965 /* start with TLSv10 to remove SSLv3 per default */
3966 if (!min && (!max || max >= CONF_TLSV10))
3967 min = CONF_TLSV10;
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]3968 /* Real min and max should be determinate with configuration and openssl's capabilities */
Emmanuel Hocdetbd695fe2017-05-15 15:53:41 +0200[diff] [blame]3969 if (min)
3970 flags |= (methodVersions[min].flag - 1);
3971 if (max)
3972 flags |= ~((methodVersions[max].flag << 1) - 1);
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]3973 /* find min, max and holes */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]3974 min = max = CONF_TLSV_NONE;
3975 hole = 0;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]3976 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]3977 /* version is in openssl && version not disable in configuration */
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]3978 if (methodVersions[i].option && !(flags & methodVersions[i].flag)) {
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]3979 if (min) {
3980 if (hole) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]3981 ha_warning("Proxy '%s': SSL/TLS versions range not contiguous for bind '%s' at [%s:%d]. "
3982 "Hole find for %s. Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
3983 bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line,
3984 methodVersions[hole].name);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]3985 hole = 0;
3986 }
3987 max = i;
3988 }
3989 else {
3990 min = max = i;
3991 }
3992 }
3993 else {
3994 if (min)
3995 hole = i;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]3996 }
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]3997 if (!min) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]3998 ha_alert("Proxy '%s': all SSL/TLS versions are disabled for bind '%s' at [%s:%d].\n",
3999 bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]4000 cfgerr += 1;
4001 }
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +0200[diff] [blame]4002 /* save real min/max in bind_conf */
4003 conf_ssl_methods->min = min;
4004 conf_ssl_methods->max = max;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4005
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]4006#if (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4007 /* Keep force-xxx implementation as it is in older haproxy. It's a
Joseph Herlant017b3da2018-11-15 09:07:59 -0800[diff] [blame]4008 precautionary measure to avoid any surprise with older openssl version. */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4009 if (min == max)
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]4010 methodVersions[min].ctx_set_version(ctx, SET_SERVER);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]4011 else
4012 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
4013 if (flags & methodVersions[i].flag)
4014 options |= methodVersions[i].option;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4015#else /* openssl >= 1.1.0 */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]4016 /* set the max_version is required to cap TLS version or activate new TLS (v1.3) */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]4017 methodVersions[min].ctx_set_version(ctx, SET_MIN);
4018 methodVersions[max].ctx_set_version(ctx, SET_MAX);
Emeric Brunfa5c5c82017-04-28 16:19:51 +0200[diff] [blame]4019#endif
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4020
4021 if (bind_conf->ssl_options & BC_SSL_O_NO_TLS_TICKETS)
4022 options |= SSL_OP_NO_TICKET;
4023 if (bind_conf->ssl_options & BC_SSL_O_PREF_CLIE_CIPH)
4024 options &= ~SSL_OP_CIPHER_SERVER_PREFERENCE;
Dirkjan Bussink526894f2019-01-21 09:35:03 -0800[diff] [blame]4025
4026#ifdef SSL_OP_NO_RENEGOTIATION
4027 options |= SSL_OP_NO_RENEGOTIATION;
4028#endif
4029
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4030 SSL_CTX_set_options(ctx, options);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]4031
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]4032#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]4033 if (global_ssl.async)
4034 mode |= SSL_MODE_ASYNC;
4035#endif
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4036 SSL_CTX_set_mode(ctx, mode);
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +0100[diff] [blame]4037 if (global_ssl.life_time)
4038 SSL_CTX_set_timeout(ctx, global_ssl.life_time);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]4039
4040#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
4041#ifdef OPENSSL_IS_BORINGSSL
4042 SSL_CTX_set_select_certificate_cb(ctx, ssl_sock_switchctx_cbk);
4043 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]4044#elif (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchard51088ce2019-01-02 18:46:41 +0100[diff] [blame]4045 if (bind_conf->ssl_conf.early_data) {
4046 SSL_CTX_set_options(ctx, SSL_OP_NO_ANTI_REPLAY);
4047 SSL_CTX_set_max_early_data(ctx, global.tune.bufsize - global.tune.maxrewrite);
4048 }
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +0200[diff] [blame]4049 SSL_CTX_set_client_hello_cb(ctx, ssl_sock_switchctx_cbk, NULL);
4050 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]4051#else
4052 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_cbk);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]4053#endif
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +0200[diff] [blame]4054 SSL_CTX_set_tlsext_servername_arg(ctx, bind_conf);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]4055#endif
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]4056 return cfgerr;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +0100[diff] [blame]4057}
4058
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4059
4060static inline void sh_ssl_sess_free_blocks(struct shared_block *first, struct shared_block *block)
4061{
4062 if (first == block) {
4063 struct sh_ssl_sess_hdr *sh_ssl_sess = (struct sh_ssl_sess_hdr *)first->data;
4064 if (first->len > 0)
4065 sh_ssl_sess_tree_delete(sh_ssl_sess);
4066 }
4067}
4068
4069/* return first block from sh_ssl_sess */
4070static inline struct shared_block *sh_ssl_sess_first_block(struct sh_ssl_sess_hdr *sh_ssl_sess)
4071{
4072 return (struct shared_block *)((unsigned char *)sh_ssl_sess - ((struct shared_block *)NULL)->data);
4073
4074}
4075
4076/* store a session into the cache
4077 * s_id : session id padded with zero to SSL_MAX_SSL_SESSION_ID_LENGTH
4078 * data: asn1 encoded session
4079 * data_len: asn1 encoded session length
4080 * Returns 1 id session was stored (else 0)
4081 */
4082static int sh_ssl_sess_store(unsigned char *s_id, unsigned char *data, int data_len)
4083{
4084 struct shared_block *first;
4085 struct sh_ssl_sess_hdr *sh_ssl_sess, *oldsh_ssl_sess;
4086
Frédéric Lécaille0bec8072018-10-22 17:55:57 +0200[diff] [blame]4087 first = shctx_row_reserve_hot(ssl_shctx, NULL, data_len + sizeof(struct sh_ssl_sess_hdr));
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4088 if (!first) {
4089 /* Could not retrieve enough free blocks to store that session */
4090 return 0;
4091 }
4092
4093 /* STORE the key in the first elem */
4094 sh_ssl_sess = (struct sh_ssl_sess_hdr *)first->data;
4095 memcpy(sh_ssl_sess->key_data, s_id, SSL_MAX_SSL_SESSION_ID_LENGTH);
4096 first->len = sizeof(struct sh_ssl_sess_hdr);
4097
4098 /* it returns the already existing node
4099 or current node if none, never returns null */
4100 oldsh_ssl_sess = sh_ssl_sess_tree_insert(sh_ssl_sess);
4101 if (oldsh_ssl_sess != sh_ssl_sess) {
4102 /* NOTE: Row couldn't be in use because we lock read & write function */
4103 /* release the reserved row */
4104 shctx_row_dec_hot(ssl_shctx, first);
4105 /* replace the previous session already in the tree */
4106 sh_ssl_sess = oldsh_ssl_sess;
4107 /* ignore the previous session data, only use the header */
4108 first = sh_ssl_sess_first_block(sh_ssl_sess);
4109 shctx_row_inc_hot(ssl_shctx, first);
4110 first->len = sizeof(struct sh_ssl_sess_hdr);
4111 }
4112
Frédéric Lécaille0bec8072018-10-22 17:55:57 +0200[diff] [blame]4113 if (shctx_row_data_append(ssl_shctx, first, NULL, data, data_len) < 0) {
William Lallemand99b90af2018-01-03 19:15:51 +0100[diff] [blame]4114 shctx_row_dec_hot(ssl_shctx, first);
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4115 return 0;
William Lallemand99b90af2018-01-03 19:15:51 +0100[diff] [blame]4116 }
4117
4118 shctx_row_dec_hot(ssl_shctx, first);
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4119
4120 return 1;
4121}
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4122
Olivier Houchardbd84ac82017-11-03 13:43:35 +0100[diff] [blame]4123/* SSL callback used when a new session is created while connecting to a server */
4124static int ssl_sess_new_srv_cb(SSL *ssl, SSL_SESSION *sess)
4125{
Thierry FOURNIER28962c92018-06-17 21:37:05 +0200[diff] [blame]4126 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Olivier Houcharde6060c52017-11-16 17:42:52 +0100[diff] [blame]4127 struct server *s;
Olivier Houchardbd84ac82017-11-03 13:43:35 +0100[diff] [blame]4128
Willy Tarreau07d94e42018-09-20 10:57:52 +0200[diff] [blame]4129 s = __objt_server(conn->target);
Olivier Houchardbd84ac82017-11-03 13:43:35 +0100[diff] [blame]4130
Olivier Houcharde6060c52017-11-16 17:42:52 +0100[diff] [blame]4131 if (!(s->ssl_ctx.options & SRV_SSL_O_NO_REUSE)) {
4132 int len;
4133 unsigned char *ptr;
Olivier Houchardbd84ac82017-11-03 13:43:35 +0100[diff] [blame]4134
Olivier Houcharde6060c52017-11-16 17:42:52 +0100[diff] [blame]4135 len = i2d_SSL_SESSION(sess, NULL);
4136 if (s->ssl_ctx.reused_sess[tid].ptr && s->ssl_ctx.reused_sess[tid].allocated_size >= len) {
4137 ptr = s->ssl_ctx.reused_sess[tid].ptr;
4138 } else {
4139 free(s->ssl_ctx.reused_sess[tid].ptr);
4140 ptr = s->ssl_ctx.reused_sess[tid].ptr = malloc(len);
4141 s->ssl_ctx.reused_sess[tid].allocated_size = len;
4142 }
4143 if (s->ssl_ctx.reused_sess[tid].ptr) {
4144 s->ssl_ctx.reused_sess[tid].size = i2d_SSL_SESSION(sess,
4145 &ptr);
4146 }
4147 } else {
4148 free(s->ssl_ctx.reused_sess[tid].ptr);
4149 s->ssl_ctx.reused_sess[tid].ptr = NULL;
4150 }
4151
4152 return 0;
Olivier Houchardbd84ac82017-11-03 13:43:35 +0100[diff] [blame]4153}
4154
Olivier Houcharde6060c52017-11-16 17:42:52 +0100[diff] [blame]4155
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4156/* SSL callback used on new session creation */
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4157int sh_ssl_sess_new_cb(SSL *ssl, SSL_SESSION *sess)
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4158{
4159 unsigned char encsess[SHSESS_MAX_DATA_LEN]; /* encoded session */
4160 unsigned char encid[SSL_MAX_SSL_SESSION_ID_LENGTH]; /* encoded id */
4161 unsigned char *p;
4162 int data_len;
4163 unsigned int sid_length, sid_ctx_length;
4164 const unsigned char *sid_data;
4165 const unsigned char *sid_ctx_data;
4166
4167 /* Session id is already stored in to key and session id is known
4168 * so we dont store it to keep size.
4169 */
4170
4171 sid_data = SSL_SESSION_get_id(sess, &sid_length);
4172 sid_ctx_data = SSL_SESSION_get0_id_context(sess, &sid_ctx_length);
4173 SSL_SESSION_set1_id(sess, sid_data, 0);
4174 SSL_SESSION_set1_id_context(sess, sid_ctx_data, 0);
4175
4176 /* check if buffer is large enough for the ASN1 encoded session */
4177 data_len = i2d_SSL_SESSION(sess, NULL);
4178 if (data_len > SHSESS_MAX_DATA_LEN)
4179 goto err;
4180
4181 p = encsess;
4182
4183 /* process ASN1 session encoding before the lock */
4184 i2d_SSL_SESSION(sess, &p);
4185
4186 memcpy(encid, sid_data, sid_length);
4187 if (sid_length < SSL_MAX_SSL_SESSION_ID_LENGTH)
4188 memset(encid + sid_length, 0, SSL_MAX_SSL_SESSION_ID_LENGTH-sid_length);
4189
William Lallemanda3c77cf2017-10-30 23:44:40 +0100[diff] [blame]4190 shctx_lock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4191 /* store to cache */
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4192 sh_ssl_sess_store(encid, encsess, data_len);
William Lallemanda3c77cf2017-10-30 23:44:40 +0100[diff] [blame]4193 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4194err:
4195 /* reset original length values */
4196 SSL_SESSION_set1_id(sess, sid_data, sid_length);
4197 SSL_SESSION_set1_id_context(sess, sid_ctx_data, sid_ctx_length);
4198
4199 return 0; /* do not increment session reference count */
4200}
4201
4202/* SSL callback used on lookup an existing session cause none found in internal cache */
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4203SSL_SESSION *sh_ssl_sess_get_cb(SSL *ssl, __OPENSSL_110_CONST__ unsigned char *key, int key_len, int *do_copy)
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4204{
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4205 struct sh_ssl_sess_hdr *sh_ssl_sess;
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4206 unsigned char data[SHSESS_MAX_DATA_LEN], *p;
4207 unsigned char tmpkey[SSL_MAX_SSL_SESSION_ID_LENGTH];
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4208 SSL_SESSION *sess;
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4209 struct shared_block *first;
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4210
4211 global.shctx_lookups++;
4212
4213 /* allow the session to be freed automatically by openssl */
4214 *do_copy = 0;
4215
4216 /* tree key is zeros padded sessionid */
4217 if (key_len < SSL_MAX_SSL_SESSION_ID_LENGTH) {
4218 memcpy(tmpkey, key, key_len);
4219 memset(tmpkey + key_len, 0, SSL_MAX_SSL_SESSION_ID_LENGTH - key_len);
4220 key = tmpkey;
4221 }
4222
4223 /* lock cache */
William Lallemanda3c77cf2017-10-30 23:44:40 +0100[diff] [blame]4224 shctx_lock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4225
4226 /* lookup for session */
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4227 sh_ssl_sess = sh_ssl_sess_tree_lookup(key);
4228 if (!sh_ssl_sess) {
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4229 /* no session found: unlock cache and exit */
William Lallemanda3c77cf2017-10-30 23:44:40 +0100[diff] [blame]4230 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4231 global.shctx_misses++;
4232 return NULL;
4233 }
4234
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4235 /* sh_ssl_sess (shared_block->data) is at the end of shared_block */
4236 first = sh_ssl_sess_first_block(sh_ssl_sess);
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4237
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4238 shctx_row_data_get(ssl_shctx, first, data, sizeof(struct sh_ssl_sess_hdr), first->len-sizeof(struct sh_ssl_sess_hdr));
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4239
William Lallemanda3c77cf2017-10-30 23:44:40 +0100[diff] [blame]4240 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4241
4242 /* decode ASN1 session */
4243 p = data;
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4244 sess = d2i_SSL_SESSION(NULL, (const unsigned char **)&p, first->len-sizeof(struct sh_ssl_sess_hdr));
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4245 /* Reset session id and session id contenxt */
4246 if (sess) {
4247 SSL_SESSION_set1_id(sess, key, key_len);
4248 SSL_SESSION_set1_id_context(sess, (const unsigned char *)SHCTX_APPNAME, strlen(SHCTX_APPNAME));
4249 }
4250
4251 return sess;
4252}
4253
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4254
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4255/* SSL callback used to signal session is no more used in internal cache */
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4256void sh_ssl_sess_remove_cb(SSL_CTX *ctx, SSL_SESSION *sess)
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4257{
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4258 struct sh_ssl_sess_hdr *sh_ssl_sess;
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4259 unsigned char tmpkey[SSL_MAX_SSL_SESSION_ID_LENGTH];
4260 unsigned int sid_length;
4261 const unsigned char *sid_data;
4262 (void)ctx;
4263
4264 sid_data = SSL_SESSION_get_id(sess, &sid_length);
4265 /* tree key is zeros padded sessionid */
4266 if (sid_length < SSL_MAX_SSL_SESSION_ID_LENGTH) {
4267 memcpy(tmpkey, sid_data, sid_length);
4268 memset(tmpkey+sid_length, 0, SSL_MAX_SSL_SESSION_ID_LENGTH - sid_length);
4269 sid_data = tmpkey;
4270 }
4271
William Lallemanda3c77cf2017-10-30 23:44:40 +0100[diff] [blame]4272 shctx_lock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4273
4274 /* lookup for session */
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4275 sh_ssl_sess = sh_ssl_sess_tree_lookup(sid_data);
4276 if (sh_ssl_sess) {
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4277 /* free session */
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4278 sh_ssl_sess_tree_delete(sh_ssl_sess);
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4279 }
4280
4281 /* unlock cache */
William Lallemanda3c77cf2017-10-30 23:44:40 +0100[diff] [blame]4282 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4283}
4284
4285/* Set session cache mode to server and disable openssl internal cache.
4286 * Set shared cache callbacks on an ssl context.
4287 * Shared context MUST be firstly initialized */
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4288void ssl_set_shctx(SSL_CTX *ctx)
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4289{
4290 SSL_CTX_set_session_id_context(ctx, (const unsigned char *)SHCTX_APPNAME, strlen(SHCTX_APPNAME));
4291
4292 if (!ssl_shctx) {
4293 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
4294 return;
4295 }
4296
4297 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER |
4298 SSL_SESS_CACHE_NO_INTERNAL |
4299 SSL_SESS_CACHE_NO_AUTO_CLEAR);
4300
4301 /* Set callbacks */
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4302 SSL_CTX_sess_set_new_cb(ctx, sh_ssl_sess_new_cb);
4303 SSL_CTX_sess_set_get_cb(ctx, sh_ssl_sess_get_cb);
4304 SSL_CTX_sess_set_remove_cb(ctx, sh_ssl_sess_remove_cb);
William Lallemanded0b5ad2017-10-30 19:36:36 +0100[diff] [blame]4305}
4306
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +0100[diff] [blame]4307int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf, SSL_CTX *ctx)
4308{
4309 struct proxy *curproxy = bind_conf->frontend;
4310 int cfgerr = 0;
4311 int verify = SSL_VERIFY_NONE;
Willy Tarreau5d4cafb2018-01-04 18:55:19 +0100[diff] [blame]4312 struct ssl_bind_conf __maybe_unused *ssl_conf_cur;
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]4313 const char *conf_ciphers;
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]4314#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]4315 const char *conf_ciphersuites;
4316#endif
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +0100[diff] [blame]4317 const char *conf_curves = NULL;
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]4318
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +0200[diff] [blame]4319 if (ssl_conf) {
4320 struct tls_version_filter *conf_ssl_methods = &ssl_conf->ssl_methods;
4321 int i, min, max;
4322 int flags = MC_SSL_O_ALL;
4323
4324 /* Real min and max should be determinate with configuration and openssl's capabilities */
Emmanuel Hocdet43664762017-08-09 18:26:20 +0200[diff] [blame]4325 min = conf_ssl_methods->min ? conf_ssl_methods->min : bind_conf->ssl_conf.ssl_methods.min;
4326 max = conf_ssl_methods->max ? conf_ssl_methods->max : bind_conf->ssl_conf.ssl_methods.max;
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +0200[diff] [blame]4327 if (min)
4328 flags |= (methodVersions[min].flag - 1);
4329 if (max)
4330 flags |= ~((methodVersions[max].flag << 1) - 1);
4331 min = max = CONF_TLSV_NONE;
4332 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
4333 if (methodVersions[i].option && !(flags & methodVersions[i].flag)) {
4334 if (min)
4335 max = i;
4336 else
4337 min = max = i;
4338 }
4339 /* save real min/max */
4340 conf_ssl_methods->min = min;
4341 conf_ssl_methods->max = max;
4342 if (!min) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4343 ha_alert("Proxy '%s': all SSL/TLS versions are disabled for bind '%s' at [%s:%d].\n",
4344 bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +0200[diff] [blame]4345 cfgerr += 1;
4346 }
4347 }
4348
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]4349 switch ((ssl_conf && ssl_conf->verify) ? ssl_conf->verify : bind_conf->ssl_conf.verify) {
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]4350 case SSL_SOCK_VERIFY_NONE:
4351 verify = SSL_VERIFY_NONE;
4352 break;
4353 case SSL_SOCK_VERIFY_OPTIONAL:
4354 verify = SSL_VERIFY_PEER;
4355 break;
4356 case SSL_SOCK_VERIFY_REQUIRED:
4357 verify = SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
4358 break;
4359 }
4360 SSL_CTX_set_verify(ctx, verify, ssl_sock_bind_verifycbk);
4361 if (verify & SSL_VERIFY_PEER) {
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]4362 char *ca_file = (ssl_conf && ssl_conf->ca_file) ? ssl_conf->ca_file : bind_conf->ssl_conf.ca_file;
4363 char *crl_file = (ssl_conf && ssl_conf->crl_file) ? ssl_conf->crl_file : bind_conf->ssl_conf.crl_file;
4364 if (ca_file) {
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]4365 /* load CAfile to verify */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]4366 if (!SSL_CTX_load_verify_locations(ctx, ca_file, NULL)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4367 ha_alert("Proxy '%s': unable to load CA file '%s' for bind '%s' at [%s:%d].\n",
4368 curproxy->id, ca_file, bind_conf->arg, bind_conf->file, bind_conf->line);
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]4369 cfgerr++;
4370 }
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +0200[diff] [blame]4371 if (!((ssl_conf && ssl_conf->no_ca_names) || bind_conf->ssl_conf.no_ca_names)) {
4372 /* set CA names for client cert request, function returns void */
4373 SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(ca_file));
4374 }
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]4375 }
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]4376 else {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4377 ha_alert("Proxy '%s': verify is enabled but no CA file specified for bind '%s' at [%s:%d].\n",
4378 curproxy->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]4379 cfgerr++;
4380 }
Emeric Brun051cdab2012-10-02 19:25:50 +0200[diff] [blame]4381#ifdef X509_V_FLAG_CRL_CHECK
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]4382 if (crl_file) {
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]4383 X509_STORE *store = SSL_CTX_get_cert_store(ctx);
4384
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]4385 if (!store || !X509_STORE_load_locations(store, crl_file, NULL)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4386 ha_alert("Proxy '%s': unable to configure CRL file '%s' for bind '%s' at [%s:%d].\n",
4387 curproxy->id, crl_file, bind_conf->arg, bind_conf->file, bind_conf->line);
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]4388 cfgerr++;
4389 }
Emeric Brun561e5742012-10-02 15:20:55 +0200[diff] [blame]4390 else {
4391 X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
4392 }
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]4393 }
Emeric Brun051cdab2012-10-02 19:25:50 +0200[diff] [blame]4394#endif
Emeric Brun644cde02012-12-14 11:21:13 +0100[diff] [blame]4395 ERR_clear_error();
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]4396 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]4397#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
Nenad Merdanovic146defa2015-05-09 08:46:00 +0200[diff] [blame]4398 if(bind_conf->keys_ref) {
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]4399 if (!SSL_CTX_set_tlsext_ticket_key_cb(ctx, ssl_tlsext_ticket_key_cb)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4400 ha_alert("Proxy '%s': unable to set callback for TLS ticket validation for bind '%s' at [%s:%d].\n",
4401 curproxy->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]4402 cfgerr++;
4403 }
4404 }
4405#endif
4406
William Lallemand4f45bb92017-10-30 20:08:51 +0100[diff] [blame]4407 ssl_set_shctx(ctx);
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]4408 conf_ciphers = (ssl_conf && ssl_conf->ciphers) ? ssl_conf->ciphers : bind_conf->ssl_conf.ciphers;
4409 if (conf_ciphers &&
4410 !SSL_CTX_set_cipher_list(ctx, conf_ciphers)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4411 ha_alert("Proxy '%s': unable to set SSL cipher list to '%s' for bind '%s' at [%s:%d].\n",
4412 curproxy->id, conf_ciphers, bind_conf->arg, bind_conf->file, bind_conf->line);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]4413 cfgerr++;
4414 }
4415
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]4416#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]4417 conf_ciphersuites = (ssl_conf && ssl_conf->ciphersuites) ? ssl_conf->ciphersuites : bind_conf->ssl_conf.ciphersuites;
4418 if (conf_ciphersuites &&
4419 !SSL_CTX_set_ciphersuites(ctx, conf_ciphersuites)) {
4420 ha_alert("Proxy '%s': unable to set TLS 1.3 cipher suites to '%s' for bind '%s' at [%s:%d].\n",
4421 curproxy->id, conf_ciphersuites, bind_conf->arg, bind_conf->file, bind_conf->line);
4422 cfgerr++;
4423 }
4424#endif
4425
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +0100[diff] [blame]4426#ifndef OPENSSL_NO_DH
Remi Gacogne47783ef2015-05-29 15:53:22 +0200[diff] [blame]4427 /* If tune.ssl.default-dh-param has not been set,
4428 neither has ssl-default-dh-file and no static DH
4429 params were in the certificate file. */
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]4430 if (global_ssl.default_dh_param == 0 &&
Remi Gacogne47783ef2015-05-29 15:53:22 +0200[diff] [blame]4431 global_dh == NULL &&
Remi Gacogne4f902b82015-05-28 16:23:00 +0200[diff] [blame]4432 (ssl_dh_ptr_index == -1 ||
4433 SSL_CTX_get_ex_data(ctx, ssl_dh_ptr_index) == NULL)) {
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +0100[diff] [blame]4434 STACK_OF(SSL_CIPHER) * ciphers = NULL;
4435 const SSL_CIPHER * cipher = NULL;
4436 char cipher_description[128];
4437 /* The description of ciphers using an Ephemeral Diffie Hellman key exchange
4438 contains " Kx=DH " or " Kx=DH(". Beware of " Kx=DH/",
4439 which is not ephemeral DH. */
4440 const char dhe_description[] = " Kx=DH ";
4441 const char dhe_export_description[] = " Kx=DH(";
4442 int idx = 0;
4443 int dhe_found = 0;
4444 SSL *ssl = NULL;
Lukas Tribus90132722014-08-18 00:56:33 +0200[diff] [blame]4445
Remi Gacogne23d5d372014-10-10 17:04:26 +0200[diff] [blame]4446 ssl = SSL_new(ctx);
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]4447
Remi Gacogne23d5d372014-10-10 17:04:26 +0200[diff] [blame]4448 if (ssl) {
4449 ciphers = SSL_get_ciphers(ssl);
4450
4451 if (ciphers) {
4452 for (idx = 0; idx < sk_SSL_CIPHER_num(ciphers); idx++) {
4453 cipher = sk_SSL_CIPHER_value(ciphers, idx);
4454 if (SSL_CIPHER_description(cipher, cipher_description, sizeof (cipher_description)) == cipher_description) {
4455 if (strstr(cipher_description, dhe_description) != NULL ||
4456 strstr(cipher_description, dhe_export_description) != NULL) {
4457 dhe_found = 1;
4458 break;
4459 }
Remi Gacognec1eab8c2014-06-12 18:20:11 +0200[diff] [blame]4460 }
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]4461 }
4462 }
Remi Gacogne23d5d372014-10-10 17:04:26 +0200[diff] [blame]4463 SSL_free(ssl);
4464 ssl = NULL;
Lukas Tribus90132722014-08-18 00:56:33 +0200[diff] [blame]4465 }
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]4466
Lukas Tribus90132722014-08-18 00:56:33 +0200[diff] [blame]4467 if (dhe_found) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4468 ha_warning("Setting tune.ssl.default-dh-param to 1024 by default, if your workload permits it you should set it to at least 2048. Please set a value >= 1024 to make this warning disappear.\n");
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]4469 }
4470
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]4471 global_ssl.default_dh_param = 1024;
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]4472 }
Remi Gacogne8de54152014-07-15 11:36:40 +0200[diff] [blame]4473
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]4474 if (global_ssl.default_dh_param >= 1024) {
Remi Gacogne8de54152014-07-15 11:36:40 +0200[diff] [blame]4475 if (local_dh_1024 == NULL) {
4476 local_dh_1024 = ssl_get_dh_1024();
4477 }
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]4478 if (global_ssl.default_dh_param >= 2048) {
Remi Gacogne8de54152014-07-15 11:36:40 +0200[diff] [blame]4479 if (local_dh_2048 == NULL) {
4480 local_dh_2048 = ssl_get_dh_2048();
4481 }
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]4482 if (global_ssl.default_dh_param >= 4096) {
Remi Gacogne8de54152014-07-15 11:36:40 +0200[diff] [blame]4483 if (local_dh_4096 == NULL) {
4484 local_dh_4096 = ssl_get_dh_4096();
4485 }
Remi Gacogne8de54152014-07-15 11:36:40 +0200[diff] [blame]4486 }
4487 }
4488 }
4489#endif /* OPENSSL_NO_DH */
Remi Gacognef46cd6e2014-06-12 14:58:40 +0200[diff] [blame]4490
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]4491 SSL_CTX_set_info_callback(ctx, ssl_sock_infocbk);
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]4492#if HA_OPENSSL_VERSION_NUMBER >= 0x00907000L
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]4493 SSL_CTX_set_msg_callback(ctx, ssl_sock_msgcbk);
Willy Tarreau5cbe4ef2014-05-08 22:45:11 +0200[diff] [blame]4494#endif
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]4495
Bernard Spil13c53f82018-02-15 13:34:58 +0100[diff] [blame]4496#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]4497 ssl_conf_cur = NULL;
4498 if (ssl_conf && ssl_conf->npn_str)
4499 ssl_conf_cur = ssl_conf;
4500 else if (bind_conf->ssl_conf.npn_str)
4501 ssl_conf_cur = &bind_conf->ssl_conf;
4502 if (ssl_conf_cur)
4503 SSL_CTX_set_next_protos_advertised_cb(ctx, ssl_sock_advertise_npn_protos, ssl_conf_cur);
Willy Tarreau6c9a3d52012-10-18 18:57:14 +0200[diff] [blame]4504#endif
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +0100[diff] [blame]4505#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]4506 ssl_conf_cur = NULL;
4507 if (ssl_conf && ssl_conf->alpn_str)
4508 ssl_conf_cur = ssl_conf;
4509 else if (bind_conf->ssl_conf.alpn_str)
4510 ssl_conf_cur = &bind_conf->ssl_conf;
4511 if (ssl_conf_cur)
4512 SSL_CTX_set_alpn_select_cb(ctx, ssl_sock_advertise_alpn_protos, ssl_conf_cur);
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]4513#endif
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]4514#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +0100[diff] [blame]4515 conf_curves = (ssl_conf && ssl_conf->curves) ? ssl_conf->curves : bind_conf->ssl_conf.curves;
4516 if (conf_curves) {
4517 if (!SSL_CTX_set1_curves_list(ctx, conf_curves)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4518 ha_alert("Proxy '%s': unable to set SSL curves list to '%s' for bind '%s' at [%s:%d].\n",
4519 curproxy->id, conf_curves, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +0100[diff] [blame]4520 cfgerr++;
4521 }
Emmanuel Hocdeta52bb152017-03-20 11:11:49 +0100[diff] [blame]4522#if defined(SSL_CTX_set_ecdh_auto)
4523 (void)SSL_CTX_set_ecdh_auto(ctx, 1);
4524#endif
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +0100[diff] [blame]4525 }
4526#endif
Emeric Brun2b58d042012-09-20 17:10:03 +0200[diff] [blame]4527#if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +0100[diff] [blame]4528 if (!conf_curves) {
Emeric Brun2b58d042012-09-20 17:10:03 +0200[diff] [blame]4529 int i;
4530 EC_KEY *ecdh;
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]4531#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]4532 const char *ecdhe = (ssl_conf && ssl_conf->ecdhe) ? ssl_conf->ecdhe :
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]4533 (bind_conf->ssl_conf.ecdhe ? bind_conf->ssl_conf.ecdhe :
4534 NULL);
4535
4536 if (ecdhe == NULL) {
4537 SSL_CTX_set_dh_auto(ctx, 1);
4538 return cfgerr;
4539 }
4540#else
4541 const char *ecdhe = (ssl_conf && ssl_conf->ecdhe) ? ssl_conf->ecdhe :
4542 (bind_conf->ssl_conf.ecdhe ? bind_conf->ssl_conf.ecdhe :
4543 ECDHE_DEFAULT_CURVE);
4544#endif
Emeric Brun2b58d042012-09-20 17:10:03 +0200[diff] [blame]4545
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]4546 i = OBJ_sn2nid(ecdhe);
Emeric Brun2b58d042012-09-20 17:10:03 +0200[diff] [blame]4547 if (!i || ((ecdh = EC_KEY_new_by_curve_name(i)) == NULL)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4548 ha_alert("Proxy '%s': unable to set elliptic named curve to '%s' for bind '%s' at [%s:%d].\n",
4549 curproxy->id, ecdhe, bind_conf->arg, bind_conf->file, bind_conf->line);
Emeric Brun2b58d042012-09-20 17:10:03 +0200[diff] [blame]4550 cfgerr++;
4551 }
4552 else {
4553 SSL_CTX_set_tmp_ecdh(ctx, ecdh);
4554 EC_KEY_free(ecdh);
4555 }
4556 }
4557#endif
4558
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]4559 return cfgerr;
4560}
4561
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]4562static int ssl_sock_srv_hostcheck(const char *pattern, const char *hostname)
4563{
4564 const char *pattern_wildcard, *pattern_left_label_end, *hostname_left_label_end;
4565 size_t prefixlen, suffixlen;
4566
4567 /* Trivial case */
4568 if (strcmp(pattern, hostname) == 0)
4569 return 1;
4570
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]4571 /* The rest of this logic is based on RFC 6125, section 6.4.3
4572 * (http://tools.ietf.org/html/rfc6125#section-6.4.3) */
4573
Emeric Bruna848dae2013-10-08 11:27:28 +0200[diff] [blame]4574 pattern_wildcard = NULL;
4575 pattern_left_label_end = pattern;
4576 while (*pattern_left_label_end != '.') {
4577 switch (*pattern_left_label_end) {
4578 case 0:
4579 /* End of label not found */
4580 return 0;
4581 case '*':
4582 /* If there is more than one wildcards */
4583 if (pattern_wildcard)
4584 return 0;
4585 pattern_wildcard = pattern_left_label_end;
4586 break;
4587 }
4588 pattern_left_label_end++;
4589 }
4590
4591 /* If it's not trivial and there is no wildcard, it can't
4592 * match */
4593 if (!pattern_wildcard)
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]4594 return 0;
4595
4596 /* Make sure all labels match except the leftmost */
4597 hostname_left_label_end = strchr(hostname, '.');
4598 if (!hostname_left_label_end
4599 || strcmp(pattern_left_label_end, hostname_left_label_end) != 0)
4600 return 0;
4601
4602 /* Make sure the leftmost label of the hostname is long enough
4603 * that the wildcard can match */
Emeric Brun369da852013-10-08 11:39:35 +0200[diff] [blame]4604 if (hostname_left_label_end - hostname < (pattern_left_label_end - pattern) - 1)
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]4605 return 0;
4606
4607 /* Finally compare the string on either side of the
4608 * wildcard */
4609 prefixlen = pattern_wildcard - pattern;
4610 suffixlen = pattern_left_label_end - (pattern_wildcard + 1);
Emeric Bruna848dae2013-10-08 11:27:28 +0200[diff] [blame]4611 if ((prefixlen && (memcmp(pattern, hostname, prefixlen) != 0))
4612 || (suffixlen && (memcmp(pattern_wildcard + 1, hostname_left_label_end - suffixlen, suffixlen) != 0)))
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]4613 return 0;
4614
4615 return 1;
4616}
4617
4618static int ssl_sock_srv_verifycbk(int ok, X509_STORE_CTX *ctx)
4619{
4620 SSL *ssl;
4621 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]4622 struct ssl_sock_ctx *ssl_ctx;
Willy Tarreau2ab88672017-07-05 18:23:03 +0200[diff] [blame]4623 const char *servername;
Willy Tarreau71d058c2017-07-26 20:09:56 +0200[diff] [blame]4624 const char *sni;
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]4625
4626 int depth;
4627 X509 *cert;
4628 STACK_OF(GENERAL_NAME) *alt_names;
4629 int i;
4630 X509_NAME *cert_subject;
4631 char *str;
4632
4633 if (ok == 0)
4634 return ok;
4635
4636 ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
Thierry FOURNIER28962c92018-06-17 21:37:05 +0200[diff] [blame]4637 conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]4638 ssl_ctx = conn->xprt_ctx;
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]4639
Willy Tarreauad92a9a2017-07-28 11:38:41 +0200[diff] [blame]4640 /* We're checking if the provided hostnames match the desired one. The
4641 * desired hostname comes from the SNI we presented if any, or if not
4642 * provided then it may have been explicitly stated using a "verifyhost"
4643 * directive. If neither is set, we don't care about the name so the
4644 * verification is OK.
Willy Tarreau2ab88672017-07-05 18:23:03 +0200[diff] [blame]4645 */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]4646 servername = SSL_get_servername(ssl_ctx->ssl, TLSEXT_NAMETYPE_host_name);
Willy Tarreau71d058c2017-07-26 20:09:56 +0200[diff] [blame]4647 sni = servername;
Willy Tarreau2ab88672017-07-05 18:23:03 +0200[diff] [blame]4648 if (!servername) {
Willy Tarreau07d94e42018-09-20 10:57:52 +0200[diff] [blame]4649 servername = __objt_server(conn->target)->ssl_ctx.verify_host;
Willy Tarreau2ab88672017-07-05 18:23:03 +0200[diff] [blame]4650 if (!servername)
4651 return ok;
4652 }
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]4653
4654 /* We only need to verify the CN on the actual server cert,
4655 * not the indirect CAs */
4656 depth = X509_STORE_CTX_get_error_depth(ctx);
4657 if (depth != 0)
4658 return ok;
4659
4660 /* At this point, the cert is *not* OK unless we can find a
4661 * hostname match */
4662 ok = 0;
4663
4664 cert = X509_STORE_CTX_get_current_cert(ctx);
4665 /* It seems like this might happen if verify peer isn't set */
4666 if (!cert)
4667 return ok;
4668
4669 alt_names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
4670 if (alt_names) {
4671 for (i = 0; !ok && i < sk_GENERAL_NAME_num(alt_names); i++) {
4672 GENERAL_NAME *name = sk_GENERAL_NAME_value(alt_names, i);
4673 if (name->type == GEN_DNS) {
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]4674#if HA_OPENSSL_VERSION_NUMBER < 0x00907000L
Emeric Bruna33410c2013-09-17 15:47:48 +0200[diff] [blame]4675 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.ia5) >= 0) {
4676#else
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]4677 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
Emeric Bruna33410c2013-09-17 15:47:48 +0200[diff] [blame]4678#endif
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]4679 ok = ssl_sock_srv_hostcheck(str, servername);
4680 OPENSSL_free(str);
4681 }
4682 }
4683 }
Emeric Brun4ad50a42013-09-17 15:19:54 +0200[diff] [blame]4684 sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]4685 }
4686
4687 cert_subject = X509_get_subject_name(cert);
4688 i = -1;
4689 while (!ok && (i = X509_NAME_get_index_by_NID(cert_subject, NID_commonName, i)) != -1) {
4690 X509_NAME_ENTRY *entry = X509_NAME_get_entry(cert_subject, i);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]4691 ASN1_STRING *value;
4692 value = X509_NAME_ENTRY_get_data(entry);
4693 if (ASN1_STRING_to_UTF8((unsigned char **)&str, value) >= 0) {
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]4694 ok = ssl_sock_srv_hostcheck(str, servername);
4695 OPENSSL_free(str);
4696 }
4697 }
4698
Willy Tarreau71d058c2017-07-26 20:09:56 +0200[diff] [blame]4699 /* report the mismatch and indicate if SNI was used or not */
4700 if (!ok && !conn->err_code)
4701 conn->err_code = sni ? CO_ER_SSL_MISMATCH_SNI : CO_ER_SSL_MISMATCH;
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]4702 return ok;
4703}
4704
Emeric Brun94324a42012-10-11 14:00:19 +0200[diff] [blame]4705/* prepare ssl context from servers options. Returns an error count */
Willy Tarreau03209342016-12-22 17:08:28 +0100[diff] [blame]4706int ssl_sock_prepare_srv_ctx(struct server *srv)
Emeric Brun94324a42012-10-11 14:00:19 +0200[diff] [blame]4707{
Willy Tarreau03209342016-12-22 17:08:28 +0100[diff] [blame]4708 struct proxy *curproxy = srv->proxy;
Emeric Brun94324a42012-10-11 14:00:19 +0200[diff] [blame]4709 int cfgerr = 0;
Remi Gacogneaf5c3da2014-05-19 10:29:58 +0200[diff] [blame]4710 long options =
Emeric Brun94324a42012-10-11 14:00:19 +0200[diff] [blame]4711 SSL_OP_ALL | /* all known workarounds for bugs */
4712 SSL_OP_NO_SSLv2 |
4713 SSL_OP_NO_COMPRESSION;
Remi Gacogneaf5c3da2014-05-19 10:29:58 +0200[diff] [blame]4714 long mode =
Emeric Brun94324a42012-10-11 14:00:19 +0200[diff] [blame]4715 SSL_MODE_ENABLE_PARTIAL_WRITE |
4716 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
Willy Tarreau396a1862014-11-13 14:06:52 +0100[diff] [blame]4717 SSL_MODE_RELEASE_BUFFERS |
4718 SSL_MODE_SMALL_BUFFERS;
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]4719 int verify = SSL_VERIFY_NONE;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +0100[diff] [blame]4720 SSL_CTX *ctx = NULL;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4721 struct tls_version_filter *conf_ssl_methods = &srv->ssl_ctx.methods;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]4722 int i, min, max, hole;
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]4723 int flags = MC_SSL_O_ALL;
Emeric Brun94324a42012-10-11 14:00:19 +0200[diff] [blame]4724
Thierry Fournier383085f2013-01-24 14:15:43 +0100[diff] [blame]4725 /* Make sure openssl opens /dev/urandom before the chroot */
4726 if (!ssl_initialize_random()) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4727 ha_alert("OpenSSL random data generator initialization failed.\n");
Thierry Fournier383085f2013-01-24 14:15:43 +0100[diff] [blame]4728 cfgerr++;
4729 }
4730
Willy Tarreaufce03112015-01-15 21:32:40 +0100[diff] [blame]4731 /* Automatic memory computations need to know we use SSL there */
4732 global.ssl_used_backend = 1;
4733
4734 /* Initiate SSL context for current server */
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]4735 if (!srv->ssl_ctx.reused_sess) {
Olivier Houcharde6060c52017-11-16 17:42:52 +0100[diff] [blame]4736 if ((srv->ssl_ctx.reused_sess = calloc(1, global.nbthread*sizeof(*srv->ssl_ctx.reused_sess))) == NULL) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4737 ha_alert("Proxy '%s', server '%s' [%s:%d] out of memory.\n",
4738 curproxy->id, srv->id,
4739 srv->conf.file, srv->conf.line);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]4740 cfgerr++;
4741 return cfgerr;
4742 }
4743 }
Emeric Brun94324a42012-10-11 14:00:19 +0200[diff] [blame]4744 if (srv->use_ssl)
4745 srv->xprt = &ssl_sock;
4746 if (srv->check.use_ssl)
Cyril Bonté9ce13112014-11-15 22:41:27 +0100[diff] [blame]4747 srv->check.xprt = &ssl_sock;
Emeric Brun94324a42012-10-11 14:00:19 +0200[diff] [blame]4748
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4749 ctx = SSL_CTX_new(SSLv23_client_method());
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +0100[diff] [blame]4750 if (!ctx) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4751 ha_alert("config : %s '%s', server '%s': unable to allocate ssl context.\n",
4752 proxy_type_str(curproxy), curproxy->id,
4753 srv->id);
Emeric Brun94324a42012-10-11 14:00:19 +0200[diff] [blame]4754 cfgerr++;
4755 return cfgerr;
4756 }
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4757
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]4758 if (conf_ssl_methods->flags && (conf_ssl_methods->min || conf_ssl_methods->max))
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4759 ha_warning("config : %s '%s': no-sslv3/no-tlsv1x are ignored for server '%s'. "
4760 "Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
4761 proxy_type_str(curproxy), curproxy->id, srv->id);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]4762 else
4763 flags = conf_ssl_methods->flags;
4764
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]4765 /* Real min and max should be determinate with configuration and openssl's capabilities */
4766 if (conf_ssl_methods->min)
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]4767 flags |= (methodVersions[conf_ssl_methods->min].flag - 1);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]4768 if (conf_ssl_methods->max)
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]4769 flags |= ~((methodVersions[conf_ssl_methods->max].flag << 1) - 1);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]4770
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]4771 /* find min, max and holes */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]4772 min = max = CONF_TLSV_NONE;
4773 hole = 0;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4774 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]4775 /* version is in openssl && version not disable in configuration */
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]4776 if (methodVersions[i].option && !(flags & methodVersions[i].flag)) {
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]4777 if (min) {
4778 if (hole) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4779 ha_warning("config : %s '%s': SSL/TLS versions range not contiguous for server '%s'. "
4780 "Hole find for %s. Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
4781 proxy_type_str(curproxy), curproxy->id, srv->id,
4782 methodVersions[hole].name);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]4783 hole = 0;
4784 }
4785 max = i;
4786 }
4787 else {
4788 min = max = i;
4789 }
4790 }
4791 else {
4792 if (min)
4793 hole = i;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]4794 }
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]4795 if (!min) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4796 ha_alert("config : %s '%s': all SSL/TLS versions are disabled for server '%s'.\n",
4797 proxy_type_str(curproxy), curproxy->id, srv->id);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]4798 cfgerr += 1;
4799 }
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4800
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]4801#if (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4802 /* Keep force-xxx implementation as it is in older haproxy. It's a
Joseph Herlant017b3da2018-11-15 09:07:59 -0800[diff] [blame]4803 precautionary measure to avoid any surprise with older openssl version. */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4804 if (min == max)
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]4805 methodVersions[min].ctx_set_version(ctx, SET_CLIENT);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]4806 else
4807 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
4808 if (flags & methodVersions[i].flag)
4809 options |= methodVersions[i].option;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4810#else /* openssl >= 1.1.0 */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +0200[diff] [blame]4811 /* set the max_version is required to cap TLS version or activate new TLS (v1.3) */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +0200[diff] [blame]4812 methodVersions[min].ctx_set_version(ctx, SET_MIN);
4813 methodVersions[max].ctx_set_version(ctx, SET_MAX);
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]4814#endif
4815
4816 if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLS_TICKETS)
4817 options |= SSL_OP_NO_TICKET;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +0100[diff] [blame]4818 SSL_CTX_set_options(ctx, options);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]4819
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]4820#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]4821 if (global_ssl.async)
4822 mode |= SSL_MODE_ASYNC;
4823#endif
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +0100[diff] [blame]4824 SSL_CTX_set_mode(ctx, mode);
4825 srv->ssl_ctx.ctx = ctx;
4826
Emeric Bruna7aa3092012-10-26 12:58:00 +0200[diff] [blame]4827 if (srv->ssl_ctx.client_crt) {
4828 if (SSL_CTX_use_PrivateKey_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt, SSL_FILETYPE_PEM) <= 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4829 ha_alert("config : %s '%s', server '%s': unable to load SSL private key from PEM file '%s'.\n",
4830 proxy_type_str(curproxy), curproxy->id,
4831 srv->id, srv->ssl_ctx.client_crt);
Emeric Bruna7aa3092012-10-26 12:58:00 +0200[diff] [blame]4832 cfgerr++;
4833 }
4834 else if (SSL_CTX_use_certificate_chain_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt) <= 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4835 ha_alert("config : %s '%s', server '%s': unable to load ssl certificate from PEM file '%s'.\n",
4836 proxy_type_str(curproxy), curproxy->id,
4837 srv->id, srv->ssl_ctx.client_crt);
Emeric Bruna7aa3092012-10-26 12:58:00 +0200[diff] [blame]4838 cfgerr++;
4839 }
4840 else if (SSL_CTX_check_private_key(srv->ssl_ctx.ctx) <= 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4841 ha_alert("config : %s '%s', server '%s': inconsistencies between private key and certificate loaded from PEM file '%s'.\n",
4842 proxy_type_str(curproxy), curproxy->id,
4843 srv->id, srv->ssl_ctx.client_crt);
Emeric Bruna7aa3092012-10-26 12:58:00 +0200[diff] [blame]4844 cfgerr++;
4845 }
4846 }
Emeric Brun94324a42012-10-11 14:00:19 +0200[diff] [blame]4847
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]4848 if (global.ssl_server_verify == SSL_SERVER_VERIFY_REQUIRED)
4849 verify = SSL_VERIFY_PEER;
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]4850 switch (srv->ssl_ctx.verify) {
4851 case SSL_SOCK_VERIFY_NONE:
4852 verify = SSL_VERIFY_NONE;
4853 break;
4854 case SSL_SOCK_VERIFY_REQUIRED:
4855 verify = SSL_VERIFY_PEER;
4856 break;
4857 }
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]4858 SSL_CTX_set_verify(srv->ssl_ctx.ctx,
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]4859 verify,
Willy Tarreau2ab88672017-07-05 18:23:03 +0200[diff] [blame]4860 (srv->ssl_ctx.verify_host || (verify & SSL_VERIFY_PEER)) ? ssl_sock_srv_verifycbk : NULL);
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]4861 if (verify & SSL_VERIFY_PEER) {
Emeric Brunef42d922012-10-11 16:11:36 +0200[diff] [blame]4862 if (srv->ssl_ctx.ca_file) {
4863 /* load CAfile to verify */
4864 if (!SSL_CTX_load_verify_locations(srv->ssl_ctx.ctx, srv->ssl_ctx.ca_file, NULL)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4865 ha_alert("Proxy '%s', server '%s' [%s:%d] unable to load CA file '%s'.\n",
4866 curproxy->id, srv->id,
4867 srv->conf.file, srv->conf.line, srv->ssl_ctx.ca_file);
Emeric Brunef42d922012-10-11 16:11:36 +0200[diff] [blame]4868 cfgerr++;
4869 }
4870 }
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]4871 else {
4872 if (global.ssl_server_verify == SSL_SERVER_VERIFY_REQUIRED)
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4873 ha_alert("Proxy '%s', server '%s' [%s:%d] verify is enabled by default but no CA file specified. If you're running on a LAN where you're certain to trust the server's certificate, please set an explicit 'verify none' statement on the 'server' line, or use 'ssl-server-verify none' in the global section to disable server-side verifications by default.\n",
4874 curproxy->id, srv->id,
4875 srv->conf.file, srv->conf.line);
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]4876 else
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4877 ha_alert("Proxy '%s', server '%s' [%s:%d] verify is enabled but no CA file specified.\n",
4878 curproxy->id, srv->id,
4879 srv->conf.file, srv->conf.line);
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]4880 cfgerr++;
4881 }
Emeric Brunef42d922012-10-11 16:11:36 +0200[diff] [blame]4882#ifdef X509_V_FLAG_CRL_CHECK
4883 if (srv->ssl_ctx.crl_file) {
4884 X509_STORE *store = SSL_CTX_get_cert_store(srv->ssl_ctx.ctx);
4885
4886 if (!store || !X509_STORE_load_locations(store, srv->ssl_ctx.crl_file, NULL)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4887 ha_alert("Proxy '%s', server '%s' [%s:%d] unable to configure CRL file '%s'.\n",
4888 curproxy->id, srv->id,
4889 srv->conf.file, srv->conf.line, srv->ssl_ctx.crl_file);
Emeric Brunef42d922012-10-11 16:11:36 +0200[diff] [blame]4890 cfgerr++;
4891 }
4892 else {
4893 X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
4894 }
4895 }
4896#endif
4897 }
4898
Olivier Houchardbd84ac82017-11-03 13:43:35 +0100[diff] [blame]4899 SSL_CTX_set_session_cache_mode(srv->ssl_ctx.ctx, SSL_SESS_CACHE_CLIENT |
4900 SSL_SESS_CACHE_NO_INTERNAL_STORE);
4901 SSL_CTX_sess_set_new_cb(srv->ssl_ctx.ctx, ssl_sess_new_srv_cb);
Emeric Brun94324a42012-10-11 14:00:19 +0200[diff] [blame]4902 if (srv->ssl_ctx.ciphers &&
4903 !SSL_CTX_set_cipher_list(srv->ssl_ctx.ctx, srv->ssl_ctx.ciphers)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4904 ha_alert("Proxy '%s', server '%s' [%s:%d] : unable to set SSL cipher list to '%s'.\n",
4905 curproxy->id, srv->id,
4906 srv->conf.file, srv->conf.line, srv->ssl_ctx.ciphers);
Emeric Brun94324a42012-10-11 14:00:19 +0200[diff] [blame]4907 cfgerr++;
4908 }
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]4909
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]4910#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]4911 if (srv->ssl_ctx.ciphersuites &&
Pierre Cheynierbc34cd12019-03-21 16:15:47 +0000[diff] [blame]4912 !SSL_CTX_set_ciphersuites(srv->ssl_ctx.ctx, srv->ssl_ctx.ciphersuites)) {
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]4913 ha_alert("Proxy '%s', server '%s' [%s:%d] : unable to set TLS 1.3 cipher suites to '%s'.\n",
4914 curproxy->id, srv->id,
4915 srv->conf.file, srv->conf.line, srv->ssl_ctx.ciphersuites);
4916 cfgerr++;
4917 }
4918#endif
Olivier Houchardc7566002018-11-20 23:33:50 +0100[diff] [blame]4919#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
4920 if (srv->ssl_ctx.npn_str)
4921 SSL_CTX_set_next_proto_select_cb(ctx, ssl_sock_srv_select_protos, srv);
4922#endif
4923#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
4924 if (srv->ssl_ctx.alpn_str)
4925 SSL_CTX_set_alpn_protos(ctx, (unsigned char *)srv->ssl_ctx.alpn_str, srv->ssl_ctx.alpn_len);
4926#endif
4927
Emeric Brun94324a42012-10-11 14:00:19 +0200[diff] [blame]4928
4929 return cfgerr;
4930}
4931
Willy Tarreau2a65ff02012-09-13 17:54:29 +0200[diff] [blame]4932/* Walks down the two trees in bind_conf and prepares all certs. The pointer may
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]4933 * be NULL, in which case nothing is done. Returns the number of errors
4934 * encountered.
4935 */
Willy Tarreau03209342016-12-22 17:08:28 +0100[diff] [blame]4936int ssl_sock_prepare_all_ctx(struct bind_conf *bind_conf)
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]4937{
4938 struct ebmb_node *node;
4939 struct sni_ctx *sni;
4940 int err = 0;
4941
Willy Tarreaufce03112015-01-15 21:32:40 +0100[diff] [blame]4942 /* Automatic memory computations need to know we use SSL there */
4943 global.ssl_used_frontend = 1;
4944
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]4945 /* Make sure openssl opens /dev/urandom before the chroot */
4946 if (!ssl_initialize_random()) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4947 ha_alert("OpenSSL random data generator initialization failed.\n");
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]4948 err++;
4949 }
4950 /* Create initial_ctx used to start the ssl connection before do switchctx */
4951 if (!bind_conf->initial_ctx) {
Emmanuel Hocdetabd32332017-05-05 18:06:12 +0200[diff] [blame]4952 err += ssl_sock_initial_ctx(bind_conf);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]4953 /* It should not be necessary to call this function, but it's
4954 necessary first to check and move all initialisation related
4955 to initial_ctx in ssl_sock_initial_ctx. */
4956 err += ssl_sock_prepare_ctx(bind_conf, NULL, bind_conf->initial_ctx);
4957 }
Emeric Brun0bed9942014-10-30 19:25:24 +0100[diff] [blame]4958 if (bind_conf->default_ctx)
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]4959 err += ssl_sock_prepare_ctx(bind_conf, bind_conf->default_ssl_conf, bind_conf->default_ctx);
Emeric Brun0bed9942014-10-30 19:25:24 +0100[diff] [blame]4960
Willy Tarreau2a65ff02012-09-13 17:54:29 +0200[diff] [blame]4961 node = ebmb_first(&bind_conf->sni_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]4962 while (node) {
4963 sni = ebmb_entry(node, struct sni_ctx, name);
Emeric Brun0bed9942014-10-30 19:25:24 +0100[diff] [blame]4964 if (!sni->order && sni->ctx != bind_conf->default_ctx)
4965 /* only initialize the CTX on its first occurrence and
4966 if it is not the default_ctx */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]4967 err += ssl_sock_prepare_ctx(bind_conf, sni->conf, sni->ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]4968 node = ebmb_next(node);
4969 }
4970
Willy Tarreau2a65ff02012-09-13 17:54:29 +0200[diff] [blame]4971 node = ebmb_first(&bind_conf->sni_w_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]4972 while (node) {
4973 sni = ebmb_entry(node, struct sni_ctx, name);
Emeric Brun0bed9942014-10-30 19:25:24 +0100[diff] [blame]4974 if (!sni->order && sni->ctx != bind_conf->default_ctx)
4975 /* only initialize the CTX on its first occurrence and
4976 if it is not the default_ctx */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]4977 err += ssl_sock_prepare_ctx(bind_conf, sni->conf, sni->ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]4978 node = ebmb_next(node);
4979 }
4980 return err;
4981}
4982
Willy Tarreau55d37912016-12-21 23:38:39 +0100[diff] [blame]4983/* Prepares all the contexts for a bind_conf and allocates the shared SSL
4984 * context if needed. Returns < 0 on error, 0 on success. The warnings and
4985 * alerts are directly emitted since the rest of the stack does it below.
4986 */
4987int ssl_sock_prepare_bind_conf(struct bind_conf *bind_conf)
4988{
4989 struct proxy *px = bind_conf->frontend;
4990 int alloc_ctx;
4991 int err;
4992
4993 if (!bind_conf->is_ssl) {
4994 if (bind_conf->default_ctx) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]4995 ha_warning("Proxy '%s': A certificate was specified but SSL was not enabled on bind '%s' at [%s:%d] (use 'ssl').\n",
4996 px->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Willy Tarreau55d37912016-12-21 23:38:39 +0100[diff] [blame]4997 }
4998 return 0;
4999 }
5000 if (!bind_conf->default_ctx) {
Emmanuel Hocdetaa0d6372017-08-09 11:24:25 +0200[diff] [blame]5001 if (bind_conf->strict_sni && !bind_conf->generate_certs) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]5002 ha_warning("Proxy '%s': no SSL certificate specified for bind '%s' at [%s:%d], ssl connections will fail (use 'crt').\n",
5003 px->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetaa0d6372017-08-09 11:24:25 +0200[diff] [blame]5004 }
5005 else {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]5006 ha_alert("Proxy '%s': no SSL certificate specified for bind '%s' at [%s:%d] (use 'crt').\n",
5007 px->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetaa0d6372017-08-09 11:24:25 +0200[diff] [blame]5008 return -1;
5009 }
Willy Tarreau55d37912016-12-21 23:38:39 +0100[diff] [blame]5010 }
William Lallemandc61c0b32017-12-04 18:46:39 +0100[diff] [blame]5011 if (!ssl_shctx && global.tune.sslcachesize) {
William Lallemandc3cd35f2017-11-28 11:04:43 +0100[diff] [blame]5012 alloc_ctx = shctx_init(&ssl_shctx, global.tune.sslcachesize,
Frédéric Lécailleb7838af2018-10-22 16:21:39 +0200[diff] [blame]5013 sizeof(struct sh_ssl_sess_hdr) + SHSESS_BLOCK_MIN_SIZE, -1,
William Lallemandc3cd35f2017-11-28 11:04:43 +0100[diff] [blame]5014 sizeof(*sh_ssl_sess_tree),
5015 ((global.nbthread > 1) || (!global_ssl.private_cache && (global.nbproc > 1))) ? 1 : 0);
Frédéric Lécaille4c8aa112018-10-25 20:22:46 +0200[diff] [blame]5016 if (alloc_ctx <= 0) {
William Lallemandc3cd35f2017-11-28 11:04:43 +0100[diff] [blame]5017 if (alloc_ctx == SHCTX_E_INIT_LOCK)
5018 ha_alert("Unable to initialize the lock for the shared SSL session cache. You can retry using the global statement 'tune.ssl.force-private-cache' but it could increase CPU usage due to renegotiations if nbproc > 1.\n");
5019 else
5020 ha_alert("Unable to allocate SSL session cache.\n");
5021 return -1;
5022 }
5023 /* free block callback */
5024 ssl_shctx->free_block = sh_ssl_sess_free_blocks;
5025 /* init the root tree within the extra space */
5026 sh_ssl_sess_tree = (void *)ssl_shctx + sizeof(struct shared_context);
5027 *sh_ssl_sess_tree = EB_ROOT_UNIQUE;
Willy Tarreau55d37912016-12-21 23:38:39 +0100[diff] [blame]5028 }
Willy Tarreau55d37912016-12-21 23:38:39 +0100[diff] [blame]5029 err = 0;
5030 /* initialize all certificate contexts */
5031 err += ssl_sock_prepare_all_ctx(bind_conf);
5032
5033 /* initialize CA variables if the certificates generation is enabled */
5034 err += ssl_sock_load_ca(bind_conf);
5035
5036 return -err;
5037}
Christopher Faulet77fe80c2015-07-29 13:02:40 +0200[diff] [blame]5038
5039/* release ssl context allocated for servers. */
5040void ssl_sock_free_srv_ctx(struct server *srv)
5041{
Olivier Houchardc7566002018-11-20 23:33:50 +0100[diff] [blame]5042#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
5043 if (srv->ssl_ctx.alpn_str)
5044 free(srv->ssl_ctx.alpn_str);
5045#endif
Lukas Tribusda95fd92018-11-25 13:21:27 +0100[diff] [blame]5046#ifdef OPENSSL_NPN_NEGOTIATED
Olivier Houchardc7566002018-11-20 23:33:50 +0100[diff] [blame]5047 if (srv->ssl_ctx.npn_str)
5048 free(srv->ssl_ctx.npn_str);
Lukas Tribus7706b852018-11-26 22:57:17 +0100[diff] [blame]5049#endif
Christopher Faulet77fe80c2015-07-29 13:02:40 +0200[diff] [blame]5050 if (srv->ssl_ctx.ctx)
5051 SSL_CTX_free(srv->ssl_ctx.ctx);
5052}
5053
Willy Tarreau2a65ff02012-09-13 17:54:29 +0200[diff] [blame]5054/* Walks down the two trees in bind_conf and frees all the certs. The pointer may
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]5055 * be NULL, in which case nothing is done. The default_ctx is nullified too.
5056 */
Willy Tarreau2a65ff02012-09-13 17:54:29 +0200[diff] [blame]5057void ssl_sock_free_all_ctx(struct bind_conf *bind_conf)
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]5058{
5059 struct ebmb_node *node, *back;
5060 struct sni_ctx *sni;
5061
Willy Tarreau2a65ff02012-09-13 17:54:29 +0200[diff] [blame]5062 node = ebmb_first(&bind_conf->sni_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]5063 while (node) {
5064 sni = ebmb_entry(node, struct sni_ctx, name);
5065 back = ebmb_next(node);
5066 ebmb_delete(node);
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]5067 if (!sni->order) { /* only free the CTX on its first occurrence */
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]5068 SSL_CTX_free(sni->ctx);
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]5069 ssl_sock_free_ssl_conf(sni->conf);
5070 free(sni->conf);
5071 sni->conf = NULL;
5072 }
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]5073 free(sni);
5074 node = back;
5075 }
5076
Willy Tarreau2a65ff02012-09-13 17:54:29 +0200[diff] [blame]5077 node = ebmb_first(&bind_conf->sni_w_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]5078 while (node) {
5079 sni = ebmb_entry(node, struct sni_ctx, name);
5080 back = ebmb_next(node);
5081 ebmb_delete(node);
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]5082 if (!sni->order) { /* only free the CTX on its first occurrence */
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]5083 SSL_CTX_free(sni->ctx);
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]5084 ssl_sock_free_ssl_conf(sni->conf);
5085 free(sni->conf);
5086 sni->conf = NULL;
5087 }
Emeric Brunfc0421f2012-09-07 17:30:07 +0200[diff] [blame]5088 free(sni);
5089 node = back;
5090 }
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +0100[diff] [blame]5091 SSL_CTX_free(bind_conf->initial_ctx);
5092 bind_conf->initial_ctx = NULL;
Willy Tarreau2a65ff02012-09-13 17:54:29 +0200[diff] [blame]5093 bind_conf->default_ctx = NULL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]5094 bind_conf->default_ssl_conf = NULL;
Emeric Brune1f38db2012-09-03 20:36:47 +0200[diff] [blame]5095}
5096
Willy Tarreau795cdab2016-12-22 17:30:54 +0100[diff] [blame]5097/* Destroys all the contexts for a bind_conf. This is used during deinit(). */
5098void ssl_sock_destroy_bind_conf(struct bind_conf *bind_conf)
5099{
5100 ssl_sock_free_ca(bind_conf);
5101 ssl_sock_free_all_ctx(bind_conf);
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]5102 ssl_sock_free_ssl_conf(&bind_conf->ssl_conf);
Willy Tarreau795cdab2016-12-22 17:30:54 +0100[diff] [blame]5103 free(bind_conf->ca_sign_file);
5104 free(bind_conf->ca_sign_pass);
Willy Tarreau17b4aa12018-07-17 10:05:32 +0200[diff] [blame]5105 if (bind_conf->keys_ref && !--bind_conf->keys_ref->refcount) {
Willy Tarreau795cdab2016-12-22 17:30:54 +0100[diff] [blame]5106 free(bind_conf->keys_ref->filename);
5107 free(bind_conf->keys_ref->tlskeys);
5108 LIST_DEL(&bind_conf->keys_ref->list);
5109 free(bind_conf->keys_ref);
5110 }
5111 bind_conf->keys_ref = NULL;
Willy Tarreau795cdab2016-12-22 17:30:54 +0100[diff] [blame]5112 bind_conf->ca_sign_pass = NULL;
5113 bind_conf->ca_sign_file = NULL;
Willy Tarreau795cdab2016-12-22 17:30:54 +0100[diff] [blame]5114}
5115
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5116/* Load CA cert file and private key used to generate certificates */
5117int
Willy Tarreau03209342016-12-22 17:08:28 +0100[diff] [blame]5118ssl_sock_load_ca(struct bind_conf *bind_conf)
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5119{
Willy Tarreau03209342016-12-22 17:08:28 +0100[diff] [blame]5120 struct proxy *px = bind_conf->frontend;
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5121 FILE *fp;
5122 X509 *cacert = NULL;
5123 EVP_PKEY *capkey = NULL;
5124 int err = 0;
5125
Christopher Fauletf8bb0ce2017-09-15 09:52:49 +0200[diff] [blame]5126 if (!bind_conf->generate_certs)
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5127 return err;
5128
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]5129#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]5130 if (global_ssl.ctx_cache) {
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]5131 ssl_ctx_lru_tree = lru64_new(global_ssl.ctx_cache);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]5132 }
Christopher Fauletd2cab922015-07-28 16:03:47 +0200[diff] [blame]5133 ssl_ctx_lru_seed = (unsigned int)time(NULL);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]5134 ssl_ctx_serial = now_ms;
Willy Tarreaua84c2672015-10-09 12:10:13 +0200[diff] [blame]5135#endif
Christopher Fauletd2cab922015-07-28 16:03:47 +0200[diff] [blame]5136
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5137 if (!bind_conf->ca_sign_file) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]5138 ha_alert("Proxy '%s': cannot enable certificate generation, "
5139 "no CA certificate File configured at [%s:%d].\n",
5140 px->id, bind_conf->file, bind_conf->line);
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5141 goto load_error;
Christopher Fauletc6f02fb2015-10-09 10:53:31 +0200[diff] [blame]5142 }
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5143
5144 /* read in the CA certificate */
5145 if (!(fp = fopen(bind_conf->ca_sign_file, "r"))) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]5146 ha_alert("Proxy '%s': Failed to read CA certificate file '%s' at [%s:%d].\n",
5147 px->id, bind_conf->ca_sign_file, bind_conf->file, bind_conf->line);
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5148 goto load_error;
5149 }
5150 if (!(cacert = PEM_read_X509(fp, NULL, NULL, NULL))) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]5151 ha_alert("Proxy '%s': Failed to read CA certificate file '%s' at [%s:%d].\n",
5152 px->id, bind_conf->ca_sign_file, bind_conf->file, bind_conf->line);
Christopher Fauletc6f02fb2015-10-09 10:53:31 +0200[diff] [blame]5153 goto read_error;
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5154 }
Christopher Fauletc6f02fb2015-10-09 10:53:31 +0200[diff] [blame]5155 rewind(fp);
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5156 if (!(capkey = PEM_read_PrivateKey(fp, NULL, NULL, bind_conf->ca_sign_pass))) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]5157 ha_alert("Proxy '%s': Failed to read CA private key file '%s' at [%s:%d].\n",
5158 px->id, bind_conf->ca_sign_file, bind_conf->file, bind_conf->line);
Christopher Fauletc6f02fb2015-10-09 10:53:31 +0200[diff] [blame]5159 goto read_error;
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5160 }
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5161
Christopher Fauletc6f02fb2015-10-09 10:53:31 +0200[diff] [blame]5162 fclose (fp);
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5163 bind_conf->ca_sign_cert = cacert;
5164 bind_conf->ca_sign_pkey = capkey;
5165 return err;
5166
Christopher Fauletc6f02fb2015-10-09 10:53:31 +0200[diff] [blame]5167 read_error:
5168 fclose (fp);
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5169 if (capkey) EVP_PKEY_free(capkey);
5170 if (cacert) X509_free(cacert);
Christopher Fauletc6f02fb2015-10-09 10:53:31 +0200[diff] [blame]5171 load_error:
5172 bind_conf->generate_certs = 0;
5173 err++;
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5174 return err;
5175}
5176
5177/* Release CA cert and private key used to generate certificated */
5178void
5179ssl_sock_free_ca(struct bind_conf *bind_conf)
5180{
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5181 if (bind_conf->ca_sign_pkey)
5182 EVP_PKEY_free(bind_conf->ca_sign_pkey);
5183 if (bind_conf->ca_sign_cert)
5184 X509_free(bind_conf->ca_sign_cert);
Willy Tarreau94ff03a2016-12-22 17:57:46 +0100[diff] [blame]5185 bind_conf->ca_sign_pkey = NULL;
5186 bind_conf->ca_sign_cert = NULL;
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]5187}
5188
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5189/*
5190 * This function is called if SSL * context is not yet allocated. The function
5191 * is designed to be called before any other data-layer operation and sets the
5192 * handshake flag on the connection. It is safe to call it multiple times.
5193 * It returns 0 on success and -1 in error case.
5194 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5195static int ssl_sock_init(struct connection *conn, void **xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5196{
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5197 struct ssl_sock_ctx *ctx;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5198 /* already initialized */
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5199 if (*xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5200 return 0;
5201
Willy Tarreau3c728722014-01-23 13:50:42 +0100[diff] [blame]5202 if (!conn_ctrl_ready(conn))
Willy Tarreauf79c8172013-10-21 16:30:56 +0200[diff] [blame]5203 return 0;
5204
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5205 ctx = pool_alloc(ssl_sock_ctx_pool);
5206 if (!ctx) {
5207 conn->err_code = CO_ER_SSL_NO_MEM;
5208 return -1;
5209 }
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5210 ctx->sent_early_data = 0;
5211 ctx->tmp_early_data = -1;
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]5212 ctx->conn = conn;
5213
5214 /* Only work with sockets for now, this should be adapted when we'll
5215 * add QUIC support.
5216 */
5217 ctx->xprt = xprt_get(XPRT_RAW);
5218 if (ctx->xprt->init)
5219 ctx->xprt->init(conn, &ctx->xprt_ctx);
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5220
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]5221 if (global.maxsslconn && sslconns >= global.maxsslconn) {
5222 conn->err_code = CO_ER_SSL_TOO_MANY;
Willy Tarreau403edff2012-09-06 11:58:37 +0200[diff] [blame]5223 return -1;
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]5224 }
Willy Tarreau403edff2012-09-06 11:58:37 +0200[diff] [blame]5225
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5226 /* If it is in client mode initiate SSL session
5227 in connect state otherwise accept state */
Willy Tarreau3fdb3662012-11-12 00:42:33 +0100[diff] [blame]5228 if (objt_server(conn->target)) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +0100[diff] [blame]5229 int may_retry = 1;
5230
5231 retry_connect:
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5232 /* Alloc a new SSL session ctx */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5233 ctx->ssl = SSL_new(__objt_server(conn->target)->ssl_ctx.ctx);
5234 if (!ctx->ssl) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +0100[diff] [blame]5235 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +0100[diff] [blame]5236 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +0100[diff] [blame]5237 goto retry_connect;
5238 }
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]5239 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5240 goto err;
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]5241 }
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]5242 ctx->bio = BIO_new(ha_meth);
5243 if (!ctx->bio) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +0100[diff] [blame]5244 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +0100[diff] [blame]5245 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +0100[diff] [blame]5246 goto retry_connect;
5247 }
Emeric Brun55476152014-11-12 17:35:37 +0100[diff] [blame]5248 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5249 goto err;
Emeric Brun55476152014-11-12 17:35:37 +0100[diff] [blame]5250 }
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]5251#if HA_OPENSSL_VERSION_NUMBER < 0x10100000
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]5252 ctx->bio->ptr = ctx;
5253#else
5254 BIO_set_data(ctx->bio, ctx);
5255#endif
5256 SSL_set_bio(ctx->ssl, ctx->bio, ctx->bio);
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5257
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]5258 /* set connection pointer */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5259 if (!SSL_set_ex_data(ctx->ssl, ssl_app_data_index, conn)) {
5260 SSL_free(ctx->ssl);
5261 ctx->ssl = NULL;
Emeric Brun55476152014-11-12 17:35:37 +0100[diff] [blame]5262 conn->xprt_ctx = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +0100[diff] [blame]5263 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +0100[diff] [blame]5264 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +0100[diff] [blame]5265 goto retry_connect;
5266 }
Emeric Brun55476152014-11-12 17:35:37 +0100[diff] [blame]5267 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5268 goto err;
Emeric Brun55476152014-11-12 17:35:37 +0100[diff] [blame]5269 }
5270
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5271 SSL_set_connect_state(ctx->ssl);
Willy Tarreau07d94e42018-09-20 10:57:52 +0200[diff] [blame]5272 if (__objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr) {
5273 const unsigned char *ptr = __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr;
5274 SSL_SESSION *sess = d2i_SSL_SESSION(NULL, &ptr, __objt_server(conn->target)->ssl_ctx.reused_sess[tid].size);
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5275 if (sess && !SSL_set_session(ctx->ssl, sess)) {
Olivier Houcharde6060c52017-11-16 17:42:52 +0100[diff] [blame]5276 SSL_SESSION_free(sess);
Willy Tarreau07d94e42018-09-20 10:57:52 +0200[diff] [blame]5277 free(__objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr);
5278 __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr = NULL;
Olivier Houcharde6060c52017-11-16 17:42:52 +0100[diff] [blame]5279 } else if (sess) {
5280 SSL_SESSION_free(sess);
Emeric Brun55476152014-11-12 17:35:37 +0100[diff] [blame]5281 }
5282 }
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]5283
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5284 /* leave init state and start handshake */
Willy Tarreau05737472012-09-04 08:03:39 +0200[diff] [blame]5285 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Willy Tarreau403edff2012-09-06 11:58:37 +0200[diff] [blame]5286
Olivier Houchard2be5a4c2019-03-08 18:54:43 +0100[diff] [blame]5287 _HA_ATOMIC_ADD(&sslconns, 1);
5288 _HA_ATOMIC_ADD(&totalsslconns, 1);
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5289 *xprt_ctx = ctx;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5290 return 0;
5291 }
Willy Tarreau3fdb3662012-11-12 00:42:33 +0100[diff] [blame]5292 else if (objt_listener(conn->target)) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +0100[diff] [blame]5293 int may_retry = 1;
5294
5295 retry_accept:
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5296 /* Alloc a new SSL session ctx */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5297 ctx->ssl = SSL_new(__objt_listener(conn->target)->bind_conf->initial_ctx);
5298 if (!ctx->ssl) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +0100[diff] [blame]5299 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +0100[diff] [blame]5300 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +0100[diff] [blame]5301 goto retry_accept;
5302 }
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]5303 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5304 goto err;
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]5305 }
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5306
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]5307 ctx->bio = BIO_new(ha_meth);
5308 if (!ctx->bio) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +0100[diff] [blame]5309 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +0100[diff] [blame]5310 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +0100[diff] [blame]5311 goto retry_accept;
5312 }
Emeric Brun55476152014-11-12 17:35:37 +0100[diff] [blame]5313 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5314 goto err;
Emeric Brun55476152014-11-12 17:35:37 +0100[diff] [blame]5315 }
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]5316#if HA_OPENSSL_VERSION_NUMBER < 0x10100000
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]5317 ctx->bio->ptr = ctx;
5318#else
5319 BIO_set_data(ctx->bio, ctx);
5320#endif
5321 SSL_set_bio(ctx->ssl, ctx->bio, ctx->bio);
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5322
Emeric Brune1f38db2012-09-03 20:36:47 +0200[diff] [blame]5323 /* set connection pointer */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5324 if (!SSL_set_ex_data(ctx->ssl, ssl_app_data_index, conn)) {
5325 SSL_free(ctx->ssl);
5326 ctx->ssl = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +0100[diff] [blame]5327 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +0100[diff] [blame]5328 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +0100[diff] [blame]5329 goto retry_accept;
5330 }
Emeric Brun55476152014-11-12 17:35:37 +0100[diff] [blame]5331 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5332 goto err;
Emeric Brun55476152014-11-12 17:35:37 +0100[diff] [blame]5333 }
5334
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5335 SSL_set_accept_state(ctx->ssl);
Emeric Brune1f38db2012-09-03 20:36:47 +0200[diff] [blame]5336
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5337 /* leave init state and start handshake */
Willy Tarreau05737472012-09-04 08:03:39 +0200[diff] [blame]5338 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5339#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L) || defined(OPENSSL_IS_BORINGSSL)
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5340 conn->flags |= CO_FL_EARLY_SSL_HS;
5341#endif
Willy Tarreau403edff2012-09-06 11:58:37 +0200[diff] [blame]5342
Olivier Houchard2be5a4c2019-03-08 18:54:43 +0100[diff] [blame]5343 _HA_ATOMIC_ADD(&sslconns, 1);
5344 _HA_ATOMIC_ADD(&totalsslconns, 1);
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5345 *xprt_ctx = ctx;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5346 return 0;
5347 }
5348 /* don't know how to handle such a target */
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]5349 conn->err_code = CO_ER_SSL_NO_TARGET;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5350err:
5351 pool_free(ssl_sock_ctx_pool, ctx);
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5352 return -1;
5353}
5354
5355
5356/* This is the callback which is used when an SSL handshake is pending. It
5357 * updates the FD status if it wants some polling before being called again.
5358 * It returns 0 if it fails in a fatal way or needs to poll to go further,
5359 * otherwise it returns non-zero and removes itself from the connection's
5360 * flags (the bit is provided in <flag> by the caller).
5361 */
5362int ssl_sock_handshake(struct connection *conn, unsigned int flag)
5363{
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5364 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5365 int ret;
5366
Willy Tarreau3c728722014-01-23 13:50:42 +0100[diff] [blame]5367 if (!conn_ctrl_ready(conn))
Willy Tarreauf79c8172013-10-21 16:30:56 +0200[diff] [blame]5368 return 0;
5369
Willy Tarreauf7bc57c2012-10-03 00:19:48 +0200[diff] [blame]5370 if (!conn->xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5371 goto out_error;
5372
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5373#if HA_OPENSSL_VERSION_NUMBER >= 0x10101000L
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5374 /*
5375 * Check if we have early data. If we do, we have to read them
5376 * before SSL_do_handshake() is called, And there's no way to
5377 * detect early data, except to try to read them
5378 */
5379 if (conn->flags & CO_FL_EARLY_SSL_HS) {
5380 size_t read_data;
5381
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5382 ret = SSL_read_early_data(ctx->ssl, &ctx->tmp_early_data,
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5383 1, &read_data);
5384 if (ret == SSL_READ_EARLY_DATA_ERROR)
5385 goto check_error;
5386 if (ret == SSL_READ_EARLY_DATA_SUCCESS) {
5387 conn->flags &= ~(CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN);
5388 return 1;
5389 } else
5390 conn->flags &= ~CO_FL_EARLY_SSL_HS;
5391 }
5392#endif
Emeric Brun674b7432012-11-08 19:21:55 +0100[diff] [blame]5393 /* If we use SSL_do_handshake to process a reneg initiated by
5394 * the remote peer, it sometimes returns SSL_ERROR_SSL.
5395 * Usually SSL_write and SSL_read are used and process implicitly
5396 * the reneg handshake.
5397 * Here we use SSL_peek as a workaround for reneg.
5398 */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5399 if ((conn->flags & CO_FL_CONNECTED) && SSL_renegotiate_pending(ctx->ssl)) {
Emeric Brun674b7432012-11-08 19:21:55 +0100[diff] [blame]5400 char c;
5401
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5402 ret = SSL_peek(ctx->ssl, &c, 1);
Emeric Brun674b7432012-11-08 19:21:55 +0100[diff] [blame]5403 if (ret <= 0) {
5404 /* handshake may have not been completed, let's find why */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5405 ret = SSL_get_error(ctx->ssl, ret);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]5406
Emeric Brun674b7432012-11-08 19:21:55 +0100[diff] [blame]5407 if (ret == SSL_ERROR_WANT_WRITE) {
5408 /* SSL handshake needs to write, L4 connection may not be ready */
5409 __conn_sock_stop_recv(conn);
Willy Tarreaue1f50c42014-01-22 20:02:06 +0100[diff] [blame]5410 __conn_sock_want_send(conn);
Willy Tarreau585744b2017-08-24 14:31:19 +0200[diff] [blame]5411 fd_cant_send(conn->handle.fd);
Emeric Brun674b7432012-11-08 19:21:55 +0100[diff] [blame]5412 return 0;
5413 }
5414 else if (ret == SSL_ERROR_WANT_READ) {
5415 /* handshake may have been completed but we have
5416 * no more data to read.
5417 */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5418 if (!SSL_renegotiate_pending(ctx->ssl)) {
Emeric Brun674b7432012-11-08 19:21:55 +0100[diff] [blame]5419 ret = 1;
5420 goto reneg_ok;
5421 }
5422 /* SSL handshake needs to read, L4 connection is ready */
5423 if (conn->flags & CO_FL_WAIT_L4_CONN)
5424 conn->flags &= ~CO_FL_WAIT_L4_CONN;
5425 __conn_sock_stop_send(conn);
Willy Tarreaue1f50c42014-01-22 20:02:06 +0100[diff] [blame]5426 __conn_sock_want_recv(conn);
Willy Tarreau585744b2017-08-24 14:31:19 +0200[diff] [blame]5427 fd_cant_recv(conn->handle.fd);
Emeric Brun674b7432012-11-08 19:21:55 +0100[diff] [blame]5428 return 0;
5429 }
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5430#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]5431 else if (ret == SSL_ERROR_WANT_ASYNC) {
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5432 ssl_async_process_fds(conn, ctx->ssl);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]5433 return 0;
5434 }
5435#endif
Emeric Brun674b7432012-11-08 19:21:55 +0100[diff] [blame]5436 else if (ret == SSL_ERROR_SYSCALL) {
5437 /* if errno is null, then connection was successfully established */
5438 if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
5439 conn->flags &= ~CO_FL_WAIT_L4_CONN;
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]5440 if (!conn->err_code) {
Emeric Brun77e89192018-08-16 11:36:40 +0200[diff] [blame]5441#ifdef OPENSSL_IS_BORINGSSL /* BoringSSL */
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]5442 conn->err_code = CO_ER_SSL_HANDSHAKE;
5443#else
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]5444 int empty_handshake;
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5445#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5446 OSSL_HANDSHAKE_STATE state = SSL_get_state((SSL *)ctx->ssl);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]5447 empty_handshake = state == TLS_ST_BEFORE;
5448#else
Ilya Shipitsin54832b92019-05-05 23:27:54 +0500[diff] [blame]5449 empty_handshake = SSL_state((SSL *)ctx->ssl) == SSL_ST_BEFORE;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]5450#endif
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]5451 if (empty_handshake) {
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]5452 if (!errno) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5453 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]5454 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
5455 else
5456 conn->err_code = CO_ER_SSL_EMPTY;
5457 }
5458 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5459 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]5460 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
5461 else
5462 conn->err_code = CO_ER_SSL_ABORT;
5463 }
5464 }
5465 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5466 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]5467 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]5468 else
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]5469 conn->err_code = CO_ER_SSL_HANDSHAKE;
5470 }
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]5471#endif
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]5472 }
Emeric Brun674b7432012-11-08 19:21:55 +0100[diff] [blame]5473 goto out_error;
5474 }
5475 else {
5476 /* Fail on all other handshake errors */
5477 /* Note: OpenSSL may leave unread bytes in the socket's
5478 * buffer, causing an RST to be emitted upon close() on
5479 * TCP sockets. We first try to drain possibly pending
5480 * data to avoid this as much as possible.
5481 */
Willy Tarreaud85c4852015-03-13 00:40:28 +0100[diff] [blame]5482 conn_sock_drain(conn);
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]5483 if (!conn->err_code)
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5484 conn->err_code = (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT) ?
Willy Tarreauf51c6982014-04-25 20:02:39 +0200[diff] [blame]5485 CO_ER_SSL_KILLED_HB : CO_ER_SSL_HANDSHAKE;
Emeric Brun674b7432012-11-08 19:21:55 +0100[diff] [blame]5486 goto out_error;
5487 }
5488 }
5489 /* read some data: consider handshake completed */
5490 goto reneg_ok;
5491 }
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5492 ret = SSL_do_handshake(ctx->ssl);
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5493check_error:
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5494 if (ret != 1) {
5495 /* handshake did not complete, let's find why */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5496 ret = SSL_get_error(ctx->ssl, ret);
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5497
5498 if (ret == SSL_ERROR_WANT_WRITE) {
5499 /* SSL handshake needs to write, L4 connection may not be ready */
5500 __conn_sock_stop_recv(conn);
Willy Tarreaue1f50c42014-01-22 20:02:06 +0100[diff] [blame]5501 __conn_sock_want_send(conn);
Willy Tarreau585744b2017-08-24 14:31:19 +0200[diff] [blame]5502 fd_cant_send(conn->handle.fd);
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5503 return 0;
5504 }
5505 else if (ret == SSL_ERROR_WANT_READ) {
5506 /* SSL handshake needs to read, L4 connection is ready */
5507 if (conn->flags & CO_FL_WAIT_L4_CONN)
5508 conn->flags &= ~CO_FL_WAIT_L4_CONN;
5509 __conn_sock_stop_send(conn);
Willy Tarreaue1f50c42014-01-22 20:02:06 +0100[diff] [blame]5510 __conn_sock_want_recv(conn);
Willy Tarreau585744b2017-08-24 14:31:19 +0200[diff] [blame]5511 fd_cant_recv(conn->handle.fd);
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5512 return 0;
5513 }
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5514#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]5515 else if (ret == SSL_ERROR_WANT_ASYNC) {
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5516 ssl_async_process_fds(conn, ctx->ssl);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]5517 return 0;
5518 }
5519#endif
Willy Tarreau89230192012-09-28 20:22:13 +0200[diff] [blame]5520 else if (ret == SSL_ERROR_SYSCALL) {
5521 /* if errno is null, then connection was successfully established */
5522 if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
5523 conn->flags &= ~CO_FL_WAIT_L4_CONN;
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]5524 if (!conn->err_code) {
Emeric Brun77e89192018-08-16 11:36:40 +0200[diff] [blame]5525#ifdef OPENSSL_IS_BORINGSSL /* BoringSSL */
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]5526 conn->err_code = CO_ER_SSL_HANDSHAKE;
5527#else
5528 int empty_handshake;
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5529#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5530 OSSL_HANDSHAKE_STATE state = SSL_get_state(ctx->ssl);
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]5531 empty_handshake = state == TLS_ST_BEFORE;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]5532#else
Ilya Shipitsin54832b92019-05-05 23:27:54 +0500[diff] [blame]5533 empty_handshake = SSL_state((SSL *)ctx->ssl) == SSL_ST_BEFORE;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]5534#endif
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]5535 if (empty_handshake) {
5536 if (!errno) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5537 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]5538 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
5539 else
5540 conn->err_code = CO_ER_SSL_EMPTY;
5541 }
5542 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5543 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]5544 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
5545 else
5546 conn->err_code = CO_ER_SSL_ABORT;
5547 }
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]5548 }
5549 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5550 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]5551 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
5552 else
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]5553 conn->err_code = CO_ER_SSL_HANDSHAKE;
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]5554 }
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]5555#endif
Emeric Brun29f037d2014-04-25 19:05:36 +0200[diff] [blame]5556 }
Willy Tarreau89230192012-09-28 20:22:13 +0200[diff] [blame]5557 goto out_error;
5558 }
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5559 else {
5560 /* Fail on all other handshake errors */
Willy Tarreau566dc552012-10-19 20:52:18 +0200[diff] [blame]5561 /* Note: OpenSSL may leave unread bytes in the socket's
5562 * buffer, causing an RST to be emitted upon close() on
5563 * TCP sockets. We first try to drain possibly pending
5564 * data to avoid this as much as possible.
5565 */
Willy Tarreaud85c4852015-03-13 00:40:28 +0100[diff] [blame]5566 conn_sock_drain(conn);
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]5567 if (!conn->err_code)
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5568 conn->err_code = (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT) ?
Willy Tarreauf51c6982014-04-25 20:02:39 +0200[diff] [blame]5569 CO_ER_SSL_KILLED_HB : CO_ER_SSL_HANDSHAKE;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5570 goto out_error;
5571 }
5572 }
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5573#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchard522eea72017-11-03 16:27:47 +0100[diff] [blame]5574 else {
5575 /*
5576 * If the server refused the early data, we have to send a
5577 * 425 to the client, as we no longer have the data to sent
5578 * them again.
5579 */
5580 if ((conn->flags & CO_FL_EARLY_DATA) && (objt_server(conn->target))) {
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5581 if (SSL_get_early_data_status(ctx->ssl) == SSL_EARLY_DATA_REJECTED) {
Olivier Houchard522eea72017-11-03 16:27:47 +0100[diff] [blame]5582 conn->err_code = CO_ER_SSL_EARLY_FAILED;
5583 goto out_error;
5584 }
5585 }
5586 }
5587#endif
5588
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5589
Emeric Brun674b7432012-11-08 19:21:55 +0100[diff] [blame]5590reneg_ok:
Emeric Brunb5e42a82017-06-06 12:35:14 +0000[diff] [blame]5591
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5592#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +0000[diff] [blame]5593 /* ASYNC engine API doesn't support moving read/write
5594 * buffers. So we disable ASYNC mode right after
5595 * the handshake to avoid buffer oveflows.
5596 */
5597 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5598 SSL_clear_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +0000[diff] [blame]5599#endif
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5600 /* Handshake succeeded */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5601 if (!SSL_session_reused(ctx->ssl)) {
Willy Tarreau0c9c2722014-05-28 12:28:58 +0200[diff] [blame]5602 if (objt_server(conn->target)) {
5603 update_freq_ctr(&global.ssl_be_keys_per_sec, 1);
5604 if (global.ssl_be_keys_per_sec.curr_ctr > global.ssl_be_keys_max)
5605 global.ssl_be_keys_max = global.ssl_be_keys_per_sec.curr_ctr;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5606 }
Willy Tarreau0c9c2722014-05-28 12:28:58 +0200[diff] [blame]5607 else {
5608 update_freq_ctr(&global.ssl_fe_keys_per_sec, 1);
5609 if (global.ssl_fe_keys_per_sec.curr_ctr > global.ssl_fe_keys_max)
5610 global.ssl_fe_keys_max = global.ssl_fe_keys_per_sec.curr_ctr;
5611 }
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5612 }
5613
Emmanuel Hocdetca6a9572017-11-23 12:40:07 +0100[diff] [blame]5614#ifdef OPENSSL_IS_BORINGSSL
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5615 if ((conn->flags & CO_FL_EARLY_SSL_HS) && !SSL_in_early_data(ctx->ssl))
Emmanuel Hocdetca6a9572017-11-23 12:40:07 +0100[diff] [blame]5616 conn->flags &= ~CO_FL_EARLY_SSL_HS;
5617#endif
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5618 /* The connection is now established at both layers, it's time to leave */
5619 conn->flags &= ~(flag | CO_FL_WAIT_L4_CONN | CO_FL_WAIT_L6_CONN);
5620 return 1;
5621
5622 out_error:
Emeric Brun644cde02012-12-14 11:21:13 +0100[diff] [blame]5623 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +0200[diff] [blame]5624 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +0100[diff] [blame]5625 ERR_clear_error();
5626
Emeric Brun9fa89732012-10-04 17:09:56 +0200[diff] [blame]5627 /* free resumed session if exists */
Willy Tarreau07d94e42018-09-20 10:57:52 +0200[diff] [blame]5628 if (objt_server(conn->target) && __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr) {
5629 free(__objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr);
5630 __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr = NULL;
Emeric Brun9fa89732012-10-04 17:09:56 +0200[diff] [blame]5631 }
5632
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5633 /* Fail on all other handshake errors */
5634 conn->flags |= CO_FL_ERROR;
Willy Tarreau20879a02012-12-03 16:32:10 +0100[diff] [blame]5635 if (!conn->err_code)
5636 conn->err_code = CO_ER_SSL_HANDSHAKE;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5637 return 0;
5638}
5639
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5640static int ssl_subscribe(struct connection *conn, void *xprt_ctx, int event_type, void *param)
Olivier Houcharddf357842019-03-21 16:30:07 +0100[diff] [blame]5641{
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5642
5643 return conn_subscribe(conn, NULL, event_type, param);
Olivier Houcharddf357842019-03-21 16:30:07 +0100[diff] [blame]5644}
5645
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5646static int ssl_unsubscribe(struct connection *conn, void *xprt_ctx, int event_type, void *param)
Olivier Houcharddf357842019-03-21 16:30:07 +0100[diff] [blame]5647{
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5648
5649 return conn_unsubscribe(conn, NULL, event_type, param);
Olivier Houcharddf357842019-03-21 16:30:07 +0100[diff] [blame]5650}
5651
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5652/* Receive up to <count> bytes from connection <conn>'s socket and store them
Willy Tarreauabf08d92014-01-14 11:31:27 +0100[diff] [blame]5653 * into buffer <buf>. Only one call to recv() is performed, unless the
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5654 * buffer wraps, in which case a second call may be performed. The connection's
5655 * flags are updated with whatever special event is detected (error, read0,
5656 * empty). The caller is responsible for taking care of those events and
5657 * avoiding the call if inappropriate. The function does not call the
5658 * connection's polling update function, so the caller is responsible for this.
5659 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5660static size_t ssl_sock_to_buf(struct connection *conn, void *xprt_ctx, struct buffer *buf, size_t count, int flags)
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5661{
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5662 struct ssl_sock_ctx *ctx = xprt_ctx;
Willy Tarreaubfc4d772018-07-18 11:22:03 +0200[diff] [blame]5663 ssize_t ret;
5664 size_t try, done = 0;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5665
Willy Tarreau31d4dbe2017-10-25 09:32:15 +0200[diff] [blame]5666 conn_refresh_polling_flags(conn);
5667
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5668 if (!ctx)
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5669 goto out_error;
5670
5671 if (conn->flags & CO_FL_HANDSHAKE)
5672 /* a handshake was requested */
5673 return 0;
5674
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5675 /* read the largest possible block. For this, we perform only one call
5676 * to recv() unless the buffer wraps and we exactly fill the first hunk,
5677 * in which case we accept to do it once again. A new attempt is made on
5678 * EINTR too.
5679 */
Willy Tarreau00b0fb92014-01-17 11:09:40 +0100[diff] [blame]5680 while (count > 0) {
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5681 int need_out = 0;
5682
Willy Tarreau591d4452018-06-15 17:21:00 +0200[diff] [blame]5683 try = b_contig_space(buf);
5684 if (!try)
5685 break;
5686
Willy Tarreauabf08d92014-01-14 11:31:27 +0100[diff] [blame]5687 if (try > count)
5688 try = count;
Willy Tarreau591d4452018-06-15 17:21:00 +0200[diff] [blame]5689
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5690 if (((conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_EARLY_DATA)) == CO_FL_EARLY_SSL_HS) &&
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5691 ctx->tmp_early_data != -1) {
5692 *b_tail(buf) = ctx->tmp_early_data;
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5693 done++;
5694 try--;
5695 count--;
Olivier Houchardacd14032018-06-28 18:17:23 +0200[diff] [blame]5696 b_add(buf, 1);
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5697 ctx->tmp_early_data = -1;
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5698 continue;
5699 }
Willy Tarreauabf08d92014-01-14 11:31:27 +0100[diff] [blame]5700
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5701#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5702 if (conn->flags & CO_FL_EARLY_SSL_HS) {
5703 size_t read_length;
5704
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5705 ret = SSL_read_early_data(ctx->ssl,
Willy Tarreau8f9c72d2018-06-07 18:46:28 +0200[diff] [blame]5706 b_tail(buf), try, &read_length);
Olivier Houchard522eea72017-11-03 16:27:47 +0100[diff] [blame]5707 if (ret == SSL_READ_EARLY_DATA_SUCCESS &&
5708 read_length > 0)
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5709 conn->flags |= CO_FL_EARLY_DATA;
5710 if (ret == SSL_READ_EARLY_DATA_SUCCESS ||
5711 ret == SSL_READ_EARLY_DATA_FINISH) {
5712 if (ret == SSL_READ_EARLY_DATA_FINISH) {
5713 /*
5714 * We're done reading the early data,
5715 * let's make the handshake
5716 */
5717 conn->flags &= ~CO_FL_EARLY_SSL_HS;
5718 conn->flags |= CO_FL_SSL_WAIT_HS;
5719 need_out = 1;
5720 if (read_length == 0)
5721 break;
5722 }
5723 ret = read_length;
5724 }
5725 } else
5726#endif
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5727 ret = SSL_read(ctx->ssl, b_tail(buf), try);
Emmanuel Hocdetca6a9572017-11-23 12:40:07 +0100[diff] [blame]5728#ifdef OPENSSL_IS_BORINGSSL
5729 if (conn->flags & CO_FL_EARLY_SSL_HS) {
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5730 if (SSL_in_early_data(ctx->ssl)) {
Emmanuel Hocdetca6a9572017-11-23 12:40:07 +0100[diff] [blame]5731 if (ret > 0)
5732 conn->flags |= CO_FL_EARLY_DATA;
5733 } else {
Emmanuel Hocdetcebd7962017-11-27 16:14:40 +0100[diff] [blame]5734 conn->flags &= ~(CO_FL_EARLY_SSL_HS);
Emmanuel Hocdetca6a9572017-11-23 12:40:07 +0100[diff] [blame]5735 }
5736 }
5737#endif
Emeric Brune1f38db2012-09-03 20:36:47 +0200[diff] [blame]5738 if (conn->flags & CO_FL_ERROR) {
5739 /* CO_FL_ERROR may be set by ssl_sock_infocbk */
Emeric Brun644cde02012-12-14 11:21:13 +0100[diff] [blame]5740 goto out_error;
Emeric Brune1f38db2012-09-03 20:36:47 +0200[diff] [blame]5741 }
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5742 if (ret > 0) {
Olivier Houchardacd14032018-06-28 18:17:23 +0200[diff] [blame]5743 b_add(buf, ret);
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5744 done += ret;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5745 count -= ret;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5746 }
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5747 else {
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5748 ret = SSL_get_error(ctx->ssl, ret);
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5749 if (ret == SSL_ERROR_WANT_WRITE) {
Emeric Brun8af8dd12012-11-08 17:56:20 +0100[diff] [blame]5750 /* handshake is running, and it needs to enable write */
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5751 conn->flags |= CO_FL_SSL_WAIT_HS;
Emeric Brun8af8dd12012-11-08 17:56:20 +0100[diff] [blame]5752 __conn_sock_want_send(conn);
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5753#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +0000[diff] [blame]5754 /* Async mode can be re-enabled, because we're leaving data state.*/
5755 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5756 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +0000[diff] [blame]5757#endif
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5758 break;
5759 }
5760 else if (ret == SSL_ERROR_WANT_READ) {
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5761 if (SSL_renegotiate_pending(ctx->ssl)) {
Emeric Brun282a76a2012-11-08 18:02:56 +0100[diff] [blame]5762 /* handshake is running, and it may need to re-enable read */
5763 conn->flags |= CO_FL_SSL_WAIT_HS;
5764 __conn_sock_want_recv(conn);
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5765#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +0000[diff] [blame]5766 /* Async mode can be re-enabled, because we're leaving data state.*/
5767 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5768 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +0000[diff] [blame]5769#endif
Emeric Brun282a76a2012-11-08 18:02:56 +0100[diff] [blame]5770 break;
5771 }
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5772 /* we need to poll for retry a read later */
Willy Tarreau585744b2017-08-24 14:31:19 +0200[diff] [blame]5773 fd_cant_recv(conn->handle.fd);
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5774 break;
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5775 } else if (ret == SSL_ERROR_ZERO_RETURN)
5776 goto read0;
Christopher Faulet4ac77a92018-02-19 14:25:15 +0100[diff] [blame]5777 /* For SSL_ERROR_SYSCALL, make sure to clear the error
5778 * stack before shutting down the connection for
5779 * reading. */
Olivier Houchard7e2e5052018-02-13 15:17:23 +0100[diff] [blame]5780 if (ret == SSL_ERROR_SYSCALL && (!errno || errno == EAGAIN))
5781 goto clear_ssl_error;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5782 /* otherwise it's a real error */
5783 goto out_error;
5784 }
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5785 if (need_out)
5786 break;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5787 }
Willy Tarreau31d4dbe2017-10-25 09:32:15 +0200[diff] [blame]5788 leave:
5789 conn_cond_update_sock_polling(conn);
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5790 return done;
5791
Christopher Faulet4ac77a92018-02-19 14:25:15 +0100[diff] [blame]5792 clear_ssl_error:
5793 /* Clear openssl global errors stack */
5794 ssl_sock_dump_errors(conn);
5795 ERR_clear_error();
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5796 read0:
5797 conn_sock_read0(conn);
Willy Tarreau31d4dbe2017-10-25 09:32:15 +0200[diff] [blame]5798 goto leave;
Christopher Faulet4ac77a92018-02-19 14:25:15 +0100[diff] [blame]5799
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5800 out_error:
Olivier Houchard7e2e5052018-02-13 15:17:23 +0100[diff] [blame]5801 conn->flags |= CO_FL_ERROR;
Emeric Brun644cde02012-12-14 11:21:13 +0100[diff] [blame]5802 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +0200[diff] [blame]5803 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +0100[diff] [blame]5804 ERR_clear_error();
Willy Tarreau31d4dbe2017-10-25 09:32:15 +0200[diff] [blame]5805 goto leave;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5806}
5807
5808
Willy Tarreau787db9a2018-06-14 18:31:46 +0200[diff] [blame]5809/* Send up to <count> pending bytes from buffer <buf> to connection <conn>'s
5810 * socket. <flags> may contain some CO_SFL_* flags to hint the system about
5811 * other pending data for example, but this flag is ignored at the moment.
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5812 * Only one call to send() is performed, unless the buffer wraps, in which case
5813 * a second call may be performed. The connection's flags are updated with
5814 * whatever special event is detected (error, empty). The caller is responsible
5815 * for taking care of those events and avoiding the call if inappropriate. The
5816 * function does not call the connection's polling update function, so the caller
Willy Tarreau787db9a2018-06-14 18:31:46 +0200[diff] [blame]5817 * is responsible for this. The buffer's output is not adjusted, it's up to the
5818 * caller to take care of this. It's up to the caller to update the buffer's
5819 * contents based on the return value.
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5820 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5821static size_t ssl_sock_from_buf(struct connection *conn, void *xprt_ctx, const struct buffer *buf, size_t count, int flags)
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5822{
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5823 struct ssl_sock_ctx *ctx = xprt_ctx;
Willy Tarreau787db9a2018-06-14 18:31:46 +0200[diff] [blame]5824 ssize_t ret;
5825 size_t try, done;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5826
5827 done = 0;
Willy Tarreau31d4dbe2017-10-25 09:32:15 +0200[diff] [blame]5828 conn_refresh_polling_flags(conn);
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5829
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5830 if (!ctx)
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5831 goto out_error;
5832
Olivier Houchard010941f2019-05-03 20:56:19 +0200[diff] [blame]5833 if (conn->flags & (CO_FL_HANDSHAKE | CO_FL_EARLY_SSL_HS))
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5834 /* a handshake was requested */
5835 return 0;
5836
5837 /* send the largest possible block. For this we perform only one call
5838 * to send() unless the buffer wraps and we exactly fill the first hunk,
5839 * in which case we accept to do it once again.
5840 */
Willy Tarreau787db9a2018-06-14 18:31:46 +0200[diff] [blame]5841 while (count) {
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5842#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5843 size_t written_data;
5844#endif
5845
Willy Tarreau787db9a2018-06-14 18:31:46 +0200[diff] [blame]5846 try = b_contig_data(buf, done);
5847 if (try > count)
5848 try = count;
Willy Tarreaubfd59462013-02-21 07:46:09 +0100[diff] [blame]5849
Willy Tarreau7bed9452014-02-02 02:00:24 +0100[diff] [blame]5850 if (!(flags & CO_SFL_STREAMER) &&
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5851 !(ctx->xprt_st & SSL_SOCK_SEND_UNLIMITED) &&
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]5852 global_ssl.max_record && try > global_ssl.max_record) {
5853 try = global_ssl.max_record;
Willy Tarreau518cedd2014-02-17 15:43:01 +0100[diff] [blame]5854 }
5855 else {
5856 /* we need to keep the information about the fact that
5857 * we're not limiting the upcoming send(), because if it
5858 * fails, we'll have to retry with at least as many data.
5859 */
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5860 ctx->xprt_st |= SSL_SOCK_SEND_UNLIMITED;
Willy Tarreau518cedd2014-02-17 15:43:01 +0100[diff] [blame]5861 }
Willy Tarreaubfd59462013-02-21 07:46:09 +0100[diff] [blame]5862
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5863#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchard010941f2019-05-03 20:56:19 +0200[diff] [blame]5864 if (!SSL_is_init_finished(ctx->ssl) && conn_is_back(conn)) {
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5865 unsigned int max_early;
5866
Olivier Houchard522eea72017-11-03 16:27:47 +0100[diff] [blame]5867 if (objt_listener(conn->target))
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5868 max_early = SSL_get_max_early_data(ctx->ssl);
Olivier Houchard522eea72017-11-03 16:27:47 +0100[diff] [blame]5869 else {
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5870 if (SSL_get0_session(ctx->ssl))
5871 max_early = SSL_SESSION_get_max_early_data(SSL_get0_session(ctx->ssl));
Olivier Houchard522eea72017-11-03 16:27:47 +0100[diff] [blame]5872 else
5873 max_early = 0;
5874 }
5875
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5876 if (try + ctx->sent_early_data > max_early) {
5877 try -= (try + ctx->sent_early_data) - max_early;
Olivier Houchard522eea72017-11-03 16:27:47 +0100[diff] [blame]5878 if (try <= 0) {
Olivier Houchard010941f2019-05-03 20:56:19 +0200[diff] [blame]5879 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5880 break;
Olivier Houchard522eea72017-11-03 16:27:47 +0100[diff] [blame]5881 }
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5882 }
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5883 ret = SSL_write_early_data(ctx->ssl, b_peek(buf, done), try, &written_data);
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5884 if (ret == 1) {
5885 ret = written_data;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5886 ctx->sent_early_data += ret;
Olivier Houchard010941f2019-05-03 20:56:19 +0200[diff] [blame]5887 if (objt_server(conn->target))
Olivier Houchard522eea72017-11-03 16:27:47 +0100[diff] [blame]5888 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN | CO_FL_EARLY_DATA;
Olivier Houchard522eea72017-11-03 16:27:47 +0100[diff] [blame]5889
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]5890 }
5891
5892 } else
5893#endif
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5894 ret = SSL_write(ctx->ssl, b_peek(buf, done), try);
Willy Tarreau518cedd2014-02-17 15:43:01 +0100[diff] [blame]5895
Emeric Brune1f38db2012-09-03 20:36:47 +0200[diff] [blame]5896 if (conn->flags & CO_FL_ERROR) {
5897 /* CO_FL_ERROR may be set by ssl_sock_infocbk */
Emeric Brun644cde02012-12-14 11:21:13 +0100[diff] [blame]5898 goto out_error;
Emeric Brune1f38db2012-09-03 20:36:47 +0200[diff] [blame]5899 }
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5900 if (ret > 0) {
Olivier Houchardf24502b2019-01-17 19:09:11 +0100[diff] [blame]5901 /* A send succeeded, so we can consier ourself connected */
5902 conn->flags |= CO_FL_CONNECTED;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]5903 ctx->xprt_st &= ~SSL_SOCK_SEND_UNLIMITED;
Willy Tarreau787db9a2018-06-14 18:31:46 +0200[diff] [blame]5904 count -= ret;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5905 done += ret;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5906 }
5907 else {
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5908 ret = SSL_get_error(ctx->ssl, ret);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]5909
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5910 if (ret == SSL_ERROR_WANT_WRITE) {
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5911 if (SSL_renegotiate_pending(ctx->ssl)) {
Emeric Brun282a76a2012-11-08 18:02:56 +0100[diff] [blame]5912 /* handshake is running, and it may need to re-enable write */
5913 conn->flags |= CO_FL_SSL_WAIT_HS;
5914 __conn_sock_want_send(conn);
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5915#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +0000[diff] [blame]5916 /* Async mode can be re-enabled, because we're leaving data state.*/
5917 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5918 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +0000[diff] [blame]5919#endif
Emeric Brun282a76a2012-11-08 18:02:56 +0100[diff] [blame]5920 break;
5921 }
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5922 /* we need to poll to retry a write later */
Willy Tarreau585744b2017-08-24 14:31:19 +0200[diff] [blame]5923 fd_cant_send(conn->handle.fd);
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5924 break;
5925 }
5926 else if (ret == SSL_ERROR_WANT_READ) {
Emeric Brun8af8dd12012-11-08 17:56:20 +0100[diff] [blame]5927 /* handshake is running, and it needs to enable read */
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5928 conn->flags |= CO_FL_SSL_WAIT_HS;
Emeric Brun8af8dd12012-11-08 17:56:20 +0100[diff] [blame]5929 __conn_sock_want_recv(conn);
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5930#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +0000[diff] [blame]5931 /* Async mode can be re-enabled, because we're leaving data state.*/
5932 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5933 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +0000[diff] [blame]5934#endif
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]5935 break;
5936 }
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5937 goto out_error;
5938 }
5939 }
Willy Tarreau31d4dbe2017-10-25 09:32:15 +0200[diff] [blame]5940 leave:
5941 conn_cond_update_sock_polling(conn);
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5942 return done;
5943
5944 out_error:
Emeric Brun644cde02012-12-14 11:21:13 +0100[diff] [blame]5945 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +0200[diff] [blame]5946 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +0100[diff] [blame]5947 ERR_clear_error();
5948
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5949 conn->flags |= CO_FL_ERROR;
Willy Tarreau31d4dbe2017-10-25 09:32:15 +0200[diff] [blame]5950 goto leave;
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5951}
5952
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5953static void ssl_sock_close(struct connection *conn, void *xprt_ctx) {
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]5954
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5955 struct ssl_sock_ctx *ctx = xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5956
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]5957 if (ctx) {
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]5958#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]5959 if (global_ssl.async) {
5960 OSSL_ASYNC_FD all_fd[32], afd;
5961 size_t num_all_fds = 0;
5962 int i;
5963
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5964 SSL_get_all_async_fds(ctx->ssl, NULL, &num_all_fds);
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]5965 if (num_all_fds > 32) {
5966 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
5967 return;
5968 }
5969
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5970 SSL_get_all_async_fds(ctx->ssl, all_fd, &num_all_fds);
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]5971
5972 /* If an async job is pending, we must try to
5973 to catch the end using polling before calling
5974 SSL_free */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5975 if (num_all_fds && SSL_waiting_for_async(ctx->ssl)) {
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]5976 for (i=0 ; i < num_all_fds ; i++) {
5977 /* switch on an handler designed to
5978 * handle the SSL_free
5979 */
5980 afd = all_fd[i];
5981 fdtab[afd].iocb = ssl_async_fd_free;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5982 fdtab[afd].owner = ctx->ssl;
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]5983 fd_want_recv(afd);
Emeric Brunce9e01c2017-05-31 10:02:53 +0000[diff] [blame]5984 /* To ensure that the fd cache won't be used
5985 * and we'll catch a real RD event.
5986 */
5987 fd_cant_recv(afd);
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]5988 }
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]5989 pool_free(ssl_sock_ctx_pool, ctx);
Olivier Houchard2be5a4c2019-03-08 18:54:43 +0100[diff] [blame]5990 _HA_ATOMIC_ADD(&jobs, 1);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]5991 return;
5992 }
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]5993 /* Else we can remove the fds from the fdtab
5994 * and call SSL_free.
5995 * note: we do a fd_remove and not a delete
5996 * because the fd is owned by the engine.
5997 * the engine is responsible to close
5998 */
5999 for (i=0 ; i < num_all_fds ; i++)
6000 fd_remove(all_fd[i]);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]6001 }
6002#endif
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6003 SSL_free(ctx->ssl);
6004 pool_free(ssl_sock_ctx_pool, ctx);
Olivier Houchard2be5a4c2019-03-08 18:54:43 +0100[diff] [blame]6005 _HA_ATOMIC_SUB(&sslconns, 1);
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]6006 }
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]6007}
6008
6009/* This function tries to perform a clean shutdown on an SSL connection, and in
6010 * any case, flags the connection as reusable if no handshake was in progress.
6011 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]6012static void ssl_sock_shutw(struct connection *conn, void *xprt_ctx, int clean)
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]6013{
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]6014 struct ssl_sock_ctx *ctx = xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6015
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]6016 if (conn->flags & CO_FL_HANDSHAKE)
6017 return;
Emmanuel Hocdet405ff312017-01-08 14:07:39 +0100[diff] [blame]6018 if (!clean)
6019 /* don't sent notify on SSL_shutdown */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6020 SSL_set_quiet_shutdown(ctx->ssl, 1);
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]6021 /* no handshake was in progress, try a clean ssl shutdown */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6022 if (SSL_shutdown(ctx->ssl) <= 0) {
Emeric Brun644cde02012-12-14 11:21:13 +0100[diff] [blame]6023 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +0200[diff] [blame]6024 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +0100[diff] [blame]6025 ERR_clear_error();
6026 }
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]6027}
6028
Emmanuel Hocdet96b78342017-10-31 15:46:07 +0100[diff] [blame]6029/* used for ppv2 pkey alog (can be used for logging) */
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6030int ssl_sock_get_pkey_algo(struct connection *conn, struct buffer *out)
Emmanuel Hocdet96b78342017-10-31 15:46:07 +0100[diff] [blame]6031{
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6032 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Emmanuel Hocdet96b78342017-10-31 15:46:07 +0100[diff] [blame]6033 struct pkey_info *pkinfo;
6034 int bits = 0;
6035 int sig = TLSEXT_signature_anonymous;
6036 int len = -1;
6037
6038 if (!ssl_sock_is_ssl(conn))
6039 return 0;
6040
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6041 pkinfo = SSL_CTX_get_ex_data(SSL_get_SSL_CTX(ctx->ssl), ssl_pkey_info_index);
Emmanuel Hocdet96b78342017-10-31 15:46:07 +0100[diff] [blame]6042 if (pkinfo) {
6043 sig = pkinfo->sig;
6044 bits = pkinfo->bits;
6045 } else {
6046 /* multicert and generated cert have no pkey info */
6047 X509 *crt;
6048 EVP_PKEY *pkey;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6049 crt = SSL_get_certificate(ctx->ssl);
Emmanuel Hocdet96b78342017-10-31 15:46:07 +0100[diff] [blame]6050 if (!crt)
6051 return 0;
6052 pkey = X509_get_pubkey(crt);
6053 if (pkey) {
6054 bits = EVP_PKEY_bits(pkey);
6055 switch(EVP_PKEY_base_id(pkey)) {
6056 case EVP_PKEY_RSA:
6057 sig = TLSEXT_signature_rsa;
6058 break;
6059 case EVP_PKEY_EC:
6060 sig = TLSEXT_signature_ecdsa;
6061 break;
6062 case EVP_PKEY_DSA:
6063 sig = TLSEXT_signature_dsa;
6064 break;
6065 }
6066 EVP_PKEY_free(pkey);
6067 }
6068 }
6069
6070 switch(sig) {
6071 case TLSEXT_signature_rsa:
6072 len = chunk_printf(out, "RSA%d", bits);
6073 break;
6074 case TLSEXT_signature_ecdsa:
6075 len = chunk_printf(out, "EC%d", bits);
6076 break;
6077 case TLSEXT_signature_dsa:
6078 len = chunk_printf(out, "DSA%d", bits);
6079 break;
6080 default:
6081 return 0;
6082 }
6083 if (len < 0)
6084 return 0;
6085 return 1;
6086}
6087
Emmanuel Hocdet283e0042017-11-02 14:05:23 +0100[diff] [blame]6088/* used for ppv2 cert signature (can be used for logging) */
6089const char *ssl_sock_get_cert_sig(struct connection *conn)
6090{
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6091 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
6092
Emmanuel Hocdet283e0042017-11-02 14:05:23 +0100[diff] [blame]6093 __OPENSSL_110_CONST__ ASN1_OBJECT *algorithm;
6094 X509 *crt;
6095
6096 if (!ssl_sock_is_ssl(conn))
6097 return NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6098 crt = SSL_get_certificate(ctx->ssl);
Emmanuel Hocdet283e0042017-11-02 14:05:23 +0100[diff] [blame]6099 if (!crt)
6100 return NULL;
6101 X509_ALGOR_get0(&algorithm, NULL, NULL, X509_get0_tbs_sigalg(crt));
6102 return OBJ_nid2sn(OBJ_obj2nid(algorithm));
6103}
6104
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +0100[diff] [blame]6105/* used for ppv2 authority */
6106const char *ssl_sock_get_sni(struct connection *conn)
6107{
6108#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6109 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
6110
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +0100[diff] [blame]6111 if (!ssl_sock_is_ssl(conn))
6112 return NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6113 return SSL_get_servername(ctx->ssl, TLSEXT_NAMETYPE_host_name);
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +0100[diff] [blame]6114#else
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6115 return NULL;
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +0100[diff] [blame]6116#endif
6117}
6118
Emmanuel Hocdet01da5712017-10-13 16:59:49 +0200[diff] [blame]6119/* used for logging/ppv2, may be changed for a sample fetch later */
Willy Tarreauffc3fcd2012-10-12 20:17:54 +0200[diff] [blame]6120const char *ssl_sock_get_cipher_name(struct connection *conn)
6121{
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6122 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
6123
Emmanuel Hocdet01da5712017-10-13 16:59:49 +0200[diff] [blame]6124 if (!ssl_sock_is_ssl(conn))
Willy Tarreauffc3fcd2012-10-12 20:17:54 +0200[diff] [blame]6125 return NULL;
Emmanuel Hocdet01da5712017-10-13 16:59:49 +0200[diff] [blame]6126
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6127 return SSL_get_cipher_name(ctx->ssl);
Willy Tarreauffc3fcd2012-10-12 20:17:54 +0200[diff] [blame]6128}
6129
Emmanuel Hocdet01da5712017-10-13 16:59:49 +0200[diff] [blame]6130/* used for logging/ppv2, may be changed for a sample fetch later */
Willy Tarreauffc3fcd2012-10-12 20:17:54 +0200[diff] [blame]6131const char *ssl_sock_get_proto_version(struct connection *conn)
6132{
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6133 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
6134
Emmanuel Hocdet01da5712017-10-13 16:59:49 +0200[diff] [blame]6135 if (!ssl_sock_is_ssl(conn))
Willy Tarreauffc3fcd2012-10-12 20:17:54 +0200[diff] [blame]6136 return NULL;
Emmanuel Hocdet01da5712017-10-13 16:59:49 +0200[diff] [blame]6137
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6138 return SSL_get_version(ctx->ssl);
Willy Tarreauffc3fcd2012-10-12 20:17:54 +0200[diff] [blame]6139}
6140
Willy Tarreau8d598402012-10-22 17:58:39 +0200[diff] [blame]6141/* Extract a serial from a cert, and copy it to a chunk.
6142 * Returns 1 if serial is found and copied, 0 if no serial found and
6143 * -1 if output is not large enough.
6144 */
6145static int
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6146ssl_sock_get_serial(X509 *crt, struct buffer *out)
Willy Tarreau8d598402012-10-22 17:58:39 +0200[diff] [blame]6147{
6148 ASN1_INTEGER *serial;
6149
6150 serial = X509_get_serialNumber(crt);
6151 if (!serial)
6152 return 0;
6153
6154 if (out->size < serial->length)
6155 return -1;
6156
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]6157 memcpy(out->area, serial->data, serial->length);
6158 out->data = serial->length;
Willy Tarreau8d598402012-10-22 17:58:39 +0200[diff] [blame]6159 return 1;
6160}
6161
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]6162/* Extract a cert to der, and copy it to a chunk.
Joseph Herlant017b3da2018-11-15 09:07:59 -0800[diff] [blame]6163 * Returns 1 if the cert is found and copied, 0 on der conversion failure
6164 * and -1 if the output is not large enough.
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]6165 */
6166static int
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6167ssl_sock_crt2der(X509 *crt, struct buffer *out)
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]6168{
6169 int len;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]6170 unsigned char *p = (unsigned char *) out->area;;
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]6171
6172 len =i2d_X509(crt, NULL);
6173 if (len <= 0)
6174 return 1;
6175
6176 if (out->size < len)
6177 return -1;
6178
6179 i2d_X509(crt,&p);
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]6180 out->data = len;
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]6181 return 1;
6182}
6183
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6184
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6185/* Copy Date in ASN1_UTCTIME format in struct buffer out.
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6186 * Returns 1 if serial is found and copied, 0 if no valid time found
6187 * and -1 if output is not large enough.
6188 */
6189static int
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6190ssl_sock_get_time(ASN1_TIME *tm, struct buffer *out)
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6191{
6192 if (tm->type == V_ASN1_GENERALIZEDTIME) {
6193 ASN1_GENERALIZEDTIME *gentm = (ASN1_GENERALIZEDTIME *)tm;
6194
6195 if (gentm->length < 12)
6196 return 0;
6197 if (gentm->data[0] != 0x32 || gentm->data[1] != 0x30)
6198 return 0;
6199 if (out->size < gentm->length-2)
6200 return -1;
6201
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]6202 memcpy(out->area, gentm->data+2, gentm->length-2);
6203 out->data = gentm->length-2;
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6204 return 1;
6205 }
6206 else if (tm->type == V_ASN1_UTCTIME) {
6207 ASN1_UTCTIME *utctm = (ASN1_UTCTIME *)tm;
6208
6209 if (utctm->length < 10)
6210 return 0;
6211 if (utctm->data[0] >= 0x35)
6212 return 0;
6213 if (out->size < utctm->length)
6214 return -1;
6215
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]6216 memcpy(out->area, utctm->data, utctm->length);
6217 out->data = utctm->length;
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6218 return 1;
6219 }
6220
6221 return 0;
6222}
6223
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6224/* Extract an entry from a X509_NAME and copy its value to an output chunk.
6225 * Returns 1 if entry found, 0 if entry not found, or -1 if output not large enough.
6226 */
6227static int
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6228ssl_sock_get_dn_entry(X509_NAME *a, const struct buffer *entry, int pos,
6229 struct buffer *out)
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6230{
6231 X509_NAME_ENTRY *ne;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]6232 ASN1_OBJECT *obj;
6233 ASN1_STRING *data;
6234 const unsigned char *data_ptr;
6235 int data_len;
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6236 int i, j, n;
6237 int cur = 0;
6238 const char *s;
6239 char tmp[128];
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]6240 int name_count;
6241
6242 name_count = X509_NAME_entry_count(a);
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6243
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]6244 out->data = 0;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]6245 for (i = 0; i < name_count; i++) {
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6246 if (pos < 0)
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]6247 j = (name_count-1) - i;
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6248 else
6249 j = i;
6250
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]6251 ne = X509_NAME_get_entry(a, j);
6252 obj = X509_NAME_ENTRY_get_object(ne);
6253 data = X509_NAME_ENTRY_get_data(ne);
6254 data_ptr = ASN1_STRING_get0_data(data);
6255 data_len = ASN1_STRING_length(data);
6256 n = OBJ_obj2nid(obj);
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6257 if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]6258 i2t_ASN1_OBJECT(tmp, sizeof(tmp), obj);
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6259 s = tmp;
6260 }
6261
6262 if (chunk_strcasecmp(entry, s) != 0)
6263 continue;
6264
6265 if (pos < 0)
6266 cur--;
6267 else
6268 cur++;
6269
6270 if (cur != pos)
6271 continue;
6272
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]6273 if (data_len > out->size)
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6274 return -1;
6275
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]6276 memcpy(out->area, data_ptr, data_len);
6277 out->data = data_len;
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6278 return 1;
6279 }
6280
6281 return 0;
6282
6283}
6284
6285/* Extract and format full DN from a X509_NAME and copy result into a chunk
6286 * Returns 1 if dn entries exits, 0 if no dn entry found or -1 if output is not large enough.
6287 */
6288static int
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6289ssl_sock_get_dn_oneline(X509_NAME *a, struct buffer *out)
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6290{
6291 X509_NAME_ENTRY *ne;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]6292 ASN1_OBJECT *obj;
6293 ASN1_STRING *data;
6294 const unsigned char *data_ptr;
6295 int data_len;
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6296 int i, n, ln;
6297 int l = 0;
6298 const char *s;
6299 char *p;
6300 char tmp[128];
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]6301 int name_count;
6302
6303
6304 name_count = X509_NAME_entry_count(a);
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6305
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]6306 out->data = 0;
6307 p = out->area;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]6308 for (i = 0; i < name_count; i++) {
6309 ne = X509_NAME_get_entry(a, i);
6310 obj = X509_NAME_ENTRY_get_object(ne);
6311 data = X509_NAME_ENTRY_get_data(ne);
6312 data_ptr = ASN1_STRING_get0_data(data);
6313 data_len = ASN1_STRING_length(data);
6314 n = OBJ_obj2nid(obj);
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6315 if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]6316 i2t_ASN1_OBJECT(tmp, sizeof(tmp), obj);
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6317 s = tmp;
6318 }
6319 ln = strlen(s);
6320
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]6321 l += 1 + ln + 1 + data_len;
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6322 if (l > out->size)
6323 return -1;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]6324 out->data = l;
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6325
6326 *(p++)='/';
6327 memcpy(p, s, ln);
6328 p += ln;
6329 *(p++)='=';
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]6330 memcpy(p, data_ptr, data_len);
6331 p += data_len;
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6332 }
6333
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]6334 if (!out->data)
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6335 return 0;
6336
6337 return 1;
6338}
6339
Olivier Houchardab28a322018-12-21 19:45:40 +0100[diff] [blame]6340void ssl_sock_set_alpn(struct connection *conn, const unsigned char *alpn, int len)
6341{
6342#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6343 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
6344
6345 SSL_set_alpn_protos(ctx->ssl, alpn, len);
Olivier Houchardab28a322018-12-21 19:45:40 +0100[diff] [blame]6346#endif
6347}
6348
Willy Tarreau119a4082016-12-22 21:58:38 +0100[diff] [blame]6349/* Sets advertised SNI for outgoing connections. Please set <hostname> to NULL
6350 * to disable SNI.
6351 */
Willy Tarreau63076412015-07-10 11:33:32 +0200[diff] [blame]6352void ssl_sock_set_servername(struct connection *conn, const char *hostname)
6353{
6354#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6355 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
6356
Willy Tarreau119a4082016-12-22 21:58:38 +0100[diff] [blame]6357 char *prev_name;
6358
Willy Tarreau63076412015-07-10 11:33:32 +0200[diff] [blame]6359 if (!ssl_sock_is_ssl(conn))
6360 return;
6361
Willy Tarreau119a4082016-12-22 21:58:38 +0100[diff] [blame]6362 /* if the SNI changes, we must destroy the reusable context so that a
6363 * new connection will present a new SNI. As an optimization we could
6364 * later imagine having a small cache of ssl_ctx to hold a few SNI per
6365 * server.
6366 */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6367 prev_name = (char *)SSL_get_servername(ctx->ssl, TLSEXT_NAMETYPE_host_name);
Willy Tarreau119a4082016-12-22 21:58:38 +0100[diff] [blame]6368 if ((!prev_name && hostname) ||
6369 (prev_name && (!hostname || strcmp(hostname, prev_name) != 0)))
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6370 SSL_set_session(ctx->ssl, NULL);
Willy Tarreau119a4082016-12-22 21:58:38 +0100[diff] [blame]6371
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6372 SSL_set_tlsext_host_name(ctx->ssl, hostname);
Willy Tarreau63076412015-07-10 11:33:32 +0200[diff] [blame]6373#endif
6374}
6375
Emeric Brun0abf8362014-06-24 18:26:41 +0200[diff] [blame]6376/* Extract peer certificate's common name into the chunk dest
6377 * Returns
6378 * the len of the extracted common name
6379 * or 0 if no CN found in DN
6380 * or -1 on error case (i.e. no peer certificate)
6381 */
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6382int ssl_sock_get_remote_common_name(struct connection *conn,
6383 struct buffer *dest)
David Safb76832014-05-08 23:42:08 -0400[diff] [blame]6384{
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6385 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
David Safb76832014-05-08 23:42:08 -0400[diff] [blame]6386 X509 *crt = NULL;
6387 X509_NAME *name;
David Safb76832014-05-08 23:42:08 -0400[diff] [blame]6388 const char find_cn[] = "CN";
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6389 const struct buffer find_cn_chunk = {
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]6390 .area = (char *)&find_cn,
6391 .data = sizeof(find_cn)-1
David Safb76832014-05-08 23:42:08 -0400[diff] [blame]6392 };
Emeric Brun0abf8362014-06-24 18:26:41 +0200[diff] [blame]6393 int result = -1;
David Safb76832014-05-08 23:42:08 -0400[diff] [blame]6394
6395 if (!ssl_sock_is_ssl(conn))
Emeric Brun0abf8362014-06-24 18:26:41 +0200[diff] [blame]6396 goto out;
David Safb76832014-05-08 23:42:08 -0400[diff] [blame]6397
6398 /* SSL_get_peer_certificate, it increase X509 * ref count */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6399 crt = SSL_get_peer_certificate(ctx->ssl);
David Safb76832014-05-08 23:42:08 -0400[diff] [blame]6400 if (!crt)
6401 goto out;
6402
6403 name = X509_get_subject_name(crt);
6404 if (!name)
6405 goto out;
David Safb76832014-05-08 23:42:08 -0400[diff] [blame]6406
Emeric Brun0abf8362014-06-24 18:26:41 +0200[diff] [blame]6407 result = ssl_sock_get_dn_entry(name, &find_cn_chunk, 1, dest);
6408out:
David Safb76832014-05-08 23:42:08 -0400[diff] [blame]6409 if (crt)
6410 X509_free(crt);
6411
6412 return result;
6413}
6414
Dave McCowan328fb582014-07-30 10:39:13 -0400[diff] [blame]6415/* returns 1 if client passed a certificate for this session, 0 if not */
6416int ssl_sock_get_cert_used_sess(struct connection *conn)
6417{
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6418 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Dave McCowan328fb582014-07-30 10:39:13 -0400[diff] [blame]6419 X509 *crt = NULL;
6420
6421 if (!ssl_sock_is_ssl(conn))
6422 return 0;
6423
6424 /* SSL_get_peer_certificate, it increase X509 * ref count */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6425 crt = SSL_get_peer_certificate(ctx->ssl);
Dave McCowan328fb582014-07-30 10:39:13 -0400[diff] [blame]6426 if (!crt)
6427 return 0;
6428
6429 X509_free(crt);
6430 return 1;
6431}
6432
6433/* returns 1 if client passed a certificate for this connection, 0 if not */
6434int ssl_sock_get_cert_used_conn(struct connection *conn)
David Safb76832014-05-08 23:42:08 -0400[diff] [blame]6435{
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]6436 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
6437
David Safb76832014-05-08 23:42:08 -0400[diff] [blame]6438 if (!ssl_sock_is_ssl(conn))
6439 return 0;
6440
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]6441 return SSL_SOCK_ST_FL_VERIFY_DONE & ctx->xprt_st ? 1 : 0;
David Safb76832014-05-08 23:42:08 -0400[diff] [blame]6442}
6443
6444/* returns result from SSL verify */
6445unsigned int ssl_sock_get_verify_result(struct connection *conn)
6446{
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6447 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
6448
David Safb76832014-05-08 23:42:08 -0400[diff] [blame]6449 if (!ssl_sock_is_ssl(conn))
6450 return (unsigned int)X509_V_ERR_APPLICATION_VERIFICATION;
6451
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6452 return (unsigned int)SSL_get_verify_result(ctx->ssl);
David Safb76832014-05-08 23:42:08 -0400[diff] [blame]6453}
6454
Willy Tarreau8743f7e2016-12-04 18:44:29 +0100[diff] [blame]6455/* Returns the application layer protocol name in <str> and <len> when known.
6456 * Zero is returned if the protocol name was not found, otherwise non-zero is
6457 * returned. The string is allocated in the SSL context and doesn't have to be
6458 * freed by the caller. NPN is also checked if available since older versions
6459 * of openssl (1.0.1) which are more common in field only support this one.
6460 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]6461static int ssl_sock_get_alpn(const struct connection *conn, void *xprt_ctx, const char **str, int *len)
Willy Tarreau8743f7e2016-12-04 18:44:29 +0100[diff] [blame]6462{
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6463#if defined(TLSEXT_TYPE_application_layer_protocol_negotiation) || \
6464 defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]6465 struct ssl_sock_ctx *ctx = xprt_ctx;
6466 if (!ctx)
Willy Tarreau8743f7e2016-12-04 18:44:29 +0100[diff] [blame]6467 return 0;
6468
6469 *str = NULL;
6470
6471#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6472 SSL_get0_alpn_selected(ctx->ssl, (const unsigned char **)str, (unsigned *)len);
Willy Tarreau8743f7e2016-12-04 18:44:29 +0100[diff] [blame]6473 if (*str)
6474 return 1;
6475#endif
Bernard Spil13c53f82018-02-15 13:34:58 +0100[diff] [blame]6476#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6477 SSL_get0_next_proto_negotiated(ctx->ssl, (const unsigned char **)str, (unsigned *)len);
Willy Tarreau8743f7e2016-12-04 18:44:29 +0100[diff] [blame]6478 if (*str)
6479 return 1;
6480#endif
Olivier Houcharde179d0e2019-03-21 18:27:17 +0100[diff] [blame]6481#endif
Willy Tarreau8743f7e2016-12-04 18:44:29 +0100[diff] [blame]6482 return 0;
6483}
6484
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]6485/***** Below are some sample fetching functions for ACL/patterns *****/
6486
Olivier Houchardccaa7de2017-10-02 11:51:03 +0200[diff] [blame]6487static int
6488smp_fetch_ssl_fc_has_early(const struct arg *args, struct sample *smp, const char *kw, void *private)
6489{
6490 struct connection *conn;
6491
6492 conn = objt_conn(smp->sess->origin);
6493 if (!conn || conn->xprt != &ssl_sock)
6494 return 0;
6495
6496 smp->flags = 0;
6497 smp->data.type = SMP_T_BOOL;
Olivier Houchard25ae45a2017-11-29 19:51:19 +0100[diff] [blame]6498 smp->data.u.sint = ((conn->flags & CO_FL_EARLY_DATA) &&
6499 (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_HANDSHAKE))) ? 1 : 0;
Olivier Houchardccaa7de2017-10-02 11:51:03 +0200[diff] [blame]6500
6501 return 1;
6502}
6503
Emeric Brune64aef12012-09-21 13:15:06 +0200[diff] [blame]6504/* boolean, returns true if client cert was present */
6505static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]6506smp_fetch_ssl_fc_has_crt(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brune64aef12012-09-21 13:15:06 +0200[diff] [blame]6507{
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6508 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]6509 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6510
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]6511 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6512 if (!conn || conn->xprt != &ssl_sock)
Emeric Brune64aef12012-09-21 13:15:06 +0200[diff] [blame]6513 return 0;
6514
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]6515 ctx = conn->xprt_ctx;
6516
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6517 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brune64aef12012-09-21 13:15:06 +0200[diff] [blame]6518 smp->flags |= SMP_F_MAY_CHANGE;
6519 return 0;
6520 }
6521
6522 smp->flags = 0;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]6523 smp->data.type = SMP_T_BOOL;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]6524 smp->data.u.sint = SSL_SOCK_ST_FL_VERIFY_DONE & ctx->xprt_st ? 1 : 0;
Emeric Brune64aef12012-09-21 13:15:06 +0200[diff] [blame]6525
6526 return 1;
6527}
6528
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]6529/* binary, returns a certificate in a binary chunk (der/raw).
6530 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
6531 * should be use.
6532 */
6533static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]6534smp_fetch_ssl_x_der(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]6535{
6536 int cert_peer = (kw[4] == 'c') ? 1 : 0;
6537 X509 *crt = NULL;
6538 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6539 struct buffer *smp_trash;
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]6540 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6541 struct ssl_sock_ctx *ctx;
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]6542
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]6543 conn = objt_conn(smp->sess->origin);
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]6544 if (!conn || conn->xprt != &ssl_sock)
6545 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6546 ctx = conn->xprt_ctx;
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]6547
6548 if (!(conn->flags & CO_FL_CONNECTED)) {
6549 smp->flags |= SMP_F_MAY_CHANGE;
6550 return 0;
6551 }
6552
6553 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6554 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]6555 else
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6556 crt = SSL_get_certificate(ctx->ssl);
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]6557
6558 if (!crt)
6559 goto out;
6560
6561 smp_trash = get_trash_chunk();
6562 if (ssl_sock_crt2der(crt, smp_trash) <= 0)
6563 goto out;
6564
Thierry FOURNIER136f9d32015-08-19 09:07:19 +0200[diff] [blame]6565 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]6566 smp->data.type = SMP_T_BIN;
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]6567 ret = 1;
6568out:
6569 /* SSL_get_peer_certificate, it increase X509 * ref count */
6570 if (cert_peer && crt)
6571 X509_free(crt);
6572 return ret;
6573}
6574
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6575/* binary, returns serial of certificate in a binary chunk.
6576 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
6577 * should be use.
6578 */
Willy Tarreau8d598402012-10-22 17:58:39 +0200[diff] [blame]6579static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]6580smp_fetch_ssl_x_serial(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau8d598402012-10-22 17:58:39 +0200[diff] [blame]6581{
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6582 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Willy Tarreau8d598402012-10-22 17:58:39 +0200[diff] [blame]6583 X509 *crt = NULL;
6584 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6585 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6586 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6587 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6588
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]6589 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6590 if (!conn || conn->xprt != &ssl_sock)
Willy Tarreau8d598402012-10-22 17:58:39 +0200[diff] [blame]6591 return 0;
6592
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6593 ctx = conn->xprt_ctx;
6594
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6595 if (!(conn->flags & CO_FL_CONNECTED)) {
Willy Tarreau8d598402012-10-22 17:58:39 +0200[diff] [blame]6596 smp->flags |= SMP_F_MAY_CHANGE;
6597 return 0;
6598 }
6599
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6600 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6601 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6602 else
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6603 crt = SSL_get_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6604
Willy Tarreau8d598402012-10-22 17:58:39 +0200[diff] [blame]6605 if (!crt)
6606 goto out;
6607
Willy Tarreau47ca5452012-12-23 20:22:19 +0100[diff] [blame]6608 smp_trash = get_trash_chunk();
Willy Tarreau8d598402012-10-22 17:58:39 +0200[diff] [blame]6609 if (ssl_sock_get_serial(crt, smp_trash) <= 0)
6610 goto out;
6611
Thierry FOURNIER136f9d32015-08-19 09:07:19 +0200[diff] [blame]6612 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]6613 smp->data.type = SMP_T_BIN;
Willy Tarreau8d598402012-10-22 17:58:39 +0200[diff] [blame]6614 ret = 1;
6615out:
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6616 /* SSL_get_peer_certificate, it increase X509 * ref count */
6617 if (cert_peer && crt)
Willy Tarreau8d598402012-10-22 17:58:39 +0200[diff] [blame]6618 X509_free(crt);
6619 return ret;
6620}
Emeric Brune64aef12012-09-21 13:15:06 +0200[diff] [blame]6621
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6622/* binary, returns the client certificate's SHA-1 fingerprint (SHA-1 hash of DER-encoded certificate) in a binary chunk.
6623 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
6624 * should be use.
6625 */
James Votha051b4a2013-05-14 20:37:59 +0200[diff] [blame]6626static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]6627smp_fetch_ssl_x_sha1(const struct arg *args, struct sample *smp, const char *kw, void *private)
James Votha051b4a2013-05-14 20:37:59 +0200[diff] [blame]6628{
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6629 int cert_peer = (kw[4] == 'c') ? 1 : 0;
James Votha051b4a2013-05-14 20:37:59 +0200[diff] [blame]6630 X509 *crt = NULL;
6631 const EVP_MD *digest;
6632 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6633 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6634 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6635 struct ssl_sock_ctx *ctx;
James Votha051b4a2013-05-14 20:37:59 +0200[diff] [blame]6636
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]6637 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6638 if (!conn || conn->xprt != &ssl_sock)
6639 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6640 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6641
6642 if (!(conn->flags & CO_FL_CONNECTED)) {
James Votha051b4a2013-05-14 20:37:59 +0200[diff] [blame]6643 smp->flags |= SMP_F_MAY_CHANGE;
6644 return 0;
6645 }
6646
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6647 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6648 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6649 else
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6650 crt = SSL_get_certificate(ctx->ssl);
James Votha051b4a2013-05-14 20:37:59 +0200[diff] [blame]6651 if (!crt)
6652 goto out;
6653
6654 smp_trash = get_trash_chunk();
6655 digest = EVP_sha1();
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]6656 X509_digest(crt, digest, (unsigned char *) smp_trash->area,
6657 (unsigned int *)&smp_trash->data);
James Votha051b4a2013-05-14 20:37:59 +0200[diff] [blame]6658
Thierry FOURNIER136f9d32015-08-19 09:07:19 +0200[diff] [blame]6659 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]6660 smp->data.type = SMP_T_BIN;
James Votha051b4a2013-05-14 20:37:59 +0200[diff] [blame]6661 ret = 1;
6662out:
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6663 /* SSL_get_peer_certificate, it increase X509 * ref count */
6664 if (cert_peer && crt)
James Votha051b4a2013-05-14 20:37:59 +0200[diff] [blame]6665 X509_free(crt);
6666 return ret;
6667}
6668
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6669/* string, returns certificate's notafter date in ASN1_UTCTIME format.
6670 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
6671 * should be use.
6672 */
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6673static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]6674smp_fetch_ssl_x_notafter(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6675{
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6676 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6677 X509 *crt = NULL;
6678 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6679 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6680 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6681 struct ssl_sock_ctx *ctx;
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6682
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]6683 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6684 if (!conn || conn->xprt != &ssl_sock)
6685 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6686 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6687
6688 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6689 smp->flags |= SMP_F_MAY_CHANGE;
6690 return 0;
6691 }
6692
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6693 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6694 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6695 else
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6696 crt = SSL_get_certificate(ctx->ssl);
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6697 if (!crt)
6698 goto out;
6699
Willy Tarreau47ca5452012-12-23 20:22:19 +0100[diff] [blame]6700 smp_trash = get_trash_chunk();
Rosen Penev68185952018-12-14 08:47:02 -0800[diff] [blame]6701 if (ssl_sock_get_time(X509_getm_notAfter(crt), smp_trash) <= 0)
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6702 goto out;
6703
Thierry FOURNIER136f9d32015-08-19 09:07:19 +0200[diff] [blame]6704 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]6705 smp->data.type = SMP_T_STR;
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6706 ret = 1;
6707out:
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6708 /* SSL_get_peer_certificate, it increase X509 * ref count */
6709 if (cert_peer && crt)
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6710 X509_free(crt);
6711 return ret;
6712}
6713
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6714/* string, returns a string of a formatted full dn \C=..\O=..\OU=.. \CN=.. of certificate's issuer
6715 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
6716 * should be use.
6717 */
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6718static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]6719smp_fetch_ssl_x_i_dn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6720{
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6721 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6722 X509 *crt = NULL;
6723 X509_NAME *name;
6724 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6725 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6726 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6727 struct ssl_sock_ctx *ctx;
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6728
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]6729 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6730 if (!conn || conn->xprt != &ssl_sock)
6731 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6732 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6733
6734 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6735 smp->flags |= SMP_F_MAY_CHANGE;
6736 return 0;
6737 }
6738
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6739 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6740 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6741 else
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6742 crt = SSL_get_certificate(ctx->ssl);
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6743 if (!crt)
6744 goto out;
6745
6746 name = X509_get_issuer_name(crt);
6747 if (!name)
6748 goto out;
6749
Willy Tarreau47ca5452012-12-23 20:22:19 +0100[diff] [blame]6750 smp_trash = get_trash_chunk();
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6751 if (args && args[0].type == ARGT_STR) {
6752 int pos = 1;
6753
6754 if (args[1].type == ARGT_SINT)
6755 pos = args[1].data.sint;
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6756
6757 if (ssl_sock_get_dn_entry(name, &args[0].data.str, pos, smp_trash) <= 0)
6758 goto out;
6759 }
6760 else if (ssl_sock_get_dn_oneline(name, smp_trash) <= 0)
6761 goto out;
6762
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]6763 smp->data.type = SMP_T_STR;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +0200[diff] [blame]6764 smp->data.u.str = *smp_trash;
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6765 ret = 1;
6766out:
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6767 /* SSL_get_peer_certificate, it increase X509 * ref count */
6768 if (cert_peer && crt)
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6769 X509_free(crt);
6770 return ret;
6771}
6772
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6773/* string, returns notbefore date in ASN1_UTCTIME format.
6774 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
6775 * should be use.
6776 */
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6777static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]6778smp_fetch_ssl_x_notbefore(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6779{
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6780 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6781 X509 *crt = NULL;
6782 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6783 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6784 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6785 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6786
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]6787 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6788 if (!conn || conn->xprt != &ssl_sock)
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6789 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6790 ctx = conn->xprt_ctx;
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6791
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6792 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6793 smp->flags |= SMP_F_MAY_CHANGE;
6794 return 0;
6795 }
6796
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6797 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6798 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6799 else
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6800 crt = SSL_get_certificate(ctx->ssl);
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6801 if (!crt)
6802 goto out;
6803
Willy Tarreau47ca5452012-12-23 20:22:19 +0100[diff] [blame]6804 smp_trash = get_trash_chunk();
Rosen Penev68185952018-12-14 08:47:02 -0800[diff] [blame]6805 if (ssl_sock_get_time(X509_getm_notBefore(crt), smp_trash) <= 0)
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6806 goto out;
6807
Thierry FOURNIER136f9d32015-08-19 09:07:19 +0200[diff] [blame]6808 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]6809 smp->data.type = SMP_T_STR;
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6810 ret = 1;
6811out:
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6812 /* SSL_get_peer_certificate, it increase X509 * ref count */
6813 if (cert_peer && crt)
Emeric Brunce5ad802012-10-22 14:11:22 +0200[diff] [blame]6814 X509_free(crt);
6815 return ret;
6816}
6817
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6818/* string, returns a string of a formatted full dn \C=..\O=..\OU=.. \CN=.. of certificate's subject
6819 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
6820 * should be use.
6821 */
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6822static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]6823smp_fetch_ssl_x_s_dn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6824{
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6825 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6826 X509 *crt = NULL;
6827 X509_NAME *name;
6828 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]6829 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6830 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6831 struct ssl_sock_ctx *ctx;
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6832
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]6833 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6834 if (!conn || conn->xprt != &ssl_sock)
6835 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6836 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6837
6838 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6839 smp->flags |= SMP_F_MAY_CHANGE;
6840 return 0;
6841 }
6842
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6843 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6844 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6845 else
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6846 crt = SSL_get_certificate(ctx->ssl);
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6847 if (!crt)
6848 goto out;
6849
6850 name = X509_get_subject_name(crt);
6851 if (!name)
6852 goto out;
6853
Willy Tarreau47ca5452012-12-23 20:22:19 +0100[diff] [blame]6854 smp_trash = get_trash_chunk();
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6855 if (args && args[0].type == ARGT_STR) {
6856 int pos = 1;
6857
6858 if (args[1].type == ARGT_SINT)
6859 pos = args[1].data.sint;
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6860
6861 if (ssl_sock_get_dn_entry(name, &args[0].data.str, pos, smp_trash) <= 0)
6862 goto out;
6863 }
6864 else if (ssl_sock_get_dn_oneline(name, smp_trash) <= 0)
6865 goto out;
6866
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]6867 smp->data.type = SMP_T_STR;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +0200[diff] [blame]6868 smp->data.u.str = *smp_trash;
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6869 ret = 1;
6870out:
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6871 /* SSL_get_peer_certificate, it increase X509 * ref count */
6872 if (cert_peer && crt)
Emeric Brun87855892012-10-17 17:39:35 +0200[diff] [blame]6873 X509_free(crt);
6874 return ret;
6875}
Emeric Brun9143d372012-12-20 15:44:16 +0100[diff] [blame]6876
6877/* integer, returns true if current session use a client certificate */
6878static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]6879smp_fetch_ssl_c_used(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun9143d372012-12-20 15:44:16 +0100[diff] [blame]6880{
6881 X509 *crt;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6882 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6883 struct ssl_sock_ctx *ctx;
Emeric Brun9143d372012-12-20 15:44:16 +0100[diff] [blame]6884
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]6885 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6886 if (!conn || conn->xprt != &ssl_sock)
6887 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6888 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6889
6890 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brun9143d372012-12-20 15:44:16 +0100[diff] [blame]6891 smp->flags |= SMP_F_MAY_CHANGE;
6892 return 0;
6893 }
6894
6895 /* SSL_get_peer_certificate returns a ptr on allocated X509 struct */
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6896 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brun9143d372012-12-20 15:44:16 +0100[diff] [blame]6897 if (crt) {
6898 X509_free(crt);
6899 }
6900
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]6901 smp->data.type = SMP_T_BOOL;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +0200[diff] [blame]6902 smp->data.u.sint = (crt != NULL);
Emeric Brun9143d372012-12-20 15:44:16 +0100[diff] [blame]6903 return 1;
6904}
6905
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6906/* integer, returns the certificate version
6907 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
6908 * should be use.
6909 */
Emeric Bruna7359fd2012-10-17 15:03:11 +0200[diff] [blame]6910static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]6911smp_fetch_ssl_x_version(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Bruna7359fd2012-10-17 15:03:11 +0200[diff] [blame]6912{
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6913 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Bruna7359fd2012-10-17 15:03:11 +0200[diff] [blame]6914 X509 *crt;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6915 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6916 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6917
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]6918 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6919 if (!conn || conn->xprt != &ssl_sock)
Emeric Bruna7359fd2012-10-17 15:03:11 +0200[diff] [blame]6920 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6921 ctx = conn->xprt_ctx;
Emeric Bruna7359fd2012-10-17 15:03:11 +0200[diff] [blame]6922
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6923 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Bruna7359fd2012-10-17 15:03:11 +0200[diff] [blame]6924 smp->flags |= SMP_F_MAY_CHANGE;
6925 return 0;
6926 }
6927
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6928 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6929 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6930 else
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6931 crt = SSL_get_certificate(ctx->ssl);
Emeric Bruna7359fd2012-10-17 15:03:11 +0200[diff] [blame]6932 if (!crt)
6933 return 0;
6934
Thierry FOURNIER136f9d32015-08-19 09:07:19 +0200[diff] [blame]6935 smp->data.u.sint = (unsigned int)(1 + X509_get_version(crt));
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6936 /* SSL_get_peer_certificate increase X509 * ref count */
6937 if (cert_peer)
6938 X509_free(crt);
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]6939 smp->data.type = SMP_T_SINT;
Emeric Bruna7359fd2012-10-17 15:03:11 +0200[diff] [blame]6940
6941 return 1;
6942}
6943
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6944/* string, returns the certificate's signature algorithm.
6945 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
6946 * should be use.
6947 */
Emeric Brun7f56e742012-10-19 18:15:40 +0200[diff] [blame]6948static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]6949smp_fetch_ssl_x_sig_alg(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun7f56e742012-10-19 18:15:40 +0200[diff] [blame]6950{
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6951 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun7f56e742012-10-19 18:15:40 +0200[diff] [blame]6952 X509 *crt;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]6953 __OPENSSL_110_CONST__ ASN1_OBJECT *algorithm;
Emeric Brun7f56e742012-10-19 18:15:40 +0200[diff] [blame]6954 int nid;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6955 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6956 struct ssl_sock_ctx *ctx;
Emeric Brun7f56e742012-10-19 18:15:40 +0200[diff] [blame]6957
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]6958 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6959 if (!conn || conn->xprt != &ssl_sock)
6960 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6961 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]6962
6963 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brun7f56e742012-10-19 18:15:40 +0200[diff] [blame]6964 smp->flags |= SMP_F_MAY_CHANGE;
6965 return 0;
6966 }
6967
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6968 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6969 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6970 else
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]6971 crt = SSL_get_certificate(ctx->ssl);
Emeric Brun7f56e742012-10-19 18:15:40 +0200[diff] [blame]6972 if (!crt)
6973 return 0;
6974
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]6975 X509_ALGOR_get0(&algorithm, NULL, NULL, X509_get0_tbs_sigalg(crt));
6976 nid = OBJ_obj2nid(algorithm);
Emeric Brun7f56e742012-10-19 18:15:40 +0200[diff] [blame]6977
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]6978 smp->data.u.str.area = (char *)OBJ_nid2sn(nid);
6979 if (!smp->data.u.str.area) {
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6980 /* SSL_get_peer_certificate increase X509 * ref count */
6981 if (cert_peer)
6982 X509_free(crt);
Emeric Brun7f56e742012-10-19 18:15:40 +0200[diff] [blame]6983 return 0;
Emeric Brun9bf3ba22013-10-07 14:31:44 +0200[diff] [blame]6984 }
Emeric Brun7f56e742012-10-19 18:15:40 +0200[diff] [blame]6985
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]6986 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]6987 smp->flags |= SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]6988 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6989 /* SSL_get_peer_certificate increase X509 * ref count */
6990 if (cert_peer)
6991 X509_free(crt);
Emeric Brun7f56e742012-10-19 18:15:40 +0200[diff] [blame]6992
6993 return 1;
6994}
6995
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]6996/* string, returns the certificate's key algorithm.
6997 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
6998 * should be use.
6999 */
Emeric Brun521a0112012-10-22 12:22:55 +0200[diff] [blame]7000static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7001smp_fetch_ssl_x_key_alg(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun521a0112012-10-22 12:22:55 +0200[diff] [blame]7002{
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]7003 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun521a0112012-10-22 12:22:55 +0200[diff] [blame]7004 X509 *crt;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]7005 ASN1_OBJECT *algorithm;
Emeric Brun521a0112012-10-22 12:22:55 +0200[diff] [blame]7006 int nid;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7007 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7008 struct ssl_sock_ctx *ctx;
Emeric Brun521a0112012-10-22 12:22:55 +0200[diff] [blame]7009
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]7010 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7011 if (!conn || conn->xprt != &ssl_sock)
7012 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7013 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7014
7015 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brun521a0112012-10-22 12:22:55 +0200[diff] [blame]7016 smp->flags |= SMP_F_MAY_CHANGE;
7017 return 0;
7018 }
7019
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]7020 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7021 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]7022 else
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7023 crt = SSL_get_certificate(ctx->ssl);
Emeric Brun521a0112012-10-22 12:22:55 +0200[diff] [blame]7024 if (!crt)
7025 return 0;
7026
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200[diff] [blame]7027 X509_PUBKEY_get0_param(&algorithm, NULL, NULL, NULL, X509_get_X509_PUBKEY(crt));
7028 nid = OBJ_obj2nid(algorithm);
Emeric Brun521a0112012-10-22 12:22:55 +0200[diff] [blame]7029
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7030 smp->data.u.str.area = (char *)OBJ_nid2sn(nid);
7031 if (!smp->data.u.str.area) {
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]7032 /* SSL_get_peer_certificate increase X509 * ref count */
7033 if (cert_peer)
7034 X509_free(crt);
Emeric Brun521a0112012-10-22 12:22:55 +0200[diff] [blame]7035 return 0;
Emeric Brun9bf3ba22013-10-07 14:31:44 +0200[diff] [blame]7036 }
Emeric Brun521a0112012-10-22 12:22:55 +0200[diff] [blame]7037
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7038 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]7039 smp->flags |= SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7040 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]7041 if (cert_peer)
7042 X509_free(crt);
Emeric Brun521a0112012-10-22 12:22:55 +0200[diff] [blame]7043
7044 return 1;
7045}
7046
Emeric Brun645ae792014-04-30 14:21:06 +0200[diff] [blame]7047/* boolean, returns true if front conn. transport layer is SSL.
7048 * This function is also usable on backend conn if the fetch keyword 5th
7049 * char is 'b'.
7050 */
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]7051static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7052smp_fetch_ssl_fc(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]7053{
Emeric Bruneb8def92018-02-19 15:59:48 +0100[diff] [blame]7054 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
7055 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7056
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7057 smp->data.type = SMP_T_BOOL;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +0200[diff] [blame]7058 smp->data.u.sint = (conn && conn->xprt == &ssl_sock);
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]7059 return 1;
7060}
7061
Emeric Brun2525b6b2012-10-18 15:59:43 +0200[diff] [blame]7062/* boolean, returns true if client present a SNI */
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]7063static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7064smp_fetch_ssl_fc_has_sni(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]7065{
7066#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]7067 struct connection *conn = objt_conn(smp->sess->origin);
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7068 struct ssl_sock_ctx *ctx = conn ? conn->xprt_ctx : NULL;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7069
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7070 smp->data.type = SMP_T_BOOL;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +0200[diff] [blame]7071 smp->data.u.sint = (conn && conn->xprt == &ssl_sock) &&
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7072 conn->xprt_ctx &&
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7073 SSL_get_servername(ctx->ssl, TLSEXT_NAMETYPE_host_name) != NULL;
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]7074 return 1;
7075#else
7076 return 0;
7077#endif
7078}
7079
Emeric Brun74f7ffa2018-02-19 16:14:12 +0100[diff] [blame]7080/* boolean, returns true if client session has been resumed.
7081 * This function is also usable on backend conn if the fetch keyword 5th
7082 * char is 'b'.
7083 */
Nenad Merdanovic26ea8222015-05-18 02:28:57 +0200[diff] [blame]7084static int
7085smp_fetch_ssl_fc_is_resumed(const struct arg *args, struct sample *smp, const char *kw, void *private)
7086{
Emeric Brun74f7ffa2018-02-19 16:14:12 +0100[diff] [blame]7087 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
7088 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7089 struct ssl_sock_ctx *ctx = conn ? conn->xprt_ctx : NULL;
Emeric Brun74f7ffa2018-02-19 16:14:12 +0100[diff] [blame]7090
Nenad Merdanovic26ea8222015-05-18 02:28:57 +0200[diff] [blame]7091
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7092 smp->data.type = SMP_T_BOOL;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +0200[diff] [blame]7093 smp->data.u.sint = (conn && conn->xprt == &ssl_sock) &&
Nenad Merdanovic26ea8222015-05-18 02:28:57 +0200[diff] [blame]7094 conn->xprt_ctx &&
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7095 SSL_session_reused(ctx->ssl);
Nenad Merdanovic26ea8222015-05-18 02:28:57 +0200[diff] [blame]7096 return 1;
7097}
7098
Emeric Brun645ae792014-04-30 14:21:06 +0200[diff] [blame]7099/* string, returns the used cipher if front conn. transport layer is SSL.
7100 * This function is also usable on backend conn if the fetch keyword 5th
7101 * char is 'b'.
7102 */
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7103static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7104smp_fetch_ssl_fc_cipher(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7105{
Emeric Bruneb8def92018-02-19 15:59:48 +0100[diff] [blame]7106 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
7107 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7108 struct ssl_sock_ctx *ctx;
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7109
Willy Tarreaube508f12016-03-10 11:47:01 +0100[diff] [blame]7110 smp->flags = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7111 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7112 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7113 ctx = conn->xprt_ctx;
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7114
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7115 smp->data.u.str.area = (char *)SSL_get_cipher_name(ctx->ssl);
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7116 if (!smp->data.u.str.area)
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7117 return 0;
7118
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7119 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]7120 smp->flags |= SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7121 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7122
7123 return 1;
7124}
7125
Emeric Brun645ae792014-04-30 14:21:06 +0200[diff] [blame]7126/* integer, returns the algoritm's keysize if front conn. transport layer
7127 * is SSL.
7128 * This function is also usable on backend conn if the fetch keyword 5th
7129 * char is 'b'.
7130 */
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7131static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7132smp_fetch_ssl_fc_alg_keysize(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7133{
Emeric Bruneb8def92018-02-19 15:59:48 +0100[diff] [blame]7134 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
7135 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7136 struct ssl_sock_ctx *ctx;
Willy Tarreaue237fe12016-03-10 17:05:28 +0100[diff] [blame]7137 int sint;
Willy Tarreaube508f12016-03-10 11:47:01 +0100[diff] [blame]7138
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7139 smp->flags = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7140 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7141 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7142 ctx = conn->xprt_ctx;
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7143
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7144 if (!SSL_get_cipher_bits(ctx->ssl, &sint))
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7145 return 0;
7146
Thierry FOURNIER136f9d32015-08-19 09:07:19 +0200[diff] [blame]7147 smp->data.u.sint = sint;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7148 smp->data.type = SMP_T_SINT;
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7149
7150 return 1;
7151}
7152
Emeric Brun645ae792014-04-30 14:21:06 +0200[diff] [blame]7153/* integer, returns the used keysize if front conn. transport layer is SSL.
7154 * This function is also usable on backend conn if the fetch keyword 5th
7155 * char is 'b'.
7156 */
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7157static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7158smp_fetch_ssl_fc_use_keysize(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7159{
Emeric Bruneb8def92018-02-19 15:59:48 +0100[diff] [blame]7160 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
7161 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7162 struct ssl_sock_ctx *ctx;
Willy Tarreaube508f12016-03-10 11:47:01 +0100[diff] [blame]7163
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7164 smp->flags = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7165 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
7166 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7167 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7168
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7169 smp->data.u.sint = (unsigned int)SSL_get_cipher_bits(ctx->ssl, NULL);
Thierry FOURNIER136f9d32015-08-19 09:07:19 +0200[diff] [blame]7170 if (!smp->data.u.sint)
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7171 return 0;
7172
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7173 smp->data.type = SMP_T_SINT;
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7174
7175 return 1;
7176}
7177
Bernard Spil13c53f82018-02-15 13:34:58 +0100[diff] [blame]7178#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]7179static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7180smp_fetch_ssl_fc_npn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreaua33c6542012-10-15 13:19:06 +0200[diff] [blame]7181{
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7182 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7183 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7184
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]7185 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7186 smp->data.type = SMP_T_STR;
Willy Tarreaua33c6542012-10-15 13:19:06 +0200[diff] [blame]7187
Olivier Houchard6b77f492018-11-22 18:18:29 +0100[diff] [blame]7188 conn = (kw[4] != 'b' ) ? objt_conn(smp->sess->origin) :
7189 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7190 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
7191 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7192 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7193
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7194 smp->data.u.str.area = NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7195 SSL_get0_next_proto_negotiated(ctx->ssl,
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7196 (const unsigned char **)&smp->data.u.str.area,
7197 (unsigned *)&smp->data.u.str.data);
Willy Tarreaua33c6542012-10-15 13:19:06 +0200[diff] [blame]7198
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7199 if (!smp->data.u.str.area)
Willy Tarreaua33c6542012-10-15 13:19:06 +0200[diff] [blame]7200 return 0;
7201
7202 return 1;
Willy Tarreaua33c6542012-10-15 13:19:06 +0200[diff] [blame]7203}
Willy Tarreau6c9a3d52012-10-18 18:57:14 +0200[diff] [blame]7204#endif
Willy Tarreaua33c6542012-10-15 13:19:06 +0200[diff] [blame]7205
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +0100[diff] [blame]7206#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]7207static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7208smp_fetch_ssl_fc_alpn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]7209{
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7210 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7211 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7212
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]7213 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7214 smp->data.type = SMP_T_STR;
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]7215
Olivier Houchard6b77f492018-11-22 18:18:29 +0100[diff] [blame]7216 conn = (kw[4] != 'b' ) ? objt_conn(smp->sess->origin) :
7217 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
7218
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7219 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]7220 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7221 ctx = conn->xprt_ctx;
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]7222
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7223 smp->data.u.str.area = NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7224 SSL_get0_alpn_selected(ctx->ssl,
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7225 (const unsigned char **)&smp->data.u.str.area,
7226 (unsigned *)&smp->data.u.str.data);
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]7227
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7228 if (!smp->data.u.str.area)
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]7229 return 0;
7230
7231 return 1;
7232}
7233#endif
7234
Emeric Brun645ae792014-04-30 14:21:06 +0200[diff] [blame]7235/* string, returns the used protocol if front conn. transport layer is SSL.
7236 * This function is also usable on backend conn if the fetch keyword 5th
7237 * char is 'b'.
7238 */
Willy Tarreaua33c6542012-10-15 13:19:06 +0200[diff] [blame]7239static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7240smp_fetch_ssl_fc_protocol(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7241{
Emeric Bruneb8def92018-02-19 15:59:48 +0100[diff] [blame]7242 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
7243 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7244 struct ssl_sock_ctx *ctx;
Willy Tarreaube508f12016-03-10 11:47:01 +0100[diff] [blame]7245
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7246 smp->flags = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7247 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
7248 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7249 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7250
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7251 smp->data.u.str.area = (char *)SSL_get_version(ctx->ssl);
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7252 if (!smp->data.u.str.area)
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7253 return 0;
7254
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7255 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]7256 smp->flags = SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7257 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7258
7259 return 1;
7260}
7261
Willy Tarreau87b09662015-04-03 00:22:06 +0200[diff] [blame]7262/* binary, returns the SSL stream id if front conn. transport layer is SSL.
Emeric Brun645ae792014-04-30 14:21:06 +0200[diff] [blame]7263 * This function is also usable on backend conn if the fetch keyword 5th
7264 * char is 'b'.
7265 */
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]7266#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Emeric Brun589fcad2012-10-16 14:13:26 +0200[diff] [blame]7267static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7268smp_fetch_ssl_fc_session_id(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunfe68f682012-10-16 14:59:28 +0200[diff] [blame]7269{
Emeric Bruneb8def92018-02-19 15:59:48 +0100[diff] [blame]7270 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
7271 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Willy Tarreaue237fe12016-03-10 17:05:28 +0100[diff] [blame]7272 SSL_SESSION *ssl_sess;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7273 struct ssl_sock_ctx *ctx;
Willy Tarreaube508f12016-03-10 11:47:01 +0100[diff] [blame]7274
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]7275 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7276 smp->data.type = SMP_T_BIN;
Emeric Brunfe68f682012-10-16 14:59:28 +0200[diff] [blame]7277
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7278 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
7279 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7280 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7281
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7282 ssl_sess = SSL_get_session(ctx->ssl);
Willy Tarreau192252e2015-04-04 01:47:55 +0200[diff] [blame]7283 if (!ssl_sess)
Emeric Brunfe68f682012-10-16 14:59:28 +0200[diff] [blame]7284 return 0;
7285
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7286 smp->data.u.str.area = (char *)SSL_SESSION_get_id(ssl_sess,
7287 (unsigned int *)&smp->data.u.str.data);
7288 if (!smp->data.u.str.area || !smp->data.u.str.data)
Emeric Brunfe68f682012-10-16 14:59:28 +0200[diff] [blame]7289 return 0;
7290
7291 return 1;
Emeric Brunfe68f682012-10-16 14:59:28 +0200[diff] [blame]7292}
Patrick Hemmer41966772018-04-28 19:15:48 -0400[diff] [blame]7293#endif
7294
Emeric Brunfe68f682012-10-16 14:59:28 +0200[diff] [blame]7295
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]7296#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L || defined(OPENSSL_IS_BORINGSSL)
Patrick Hemmere0275472018-04-28 19:15:51 -0400[diff] [blame]7297static int
7298smp_fetch_ssl_fc_session_key(const struct arg *args, struct sample *smp, const char *kw, void *private)
7299{
7300 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
7301 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
7302 SSL_SESSION *ssl_sess;
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]7303 struct buffer *data;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7304 struct ssl_sock_ctx *ctx;
Patrick Hemmere0275472018-04-28 19:15:51 -0400[diff] [blame]7305
7306 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
7307 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7308 ctx = conn->xprt_ctx;
Patrick Hemmere0275472018-04-28 19:15:51 -0400[diff] [blame]7309
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7310 ssl_sess = SSL_get_session(ctx->ssl);
Patrick Hemmere0275472018-04-28 19:15:51 -0400[diff] [blame]7311 if (!ssl_sess)
7312 return 0;
7313
7314 data = get_trash_chunk();
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7315 data->data = SSL_SESSION_get_master_key(ssl_sess,
7316 (unsigned char *) data->area,
7317 data->size);
7318 if (!data->data)
Patrick Hemmere0275472018-04-28 19:15:51 -0400[diff] [blame]7319 return 0;
7320
7321 smp->flags = 0;
7322 smp->data.type = SMP_T_BIN;
7323 smp->data.u.str = *data;
7324
7325 return 1;
7326}
7327#endif
7328
Patrick Hemmer41966772018-04-28 19:15:48 -0400[diff] [blame]7329#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Emeric Brunfe68f682012-10-16 14:59:28 +0200[diff] [blame]7330static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7331smp_fetch_ssl_fc_sni(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]7332{
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7333 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7334 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7335
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]7336 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7337 smp->data.type = SMP_T_STR;
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]7338
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]7339 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7340 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
7341 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7342 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7343
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7344 smp->data.u.str.area = (char *)SSL_get_servername(ctx->ssl, TLSEXT_NAMETYPE_host_name);
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7345 if (!smp->data.u.str.area)
Willy Tarreau3e394c92012-09-14 23:56:58 +0200[diff] [blame]7346 return 0;
7347
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7348 smp->data.u.str.data = strlen(smp->data.u.str.area);
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]7349 return 1;
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]7350}
Patrick Hemmer41966772018-04-28 19:15:48 -0400[diff] [blame]7351#endif
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]7352
David Sc1ad52e2014-04-08 18:48:47 -0400[diff] [blame]7353static int
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7354smp_fetch_ssl_fc_cl_bin(const struct arg *args, struct sample *smp, const char *kw, void *private)
7355{
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7356 struct connection *conn;
7357 struct ssl_capture *capture;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7358 struct ssl_sock_ctx *ctx;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7359
7360 conn = objt_conn(smp->sess->origin);
7361 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
7362 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7363 ctx = conn->xprt_ctx;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7364
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7365 capture = SSL_get_ex_data(ctx->ssl, ssl_capture_ptr_index);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7366 if (!capture)
7367 return 0;
7368
7369 smp->flags = SMP_F_CONST;
7370 smp->data.type = SMP_T_BIN;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7371 smp->data.u.str.area = capture->ciphersuite;
7372 smp->data.u.str.data = capture->ciphersuite_len;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7373 return 1;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7374}
7375
7376static int
7377smp_fetch_ssl_fc_cl_hex(const struct arg *args, struct sample *smp, const char *kw, void *private)
7378{
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]7379 struct buffer *data;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7380
7381 if (!smp_fetch_ssl_fc_cl_bin(args, smp, kw, private))
7382 return 0;
7383
7384 data = get_trash_chunk();
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7385 dump_binary(data, smp->data.u.str.area, smp->data.u.str.data);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7386 smp->data.type = SMP_T_BIN;
7387 smp->data.u.str = *data;
7388 return 1;
7389}
7390
7391static int
7392smp_fetch_ssl_fc_cl_xxh64(const struct arg *args, struct sample *smp, const char *kw, void *private)
7393{
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7394 struct connection *conn;
7395 struct ssl_capture *capture;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7396 struct ssl_sock_ctx *ctx;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7397
7398 conn = objt_conn(smp->sess->origin);
7399 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
7400 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7401 ctx = conn->xprt_ctx;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7402
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7403 capture = SSL_get_ex_data(ctx->ssl, ssl_capture_ptr_index);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7404 if (!capture)
7405 return 0;
7406
7407 smp->data.type = SMP_T_SINT;
7408 smp->data.u.sint = capture->xxh64;
7409 return 1;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7410}
7411
7412static int
7413smp_fetch_ssl_fc_cl_str(const struct arg *args, struct sample *smp, const char *kw, void *private)
7414{
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]7415#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL)
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]7416 struct buffer *data;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7417 int i;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7418
7419 if (!smp_fetch_ssl_fc_cl_bin(args, smp, kw, private))
7420 return 0;
7421
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7422 data = get_trash_chunk();
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7423 for (i = 0; i + 1 < smp->data.u.str.data; i += 2) {
Emmanuel Hocdetddcde192017-09-01 17:32:08 +0200[diff] [blame]7424 const char *str;
7425 const SSL_CIPHER *cipher;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7426 const unsigned char *bin = (const unsigned char *) smp->data.u.str.area + i;
Emmanuel Hocdetddcde192017-09-01 17:32:08 +0200[diff] [blame]7427 uint16_t id = (bin[0] << 8) | bin[1];
7428#if defined(OPENSSL_IS_BORINGSSL)
7429 cipher = SSL_get_cipher_by_value(id);
7430#else
Willy Tarreaub7290772018-10-15 11:01:59 +0200[diff] [blame]7431 struct connection *conn = __objt_conn(smp->sess->origin);
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7432 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
7433 cipher = SSL_CIPHER_find(ctx->ssl, bin);
Emmanuel Hocdetddcde192017-09-01 17:32:08 +0200[diff] [blame]7434#endif
7435 str = SSL_CIPHER_get_name(cipher);
7436 if (!str || strcmp(str, "(NONE)") == 0)
7437 chunk_appendf(data, "%sUNKNOWN(%04x)", i == 0 ? "" : ",", id);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7438 else
7439 chunk_appendf(data, "%s%s", i == 0 ? "" : ",", str);
7440 }
7441 smp->data.type = SMP_T_STR;
7442 smp->data.u.str = *data;
7443 return 1;
7444#else
7445 return smp_fetch_ssl_fc_cl_xxh64(args, smp, kw, private);
7446#endif
7447}
7448
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]7449#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]7450static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7451smp_fetch_ssl_fc_unique_id(const struct arg *args, struct sample *smp, const char *kw, void *private)
David Sc1ad52e2014-04-08 18:48:47 -0400[diff] [blame]7452{
Emeric Bruneb8def92018-02-19 15:59:48 +0100[diff] [blame]7453 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
7454 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
David Sc1ad52e2014-04-08 18:48:47 -0400[diff] [blame]7455 int finished_len;
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]7456 struct buffer *finished_trash;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7457 struct ssl_sock_ctx *ctx;
David Sc1ad52e2014-04-08 18:48:47 -0400[diff] [blame]7458
7459 smp->flags = 0;
David Sc1ad52e2014-04-08 18:48:47 -0400[diff] [blame]7460 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
7461 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7462 ctx = conn->xprt_ctx;
David Sc1ad52e2014-04-08 18:48:47 -0400[diff] [blame]7463
7464 if (!(conn->flags & CO_FL_CONNECTED)) {
7465 smp->flags |= SMP_F_MAY_CHANGE;
7466 return 0;
7467 }
7468
7469 finished_trash = get_trash_chunk();
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7470 if (!SSL_session_reused(ctx->ssl))
7471 finished_len = SSL_get_peer_finished(ctx->ssl,
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7472 finished_trash->area,
7473 finished_trash->size);
David Sc1ad52e2014-04-08 18:48:47 -0400[diff] [blame]7474 else
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7475 finished_len = SSL_get_finished(ctx->ssl,
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7476 finished_trash->area,
7477 finished_trash->size);
David Sc1ad52e2014-04-08 18:48:47 -0400[diff] [blame]7478
7479 if (!finished_len)
7480 return 0;
7481
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200[diff] [blame]7482 finished_trash->data = finished_len;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +0200[diff] [blame]7483 smp->data.u.str = *finished_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7484 smp->data.type = SMP_T_BIN;
David Sc1ad52e2014-04-08 18:48:47 -0400[diff] [blame]7485
7486 return 1;
David Sc1ad52e2014-04-08 18:48:47 -0400[diff] [blame]7487}
Patrick Hemmer41966772018-04-28 19:15:48 -0400[diff] [blame]7488#endif
David Sc1ad52e2014-04-08 18:48:47 -0400[diff] [blame]7489
Emeric Brun2525b6b2012-10-18 15:59:43 +0200[diff] [blame]7490/* integer, returns the first verify error in CA chain of client certificate chain. */
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]7491static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7492smp_fetch_ssl_c_ca_err(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]7493{
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7494 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]7495 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7496
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]7497 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7498 if (!conn || conn->xprt != &ssl_sock)
7499 return 0;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]7500 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7501
7502 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]7503 smp->flags = SMP_F_MAY_CHANGE;
7504 return 0;
7505 }
7506
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7507 smp->data.type = SMP_T_SINT;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]7508 smp->data.u.sint = (unsigned long long int)SSL_SOCK_ST_TO_CA_ERROR(ctx->xprt_st);
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]7509 smp->flags = 0;
7510
7511 return 1;
7512}
7513
Emeric Brun2525b6b2012-10-18 15:59:43 +0200[diff] [blame]7514/* integer, returns the depth of the first verify error in CA chain of client certificate chain. */
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]7515static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7516smp_fetch_ssl_c_ca_err_depth(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]7517{
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7518 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]7519 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7520
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]7521 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7522 if (!conn || conn->xprt != &ssl_sock)
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]7523 return 0;
7524
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7525 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]7526 smp->flags = SMP_F_MAY_CHANGE;
7527 return 0;
7528 }
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]7529 ctx = conn->xprt_ctx;
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]7530
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7531 smp->data.type = SMP_T_SINT;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]7532 smp->data.u.sint = (long long int)SSL_SOCK_ST_TO_CAEDEPTH(ctx->xprt_st);
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]7533 smp->flags = 0;
7534
7535 return 1;
7536}
7537
Emeric Brun2525b6b2012-10-18 15:59:43 +0200[diff] [blame]7538/* integer, returns the first verify error on client certificate */
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]7539static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7540smp_fetch_ssl_c_err(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]7541{
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7542 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]7543 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7544
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]7545 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7546 if (!conn || conn->xprt != &ssl_sock)
7547 return 0;
7548
7549 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]7550 smp->flags = SMP_F_MAY_CHANGE;
7551 return 0;
7552 }
7553
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]7554 ctx = conn->xprt_ctx;
7555
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7556 smp->data.type = SMP_T_SINT;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100[diff] [blame]7557 smp->data.u.sint = (long long int)SSL_SOCK_ST_TO_CRTERROR(ctx->xprt_st);
Emeric Brunf282a812012-09-21 15:27:54 +0200[diff] [blame]7558 smp->flags = 0;
7559
7560 return 1;
7561}
7562
Emeric Brun2525b6b2012-10-18 15:59:43 +0200[diff] [blame]7563/* integer, returns the verify result on client cert */
Emeric Brunbaf8ffb2012-09-21 15:27:20 +0200[diff] [blame]7564static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +0200[diff] [blame]7565smp_fetch_ssl_c_verify(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunbaf8ffb2012-09-21 15:27:20 +0200[diff] [blame]7566{
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7567 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7568 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7569
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +0200[diff] [blame]7570 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7571 if (!conn || conn->xprt != &ssl_sock)
7572 return 0;
7573
7574 if (!(conn->flags & CO_FL_CONNECTED)) {
Emeric Brunbaf8ffb2012-09-21 15:27:20 +0200[diff] [blame]7575 smp->flags = SMP_F_MAY_CHANGE;
7576 return 0;
7577 }
7578
Willy Tarreaub363a1f2013-10-01 10:45:07 +0200[diff] [blame]7579 if (!conn->xprt_ctx)
Emeric Brunbaf8ffb2012-09-21 15:27:20 +0200[diff] [blame]7580 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7581 ctx = conn->xprt_ctx;
Emeric Brunbaf8ffb2012-09-21 15:27:20 +0200[diff] [blame]7582
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +0200[diff] [blame]7583 smp->data.type = SMP_T_SINT;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100[diff] [blame]7584 smp->data.u.sint = (long long int)SSL_get_verify_result(ctx->ssl);
Emeric Brunbaf8ffb2012-09-21 15:27:20 +0200[diff] [blame]7585 smp->flags = 0;
7586
7587 return 1;
7588}
7589
Emeric Brunfb510ea2012-10-05 12:00:26 +0200[diff] [blame]7590/* parse the "ca-file" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]7591static int ssl_bind_parse_ca_file(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]7592{
7593 if (!*args[cur_arg + 1]) {
7594 if (err)
7595 memprintf(err, "'%s' : missing CAfile path", args[cur_arg]);
7596 return ERR_ALERT | ERR_FATAL;
7597 }
7598
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]7599 if ((*args[cur_arg + 1] != '/') && global_ssl.ca_base)
7600 memprintf(&conf->ca_file, "%s/%s", global_ssl.ca_base, args[cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +0200[diff] [blame]7601 else
7602 memprintf(&conf->ca_file, "%s", args[cur_arg + 1]);
Emeric Brunc8e8d122012-10-02 18:42:10 +0200[diff] [blame]7603
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]7604 return 0;
7605}
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]7606static int bind_parse_ca_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
7607{
7608 return ssl_bind_parse_ca_file(args, cur_arg, px, &conf->ssl_conf, err);
7609}
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]7610
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]7611/* parse the "ca-sign-file" bind keyword */
7612static int bind_parse_ca_sign_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
7613{
7614 if (!*args[cur_arg + 1]) {
7615 if (err)
7616 memprintf(err, "'%s' : missing CAfile path", args[cur_arg]);
7617 return ERR_ALERT | ERR_FATAL;
7618 }
7619
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]7620 if ((*args[cur_arg + 1] != '/') && global_ssl.ca_base)
7621 memprintf(&conf->ca_sign_file, "%s/%s", global_ssl.ca_base, args[cur_arg + 1]);
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]7622 else
7623 memprintf(&conf->ca_sign_file, "%s", args[cur_arg + 1]);
7624
7625 return 0;
7626}
7627
Bertrand Jacquinff13c062016-11-13 16:37:11 +0000[diff] [blame]7628/* parse the "ca-sign-pass" bind keyword */
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]7629static int bind_parse_ca_sign_pass(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
7630{
7631 if (!*args[cur_arg + 1]) {
7632 if (err)
7633 memprintf(err, "'%s' : missing CAkey password", args[cur_arg]);
7634 return ERR_ALERT | ERR_FATAL;
7635 }
7636 memprintf(&conf->ca_sign_pass, "%s", args[cur_arg + 1]);
7637 return 0;
7638}
7639
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]7640/* parse the "ciphers" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]7641static int ssl_bind_parse_ciphers(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]7642{
7643 if (!*args[cur_arg + 1]) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +0200[diff] [blame]7644 memprintf(err, "'%s' : missing cipher suite", args[cur_arg]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]7645 return ERR_ALERT | ERR_FATAL;
7646 }
7647
Emeric Brun76d88952012-10-05 15:47:31 +0200[diff] [blame]7648 free(conf->ciphers);
Willy Tarreau4348fad2012-09-20 16:48:07 +0200[diff] [blame]7649 conf->ciphers = strdup(args[cur_arg + 1]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]7650 return 0;
7651}
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]7652static int bind_parse_ciphers(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
7653{
7654 return ssl_bind_parse_ciphers(args, cur_arg, px, &conf->ssl_conf, err);
7655}
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]7656
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]7657#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]7658/* parse the "ciphersuites" bind keyword */
7659static int ssl_bind_parse_ciphersuites(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
7660{
7661 if (!*args[cur_arg + 1]) {
7662 memprintf(err, "'%s' : missing cipher suite", args[cur_arg]);
7663 return ERR_ALERT | ERR_FATAL;
7664 }
7665
7666 free(conf->ciphersuites);
7667 conf->ciphersuites = strdup(args[cur_arg + 1]);
7668 return 0;
7669}
7670static int bind_parse_ciphersuites(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
7671{
7672 return ssl_bind_parse_ciphersuites(args, cur_arg, px, &conf->ssl_conf, err);
7673}
7674#endif
7675
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]7676/* parse the "crt" bind keyword */
Willy Tarreau4348fad2012-09-20 16:48:07 +0200[diff] [blame]7677static int bind_parse_crt(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]7678{
Willy Tarreau38011032013-08-13 16:59:39 +0200[diff] [blame]7679 char path[MAXPATHLEN];
Willy Tarreaub75d6922014-04-14 18:05:41 +0200[diff] [blame]7680
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]7681 if (!*args[cur_arg + 1]) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +0200[diff] [blame]7682 memprintf(err, "'%s' : missing certificate location", args[cur_arg]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]7683 return ERR_ALERT | ERR_FATAL;
7684 }
7685
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]7686 if ((*args[cur_arg + 1] != '/' ) && global_ssl.crt_base) {
7687 if ((strlen(global_ssl.crt_base) + 1 + strlen(args[cur_arg + 1]) + 1) > MAXPATHLEN) {
Emeric Brunc8e8d122012-10-02 18:42:10 +0200[diff] [blame]7688 memprintf(err, "'%s' : path too long", args[cur_arg]);
7689 return ERR_ALERT | ERR_FATAL;
7690 }
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]7691 snprintf(path, sizeof(path), "%s/%s", global_ssl.crt_base, args[cur_arg + 1]);
Willy Tarreau03209342016-12-22 17:08:28 +0100[diff] [blame]7692 if (ssl_sock_load_cert(path, conf, err) > 0)
Emeric Brunc8e8d122012-10-02 18:42:10 +0200[diff] [blame]7693 return ERR_ALERT | ERR_FATAL;
7694
7695 return 0;
7696 }
7697
Willy Tarreau03209342016-12-22 17:08:28 +0100[diff] [blame]7698 if (ssl_sock_load_cert(args[cur_arg + 1], conf, err) > 0)
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]7699 return ERR_ALERT | ERR_FATAL;
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]7700
7701 return 0;
7702}
7703
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]7704/* parse the "crt-list" bind keyword */
7705static int bind_parse_crt_list(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
7706{
7707 if (!*args[cur_arg + 1]) {
7708 memprintf(err, "'%s' : missing certificate location", args[cur_arg]);
7709 return ERR_ALERT | ERR_FATAL;
7710 }
7711
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]7712 if (ssl_sock_load_cert_list_file(args[cur_arg + 1], conf, px, err) > 0) {
Willy Tarreauad1731d2013-04-02 17:35:58 +0200[diff] [blame]7713 memprintf(err, "'%s' : %s", args[cur_arg], *err);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]7714 return ERR_ALERT | ERR_FATAL;
Willy Tarreauad1731d2013-04-02 17:35:58 +0200[diff] [blame]7715 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +0100[diff] [blame]7716
7717 return 0;
7718}
7719
Emeric Brunfb510ea2012-10-05 12:00:26 +0200[diff] [blame]7720/* parse the "crl-file" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]7721static int ssl_bind_parse_crl_file(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]7722{
Emeric Brun051cdab2012-10-02 19:25:50 +0200[diff] [blame]7723#ifndef X509_V_FLAG_CRL_CHECK
7724 if (err)
7725 memprintf(err, "'%s' : library does not support CRL verify", args[cur_arg]);
7726 return ERR_ALERT | ERR_FATAL;
7727#else
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]7728 if (!*args[cur_arg + 1]) {
7729 if (err)
7730 memprintf(err, "'%s' : missing CRLfile path", args[cur_arg]);
7731 return ERR_ALERT | ERR_FATAL;
7732 }
Emeric Brun2b58d042012-09-20 17:10:03 +0200[diff] [blame]7733
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]7734 if ((*args[cur_arg + 1] != '/') && global_ssl.ca_base)
7735 memprintf(&conf->crl_file, "%s/%s", global_ssl.ca_base, args[cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +0200[diff] [blame]7736 else
7737 memprintf(&conf->crl_file, "%s", args[cur_arg + 1]);
Emeric Brunc8e8d122012-10-02 18:42:10 +0200[diff] [blame]7738
Emeric Brun2b58d042012-09-20 17:10:03 +0200[diff] [blame]7739 return 0;
Emeric Brun051cdab2012-10-02 19:25:50 +0200[diff] [blame]7740#endif
Emeric Brun2b58d042012-09-20 17:10:03 +0200[diff] [blame]7741}
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]7742static int bind_parse_crl_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
7743{
7744 return ssl_bind_parse_crl_file(args, cur_arg, px, &conf->ssl_conf, err);
7745}
Emeric Brun2b58d042012-09-20 17:10:03 +0200[diff] [blame]7746
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +0100[diff] [blame]7747/* parse the "curves" bind keyword keyword */
7748static int ssl_bind_parse_curves(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
7749{
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]7750#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +0100[diff] [blame]7751 if (!*args[cur_arg + 1]) {
7752 if (err)
7753 memprintf(err, "'%s' : missing curve suite", args[cur_arg]);
7754 return ERR_ALERT | ERR_FATAL;
7755 }
7756 conf->curves = strdup(args[cur_arg + 1]);
7757 return 0;
7758#else
7759 if (err)
7760 memprintf(err, "'%s' : library does not support curve suite", args[cur_arg]);
7761 return ERR_ALERT | ERR_FATAL;
7762#endif
7763}
7764static int bind_parse_curves(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
7765{
7766 return ssl_bind_parse_curves(args, cur_arg, px, &conf->ssl_conf, err);
7767}
7768
Bertrand Jacquinff13c062016-11-13 16:37:11 +0000[diff] [blame]7769/* parse the "ecdhe" bind keyword keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]7770static int ssl_bind_parse_ecdhe(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Emeric Brun2b58d042012-09-20 17:10:03 +0200[diff] [blame]7771{
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]7772#if HA_OPENSSL_VERSION_NUMBER < 0x0090800fL
Emeric Brun2b58d042012-09-20 17:10:03 +0200[diff] [blame]7773 if (err)
7774 memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (too old)", args[cur_arg]);
7775 return ERR_ALERT | ERR_FATAL;
7776#elif defined(OPENSSL_NO_ECDH)
7777 if (err)
7778 memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (disabled via OPENSSL_NO_ECDH)", args[cur_arg]);
7779 return ERR_ALERT | ERR_FATAL;
7780#else
7781 if (!*args[cur_arg + 1]) {
7782 if (err)
7783 memprintf(err, "'%s' : missing named curve", args[cur_arg]);
7784 return ERR_ALERT | ERR_FATAL;
7785 }
7786
7787 conf->ecdhe = strdup(args[cur_arg + 1]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]7788
7789 return 0;
Emeric Brun2b58d042012-09-20 17:10:03 +0200[diff] [blame]7790#endif
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]7791}
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]7792static int bind_parse_ecdhe(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
7793{
7794 return ssl_bind_parse_ecdhe(args, cur_arg, px, &conf->ssl_conf, err);
7795}
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]7796
Bertrand Jacquinff13c062016-11-13 16:37:11 +0000[diff] [blame]7797/* parse the "crt-ignore-err" and "ca-ignore-err" bind keywords */
Emeric Brun81c00f02012-09-21 14:31:21 +0200[diff] [blame]7798static int bind_parse_ignore_err(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
7799{
7800 int code;
7801 char *p = args[cur_arg + 1];
7802 unsigned long long *ignerr = &conf->crt_ignerr;
7803
7804 if (!*p) {
7805 if (err)
7806 memprintf(err, "'%s' : missing error IDs list", args[cur_arg]);
7807 return ERR_ALERT | ERR_FATAL;
7808 }
7809
7810 if (strcmp(args[cur_arg], "ca-ignore-err") == 0)
7811 ignerr = &conf->ca_ignerr;
7812
7813 if (strcmp(p, "all") == 0) {
7814 *ignerr = ~0ULL;
7815 return 0;
7816 }
7817
7818 while (p) {
7819 code = atoi(p);
7820 if ((code <= 0) || (code > 63)) {
7821 if (err)
7822 memprintf(err, "'%s' : ID '%d' out of range (1..63) in error IDs list '%s'",
7823 args[cur_arg], code, args[cur_arg + 1]);
7824 return ERR_ALERT | ERR_FATAL;
7825 }
7826 *ignerr |= 1ULL << code;
7827 p = strchr(p, ',');
7828 if (p)
7829 p++;
7830 }
7831
Emeric Brun2cb7ae52012-10-05 14:14:21 +0200[diff] [blame]7832 return 0;
7833}
7834
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]7835/* parse tls_method_options "no-xxx" and "force-xxx" */
7836static int parse_tls_method_options(char *arg, struct tls_version_filter *methods, char **err)
Emeric Brun2cb7ae52012-10-05 14:14:21 +0200[diff] [blame]7837{
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]7838 uint16_t v;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]7839 char *p;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]7840 p = strchr(arg, '-');
7841 if (!p)
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]7842 goto fail;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]7843 p++;
7844 if (!strcmp(p, "sslv3"))
7845 v = CONF_SSLV3;
7846 else if (!strcmp(p, "tlsv10"))
7847 v = CONF_TLSV10;
7848 else if (!strcmp(p, "tlsv11"))
7849 v = CONF_TLSV11;
7850 else if (!strcmp(p, "tlsv12"))
7851 v = CONF_TLSV12;
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +0200[diff] [blame]7852 else if (!strcmp(p, "tlsv13"))
7853 v = CONF_TLSV13;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]7854 else
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]7855 goto fail;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]7856 if (!strncmp(arg, "no-", 3))
7857 methods->flags |= methodVersions[v].flag;
7858 else if (!strncmp(arg, "force-", 6))
7859 methods->min = methods->max = v;
7860 else
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]7861 goto fail;
Emeric Brun2d0c4822012-10-02 13:45:20 +0200[diff] [blame]7862 return 0;
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]7863 fail:
7864 if (err)
7865 memprintf(err, "'%s' : option not implemented", arg);
7866 return ERR_ALERT | ERR_FATAL;
Emeric Brun2d0c4822012-10-02 13:45:20 +0200[diff] [blame]7867}
7868
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]7869static int bind_parse_tls_method_options(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Emeric Brun2cb7ae52012-10-05 14:14:21 +0200[diff] [blame]7870{
Emmanuel Hocdet43664762017-08-09 18:26:20 +0200[diff] [blame]7871 return parse_tls_method_options(args[cur_arg], &conf->ssl_conf.ssl_methods, err);
Emeric Brun2cb7ae52012-10-05 14:14:21 +0200[diff] [blame]7872}
7873
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]7874static int srv_parse_tls_method_options(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
Emeric Brun2cb7ae52012-10-05 14:14:21 +0200[diff] [blame]7875{
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]7876 return parse_tls_method_options(args[*cur_arg], &newsrv->ssl_ctx.methods, err);
7877}
7878
7879/* parse tls_method min/max: "ssl-min-ver" and "ssl-max-ver" */
7880static int parse_tls_method_minmax(char **args, int cur_arg, struct tls_version_filter *methods, char **err)
7881{
7882 uint16_t i, v = 0;
7883 char *argv = args[cur_arg + 1];
7884 if (!*argv) {
7885 if (err)
7886 memprintf(err, "'%s' : missing the ssl/tls version", args[cur_arg]);
7887 return ERR_ALERT | ERR_FATAL;
7888 }
7889 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
7890 if (!strcmp(argv, methodVersions[i].name))
7891 v = i;
7892 if (!v) {
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]7893 if (err)
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]7894 memprintf(err, "'%s' : unknown ssl/tls version", args[cur_arg + 1]);
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]7895 return ERR_ALERT | ERR_FATAL;
7896 }
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]7897 if (!strcmp("ssl-min-ver", args[cur_arg]))
7898 methods->min = v;
7899 else if (!strcmp("ssl-max-ver", args[cur_arg]))
7900 methods->max = v;
7901 else {
7902 if (err)
7903 memprintf(err, "'%s' : option not implemented", args[cur_arg]);
7904 return ERR_ALERT | ERR_FATAL;
7905 }
Emeric Brun2cb7ae52012-10-05 14:14:21 +0200[diff] [blame]7906 return 0;
Emeric Brun2cb7ae52012-10-05 14:14:21 +0200[diff] [blame]7907}
Emeric Brun2cb7ae52012-10-05 14:14:21 +0200[diff] [blame]7908
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +0200[diff] [blame]7909static int ssl_bind_parse_tls_method_minmax(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
7910{
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]7911#if (HA_OPENSSL_VERSION_NUMBER < 0x10101000L) && !defined(OPENSSL_IS_BORINGSSL)
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]7912 ha_warning("crt-list: ssl-min-ver and ssl-max-ver are not supported with this Openssl version (skipped).\n");
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +0200[diff] [blame]7913#endif
7914 return parse_tls_method_minmax(args, cur_arg, &conf->ssl_methods, err);
7915}
7916
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]7917static int bind_parse_tls_method_minmax(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
7918{
Emmanuel Hocdet43664762017-08-09 18:26:20 +0200[diff] [blame]7919 return parse_tls_method_minmax(args, cur_arg, &conf->ssl_conf.ssl_methods, err);
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]7920}
7921
7922static int srv_parse_tls_method_minmax(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
7923{
7924 return parse_tls_method_minmax(args, *cur_arg, &newsrv->ssl_ctx.methods, err);
7925}
7926
Emeric Brun2d0c4822012-10-02 13:45:20 +0200[diff] [blame]7927/* parse the "no-tls-tickets" bind keyword */
Emmanuel Hocdet4608ed92017-01-20 13:06:27 +0100[diff] [blame]7928static int bind_parse_no_tls_tickets(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Emeric Brun2d0c4822012-10-02 13:45:20 +0200[diff] [blame]7929{
Emeric Brun89675492012-10-05 13:48:26 +0200[diff] [blame]7930 conf->ssl_options |= BC_SSL_O_NO_TLS_TICKETS;
Emeric Brun81c00f02012-09-21 14:31:21 +0200[diff] [blame]7931 return 0;
7932}
Emeric Brun2d0c4822012-10-02 13:45:20 +0200[diff] [blame]7933
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]7934/* parse the "allow-0rtt" bind keyword */
7935static int ssl_bind_parse_allow_0rtt(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
7936{
7937 conf->early_data = 1;
7938 return 0;
7939}
7940
7941static int bind_parse_allow_0rtt(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
7942{
Olivier Houchard9679ac92017-10-27 14:58:08 +0200[diff] [blame]7943 conf->ssl_conf.early_data = 1;
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]7944 return 0;
7945}
7946
Willy Tarreau6c9a3d52012-10-18 18:57:14 +0200[diff] [blame]7947/* parse the "npn" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]7948static int ssl_bind_parse_npn(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Willy Tarreau6c9a3d52012-10-18 18:57:14 +0200[diff] [blame]7949{
Bernard Spil13c53f82018-02-15 13:34:58 +0100[diff] [blame]7950#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Willy Tarreau6c9a3d52012-10-18 18:57:14 +0200[diff] [blame]7951 char *p1, *p2;
7952
7953 if (!*args[cur_arg + 1]) {
7954 memprintf(err, "'%s' : missing the comma-delimited NPN protocol suite", args[cur_arg]);
7955 return ERR_ALERT | ERR_FATAL;
7956 }
7957
7958 free(conf->npn_str);
7959
Willy Tarreau3724da12016-02-12 17:11:12 +0100[diff] [blame]7960 /* the NPN string is built as a suite of (<len> <name>)*,
7961 * so we reuse each comma to store the next <len> and need
7962 * one more for the end of the string.
7963 */
Willy Tarreau6c9a3d52012-10-18 18:57:14 +0200[diff] [blame]7964 conf->npn_len = strlen(args[cur_arg + 1]) + 1;
Willy Tarreau3724da12016-02-12 17:11:12 +0100[diff] [blame]7965 conf->npn_str = calloc(1, conf->npn_len + 1);
Willy Tarreau6c9a3d52012-10-18 18:57:14 +0200[diff] [blame]7966 memcpy(conf->npn_str + 1, args[cur_arg + 1], conf->npn_len);
7967
7968 /* replace commas with the name length */
7969 p1 = conf->npn_str;
7970 p2 = p1 + 1;
7971 while (1) {
7972 p2 = memchr(p1 + 1, ',', conf->npn_str + conf->npn_len - (p1 + 1));
7973 if (!p2)
7974 p2 = p1 + 1 + strlen(p1 + 1);
7975
7976 if (p2 - (p1 + 1) > 255) {
7977 *p2 = '\0';
7978 memprintf(err, "'%s' : NPN protocol name too long : '%s'", args[cur_arg], p1 + 1);
7979 return ERR_ALERT | ERR_FATAL;
7980 }
7981
7982 *p1 = p2 - (p1 + 1);
7983 p1 = p2;
7984
7985 if (!*p2)
7986 break;
7987
7988 *(p2++) = '\0';
7989 }
7990 return 0;
7991#else
7992 if (err)
7993 memprintf(err, "'%s' : library does not support TLS NPN extension", args[cur_arg]);
7994 return ERR_ALERT | ERR_FATAL;
7995#endif
7996}
7997
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]7998static int bind_parse_npn(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
7999{
8000 return ssl_bind_parse_npn(args, cur_arg, px, &conf->ssl_conf, err);
8001}
8002
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]8003/* parse the "alpn" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]8004static int ssl_bind_parse_alpn(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]8005{
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +0100[diff] [blame]8006#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]8007 char *p1, *p2;
8008
8009 if (!*args[cur_arg + 1]) {
8010 memprintf(err, "'%s' : missing the comma-delimited ALPN protocol suite", args[cur_arg]);
8011 return ERR_ALERT | ERR_FATAL;
8012 }
8013
8014 free(conf->alpn_str);
8015
Marcoen Hirschbergbef60912016-02-12 17:05:24 +0100[diff] [blame]8016 /* the ALPN string is built as a suite of (<len> <name>)*,
8017 * so we reuse each comma to store the next <len> and need
8018 * one more for the end of the string.
8019 */
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]8020 conf->alpn_len = strlen(args[cur_arg + 1]) + 1;
Marcoen Hirschbergbef60912016-02-12 17:05:24 +0100[diff] [blame]8021 conf->alpn_str = calloc(1, conf->alpn_len + 1);
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]8022 memcpy(conf->alpn_str + 1, args[cur_arg + 1], conf->alpn_len);
8023
8024 /* replace commas with the name length */
8025 p1 = conf->alpn_str;
8026 p2 = p1 + 1;
8027 while (1) {
8028 p2 = memchr(p1 + 1, ',', conf->alpn_str + conf->alpn_len - (p1 + 1));
8029 if (!p2)
8030 p2 = p1 + 1 + strlen(p1 + 1);
8031
8032 if (p2 - (p1 + 1) > 255) {
8033 *p2 = '\0';
8034 memprintf(err, "'%s' : ALPN protocol name too long : '%s'", args[cur_arg], p1 + 1);
8035 return ERR_ALERT | ERR_FATAL;
8036 }
8037
8038 *p1 = p2 - (p1 + 1);
8039 p1 = p2;
8040
8041 if (!*p2)
8042 break;
8043
8044 *(p2++) = '\0';
8045 }
8046 return 0;
8047#else
8048 if (err)
8049 memprintf(err, "'%s' : library does not support TLS ALPN extension", args[cur_arg]);
8050 return ERR_ALERT | ERR_FATAL;
8051#endif
8052}
8053
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]8054static int bind_parse_alpn(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8055{
8056 return ssl_bind_parse_alpn(args, cur_arg, px, &conf->ssl_conf, err);
8057}
8058
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]8059/* parse the "ssl" bind keyword */
Willy Tarreau4348fad2012-09-20 16:48:07 +0200[diff] [blame]8060static int bind_parse_ssl(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]8061{
Willy Tarreau71a8c7c2016-12-21 22:04:54 +0100[diff] [blame]8062 conf->xprt = &ssl_sock;
Willy Tarreau4348fad2012-09-20 16:48:07 +0200[diff] [blame]8063 conf->is_ssl = 1;
Emeric Brun76d88952012-10-05 15:47:31 +0200[diff] [blame]8064
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]8065 if (global_ssl.listen_default_ciphers && !conf->ssl_conf.ciphers)
8066 conf->ssl_conf.ciphers = strdup(global_ssl.listen_default_ciphers);
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]8067#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]8068 if (global_ssl.listen_default_ciphersuites && !conf->ssl_conf.ciphersuites)
8069 conf->ssl_conf.ciphersuites = strdup(global_ssl.listen_default_ciphersuites);
8070#endif
Emmanuel Hocdet4608ed92017-01-20 13:06:27 +0100[diff] [blame]8071 conf->ssl_options |= global_ssl.listen_default_ssloptions;
Emmanuel Hocdet43664762017-08-09 18:26:20 +0200[diff] [blame]8072 conf->ssl_conf.ssl_methods.flags |= global_ssl.listen_default_sslmethods.flags;
8073 if (!conf->ssl_conf.ssl_methods.min)
8074 conf->ssl_conf.ssl_methods.min = global_ssl.listen_default_sslmethods.min;
8075 if (!conf->ssl_conf.ssl_methods.max)
8076 conf->ssl_conf.ssl_methods.max = global_ssl.listen_default_sslmethods.max;
Emeric Brun76d88952012-10-05 15:47:31 +0200[diff] [blame]8077
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]8078 return 0;
8079}
8080
Lukas Tribus53ae85c2017-05-04 15:45:40 +0000[diff] [blame]8081/* parse the "prefer-client-ciphers" bind keyword */
8082static int bind_parse_pcc(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8083{
8084 conf->ssl_options |= BC_SSL_O_PREF_CLIE_CIPH;
8085 return 0;
8086}
8087
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]8088/* parse the "generate-certificates" bind keyword */
8089static int bind_parse_generate_certs(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8090{
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]8091#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]8092 conf->generate_certs = 1;
8093#else
8094 memprintf(err, "%sthis version of openssl cannot generate SSL certificates.\n",
8095 err && *err ? *err : "");
8096#endif
8097 return 0;
8098}
8099
Emmanuel Hocdet65623372013-01-24 17:17:15 +0100[diff] [blame]8100/* parse the "strict-sni" bind keyword */
8101static int bind_parse_strict_sni(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8102{
8103 conf->strict_sni = 1;
8104 return 0;
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]8105}
8106
8107/* parse the "tls-ticket-keys" bind keyword */
8108static int bind_parse_tls_ticket_keys(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8109{
8110#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
8111 FILE *f;
8112 int i = 0;
8113 char thisline[LINESIZE];
Nenad Merdanovic146defa2015-05-09 08:46:00 +0200[diff] [blame]8114 struct tls_keys_ref *keys_ref;
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]8115
8116 if (!*args[cur_arg + 1]) {
8117 if (err)
8118 memprintf(err, "'%s' : missing TLS ticket keys file path", args[cur_arg]);
8119 return ERR_ALERT | ERR_FATAL;
8120 }
8121
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200[diff] [blame]8122 keys_ref = tlskeys_ref_lookup(args[cur_arg + 1]);
Willy Tarreau17b4aa12018-07-17 10:05:32 +0200[diff] [blame]8123 if (keys_ref) {
8124 keys_ref->refcount++;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200[diff] [blame]8125 conf->keys_ref = keys_ref;
8126 return 0;
8127 }
8128
Vincent Bernat02779b62016-04-03 13:48:43 +0200[diff] [blame]8129 keys_ref = malloc(sizeof(*keys_ref));
Emeric Brun09852f72019-01-10 10:51:13 +0100[diff] [blame]8130 if (!keys_ref) {
8131 if (err)
8132 memprintf(err, "'%s' : allocation error", args[cur_arg+1]);
8133 return ERR_ALERT | ERR_FATAL;
8134 }
8135
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]8136 keys_ref->tlskeys = malloc(TLS_TICKETS_NO * sizeof(union tls_sess_key));
Emeric Brun09852f72019-01-10 10:51:13 +0100[diff] [blame]8137 if (!keys_ref->tlskeys) {
8138 free(keys_ref);
8139 if (err)
8140 memprintf(err, "'%s' : allocation error", args[cur_arg+1]);
8141 return ERR_ALERT | ERR_FATAL;
8142 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]8143
8144 if ((f = fopen(args[cur_arg + 1], "r")) == NULL) {
Emeric Brun09852f72019-01-10 10:51:13 +0100[diff] [blame]8145 free(keys_ref->tlskeys);
8146 free(keys_ref);
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]8147 if (err)
8148 memprintf(err, "'%s' : unable to load ssl tickets keys file", args[cur_arg+1]);
8149 return ERR_ALERT | ERR_FATAL;
8150 }
8151
Nenad Merdanovic146defa2015-05-09 08:46:00 +0200[diff] [blame]8152 keys_ref->filename = strdup(args[cur_arg + 1]);
Emeric Brun09852f72019-01-10 10:51:13 +0100[diff] [blame]8153 if (!keys_ref->filename) {
8154 free(keys_ref->tlskeys);
8155 free(keys_ref);
8156 if (err)
8157 memprintf(err, "'%s' : allocation error", args[cur_arg+1]);
8158 return ERR_ALERT | ERR_FATAL;
8159 }
Nenad Merdanovic146defa2015-05-09 08:46:00 +0200[diff] [blame]8160
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]8161 keys_ref->key_size_bits = 0;
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]8162 while (fgets(thisline, sizeof(thisline), f) != NULL) {
8163 int len = strlen(thisline);
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]8164 int dec_size;
8165
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]8166 /* Strip newline characters from the end */
8167 if(thisline[len - 1] == '\n')
8168 thisline[--len] = 0;
8169
8170 if(thisline[len - 1] == '\r')
8171 thisline[--len] = 0;
8172
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]8173 dec_size = base64dec(thisline, len, (char *) (keys_ref->tlskeys + i % TLS_TICKETS_NO), sizeof(union tls_sess_key));
8174 if (dec_size < 0) {
Emeric Brun09852f72019-01-10 10:51:13 +0100[diff] [blame]8175 free(keys_ref->filename);
8176 free(keys_ref->tlskeys);
8177 free(keys_ref);
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]8178 if (err)
8179 memprintf(err, "'%s' : unable to decode base64 key on line %d", args[cur_arg+1], i + 1);
mildis16aa0152016-06-22 17:46:29 +0200[diff] [blame]8180 fclose(f);
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]8181 return ERR_ALERT | ERR_FATAL;
8182 }
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]8183 else if (!keys_ref->key_size_bits && (dec_size == sizeof(struct tls_sess_key_128))) {
8184 keys_ref->key_size_bits = 128;
8185 }
8186 else if (!keys_ref->key_size_bits && (dec_size == sizeof(struct tls_sess_key_256))) {
8187 keys_ref->key_size_bits = 256;
8188 }
8189 else if (((dec_size != sizeof(struct tls_sess_key_128)) && (dec_size != sizeof(struct tls_sess_key_256)))
8190 || ((dec_size == sizeof(struct tls_sess_key_128) && (keys_ref->key_size_bits != 128)))
8191 || ((dec_size == sizeof(struct tls_sess_key_256) && (keys_ref->key_size_bits != 256)))) {
8192 free(keys_ref->filename);
8193 free(keys_ref->tlskeys);
8194 free(keys_ref);
8195 if (err)
8196 memprintf(err, "'%s' : wrong sized key on line %d", args[cur_arg+1], i + 1);
8197 fclose(f);
8198 return ERR_ALERT | ERR_FATAL;
8199 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]8200 i++;
8201 }
8202
8203 if (i < TLS_TICKETS_NO) {
Emeric Brun09852f72019-01-10 10:51:13 +0100[diff] [blame]8204 free(keys_ref->filename);
8205 free(keys_ref->tlskeys);
8206 free(keys_ref);
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]8207 if (err)
8208 memprintf(err, "'%s' : please supply at least %d keys in the tls-tickets-file", args[cur_arg+1], TLS_TICKETS_NO);
mildis16aa0152016-06-22 17:46:29 +0200[diff] [blame]8209 fclose(f);
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]8210 return ERR_ALERT | ERR_FATAL;
8211 }
8212
8213 fclose(f);
8214
8215 /* Use penultimate key for encryption, handle when TLS_TICKETS_NO = 1 */
Nenad Merdanovic17891152016-03-25 22:16:57 +0100[diff] [blame]8216 i -= 2;
8217 keys_ref->tls_ticket_enc_index = i < 0 ? 0 : i % TLS_TICKETS_NO;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200[diff] [blame]8218 keys_ref->unique_id = -1;
Willy Tarreau17b4aa12018-07-17 10:05:32 +0200[diff] [blame]8219 keys_ref->refcount = 1;
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]8220 HA_RWLOCK_INIT(&keys_ref->lock);
Nenad Merdanovic146defa2015-05-09 08:46:00 +0200[diff] [blame]8221 conf->keys_ref = keys_ref;
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]8222
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200[diff] [blame]8223 LIST_ADD(&tlskeys_reference, &keys_ref->list);
8224
Nenad Merdanovic05552d42015-02-27 19:56:49 +0100[diff] [blame]8225 return 0;
8226#else
8227 if (err)
8228 memprintf(err, "'%s' : TLS ticket callback extension not supported", args[cur_arg]);
8229 return ERR_ALERT | ERR_FATAL;
8230#endif /* SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB */
Emmanuel Hocdet65623372013-01-24 17:17:15 +0100[diff] [blame]8231}
8232
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]8233/* parse the "verify" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]8234static int ssl_bind_parse_verify(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]8235{
8236 if (!*args[cur_arg + 1]) {
8237 if (err)
8238 memprintf(err, "'%s' : missing verify method", args[cur_arg]);
8239 return ERR_ALERT | ERR_FATAL;
8240 }
8241
8242 if (strcmp(args[cur_arg + 1], "none") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]8243 conf->verify = SSL_SOCK_VERIFY_NONE;
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]8244 else if (strcmp(args[cur_arg + 1], "optional") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]8245 conf->verify = SSL_SOCK_VERIFY_OPTIONAL;
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]8246 else if (strcmp(args[cur_arg + 1], "required") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]8247 conf->verify = SSL_SOCK_VERIFY_REQUIRED;
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]8248 else {
8249 if (err)
8250 memprintf(err, "'%s' : unknown verify method '%s', only 'none', 'optional', and 'required' are supported\n",
8251 args[cur_arg], args[cur_arg + 1]);
8252 return ERR_ALERT | ERR_FATAL;
8253 }
8254
8255 return 0;
8256}
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]8257static int bind_parse_verify(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8258{
8259 return ssl_bind_parse_verify(args, cur_arg, px, &conf->ssl_conf, err);
8260}
Emeric Brund94b3fe2012-09-20 18:23:56 +0200[diff] [blame]8261
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +0200[diff] [blame]8262/* parse the "no-ca-names" bind keyword */
8263static int ssl_bind_parse_no_ca_names(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
8264{
8265 conf->no_ca_names = 1;
8266 return 0;
8267}
8268static int bind_parse_no_ca_names(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8269{
8270 return ssl_bind_parse_no_ca_names(args, cur_arg, px, &conf->ssl_conf, err);
8271}
8272
Willy Tarreau92faadf2012-10-10 23:04:25 +0200[diff] [blame]8273/************** "server" keywords ****************/
8274
Olivier Houchardc7566002018-11-20 23:33:50 +0100[diff] [blame]8275/* parse the "npn" bind keyword */
8276static int srv_parse_npn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8277{
8278#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
8279 char *p1, *p2;
8280
8281 if (!*args[*cur_arg + 1]) {
8282 memprintf(err, "'%s' : missing the comma-delimited NPN protocol suite", args[*cur_arg]);
8283 return ERR_ALERT | ERR_FATAL;
8284 }
8285
8286 free(newsrv->ssl_ctx.npn_str);
8287
8288 /* the NPN string is built as a suite of (<len> <name>)*,
8289 * so we reuse each comma to store the next <len> and need
8290 * one more for the end of the string.
8291 */
8292 newsrv->ssl_ctx.npn_len = strlen(args[*cur_arg + 1]) + 1;
8293 newsrv->ssl_ctx.npn_str = calloc(1, newsrv->ssl_ctx.npn_len + 1);
8294 memcpy(newsrv->ssl_ctx.npn_str + 1, args[*cur_arg + 1],
8295 newsrv->ssl_ctx.npn_len);
8296
8297 /* replace commas with the name length */
8298 p1 = newsrv->ssl_ctx.npn_str;
8299 p2 = p1 + 1;
8300 while (1) {
8301 p2 = memchr(p1 + 1, ',', newsrv->ssl_ctx.npn_str +
8302 newsrv->ssl_ctx.npn_len - (p1 + 1));
8303 if (!p2)
8304 p2 = p1 + 1 + strlen(p1 + 1);
8305
8306 if (p2 - (p1 + 1) > 255) {
8307 *p2 = '\0';
8308 memprintf(err, "'%s' : NPN protocol name too long : '%s'", args[*cur_arg], p1 + 1);
8309 return ERR_ALERT | ERR_FATAL;
8310 }
8311
8312 *p1 = p2 - (p1 + 1);
8313 p1 = p2;
8314
8315 if (!*p2)
8316 break;
8317
8318 *(p2++) = '\0';
8319 }
8320 return 0;
8321#else
8322 if (err)
8323 memprintf(err, "'%s' : library does not support TLS NPN extension", args[*cur_arg]);
8324 return ERR_ALERT | ERR_FATAL;
8325#endif
8326}
8327
Olivier Houchard92150142018-12-21 19:47:01 +0100[diff] [blame]8328/* parse the "alpn" or the "check-alpn" server keyword */
Olivier Houchardc7566002018-11-20 23:33:50 +0100[diff] [blame]8329static int srv_parse_alpn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8330{
8331#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
8332 char *p1, *p2;
Olivier Houchard92150142018-12-21 19:47:01 +0100[diff] [blame]8333 char **alpn_str;
8334 int *alpn_len;
Olivier Houchardc7566002018-11-20 23:33:50 +0100[diff] [blame]8335
Olivier Houchard92150142018-12-21 19:47:01 +0100[diff] [blame]8336 if (*args[*cur_arg] == 'c') {
8337 alpn_str = &newsrv->check.alpn_str;
8338 alpn_len = &newsrv->check.alpn_len;
8339 } else {
8340 alpn_str = &newsrv->ssl_ctx.alpn_str;
8341 alpn_len = &newsrv->ssl_ctx.alpn_len;
8342
8343 }
Olivier Houchardc7566002018-11-20 23:33:50 +0100[diff] [blame]8344 if (!*args[*cur_arg + 1]) {
8345 memprintf(err, "'%s' : missing the comma-delimited ALPN protocol suite", args[*cur_arg]);
8346 return ERR_ALERT | ERR_FATAL;
8347 }
8348
Olivier Houchard92150142018-12-21 19:47:01 +0100[diff] [blame]8349 free(*alpn_str);
Olivier Houchardc7566002018-11-20 23:33:50 +0100[diff] [blame]8350
8351 /* the ALPN string is built as a suite of (<len> <name>)*,
8352 * so we reuse each comma to store the next <len> and need
8353 * one more for the end of the string.
8354 */
Olivier Houchard92150142018-12-21 19:47:01 +0100[diff] [blame]8355 *alpn_len = strlen(args[*cur_arg + 1]) + 1;
8356 *alpn_str = calloc(1, *alpn_len + 1);
8357 memcpy(*alpn_str + 1, args[*cur_arg + 1], *alpn_len);
Olivier Houchardc7566002018-11-20 23:33:50 +0100[diff] [blame]8358
8359 /* replace commas with the name length */
Olivier Houchard92150142018-12-21 19:47:01 +0100[diff] [blame]8360 p1 = *alpn_str;
Olivier Houchardc7566002018-11-20 23:33:50 +0100[diff] [blame]8361 p2 = p1 + 1;
8362 while (1) {
Olivier Houchard92150142018-12-21 19:47:01 +0100[diff] [blame]8363 p2 = memchr(p1 + 1, ',', *alpn_str + *alpn_len - (p1 + 1));
Olivier Houchardc7566002018-11-20 23:33:50 +0100[diff] [blame]8364 if (!p2)
8365 p2 = p1 + 1 + strlen(p1 + 1);
8366
8367 if (p2 - (p1 + 1) > 255) {
8368 *p2 = '\0';
8369 memprintf(err, "'%s' : ALPN protocol name too long : '%s'", args[*cur_arg], p1 + 1);
8370 return ERR_ALERT | ERR_FATAL;
8371 }
8372
8373 *p1 = p2 - (p1 + 1);
8374 p1 = p2;
8375
8376 if (!*p2)
8377 break;
8378
8379 *(p2++) = '\0';
8380 }
8381 return 0;
8382#else
8383 if (err)
8384 memprintf(err, "'%s' : library does not support TLS ALPN extension", args[*cur_arg]);
8385 return ERR_ALERT | ERR_FATAL;
8386#endif
8387}
8388
Emeric Brunef42d922012-10-11 16:11:36 +0200[diff] [blame]8389/* parse the "ca-file" server keyword */
8390static int srv_parse_ca_file(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8391{
8392 if (!*args[*cur_arg + 1]) {
8393 if (err)
8394 memprintf(err, "'%s' : missing CAfile path", args[*cur_arg]);
8395 return ERR_ALERT | ERR_FATAL;
8396 }
8397
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]8398 if ((*args[*cur_arg + 1] != '/') && global_ssl.ca_base)
8399 memprintf(&newsrv->ssl_ctx.ca_file, "%s/%s", global_ssl.ca_base, args[*cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +0200[diff] [blame]8400 else
8401 memprintf(&newsrv->ssl_ctx.ca_file, "%s", args[*cur_arg + 1]);
8402
8403 return 0;
8404}
8405
Olivier Houchard9130a962017-10-17 17:33:43 +0200[diff] [blame]8406/* parse the "check-sni" server keyword */
8407static int srv_parse_check_sni(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8408{
8409 if (!*args[*cur_arg + 1]) {
8410 if (err)
8411 memprintf(err, "'%s' : missing SNI", args[*cur_arg]);
8412 return ERR_ALERT | ERR_FATAL;
8413 }
8414
8415 newsrv->check.sni = strdup(args[*cur_arg + 1]);
8416 if (!newsrv->check.sni) {
8417 memprintf(err, "'%s' : failed to allocate memory", args[*cur_arg]);
8418 return ERR_ALERT | ERR_FATAL;
8419 }
8420 return 0;
8421
8422}
8423
Willy Tarreau92faadf2012-10-10 23:04:25 +0200[diff] [blame]8424/* parse the "check-ssl" server keyword */
8425static int srv_parse_check_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8426{
8427 newsrv->check.use_ssl = 1;
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]8428 if (global_ssl.connect_default_ciphers && !newsrv->ssl_ctx.ciphers)
8429 newsrv->ssl_ctx.ciphers = strdup(global_ssl.connect_default_ciphers);
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]8430#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]8431 if (global_ssl.connect_default_ciphersuites && !newsrv->ssl_ctx.ciphersuites)
8432 newsrv->ssl_ctx.ciphersuites = strdup(global_ssl.connect_default_ciphersuites);
8433#endif
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]8434 newsrv->ssl_ctx.options |= global_ssl.connect_default_ssloptions;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]8435 newsrv->ssl_ctx.methods.flags |= global_ssl.connect_default_sslmethods.flags;
8436 if (!newsrv->ssl_ctx.methods.min)
8437 newsrv->ssl_ctx.methods.min = global_ssl.connect_default_sslmethods.min;
8438 if (!newsrv->ssl_ctx.methods.max)
8439 newsrv->ssl_ctx.methods.max = global_ssl.connect_default_sslmethods.max;
8440
Willy Tarreau92faadf2012-10-10 23:04:25 +0200[diff] [blame]8441 return 0;
8442}
8443
8444/* parse the "ciphers" server keyword */
8445static int srv_parse_ciphers(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8446{
8447 if (!*args[*cur_arg + 1]) {
8448 memprintf(err, "'%s' : missing cipher suite", args[*cur_arg]);
8449 return ERR_ALERT | ERR_FATAL;
8450 }
8451
8452 free(newsrv->ssl_ctx.ciphers);
8453 newsrv->ssl_ctx.ciphers = strdup(args[*cur_arg + 1]);
8454 return 0;
8455}
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]8456
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]8457#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]8458/* parse the "ciphersuites" server keyword */
8459static int srv_parse_ciphersuites(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8460{
8461 if (!*args[*cur_arg + 1]) {
8462 memprintf(err, "'%s' : missing cipher suite", args[*cur_arg]);
8463 return ERR_ALERT | ERR_FATAL;
8464 }
8465
8466 free(newsrv->ssl_ctx.ciphersuites);
8467 newsrv->ssl_ctx.ciphersuites = strdup(args[*cur_arg + 1]);
8468 return 0;
8469}
8470#endif
Willy Tarreau92faadf2012-10-10 23:04:25 +0200[diff] [blame]8471
Emeric Brunef42d922012-10-11 16:11:36 +0200[diff] [blame]8472/* parse the "crl-file" server keyword */
8473static int srv_parse_crl_file(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8474{
8475#ifndef X509_V_FLAG_CRL_CHECK
8476 if (err)
8477 memprintf(err, "'%s' : library does not support CRL verify", args[*cur_arg]);
8478 return ERR_ALERT | ERR_FATAL;
8479#else
8480 if (!*args[*cur_arg + 1]) {
8481 if (err)
8482 memprintf(err, "'%s' : missing CRLfile path", args[*cur_arg]);
8483 return ERR_ALERT | ERR_FATAL;
8484 }
8485
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]8486 if ((*args[*cur_arg + 1] != '/') && global_ssl.ca_base)
8487 memprintf(&newsrv->ssl_ctx.crl_file, "%s/%s", global_ssl.ca_base, args[*cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +0200[diff] [blame]8488 else
8489 memprintf(&newsrv->ssl_ctx.crl_file, "%s", args[*cur_arg + 1]);
8490
8491 return 0;
8492#endif
8493}
8494
Emeric Bruna7aa3092012-10-26 12:58:00 +0200[diff] [blame]8495/* parse the "crt" server keyword */
8496static int srv_parse_crt(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8497{
8498 if (!*args[*cur_arg + 1]) {
8499 if (err)
8500 memprintf(err, "'%s' : missing certificate file path", args[*cur_arg]);
8501 return ERR_ALERT | ERR_FATAL;
8502 }
8503
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]8504 if ((*args[*cur_arg + 1] != '/') && global_ssl.crt_base)
Christopher Fauletff3a41e2017-11-23 09:13:32 +0100[diff] [blame]8505 memprintf(&newsrv->ssl_ctx.client_crt, "%s/%s", global_ssl.crt_base, args[*cur_arg + 1]);
Emeric Bruna7aa3092012-10-26 12:58:00 +0200[diff] [blame]8506 else
8507 memprintf(&newsrv->ssl_ctx.client_crt, "%s", args[*cur_arg + 1]);
8508
8509 return 0;
8510}
Emeric Brunef42d922012-10-11 16:11:36 +0200[diff] [blame]8511
Frédéric Lécaille340ae602017-03-13 10:38:04 +0100[diff] [blame]8512/* parse the "no-check-ssl" server keyword */
8513static int srv_parse_no_check_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8514{
8515 newsrv->check.use_ssl = 0;
8516 free(newsrv->ssl_ctx.ciphers);
8517 newsrv->ssl_ctx.ciphers = NULL;
8518 newsrv->ssl_ctx.options &= ~global_ssl.connect_default_ssloptions;
8519 return 0;
8520}
8521
Frédéric Lécaillee892c4c2017-03-13 12:08:01 +0100[diff] [blame]8522/* parse the "no-send-proxy-v2-ssl" server keyword */
8523static int srv_parse_no_send_proxy_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8524{
8525 newsrv->pp_opts &= ~SRV_PP_V2;
8526 newsrv->pp_opts &= ~SRV_PP_V2_SSL;
8527 return 0;
8528}
8529
8530/* parse the "no-send-proxy-v2-ssl-cn" server keyword */
8531static int srv_parse_no_send_proxy_cn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8532{
8533 newsrv->pp_opts &= ~SRV_PP_V2;
8534 newsrv->pp_opts &= ~SRV_PP_V2_SSL;
8535 newsrv->pp_opts &= ~SRV_PP_V2_SSL_CN;
8536 return 0;
8537}
8538
Frédéric Lécaillee381d762017-03-13 11:54:17 +0100[diff] [blame]8539/* parse the "no-ssl" server keyword */
8540static int srv_parse_no_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8541{
8542 newsrv->use_ssl = 0;
8543 free(newsrv->ssl_ctx.ciphers);
8544 newsrv->ssl_ctx.ciphers = NULL;
8545 return 0;
8546}
8547
Olivier Houchard522eea72017-11-03 16:27:47 +0100[diff] [blame]8548/* parse the "allow-0rtt" server keyword */
8549static int srv_parse_allow_0rtt(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8550{
8551 newsrv->ssl_ctx.options |= SRV_SSL_O_EARLY_DATA;
8552 return 0;
8553}
8554
Willy Tarreau2a3fb1c2015-02-05 16:47:07 +0100[diff] [blame]8555/* parse the "no-ssl-reuse" server keyword */
8556static int srv_parse_no_ssl_reuse(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8557{
8558 newsrv->ssl_ctx.options |= SRV_SSL_O_NO_REUSE;
8559 return 0;
8560}
8561
Emeric Brunf9c5c472012-10-11 15:28:34 +0200[diff] [blame]8562/* parse the "no-tls-tickets" server keyword */
8563static int srv_parse_no_tls_tickets(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8564{
8565 newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLS_TICKETS;
8566 return 0;
8567}
David Safb76832014-05-08 23:42:08 -0400[diff] [blame]8568/* parse the "send-proxy-v2-ssl" server keyword */
8569static int srv_parse_send_proxy_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8570{
8571 newsrv->pp_opts |= SRV_PP_V2;
8572 newsrv->pp_opts |= SRV_PP_V2_SSL;
8573 return 0;
8574}
8575
8576/* parse the "send-proxy-v2-ssl-cn" server keyword */
8577static int srv_parse_send_proxy_cn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8578{
8579 newsrv->pp_opts |= SRV_PP_V2;
8580 newsrv->pp_opts |= SRV_PP_V2_SSL;
8581 newsrv->pp_opts |= SRV_PP_V2_SSL_CN;
8582 return 0;
8583}
Emeric Brunf9c5c472012-10-11 15:28:34 +0200[diff] [blame]8584
Willy Tarreau732eac42015-07-09 11:40:25 +0200[diff] [blame]8585/* parse the "sni" server keyword */
8586static int srv_parse_sni(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8587{
8588#ifndef SSL_CTRL_SET_TLSEXT_HOSTNAME
8589 memprintf(err, "'%s' : the current SSL library doesn't support the SNI TLS extension", args[*cur_arg]);
8590 return ERR_ALERT | ERR_FATAL;
8591#else
Frédéric Lécaille9a146de2017-03-20 14:54:41 +0100[diff] [blame]8592 char *arg;
Willy Tarreau732eac42015-07-09 11:40:25 +0200[diff] [blame]8593
Frédéric Lécaille9a146de2017-03-20 14:54:41 +0100[diff] [blame]8594 arg = args[*cur_arg + 1];
8595 if (!*arg) {
Willy Tarreau732eac42015-07-09 11:40:25 +0200[diff] [blame]8596 memprintf(err, "'%s' : missing sni expression", args[*cur_arg]);
8597 return ERR_ALERT | ERR_FATAL;
8598 }
8599
Frédéric Lécaille9a146de2017-03-20 14:54:41 +0100[diff] [blame]8600 free(newsrv->sni_expr);
8601 newsrv->sni_expr = strdup(arg);
Willy Tarreau732eac42015-07-09 11:40:25 +0200[diff] [blame]8602
Willy Tarreau732eac42015-07-09 11:40:25 +0200[diff] [blame]8603 return 0;
8604#endif
8605}
8606
Willy Tarreau92faadf2012-10-10 23:04:25 +0200[diff] [blame]8607/* parse the "ssl" server keyword */
8608static int srv_parse_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8609{
8610 newsrv->use_ssl = 1;
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]8611 if (global_ssl.connect_default_ciphers && !newsrv->ssl_ctx.ciphers)
8612 newsrv->ssl_ctx.ciphers = strdup(global_ssl.connect_default_ciphers);
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]8613#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]8614 if (global_ssl.connect_default_ciphersuites && !newsrv->ssl_ctx.ciphersuites)
8615 newsrv->ssl_ctx.ciphersuites = strdup(global_ssl.connect_default_ciphersuites);
8616#endif
Willy Tarreau92faadf2012-10-10 23:04:25 +0200[diff] [blame]8617 return 0;
8618}
8619
Frédéric Lécaille2cfcdbe2017-03-13 11:32:20 +0100[diff] [blame]8620/* parse the "ssl-reuse" server keyword */
8621static int srv_parse_ssl_reuse(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8622{
8623 newsrv->ssl_ctx.options &= ~SRV_SSL_O_NO_REUSE;
8624 return 0;
8625}
8626
Frédéric Lécaille2cfcdbe2017-03-13 11:32:20 +0100[diff] [blame]8627/* parse the "tls-tickets" server keyword */
8628static int srv_parse_tls_tickets(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8629{
8630 newsrv->ssl_ctx.options &= ~SRV_SSL_O_NO_TLS_TICKETS;
8631 return 0;
8632}
8633
Emeric Brunef42d922012-10-11 16:11:36 +0200[diff] [blame]8634/* parse the "verify" server keyword */
8635static int srv_parse_verify(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8636{
8637 if (!*args[*cur_arg + 1]) {
8638 if (err)
8639 memprintf(err, "'%s' : missing verify method", args[*cur_arg]);
8640 return ERR_ALERT | ERR_FATAL;
8641 }
8642
8643 if (strcmp(args[*cur_arg + 1], "none") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]8644 newsrv->ssl_ctx.verify = SSL_SOCK_VERIFY_NONE;
Emeric Brunef42d922012-10-11 16:11:36 +0200[diff] [blame]8645 else if (strcmp(args[*cur_arg + 1], "required") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +0100[diff] [blame]8646 newsrv->ssl_ctx.verify = SSL_SOCK_VERIFY_REQUIRED;
Emeric Brunef42d922012-10-11 16:11:36 +0200[diff] [blame]8647 else {
8648 if (err)
8649 memprintf(err, "'%s' : unknown verify method '%s', only 'none' and 'required' are supported\n",
8650 args[*cur_arg], args[*cur_arg + 1]);
8651 return ERR_ALERT | ERR_FATAL;
8652 }
8653
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]8654 return 0;
8655}
8656
8657/* parse the "verifyhost" server keyword */
8658static int srv_parse_verifyhost(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8659{
8660 if (!*args[*cur_arg + 1]) {
8661 if (err)
8662 memprintf(err, "'%s' : missing hostname to verify against", args[*cur_arg]);
8663 return ERR_ALERT | ERR_FATAL;
8664 }
8665
Frédéric Lécaille273f3212017-03-13 15:52:01 +0100[diff] [blame]8666 free(newsrv->ssl_ctx.verify_host);
Evan Broderbe554312013-06-27 00:05:25 -0700[diff] [blame]8667 newsrv->ssl_ctx.verify_host = strdup(args[*cur_arg + 1]);
8668
Emeric Brunef42d922012-10-11 16:11:36 +0200[diff] [blame]8669 return 0;
8670}
8671
Emeric Brun2c86cbf2014-10-30 15:56:50 +0100[diff] [blame]8672/* parse the "ssl-default-bind-options" keyword in global section */
8673static int ssl_parse_default_bind_options(char **args, int section_type, struct proxy *curpx,
8674 struct proxy *defpx, const char *file, int line,
8675 char **err) {
8676 int i = 1;
8677
8678 if (*(args[i]) == 0) {
8679 memprintf(err, "global statement '%s' expects an option as an argument.", args[0]);
8680 return -1;
8681 }
8682 while (*(args[i])) {
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]8683 if (!strcmp(args[i], "no-tls-tickets"))
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]8684 global_ssl.listen_default_ssloptions |= BC_SSL_O_NO_TLS_TICKETS;
Lukas Tribus53ae85c2017-05-04 15:45:40 +0000[diff] [blame]8685 else if (!strcmp(args[i], "prefer-client-ciphers"))
8686 global_ssl.listen_default_ssloptions |= BC_SSL_O_PREF_CLIE_CIPH;
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]8687 else if (!strcmp(args[i], "ssl-min-ver") || !strcmp(args[i], "ssl-max-ver")) {
8688 if (!parse_tls_method_minmax(args, i, &global_ssl.listen_default_sslmethods, err))
8689 i++;
8690 else {
8691 memprintf(err, "%s on global statement '%s'.", *err, args[0]);
8692 return -1;
8693 }
8694 }
8695 else if (parse_tls_method_options(args[i], &global_ssl.listen_default_sslmethods, err)) {
Emeric Brun2c86cbf2014-10-30 15:56:50 +0100[diff] [blame]8696 memprintf(err, "unknown option '%s' on global statement '%s'.", args[i], args[0]);
8697 return -1;
8698 }
8699 i++;
8700 }
8701 return 0;
8702}
8703
8704/* parse the "ssl-default-server-options" keyword in global section */
8705static int ssl_parse_default_server_options(char **args, int section_type, struct proxy *curpx,
8706 struct proxy *defpx, const char *file, int line,
8707 char **err) {
8708 int i = 1;
8709
8710 if (*(args[i]) == 0) {
8711 memprintf(err, "global statement '%s' expects an option as an argument.", args[0]);
8712 return -1;
8713 }
8714 while (*(args[i])) {
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]8715 if (!strcmp(args[i], "no-tls-tickets"))
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]8716 global_ssl.connect_default_ssloptions |= SRV_SSL_O_NO_TLS_TICKETS;
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]8717 else if (!strcmp(args[i], "ssl-min-ver") || !strcmp(args[i], "ssl-max-ver")) {
8718 if (!parse_tls_method_minmax(args, i, &global_ssl.connect_default_sslmethods, err))
8719 i++;
8720 else {
8721 memprintf(err, "%s on global statement '%s'.", *err, args[0]);
8722 return -1;
8723 }
8724 }
8725 else if (parse_tls_method_options(args[i], &global_ssl.connect_default_sslmethods, err)) {
Emeric Brun2c86cbf2014-10-30 15:56:50 +0100[diff] [blame]8726 memprintf(err, "unknown option '%s' on global statement '%s'.", args[i], args[0]);
8727 return -1;
8728 }
8729 i++;
8730 }
8731 return 0;
8732}
8733
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +0100[diff] [blame]8734/* parse the "ca-base" / "crt-base" keywords in global section.
8735 * Returns <0 on alert, >0 on warning, 0 on success.
8736 */
8737static int ssl_parse_global_ca_crt_base(char **args, int section_type, struct proxy *curpx,
8738 struct proxy *defpx, const char *file, int line,
8739 char **err)
8740{
8741 char **target;
8742
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]8743 target = (args[0][1] == 'a') ? &global_ssl.ca_base : &global_ssl.crt_base;
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +0100[diff] [blame]8744
8745 if (too_many_args(1, args, err, NULL))
8746 return -1;
8747
8748 if (*target) {
8749 memprintf(err, "'%s' already specified.", args[0]);
8750 return -1;
8751 }
8752
8753 if (*(args[1]) == 0) {
8754 memprintf(err, "global statement '%s' expects a directory path as an argument.", args[0]);
8755 return -1;
8756 }
8757 *target = strdup(args[1]);
8758 return 0;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]8759}
8760
8761/* parse the "ssl-mode-async" keyword in global section.
8762 * Returns <0 on alert, >0 on warning, 0 on success.
8763 */
8764static int ssl_parse_global_ssl_async(char **args, int section_type, struct proxy *curpx,
8765 struct proxy *defpx, const char *file, int line,
8766 char **err)
8767{
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]8768#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]8769 global_ssl.async = 1;
Emeric Brunece0c332017-12-06 13:51:49 +0100[diff] [blame]8770 global.ssl_used_async_engines = nb_engines;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]8771 return 0;
8772#else
8773 memprintf(err, "'%s': openssl library does not support async mode", args[0]);
8774 return -1;
8775#endif
8776}
8777
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200[diff] [blame]8778#ifndef OPENSSL_NO_ENGINE
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]8779static int ssl_check_async_engine_count(void) {
8780 int err_code = 0;
8781
Emeric Brun3854e012017-05-17 20:42:48 +0200[diff] [blame]8782 if (global_ssl.async && (openssl_engines_initialized > 32)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100[diff] [blame]8783 ha_alert("ssl-mode-async only supports a maximum of 32 engines.\n");
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]8784 err_code = ERR_ABORT;
8785 }
8786 return err_code;
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +0100[diff] [blame]8787}
8788
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]8789/* parse the "ssl-engine" keyword in global section.
8790 * Returns <0 on alert, >0 on warning, 0 on success.
8791 */
8792static int ssl_parse_global_ssl_engine(char **args, int section_type, struct proxy *curpx,
8793 struct proxy *defpx, const char *file, int line,
8794 char **err)
8795{
8796 char *algo;
8797 int ret = -1;
8798
8799 if (*(args[1]) == 0) {
8800 memprintf(err, "global statement '%s' expects a valid engine name as an argument.", args[0]);
8801 return ret;
8802 }
8803
8804 if (*(args[2]) == 0) {
8805 /* if no list of algorithms is given, it defaults to ALL */
8806 algo = strdup("ALL");
8807 goto add_engine;
8808 }
8809
8810 /* otherwise the expected format is ssl-engine <engine_name> algo <list of algo> */
8811 if (strcmp(args[2], "algo") != 0) {
8812 memprintf(err, "global statement '%s' expects to have algo keyword.", args[0]);
8813 return ret;
8814 }
8815
8816 if (*(args[3]) == 0) {
8817 memprintf(err, "global statement '%s' expects algorithm names as an argument.", args[0]);
8818 return ret;
8819 }
8820 algo = strdup(args[3]);
8821
8822add_engine:
8823 if (ssl_init_single_engine(args[1], algo)==0) {
8824 openssl_engines_initialized++;
8825 ret = 0;
8826 }
8827 free(algo);
8828 return ret;
8829}
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200[diff] [blame]8830#endif
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]8831
Willy Tarreauf22e9682016-12-21 23:23:19 +0100[diff] [blame]8832/* parse the "ssl-default-bind-ciphers" / "ssl-default-server-ciphers" keywords
8833 * in global section. Returns <0 on alert, >0 on warning, 0 on success.
8834 */
8835static int ssl_parse_global_ciphers(char **args, int section_type, struct proxy *curpx,
8836 struct proxy *defpx, const char *file, int line,
8837 char **err)
8838{
8839 char **target;
8840
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]8841 target = (args[0][12] == 'b') ? &global_ssl.listen_default_ciphers : &global_ssl.connect_default_ciphers;
Willy Tarreauf22e9682016-12-21 23:23:19 +0100[diff] [blame]8842
8843 if (too_many_args(1, args, err, NULL))
8844 return -1;
8845
8846 if (*(args[1]) == 0) {
8847 memprintf(err, "global statement '%s' expects a cipher suite as an argument.", args[0]);
8848 return -1;
8849 }
8850
8851 free(*target);
8852 *target = strdup(args[1]);
8853 return 0;
8854}
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]8855
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]8856#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]8857/* parse the "ssl-default-bind-ciphersuites" / "ssl-default-server-ciphersuites" keywords
8858 * in global section. Returns <0 on alert, >0 on warning, 0 on success.
8859 */
8860static int ssl_parse_global_ciphersuites(char **args, int section_type, struct proxy *curpx,
8861 struct proxy *defpx, const char *file, int line,
8862 char **err)
8863{
8864 char **target;
8865
8866 target = (args[0][12] == 'b') ? &global_ssl.listen_default_ciphersuites : &global_ssl.connect_default_ciphersuites;
8867
8868 if (too_many_args(1, args, err, NULL))
8869 return -1;
8870
8871 if (*(args[1]) == 0) {
8872 memprintf(err, "global statement '%s' expects a cipher suite as an argument.", args[0]);
8873 return -1;
8874 }
8875
8876 free(*target);
8877 *target = strdup(args[1]);
8878 return 0;
8879}
8880#endif
Willy Tarreauf22e9682016-12-21 23:23:19 +0100[diff] [blame]8881
Willy Tarreau9ceda382016-12-21 23:13:03 +0100[diff] [blame]8882/* parse various global tune.ssl settings consisting in positive integers.
8883 * Returns <0 on alert, >0 on warning, 0 on success.
8884 */
8885static int ssl_parse_global_int(char **args, int section_type, struct proxy *curpx,
8886 struct proxy *defpx, const char *file, int line,
8887 char **err)
8888{
8889 int *target;
8890
8891 if (strcmp(args[0], "tune.ssl.cachesize") == 0)
8892 target = &global.tune.sslcachesize;
8893 else if (strcmp(args[0], "tune.ssl.maxrecord") == 0)
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]8894 target = (int *)&global_ssl.max_record;
Willy Tarreau9ceda382016-12-21 23:13:03 +0100[diff] [blame]8895 else if (strcmp(args[0], "tune.ssl.ssl-ctx-cache-size") == 0)
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]8896 target = &global_ssl.ctx_cache;
Willy Tarreau0bea58d2016-12-21 23:17:25 +0100[diff] [blame]8897 else if (strcmp(args[0], "maxsslconn") == 0)
8898 target = &global.maxsslconn;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]8899 else if (strcmp(args[0], "tune.ssl.capture-cipherlist-size") == 0)
8900 target = &global_ssl.capture_cipherlist;
Willy Tarreau9ceda382016-12-21 23:13:03 +0100[diff] [blame]8901 else {
8902 memprintf(err, "'%s' keyword not unhandled (please report this bug).", args[0]);
8903 return -1;
8904 }
8905
8906 if (too_many_args(1, args, err, NULL))
8907 return -1;
8908
8909 if (*(args[1]) == 0) {
8910 memprintf(err, "'%s' expects an integer argument.", args[0]);
8911 return -1;
8912 }
8913
8914 *target = atoi(args[1]);
8915 if (*target < 0) {
8916 memprintf(err, "'%s' expects a positive numeric value.", args[0]);
8917 return -1;
8918 }
8919 return 0;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]8920}
8921
8922static int ssl_parse_global_capture_cipherlist(char **args, int section_type, struct proxy *curpx,
8923 struct proxy *defpx, const char *file, int line,
8924 char **err)
8925{
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]8926 int ret;
8927
8928 ret = ssl_parse_global_int(args, section_type, curpx, defpx, file, line, err);
8929 if (ret != 0)
8930 return ret;
8931
Willy Tarreaubafbe012017-11-24 17:34:44 +0100[diff] [blame]8932 if (pool_head_ssl_capture) {
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]8933 memprintf(err, "'%s' is already configured.", args[0]);
8934 return -1;
8935 }
8936
Willy Tarreaubafbe012017-11-24 17:34:44 +0100[diff] [blame]8937 pool_head_ssl_capture = create_pool("ssl-capture", sizeof(struct ssl_capture) + global_ssl.capture_cipherlist, MEM_F_SHARED);
8938 if (!pool_head_ssl_capture) {
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]8939 memprintf(err, "Out of memory error.");
8940 return -1;
8941 }
8942 return 0;
Willy Tarreau9ceda382016-12-21 23:13:03 +0100[diff] [blame]8943}
8944
8945/* parse "ssl.force-private-cache".
8946 * Returns <0 on alert, >0 on warning, 0 on success.
8947 */
8948static int ssl_parse_global_private_cache(char **args, int section_type, struct proxy *curpx,
8949 struct proxy *defpx, const char *file, int line,
8950 char **err)
8951{
8952 if (too_many_args(0, args, err, NULL))
8953 return -1;
8954
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]8955 global_ssl.private_cache = 1;
Willy Tarreau9ceda382016-12-21 23:13:03 +0100[diff] [blame]8956 return 0;
8957}
8958
8959/* parse "ssl.lifetime".
8960 * Returns <0 on alert, >0 on warning, 0 on success.
8961 */
8962static int ssl_parse_global_lifetime(char **args, int section_type, struct proxy *curpx,
8963 struct proxy *defpx, const char *file, int line,
8964 char **err)
8965{
8966 const char *res;
8967
8968 if (too_many_args(1, args, err, NULL))
8969 return -1;
8970
8971 if (*(args[1]) == 0) {
8972 memprintf(err, "'%s' expects ssl sessions <lifetime> in seconds as argument.", args[0]);
8973 return -1;
8974 }
8975
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]8976 res = parse_time_err(args[1], &global_ssl.life_time, TIME_UNIT_S);
Willy Tarreau9ceda382016-12-21 23:13:03 +0100[diff] [blame]8977 if (res) {
8978 memprintf(err, "unexpected character '%c' in argument to <%s>.", *res, args[0]);
8979 return -1;
8980 }
8981 return 0;
8982}
8983
8984#ifndef OPENSSL_NO_DH
Willy Tarreau14e36a12016-12-21 23:28:13 +0100[diff] [blame]8985/* parse "ssl-dh-param-file".
8986 * Returns <0 on alert, >0 on warning, 0 on success.
8987 */
8988static int ssl_parse_global_dh_param_file(char **args, int section_type, struct proxy *curpx,
8989 struct proxy *defpx, const char *file, int line,
8990 char **err)
8991{
8992 if (too_many_args(1, args, err, NULL))
8993 return -1;
8994
8995 if (*(args[1]) == 0) {
8996 memprintf(err, "'%s' expects a file path as an argument.", args[0]);
8997 return -1;
8998 }
8999
9000 if (ssl_sock_load_global_dh_param_from_file(args[1])) {
9001 memprintf(err, "'%s': unable to load DH parameters from file <%s>.", args[0], args[1]);
9002 return -1;
9003 }
9004 return 0;
9005}
9006
Willy Tarreau9ceda382016-12-21 23:13:03 +0100[diff] [blame]9007/* parse "ssl.default-dh-param".
9008 * Returns <0 on alert, >0 on warning, 0 on success.
9009 */
9010static int ssl_parse_global_default_dh(char **args, int section_type, struct proxy *curpx,
9011 struct proxy *defpx, const char *file, int line,
9012 char **err)
9013{
9014 if (too_many_args(1, args, err, NULL))
9015 return -1;
9016
9017 if (*(args[1]) == 0) {
9018 memprintf(err, "'%s' expects an integer argument.", args[0]);
9019 return -1;
9020 }
9021
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]9022 global_ssl.default_dh_param = atoi(args[1]);
9023 if (global_ssl.default_dh_param < 1024) {
Willy Tarreau9ceda382016-12-21 23:13:03 +0100[diff] [blame]9024 memprintf(err, "'%s' expects a value >= 1024.", args[0]);
9025 return -1;
9026 }
9027 return 0;
9028}
9029#endif
9030
9031
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9032/* This function is used with TLS ticket keys management. It permits to browse
9033 * each reference. The variable <getnext> must contain the current node,
9034 * <end> point to the root node.
9035 */
9036#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
9037static inline
9038struct tls_keys_ref *tlskeys_list_get_next(struct tls_keys_ref *getnext, struct list *end)
9039{
9040 struct tls_keys_ref *ref = getnext;
9041
9042 while (1) {
9043
9044 /* Get next list entry. */
9045 ref = LIST_NEXT(&ref->list, struct tls_keys_ref *, list);
9046
9047 /* If the entry is the last of the list, return NULL. */
9048 if (&ref->list == end)
9049 return NULL;
9050
9051 return ref;
9052 }
9053}
9054
9055static inline
9056struct tls_keys_ref *tlskeys_ref_lookup_ref(const char *reference)
9057{
9058 int id;
9059 char *error;
9060
9061 /* If the reference starts by a '#', this is numeric id. */
9062 if (reference[0] == '#') {
9063 /* Try to convert the numeric id. If the conversion fails, the lookup fails. */
9064 id = strtol(reference + 1, &error, 10);
9065 if (*error != '\0')
9066 return NULL;
9067
9068 /* Perform the unique id lookup. */
9069 return tlskeys_ref_lookupid(id);
9070 }
9071
9072 /* Perform the string lookup. */
9073 return tlskeys_ref_lookup(reference);
9074}
9075#endif
9076
9077
9078#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
9079
9080static int cli_io_handler_tlskeys_files(struct appctx *appctx);
9081
9082static inline int cli_io_handler_tlskeys_entries(struct appctx *appctx) {
9083 return cli_io_handler_tlskeys_files(appctx);
9084}
9085
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9086/* dumps all tls keys. Relies on cli.i0 (non-null = only list file names), cli.i1
9087 * (next index to be dumped), and cli.p0 (next key reference).
9088 */
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9089static int cli_io_handler_tlskeys_files(struct appctx *appctx) {
9090
9091 struct stream_interface *si = appctx->owner;
9092
9093 switch (appctx->st2) {
9094 case STAT_ST_INIT:
9095 /* Display the column headers. If the message cannot be sent,
Joseph Herlant017b3da2018-11-15 09:07:59 -0800[diff] [blame]9096 * quit the function with returning 0. The function is called
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9097 * later and restart at the state "STAT_ST_INIT".
9098 */
9099 chunk_reset(&trash);
9100
9101 if (appctx->io_handler == cli_io_handler_tlskeys_entries)
9102 chunk_appendf(&trash, "# id secret\n");
9103 else
9104 chunk_appendf(&trash, "# id (file)\n");
9105
Willy Tarreau06d80a92017-10-19 14:32:15 +0200[diff] [blame]9106 if (ci_putchk(si_ic(si), &trash) == -1) {
Willy Tarreaudb398432018-11-15 11:08:52 +0100[diff] [blame]9107 si_rx_room_blk(si);
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9108 return 0;
9109 }
9110
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9111 /* Now, we start the browsing of the references lists.
9112 * Note that the following call to LIST_ELEM return bad pointer. The only
9113 * available field of this pointer is <list>. It is used with the function
9114 * tlskeys_list_get_next() for retruning the first available entry
9115 */
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9116 if (appctx->ctx.cli.p0 == NULL) {
9117 appctx->ctx.cli.p0 = LIST_ELEM(&tlskeys_reference, struct tls_keys_ref *, list);
9118 appctx->ctx.cli.p0 = tlskeys_list_get_next(appctx->ctx.cli.p0, &tlskeys_reference);
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9119 }
9120
9121 appctx->st2 = STAT_ST_LIST;
9122 /* fall through */
9123
9124 case STAT_ST_LIST:
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9125 while (appctx->ctx.cli.p0) {
9126 struct tls_keys_ref *ref = appctx->ctx.cli.p0;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9127
9128 chunk_reset(&trash);
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9129 if (appctx->io_handler == cli_io_handler_tlskeys_entries && appctx->ctx.cli.i1 == 0)
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9130 chunk_appendf(&trash, "# ");
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9131
9132 if (appctx->ctx.cli.i1 == 0)
9133 chunk_appendf(&trash, "%d (%s)\n", ref->unique_id, ref->filename);
9134
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9135 if (appctx->io_handler == cli_io_handler_tlskeys_entries) {
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]9136 int head;
9137
9138 HA_RWLOCK_RDLOCK(TLSKEYS_REF_LOCK, &ref->lock);
9139 head = ref->tls_ticket_enc_index;
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9140 while (appctx->ctx.cli.i1 < TLS_TICKETS_NO) {
Willy Tarreau83061a82018-07-13 11:56:34 +0200[diff] [blame]9141 struct buffer *t2 = get_trash_chunk();
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9142
9143 chunk_reset(t2);
9144 /* should never fail here because we dump only a key in the t2 buffer */
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]9145 if (ref->key_size_bits == 128) {
9146 t2->data = a2base64((char *)(ref->tlskeys + (head + 2 + appctx->ctx.cli.i1) % TLS_TICKETS_NO),
9147 sizeof(struct tls_sess_key_128),
9148 t2->area, t2->size);
9149 chunk_appendf(&trash, "%d.%d %s\n", ref->unique_id, appctx->ctx.cli.i1,
9150 t2->area);
9151 }
9152 else if (ref->key_size_bits == 256) {
9153 t2->data = a2base64((char *)(ref->tlskeys + (head + 2 + appctx->ctx.cli.i1) % TLS_TICKETS_NO),
9154 sizeof(struct tls_sess_key_256),
9155 t2->area, t2->size);
9156 chunk_appendf(&trash, "%d.%d %s\n", ref->unique_id, appctx->ctx.cli.i1,
9157 t2->area);
9158 }
9159 else {
9160 /* This case should never happen */
9161 chunk_appendf(&trash, "%d.%d <unknown>\n", ref->unique_id, appctx->ctx.cli.i1);
9162 }
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9163
Willy Tarreau06d80a92017-10-19 14:32:15 +0200[diff] [blame]9164 if (ci_putchk(si_ic(si), &trash) == -1) {
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9165 /* let's try again later from this stream. We add ourselves into
9166 * this stream's users so that it can remove us upon termination.
9167 */
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]9168 HA_RWLOCK_RDUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Willy Tarreaudb398432018-11-15 11:08:52 +0100[diff] [blame]9169 si_rx_room_blk(si);
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9170 return 0;
9171 }
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9172 appctx->ctx.cli.i1++;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9173 }
Christopher Faulet16f45c82018-02-16 11:23:49 +0100[diff] [blame]9174 HA_RWLOCK_RDUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9175 appctx->ctx.cli.i1 = 0;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9176 }
Willy Tarreau06d80a92017-10-19 14:32:15 +0200[diff] [blame]9177 if (ci_putchk(si_ic(si), &trash) == -1) {
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9178 /* let's try again later from this stream. We add ourselves into
9179 * this stream's users so that it can remove us upon termination.
9180 */
Willy Tarreaudb398432018-11-15 11:08:52 +0100[diff] [blame]9181 si_rx_room_blk(si);
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9182 return 0;
9183 }
9184
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9185 if (appctx->ctx.cli.i0 == 0) /* don't display everything if not necessary */
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9186 break;
9187
9188 /* get next list entry and check the end of the list */
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9189 appctx->ctx.cli.p0 = tlskeys_list_get_next(appctx->ctx.cli.p0, &tlskeys_reference);
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9190 }
9191
9192 appctx->st2 = STAT_ST_FIN;
9193 /* fall through */
9194
9195 default:
9196 appctx->st2 = STAT_ST_FIN;
9197 return 1;
9198 }
9199 return 0;
9200}
9201
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9202/* sets cli.i0 to non-zero if only file lists should be dumped */
Aurélien Nephtaliabbf6072018-04-18 13:26:46 +0200[diff] [blame]9203static int cli_parse_show_tlskeys(char **args, char *payload, struct appctx *appctx, void *private)
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9204{
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9205 /* no parameter, shows only file list */
9206 if (!*args[2]) {
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9207 appctx->ctx.cli.i0 = 1;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9208 appctx->io_handler = cli_io_handler_tlskeys_files;
Willy Tarreau3067bfa2016-12-05 14:50:15 +0100[diff] [blame]9209 return 0;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9210 }
9211
9212 if (args[2][0] == '*') {
9213 /* list every TLS ticket keys */
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9214 appctx->ctx.cli.i0 = 1;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9215 } else {
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9216 appctx->ctx.cli.p0 = tlskeys_ref_lookup_ref(args[2]);
9217 if (!appctx->ctx.cli.p0) {
Andjelko Iharosc3680ec2017-07-20 16:49:14 +0200[diff] [blame]9218 appctx->ctx.cli.severity = LOG_ERR;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9219 appctx->ctx.cli.msg = "'show tls-keys' unable to locate referenced filename\n";
Willy Tarreau3b6e5472016-11-24 15:53:53 +0100[diff] [blame]9220 appctx->st0 = CLI_ST_PRINT;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9221 return 1;
9222 }
9223 }
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9224 appctx->io_handler = cli_io_handler_tlskeys_entries;
Willy Tarreau3067bfa2016-12-05 14:50:15 +0100[diff] [blame]9225 return 0;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9226}
9227
Aurélien Nephtaliabbf6072018-04-18 13:26:46 +0200[diff] [blame]9228static int cli_parse_set_tlskeys(char **args, char *payload, struct appctx *appctx, void *private)
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9229{
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9230 struct tls_keys_ref *ref;
Willy Tarreau1c913e42018-08-22 05:26:57 +0200[diff] [blame]9231 int ret;
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9232
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9233 /* Expect two parameters: the filename and the new new TLS key in encoding */
9234 if (!*args[3] || !*args[4]) {
Andjelko Iharosc3680ec2017-07-20 16:49:14 +0200[diff] [blame]9235 appctx->ctx.cli.severity = LOG_ERR;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9236 appctx->ctx.cli.msg = "'set ssl tls-key' expects a filename and the new TLS key in base64 encoding.\n";
Willy Tarreau3b6e5472016-11-24 15:53:53 +0100[diff] [blame]9237 appctx->st0 = CLI_ST_PRINT;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9238 return 1;
9239 }
9240
Willy Tarreauf5f26e82016-12-16 18:47:27 +0100[diff] [blame]9241 ref = tlskeys_ref_lookup_ref(args[3]);
9242 if (!ref) {
Andjelko Iharosc3680ec2017-07-20 16:49:14 +0200[diff] [blame]9243 appctx->ctx.cli.severity = LOG_ERR;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9244 appctx->ctx.cli.msg = "'set ssl tls-key' unable to locate referenced filename\n";
Willy Tarreau3b6e5472016-11-24 15:53:53 +0100[diff] [blame]9245 appctx->st0 = CLI_ST_PRINT;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9246 return 1;
9247 }
9248
Willy Tarreau1c913e42018-08-22 05:26:57 +0200[diff] [blame]9249 ret = base64dec(args[4], strlen(args[4]), trash.area, trash.size);
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]9250 if (ret < 0) {
Andjelko Iharosc3680ec2017-07-20 16:49:14 +0200[diff] [blame]9251 appctx->ctx.cli.severity = LOG_ERR;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9252 appctx->ctx.cli.msg = "'set ssl tls-key' received invalid base64 encoded TLS key.\n";
Willy Tarreau3b6e5472016-11-24 15:53:53 +0100[diff] [blame]9253 appctx->st0 = CLI_ST_PRINT;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9254 return 1;
9255 }
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]9256
Willy Tarreau1c913e42018-08-22 05:26:57 +0200[diff] [blame]9257 trash.data = ret;
Emeric Brun9e754772019-01-10 17:51:55 +0100[diff] [blame]9258 if (ssl_sock_update_tlskey_ref(ref, &trash) < 0) {
9259 appctx->ctx.cli.severity = LOG_ERR;
9260 appctx->ctx.cli.msg = "'set ssl tls-key' received a key of wrong size.\n";
9261 appctx->st0 = CLI_ST_PRINT;
9262 return 1;
9263 }
Andjelko Iharosc3680ec2017-07-20 16:49:14 +0200[diff] [blame]9264 appctx->ctx.cli.severity = LOG_INFO;
Aurélien Nephtali6e8a41d2018-03-15 21:48:50 +0100[diff] [blame]9265 appctx->ctx.cli.msg = "TLS ticket key updated!\n";
Willy Tarreau3b6e5472016-11-24 15:53:53 +0100[diff] [blame]9266 appctx->st0 = CLI_ST_PRINT;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9267 return 1;
9268
9269}
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]9270#endif
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9271
Aurélien Nephtaliabbf6072018-04-18 13:26:46 +0200[diff] [blame]9272static int cli_parse_set_ocspresponse(char **args, char *payload, struct appctx *appctx, void *private)
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9273{
9274#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
9275 char *err = NULL;
Willy Tarreau1c913e42018-08-22 05:26:57 +0200[diff] [blame]9276 int i, j, ret;
Aurélien Nephtali1e0867c2018-04-18 14:04:58 +0200[diff] [blame]9277
9278 if (!payload)
9279 payload = args[3];
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9280
9281 /* Expect one parameter: the new response in base64 encoding */
Aurélien Nephtali1e0867c2018-04-18 14:04:58 +0200[diff] [blame]9282 if (!*payload) {
Andjelko Iharosc3680ec2017-07-20 16:49:14 +0200[diff] [blame]9283 appctx->ctx.cli.severity = LOG_ERR;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9284 appctx->ctx.cli.msg = "'set ssl ocsp-response' expects response in base64 encoding.\n";
Willy Tarreau3b6e5472016-11-24 15:53:53 +0100[diff] [blame]9285 appctx->st0 = CLI_ST_PRINT;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9286 return 1;
9287 }
Aurélien Nephtali1e0867c2018-04-18 14:04:58 +0200[diff] [blame]9288
9289 /* remove \r and \n from the payload */
9290 for (i = 0, j = 0; payload[i]; i++) {
9291 if (payload[i] == '\r' || payload[i] == '\n')
9292 continue;
9293 payload[j++] = payload[i];
9294 }
9295 payload[j] = 0;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9296
Willy Tarreau1c913e42018-08-22 05:26:57 +0200[diff] [blame]9297 ret = base64dec(payload, j, trash.area, trash.size);
9298 if (ret < 0) {
Andjelko Iharosc3680ec2017-07-20 16:49:14 +0200[diff] [blame]9299 appctx->ctx.cli.severity = LOG_ERR;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9300 appctx->ctx.cli.msg = "'set ssl ocsp-response' received invalid base64 encoded response.\n";
Willy Tarreau3b6e5472016-11-24 15:53:53 +0100[diff] [blame]9301 appctx->st0 = CLI_ST_PRINT;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9302 return 1;
9303 }
9304
Willy Tarreau1c913e42018-08-22 05:26:57 +0200[diff] [blame]9305 trash.data = ret;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9306 if (ssl_sock_update_ocsp_response(&trash, &err)) {
9307 if (err) {
9308 memprintf(&err, "%s.\n", err);
9309 appctx->ctx.cli.err = err;
Willy Tarreau3b6e5472016-11-24 15:53:53 +0100[diff] [blame]9310 appctx->st0 = CLI_ST_PRINT_FREE;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9311 }
Aurélien Nephtali9a4da682018-04-16 19:02:42 +0200[diff] [blame]9312 else {
9313 appctx->ctx.cli.severity = LOG_ERR;
9314 appctx->ctx.cli.msg = "Failed to update OCSP response.\n";
9315 appctx->st0 = CLI_ST_PRINT;
9316 }
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9317 return 1;
9318 }
Andjelko Iharosc3680ec2017-07-20 16:49:14 +0200[diff] [blame]9319 appctx->ctx.cli.severity = LOG_INFO;
Aurélien Nephtali6e8a41d2018-03-15 21:48:50 +0100[diff] [blame]9320 appctx->ctx.cli.msg = "OCSP Response updated!\n";
Willy Tarreau3b6e5472016-11-24 15:53:53 +0100[diff] [blame]9321 appctx->st0 = CLI_ST_PRINT;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9322 return 1;
9323#else
Andjelko Iharosc3680ec2017-07-20 16:49:14 +0200[diff] [blame]9324 appctx->ctx.cli.severity = LOG_ERR;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9325 appctx->ctx.cli.msg = "HAProxy was compiled against a version of OpenSSL that doesn't support OCSP stapling.\n";
Willy Tarreau3b6e5472016-11-24 15:53:53 +0100[diff] [blame]9326 appctx->st0 = CLI_ST_PRINT;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9327 return 1;
9328#endif
9329
Nenad Merdanovicc31499d2019-03-23 11:00:32 +0100[diff] [blame]9330}
9331
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]9332#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined LIBRESSL_VERSION_NUMBER)
Nenad Merdanovicc31499d2019-03-23 11:00:32 +0100[diff] [blame]9333static inline int sample_conv_var2smp_str(const struct arg *arg, struct sample *smp)
9334{
9335 switch (arg->type) {
9336 case ARGT_STR:
9337 smp->data.type = SMP_T_STR;
9338 smp->data.u.str = arg->data.str;
9339 return 1;
9340 case ARGT_VAR:
9341 if (!vars_get_by_desc(&arg->data.var, smp))
9342 return 0;
9343 if (!sample_casts[smp->data.type][SMP_T_STR])
9344 return 0;
9345 if (!sample_casts[smp->data.type][SMP_T_STR](smp))
9346 return 0;
9347 return 1;
9348 default:
9349 return 0;
9350 }
9351}
9352
9353static int check_aes_gcm(struct arg *args, struct sample_conv *conv,
9354 const char *file, int line, char **err)
9355{
9356 switch(args[0].data.sint) {
9357 case 128:
9358 case 192:
9359 case 256:
9360 break;
9361 default:
9362 memprintf(err, "key size must be 128, 192 or 256 (bits).");
9363 return 0;
9364 }
9365 /* Try to decode a variable. */
9366 vars_check_arg(&args[1], NULL);
9367 vars_check_arg(&args[2], NULL);
9368 vars_check_arg(&args[3], NULL);
9369 return 1;
9370}
9371
9372/* Arguements: AES size in bits, nonce, key, tag. The last three arguments are base64 encoded */
9373static int sample_conv_aes_gcm_dec(const struct arg *arg_p, struct sample *smp, void *private)
9374{
9375 struct sample nonce, key, aead_tag;
9376 struct buffer *smp_trash, *smp_trash_alloc;
9377 EVP_CIPHER_CTX *ctx;
9378 int dec_size, ret;
9379
9380 smp_set_owner(&nonce, smp->px, smp->sess, smp->strm, smp->opt);
9381 if (!sample_conv_var2smp_str(&arg_p[1], &nonce))
9382 return 0;
9383
9384 smp_set_owner(&key, smp->px, smp->sess, smp->strm, smp->opt);
9385 if (!sample_conv_var2smp_str(&arg_p[2], &key))
9386 return 0;
9387
9388 smp_set_owner(&aead_tag, smp->px, smp->sess, smp->strm, smp->opt);
9389 if (!sample_conv_var2smp_str(&arg_p[3], &aead_tag))
9390 return 0;
9391
9392 smp_trash = get_trash_chunk();
9393 smp_trash_alloc = alloc_trash_chunk();
9394 if (!smp_trash_alloc)
9395 return 0;
9396
9397 ctx = EVP_CIPHER_CTX_new();
9398
9399 if (!ctx)
9400 goto err;
9401
9402 dec_size = base64dec(nonce.data.u.str.area, nonce.data.u.str.data, smp_trash->area, smp_trash->size);
9403 if (dec_size < 0)
9404 goto err;
9405 smp_trash->data = dec_size;
9406
9407 /* Set cipher type and mode */
9408 switch(arg_p[0].data.sint) {
9409 case 128:
9410 EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL);
9411 break;
9412 case 192:
9413 EVP_DecryptInit_ex(ctx, EVP_aes_192_gcm(), NULL, NULL, NULL);
9414 break;
9415 case 256:
9416 EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL);
9417 break;
9418 }
9419
9420 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, smp_trash->data, NULL);
9421
9422 /* Initialise IV */
9423 if(!EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, (unsigned char *) smp_trash->area))
9424 goto err;
9425
9426 dec_size = base64dec(key.data.u.str.area, key.data.u.str.data, smp_trash->area, smp_trash->size);
9427 if (dec_size < 0)
9428 goto err;
9429 smp_trash->data = dec_size;
9430
9431 /* Initialise key */
9432 if (!EVP_DecryptInit_ex(ctx, NULL, NULL, (unsigned char *) smp_trash->area, NULL))
9433 goto err;
9434
9435 if (!EVP_DecryptUpdate(ctx, (unsigned char *) smp_trash->area, (int *) &smp_trash->data,
9436 (unsigned char *) smp->data.u.str.area, (int) smp->data.u.str.data))
9437 goto err;
9438
9439 dec_size = base64dec(aead_tag.data.u.str.area, aead_tag.data.u.str.data, smp_trash_alloc->area, smp_trash_alloc->size);
9440 if (dec_size < 0)
9441 goto err;
9442 smp_trash_alloc->data = dec_size;
9443 dec_size = smp_trash->data;
9444
9445 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, smp_trash_alloc->data, (void *) smp_trash_alloc->area);
9446 ret = EVP_DecryptFinal_ex(ctx, (unsigned char *) smp_trash->area + smp_trash->data, (int *) &smp_trash->data);
9447
9448 if (ret <= 0)
9449 goto err;
9450
9451 smp->data.u.str.data = dec_size + smp_trash->data;
9452 smp->data.u.str.area = smp_trash->area;
9453 smp->data.type = SMP_T_BIN;
9454 smp->flags &= ~SMP_F_CONST;
9455 free_trash_chunk(smp_trash_alloc);
9456 return 1;
9457
9458err:
9459 free_trash_chunk(smp_trash_alloc);
9460 return 0;
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9461}
Nenad Merdanovicc31499d2019-03-23 11:00:32 +0100[diff] [blame]9462# endif
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9463
9464/* register cli keywords */
9465static struct cli_kw_list cli_kws = {{ },{
9466#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
9467 { { "show", "tls-keys", NULL }, "show tls-keys [id|*]: show tls keys references or dump tls ticket keys when id specified", cli_parse_show_tlskeys, NULL },
Lukas Tribusf4bbc432017-10-24 12:26:31 +0200[diff] [blame]9468 { { "set", "ssl", "tls-key", NULL }, "set ssl tls-key [id|keyfile] <tlskey>: set the next TLS key for the <id> or <keyfile> listener to <tlskey>", cli_parse_set_tlskeys, NULL },
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9469#endif
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100[diff] [blame]9470 { { "set", "ssl", "ocsp-response", NULL }, NULL, cli_parse_set_ocspresponse, NULL },
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9471 { { NULL }, NULL, NULL, NULL }
9472}};
9473
Willy Tarreau0108d902018-11-25 19:14:37 +0100[diff] [blame]9474INITCALL1(STG_REGISTER, cli_register_kw, &cli_kws);
William Lallemand32af2032016-10-29 18:09:35 +0200[diff] [blame]9475
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]9476/* Note: must not be declared <const> as its list will be overwritten.
9477 * Please take care of keeping this list alphabetically sorted.
9478 */
Willy Tarreaudc13c112013-06-21 23:16:39 +0200[diff] [blame]9479static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
Emeric Brun645ae792014-04-30 14:21:06 +0200[diff] [blame]9480 { "ssl_bc", smp_fetch_ssl_fc, 0, NULL, SMP_T_BOOL, SMP_USE_L5SRV },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +0200[diff] [blame]9481 { "ssl_bc_alg_keysize", smp_fetch_ssl_fc_alg_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5SRV },
Olivier Houchard6b77f492018-11-22 18:18:29 +0100[diff] [blame]9482#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Jérôme Magnine064a802018-12-03 22:21:04 +0100[diff] [blame]9483 { "ssl_bc_alpn", smp_fetch_ssl_fc_alpn, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
Olivier Houchard6b77f492018-11-22 18:18:29 +0100[diff] [blame]9484#endif
Emeric Brun645ae792014-04-30 14:21:06 +0200[diff] [blame]9485 { "ssl_bc_cipher", smp_fetch_ssl_fc_cipher, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
Olivier Houchard6b77f492018-11-22 18:18:29 +0100[diff] [blame]9486#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
9487 { "ssl_bc_npn", smp_fetch_ssl_fc_npn, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
9488#endif
Emeric Brun74f7ffa2018-02-19 16:14:12 +0100[diff] [blame]9489 { "ssl_bc_is_resumed", smp_fetch_ssl_fc_is_resumed, 0, NULL, SMP_T_BOOL, SMP_USE_L5SRV },
Emeric Brun645ae792014-04-30 14:21:06 +0200[diff] [blame]9490 { "ssl_bc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
Emeric Brunb73a9b02014-04-30 18:49:19 +0200[diff] [blame]9491 { "ssl_bc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +0200[diff] [blame]9492 { "ssl_bc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5SRV },
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]9493#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Emeric Brun645ae792014-04-30 14:21:06 +0200[diff] [blame]9494 { "ssl_bc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
Patrick Hemmer41966772018-04-28 19:15:48 -0400[diff] [blame]9495#endif
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]9496#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L || defined(OPENSSL_IS_BORINGSSL)
Patrick Hemmere0275472018-04-28 19:15:51 -0400[diff] [blame]9497 { "ssl_bc_session_key", smp_fetch_ssl_fc_session_key, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
9498#endif
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +0200[diff] [blame]9499 { "ssl_c_ca_err", smp_fetch_ssl_c_ca_err, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
9500 { "ssl_c_ca_err_depth", smp_fetch_ssl_c_ca_err_depth, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]9501 { "ssl_c_der", smp_fetch_ssl_x_der, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +0200[diff] [blame]9502 { "ssl_c_err", smp_fetch_ssl_c_err, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]9503 { "ssl_c_i_dn", smp_fetch_ssl_x_i_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
9504 { "ssl_c_key_alg", smp_fetch_ssl_x_key_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
9505 { "ssl_c_notafter", smp_fetch_ssl_x_notafter, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
9506 { "ssl_c_notbefore", smp_fetch_ssl_x_notbefore, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
9507 { "ssl_c_sig_alg", smp_fetch_ssl_x_sig_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
9508 { "ssl_c_s_dn", smp_fetch_ssl_x_s_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
9509 { "ssl_c_serial", smp_fetch_ssl_x_serial, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
9510 { "ssl_c_sha1", smp_fetch_ssl_x_sha1, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +0100[diff] [blame]9511 { "ssl_c_used", smp_fetch_ssl_c_used, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +0200[diff] [blame]9512 { "ssl_c_verify", smp_fetch_ssl_c_verify, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
9513 { "ssl_c_version", smp_fetch_ssl_x_version, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Emeric Brun43e79582014-10-29 19:03:26 +0100[diff] [blame]9514 { "ssl_f_der", smp_fetch_ssl_x_der, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +0200[diff] [blame]9515 { "ssl_f_i_dn", smp_fetch_ssl_x_i_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
9516 { "ssl_f_key_alg", smp_fetch_ssl_x_key_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
9517 { "ssl_f_notafter", smp_fetch_ssl_x_notafter, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
9518 { "ssl_f_notbefore", smp_fetch_ssl_x_notbefore, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
9519 { "ssl_f_sig_alg", smp_fetch_ssl_x_sig_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
9520 { "ssl_f_s_dn", smp_fetch_ssl_x_s_dn, ARG2(0,STR,SINT), NULL, SMP_T_STR, SMP_USE_L5CLI },
9521 { "ssl_f_serial", smp_fetch_ssl_x_serial, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Emeric Brun55f4fa82014-04-30 17:11:25 +0200[diff] [blame]9522 { "ssl_f_sha1", smp_fetch_ssl_x_sha1, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +0200[diff] [blame]9523 { "ssl_f_version", smp_fetch_ssl_x_version, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +0100[diff] [blame]9524 { "ssl_fc", smp_fetch_ssl_fc, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +0200[diff] [blame]9525 { "ssl_fc_alg_keysize", smp_fetch_ssl_fc_alg_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]9526 { "ssl_fc_cipher", smp_fetch_ssl_fc_cipher, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +0100[diff] [blame]9527 { "ssl_fc_has_crt", smp_fetch_ssl_fc_has_crt, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Olivier Houchardccaa7de2017-10-02 11:51:03 +0200[diff] [blame]9528 { "ssl_fc_has_early", smp_fetch_ssl_fc_has_early, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +0100[diff] [blame]9529 { "ssl_fc_has_sni", smp_fetch_ssl_fc_has_sni, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Nenad Merdanovic26ea8222015-05-18 02:28:57 +0200[diff] [blame]9530 { "ssl_fc_is_resumed", smp_fetch_ssl_fc_is_resumed, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Bernard Spil13c53f82018-02-15 13:34:58 +0100[diff] [blame]9531#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]9532 { "ssl_fc_npn", smp_fetch_ssl_fc_npn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreaua33c6542012-10-15 13:19:06 +0200[diff] [blame]9533#endif
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +0100[diff] [blame]9534#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]9535 { "ssl_fc_alpn", smp_fetch_ssl_fc_alpn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreauab861d32013-04-02 02:30:41 +0200[diff] [blame]9536#endif
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]9537 { "ssl_fc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]9538#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Emeric Brunb73a9b02014-04-30 18:49:19 +0200[diff] [blame]9539 { "ssl_fc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Patrick Hemmer41966772018-04-28 19:15:48 -0400[diff] [blame]9540#endif
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +0200[diff] [blame]9541 { "ssl_fc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]9542#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]9543 { "ssl_fc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Patrick Hemmer41966772018-04-28 19:15:48 -0400[diff] [blame]9544#endif
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]9545#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L || defined(OPENSSL_IS_BORINGSSL)
Patrick Hemmere0275472018-04-28 19:15:51 -0400[diff] [blame]9546 { "ssl_fc_session_key", smp_fetch_ssl_fc_session_key, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
9547#endif
Patrick Hemmer41966772018-04-28 19:15:48 -0400[diff] [blame]9548#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]9549 { "ssl_fc_sni", smp_fetch_ssl_fc_sni, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Patrick Hemmer41966772018-04-28 19:15:48 -0400[diff] [blame]9550#endif
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]9551 { "ssl_fc_cipherlist_bin", smp_fetch_ssl_fc_cl_bin, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
9552 { "ssl_fc_cipherlist_hex", smp_fetch_ssl_fc_cl_hex, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
9553 { "ssl_fc_cipherlist_str", smp_fetch_ssl_fc_cl_str, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
9554 { "ssl_fc_cipherlist_xxh", smp_fetch_ssl_fc_cl_xxh64, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]9555 { NULL, NULL, 0, 0, 0 },
9556}};
9557
Willy Tarreau0108d902018-11-25 19:14:37 +0100[diff] [blame]9558INITCALL1(STG_REGISTER, sample_register_fetches, &sample_fetch_keywords);
9559
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]9560/* Note: must not be declared <const> as its list will be overwritten.
9561 * Please take care of keeping this list alphabetically sorted.
9562 */
Willy Tarreaudc13c112013-06-21 23:16:39 +0200[diff] [blame]9563static struct acl_kw_list acl_kws = {ILH, {
Thierry FOURNIERc5a4e982014-03-05 16:07:08 +0100[diff] [blame]9564 { "ssl_fc_sni_end", "ssl_fc_sni", PAT_MATCH_END },
9565 { "ssl_fc_sni_reg", "ssl_fc_sni", PAT_MATCH_REG },
Willy Tarreau8ed669b2013-01-11 15:49:37 +0100[diff] [blame]9566 { /* END */ },
Willy Tarreau7875d092012-09-10 08:20:03 +0200[diff] [blame]9567}};
9568
Willy Tarreau0108d902018-11-25 19:14:37 +0100[diff] [blame]9569INITCALL1(STG_REGISTER, acl_register_keywords, &acl_kws);
9570
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]9571/* Note: must not be declared <const> as its list will be overwritten.
9572 * Please take care of keeping this list alphabetically sorted, doing so helps
9573 * all code contributors.
9574 * Optional keywords are also declared with a NULL ->parse() function so that
9575 * the config parser can report an appropriate error when a known keyword was
9576 * not enabled.
9577 */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]9578static struct ssl_bind_kw ssl_bind_kws[] = {
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]9579 { "allow-0rtt", ssl_bind_parse_allow_0rtt, 0 }, /* allow 0-RTT */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]9580 { "alpn", ssl_bind_parse_alpn, 1 }, /* set ALPN supported protocols */
9581 { "ca-file", ssl_bind_parse_ca_file, 1 }, /* set CAfile to process verify on client cert */
9582 { "ciphers", ssl_bind_parse_ciphers, 1 }, /* set SSL cipher suite */
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]9583#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]9584 { "ciphersuites", ssl_bind_parse_ciphersuites, 1 }, /* set TLS 1.3 cipher suite */
9585#endif
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]9586 { "crl-file", ssl_bind_parse_crl_file, 1 }, /* set certificat revocation list file use on client cert verify */
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +0100[diff] [blame]9587 { "curves", ssl_bind_parse_curves, 1 }, /* set SSL curve suite */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]9588 { "ecdhe", ssl_bind_parse_ecdhe, 1 }, /* defines named curve for elliptic curve Diffie-Hellman */
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +0200[diff] [blame]9589 { "no-ca-names", ssl_bind_parse_no_ca_names, 0 }, /* do not send ca names to clients (ca_file related) */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]9590 { "npn", ssl_bind_parse_npn, 1 }, /* set NPN supported protocols */
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +0200[diff] [blame]9591 { "ssl-min-ver", ssl_bind_parse_tls_method_minmax,1 }, /* minimum version */
9592 { "ssl-max-ver", ssl_bind_parse_tls_method_minmax,1 }, /* maximum version */
Emmanuel Hocdet98263292016-12-29 18:26:15 +0100[diff] [blame]9593 { "verify", ssl_bind_parse_verify, 1 }, /* set SSL verify method */
9594 { NULL, NULL, 0 },
9595};
9596
Willy Tarreau0108d902018-11-25 19:14:37 +0100[diff] [blame]9597/* no initcall for ssl_bind_kws, these ones are parsed in the parser loop */
9598
Willy Tarreau51fb7652012-09-18 18:24:39 +0200[diff] [blame]9599static struct bind_kw_list bind_kws = { "SSL", { }, {
Olivier Houchardc2aae742017-09-22 18:26:28 +0200[diff] [blame]9600 { "allow-0rtt", bind_parse_allow_0rtt, 0 }, /* Allow 0RTT */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]9601 { "alpn", bind_parse_alpn, 1 }, /* set ALPN supported protocols */
9602 { "ca-file", bind_parse_ca_file, 1 }, /* set CAfile to process verify on client cert */
9603 { "ca-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ignore on verify depth > 0 */
9604 { "ca-sign-file", bind_parse_ca_sign_file, 1 }, /* set CAFile used to generate and sign server certs */
9605 { "ca-sign-pass", bind_parse_ca_sign_pass, 1 }, /* set CAKey passphrase */
9606 { "ciphers", bind_parse_ciphers, 1 }, /* set SSL cipher suite */
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]9607#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]9608 { "ciphersuites", bind_parse_ciphersuites, 1 }, /* set TLS 1.3 cipher suite */
9609#endif
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]9610 { "crl-file", bind_parse_crl_file, 1 }, /* set certificat revocation list file use on client cert verify */
9611 { "crt", bind_parse_crt, 1 }, /* load SSL certificates from this location */
9612 { "crt-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ingore on verify depth == 0 */
9613 { "crt-list", bind_parse_crt_list, 1 }, /* load a list of crt from this location */
9614 { "curves", bind_parse_curves, 1 }, /* set SSL curve suite */
9615 { "ecdhe", bind_parse_ecdhe, 1 }, /* defines named curve for elliptic curve Diffie-Hellman */
9616 { "force-sslv3", bind_parse_tls_method_options, 0 }, /* force SSLv3 */
9617 { "force-tlsv10", bind_parse_tls_method_options, 0 }, /* force TLSv10 */
9618 { "force-tlsv11", bind_parse_tls_method_options, 0 }, /* force TLSv11 */
9619 { "force-tlsv12", bind_parse_tls_method_options, 0 }, /* force TLSv12 */
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +0200[diff] [blame]9620 { "force-tlsv13", bind_parse_tls_method_options, 0 }, /* force TLSv13 */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]9621 { "generate-certificates", bind_parse_generate_certs, 0 }, /* enable the server certificates generation */
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +0200[diff] [blame]9622 { "no-ca-names", bind_parse_no_ca_names, 0 }, /* do not send ca names to clients (ca_file related) */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]9623 { "no-sslv3", bind_parse_tls_method_options, 0 }, /* disable SSLv3 */
9624 { "no-tlsv10", bind_parse_tls_method_options, 0 }, /* disable TLSv10 */
9625 { "no-tlsv11", bind_parse_tls_method_options, 0 }, /* disable TLSv11 */
9626 { "no-tlsv12", bind_parse_tls_method_options, 0 }, /* disable TLSv12 */
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +0200[diff] [blame]9627 { "no-tlsv13", bind_parse_tls_method_options, 0 }, /* disable TLSv13 */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]9628 { "no-tls-tickets", bind_parse_no_tls_tickets, 0 }, /* disable session resumption tickets */
9629 { "ssl", bind_parse_ssl, 0 }, /* enable SSL processing */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]9630 { "ssl-min-ver", bind_parse_tls_method_minmax, 1 }, /* minimum version */
9631 { "ssl-max-ver", bind_parse_tls_method_minmax, 1 }, /* maximum version */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200[diff] [blame]9632 { "strict-sni", bind_parse_strict_sni, 0 }, /* refuse negotiation if sni doesn't match a certificate */
9633 { "tls-ticket-keys", bind_parse_tls_ticket_keys, 1 }, /* set file to load TLS ticket keys from */
9634 { "verify", bind_parse_verify, 1 }, /* set SSL verify method */
9635 { "npn", bind_parse_npn, 1 }, /* set NPN supported protocols */
9636 { "prefer-client-ciphers", bind_parse_pcc, 0 }, /* prefer client ciphers */
Willy Tarreau79eeafa2012-09-14 07:53:05 +0200[diff] [blame]9637 { NULL, NULL, 0 },
9638}};
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]9639
Willy Tarreau0108d902018-11-25 19:14:37 +0100[diff] [blame]9640INITCALL1(STG_REGISTER, bind_register_keywords, &bind_kws);
9641
Willy Tarreau92faadf2012-10-10 23:04:25 +0200[diff] [blame]9642/* Note: must not be declared <const> as its list will be overwritten.
9643 * Please take care of keeping this list alphabetically sorted, doing so helps
9644 * all code contributors.
9645 * Optional keywords are also declared with a NULL ->parse() function so that
9646 * the config parser can report an appropriate error when a known keyword was
9647 * not enabled.
9648 */
9649static struct srv_kw_list srv_kws = { "SSL", { }, {
Olivier Houchard522eea72017-11-03 16:27:47 +0100[diff] [blame]9650 { "allow-0rtt", srv_parse_allow_0rtt, 0, 1 }, /* Allow using early data on this server */
Olivier Houchardc7566002018-11-20 23:33:50 +0100[diff] [blame]9651 { "alpn", srv_parse_alpn, 1, 1 }, /* Set ALPN supported protocols */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]9652 { "ca-file", srv_parse_ca_file, 1, 1 }, /* set CAfile to process verify server cert */
Olivier Houchard92150142018-12-21 19:47:01 +0100[diff] [blame]9653 { "check-alpn", srv_parse_alpn, 1, 1 }, /* Set ALPN used for checks */
Olivier Houchard9130a962017-10-17 17:33:43 +0200[diff] [blame]9654 { "check-sni", srv_parse_check_sni, 1, 1 }, /* set SNI */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]9655 { "check-ssl", srv_parse_check_ssl, 0, 1 }, /* enable SSL for health checks */
9656 { "ciphers", srv_parse_ciphers, 1, 1 }, /* select the cipher suite */
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]9657#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]9658 { "ciphersuites", srv_parse_ciphersuites, 1, 1 }, /* select the cipher suite */
9659#endif
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]9660 { "crl-file", srv_parse_crl_file, 1, 1 }, /* set certificate revocation list file use on server cert verify */
9661 { "crt", srv_parse_crt, 1, 1 }, /* set client certificate */
9662 { "force-sslv3", srv_parse_tls_method_options, 0, 1 }, /* force SSLv3 */
9663 { "force-tlsv10", srv_parse_tls_method_options, 0, 1 }, /* force TLSv10 */
9664 { "force-tlsv11", srv_parse_tls_method_options, 0, 1 }, /* force TLSv11 */
9665 { "force-tlsv12", srv_parse_tls_method_options, 0, 1 }, /* force TLSv12 */
9666 { "force-tlsv13", srv_parse_tls_method_options, 0, 1 }, /* force TLSv13 */
9667 { "no-check-ssl", srv_parse_no_check_ssl, 0, 1 }, /* disable SSL for health checks */
9668 { "no-send-proxy-v2-ssl", srv_parse_no_send_proxy_ssl, 0, 1 }, /* do not send PROXY protocol header v2 with SSL info */
9669 { "no-send-proxy-v2-ssl-cn", srv_parse_no_send_proxy_cn, 0, 1 }, /* do not send PROXY protocol header v2 with CN */
9670 { "no-ssl", srv_parse_no_ssl, 0, 1 }, /* disable SSL processing */
9671 { "no-ssl-reuse", srv_parse_no_ssl_reuse, 0, 1 }, /* disable session reuse */
9672 { "no-sslv3", srv_parse_tls_method_options, 0, 0 }, /* disable SSLv3 */
9673 { "no-tlsv10", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv10 */
9674 { "no-tlsv11", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv11 */
9675 { "no-tlsv12", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv12 */
9676 { "no-tlsv13", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv13 */
9677 { "no-tls-tickets", srv_parse_no_tls_tickets, 0, 1 }, /* disable session resumption tickets */
Olivier Houchardc7566002018-11-20 23:33:50 +0100[diff] [blame]9678 { "npn", srv_parse_npn, 1, 1 }, /* Set NPN supported protocols */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +0200[diff] [blame]9679 { "send-proxy-v2-ssl", srv_parse_send_proxy_ssl, 0, 1 }, /* send PROXY protocol header v2 with SSL info */
9680 { "send-proxy-v2-ssl-cn", srv_parse_send_proxy_cn, 0, 1 }, /* send PROXY protocol header v2 with CN */
9681 { "sni", srv_parse_sni, 1, 1 }, /* send SNI extension */
9682 { "ssl", srv_parse_ssl, 0, 1 }, /* enable SSL processing */
9683 { "ssl-min-ver", srv_parse_tls_method_minmax, 1, 1 }, /* minimum version */
9684 { "ssl-max-ver", srv_parse_tls_method_minmax, 1, 1 }, /* maximum version */
9685 { "ssl-reuse", srv_parse_ssl_reuse, 0, 1 }, /* enable session reuse */
9686 { "tls-tickets", srv_parse_tls_tickets, 0, 1 }, /* enable session resumption tickets */
9687 { "verify", srv_parse_verify, 1, 1 }, /* set SSL verify method */
9688 { "verifyhost", srv_parse_verifyhost, 1, 1 }, /* require that SSL cert verifies for hostname */
Willy Tarreau92faadf2012-10-10 23:04:25 +0200[diff] [blame]9689 { NULL, NULL, 0, 0 },
9690}};
9691
Willy Tarreau0108d902018-11-25 19:14:37 +0100[diff] [blame]9692INITCALL1(STG_REGISTER, srv_register_keywords, &srv_kws);
9693
Emeric Brun2c86cbf2014-10-30 15:56:50 +0100[diff] [blame]9694static struct cfg_kw_list cfg_kws = {ILH, {
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +0100[diff] [blame]9695 { CFG_GLOBAL, "ca-base", ssl_parse_global_ca_crt_base },
9696 { CFG_GLOBAL, "crt-base", ssl_parse_global_ca_crt_base },
Willy Tarreau0bea58d2016-12-21 23:17:25 +0100[diff] [blame]9697 { CFG_GLOBAL, "maxsslconn", ssl_parse_global_int },
Emeric Brun2c86cbf2014-10-30 15:56:50 +0100[diff] [blame]9698 { CFG_GLOBAL, "ssl-default-bind-options", ssl_parse_default_bind_options },
9699 { CFG_GLOBAL, "ssl-default-server-options", ssl_parse_default_server_options },
Willy Tarreau14e36a12016-12-21 23:28:13 +0100[diff] [blame]9700#ifndef OPENSSL_NO_DH
9701 { CFG_GLOBAL, "ssl-dh-param-file", ssl_parse_global_dh_param_file },
9702#endif
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]9703 { CFG_GLOBAL, "ssl-mode-async", ssl_parse_global_ssl_async },
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200[diff] [blame]9704#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]9705 { CFG_GLOBAL, "ssl-engine", ssl_parse_global_ssl_engine },
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200[diff] [blame]9706#endif
Willy Tarreau9ceda382016-12-21 23:13:03 +0100[diff] [blame]9707 { CFG_GLOBAL, "tune.ssl.cachesize", ssl_parse_global_int },
9708#ifndef OPENSSL_NO_DH
9709 { CFG_GLOBAL, "tune.ssl.default-dh-param", ssl_parse_global_default_dh },
9710#endif
9711 { CFG_GLOBAL, "tune.ssl.force-private-cache", ssl_parse_global_private_cache },
9712 { CFG_GLOBAL, "tune.ssl.lifetime", ssl_parse_global_lifetime },
9713 { CFG_GLOBAL, "tune.ssl.maxrecord", ssl_parse_global_int },
9714 { CFG_GLOBAL, "tune.ssl.ssl-ctx-cache-size", ssl_parse_global_int },
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100[diff] [blame]9715 { CFG_GLOBAL, "tune.ssl.capture-cipherlist-size", ssl_parse_global_capture_cipherlist },
Willy Tarreauf22e9682016-12-21 23:23:19 +0100[diff] [blame]9716 { CFG_GLOBAL, "ssl-default-bind-ciphers", ssl_parse_global_ciphers },
9717 { CFG_GLOBAL, "ssl-default-server-ciphers", ssl_parse_global_ciphers },
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]9718#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]9719 { CFG_GLOBAL, "ssl-default-bind-ciphersuites", ssl_parse_global_ciphersuites },
9720 { CFG_GLOBAL, "ssl-default-server-ciphersuites", ssl_parse_global_ciphersuites },
9721#endif
Emeric Brun2c86cbf2014-10-30 15:56:50 +0100[diff] [blame]9722 { 0, NULL, NULL },
9723}};
9724
Willy Tarreau0108d902018-11-25 19:14:37 +0100[diff] [blame]9725INITCALL1(STG_REGISTER, cfg_register_keywords, &cfg_kws);
9726
Nenad Merdanovicc31499d2019-03-23 11:00:32 +0100[diff] [blame]9727/* Note: must not be declared <const> as its list will be overwritten */
9728static struct sample_conv_kw_list conv_kws = {ILH, {
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]9729#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined LIBRESSL_VERSION_NUMBER)
Nenad Merdanovicc31499d2019-03-23 11:00:32 +0100[diff] [blame]9730 { "aes_gcm_dec", sample_conv_aes_gcm_dec, ARG4(4,SINT,STR,STR,STR), check_aes_gcm, SMP_T_BIN, SMP_T_BIN },
9731#endif
9732 { NULL, NULL, 0, 0, 0 },
9733}};
9734
9735INITCALL1(STG_REGISTER, sample_register_convs, &conv_kws);
9736
Willy Tarreauf7bc57c2012-10-03 00:19:48 +0200[diff] [blame]9737/* transport-layer operations for SSL sockets */
Willy Tarreaud9f5cca2016-12-22 21:08:52 +0100[diff] [blame]9738static struct xprt_ops ssl_sock = {
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]9739 .snd_buf = ssl_sock_from_buf,
9740 .rcv_buf = ssl_sock_to_buf,
Olivier Houcharddf357842019-03-21 16:30:07 +0100[diff] [blame]9741 .subscribe = ssl_subscribe,
9742 .unsubscribe = ssl_unsubscribe,
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]9743 .rcv_pipe = NULL,
9744 .snd_pipe = NULL,
9745 .shutr = NULL,
9746 .shutw = ssl_sock_shutw,
9747 .close = ssl_sock_close,
9748 .init = ssl_sock_init,
Willy Tarreau55d37912016-12-21 23:38:39 +0100[diff] [blame]9749 .prepare_bind_conf = ssl_sock_prepare_bind_conf,
Willy Tarreau795cdab2016-12-22 17:30:54 +0100[diff] [blame]9750 .destroy_bind_conf = ssl_sock_destroy_bind_conf,
Willy Tarreau17d45382016-12-22 21:16:08 +0100[diff] [blame]9751 .prepare_srv = ssl_sock_prepare_srv_ctx,
9752 .destroy_srv = ssl_sock_free_srv_ctx,
Willy Tarreau8743f7e2016-12-04 18:44:29 +0100[diff] [blame]9753 .get_alpn = ssl_sock_get_alpn,
Willy Tarreau8e0bb0a2016-11-24 16:58:12 +0100[diff] [blame]9754 .name = "SSL",
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]9755};
9756
Olivier Houchardccaa7de2017-10-02 11:51:03 +0200[diff] [blame]9757enum act_return ssl_action_wait_for_hs(struct act_rule *rule, struct proxy *px,
9758 struct session *sess, struct stream *s, int flags)
9759{
9760 struct connection *conn;
Olivier Houchard6fa63d92017-11-27 18:41:32 +0100[diff] [blame]9761 struct conn_stream *cs;
Olivier Houchardccaa7de2017-10-02 11:51:03 +0200[diff] [blame]9762
9763 conn = objt_conn(sess->origin);
Olivier Houchard6fa63d92017-11-27 18:41:32 +0100[diff] [blame]9764 cs = objt_cs(s->si[0].end);
Olivier Houchardccaa7de2017-10-02 11:51:03 +0200[diff] [blame]9765
Olivier Houchard6fa63d92017-11-27 18:41:32 +0100[diff] [blame]9766 if (conn && cs) {
Olivier Houchardccaa7de2017-10-02 11:51:03 +0200[diff] [blame]9767 if (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_SSL_WAIT_HS)) {
Olivier Houchard6fa63d92017-11-27 18:41:32 +0100[diff] [blame]9768 cs->flags |= CS_FL_WAIT_FOR_HS;
Olivier Houchardccaa7de2017-10-02 11:51:03 +0200[diff] [blame]9769 s->req.flags |= CF_READ_NULL;
9770 return ACT_RET_YIELD;
9771 }
9772 }
9773 return (ACT_RET_CONT);
9774}
9775
9776static enum act_parse_ret ssl_parse_wait_for_hs(const char **args, int *orig_arg, struct proxy *px, struct act_rule *rule, char **err)
9777{
9778 rule->action_ptr = ssl_action_wait_for_hs;
9779
9780 return ACT_RET_PRS_OK;
9781}
9782
9783static struct action_kw_list http_req_actions = {ILH, {
9784 { "wait-for-handshake", ssl_parse_wait_for_hs },
9785 { /* END */ }
9786}};
9787
Willy Tarreau0108d902018-11-25 19:14:37 +0100[diff] [blame]9788INITCALL1(STG_REGISTER, http_req_keywords_register, &http_req_actions);
9789
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]9790#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]9791
9792static void ssl_sock_sctl_free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp)
9793{
9794 if (ptr) {
9795 chunk_destroy(ptr);
9796 free(ptr);
9797 }
9798}
9799
9800#endif
Emmanuel Hocdetaaee7502017-03-07 18:34:58 +0100[diff] [blame]9801static void ssl_sock_capture_free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp)
9802{
Willy Tarreaubafbe012017-11-24 17:34:44 +0100[diff] [blame]9803 pool_free(pool_head_ssl_capture, ptr);
Emmanuel Hocdetaaee7502017-03-07 18:34:58 +0100[diff] [blame]9804}
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]9805
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]9806__attribute__((constructor))
Willy Tarreau92faadf2012-10-10 23:04:25 +0200[diff] [blame]9807static void __ssl_sock_init(void)
9808{
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]9809 STACK_OF(SSL_COMP)* cm;
9810
Willy Tarreauef934602016-12-22 23:12:01 +0100[diff] [blame]9811 if (global_ssl.listen_default_ciphers)
9812 global_ssl.listen_default_ciphers = strdup(global_ssl.listen_default_ciphers);
9813 if (global_ssl.connect_default_ciphers)
9814 global_ssl.connect_default_ciphers = strdup(global_ssl.connect_default_ciphers);
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]9815#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200[diff] [blame]9816 if (global_ssl.listen_default_ciphersuites)
9817 global_ssl.listen_default_ciphersuites = strdup(global_ssl.listen_default_ciphersuites);
9818 if (global_ssl.connect_default_ciphersuites)
9819 global_ssl.connect_default_ciphersuites = strdup(global_ssl.connect_default_ciphersuites);
9820#endif
Willy Tarreau610f04b2014-02-13 11:36:41 +0100[diff] [blame]9821
Willy Tarreau13e14102016-12-22 20:25:26 +0100[diff] [blame]9822 xprt_register(XPRT_SSL, &ssl_sock);
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]9823#if HA_OPENSSL_VERSION_NUMBER < 0x10100000L
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]9824 SSL_library_init();
Rosen Penev68185952018-12-14 08:47:02 -0800[diff] [blame]9825#endif
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]9826 cm = SSL_COMP_get_compression_methods();
9827 sk_SSL_COMP_zero(cm);
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]9828#if defined(USE_THREAD) && (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]9829 ssl_locking_init();
9830#endif
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]9831#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +0100[diff] [blame]9832 sctl_ex_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, ssl_sock_sctl_free_func);
9833#endif
Thierry FOURNIER28962c92018-06-17 21:37:05 +0200[diff] [blame]9834 ssl_app_data_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL);
Thierry FOURNIER16ff0502018-06-17 21:33:01 +0200[diff] [blame]9835 ssl_capture_ptr_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, ssl_sock_capture_free_func);
Emmanuel Hocdet96b78342017-10-31 15:46:07 +0100[diff] [blame]9836 ssl_pkey_info_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL);
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200[diff] [blame]9837#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]9838 ENGINE_load_builtin_engines();
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000[diff] [blame]9839 hap_register_post_check(ssl_check_async_engine_count);
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200[diff] [blame]9840#endif
Willy Tarreaud1c57502016-12-22 22:46:15 +0100[diff] [blame]9841#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
9842 hap_register_post_check(tlskeys_finalize_config);
9843#endif
Willy Tarreau80713382018-11-26 10:19:54 +0100[diff] [blame]9844
9845 global.ssl_session_max_cost = SSL_SESSION_MAX_COST;
9846 global.ssl_handshake_max_cost = SSL_HANDSHAKE_MAX_COST;
9847
9848#ifndef OPENSSL_NO_DH
9849 ssl_dh_ptr_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL);
9850 hap_register_post_deinit(ssl_free_dh);
9851#endif
9852#ifndef OPENSSL_NO_ENGINE
9853 hap_register_post_deinit(ssl_free_engines);
9854#endif
9855 /* Load SSL string for the verbose & debug mode. */
9856 ERR_load_SSL_strings();
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]9857#if HA_OPENSSL_VERSION_NUMBER < 0x10100000L
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]9858 ha_meth = malloc(sizeof(*ha_meth));
Olivier Houchard66a7b332019-04-18 15:58:15 +0200[diff] [blame]9859 bzero(ha_meth, sizeof(*ha_meth));
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]9860 ha_meth->bwrite = ha_ssl_write;
9861 ha_meth->bread = ha_ssl_read;
9862 ha_meth->ctrl = ha_ssl_ctrl;
9863 ha_meth->create = ha_ssl_new;
9864 ha_meth->destroy = ha_ssl_free;
9865 ha_meth->bputs = ha_ssl_puts;
9866 ha_meth->bgets = ha_ssl_gets;
9867#else
9868 ha_meth = BIO_meth_new(0x666, "ha methods");
9869 BIO_meth_set_write(ha_meth, ha_ssl_write);
9870 BIO_meth_set_read(ha_meth, ha_ssl_read);
9871 BIO_meth_set_ctrl(ha_meth, ha_ssl_ctrl);
9872 BIO_meth_set_create(ha_meth, ha_ssl_new);
9873 BIO_meth_set_destroy(ha_meth, ha_ssl_free);
9874 BIO_meth_set_puts(ha_meth, ha_ssl_puts);
9875 BIO_meth_set_gets(ha_meth, ha_ssl_gets);
9876#endif
Willy Tarreau80713382018-11-26 10:19:54 +0100[diff] [blame]9877}
Willy Tarreaud92aa5c2015-01-15 21:34:39 +0100[diff] [blame]9878
Willy Tarreau80713382018-11-26 10:19:54 +0100[diff] [blame]9879/* Compute and register the version string */
9880static void ssl_register_build_options()
9881{
9882 char *ptr = NULL;
9883 int i;
9884
Willy Tarreauc2c0b612016-12-21 19:23:20 +0100[diff] [blame]9885 memprintf(&ptr, "Built with OpenSSL version : "
9886#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet50e25e12017-03-24 15:20:03 +0100[diff] [blame]9887 "BoringSSL");
Willy Tarreauc2c0b612016-12-21 19:23:20 +0100[diff] [blame]9888#else /* OPENSSL_IS_BORINGSSL */
9889 OPENSSL_VERSION_TEXT
9890 "\nRunning on OpenSSL version : %s%s",
Rosen Penev68185952018-12-14 08:47:02 -0800[diff] [blame]9891 OpenSSL_version(OPENSSL_VERSION),
Willy Tarreau1d158ab2019-05-09 13:41:45 +0200[diff] [blame]9892 ((OPENSSL_VERSION_NUMBER ^ OpenSSL_version_num()) >> 8) ? " (VERSIONS DIFFER!)" : "");
Willy Tarreauc2c0b612016-12-21 19:23:20 +0100[diff] [blame]9893#endif
9894 memprintf(&ptr, "%s\nOpenSSL library supports TLS extensions : "
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]9895#if HA_OPENSSL_VERSION_NUMBER < 0x00907000L
Willy Tarreauc2c0b612016-12-21 19:23:20 +0100[diff] [blame]9896 "no (library version too old)"
9897#elif defined(OPENSSL_NO_TLSEXT)
9898 "no (disabled via OPENSSL_NO_TLSEXT)"
9899#else
9900 "yes"
9901#endif
9902 "", ptr);
9903
9904 memprintf(&ptr, "%s\nOpenSSL library supports SNI : "
9905#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
9906 "yes"
9907#else
9908#ifdef OPENSSL_NO_TLSEXT
9909 "no (because of OPENSSL_NO_TLSEXT)"
9910#else
9911 "no (version might be too old, 0.9.8f min needed)"
9912#endif
9913#endif
9914 "", ptr);
9915
Emmanuel Hocdetf80bc242017-07-12 14:25:38 +0200[diff] [blame]9916 memprintf(&ptr, "%s\nOpenSSL library supports :", ptr);
9917 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
9918 if (methodVersions[i].option)
9919 memprintf(&ptr, "%s %s", ptr, methodVersions[i].name);
Emmanuel Hocdet50e25e12017-03-24 15:20:03 +0100[diff] [blame]9920
Willy Tarreauc2c0b612016-12-21 19:23:20 +0100[diff] [blame]9921 hap_register_build_opts(ptr, 1);
Willy Tarreau80713382018-11-26 10:19:54 +0100[diff] [blame]9922}
Willy Tarreauc2c0b612016-12-21 19:23:20 +0100[diff] [blame]9923
Willy Tarreau80713382018-11-26 10:19:54 +0100[diff] [blame]9924INITCALL0(STG_REGISTER, ssl_register_build_options);
Remi Gacogne4f902b82015-05-28 16:23:00 +0200[diff] [blame]9925
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]9926
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200[diff] [blame]9927#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]9928void ssl_free_engines(void) {
9929 struct ssl_engine_list *wl, *wlb;
9930 /* free up engine list */
9931 list_for_each_entry_safe(wl, wlb, &openssl_engines, list) {
9932 ENGINE_finish(wl->e);
9933 ENGINE_free(wl->e);
9934 LIST_DEL(&wl->list);
9935 free(wl);
9936 }
9937}
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200[diff] [blame]9938#endif
Christopher Faulet31af49d2015-06-09 17:29:50 +0200[diff] [blame]9939
Remi Gacogned3a23c32015-05-28 16:39:47 +0200[diff] [blame]9940#ifndef OPENSSL_NO_DH
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]9941void ssl_free_dh(void) {
9942 if (local_dh_1024) {
9943 DH_free(local_dh_1024);
9944 local_dh_1024 = NULL;
9945 }
9946 if (local_dh_2048) {
9947 DH_free(local_dh_2048);
9948 local_dh_2048 = NULL;
9949 }
9950 if (local_dh_4096) {
9951 DH_free(local_dh_4096);
9952 local_dh_4096 = NULL;
9953 }
Remi Gacogne47783ef2015-05-29 15:53:22 +0200[diff] [blame]9954 if (global_dh) {
9955 DH_free(global_dh);
9956 global_dh = NULL;
9957 }
Grant Zhang872f9c22017-01-21 01:10:18 +0000[diff] [blame]9958}
9959#endif
9960
9961__attribute__((destructor))
9962static void __ssl_sock_deinit(void)
9963{
9964#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]9965 if (ssl_ctx_lru_tree) {
9966 lru64_destroy(ssl_ctx_lru_tree);
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100[diff] [blame]9967 HA_RWLOCK_DESTROY(&ssl_ctx_lru_rwlock);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200[diff] [blame]9968 }
Remi Gacogned3a23c32015-05-28 16:39:47 +0200[diff] [blame]9969#endif
9970
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]9971#if (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Remi Gacogned3a23c32015-05-28 16:39:47 +0200[diff] [blame]9972 ERR_remove_state(0);
9973 ERR_free_strings();
9974
9975 EVP_cleanup();
Rosen Penev68185952018-12-14 08:47:02 -0800[diff] [blame]9976#endif
Remi Gacogned3a23c32015-05-28 16:39:47 +0200[diff] [blame]9977
Willy Tarreau5db847a2019-05-09 14:13:35 +0200[diff] [blame^]9978#if (HA_OPENSSL_VERSION_NUMBER >= 0x00907000L) && (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Remi Gacogned3a23c32015-05-28 16:39:47 +0200[diff] [blame]9979 CRYPTO_cleanup_all_ex_data();
9980#endif
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200[diff] [blame]9981#if (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Olivier Houcharda8955d52019-04-07 22:00:38 +0200[diff] [blame]9982 free(ha_meth);
9983#else
9984 BIO_meth_free(ha_meth);
9985#endif
Remi Gacogned3a23c32015-05-28 16:39:47 +0200[diff] [blame]9986}
9987
9988
Emeric Brun46591952012-05-18 15:47:34 +0200[diff] [blame]9989/*
9990 * Local variables:
9991 * c-indent-level: 8
9992 * c-basic-offset: 8
9993 * End:
9994 */