blob: c33bf4e4e3c692d98377dc0f80e795fc898b1137 [file] [log] [blame]
yanbzhu08ce6ab2015-12-02 13:01:29 -05001
Emeric Brun46591952012-05-18 15:47:34 +02002/*
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02003 * SSL/TLS transport layer over SOCK_STREAM sockets
Emeric Brun46591952012-05-18 15:47:34 +02004 *
5 * Copyright (C) 2012 EXCELIANCE, Emeric Brun <ebrun@exceliance.fr>
6 *
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version
10 * 2 of the License, or (at your option) any later version.
11 *
Willy Tarreau69845df2012-09-10 09:43:09 +020012 * Acknowledgement:
13 * We'd like to specially thank the Stud project authors for a very clean
14 * and well documented code which helped us understand how the OpenSSL API
15 * ought to be used in non-blocking mode. This is one difficult part which
16 * is not easy to get from the OpenSSL doc, and reading the Stud code made
17 * it much more obvious than the examples in the OpenSSL package. Keep up
18 * the good works, guys !
19 *
20 * Stud is an extremely efficient and scalable SSL/TLS proxy which combines
21 * particularly well with haproxy. For more info about this project, visit :
22 * https://github.com/bumptech/stud
23 *
Emeric Brun46591952012-05-18 15:47:34 +020024 */
25
Willy Tarreau8d164dc2019-05-10 09:35:00 +020026/* Note: do NOT include openssl/xxx.h here, do it in openssl-compat.h */
Emeric Brun46591952012-05-18 15:47:34 +020027#define _GNU_SOURCE
Emeric Brunfc0421f2012-09-07 17:30:07 +020028#include <ctype.h>
29#include <dirent.h>
Emeric Brun46591952012-05-18 15:47:34 +020030#include <errno.h>
31#include <fcntl.h>
32#include <stdio.h>
33#include <stdlib.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020034#include <string.h>
35#include <unistd.h>
Emeric Brun46591952012-05-18 15:47:34 +020036
37#include <sys/socket.h>
38#include <sys/stat.h>
39#include <sys/types.h>
Christopher Faulet31af49d2015-06-09 17:29:50 +020040#include <netdb.h>
Emeric Brun46591952012-05-18 15:47:34 +020041#include <netinet/tcp.h>
42
Christopher Faulet31af49d2015-06-09 17:29:50 +020043#include <import/lru.h>
44#include <import/xxhash.h>
45
Emeric Brun46591952012-05-18 15:47:34 +020046#include <common/buffer.h>
Willy Tarreau843b7cb2018-07-13 10:54:26 +020047#include <common/chunk.h>
Emeric Brun46591952012-05-18 15:47:34 +020048#include <common/compat.h>
49#include <common/config.h>
50#include <common/debug.h>
Willy Tarreau79eeafa2012-09-14 07:53:05 +020051#include <common/errors.h>
Willy Tarreau0108d902018-11-25 19:14:37 +010052#include <common/initcall.h>
Willy Tarreau55994562019-05-09 14:52:44 +020053#include <common/openssl-compat.h>
Emeric Brun46591952012-05-18 15:47:34 +020054#include <common/standard.h>
55#include <common/ticks.h>
56#include <common/time.h>
Emeric Brun2c86cbf2014-10-30 15:56:50 +010057#include <common/cfgparse.h>
Nenad Merdanovic05552d42015-02-27 19:56:49 +010058#include <common/base64.h>
Emeric Brun46591952012-05-18 15:47:34 +020059
William Lallemand2954c472020-03-06 21:54:13 +010060#include <ebpttree.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020061#include <ebsttree.h>
62
William Lallemand32af2032016-10-29 18:09:35 +020063#include <types/applet.h>
64#include <types/cli.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020065#include <types/global.h>
66#include <types/ssl_sock.h>
William Lallemand32af2032016-10-29 18:09:35 +020067#include <types/stats.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020068
Willy Tarreau7875d092012-09-10 08:20:03 +020069#include <proto/acl.h>
70#include <proto/arg.h>
William Lallemand32af2032016-10-29 18:09:35 +020071#include <proto/channel.h>
Emeric Brun46591952012-05-18 15:47:34 +020072#include <proto/connection.h>
William Lallemand32af2032016-10-29 18:09:35 +020073#include <proto/cli.h>
Emeric Brun46591952012-05-18 15:47:34 +020074#include <proto/fd.h>
75#include <proto/freq_ctr.h>
76#include <proto/frontend.h>
Willy Tarreau61c112a2018-10-02 16:43:32 +020077#include <proto/http_rules.h>
Willy Tarreau79eeafa2012-09-14 07:53:05 +020078#include <proto/listener.h>
Thierry FOURNIERed66c292013-11-28 11:05:19 +010079#include <proto/pattern.h>
Christopher Faulet31af49d2015-06-09 17:29:50 +020080#include <proto/proto_tcp.h>
Christopher Fauletfc9cfe42019-07-16 14:54:53 +020081#include <proto/http_ana.h>
Willy Tarreau92faadf2012-10-10 23:04:25 +020082#include <proto/server.h>
William Lallemand32af2032016-10-29 18:09:35 +020083#include <proto/stream_interface.h>
Emeric Brun46591952012-05-18 15:47:34 +020084#include <proto/log.h>
Emeric Brun94324a42012-10-11 14:00:19 +020085#include <proto/proxy.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020086#include <proto/shctx.h>
Emeric Brun46591952012-05-18 15:47:34 +020087#include <proto/ssl_sock.h>
Willy Tarreau9ad7bd42015-04-03 19:19:59 +020088#include <proto/stream.h>
Emeric Brun46591952012-05-18 15:47:34 +020089#include <proto/task.h>
Nenad Merdanovicc31499d2019-03-23 11:00:32 +010090#include <proto/vars.h>
Emeric Brun46591952012-05-18 15:47:34 +020091
Willy Tarreau9356dac2019-05-10 09:22:53 +020092/* ***** READ THIS before adding code here! *****
93 *
94 * Due to API incompatibilities between multiple OpenSSL versions and their
95 * derivatives, it's often tempting to add macros to (re-)define certain
96 * symbols. Please do not do this here, and do it in common/openssl-compat.h
97 * exclusively so that the whole code consistently uses the same macros.
98 *
99 * Whenever possible if a macro is missing in certain versions, it's better
100 * to conditionally define it in openssl-compat.h than using lots of ifdefs.
101 */
102
Willy Tarreau71b734c2014-01-28 15:19:44 +0100103int sslconns = 0;
104int totalsslconns = 0;
Willy Tarreaud9f5cca2016-12-22 21:08:52 +0100105static struct xprt_ops ssl_sock;
Emeric Brunece0c332017-12-06 13:51:49 +0100106int nb_engines = 0;
Emeric Brune1f38db2012-09-03 20:36:47 +0200107
William Lallemande0f3fd52020-02-25 14:53:06 +0100108static struct eb_root cert_issuer_tree = EB_ROOT; /* issuers tree from "issuers-chain-path" */
Emmanuel Hocdetef87e0a2020-03-23 11:29:11 +0100109static struct issuer_chain* ssl_get0_issuer_chain(X509 *cert);
William Lallemande0f3fd52020-02-25 14:53:06 +0100110
William Lallemand7fd8b452020-05-07 15:20:43 +0200111struct global_ssl global_ssl = {
Willy Tarreauef934602016-12-22 23:12:01 +0100112#ifdef LISTEN_DEFAULT_CIPHERS
113 .listen_default_ciphers = LISTEN_DEFAULT_CIPHERS,
114#endif
115#ifdef CONNECT_DEFAULT_CIPHERS
116 .connect_default_ciphers = CONNECT_DEFAULT_CIPHERS,
117#endif
Emmanuel Hocdet839af572019-05-14 16:27:35 +0200118#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200119#ifdef LISTEN_DEFAULT_CIPHERSUITES
120 .listen_default_ciphersuites = LISTEN_DEFAULT_CIPHERSUITES,
121#endif
122#ifdef CONNECT_DEFAULT_CIPHERSUITES
123 .connect_default_ciphersuites = CONNECT_DEFAULT_CIPHERSUITES,
124#endif
125#endif
Willy Tarreauef934602016-12-22 23:12:01 +0100126 .listen_default_ssloptions = BC_SSL_O_NONE,
127 .connect_default_ssloptions = SRV_SSL_O_NONE,
128
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200129 .listen_default_sslmethods.flags = MC_SSL_O_ALL,
130 .listen_default_sslmethods.min = CONF_TLSV_NONE,
131 .listen_default_sslmethods.max = CONF_TLSV_NONE,
132 .connect_default_sslmethods.flags = MC_SSL_O_ALL,
133 .connect_default_sslmethods.min = CONF_TLSV_NONE,
134 .connect_default_sslmethods.max = CONF_TLSV_NONE,
135
Willy Tarreauef934602016-12-22 23:12:01 +0100136#ifdef DEFAULT_SSL_MAX_RECORD
137 .max_record = DEFAULT_SSL_MAX_RECORD,
138#endif
139 .default_dh_param = SSL_DEFAULT_DH_PARAM,
140 .ctx_cache = DEFAULT_SSL_CTX_CACHE,
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100141 .capture_cipherlist = 0,
William Lallemand3af48e72020-02-03 17:15:52 +0100142 .extra_files = SSL_GF_ALL,
Willy Tarreauef934602016-12-22 23:12:01 +0100143};
144
Olivier Houcharda8955d52019-04-07 22:00:38 +0200145static BIO_METHOD *ha_meth;
146
Olivier Houchard66ab4982019-02-26 18:37:15 +0100147struct ssl_sock_ctx {
Olivier Houcharda8955d52019-04-07 22:00:38 +0200148 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100149 SSL *ssl;
Olivier Houcharda8955d52019-04-07 22:00:38 +0200150 BIO *bio;
Olivier Houchard5149b592019-05-23 17:47:36 +0200151 const struct xprt_ops *xprt;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100152 void *xprt_ctx;
Olivier Houchardea8dd942019-05-20 14:02:16 +0200153 struct wait_event wait_event;
Willy Tarreau113d52b2020-01-10 09:20:26 +0100154 struct wait_event *subs;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100155 int xprt_st; /* transport layer state, initialized to zero */
Olivier Houchard54907bb2019-12-19 15:02:39 +0100156 struct buffer early_buf; /* buffer to store the early data received */
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100157 int sent_early_data; /* Amount of early data we sent so far */
158
Olivier Houchard66ab4982019-02-26 18:37:15 +0100159};
160
161DECLARE_STATIC_POOL(ssl_sock_ctx_pool, "ssl_sock_ctx_pool", sizeof(struct ssl_sock_ctx));
162
Olivier Houchardea8dd942019-05-20 14:02:16 +0200163static struct task *ssl_sock_io_cb(struct task *, void *, unsigned short);
Olivier Houchard000694c2019-05-23 14:45:12 +0200164static int ssl_sock_handshake(struct connection *conn, unsigned int flag);
Olivier Houchardea8dd942019-05-20 14:02:16 +0200165
Olivier Houcharda8955d52019-04-07 22:00:38 +0200166/* Methods to implement OpenSSL BIO */
167static int ha_ssl_write(BIO *h, const char *buf, int num)
168{
169 struct buffer tmpbuf;
170 struct ssl_sock_ctx *ctx;
171 int ret;
172
173 ctx = BIO_get_data(h);
174 tmpbuf.size = num;
175 tmpbuf.area = (void *)(uintptr_t)buf;
176 tmpbuf.data = num;
177 tmpbuf.head = 0;
178 ret = ctx->xprt->snd_buf(ctx->conn, ctx->xprt_ctx, &tmpbuf, num, 0);
Olivier Houchardb51937e2019-05-01 17:24:36 +0200179 if (ret == 0 && !(ctx->conn->flags & (CO_FL_ERROR | CO_FL_SOCK_WR_SH))) {
Olivier Houcharda8955d52019-04-07 22:00:38 +0200180 BIO_set_retry_write(h);
Olivier Houcharda28454e2019-04-24 12:04:36 +0200181 ret = -1;
Olivier Houchardb51937e2019-05-01 17:24:36 +0200182 } else if (ret == 0)
183 BIO_clear_retry_flags(h);
Olivier Houcharda8955d52019-04-07 22:00:38 +0200184 return ret;
185}
186
187static int ha_ssl_gets(BIO *h, char *buf, int size)
188{
189
190 return 0;
191}
192
193static int ha_ssl_puts(BIO *h, const char *str)
194{
195
196 return ha_ssl_write(h, str, strlen(str));
197}
198
199static int ha_ssl_read(BIO *h, char *buf, int size)
200{
201 struct buffer tmpbuf;
202 struct ssl_sock_ctx *ctx;
203 int ret;
204
205 ctx = BIO_get_data(h);
206 tmpbuf.size = size;
207 tmpbuf.area = buf;
208 tmpbuf.data = 0;
209 tmpbuf.head = 0;
210 ret = ctx->xprt->rcv_buf(ctx->conn, ctx->xprt_ctx, &tmpbuf, size, 0);
Olivier Houchardb51937e2019-05-01 17:24:36 +0200211 if (ret == 0 && !(ctx->conn->flags & (CO_FL_ERROR | CO_FL_SOCK_RD_SH))) {
Olivier Houcharda8955d52019-04-07 22:00:38 +0200212 BIO_set_retry_read(h);
Olivier Houcharda28454e2019-04-24 12:04:36 +0200213 ret = -1;
Olivier Houchardb51937e2019-05-01 17:24:36 +0200214 } else if (ret == 0)
215 BIO_clear_retry_flags(h);
Olivier Houcharda8955d52019-04-07 22:00:38 +0200216
217 return ret;
218}
219
220static long ha_ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2)
221{
222 int ret = 0;
223 switch (cmd) {
224 case BIO_CTRL_DUP:
225 case BIO_CTRL_FLUSH:
226 ret = 1;
227 break;
228 }
229 return ret;
230}
231
232static int ha_ssl_new(BIO *h)
233{
234 BIO_set_init(h, 1);
235 BIO_set_data(h, NULL);
236 BIO_clear_flags(h, ~0);
237 return 1;
238}
239
240static int ha_ssl_free(BIO *data)
241{
242
243 return 1;
244}
245
246
Willy Tarreau5db847a2019-05-09 14:13:35 +0200247#if defined(USE_THREAD) && (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Christopher Faulet9dcf9b62017-11-13 10:34:01 +0100248
Emeric Brun821bb9b2017-06-15 16:37:39 +0200249static HA_RWLOCK_T *ssl_rwlocks;
250
251
252unsigned long ssl_id_function(void)
253{
254 return (unsigned long)tid;
255}
256
257void ssl_locking_function(int mode, int n, const char * file, int line)
258{
259 if (mode & CRYPTO_LOCK) {
260 if (mode & CRYPTO_READ)
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100261 HA_RWLOCK_RDLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200262 else
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100263 HA_RWLOCK_WRLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200264 }
265 else {
266 if (mode & CRYPTO_READ)
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100267 HA_RWLOCK_RDUNLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200268 else
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100269 HA_RWLOCK_WRUNLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200270 }
271}
272
273static int ssl_locking_init(void)
274{
275 int i;
276
277 ssl_rwlocks = malloc(sizeof(HA_RWLOCK_T)*CRYPTO_num_locks());
278 if (!ssl_rwlocks)
279 return -1;
280
281 for (i = 0 ; i < CRYPTO_num_locks() ; i++)
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100282 HA_RWLOCK_INIT(&ssl_rwlocks[i]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200283
284 CRYPTO_set_id_callback(ssl_id_function);
285 CRYPTO_set_locking_callback(ssl_locking_function);
286
287 return 0;
288}
Christopher Faulet9dcf9b62017-11-13 10:34:01 +0100289
Emeric Brun821bb9b2017-06-15 16:37:39 +0200290#endif
291
William Lallemand150bfa82019-09-19 17:12:49 +0200292__decl_hathreads(HA_SPINLOCK_T ckch_lock);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200293
William Lallemandbc6ca7c2019-10-29 23:48:19 +0100294/* Uncommitted CKCH transaction */
295
296static struct {
297 struct ckch_store *new_ckchs;
298 struct ckch_store *old_ckchs;
299 char *path;
300} ckchs_transaction;
301
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +0200302/*
Emmanuel Hocdetb270e812019-11-21 19:09:31 +0100303 * deduplicate cafile (and crlfile)
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +0200304 */
305struct cafile_entry {
306 X509_STORE *ca_store;
Emmanuel Hocdet129d3282019-10-24 18:08:51 +0200307 STACK_OF(X509_NAME) *ca_list;
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +0200308 struct ebmb_node node;
309 char path[0];
310};
311
312static struct eb_root cafile_tree = EB_ROOT_UNIQUE;
313
314static X509_STORE* ssl_store_get0_locations_file(char *path)
315{
316 struct ebmb_node *eb;
317
318 eb = ebst_lookup(&cafile_tree, path);
319 if (eb) {
320 struct cafile_entry *ca_e;
321 ca_e = ebmb_entry(eb, struct cafile_entry, node);
322 return ca_e->ca_store;
323 }
324 return NULL;
325}
326
327static int ssl_store_load_locations_file(char *path)
328{
329 if (ssl_store_get0_locations_file(path) == NULL) {
330 struct cafile_entry *ca_e;
331 X509_STORE *store = X509_STORE_new();
332 if (X509_STORE_load_locations(store, path, NULL)) {
333 int pathlen;
334 pathlen = strlen(path);
335 ca_e = calloc(1, sizeof(*ca_e) + pathlen + 1);
336 if (ca_e) {
337 memcpy(ca_e->path, path, pathlen + 1);
338 ca_e->ca_store = store;
339 ebst_insert(&cafile_tree, &ca_e->node);
340 return 1;
341 }
342 }
343 X509_STORE_free(store);
344 return 0;
345 }
346 return 1;
347}
348
349/* mimic what X509_STORE_load_locations do with store_ctx */
350static int ssl_set_cert_crl_file(X509_STORE *store_ctx, char *path)
351{
352 X509_STORE *store;
353 store = ssl_store_get0_locations_file(path);
354 if (store_ctx && store) {
355 int i;
356 X509_OBJECT *obj;
357 STACK_OF(X509_OBJECT) *objs = X509_STORE_get0_objects(store);
358 for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
359 obj = sk_X509_OBJECT_value(objs, i);
360 switch (X509_OBJECT_get_type(obj)) {
361 case X509_LU_X509:
362 X509_STORE_add_cert(store_ctx, X509_OBJECT_get0_X509(obj));
363 break;
364 case X509_LU_CRL:
365 X509_STORE_add_crl(store_ctx, X509_OBJECT_get0_X509_CRL(obj));
366 break;
367 default:
368 break;
369 }
370 }
371 return 1;
372 }
373 return 0;
374}
375
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +0500376/* SSL_CTX_load_verify_locations substitute, internally call X509_STORE_load_locations */
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +0200377static int ssl_set_verify_locations_file(SSL_CTX *ctx, char *path)
378{
379 X509_STORE *store_ctx = SSL_CTX_get_cert_store(ctx);
380 return ssl_set_cert_crl_file(store_ctx, path);
381}
382
Emmanuel Hocdet129d3282019-10-24 18:08:51 +0200383/*
384 Extract CA_list from CA_file already in tree.
385 Duplicate ca_name is tracking with ebtree. It's simplify openssl compatibility.
386 Return a shared ca_list: SSL_dup_CA_list must be used before set it on SSL_CTX.
387*/
388static STACK_OF(X509_NAME)* ssl_get_client_ca_file(char *path)
389{
390 struct ebmb_node *eb;
391 struct cafile_entry *ca_e;
392
393 eb = ebst_lookup(&cafile_tree, path);
394 if (!eb)
395 return NULL;
396 ca_e = ebmb_entry(eb, struct cafile_entry, node);
397
398 if (ca_e->ca_list == NULL) {
399 int i;
400 unsigned long key;
401 struct eb_root ca_name_tree = EB_ROOT;
402 struct eb64_node *node, *back;
403 struct {
404 struct eb64_node node;
405 X509_NAME *xname;
406 } *ca_name;
407 STACK_OF(X509_OBJECT) *objs;
408 STACK_OF(X509_NAME) *skn;
409 X509 *x;
410 X509_NAME *xn;
411
412 skn = sk_X509_NAME_new_null();
413 /* take x509 from cafile_tree */
414 objs = X509_STORE_get0_objects(ca_e->ca_store);
415 for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
416 x = X509_OBJECT_get0_X509(sk_X509_OBJECT_value(objs, i));
417 if (!x)
418 continue;
419 xn = X509_get_subject_name(x);
420 if (!xn)
421 continue;
422 /* Check for duplicates. */
423 key = X509_NAME_hash(xn);
424 for (node = eb64_lookup(&ca_name_tree, key), ca_name = NULL;
425 node && ca_name == NULL;
426 node = eb64_next(node)) {
427 ca_name = container_of(node, typeof(*ca_name), node);
428 if (X509_NAME_cmp(xn, ca_name->xname) != 0)
429 ca_name = NULL;
430 }
431 /* find a duplicate */
432 if (ca_name)
433 continue;
434 ca_name = calloc(1, sizeof *ca_name);
435 xn = X509_NAME_dup(xn);
436 if (!ca_name ||
437 !xn ||
438 !sk_X509_NAME_push(skn, xn)) {
439 free(ca_name);
440 X509_NAME_free(xn);
441 sk_X509_NAME_pop_free(skn, X509_NAME_free);
442 sk_X509_NAME_free(skn);
443 skn = NULL;
444 break;
445 }
446 ca_name->node.key = key;
447 ca_name->xname = xn;
448 eb64_insert(&ca_name_tree, &ca_name->node);
449 }
450 ca_e->ca_list = skn;
451 /* remove temporary ca_name tree */
452 node = eb64_first(&ca_name_tree);
453 while (node) {
454 ca_name = container_of(node, typeof(*ca_name), node);
455 back = eb64_next(node);
456 eb64_delete(node);
457 free(ca_name);
458 node = back;
459 }
460 }
461 return ca_e->ca_list;
462}
463
Willy Tarreaubafbe012017-11-24 17:34:44 +0100464struct pool_head *pool_head_ssl_capture = NULL;
Emmanuel Hocdetaaee7502017-03-07 18:34:58 +0100465static int ssl_capture_ptr_index = -1;
Thierry FOURNIER28962c92018-06-17 21:37:05 +0200466static int ssl_app_data_index = -1;
Willy Tarreauef934602016-12-22 23:12:01 +0100467
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200468#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
469struct list tlskeys_reference = LIST_HEAD_INIT(tlskeys_reference);
470#endif
471
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200472#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +0000473static unsigned int openssl_engines_initialized;
474struct list openssl_engines = LIST_HEAD_INIT(openssl_engines);
475struct ssl_engine_list {
476 struct list list;
477 ENGINE *e;
478};
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200479#endif
Grant Zhang872f9c22017-01-21 01:10:18 +0000480
Remi Gacogne8de54152014-07-15 11:36:40 +0200481#ifndef OPENSSL_NO_DH
Remi Gacogne4f902b82015-05-28 16:23:00 +0200482static int ssl_dh_ptr_index = -1;
Remi Gacogne47783ef2015-05-29 15:53:22 +0200483static DH *global_dh = NULL;
Remi Gacogne8de54152014-07-15 11:36:40 +0200484static DH *local_dh_1024 = NULL;
485static DH *local_dh_2048 = NULL;
486static DH *local_dh_4096 = NULL;
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +0100487static DH *ssl_get_tmp_dh(SSL *ssl, int export, int keylen);
Remi Gacogne8de54152014-07-15 11:36:40 +0200488#endif /* OPENSSL_NO_DH */
489
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100490#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Christopher Faulet31af49d2015-06-09 17:29:50 +0200491/* X509V3 Extensions that will be added on generated certificates */
492#define X509V3_EXT_SIZE 5
493static char *x509v3_ext_names[X509V3_EXT_SIZE] = {
494 "basicConstraints",
495 "nsComment",
496 "subjectKeyIdentifier",
497 "authorityKeyIdentifier",
498 "keyUsage",
499};
500static char *x509v3_ext_values[X509V3_EXT_SIZE] = {
501 "CA:FALSE",
502 "\"OpenSSL Generated Certificate\"",
503 "hash",
504 "keyid,issuer:always",
505 "nonRepudiation,digitalSignature,keyEncipherment"
506};
Christopher Faulet31af49d2015-06-09 17:29:50 +0200507/* LRU cache to store generated certificate */
508static struct lru64_head *ssl_ctx_lru_tree = NULL;
509static unsigned int ssl_ctx_lru_seed = 0;
Emeric Brun821bb9b2017-06-15 16:37:39 +0200510static unsigned int ssl_ctx_serial;
Willy Tarreau86abe442018-11-25 20:12:18 +0100511__decl_rwlock(ssl_ctx_lru_rwlock);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200512
Willy Tarreauc8ad3be2015-06-17 15:48:26 +0200513#endif // SSL_CTRL_SET_TLSEXT_HOSTNAME
514
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200515#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhube2774d2015-12-10 15:07:30 -0500516/* The order here matters for picking a default context,
517 * keep the most common keytype at the bottom of the list
518 */
519const char *SSL_SOCK_KEYTYPE_NAMES[] = {
520 "dsa",
521 "ecdsa",
522 "rsa"
523};
yanbzhube2774d2015-12-10 15:07:30 -0500524#endif
525
William Lallemandc3cd35f2017-11-28 11:04:43 +0100526static struct shared_context *ssl_shctx = NULL; /* ssl shared session cache */
William Lallemand4f45bb92017-10-30 20:08:51 +0100527static struct eb_root *sh_ssl_sess_tree; /* ssl shared session tree */
528
Dragan Dosen9ac98092020-05-11 15:51:45 +0200529/* Dedicated callback functions for heartbeat and clienthello.
530 */
531#ifdef TLS1_RT_HEARTBEAT
532static void ssl_sock_parse_heartbeat(struct connection *conn, int write_p, int version,
533 int content_type, const void *buf, size_t len,
534 SSL *ssl);
535#endif
536static void ssl_sock_parse_clienthello(struct connection *conn, int write_p, int version,
537 int content_type, const void *buf, size_t len,
538 SSL *ssl);
539
Dragan Dosen1e7ed042020-05-08 18:30:00 +0200540/* List head of all registered SSL/TLS protocol message callbacks. */
541struct list ssl_sock_msg_callbacks = LIST_HEAD_INIT(ssl_sock_msg_callbacks);
542
543/* Registers the function <func> in order to be called on SSL/TLS protocol
544 * message processing. It will return 0 if the function <func> is not set
545 * or if it fails to allocate memory.
546 */
547int ssl_sock_register_msg_callback(ssl_sock_msg_callback_func func)
548{
549 struct ssl_sock_msg_callback *cbk;
550
551 if (!func)
552 return 0;
553
554 cbk = calloc(1, sizeof(*cbk));
555 if (!cbk) {
556 ha_alert("out of memory in ssl_sock_register_msg_callback().\n");
557 return 0;
558 }
559
560 cbk->func = func;
561
562 LIST_ADDQ(&ssl_sock_msg_callbacks, &cbk->list);
563
564 return 1;
565}
566
Dragan Dosen9ac98092020-05-11 15:51:45 +0200567/* Used to register dedicated SSL/TLS protocol message callbacks.
568 */
569static int ssl_sock_register_msg_callbacks(void)
570{
571#ifdef TLS1_RT_HEARTBEAT
572 if (!ssl_sock_register_msg_callback(ssl_sock_parse_heartbeat))
573 return ERR_ABORT;
574#endif
575 if (global_ssl.capture_cipherlist > 0) {
576 if (!ssl_sock_register_msg_callback(ssl_sock_parse_clienthello))
577 return ERR_ABORT;
578 }
579 return 0;
580}
581
Dragan Dosen1e7ed042020-05-08 18:30:00 +0200582/* Used to free all SSL/TLS protocol message callbacks that were
583 * registered by using ssl_sock_register_msg_callback().
584 */
585static void ssl_sock_unregister_msg_callbacks(void)
586{
587 struct ssl_sock_msg_callback *cbk, *cbkback;
588
589 list_for_each_entry_safe(cbk, cbkback, &ssl_sock_msg_callbacks, list) {
590 LIST_DEL(&cbk->list);
591 free(cbk);
592 }
593}
594
Dragan Doseneb607fe2020-05-11 17:17:06 +0200595SSL *ssl_sock_get_ssl_object(struct connection *conn)
596{
597 if (!ssl_sock_is_ssl(conn))
598 return NULL;
599
600 return ((struct ssl_sock_ctx *)(conn->xprt_ctx))->ssl;
601}
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100602/*
603 * This function gives the detail of the SSL error. It is used only
604 * if the debug mode and the verbose mode are activated. It dump all
605 * the SSL error until the stack was empty.
606 */
607static forceinline void ssl_sock_dump_errors(struct connection *conn)
608{
609 unsigned long ret;
610
611 if (unlikely(global.mode & MODE_DEBUG)) {
612 while(1) {
613 ret = ERR_get_error();
614 if (ret == 0)
615 return;
616 fprintf(stderr, "fd[%04x] OpenSSL error[0x%lx] %s: %s\n",
Willy Tarreau585744b2017-08-24 14:31:19 +0200617 (unsigned short)conn->handle.fd, ret,
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100618 ERR_func_error_string(ret), ERR_reason_error_string(ret));
619 }
620 }
621}
622
yanbzhube2774d2015-12-10 15:07:30 -0500623
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200624#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +0000625static int ssl_init_single_engine(const char *engine_id, const char *def_algorithms)
626{
627 int err_code = ERR_ABORT;
628 ENGINE *engine;
629 struct ssl_engine_list *el;
630
631 /* grab the structural reference to the engine */
632 engine = ENGINE_by_id(engine_id);
633 if (engine == NULL) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100634 ha_alert("ssl-engine %s: failed to get structural reference\n", engine_id);
Grant Zhang872f9c22017-01-21 01:10:18 +0000635 goto fail_get;
636 }
637
638 if (!ENGINE_init(engine)) {
639 /* the engine couldn't initialise, release it */
Christopher Faulet767a84b2017-11-24 16:50:31 +0100640 ha_alert("ssl-engine %s: failed to initialize\n", engine_id);
Grant Zhang872f9c22017-01-21 01:10:18 +0000641 goto fail_init;
642 }
643
644 if (ENGINE_set_default_string(engine, def_algorithms) == 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100645 ha_alert("ssl-engine %s: failed on ENGINE_set_default_string\n", engine_id);
Grant Zhang872f9c22017-01-21 01:10:18 +0000646 goto fail_set_method;
647 }
648
649 el = calloc(1, sizeof(*el));
650 el->e = engine;
651 LIST_ADD(&openssl_engines, &el->list);
Emeric Brunece0c332017-12-06 13:51:49 +0100652 nb_engines++;
653 if (global_ssl.async)
654 global.ssl_used_async_engines = nb_engines;
Grant Zhang872f9c22017-01-21 01:10:18 +0000655 return 0;
656
657fail_set_method:
658 /* release the functional reference from ENGINE_init() */
659 ENGINE_finish(engine);
660
661fail_init:
662 /* release the structural reference from ENGINE_by_id() */
663 ENGINE_free(engine);
664
665fail_get:
666 return err_code;
667}
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200668#endif
Grant Zhang872f9c22017-01-21 01:10:18 +0000669
Willy Tarreau5db847a2019-05-09 14:13:35 +0200670#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brun3854e012017-05-17 20:42:48 +0200671/*
672 * openssl async fd handler
673 */
Emeric Brund0e095c2019-04-19 17:15:28 +0200674void ssl_async_fd_handler(int fd)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000675{
Olivier Houchardea8dd942019-05-20 14:02:16 +0200676 struct ssl_sock_ctx *ctx = fdtab[fd].owner;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000677
Emeric Brun3854e012017-05-17 20:42:48 +0200678 /* fd is an async enfine fd, we must stop
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000679 * to poll this fd until it is requested
680 */
Emeric Brunbbc16542017-06-02 15:54:06 +0000681 fd_stop_recv(fd);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000682 fd_cant_recv(fd);
683
684 /* crypto engine is available, let's notify the associated
685 * connection that it can pursue its processing.
686 */
Olivier Houchard03abf2d2019-05-28 10:12:02 +0200687 ssl_sock_io_cb(NULL, ctx, 0);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000688}
689
Emeric Brun3854e012017-05-17 20:42:48 +0200690/*
691 * openssl async delayed SSL_free handler
692 */
Emeric Brund0e095c2019-04-19 17:15:28 +0200693void ssl_async_fd_free(int fd)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000694{
695 SSL *ssl = fdtab[fd].owner;
Emeric Brun3854e012017-05-17 20:42:48 +0200696 OSSL_ASYNC_FD all_fd[32];
697 size_t num_all_fds = 0;
698 int i;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000699
Emeric Brun3854e012017-05-17 20:42:48 +0200700 /* We suppose that the async job for a same SSL *
701 * are serialized. So if we are awake it is
702 * because the running job has just finished
703 * and we can remove all async fds safely
704 */
705 SSL_get_all_async_fds(ssl, NULL, &num_all_fds);
706 if (num_all_fds > 32) {
707 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
708 return;
709 }
710
711 SSL_get_all_async_fds(ssl, all_fd, &num_all_fds);
712 for (i=0 ; i < num_all_fds ; i++)
713 fd_remove(all_fd[i]);
714
715 /* Now we can safely call SSL_free, no more pending job in engines */
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000716 SSL_free(ssl);
Olivier Houchard2be5a4c2019-03-08 18:54:43 +0100717 _HA_ATOMIC_SUB(&sslconns, 1);
718 _HA_ATOMIC_SUB(&jobs, 1);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000719}
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000720/*
Emeric Brun3854e012017-05-17 20:42:48 +0200721 * function used to manage a returned SSL_ERROR_WANT_ASYNC
722 * and enable/disable polling for async fds
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000723 */
Olivier Houchardea8dd942019-05-20 14:02:16 +0200724static inline void ssl_async_process_fds(struct ssl_sock_ctx *ctx)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000725{
Willy Tarreaua9786b62018-01-25 07:22:13 +0100726 OSSL_ASYNC_FD add_fd[32];
Emeric Brun3854e012017-05-17 20:42:48 +0200727 OSSL_ASYNC_FD del_fd[32];
Olivier Houchardea8dd942019-05-20 14:02:16 +0200728 SSL *ssl = ctx->ssl;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000729 size_t num_add_fds = 0;
730 size_t num_del_fds = 0;
Emeric Brun3854e012017-05-17 20:42:48 +0200731 int i;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000732
733 SSL_get_changed_async_fds(ssl, NULL, &num_add_fds, NULL,
734 &num_del_fds);
Emeric Brun3854e012017-05-17 20:42:48 +0200735 if (num_add_fds > 32 || num_del_fds > 32) {
736 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000737 return;
738 }
739
Emeric Brun3854e012017-05-17 20:42:48 +0200740 SSL_get_changed_async_fds(ssl, add_fd, &num_add_fds, del_fd, &num_del_fds);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000741
Emeric Brun3854e012017-05-17 20:42:48 +0200742 /* We remove unused fds from the fdtab */
743 for (i=0 ; i < num_del_fds ; i++)
744 fd_remove(del_fd[i]);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000745
Emeric Brun3854e012017-05-17 20:42:48 +0200746 /* We add new fds to the fdtab */
747 for (i=0 ; i < num_add_fds ; i++) {
Olivier Houchardea8dd942019-05-20 14:02:16 +0200748 fd_insert(add_fd[i], ctx, ssl_async_fd_handler, tid_bit);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000749 }
750
Emeric Brun3854e012017-05-17 20:42:48 +0200751 num_add_fds = 0;
752 SSL_get_all_async_fds(ssl, NULL, &num_add_fds);
753 if (num_add_fds > 32) {
754 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
755 return;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000756 }
Emeric Brun3854e012017-05-17 20:42:48 +0200757
758 /* We activate the polling for all known async fds */
759 SSL_get_all_async_fds(ssl, add_fd, &num_add_fds);
Emeric Brunce9e01c2017-05-31 10:02:53 +0000760 for (i=0 ; i < num_add_fds ; i++) {
Emeric Brun3854e012017-05-17 20:42:48 +0200761 fd_want_recv(add_fd[i]);
Emeric Brunce9e01c2017-05-31 10:02:53 +0000762 /* To ensure that the fd cache won't be used
763 * We'll prefer to catch a real RD event
764 * because handling an EAGAIN on this fd will
765 * result in a context switch and also
766 * some engines uses a fd in blocking mode.
767 */
768 fd_cant_recv(add_fd[i]);
769 }
Emeric Brun3854e012017-05-17 20:42:48 +0200770
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000771}
772#endif
773
William Lallemand104a7a62019-10-14 14:14:59 +0200774#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200775/*
776 * This function returns the number of seconds elapsed
777 * since the Epoch, 1970-01-01 00:00:00 +0000 (UTC) and the
778 * date presented un ASN1_GENERALIZEDTIME.
779 *
780 * In parsing error case, it returns -1.
781 */
782static long asn1_generalizedtime_to_epoch(ASN1_GENERALIZEDTIME *d)
783{
784 long epoch;
785 char *p, *end;
786 const unsigned short month_offset[12] = {
787 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334
788 };
789 int year, month;
790
791 if (!d || (d->type != V_ASN1_GENERALIZEDTIME)) return -1;
792
793 p = (char *)d->data;
794 end = p + d->length;
795
796 if (end - p < 4) return -1;
797 year = 1000 * (p[0] - '0') + 100 * (p[1] - '0') + 10 * (p[2] - '0') + p[3] - '0';
798 p += 4;
799 if (end - p < 2) return -1;
800 month = 10 * (p[0] - '0') + p[1] - '0';
801 if (month < 1 || month > 12) return -1;
802 /* Compute the number of seconds since 1 jan 1970 and the beginning of current month
803 We consider leap years and the current month (<marsh or not) */
804 epoch = ( ((year - 1970) * 365)
805 + ((year - (month < 3)) / 4 - (year - (month < 3)) / 100 + (year - (month < 3)) / 400)
806 - ((1970 - 1) / 4 - (1970 - 1) / 100 + (1970 - 1) / 400)
807 + month_offset[month-1]
808 ) * 24 * 60 * 60;
809 p += 2;
810 if (end - p < 2) return -1;
811 /* Add the number of seconds of completed days of current month */
812 epoch += (10 * (p[0] - '0') + p[1] - '0' - 1) * 24 * 60 * 60;
813 p += 2;
814 if (end - p < 2) return -1;
815 /* Add the completed hours of the current day */
816 epoch += (10 * (p[0] - '0') + p[1] - '0') * 60 * 60;
817 p += 2;
818 if (end - p < 2) return -1;
819 /* Add the completed minutes of the current hour */
820 epoch += (10 * (p[0] - '0') + p[1] - '0') * 60;
821 p += 2;
822 if (p == end) return -1;
823 /* Test if there is available seconds */
824 if (p[0] < '0' || p[0] > '9')
825 goto nosec;
826 if (end - p < 2) return -1;
827 /* Add the seconds of the current minute */
828 epoch += 10 * (p[0] - '0') + p[1] - '0';
829 p += 2;
830 if (p == end) return -1;
831 /* Ignore seconds float part if present */
832 if (p[0] == '.') {
833 do {
834 if (++p == end) return -1;
835 } while (p[0] >= '0' && p[0] <= '9');
836 }
837
838nosec:
839 if (p[0] == 'Z') {
840 if (end - p != 1) return -1;
841 return epoch;
842 }
843 else if (p[0] == '+') {
844 if (end - p != 5) return -1;
845 /* Apply timezone offset */
Frederik Deweerdt953917a2017-10-16 07:37:31 -0700846 return epoch - ((10 * (p[1] - '0') + p[2] - '0') * 60 * 60 + (10 * (p[3] - '0') + p[4] - '0')) * 60;
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200847 }
848 else if (p[0] == '-') {
849 if (end - p != 5) return -1;
850 /* Apply timezone offset */
Frederik Deweerdt953917a2017-10-16 07:37:31 -0700851 return epoch + ((10 * (p[1] - '0') + p[2] - '0') * 60 * 60 + (10 * (p[3] - '0') + p[4] - '0')) * 60;
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200852 }
853
854 return -1;
855}
856
William Lallemand104a7a62019-10-14 14:14:59 +0200857/*
858 * struct alignment works here such that the key.key is the same as key_data
859 * Do not change the placement of key_data
860 */
861struct certificate_ocsp {
862 struct ebmb_node key;
863 unsigned char key_data[OCSP_MAX_CERTID_ASN1_LENGTH];
864 struct buffer response;
865 long expire;
866};
867
868struct ocsp_cbk_arg {
869 int is_single;
870 int single_kt;
871 union {
872 struct certificate_ocsp *s_ocsp;
873 /*
874 * m_ocsp will have multiple entries dependent on key type
875 * Entry 0 - DSA
876 * Entry 1 - ECDSA
877 * Entry 2 - RSA
878 */
879 struct certificate_ocsp *m_ocsp[SSL_SOCK_NUM_KEYTYPES];
880 };
881};
882
Emeric Brun1d3865b2014-06-20 15:37:32 +0200883static struct eb_root cert_ocsp_tree = EB_ROOT_UNIQUE;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200884
885/* This function starts to check if the OCSP response (in DER format) contained
886 * in chunk 'ocsp_response' is valid (else exits on error).
887 * If 'cid' is not NULL, it will be compared to the OCSP certificate ID
888 * contained in the OCSP Response and exits on error if no match.
889 * If it's a valid OCSP Response:
890 * If 'ocsp' is not NULL, the chunk is copied in the OCSP response's container
891 * pointed by 'ocsp'.
892 * If 'ocsp' is NULL, the function looks up into the OCSP response's
893 * containers tree (using as index the ASN1 form of the OCSP Certificate ID extracted
894 * from the response) and exits on error if not found. Finally, If an OCSP response is
895 * already present in the container, it will be overwritten.
896 *
897 * Note: OCSP response containing more than one OCSP Single response is not
898 * considered valid.
899 *
900 * Returns 0 on success, 1 in error case.
901 */
Willy Tarreau83061a82018-07-13 11:56:34 +0200902static int ssl_sock_load_ocsp_response(struct buffer *ocsp_response,
903 struct certificate_ocsp *ocsp,
904 OCSP_CERTID *cid, char **err)
Emeric Brun4147b2e2014-06-16 18:36:30 +0200905{
906 OCSP_RESPONSE *resp;
907 OCSP_BASICRESP *bs = NULL;
908 OCSP_SINGLERESP *sr;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200909 OCSP_CERTID *id;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200910 unsigned char *p = (unsigned char *) ocsp_response->area;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200911 int rc , count_sr;
Emeric Brun13a6b482014-06-20 15:44:34 +0200912 ASN1_GENERALIZEDTIME *revtime, *thisupd, *nextupd = NULL;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200913 int reason;
914 int ret = 1;
915
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200916 resp = d2i_OCSP_RESPONSE(NULL, (const unsigned char **)&p,
917 ocsp_response->data);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200918 if (!resp) {
919 memprintf(err, "Unable to parse OCSP response");
920 goto out;
921 }
922
923 rc = OCSP_response_status(resp);
924 if (rc != OCSP_RESPONSE_STATUS_SUCCESSFUL) {
925 memprintf(err, "OCSP response status not successful");
926 goto out;
927 }
928
929 bs = OCSP_response_get1_basic(resp);
930 if (!bs) {
931 memprintf(err, "Failed to get basic response from OCSP Response");
932 goto out;
933 }
934
935 count_sr = OCSP_resp_count(bs);
936 if (count_sr > 1) {
937 memprintf(err, "OCSP response ignored because contains multiple single responses (%d)", count_sr);
938 goto out;
939 }
940
941 sr = OCSP_resp_get0(bs, 0);
942 if (!sr) {
943 memprintf(err, "Failed to get OCSP single response");
944 goto out;
945 }
946
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200947 id = (OCSP_CERTID*)OCSP_SINGLERESP_get0_id(sr);
948
Emeric Brun4147b2e2014-06-16 18:36:30 +0200949 rc = OCSP_single_get0_status(sr, &reason, &revtime, &thisupd, &nextupd);
Emmanuel Hocdetef607052017-10-24 14:57:16 +0200950 if (rc != V_OCSP_CERTSTATUS_GOOD && rc != V_OCSP_CERTSTATUS_REVOKED) {
Emmanuel Hocdet872085c2017-10-10 15:18:52 +0200951 memprintf(err, "OCSP single response: certificate status is unknown");
Emeric Brun4147b2e2014-06-16 18:36:30 +0200952 goto out;
953 }
954
Emeric Brun13a6b482014-06-20 15:44:34 +0200955 if (!nextupd) {
956 memprintf(err, "OCSP single response: missing nextupdate");
957 goto out;
958 }
959
Emeric Brunc8b27b62014-06-19 14:16:17 +0200960 rc = OCSP_check_validity(thisupd, nextupd, OCSP_MAX_RESPONSE_TIME_SKEW, -1);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200961 if (!rc) {
962 memprintf(err, "OCSP single response: no longer valid.");
963 goto out;
964 }
965
966 if (cid) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200967 if (OCSP_id_cmp(id, cid)) {
Emeric Brun4147b2e2014-06-16 18:36:30 +0200968 memprintf(err, "OCSP single response: Certificate ID does not match certificate and issuer");
969 goto out;
970 }
971 }
972
973 if (!ocsp) {
974 unsigned char key[OCSP_MAX_CERTID_ASN1_LENGTH];
975 unsigned char *p;
976
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200977 rc = i2d_OCSP_CERTID(id, NULL);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200978 if (!rc) {
979 memprintf(err, "OCSP single response: Unable to encode Certificate ID");
980 goto out;
981 }
982
983 if (rc > OCSP_MAX_CERTID_ASN1_LENGTH) {
984 memprintf(err, "OCSP single response: Certificate ID too long");
985 goto out;
986 }
987
988 p = key;
989 memset(key, 0, OCSP_MAX_CERTID_ASN1_LENGTH);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200990 i2d_OCSP_CERTID(id, &p);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200991 ocsp = (struct certificate_ocsp *)ebmb_lookup(&cert_ocsp_tree, key, OCSP_MAX_CERTID_ASN1_LENGTH);
992 if (!ocsp) {
993 memprintf(err, "OCSP single response: Certificate ID does not match any certificate or issuer");
994 goto out;
995 }
996 }
997
998 /* According to comments on "chunk_dup", the
999 previous chunk buffer will be freed */
1000 if (!chunk_dup(&ocsp->response, ocsp_response)) {
1001 memprintf(err, "OCSP response: Memory allocation error");
1002 goto out;
1003 }
1004
Emeric Brun4f3c87a2014-06-20 15:46:13 +02001005 ocsp->expire = asn1_generalizedtime_to_epoch(nextupd) - OCSP_MAX_RESPONSE_TIME_SKEW;
1006
Emeric Brun4147b2e2014-06-16 18:36:30 +02001007 ret = 0;
1008out:
Janusz Dziemidowicz8d710492017-03-08 16:59:41 +01001009 ERR_clear_error();
1010
Emeric Brun4147b2e2014-06-16 18:36:30 +02001011 if (bs)
1012 OCSP_BASICRESP_free(bs);
1013
1014 if (resp)
1015 OCSP_RESPONSE_free(resp);
1016
1017 return ret;
1018}
1019/*
1020 * External function use to update the OCSP response in the OCSP response's
1021 * containers tree. The chunk 'ocsp_response' must contain the OCSP response
1022 * to update in DER format.
1023 *
1024 * Returns 0 on success, 1 in error case.
1025 */
Willy Tarreau83061a82018-07-13 11:56:34 +02001026int ssl_sock_update_ocsp_response(struct buffer *ocsp_response, char **err)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001027{
1028 return ssl_sock_load_ocsp_response(ocsp_response, NULL, NULL, err);
1029}
1030
William Lallemand4a660132019-10-14 14:51:41 +02001031#endif
1032
1033#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001034/*
1035 * This function load the OCSP Resonse in DER format contained in file at
William Lallemand3b5f3602019-10-16 18:05:05 +02001036 * path 'ocsp_path' or base64 in a buffer <buf>
Emeric Brun4147b2e2014-06-16 18:36:30 +02001037 *
1038 * Returns 0 on success, 1 in error case.
1039 */
William Lallemand3b5f3602019-10-16 18:05:05 +02001040static int ssl_sock_load_ocsp_response_from_file(const char *ocsp_path, char *buf, struct cert_key_and_chain *ckch, char **err)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001041{
1042 int fd = -1;
1043 int r = 0;
1044 int ret = 1;
William Lallemand3b5f3602019-10-16 18:05:05 +02001045 struct buffer *ocsp_response;
1046 struct buffer *src = NULL;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001047
William Lallemand3b5f3602019-10-16 18:05:05 +02001048 if (buf) {
1049 int i, j;
1050 /* if it's from a buffer it will be base64 */
Emeric Brun4147b2e2014-06-16 18:36:30 +02001051
William Lallemand3b5f3602019-10-16 18:05:05 +02001052 /* remove \r and \n from the payload */
1053 for (i = 0, j = 0; buf[i]; i++) {
1054 if (buf[i] == '\r' || buf[i] == '\n')
Emeric Brun4147b2e2014-06-16 18:36:30 +02001055 continue;
William Lallemand3b5f3602019-10-16 18:05:05 +02001056 buf[j++] = buf[i];
1057 }
1058 buf[j] = 0;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001059
William Lallemand3b5f3602019-10-16 18:05:05 +02001060 ret = base64dec(buf, j, trash.area, trash.size);
1061 if (ret < 0) {
1062 memprintf(err, "Error reading OCSP response in base64 format");
Emeric Brun4147b2e2014-06-16 18:36:30 +02001063 goto end;
1064 }
William Lallemand3b5f3602019-10-16 18:05:05 +02001065 trash.data = ret;
1066 src = &trash;
1067 } else {
1068 fd = open(ocsp_path, O_RDONLY);
1069 if (fd == -1) {
1070 memprintf(err, "Error opening OCSP response file");
1071 goto end;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001072 }
William Lallemand3b5f3602019-10-16 18:05:05 +02001073
1074 trash.data = 0;
1075 while (trash.data < trash.size) {
1076 r = read(fd, trash.area + trash.data, trash.size - trash.data);
1077 if (r < 0) {
1078 if (errno == EINTR)
1079 continue;
1080
1081 memprintf(err, "Error reading OCSP response from file");
1082 goto end;
1083 }
1084 else if (r == 0) {
1085 break;
1086 }
1087 trash.data += r;
1088 }
1089 close(fd);
1090 fd = -1;
1091 src = &trash;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001092 }
1093
William Lallemand3b5f3602019-10-16 18:05:05 +02001094 ocsp_response = calloc(1, sizeof(*ocsp_response));
1095 if (!chunk_dup(ocsp_response, src)) {
1096 free(ocsp_response);
1097 ocsp_response = NULL;
William Lallemand246c0242019-10-11 08:59:13 +02001098 goto end;
1099 }
Emmanuel Hocdet0667fae2020-01-16 14:41:36 +01001100 /* no error, fill ckch with new context, old context must be free */
1101 if (ckch->ocsp_response) {
1102 free(ckch->ocsp_response->area);
1103 ckch->ocsp_response->area = NULL;
1104 free(ckch->ocsp_response);
1105 }
William Lallemand3b5f3602019-10-16 18:05:05 +02001106 ckch->ocsp_response = ocsp_response;
William Lallemande0f48ae2019-10-15 13:44:57 +02001107 ret = 0;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001108end:
1109 if (fd != -1)
1110 close(fd);
1111
1112 return ret;
1113}
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01001114#endif
Emeric Brun4147b2e2014-06-16 18:36:30 +02001115
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001116#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
1117static int ssl_tlsext_ticket_key_cb(SSL *s, unsigned char key_name[16], unsigned char *iv, EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc)
1118{
Christopher Faulet16f45c82018-02-16 11:23:49 +01001119 struct tls_keys_ref *ref;
Emeric Brun9e754772019-01-10 17:51:55 +01001120 union tls_sess_key *keys;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001121 struct connection *conn;
1122 int head;
1123 int i;
Christopher Faulet16f45c82018-02-16 11:23:49 +01001124 int ret = -1; /* error by default */
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001125
Thierry FOURNIER28962c92018-06-17 21:37:05 +02001126 conn = SSL_get_ex_data(s, ssl_app_data_index);
Willy Tarreau07d94e42018-09-20 10:57:52 +02001127 ref = __objt_listener(conn->target)->bind_conf->keys_ref;
Christopher Faulet16f45c82018-02-16 11:23:49 +01001128 HA_RWLOCK_RDLOCK(TLSKEYS_REF_LOCK, &ref->lock);
1129
1130 keys = ref->tlskeys;
1131 head = ref->tls_ticket_enc_index;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001132
1133 if (enc) {
1134 memcpy(key_name, keys[head].name, 16);
1135
1136 if(!RAND_pseudo_bytes(iv, EVP_MAX_IV_LENGTH))
Christopher Faulet16f45c82018-02-16 11:23:49 +01001137 goto end;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001138
Emeric Brun9e754772019-01-10 17:51:55 +01001139 if (ref->key_size_bits == 128) {
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001140
Emeric Brun9e754772019-01-10 17:51:55 +01001141 if(!EVP_EncryptInit_ex(ectx, EVP_aes_128_cbc(), NULL, keys[head].key_128.aes_key, iv))
1142 goto end;
1143
Willy Tarreau9356dac2019-05-10 09:22:53 +02001144 HMAC_Init_ex(hctx, keys[head].key_128.hmac_key, 16, TLS_TICKET_HASH_FUNCT(), NULL);
Emeric Brun9e754772019-01-10 17:51:55 +01001145 ret = 1;
1146 }
1147 else if (ref->key_size_bits == 256 ) {
1148
1149 if(!EVP_EncryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, keys[head].key_256.aes_key, iv))
1150 goto end;
1151
Willy Tarreau9356dac2019-05-10 09:22:53 +02001152 HMAC_Init_ex(hctx, keys[head].key_256.hmac_key, 32, TLS_TICKET_HASH_FUNCT(), NULL);
Emeric Brun9e754772019-01-10 17:51:55 +01001153 ret = 1;
1154 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001155 } else {
1156 for (i = 0; i < TLS_TICKETS_NO; i++) {
1157 if (!memcmp(key_name, keys[(head + i) % TLS_TICKETS_NO].name, 16))
1158 goto found;
1159 }
Christopher Faulet16f45c82018-02-16 11:23:49 +01001160 ret = 0;
1161 goto end;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001162
Christopher Faulet16f45c82018-02-16 11:23:49 +01001163 found:
Emeric Brun9e754772019-01-10 17:51:55 +01001164 if (ref->key_size_bits == 128) {
Willy Tarreau9356dac2019-05-10 09:22:53 +02001165 HMAC_Init_ex(hctx, keys[(head + i) % TLS_TICKETS_NO].key_128.hmac_key, 16, TLS_TICKET_HASH_FUNCT(), NULL);
Emeric Brun9e754772019-01-10 17:51:55 +01001166 if(!EVP_DecryptInit_ex(ectx, EVP_aes_128_cbc(), NULL, keys[(head + i) % TLS_TICKETS_NO].key_128.aes_key, iv))
1167 goto end;
1168 /* 2 for key renewal, 1 if current key is still valid */
1169 ret = i ? 2 : 1;
1170 }
1171 else if (ref->key_size_bits == 256) {
Willy Tarreau9356dac2019-05-10 09:22:53 +02001172 HMAC_Init_ex(hctx, keys[(head + i) % TLS_TICKETS_NO].key_256.hmac_key, 32, TLS_TICKET_HASH_FUNCT(), NULL);
Emeric Brun9e754772019-01-10 17:51:55 +01001173 if(!EVP_DecryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, keys[(head + i) % TLS_TICKETS_NO].key_256.aes_key, iv))
1174 goto end;
1175 /* 2 for key renewal, 1 if current key is still valid */
1176 ret = i ? 2 : 1;
1177 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001178 }
Emeric Brun9e754772019-01-10 17:51:55 +01001179
Christopher Faulet16f45c82018-02-16 11:23:49 +01001180 end:
1181 HA_RWLOCK_RDUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
1182 return ret;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001183}
1184
1185struct tls_keys_ref *tlskeys_ref_lookup(const char *filename)
1186{
1187 struct tls_keys_ref *ref;
1188
1189 list_for_each_entry(ref, &tlskeys_reference, list)
1190 if (ref->filename && strcmp(filename, ref->filename) == 0)
1191 return ref;
1192 return NULL;
1193}
1194
1195struct tls_keys_ref *tlskeys_ref_lookupid(int unique_id)
1196{
1197 struct tls_keys_ref *ref;
1198
1199 list_for_each_entry(ref, &tlskeys_reference, list)
1200 if (ref->unique_id == unique_id)
1201 return ref;
1202 return NULL;
1203}
1204
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +05001205/* Update the key into ref: if keysize doesn't
Emeric Brun9e754772019-01-10 17:51:55 +01001206 * match existing ones, this function returns -1
1207 * else it returns 0 on success.
1208 */
1209int ssl_sock_update_tlskey_ref(struct tls_keys_ref *ref,
Willy Tarreau83061a82018-07-13 11:56:34 +02001210 struct buffer *tlskey)
Christopher Faulet16f45c82018-02-16 11:23:49 +01001211{
Emeric Brun9e754772019-01-10 17:51:55 +01001212 if (ref->key_size_bits == 128) {
1213 if (tlskey->data != sizeof(struct tls_sess_key_128))
1214 return -1;
1215 }
1216 else if (ref->key_size_bits == 256) {
1217 if (tlskey->data != sizeof(struct tls_sess_key_256))
1218 return -1;
1219 }
1220 else
1221 return -1;
1222
Christopher Faulet16f45c82018-02-16 11:23:49 +01001223 HA_RWLOCK_WRLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001224 memcpy((char *) (ref->tlskeys + ((ref->tls_ticket_enc_index + 2) % TLS_TICKETS_NO)),
1225 tlskey->area, tlskey->data);
Christopher Faulet16f45c82018-02-16 11:23:49 +01001226 ref->tls_ticket_enc_index = (ref->tls_ticket_enc_index + 1) % TLS_TICKETS_NO;
1227 HA_RWLOCK_WRUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Emeric Brun9e754772019-01-10 17:51:55 +01001228
1229 return 0;
Christopher Faulet16f45c82018-02-16 11:23:49 +01001230}
1231
Willy Tarreau83061a82018-07-13 11:56:34 +02001232int ssl_sock_update_tlskey(char *filename, struct buffer *tlskey, char **err)
Christopher Faulet16f45c82018-02-16 11:23:49 +01001233{
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001234 struct tls_keys_ref *ref = tlskeys_ref_lookup(filename);
1235
1236 if(!ref) {
1237 memprintf(err, "Unable to locate the referenced filename: %s", filename);
1238 return 1;
1239 }
Emeric Brun9e754772019-01-10 17:51:55 +01001240 if (ssl_sock_update_tlskey_ref(ref, tlskey) < 0) {
1241 memprintf(err, "Invalid key size");
1242 return 1;
1243 }
1244
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001245 return 0;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001246}
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001247
1248/* This function finalize the configuration parsing. Its set all the
Willy Tarreaud1c57502016-12-22 22:46:15 +01001249 * automatic ids. It's called just after the basic checks. It returns
1250 * 0 on success otherwise ERR_*.
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001251 */
Willy Tarreaud1c57502016-12-22 22:46:15 +01001252static int tlskeys_finalize_config(void)
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001253{
1254 int i = 0;
1255 struct tls_keys_ref *ref, *ref2, *ref3;
1256 struct list tkr = LIST_HEAD_INIT(tkr);
1257
1258 list_for_each_entry(ref, &tlskeys_reference, list) {
1259 if (ref->unique_id == -1) {
1260 /* Look for the first free id. */
1261 while (1) {
1262 list_for_each_entry(ref2, &tlskeys_reference, list) {
1263 if (ref2->unique_id == i) {
1264 i++;
1265 break;
1266 }
1267 }
1268 if (&ref2->list == &tlskeys_reference)
1269 break;
1270 }
1271
1272 /* Uses the unique id and increment it for the next entry. */
1273 ref->unique_id = i;
1274 i++;
1275 }
1276 }
1277
1278 /* This sort the reference list by id. */
1279 list_for_each_entry_safe(ref, ref2, &tlskeys_reference, list) {
1280 LIST_DEL(&ref->list);
1281 list_for_each_entry(ref3, &tkr, list) {
1282 if (ref->unique_id < ref3->unique_id) {
1283 LIST_ADDQ(&ref3->list, &ref->list);
1284 break;
1285 }
1286 }
1287 if (&ref3->list == &tkr)
1288 LIST_ADDQ(&tkr, &ref->list);
1289 }
1290
1291 /* swap root */
1292 LIST_ADD(&tkr, &tlskeys_reference);
1293 LIST_DEL(&tkr);
Willy Tarreaud1c57502016-12-22 22:46:15 +01001294 return 0;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001295}
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001296#endif /* SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB */
1297
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01001298#ifndef OPENSSL_NO_OCSP
yanbzhube2774d2015-12-10 15:07:30 -05001299int ssl_sock_get_ocsp_arg_kt_index(int evp_keytype)
1300{
1301 switch (evp_keytype) {
1302 case EVP_PKEY_RSA:
1303 return 2;
1304 case EVP_PKEY_DSA:
1305 return 0;
1306 case EVP_PKEY_EC:
1307 return 1;
1308 }
1309
1310 return -1;
1311}
1312
Emeric Brun4147b2e2014-06-16 18:36:30 +02001313/*
1314 * Callback used to set OCSP status extension content in server hello.
1315 */
1316int ssl_sock_ocsp_stapling_cbk(SSL *ssl, void *arg)
1317{
yanbzhube2774d2015-12-10 15:07:30 -05001318 struct certificate_ocsp *ocsp;
1319 struct ocsp_cbk_arg *ocsp_arg;
1320 char *ssl_buf;
1321 EVP_PKEY *ssl_pkey;
1322 int key_type;
1323 int index;
1324
Vincent Bernat3c2f2f22016-04-03 13:48:42 +02001325 ocsp_arg = arg;
yanbzhube2774d2015-12-10 15:07:30 -05001326
1327 ssl_pkey = SSL_get_privatekey(ssl);
1328 if (!ssl_pkey)
1329 return SSL_TLSEXT_ERR_NOACK;
1330
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001331 key_type = EVP_PKEY_base_id(ssl_pkey);
yanbzhube2774d2015-12-10 15:07:30 -05001332
1333 if (ocsp_arg->is_single && ocsp_arg->single_kt == key_type)
1334 ocsp = ocsp_arg->s_ocsp;
1335 else {
1336 /* For multiple certs per context, we have to find the correct OCSP response based on
1337 * the certificate type
1338 */
1339 index = ssl_sock_get_ocsp_arg_kt_index(key_type);
1340
1341 if (index < 0)
1342 return SSL_TLSEXT_ERR_NOACK;
1343
1344 ocsp = ocsp_arg->m_ocsp[index];
1345
1346 }
Emeric Brun4147b2e2014-06-16 18:36:30 +02001347
1348 if (!ocsp ||
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001349 !ocsp->response.area ||
1350 !ocsp->response.data ||
Emeric Brun4f3c87a2014-06-20 15:46:13 +02001351 (ocsp->expire < now.tv_sec))
Emeric Brun4147b2e2014-06-16 18:36:30 +02001352 return SSL_TLSEXT_ERR_NOACK;
1353
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001354 ssl_buf = OPENSSL_malloc(ocsp->response.data);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001355 if (!ssl_buf)
1356 return SSL_TLSEXT_ERR_NOACK;
1357
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001358 memcpy(ssl_buf, ocsp->response.area, ocsp->response.data);
1359 SSL_set_tlsext_status_ocsp_resp(ssl, ssl_buf, ocsp->response.data);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001360
1361 return SSL_TLSEXT_ERR_OK;
1362}
1363
William Lallemand4a660132019-10-14 14:51:41 +02001364#endif
1365
1366#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001367/*
1368 * This function enables the handling of OCSP status extension on 'ctx' if a
William Lallemand246c0242019-10-11 08:59:13 +02001369 * ocsp_response buffer was found in the cert_key_and_chain. To enable OCSP
1370 * status extension, the issuer's certificate is mandatory. It should be
1371 * present in ckch->ocsp_issuer.
Emeric Brun4147b2e2014-06-16 18:36:30 +02001372 *
William Lallemand246c0242019-10-11 08:59:13 +02001373 * In addition, the ckch->ocsp_reponse buffer is loaded as a DER format of an
1374 * OCSP response. If file is empty or content is not a valid OCSP response,
1375 * OCSP status extension is enabled but OCSP response is ignored (a warning is
1376 * displayed).
Emeric Brun4147b2e2014-06-16 18:36:30 +02001377 *
1378 * Returns 1 if no ".ocsp" file found, 0 if OCSP status extension is
Joseph Herlant017b3da2018-11-15 09:07:59 -08001379 * successfully enabled, or -1 in other error case.
Emeric Brun4147b2e2014-06-16 18:36:30 +02001380 */
William Lallemand4a660132019-10-14 14:51:41 +02001381#ifndef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet6f507c72020-02-18 15:56:39 +01001382static int ssl_sock_load_ocsp(SSL_CTX *ctx, const struct cert_key_and_chain *ckch, STACK_OF(X509) *chain)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001383{
Emmanuel Hocdet6f507c72020-02-18 15:56:39 +01001384 X509 *x, *issuer;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001385 OCSP_CERTID *cid = NULL;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001386 int i, ret = -1;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001387 struct certificate_ocsp *ocsp = NULL, *iocsp;
1388 char *warn = NULL;
1389 unsigned char *p;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001390 void (*callback) (void);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001391
Emeric Brun4147b2e2014-06-16 18:36:30 +02001392
William Lallemand246c0242019-10-11 08:59:13 +02001393 x = ckch->cert;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001394 if (!x)
1395 goto out;
1396
William Lallemand246c0242019-10-11 08:59:13 +02001397 issuer = ckch->ocsp_issuer;
Emmanuel Hocdet6f507c72020-02-18 15:56:39 +01001398 /* take issuer from chain over ocsp_issuer, is what is done historicaly */
1399 if (chain) {
1400 /* check if one of the certificate of the chain is the issuer */
1401 for (i = 0; i < sk_X509_num(chain); i++) {
1402 X509 *ti = sk_X509_value(chain, i);
1403 if (X509_check_issued(ti, x) == X509_V_OK) {
1404 issuer = ti;
1405 break;
1406 }
1407 }
1408 }
William Lallemand246c0242019-10-11 08:59:13 +02001409 if (!issuer)
1410 goto out;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001411
1412 cid = OCSP_cert_to_id(0, x, issuer);
1413 if (!cid)
1414 goto out;
1415
1416 i = i2d_OCSP_CERTID(cid, NULL);
1417 if (!i || (i > OCSP_MAX_CERTID_ASN1_LENGTH))
1418 goto out;
1419
Vincent Bernat02779b62016-04-03 13:48:43 +02001420 ocsp = calloc(1, sizeof(*ocsp));
Emeric Brun4147b2e2014-06-16 18:36:30 +02001421 if (!ocsp)
1422 goto out;
1423
1424 p = ocsp->key_data;
1425 i2d_OCSP_CERTID(cid, &p);
1426
1427 iocsp = (struct certificate_ocsp *)ebmb_insert(&cert_ocsp_tree, &ocsp->key, OCSP_MAX_CERTID_ASN1_LENGTH);
1428 if (iocsp == ocsp)
1429 ocsp = NULL;
1430
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001431#ifndef SSL_CTX_get_tlsext_status_cb
1432# define SSL_CTX_get_tlsext_status_cb(ctx, cb) \
1433 *cb = (void (*) (void))ctx->tlsext_status_cb;
1434#endif
1435 SSL_CTX_get_tlsext_status_cb(ctx, &callback);
1436
1437 if (!callback) {
Vincent Bernat02779b62016-04-03 13:48:43 +02001438 struct ocsp_cbk_arg *cb_arg = calloc(1, sizeof(*cb_arg));
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +01001439 EVP_PKEY *pkey;
yanbzhube2774d2015-12-10 15:07:30 -05001440
1441 cb_arg->is_single = 1;
1442 cb_arg->s_ocsp = iocsp;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001443
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +01001444 pkey = X509_get_pubkey(x);
1445 cb_arg->single_kt = EVP_PKEY_base_id(pkey);
1446 EVP_PKEY_free(pkey);
yanbzhube2774d2015-12-10 15:07:30 -05001447
1448 SSL_CTX_set_tlsext_status_cb(ctx, ssl_sock_ocsp_stapling_cbk);
1449 SSL_CTX_set_tlsext_status_arg(ctx, cb_arg);
1450 } else {
1451 /*
1452 * If the ctx has a status CB, then we have previously set an OCSP staple for this ctx
1453 * Update that cb_arg with the new cert's staple
1454 */
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001455 struct ocsp_cbk_arg *cb_arg;
yanbzhube2774d2015-12-10 15:07:30 -05001456 struct certificate_ocsp *tmp_ocsp;
1457 int index;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001458 int key_type;
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +01001459 EVP_PKEY *pkey;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001460
1461#ifdef SSL_CTX_get_tlsext_status_arg
1462 SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG, 0, &cb_arg);
1463#else
1464 cb_arg = ctx->tlsext_status_arg;
1465#endif
yanbzhube2774d2015-12-10 15:07:30 -05001466
1467 /*
1468 * The following few lines will convert cb_arg from a single ocsp to multi ocsp
1469 * the order of operations below matter, take care when changing it
1470 */
1471 tmp_ocsp = cb_arg->s_ocsp;
1472 index = ssl_sock_get_ocsp_arg_kt_index(cb_arg->single_kt);
1473 cb_arg->s_ocsp = NULL;
1474 cb_arg->m_ocsp[index] = tmp_ocsp;
1475 cb_arg->is_single = 0;
1476 cb_arg->single_kt = 0;
1477
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +01001478 pkey = X509_get_pubkey(x);
1479 key_type = EVP_PKEY_base_id(pkey);
1480 EVP_PKEY_free(pkey);
1481
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001482 index = ssl_sock_get_ocsp_arg_kt_index(key_type);
yanbzhube2774d2015-12-10 15:07:30 -05001483 if (index >= 0 && !cb_arg->m_ocsp[index])
1484 cb_arg->m_ocsp[index] = iocsp;
1485
1486 }
Emeric Brun4147b2e2014-06-16 18:36:30 +02001487
1488 ret = 0;
1489
1490 warn = NULL;
William Lallemand246c0242019-10-11 08:59:13 +02001491 if (ssl_sock_load_ocsp_response(ckch->ocsp_response, ocsp, cid, &warn)) {
William Lallemand3b5f3602019-10-16 18:05:05 +02001492 memprintf(&warn, "Loading: %s. Content will be ignored", warn ? warn : "failure");
Christopher Faulet767a84b2017-11-24 16:50:31 +01001493 ha_warning("%s.\n", warn);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001494 }
1495
1496out:
Emeric Brun4147b2e2014-06-16 18:36:30 +02001497 if (cid)
1498 OCSP_CERTID_free(cid);
1499
1500 if (ocsp)
1501 free(ocsp);
1502
1503 if (warn)
1504 free(warn);
1505
Emeric Brun4147b2e2014-06-16 18:36:30 +02001506 return ret;
1507}
William Lallemand4a660132019-10-14 14:51:41 +02001508#else /* OPENSSL_IS_BORINGSSL */
Emmanuel Hocdet6f507c72020-02-18 15:56:39 +01001509static int ssl_sock_load_ocsp(SSL_CTX *ctx, const struct cert_key_and_chain *ckch, STACK_OF(X509) *chain)
Emmanuel Hocdet2c32d8f2017-05-22 14:58:00 +02001510{
William Lallemand4a660132019-10-14 14:51:41 +02001511 return SSL_CTX_set_ocsp_response(ctx, (const uint8_t *)ckch->ocsp_response->area, ckch->ocsp_response->data);
Emmanuel Hocdet2c32d8f2017-05-22 14:58:00 +02001512}
1513#endif
1514
William Lallemand4a660132019-10-14 14:51:41 +02001515#endif
1516
1517
Willy Tarreau5db847a2019-05-09 14:13:35 +02001518#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001519
1520#define CT_EXTENSION_TYPE 18
1521
1522static int sctl_ex_index = -1;
1523
1524/*
1525 * Try to parse Signed Certificate Timestamp List structure. This function
1526 * makes only basic test if the data seems like SCTL. No signature validation
1527 * is performed.
1528 */
Willy Tarreau83061a82018-07-13 11:56:34 +02001529static int ssl_sock_parse_sctl(struct buffer *sctl)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001530{
1531 int ret = 1;
1532 int len, pos, sct_len;
1533 unsigned char *data;
1534
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001535 if (sctl->data < 2)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001536 goto out;
1537
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001538 data = (unsigned char *) sctl->area;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001539 len = (data[0] << 8) | data[1];
1540
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001541 if (len + 2 != sctl->data)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001542 goto out;
1543
1544 data = data + 2;
1545 pos = 0;
1546 while (pos < len) {
1547 if (len - pos < 2)
1548 goto out;
1549
1550 sct_len = (data[pos] << 8) | data[pos + 1];
1551 if (pos + sct_len + 2 > len)
1552 goto out;
1553
1554 pos += sct_len + 2;
1555 }
1556
1557 ret = 0;
1558
1559out:
1560 return ret;
1561}
1562
William Lallemand0dfae6c2019-10-16 18:06:58 +02001563/* Try to load a sctl from a buffer <buf> if not NULL, or read the file <sctl_path>
1564 * It fills the ckch->sctl buffer
1565 * return 0 on success or != 0 on failure */
1566static int ssl_sock_load_sctl_from_file(const char *sctl_path, char *buf, struct cert_key_and_chain *ckch, char **err)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001567{
1568 int fd = -1;
1569 int r = 0;
1570 int ret = 1;
William Lallemand0dfae6c2019-10-16 18:06:58 +02001571 struct buffer tmp;
1572 struct buffer *src;
1573 struct buffer *sctl;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001574
William Lallemand0dfae6c2019-10-16 18:06:58 +02001575 if (buf) {
1576 tmp.area = buf;
1577 tmp.data = strlen(buf);
1578 tmp.size = tmp.data + 1;
1579 src = &tmp;
1580 } else {
1581 fd = open(sctl_path, O_RDONLY);
1582 if (fd == -1)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001583 goto end;
William Lallemand0dfae6c2019-10-16 18:06:58 +02001584
1585 trash.data = 0;
1586 while (trash.data < trash.size) {
1587 r = read(fd, trash.area + trash.data, trash.size - trash.data);
1588 if (r < 0) {
1589 if (errno == EINTR)
1590 continue;
1591 goto end;
1592 }
1593 else if (r == 0) {
1594 break;
1595 }
1596 trash.data += r;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001597 }
William Lallemand0dfae6c2019-10-16 18:06:58 +02001598 src = &trash;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001599 }
1600
William Lallemand0dfae6c2019-10-16 18:06:58 +02001601 ret = ssl_sock_parse_sctl(src);
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001602 if (ret)
1603 goto end;
1604
William Lallemand0dfae6c2019-10-16 18:06:58 +02001605 sctl = calloc(1, sizeof(*sctl));
1606 if (!chunk_dup(sctl, src)) {
1607 free(sctl);
1608 sctl = NULL;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001609 goto end;
1610 }
Emmanuel Hocdet224a0872020-01-16 15:15:49 +01001611 /* no error, fill ckch with new context, old context must be free */
1612 if (ckch->sctl) {
1613 free(ckch->sctl->area);
1614 ckch->sctl->area = NULL;
1615 free(ckch->sctl);
1616 }
William Lallemand0dfae6c2019-10-16 18:06:58 +02001617 ckch->sctl = sctl;
Emmanuel Hocdet224a0872020-01-16 15:15:49 +01001618 ret = 0;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001619end:
1620 if (fd != -1)
1621 close(fd);
1622
1623 return ret;
1624}
1625
1626int ssl_sock_sctl_add_cbk(SSL *ssl, unsigned ext_type, const unsigned char **out, size_t *outlen, int *al, void *add_arg)
1627{
Willy Tarreau83061a82018-07-13 11:56:34 +02001628 struct buffer *sctl = add_arg;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001629
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001630 *out = (unsigned char *) sctl->area;
1631 *outlen = sctl->data;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001632
1633 return 1;
1634}
1635
1636int ssl_sock_sctl_parse_cbk(SSL *s, unsigned int ext_type, const unsigned char *in, size_t inlen, int *al, void *parse_arg)
1637{
1638 return 1;
1639}
1640
William Lallemanda17f4112019-10-10 15:16:44 +02001641static int ssl_sock_load_sctl(SSL_CTX *ctx, struct buffer *sctl)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001642{
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001643 int ret = -1;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001644
William Lallemanda17f4112019-10-10 15:16:44 +02001645 if (!SSL_CTX_add_server_custom_ext(ctx, CT_EXTENSION_TYPE, ssl_sock_sctl_add_cbk, NULL, sctl, ssl_sock_sctl_parse_cbk, NULL))
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001646 goto out;
1647
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001648 SSL_CTX_set_ex_data(ctx, sctl_ex_index, sctl);
1649
1650 ret = 0;
1651
1652out:
1653 return ret;
1654}
1655
1656#endif
1657
Emeric Brune1f38db2012-09-03 20:36:47 +02001658void ssl_sock_infocbk(const SSL *ssl, int where, int ret)
1659{
Thierry FOURNIER28962c92018-06-17 21:37:05 +02001660 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001661 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Emeric Brund8b2bb52014-01-28 15:43:53 +01001662 BIO *write_bio;
Willy Tarreau622317d2015-02-27 16:36:16 +01001663 (void)ret; /* shut gcc stupid warning */
Emeric Brune1f38db2012-09-03 20:36:47 +02001664
Dirkjan Bussink526894f2019-01-21 09:35:03 -08001665#ifndef SSL_OP_NO_RENEGOTIATION
1666 /* Please note that BoringSSL defines this macro to zero so don't
1667 * change this to #if and do not assign a default value to this macro!
1668 */
Emeric Brune1f38db2012-09-03 20:36:47 +02001669 if (where & SSL_CB_HANDSHAKE_START) {
1670 /* Disable renegotiation (CVE-2009-3555) */
Willy Tarreauc192b0a2020-01-23 09:11:58 +01001671 if ((conn->flags & (CO_FL_WAIT_L6_CONN | CO_FL_EARLY_SSL_HS | CO_FL_EARLY_DATA)) == 0) {
Emeric Brune1f38db2012-09-03 20:36:47 +02001672 conn->flags |= CO_FL_ERROR;
Willy Tarreau20879a02012-12-03 16:32:10 +01001673 conn->err_code = CO_ER_SSL_RENEG;
1674 }
Emeric Brune1f38db2012-09-03 20:36:47 +02001675 }
Dirkjan Bussink526894f2019-01-21 09:35:03 -08001676#endif
Emeric Brund8b2bb52014-01-28 15:43:53 +01001677
1678 if ((where & SSL_CB_ACCEPT_LOOP) == SSL_CB_ACCEPT_LOOP) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001679 if (!(ctx->xprt_st & SSL_SOCK_ST_FL_16K_WBFSIZE)) {
Emeric Brund8b2bb52014-01-28 15:43:53 +01001680 /* Long certificate chains optimz
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +05001681 If write and read bios are different, we
Emeric Brund8b2bb52014-01-28 15:43:53 +01001682 consider that the buffering was activated,
1683 so we rise the output buffer size from 4k
1684 to 16k */
1685 write_bio = SSL_get_wbio(ssl);
1686 if (write_bio != SSL_get_rbio(ssl)) {
1687 BIO_set_write_buffer_size(write_bio, 16384);
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001688 ctx->xprt_st |= SSL_SOCK_ST_FL_16K_WBFSIZE;
Emeric Brund8b2bb52014-01-28 15:43:53 +01001689 }
1690 }
1691 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02001692}
1693
Emeric Brune64aef12012-09-21 13:15:06 +02001694/* Callback is called for each certificate of the chain during a verify
1695 ok is set to 1 if preverify detect no error on current certificate.
1696 Returns 0 to break the handshake, 1 otherwise. */
Evan Broderbe554312013-06-27 00:05:25 -07001697int ssl_sock_bind_verifycbk(int ok, X509_STORE_CTX *x_store)
Emeric Brune64aef12012-09-21 13:15:06 +02001698{
1699 SSL *ssl;
1700 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001701 struct ssl_sock_ctx *ctx;
Emeric Brun81c00f02012-09-21 14:31:21 +02001702 int err, depth;
Emeric Brune64aef12012-09-21 13:15:06 +02001703
1704 ssl = X509_STORE_CTX_get_ex_data(x_store, SSL_get_ex_data_X509_STORE_CTX_idx());
Thierry FOURNIER28962c92018-06-17 21:37:05 +02001705 conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Emeric Brune64aef12012-09-21 13:15:06 +02001706
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001707 ctx = conn->xprt_ctx;
1708
1709 ctx->xprt_st |= SSL_SOCK_ST_FL_VERIFY_DONE;
Emeric Brune64aef12012-09-21 13:15:06 +02001710
Emeric Brun81c00f02012-09-21 14:31:21 +02001711 if (ok) /* no errors */
1712 return ok;
1713
1714 depth = X509_STORE_CTX_get_error_depth(x_store);
1715 err = X509_STORE_CTX_get_error(x_store);
1716
1717 /* check if CA error needs to be ignored */
1718 if (depth > 0) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001719 if (!SSL_SOCK_ST_TO_CA_ERROR(ctx->xprt_st)) {
1720 ctx->xprt_st |= SSL_SOCK_CA_ERROR_TO_ST(err);
1721 ctx->xprt_st |= SSL_SOCK_CAEDEPTH_TO_ST(depth);
Emeric Brunf282a812012-09-21 15:27:54 +02001722 }
1723
Willy Tarreau731248f2020-02-04 14:02:02 +01001724 if (err < 64 && __objt_listener(conn->target)->bind_conf->ca_ignerr & (1ULL << err)) {
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02001725 ssl_sock_dump_errors(conn);
Emeric Brun1eb20ef2012-12-03 13:24:29 +01001726 ERR_clear_error();
Emeric Brun81c00f02012-09-21 14:31:21 +02001727 return 1;
Emeric Brun1eb20ef2012-12-03 13:24:29 +01001728 }
Emeric Brun81c00f02012-09-21 14:31:21 +02001729
Willy Tarreau20879a02012-12-03 16:32:10 +01001730 conn->err_code = CO_ER_SSL_CA_FAIL;
Emeric Brun81c00f02012-09-21 14:31:21 +02001731 return 0;
1732 }
1733
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001734 if (!SSL_SOCK_ST_TO_CRTERROR(ctx->xprt_st))
1735 ctx->xprt_st |= SSL_SOCK_CRTERROR_TO_ST(err);
Emeric Brunf282a812012-09-21 15:27:54 +02001736
Emeric Brun81c00f02012-09-21 14:31:21 +02001737 /* check if certificate error needs to be ignored */
Willy Tarreau731248f2020-02-04 14:02:02 +01001738 if (err < 64 && __objt_listener(conn->target)->bind_conf->crt_ignerr & (1ULL << err)) {
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02001739 ssl_sock_dump_errors(conn);
Emeric Brun1eb20ef2012-12-03 13:24:29 +01001740 ERR_clear_error();
Emeric Brun81c00f02012-09-21 14:31:21 +02001741 return 1;
Emeric Brun1eb20ef2012-12-03 13:24:29 +01001742 }
Emeric Brun81c00f02012-09-21 14:31:21 +02001743
Willy Tarreau20879a02012-12-03 16:32:10 +01001744 conn->err_code = CO_ER_SSL_CRT_FAIL;
Emeric Brun81c00f02012-09-21 14:31:21 +02001745 return 0;
Emeric Brune64aef12012-09-21 13:15:06 +02001746}
1747
Dragan Dosen9ac98092020-05-11 15:51:45 +02001748#ifdef TLS1_RT_HEARTBEAT
1749static void ssl_sock_parse_heartbeat(struct connection *conn, int write_p, int version,
1750 int content_type, const void *buf, size_t len,
1751 SSL *ssl)
1752{
1753 /* test heartbeat received (write_p is set to 0
1754 for a received record) */
1755 if ((content_type == TLS1_RT_HEARTBEAT) && (write_p == 0)) {
1756 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
1757 const unsigned char *p = buf;
1758 unsigned int payload;
1759
1760 ctx->xprt_st |= SSL_SOCK_RECV_HEARTBEAT;
1761
1762 /* Check if this is a CVE-2014-0160 exploitation attempt. */
1763 if (*p != TLS1_HB_REQUEST)
1764 return;
1765
1766 if (len < 1 + 2 + 16) /* 1 type + 2 size + 0 payload + 16 padding */
1767 goto kill_it;
1768
1769 payload = (p[1] * 256) + p[2];
1770 if (3 + payload + 16 <= len)
1771 return; /* OK no problem */
1772 kill_it:
1773 /* We have a clear heartbleed attack (CVE-2014-0160), the
1774 * advertised payload is larger than the advertised packet
1775 * length, so we have garbage in the buffer between the
1776 * payload and the end of the buffer (p+len). We can't know
1777 * if the SSL stack is patched, and we don't know if we can
1778 * safely wipe out the area between p+3+len and payload.
1779 * So instead, we prevent the response from being sent by
1780 * setting the max_send_fragment to 0 and we report an SSL
1781 * error, which will kill this connection. It will be reported
1782 * above as SSL_ERROR_SSL while an other handshake failure with
1783 * a heartbeat message will be reported as SSL_ERROR_SYSCALL.
1784 */
1785 ssl->max_send_fragment = 0;
1786 SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_SSL_HANDSHAKE_FAILURE);
1787 }
1788}
1789#endif
1790
1791static void ssl_sock_parse_clienthello(struct connection *conn, int write_p, int version,
1792 int content_type, const void *buf, size_t len,
1793 SSL *ssl)
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001794{
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001795 struct ssl_capture *capture;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001796 unsigned char *msg;
1797 unsigned char *end;
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001798 size_t rec_len;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001799
1800 /* This function is called for "from client" and "to server"
1801 * connections. The combination of write_p == 0 and content_type == 22
Joseph Herlant017b3da2018-11-15 09:07:59 -08001802 * is only available during "from client" connection.
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001803 */
1804
1805 /* "write_p" is set to 0 is the bytes are received messages,
1806 * otherwise it is set to 1.
1807 */
1808 if (write_p != 0)
1809 return;
1810
1811 /* content_type contains the type of message received or sent
1812 * according with the SSL/TLS protocol spec. This message is
1813 * encoded with one byte. The value 256 (two bytes) is used
1814 * for designing the SSL/TLS record layer. According with the
1815 * rfc6101, the expected message (other than 256) are:
1816 * - change_cipher_spec(20)
1817 * - alert(21)
1818 * - handshake(22)
1819 * - application_data(23)
1820 * - (255)
1821 * We are interessed by the handshake and specially the client
1822 * hello.
1823 */
1824 if (content_type != 22)
1825 return;
1826
1827 /* The message length is at least 4 bytes, containing the
1828 * message type and the message length.
1829 */
1830 if (len < 4)
1831 return;
1832
1833 /* First byte of the handshake message id the type of
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +05001834 * message. The known types are:
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001835 * - hello_request(0)
1836 * - client_hello(1)
1837 * - server_hello(2)
1838 * - certificate(11)
1839 * - server_key_exchange (12)
1840 * - certificate_request(13)
1841 * - server_hello_done(14)
1842 * We are interested by the client hello.
1843 */
1844 msg = (unsigned char *)buf;
1845 if (msg[0] != 1)
1846 return;
1847
1848 /* Next three bytes are the length of the message. The total length
1849 * must be this decoded length + 4. If the length given as argument
1850 * is not the same, we abort the protocol dissector.
1851 */
1852 rec_len = (msg[1] << 16) + (msg[2] << 8) + msg[3];
1853 if (len < rec_len + 4)
1854 return;
1855 msg += 4;
1856 end = msg + rec_len;
1857 if (end < msg)
1858 return;
1859
1860 /* Expect 2 bytes for protocol version (1 byte for major and 1 byte
1861 * for minor, the random, composed by 4 bytes for the unix time and
Baptiste Assmann6be139f2018-11-28 15:20:25 +01001862 * 28 bytes for unix payload. So we jump 1 + 1 + 4 + 28.
1863 */
1864 msg += 1 + 1 + 4 + 28;
1865 if (msg > end)
1866 return;
1867
1868 /* Next, is session id:
1869 * if present, we have to jump by length + 1 for the size information
1870 * if not present, we have to jump by 1 only
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001871 */
Baptiste Assmann6be139f2018-11-28 15:20:25 +01001872 if (msg[0] > 0)
1873 msg += msg[0];
1874 msg += 1;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001875 if (msg > end)
1876 return;
1877
1878 /* Next two bytes are the ciphersuite length. */
1879 if (msg + 2 > end)
1880 return;
1881 rec_len = (msg[0] << 8) + msg[1];
1882 msg += 2;
1883 if (msg + rec_len > end || msg + rec_len < msg)
1884 return;
1885
Willy Tarreaubafbe012017-11-24 17:34:44 +01001886 capture = pool_alloc_dirty(pool_head_ssl_capture);
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001887 if (!capture)
1888 return;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001889 /* Compute the xxh64 of the ciphersuite. */
1890 capture->xxh64 = XXH64(msg, rec_len, 0);
1891
1892 /* Capture the ciphersuite. */
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001893 capture->ciphersuite_len = (global_ssl.capture_cipherlist < rec_len) ?
1894 global_ssl.capture_cipherlist : rec_len;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001895 memcpy(capture->ciphersuite, msg, capture->ciphersuite_len);
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001896
1897 SSL_set_ex_data(ssl, ssl_capture_ptr_index, capture);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001898}
1899
Emeric Brun29f037d2014-04-25 19:05:36 +02001900/* Callback is called for ssl protocol analyse */
1901void ssl_sock_msgcbk(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
1902{
Dragan Dosen1e7ed042020-05-08 18:30:00 +02001903 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
1904 struct ssl_sock_msg_callback *cbk;
1905
Dragan Dosen1e7ed042020-05-08 18:30:00 +02001906 /* Try to call all callback functions that were registered by using
1907 * ssl_sock_register_msg_callback().
1908 */
1909 list_for_each_entry(cbk, &ssl_sock_msg_callbacks, list) {
1910 cbk->func(conn, write_p, version, content_type, buf, len, ssl);
1911 }
Emeric Brun29f037d2014-04-25 19:05:36 +02001912}
1913
Bernard Spil13c53f82018-02-15 13:34:58 +01001914#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Olivier Houchardc7566002018-11-20 23:33:50 +01001915static int ssl_sock_srv_select_protos(SSL *s, unsigned char **out, unsigned char *outlen,
1916 const unsigned char *in, unsigned int inlen,
1917 void *arg)
1918{
1919 struct server *srv = arg;
1920
1921 if (SSL_select_next_proto(out, outlen, in, inlen, (unsigned char *)srv->ssl_ctx.npn_str,
1922 srv->ssl_ctx.npn_len) == OPENSSL_NPN_NEGOTIATED)
1923 return SSL_TLSEXT_ERR_OK;
1924 return SSL_TLSEXT_ERR_NOACK;
1925}
1926#endif
1927
1928#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02001929/* This callback is used so that the server advertises the list of
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +05001930 * negotiable protocols for NPN.
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02001931 */
1932static int ssl_sock_advertise_npn_protos(SSL *s, const unsigned char **data,
1933 unsigned int *len, void *arg)
1934{
Emmanuel Hocdet98263292016-12-29 18:26:15 +01001935 struct ssl_bind_conf *conf = arg;
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02001936
1937 *data = (const unsigned char *)conf->npn_str;
1938 *len = conf->npn_len;
1939 return SSL_TLSEXT_ERR_OK;
1940}
1941#endif
1942
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01001943#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Willy Tarreauab861d32013-04-02 02:30:41 +02001944/* This callback is used so that the server advertises the list of
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +05001945 * negotiable protocols for ALPN.
Willy Tarreauab861d32013-04-02 02:30:41 +02001946 */
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01001947static int ssl_sock_advertise_alpn_protos(SSL *s, const unsigned char **out,
1948 unsigned char *outlen,
1949 const unsigned char *server,
1950 unsigned int server_len, void *arg)
Willy Tarreauab861d32013-04-02 02:30:41 +02001951{
Emmanuel Hocdet98263292016-12-29 18:26:15 +01001952 struct ssl_bind_conf *conf = arg;
Willy Tarreauab861d32013-04-02 02:30:41 +02001953
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01001954 if (SSL_select_next_proto((unsigned char**) out, outlen, (const unsigned char *)conf->alpn_str,
1955 conf->alpn_len, server, server_len) != OPENSSL_NPN_NEGOTIATED) {
1956 return SSL_TLSEXT_ERR_NOACK;
1957 }
Willy Tarreauab861d32013-04-02 02:30:41 +02001958 return SSL_TLSEXT_ERR_OK;
1959}
1960#endif
1961
Willy Tarreauc8ad3be2015-06-17 15:48:26 +02001962#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01001963#ifndef SSL_NO_GENERATE_CERTIFICATES
Christopher Faulet85b5a1a2015-10-09 11:46:32 +02001964
Christopher Faulet30548802015-06-11 13:39:32 +02001965/* Create a X509 certificate with the specified servername and serial. This
1966 * function returns a SSL_CTX object or NULL if an error occurs. */
Christopher Faulet7969a332015-10-09 11:15:03 +02001967static SSL_CTX *
Christopher Faulet635c0ad2015-11-12 11:35:51 +01001968ssl_sock_do_create_cert(const char *servername, struct bind_conf *bind_conf, SSL *ssl)
Christopher Faulet31af49d2015-06-09 17:29:50 +02001969{
Christopher Faulet7969a332015-10-09 11:15:03 +02001970 X509 *cacert = bind_conf->ca_sign_cert;
1971 EVP_PKEY *capkey = bind_conf->ca_sign_pkey;
Christopher Faulet31af49d2015-06-09 17:29:50 +02001972 SSL_CTX *ssl_ctx = NULL;
1973 X509 *newcrt = NULL;
1974 EVP_PKEY *pkey = NULL;
Emmanuel Hocdet15969292017-08-11 10:56:00 +02001975 SSL *tmp_ssl = NULL;
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +02001976 CONF *ctmp = NULL;
Christopher Faulet31af49d2015-06-09 17:29:50 +02001977 X509_NAME *name;
1978 const EVP_MD *digest;
1979 X509V3_CTX ctx;
1980 unsigned int i;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001981 int key_type;
Christopher Faulet31af49d2015-06-09 17:29:50 +02001982
Christopher Faulet48a83322017-07-28 16:56:09 +02001983 /* Get the private key of the default certificate and use it */
Willy Tarreau5db847a2019-05-09 14:13:35 +02001984#if (HA_OPENSSL_VERSION_NUMBER >= 0x10002000L)
Emmanuel Hocdet15969292017-08-11 10:56:00 +02001985 pkey = SSL_CTX_get0_privatekey(bind_conf->default_ctx);
1986#else
1987 tmp_ssl = SSL_new(bind_conf->default_ctx);
1988 if (tmp_ssl)
1989 pkey = SSL_get_privatekey(tmp_ssl);
1990#endif
1991 if (!pkey)
Christopher Faulet31af49d2015-06-09 17:29:50 +02001992 goto mkcert_error;
1993
1994 /* Create the certificate */
1995 if (!(newcrt = X509_new()))
1996 goto mkcert_error;
1997
1998 /* Set version number for the certificate (X509v3) and the serial
1999 * number */
2000 if (X509_set_version(newcrt, 2L) != 1)
2001 goto mkcert_error;
Olivier Houchard2be5a4c2019-03-08 18:54:43 +01002002 ASN1_INTEGER_set(X509_get_serialNumber(newcrt), _HA_ATOMIC_ADD(&ssl_ctx_serial, 1));
Christopher Faulet31af49d2015-06-09 17:29:50 +02002003
2004 /* Set duration for the certificate */
Rosen Penev68185952018-12-14 08:47:02 -08002005 if (!X509_gmtime_adj(X509_getm_notBefore(newcrt), (long)-60*60*24) ||
2006 !X509_gmtime_adj(X509_getm_notAfter(newcrt),(long)60*60*24*365))
Christopher Faulet31af49d2015-06-09 17:29:50 +02002007 goto mkcert_error;
2008
2009 /* set public key in the certificate */
2010 if (X509_set_pubkey(newcrt, pkey) != 1)
2011 goto mkcert_error;
2012
2013 /* Set issuer name from the CA */
2014 if (!(name = X509_get_subject_name(cacert)))
2015 goto mkcert_error;
2016 if (X509_set_issuer_name(newcrt, name) != 1)
2017 goto mkcert_error;
2018
2019 /* Set the subject name using the same, but the CN */
2020 name = X509_NAME_dup(name);
2021 if (X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC,
2022 (const unsigned char *)servername,
2023 -1, -1, 0) != 1) {
2024 X509_NAME_free(name);
2025 goto mkcert_error;
2026 }
2027 if (X509_set_subject_name(newcrt, name) != 1) {
2028 X509_NAME_free(name);
2029 goto mkcert_error;
2030 }
2031 X509_NAME_free(name);
2032
2033 /* Add x509v3 extensions as specified */
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +02002034 ctmp = NCONF_new(NULL);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002035 X509V3_set_ctx(&ctx, cacert, newcrt, NULL, NULL, 0);
2036 for (i = 0; i < X509V3_EXT_SIZE; i++) {
2037 X509_EXTENSION *ext;
2038
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +02002039 if (!(ext = X509V3_EXT_nconf(ctmp, &ctx, x509v3_ext_names[i], x509v3_ext_values[i])))
Christopher Faulet31af49d2015-06-09 17:29:50 +02002040 goto mkcert_error;
2041 if (!X509_add_ext(newcrt, ext, -1)) {
2042 X509_EXTENSION_free(ext);
2043 goto mkcert_error;
2044 }
2045 X509_EXTENSION_free(ext);
2046 }
2047
2048 /* Sign the certificate with the CA private key */
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002049
2050 key_type = EVP_PKEY_base_id(capkey);
2051
2052 if (key_type == EVP_PKEY_DSA)
2053 digest = EVP_sha1();
2054 else if (key_type == EVP_PKEY_RSA)
Christopher Faulet31af49d2015-06-09 17:29:50 +02002055 digest = EVP_sha256();
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002056 else if (key_type == EVP_PKEY_EC)
Christopher Faulet7969a332015-10-09 11:15:03 +02002057 digest = EVP_sha256();
2058 else {
Willy Tarreau9a1ab082019-05-09 13:26:41 +02002059#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000000fL) && !defined(OPENSSL_IS_BORINGSSL)
Christopher Faulet7969a332015-10-09 11:15:03 +02002060 int nid;
2061
2062 if (EVP_PKEY_get_default_digest_nid(capkey, &nid) <= 0)
2063 goto mkcert_error;
2064 if (!(digest = EVP_get_digestbynid(nid)))
2065 goto mkcert_error;
Christopher Faulete7db2162015-10-19 13:59:24 +02002066#else
2067 goto mkcert_error;
2068#endif
Christopher Faulet7969a332015-10-09 11:15:03 +02002069 }
2070
Christopher Faulet31af49d2015-06-09 17:29:50 +02002071 if (!(X509_sign(newcrt, capkey, digest)))
2072 goto mkcert_error;
2073
2074 /* Create and set the new SSL_CTX */
2075 if (!(ssl_ctx = SSL_CTX_new(SSLv23_server_method())))
2076 goto mkcert_error;
2077 if (!SSL_CTX_use_PrivateKey(ssl_ctx, pkey))
2078 goto mkcert_error;
2079 if (!SSL_CTX_use_certificate(ssl_ctx, newcrt))
2080 goto mkcert_error;
2081 if (!SSL_CTX_check_private_key(ssl_ctx))
2082 goto mkcert_error;
2083
2084 if (newcrt) X509_free(newcrt);
Christopher Faulet7969a332015-10-09 11:15:03 +02002085
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +01002086#ifndef OPENSSL_NO_DH
Christopher Faulet85b5a1a2015-10-09 11:46:32 +02002087 SSL_CTX_set_tmp_dh_callback(ssl_ctx, ssl_get_tmp_dh);
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +01002088#endif
Christopher Faulet85b5a1a2015-10-09 11:46:32 +02002089#if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)
2090 {
Emmanuel Hocdet98263292016-12-29 18:26:15 +01002091 const char *ecdhe = (bind_conf->ssl_conf.ecdhe ? bind_conf->ssl_conf.ecdhe : ECDHE_DEFAULT_CURVE);
Christopher Faulet85b5a1a2015-10-09 11:46:32 +02002092 EC_KEY *ecc;
2093 int nid;
2094
2095 if ((nid = OBJ_sn2nid(ecdhe)) == NID_undef)
2096 goto end;
2097 if (!(ecc = EC_KEY_new_by_curve_name(nid)))
2098 goto end;
2099 SSL_CTX_set_tmp_ecdh(ssl_ctx, ecc);
2100 EC_KEY_free(ecc);
2101 }
2102#endif
2103 end:
Christopher Faulet31af49d2015-06-09 17:29:50 +02002104 return ssl_ctx;
2105
2106 mkcert_error:
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +02002107 if (ctmp) NCONF_free(ctmp);
Emmanuel Hocdet15969292017-08-11 10:56:00 +02002108 if (tmp_ssl) SSL_free(tmp_ssl);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002109 if (ssl_ctx) SSL_CTX_free(ssl_ctx);
2110 if (newcrt) X509_free(newcrt);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002111 return NULL;
2112}
2113
Christopher Faulet7969a332015-10-09 11:15:03 +02002114SSL_CTX *
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002115ssl_sock_create_cert(struct connection *conn, const char *servername, unsigned int key)
Christopher Faulet7969a332015-10-09 11:15:03 +02002116{
Willy Tarreau07d94e42018-09-20 10:57:52 +02002117 struct bind_conf *bind_conf = __objt_listener(conn->target)->bind_conf;
Olivier Houchard66ab4982019-02-26 18:37:15 +01002118 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002119
Olivier Houchard66ab4982019-02-26 18:37:15 +01002120 return ssl_sock_do_create_cert(servername, bind_conf, ctx->ssl);
Christopher Faulet7969a332015-10-09 11:15:03 +02002121}
2122
Christopher Faulet30548802015-06-11 13:39:32 +02002123/* Do a lookup for a certificate in the LRU cache used to store generated
Emeric Brun821bb9b2017-06-15 16:37:39 +02002124 * certificates and immediately assign it to the SSL session if not null. */
Christopher Faulet30548802015-06-11 13:39:32 +02002125SSL_CTX *
Emeric Brun821bb9b2017-06-15 16:37:39 +02002126ssl_sock_assign_generated_cert(unsigned int key, struct bind_conf *bind_conf, SSL *ssl)
Christopher Faulet30548802015-06-11 13:39:32 +02002127{
2128 struct lru64 *lru = NULL;
2129
2130 if (ssl_ctx_lru_tree) {
Willy Tarreau03f4ec42018-05-17 10:56:47 +02002131 HA_RWLOCK_WRLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002132 lru = lru64_lookup(key, ssl_ctx_lru_tree, bind_conf->ca_sign_cert, 0);
Emeric Brun821bb9b2017-06-15 16:37:39 +02002133 if (lru && lru->domain) {
2134 if (ssl)
2135 SSL_set_SSL_CTX(ssl, (SSL_CTX *)lru->data);
Willy Tarreau03f4ec42018-05-17 10:56:47 +02002136 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet30548802015-06-11 13:39:32 +02002137 return (SSL_CTX *)lru->data;
Emeric Brun821bb9b2017-06-15 16:37:39 +02002138 }
Willy Tarreau03f4ec42018-05-17 10:56:47 +02002139 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet30548802015-06-11 13:39:32 +02002140 }
2141 return NULL;
2142}
2143
Emeric Brun821bb9b2017-06-15 16:37:39 +02002144/* Same as <ssl_sock_assign_generated_cert> but without SSL session. This
2145 * function is not thread-safe, it should only be used to check if a certificate
2146 * exists in the lru cache (with no warranty it will not be removed by another
2147 * thread). It is kept for backward compatibility. */
2148SSL_CTX *
2149ssl_sock_get_generated_cert(unsigned int key, struct bind_conf *bind_conf)
2150{
2151 return ssl_sock_assign_generated_cert(key, bind_conf, NULL);
2152}
2153
Christopher Fauletd2cab922015-07-28 16:03:47 +02002154/* Set a certificate int the LRU cache used to store generated
2155 * certificate. Return 0 on success, otherwise -1 */
2156int
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002157ssl_sock_set_generated_cert(SSL_CTX *ssl_ctx, unsigned int key, struct bind_conf *bind_conf)
Christopher Faulet30548802015-06-11 13:39:32 +02002158{
2159 struct lru64 *lru = NULL;
2160
2161 if (ssl_ctx_lru_tree) {
Christopher Faulet2a944ee2017-11-07 10:42:54 +01002162 HA_RWLOCK_WRLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002163 lru = lru64_get(key, ssl_ctx_lru_tree, bind_conf->ca_sign_cert, 0);
Emeric Brun821bb9b2017-06-15 16:37:39 +02002164 if (!lru) {
Christopher Faulet2a944ee2017-11-07 10:42:54 +01002165 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Fauletd2cab922015-07-28 16:03:47 +02002166 return -1;
Emeric Brun821bb9b2017-06-15 16:37:39 +02002167 }
Christopher Faulet30548802015-06-11 13:39:32 +02002168 if (lru->domain && lru->data)
2169 lru->free((SSL_CTX *)lru->data);
Christopher Faulet7969a332015-10-09 11:15:03 +02002170 lru64_commit(lru, ssl_ctx, bind_conf->ca_sign_cert, 0, (void (*)(void *))SSL_CTX_free);
Christopher Faulet2a944ee2017-11-07 10:42:54 +01002171 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Fauletd2cab922015-07-28 16:03:47 +02002172 return 0;
Christopher Faulet30548802015-06-11 13:39:32 +02002173 }
Christopher Fauletd2cab922015-07-28 16:03:47 +02002174 return -1;
Christopher Faulet30548802015-06-11 13:39:32 +02002175}
2176
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002177/* Compute the key of the certificate. */
Christopher Faulet30548802015-06-11 13:39:32 +02002178unsigned int
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002179ssl_sock_generated_cert_key(const void *data, size_t len)
Christopher Faulet30548802015-06-11 13:39:32 +02002180{
2181 return XXH32(data, len, ssl_ctx_lru_seed);
2182}
2183
Willy Tarreau2f63ef42015-10-20 15:16:01 +02002184/* Generate a cert and immediately assign it to the SSL session so that the cert's
2185 * refcount is maintained regardless of the cert's presence in the LRU cache.
2186 */
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002187static int
Christopher Faulet7969a332015-10-09 11:15:03 +02002188ssl_sock_generate_certificate(const char *servername, struct bind_conf *bind_conf, SSL *ssl)
Christopher Faulet31af49d2015-06-09 17:29:50 +02002189{
2190 X509 *cacert = bind_conf->ca_sign_cert;
Christopher Faulet31af49d2015-06-09 17:29:50 +02002191 SSL_CTX *ssl_ctx = NULL;
2192 struct lru64 *lru = NULL;
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002193 unsigned int key;
Christopher Faulet31af49d2015-06-09 17:29:50 +02002194
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002195 key = ssl_sock_generated_cert_key(servername, strlen(servername));
Christopher Faulet31af49d2015-06-09 17:29:50 +02002196 if (ssl_ctx_lru_tree) {
Christopher Faulet2a944ee2017-11-07 10:42:54 +01002197 HA_RWLOCK_WRLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002198 lru = lru64_get(key, ssl_ctx_lru_tree, cacert, 0);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002199 if (lru && lru->domain)
2200 ssl_ctx = (SSL_CTX *)lru->data;
Christopher Fauletd2cab922015-07-28 16:03:47 +02002201 if (!ssl_ctx && lru) {
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002202 ssl_ctx = ssl_sock_do_create_cert(servername, bind_conf, ssl);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002203 lru64_commit(lru, ssl_ctx, cacert, 0, (void (*)(void *))SSL_CTX_free);
Christopher Fauletd2cab922015-07-28 16:03:47 +02002204 }
Willy Tarreau2f63ef42015-10-20 15:16:01 +02002205 SSL_set_SSL_CTX(ssl, ssl_ctx);
Christopher Faulet2a944ee2017-11-07 10:42:54 +01002206 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002207 return 1;
Christopher Faulet31af49d2015-06-09 17:29:50 +02002208 }
Willy Tarreau2f63ef42015-10-20 15:16:01 +02002209 else {
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002210 ssl_ctx = ssl_sock_do_create_cert(servername, bind_conf, ssl);
Willy Tarreau2f63ef42015-10-20 15:16:01 +02002211 SSL_set_SSL_CTX(ssl, ssl_ctx);
2212 /* No LRU cache, this CTX will be released as soon as the session dies */
2213 SSL_CTX_free(ssl_ctx);
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002214 return 1;
Willy Tarreau2f63ef42015-10-20 15:16:01 +02002215 }
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002216 return 0;
2217}
2218static int
2219ssl_sock_generate_certificate_from_conn(struct bind_conf *bind_conf, SSL *ssl)
2220{
2221 unsigned int key;
Thierry FOURNIER28962c92018-06-17 21:37:05 +02002222 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002223
Willy Tarreauf5bdb642019-07-17 11:29:32 +02002224 if (conn_get_dst(conn)) {
Willy Tarreau085a1512019-07-17 14:47:35 +02002225 key = ssl_sock_generated_cert_key(conn->dst, get_addr_len(conn->dst));
Emeric Brun821bb9b2017-06-15 16:37:39 +02002226 if (ssl_sock_assign_generated_cert(key, bind_conf, ssl))
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002227 return 1;
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002228 }
2229 return 0;
Christopher Faulet31af49d2015-06-09 17:29:50 +02002230}
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002231#endif /* !defined SSL_NO_GENERATE_CERTIFICATES */
Christopher Faulet31af49d2015-06-09 17:29:50 +02002232
Willy Tarreau9a1ab082019-05-09 13:26:41 +02002233#if (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002234
2235static void ctx_set_SSLv3_func(SSL_CTX *ctx, set_context_func c)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002236{
Emmanuel Hocdet23877ab2017-07-12 12:53:02 +02002237#if SSL_OP_NO_SSLv3
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002238 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, SSLv3_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002239 : SSL_CTX_set_ssl_version(ctx, SSLv3_client_method());
2240#endif
2241}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002242static void ctx_set_TLSv10_func(SSL_CTX *ctx, set_context_func c) {
2243 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, TLSv1_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002244 : SSL_CTX_set_ssl_version(ctx, TLSv1_client_method());
2245}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002246static void ctx_set_TLSv11_func(SSL_CTX *ctx, set_context_func c) {
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002247#if SSL_OP_NO_TLSv1_1
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002248 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, TLSv1_1_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002249 : SSL_CTX_set_ssl_version(ctx, TLSv1_1_client_method());
2250#endif
2251}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002252static void ctx_set_TLSv12_func(SSL_CTX *ctx, set_context_func c) {
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002253#if SSL_OP_NO_TLSv1_2
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002254 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, TLSv1_2_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002255 : SSL_CTX_set_ssl_version(ctx, TLSv1_2_client_method());
2256#endif
2257}
Bertrand Jacquina25282b2018-08-14 00:56:13 +01002258/* TLSv1.2 is the last supported version in this context. */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002259static void ctx_set_TLSv13_func(SSL_CTX *ctx, set_context_func c) {}
2260/* Unusable in this context. */
2261static void ssl_set_SSLv3_func(SSL *ssl, set_context_func c) {}
2262static void ssl_set_TLSv10_func(SSL *ssl, set_context_func c) {}
2263static void ssl_set_TLSv11_func(SSL *ssl, set_context_func c) {}
2264static void ssl_set_TLSv12_func(SSL *ssl, set_context_func c) {}
2265static void ssl_set_TLSv13_func(SSL *ssl, set_context_func c) {}
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002266#else /* openssl >= 1.1.0 */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002267
2268static void ctx_set_SSLv3_func(SSL_CTX *ctx, set_context_func c) {
2269 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, SSL3_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002270 : SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION);
2271}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002272static void ssl_set_SSLv3_func(SSL *ssl, set_context_func c) {
2273 c == SET_MAX ? SSL_set_max_proto_version(ssl, SSL3_VERSION)
2274 : SSL_set_min_proto_version(ssl, SSL3_VERSION);
2275}
2276static void ctx_set_TLSv10_func(SSL_CTX *ctx, set_context_func c) {
2277 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002278 : SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION);
2279}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002280static void ssl_set_TLSv10_func(SSL *ssl, set_context_func c) {
2281 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_VERSION)
2282 : SSL_set_min_proto_version(ssl, TLS1_VERSION);
2283}
2284static void ctx_set_TLSv11_func(SSL_CTX *ctx, set_context_func c) {
2285 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_1_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002286 : SSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION);
2287}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002288static void ssl_set_TLSv11_func(SSL *ssl, set_context_func c) {
2289 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_1_VERSION)
2290 : SSL_set_min_proto_version(ssl, TLS1_1_VERSION);
2291}
2292static void ctx_set_TLSv12_func(SSL_CTX *ctx, set_context_func c) {
2293 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002294 : SSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION);
2295}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002296static void ssl_set_TLSv12_func(SSL *ssl, set_context_func c) {
2297 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_2_VERSION)
2298 : SSL_set_min_proto_version(ssl, TLS1_2_VERSION);
2299}
2300static void ctx_set_TLSv13_func(SSL_CTX *ctx, set_context_func c) {
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002301#if SSL_OP_NO_TLSv1_3
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002302 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_3_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002303 : SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION);
2304#endif
2305}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002306static void ssl_set_TLSv13_func(SSL *ssl, set_context_func c) {
2307#if SSL_OP_NO_TLSv1_3
2308 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_3_VERSION)
2309 : SSL_set_min_proto_version(ssl, TLS1_3_VERSION);
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002310#endif
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002311}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002312#endif
2313static void ctx_set_None_func(SSL_CTX *ctx, set_context_func c) { }
2314static void ssl_set_None_func(SSL *ssl, set_context_func c) { }
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002315
William Lallemand7fd8b452020-05-07 15:20:43 +02002316struct methodVersions methodVersions[] = {
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002317 {0, 0, ctx_set_None_func, ssl_set_None_func, "NONE"}, /* CONF_TLSV_NONE */
2318 {SSL_OP_NO_SSLv3, MC_SSL_O_NO_SSLV3, ctx_set_SSLv3_func, ssl_set_SSLv3_func, "SSLv3"}, /* CONF_SSLV3 */
2319 {SSL_OP_NO_TLSv1, MC_SSL_O_NO_TLSV10, ctx_set_TLSv10_func, ssl_set_TLSv10_func, "TLSv1.0"}, /* CONF_TLSV10 */
2320 {SSL_OP_NO_TLSv1_1, MC_SSL_O_NO_TLSV11, ctx_set_TLSv11_func, ssl_set_TLSv11_func, "TLSv1.1"}, /* CONF_TLSV11 */
2321 {SSL_OP_NO_TLSv1_2, MC_SSL_O_NO_TLSV12, ctx_set_TLSv12_func, ssl_set_TLSv12_func, "TLSv1.2"}, /* CONF_TLSV12 */
2322 {SSL_OP_NO_TLSv1_3, MC_SSL_O_NO_TLSV13, ctx_set_TLSv13_func, ssl_set_TLSv13_func, "TLSv1.3"}, /* CONF_TLSV13 */
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002323};
2324
Emmanuel Hocdet530141f2017-03-01 18:54:56 +01002325static void ssl_sock_switchctx_set(SSL *ssl, SSL_CTX *ctx)
2326{
2327 SSL_set_verify(ssl, SSL_CTX_get_verify_mode(ctx), ssl_sock_bind_verifycbk);
2328 SSL_set_client_CA_list(ssl, SSL_dup_CA_list(SSL_CTX_get_client_CA_list(ctx)));
2329 SSL_set_SSL_CTX(ssl, ctx);
2330}
2331
Willy Tarreau5db847a2019-05-09 14:13:35 +02002332#if ((HA_OPENSSL_VERSION_NUMBER >= 0x10101000L) || defined(OPENSSL_IS_BORINGSSL))
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002333
2334static int ssl_sock_switchctx_err_cbk(SSL *ssl, int *al, void *priv)
2335{
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002336 struct bind_conf *s = priv;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002337 (void)al; /* shut gcc stupid warning */
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002338
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002339 if (SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name) || s->generate_certs)
2340 return SSL_TLSEXT_ERR_OK;
2341 return SSL_TLSEXT_ERR_NOACK;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002342}
2343
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002344#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002345static int ssl_sock_switchctx_cbk(const struct ssl_early_callback_ctx *ctx)
2346{
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002347 SSL *ssl = ctx->ssl;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002348#else
2349static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg)
2350{
2351#endif
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002352 struct connection *conn;
2353 struct bind_conf *s;
2354 const uint8_t *extension_data;
2355 size_t extension_len;
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002356 int has_rsa_sig = 0, has_ecdsa_sig = 0;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002357
2358 char *wildp = NULL;
2359 const uint8_t *servername;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002360 size_t servername_len;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002361 struct ebmb_node *node, *n, *node_ecdsa = NULL, *node_rsa = NULL, *node_anonymous = NULL;
Olivier Houchardc2aae742017-09-22 18:26:28 +02002362 int allow_early = 0;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002363 int i;
2364
Thierry FOURNIER28962c92018-06-17 21:37:05 +02002365 conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Willy Tarreaua8825522018-10-15 13:20:07 +02002366 s = __objt_listener(conn->target)->bind_conf;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002367
Olivier Houchard9679ac92017-10-27 14:58:08 +02002368 if (s->ssl_conf.early_data)
Olivier Houchardc2aae742017-09-22 18:26:28 +02002369 allow_early = 1;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002370#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002371 if (SSL_early_callback_ctx_extension_get(ctx, TLSEXT_TYPE_server_name,
2372 &extension_data, &extension_len)) {
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002373#else
2374 if (SSL_client_hello_get0_ext(ssl, TLSEXT_TYPE_server_name, &extension_data, &extension_len)) {
2375#endif
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002376 /*
2377 * The server_name extension was given too much extensibility when it
2378 * was written, so parsing the normal case is a bit complex.
2379 */
2380 size_t len;
2381 if (extension_len <= 2)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002382 goto abort;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002383 /* Extract the length of the supplied list of names. */
2384 len = (*extension_data++) << 8;
2385 len |= *extension_data++;
2386 if (len + 2 != extension_len)
2387 goto abort;
2388 /*
2389 * The list in practice only has a single element, so we only consider
2390 * the first one.
2391 */
2392 if (len == 0 || *extension_data++ != TLSEXT_NAMETYPE_host_name)
2393 goto abort;
2394 extension_len = len - 1;
2395 /* Now we can finally pull out the byte array with the actual hostname. */
2396 if (extension_len <= 2)
2397 goto abort;
2398 len = (*extension_data++) << 8;
2399 len |= *extension_data++;
2400 if (len == 0 || len + 2 > extension_len || len > TLSEXT_MAXLEN_host_name
2401 || memchr(extension_data, 0, len) != NULL)
2402 goto abort;
2403 servername = extension_data;
2404 servername_len = len;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002405 } else {
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002406#if (!defined SSL_NO_GENERATE_CERTIFICATES)
2407 if (s->generate_certs && ssl_sock_generate_certificate_from_conn(s, ssl)) {
Olivier Houchardc2aae742017-09-22 18:26:28 +02002408 goto allow_early;
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002409 }
2410#endif
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002411 /* without SNI extension, is the default_ctx (need SSL_TLSEXT_ERR_NOACK) */
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002412 if (!s->strict_sni) {
William Lallemand21724f02019-11-04 17:56:13 +01002413 HA_RWLOCK_RDLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002414 ssl_sock_switchctx_set(ssl, s->default_ctx);
William Lallemand21724f02019-11-04 17:56:13 +01002415 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Olivier Houchardc2aae742017-09-22 18:26:28 +02002416 goto allow_early;
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002417 }
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002418 goto abort;
2419 }
2420
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +05002421 /* extract/check clientHello information */
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002422#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002423 if (SSL_early_callback_ctx_extension_get(ctx, TLSEXT_TYPE_signature_algorithms, &extension_data, &extension_len)) {
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002424#else
2425 if (SSL_client_hello_get0_ext(ssl, TLSEXT_TYPE_signature_algorithms, &extension_data, &extension_len)) {
2426#endif
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002427 uint8_t sign;
2428 size_t len;
2429 if (extension_len < 2)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002430 goto abort;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002431 len = (*extension_data++) << 8;
2432 len |= *extension_data++;
2433 if (len + 2 != extension_len)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002434 goto abort;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002435 if (len % 2 != 0)
2436 goto abort;
2437 for (; len > 0; len -= 2) {
2438 extension_data++; /* hash */
2439 sign = *extension_data++;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002440 switch (sign) {
2441 case TLSEXT_signature_rsa:
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002442 has_rsa_sig = 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002443 break;
2444 case TLSEXT_signature_ecdsa:
2445 has_ecdsa_sig = 1;
2446 break;
2447 default:
2448 continue;
2449 }
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002450 if (has_ecdsa_sig && has_rsa_sig)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002451 break;
2452 }
2453 } else {
Bertrand Jacquina25282b2018-08-14 00:56:13 +01002454 /* without TLSEXT_TYPE_signature_algorithms extension (< TLSv1.2) */
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002455 has_rsa_sig = 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002456 }
2457 if (has_ecdsa_sig) { /* in very rare case: has ecdsa sign but not a ECDSA cipher */
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002458 const SSL_CIPHER *cipher;
2459 size_t len;
2460 const uint8_t *cipher_suites;
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002461 has_ecdsa_sig = 0;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002462#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002463 len = ctx->cipher_suites_len;
2464 cipher_suites = ctx->cipher_suites;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002465#else
2466 len = SSL_client_hello_get0_ciphers(ssl, &cipher_suites);
2467#endif
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002468 if (len % 2 != 0)
2469 goto abort;
2470 for (; len != 0; len -= 2, cipher_suites += 2) {
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002471#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002472 uint16_t cipher_suite = (cipher_suites[0] << 8) | cipher_suites[1];
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002473 cipher = SSL_get_cipher_by_value(cipher_suite);
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002474#else
2475 cipher = SSL_CIPHER_find(ssl, cipher_suites);
2476#endif
Emmanuel Hocdet019f9b12017-10-02 17:12:06 +02002477 if (cipher && SSL_CIPHER_get_auth_nid(cipher) == NID_auth_ecdsa) {
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002478 has_ecdsa_sig = 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002479 break;
2480 }
2481 }
2482 }
2483
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002484 for (i = 0; i < trash.size && i < servername_len; i++) {
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002485 trash.area[i] = tolower(servername[i]);
2486 if (!wildp && (trash.area[i] == '.'))
2487 wildp = &trash.area[i];
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002488 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002489 trash.area[i] = 0;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002490
William Lallemand150bfa82019-09-19 17:12:49 +02002491 HA_RWLOCK_RDLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002492
Emmanuel Hocdet3777e3a2019-11-06 16:05:34 +01002493 for (i = 0; i < 2; i++) {
2494 if (i == 0) /* lookup in full qualified names */
2495 node = ebst_lookup(&s->sni_ctx, trash.area);
2496 else if (i == 1 && wildp) /* lookup in wildcards names */
2497 node = ebst_lookup(&s->sni_w_ctx, wildp);
2498 else
2499 break;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002500 for (n = node; n; n = ebmb_next_dup(n)) {
Emmanuel Hocdet3777e3a2019-11-06 16:05:34 +01002501 /* lookup a not neg filter */
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002502 if (!container_of(n, struct sni_ctx, name)->neg) {
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02002503 switch(container_of(n, struct sni_ctx, name)->kinfo.sig) {
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002504 case TLSEXT_signature_ecdsa:
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002505 if (!node_ecdsa)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002506 node_ecdsa = n;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002507 break;
2508 case TLSEXT_signature_rsa:
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002509 if (!node_rsa)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002510 node_rsa = n;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002511 break;
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02002512 default: /* TLSEXT_signature_anonymous|dsa */
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002513 if (!node_anonymous)
2514 node_anonymous = n;
2515 break;
2516 }
2517 }
2518 }
Emmanuel Hocdet3777e3a2019-11-06 16:05:34 +01002519 /* select by key_signature priority order */
2520 node = (has_ecdsa_sig && node_ecdsa) ? node_ecdsa
2521 : ((has_rsa_sig && node_rsa) ? node_rsa
2522 : (node_anonymous ? node_anonymous
2523 : (node_ecdsa ? node_ecdsa /* no ecdsa signature case (< TLSv1.2) */
2524 : node_rsa /* no rsa signature case (far far away) */
2525 )));
2526 if (node) {
2527 /* switch ctx */
2528 struct ssl_bind_conf *conf = container_of(node, struct sni_ctx, name)->conf;
2529 ssl_sock_switchctx_set(ssl, container_of(node, struct sni_ctx, name)->ctx);
Olivier Houchard35a63cc2017-11-02 19:04:38 +01002530 if (conf) {
2531 methodVersions[conf->ssl_methods.min].ssl_set_version(ssl, SET_MIN);
2532 methodVersions[conf->ssl_methods.max].ssl_set_version(ssl, SET_MAX);
2533 if (conf->early_data)
2534 allow_early = 1;
2535 }
William Lallemand02010472019-10-18 11:02:19 +02002536 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Olivier Houchard35a63cc2017-11-02 19:04:38 +01002537 goto allow_early;
Emmanuel Hocdet3777e3a2019-11-06 16:05:34 +01002538 }
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002539 }
William Lallemand150bfa82019-09-19 17:12:49 +02002540
William Lallemand02010472019-10-18 11:02:19 +02002541 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002542#if (!defined SSL_NO_GENERATE_CERTIFICATES)
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002543 if (s->generate_certs && ssl_sock_generate_certificate(trash.area, s, ssl)) {
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002544 /* switch ctx done in ssl_sock_generate_certificate */
Olivier Houchardc2aae742017-09-22 18:26:28 +02002545 goto allow_early;
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002546 }
2547#endif
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002548 if (!s->strict_sni) {
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002549 /* no certificate match, is the default_ctx */
William Lallemand21724f02019-11-04 17:56:13 +01002550 HA_RWLOCK_RDLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002551 ssl_sock_switchctx_set(ssl, s->default_ctx);
William Lallemand21724f02019-11-04 17:56:13 +01002552 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002553 }
Olivier Houchardc2aae742017-09-22 18:26:28 +02002554allow_early:
2555#ifdef OPENSSL_IS_BORINGSSL
2556 if (allow_early)
2557 SSL_set_early_data_enabled(ssl, 1);
2558#else
2559 if (!allow_early)
2560 SSL_set_max_early_data(ssl, 0);
2561#endif
2562 return 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002563 abort:
2564 /* abort handshake (was SSL_TLSEXT_ERR_ALERT_FATAL) */
2565 conn->err_code = CO_ER_SSL_HANDSHAKE;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002566#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002567 return ssl_select_cert_error;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002568#else
2569 *al = SSL_AD_UNRECOGNIZED_NAME;
2570 return 0;
2571#endif
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002572}
2573
2574#else /* OPENSSL_IS_BORINGSSL */
2575
Emeric Brunfc0421f2012-09-07 17:30:07 +02002576/* Sets the SSL ctx of <ssl> to match the advertised server name. Returns a
2577 * warning when no match is found, which implies the default (first) cert
2578 * will keep being used.
2579 */
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002580static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *priv)
Emeric Brunfc0421f2012-09-07 17:30:07 +02002581{
2582 const char *servername;
2583 const char *wildp = NULL;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002584 struct ebmb_node *node, *n;
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002585 struct bind_conf *s = priv;
Emeric Brunfc0421f2012-09-07 17:30:07 +02002586 int i;
2587 (void)al; /* shut gcc stupid warning */
2588
2589 servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
Emmanuel Hocdet65623372013-01-24 17:17:15 +01002590 if (!servername) {
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002591#if (!defined SSL_NO_GENERATE_CERTIFICATES)
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002592 if (s->generate_certs && ssl_sock_generate_certificate_from_conn(s, ssl))
2593 return SSL_TLSEXT_ERR_OK;
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002594#endif
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002595 if (s->strict_sni)
2596 return SSL_TLSEXT_ERR_ALERT_FATAL;
William Lallemand21724f02019-11-04 17:56:13 +01002597 HA_RWLOCK_RDLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002598 ssl_sock_switchctx_set(ssl, s->default_ctx);
William Lallemand21724f02019-11-04 17:56:13 +01002599 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002600 return SSL_TLSEXT_ERR_NOACK;
Emmanuel Hocdet65623372013-01-24 17:17:15 +01002601 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02002602
Willy Tarreau19d14ef2012-10-29 16:51:55 +01002603 for (i = 0; i < trash.size; i++) {
Emeric Brunfc0421f2012-09-07 17:30:07 +02002604 if (!servername[i])
2605 break;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002606 trash.area[i] = tolower(servername[i]);
2607 if (!wildp && (trash.area[i] == '.'))
2608 wildp = &trash.area[i];
Emeric Brunfc0421f2012-09-07 17:30:07 +02002609 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002610 trash.area[i] = 0;
Emeric Brunfc0421f2012-09-07 17:30:07 +02002611
William Lallemand150bfa82019-09-19 17:12:49 +02002612 HA_RWLOCK_RDLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetc5fdf0f2019-11-04 15:49:46 +01002613 node = NULL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02002614 /* lookup in full qualified names */
Emmanuel Hocdetc5fdf0f2019-11-04 15:49:46 +01002615 for (n = ebst_lookup(&s->sni_ctx, trash.area); n; n = ebmb_next_dup(n)) {
2616 /* lookup a not neg filter */
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002617 if (!container_of(n, struct sni_ctx, name)->neg) {
2618 node = n;
2619 break;
Emmanuel Hocdet65623372013-01-24 17:17:15 +01002620 }
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002621 }
2622 if (!node && wildp) {
2623 /* lookup in wildcards names */
Emmanuel Hocdetc5fdf0f2019-11-04 15:49:46 +01002624 for (n = ebst_lookup(&s->sni_w_ctx, wildp); n; n = ebmb_next_dup(n)) {
2625 /* lookup a not neg filter */
2626 if (!container_of(n, struct sni_ctx, name)->neg) {
2627 node = n;
2628 break;
2629 }
2630 }
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002631 }
Emmanuel Hocdetc5fdf0f2019-11-04 15:49:46 +01002632 if (!node) {
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002633#if (!defined SSL_NO_GENERATE_CERTIFICATES)
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002634 if (s->generate_certs && ssl_sock_generate_certificate(servername, s, ssl)) {
2635 /* switch ctx done in ssl_sock_generate_certificate */
William Lallemand150bfa82019-09-19 17:12:49 +02002636 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002637 return SSL_TLSEXT_ERR_OK;
2638 }
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002639#endif
William Lallemand21724f02019-11-04 17:56:13 +01002640 if (s->strict_sni) {
2641 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002642 return SSL_TLSEXT_ERR_ALERT_FATAL;
William Lallemand21724f02019-11-04 17:56:13 +01002643 }
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002644 ssl_sock_switchctx_set(ssl, s->default_ctx);
William Lallemand21724f02019-11-04 17:56:13 +01002645 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002646 return SSL_TLSEXT_ERR_OK;
Emeric Brunfc0421f2012-09-07 17:30:07 +02002647 }
2648
2649 /* switch ctx */
Emmanuel Hocdet530141f2017-03-01 18:54:56 +01002650 ssl_sock_switchctx_set(ssl, container_of(node, struct sni_ctx, name)->ctx);
William Lallemand150bfa82019-09-19 17:12:49 +02002651 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emeric Brunfc0421f2012-09-07 17:30:07 +02002652 return SSL_TLSEXT_ERR_OK;
2653}
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002654#endif /* (!) OPENSSL_IS_BORINGSSL */
Emeric Brunfc0421f2012-09-07 17:30:07 +02002655#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
2656
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002657#ifndef OPENSSL_NO_DH
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002658
2659static DH * ssl_get_dh_1024(void)
2660{
Remi Gacogned3a341a2015-05-29 16:26:17 +02002661 static unsigned char dh1024_p[]={
2662 0xFA,0xF9,0x2A,0x22,0x2A,0xA7,0x7F,0xE1,0x67,0x4E,0x53,0xF7,
2663 0x56,0x13,0xC3,0xB1,0xE3,0x29,0x6B,0x66,0x31,0x6A,0x7F,0xB3,
2664 0xC2,0x68,0x6B,0xCB,0x1D,0x57,0x39,0x1D,0x1F,0xFF,0x1C,0xC9,
2665 0xA6,0xA4,0x98,0x82,0x31,0x5D,0x25,0xFF,0x8A,0xE0,0x73,0x96,
2666 0x81,0xC8,0x83,0x79,0xC1,0x5A,0x04,0xF8,0x37,0x0D,0xA8,0x3D,
2667 0xAE,0x74,0xBC,0xDB,0xB6,0xA4,0x75,0xD9,0x71,0x8A,0xA0,0x17,
2668 0x9E,0x2D,0xC8,0xA8,0xDF,0x2C,0x5F,0x82,0x95,0xF8,0x92,0x9B,
2669 0xA7,0x33,0x5F,0x89,0x71,0xC8,0x2D,0x6B,0x18,0x86,0xC4,0x94,
2670 0x22,0xA5,0x52,0x8D,0xF6,0xF6,0xD2,0x37,0x92,0x0F,0xA5,0xCC,
2671 0xDB,0x7B,0x1D,0x3D,0xA1,0x31,0xB7,0x80,0x8F,0x0B,0x67,0x5E,
2672 0x36,0xA5,0x60,0x0C,0xF1,0x95,0x33,0x8B,
2673 };
2674 static unsigned char dh1024_g[]={
2675 0x02,
2676 };
2677
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002678 BIGNUM *p;
2679 BIGNUM *g;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002680 DH *dh = DH_new();
2681 if (dh) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002682 p = BN_bin2bn(dh1024_p, sizeof dh1024_p, NULL);
2683 g = BN_bin2bn(dh1024_g, sizeof dh1024_g, NULL);
Remi Gacogned3a341a2015-05-29 16:26:17 +02002684
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002685 if (!p || !g) {
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002686 DH_free(dh);
2687 dh = NULL;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002688 } else {
2689 DH_set0_pqg(dh, p, NULL, g);
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002690 }
2691 }
2692 return dh;
2693}
2694
2695static DH *ssl_get_dh_2048(void)
2696{
Remi Gacogned3a341a2015-05-29 16:26:17 +02002697 static unsigned char dh2048_p[]={
2698 0xEC,0x86,0xF8,0x70,0xA0,0x33,0x16,0xEC,0x05,0x1A,0x73,0x59,
2699 0xCD,0x1F,0x8B,0xF8,0x29,0xE4,0xD2,0xCF,0x52,0xDD,0xC2,0x24,
2700 0x8D,0xB5,0x38,0x9A,0xFB,0x5C,0xA4,0xE4,0xB2,0xDA,0xCE,0x66,
2701 0x50,0x74,0xA6,0x85,0x4D,0x4B,0x1D,0x30,0xB8,0x2B,0xF3,0x10,
2702 0xE9,0xA7,0x2D,0x05,0x71,0xE7,0x81,0xDF,0x8B,0x59,0x52,0x3B,
2703 0x5F,0x43,0x0B,0x68,0xF1,0xDB,0x07,0xBE,0x08,0x6B,0x1B,0x23,
2704 0xEE,0x4D,0xCC,0x9E,0x0E,0x43,0xA0,0x1E,0xDF,0x43,0x8C,0xEC,
2705 0xBE,0xBE,0x90,0xB4,0x51,0x54,0xB9,0x2F,0x7B,0x64,0x76,0x4E,
2706 0x5D,0xD4,0x2E,0xAE,0xC2,0x9E,0xAE,0x51,0x43,0x59,0xC7,0x77,
2707 0x9C,0x50,0x3C,0x0E,0xED,0x73,0x04,0x5F,0xF1,0x4C,0x76,0x2A,
2708 0xD8,0xF8,0xCF,0xFC,0x34,0x40,0xD1,0xB4,0x42,0x61,0x84,0x66,
2709 0x42,0x39,0x04,0xF8,0x68,0xB2,0x62,0xD7,0x55,0xED,0x1B,0x74,
2710 0x75,0x91,0xE0,0xC5,0x69,0xC1,0x31,0x5C,0xDB,0x7B,0x44,0x2E,
2711 0xCE,0x84,0x58,0x0D,0x1E,0x66,0x0C,0xC8,0x44,0x9E,0xFD,0x40,
2712 0x08,0x67,0x5D,0xFB,0xA7,0x76,0x8F,0x00,0x11,0x87,0xE9,0x93,
2713 0xF9,0x7D,0xC4,0xBC,0x74,0x55,0x20,0xD4,0x4A,0x41,0x2F,0x43,
2714 0x42,0x1A,0xC1,0xF2,0x97,0x17,0x49,0x27,0x37,0x6B,0x2F,0x88,
2715 0x7E,0x1C,0xA0,0xA1,0x89,0x92,0x27,0xD9,0x56,0x5A,0x71,0xC1,
2716 0x56,0x37,0x7E,0x3A,0x9D,0x05,0xE7,0xEE,0x5D,0x8F,0x82,0x17,
2717 0xBC,0xE9,0xC2,0x93,0x30,0x82,0xF9,0xF4,0xC9,0xAE,0x49,0xDB,
2718 0xD0,0x54,0xB4,0xD9,0x75,0x4D,0xFA,0x06,0xB8,0xD6,0x38,0x41,
2719 0xB7,0x1F,0x77,0xF3,
2720 };
2721 static unsigned char dh2048_g[]={
2722 0x02,
2723 };
2724
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002725 BIGNUM *p;
2726 BIGNUM *g;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002727 DH *dh = DH_new();
2728 if (dh) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002729 p = BN_bin2bn(dh2048_p, sizeof dh2048_p, NULL);
2730 g = BN_bin2bn(dh2048_g, sizeof dh2048_g, NULL);
Remi Gacogned3a341a2015-05-29 16:26:17 +02002731
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002732 if (!p || !g) {
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002733 DH_free(dh);
2734 dh = NULL;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002735 } else {
2736 DH_set0_pqg(dh, p, NULL, g);
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002737 }
2738 }
2739 return dh;
2740}
2741
2742static DH *ssl_get_dh_4096(void)
2743{
Remi Gacogned3a341a2015-05-29 16:26:17 +02002744 static unsigned char dh4096_p[]={
2745 0xDE,0x16,0x94,0xCD,0x99,0x58,0x07,0xF1,0xF7,0x32,0x96,0x11,
2746 0x04,0x82,0xD4,0x84,0x72,0x80,0x99,0x06,0xCA,0xF0,0xA3,0x68,
2747 0x07,0xCE,0x64,0x50,0xE7,0x74,0x45,0x20,0x80,0x5E,0x4D,0xAD,
2748 0xA5,0xB6,0xED,0xFA,0x80,0x6C,0x3B,0x35,0xC4,0x9A,0x14,0x6B,
2749 0x32,0xBB,0xFD,0x1F,0x17,0x8E,0xB7,0x1F,0xD6,0xFA,0x3F,0x7B,
2750 0xEE,0x16,0xA5,0x62,0x33,0x0D,0xED,0xBC,0x4E,0x58,0xE5,0x47,
2751 0x4D,0xE9,0xAB,0x8E,0x38,0xD3,0x6E,0x90,0x57,0xE3,0x22,0x15,
2752 0x33,0xBD,0xF6,0x43,0x45,0xB5,0x10,0x0A,0xBE,0x2C,0xB4,0x35,
2753 0xB8,0x53,0x8D,0xAD,0xFB,0xA7,0x1F,0x85,0x58,0x41,0x7A,0x79,
2754 0x20,0x68,0xB3,0xE1,0x3D,0x08,0x76,0xBF,0x86,0x0D,0x49,0xE3,
2755 0x82,0x71,0x8C,0xB4,0x8D,0x81,0x84,0xD4,0xE7,0xBE,0x91,0xDC,
2756 0x26,0x39,0x48,0x0F,0x35,0xC4,0xCA,0x65,0xE3,0x40,0x93,0x52,
2757 0x76,0x58,0x7D,0xDD,0x51,0x75,0xDC,0x69,0x61,0xBF,0x47,0x2C,
2758 0x16,0x68,0x2D,0xC9,0x29,0xD3,0xE6,0xC0,0x99,0x48,0xA0,0x9A,
2759 0xC8,0x78,0xC0,0x6D,0x81,0x67,0x12,0x61,0x3F,0x71,0xBA,0x41,
2760 0x1F,0x6C,0x89,0x44,0x03,0xBA,0x3B,0x39,0x60,0xAA,0x28,0x55,
2761 0x59,0xAE,0xB8,0xFA,0xCB,0x6F,0xA5,0x1A,0xF7,0x2B,0xDD,0x52,
2762 0x8A,0x8B,0xE2,0x71,0xA6,0x5E,0x7E,0xD8,0x2E,0x18,0xE0,0x66,
2763 0xDF,0xDD,0x22,0x21,0x99,0x52,0x73,0xA6,0x33,0x20,0x65,0x0E,
2764 0x53,0xE7,0x6B,0x9B,0xC5,0xA3,0x2F,0x97,0x65,0x76,0xD3,0x47,
2765 0x23,0x77,0x12,0xB6,0x11,0x7B,0x24,0xED,0xF1,0xEF,0xC0,0xE2,
2766 0xA3,0x7E,0x67,0x05,0x3E,0x96,0x4D,0x45,0xC2,0x18,0xD1,0x73,
2767 0x9E,0x07,0xF3,0x81,0x6E,0x52,0x63,0xF6,0x20,0x76,0xB9,0x13,
2768 0xD2,0x65,0x30,0x18,0x16,0x09,0x16,0x9E,0x8F,0xF1,0xD2,0x10,
2769 0x5A,0xD3,0xD4,0xAF,0x16,0x61,0xDA,0x55,0x2E,0x18,0x5E,0x14,
2770 0x08,0x54,0x2E,0x2A,0x25,0xA2,0x1A,0x9B,0x8B,0x32,0xA9,0xFD,
2771 0xC2,0x48,0x96,0xE1,0x80,0xCA,0xE9,0x22,0x17,0xBB,0xCE,0x3E,
2772 0x9E,0xED,0xC7,0xF1,0x1F,0xEC,0x17,0x21,0xDC,0x7B,0x82,0x48,
2773 0x8E,0xBB,0x4B,0x9D,0x5B,0x04,0x04,0xDA,0xDB,0x39,0xDF,0x01,
2774 0x40,0xC3,0xAA,0x26,0x23,0x89,0x75,0xC6,0x0B,0xD0,0xA2,0x60,
2775 0x6A,0xF1,0xCC,0x65,0x18,0x98,0x1B,0x52,0xD2,0x74,0x61,0xCC,
2776 0xBD,0x60,0xAE,0xA3,0xA0,0x66,0x6A,0x16,0x34,0x92,0x3F,0x41,
2777 0x40,0x31,0x29,0xC0,0x2C,0x63,0xB2,0x07,0x8D,0xEB,0x94,0xB8,
2778 0xE8,0x47,0x92,0x52,0x93,0x6A,0x1B,0x7E,0x1A,0x61,0xB3,0x1B,
2779 0xF0,0xD6,0x72,0x9B,0xF1,0xB0,0xAF,0xBF,0x3E,0x65,0xEF,0x23,
2780 0x1D,0x6F,0xFF,0x70,0xCD,0x8A,0x4C,0x8A,0xA0,0x72,0x9D,0xBE,
2781 0xD4,0xBB,0x24,0x47,0x4A,0x68,0xB5,0xF5,0xC6,0xD5,0x7A,0xCD,
2782 0xCA,0x06,0x41,0x07,0xAD,0xC2,0x1E,0xE6,0x54,0xA7,0xAD,0x03,
2783 0xD9,0x12,0xC1,0x9C,0x13,0xB1,0xC9,0x0A,0x43,0x8E,0x1E,0x08,
2784 0xCE,0x50,0x82,0x73,0x5F,0xA7,0x55,0x1D,0xD9,0x59,0xAC,0xB5,
2785 0xEA,0x02,0x7F,0x6C,0x5B,0x74,0x96,0x98,0x67,0x24,0xA3,0x0F,
2786 0x15,0xFC,0xA9,0x7D,0x3E,0x67,0xD1,0x70,0xF8,0x97,0xF3,0x67,
2787 0xC5,0x8C,0x88,0x44,0x08,0x02,0xC7,0x2B,
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002788 };
Remi Gacogned3a341a2015-05-29 16:26:17 +02002789 static unsigned char dh4096_g[]={
2790 0x02,
2791 };
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002792
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002793 BIGNUM *p;
2794 BIGNUM *g;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002795 DH *dh = DH_new();
2796 if (dh) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002797 p = BN_bin2bn(dh4096_p, sizeof dh4096_p, NULL);
2798 g = BN_bin2bn(dh4096_g, sizeof dh4096_g, NULL);
Remi Gacogned3a341a2015-05-29 16:26:17 +02002799
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002800 if (!p || !g) {
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002801 DH_free(dh);
2802 dh = NULL;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002803 } else {
2804 DH_set0_pqg(dh, p, NULL, g);
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002805 }
2806 }
2807 return dh;
2808}
2809
2810/* Returns Diffie-Hellman parameters matching the private key length
Willy Tarreauef934602016-12-22 23:12:01 +01002811 but not exceeding global_ssl.default_dh_param */
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002812static DH *ssl_get_tmp_dh(SSL *ssl, int export, int keylen)
2813{
2814 DH *dh = NULL;
2815 EVP_PKEY *pkey = SSL_get_privatekey(ssl);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002816 int type;
2817
2818 type = pkey ? EVP_PKEY_base_id(pkey) : EVP_PKEY_NONE;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002819
2820 /* The keylen supplied by OpenSSL can only be 512 or 1024.
2821 See ssl3_send_server_key_exchange() in ssl/s3_srvr.c
2822 */
2823 if (type == EVP_PKEY_RSA || type == EVP_PKEY_DSA) {
2824 keylen = EVP_PKEY_bits(pkey);
2825 }
2826
Willy Tarreauef934602016-12-22 23:12:01 +01002827 if (keylen > global_ssl.default_dh_param) {
2828 keylen = global_ssl.default_dh_param;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002829 }
2830
Remi Gacogned3a341a2015-05-29 16:26:17 +02002831 if (keylen >= 4096) {
Remi Gacogne8de54152014-07-15 11:36:40 +02002832 dh = local_dh_4096;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002833 }
2834 else if (keylen >= 2048) {
Remi Gacogne8de54152014-07-15 11:36:40 +02002835 dh = local_dh_2048;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002836 }
2837 else {
Remi Gacogne8de54152014-07-15 11:36:40 +02002838 dh = local_dh_1024;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002839 }
2840
2841 return dh;
2842}
2843
Remi Gacogne47783ef2015-05-29 15:53:22 +02002844static DH * ssl_sock_get_dh_from_file(const char *filename)
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002845{
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002846 DH *dh = NULL;
Remi Gacogne47783ef2015-05-29 15:53:22 +02002847 BIO *in = BIO_new(BIO_s_file());
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002848
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002849 if (in == NULL)
2850 goto end;
2851
Remi Gacogne47783ef2015-05-29 15:53:22 +02002852 if (BIO_read_filename(in, filename) <= 0)
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002853 goto end;
2854
Remi Gacogne47783ef2015-05-29 15:53:22 +02002855 dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
2856
2857end:
2858 if (in)
2859 BIO_free(in);
2860
Emeric Brune1b4ed42018-08-16 15:14:12 +02002861 ERR_clear_error();
2862
Remi Gacogne47783ef2015-05-29 15:53:22 +02002863 return dh;
2864}
2865
2866int ssl_sock_load_global_dh_param_from_file(const char *filename)
2867{
2868 global_dh = ssl_sock_get_dh_from_file(filename);
2869
2870 if (global_dh) {
2871 return 0;
2872 }
2873
2874 return -1;
2875}
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002876#endif
2877
William Lallemand82b21bb2020-04-10 10:26:27 +02002878/* release ssl bind conf */
2879void ssl_sock_free_ssl_conf(struct ssl_bind_conf *conf)
2880{
2881 if (conf) {
2882#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
2883 free(conf->npn_str);
2884 conf->npn_str = NULL;
2885#endif
2886#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
2887 free(conf->alpn_str);
2888 conf->alpn_str = NULL;
2889#endif
2890 free(conf->ca_file);
2891 conf->ca_file = NULL;
2892 free(conf->ca_verify_file);
2893 conf->ca_verify_file = NULL;
2894 free(conf->crl_file);
2895 conf->crl_file = NULL;
2896 free(conf->ciphers);
2897 conf->ciphers = NULL;
2898#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
2899 free(conf->ciphersuites);
2900 conf->ciphersuites = NULL;
2901#endif
2902 free(conf->curves);
2903 conf->curves = NULL;
2904 free(conf->ecdhe);
2905 conf->ecdhe = NULL;
2906 }
2907}
2908
William Lallemandd9d5d1b2020-04-09 16:31:05 +02002909/* unlink a ckch_inst, free all SNIs, free the ckch_inst */
2910/* The caller must use the lock of the bind_conf if used with inserted SNIs */
2911static void ckch_inst_free(struct ckch_inst *inst)
2912{
2913 struct sni_ctx *sni, *sni_s;
2914
2915 if (inst == NULL)
2916 return;
2917
2918 list_for_each_entry_safe(sni, sni_s, &inst->sni_ctx, by_ckch_inst) {
2919 SSL_CTX_free(sni->ctx);
2920 LIST_DEL(&sni->by_ckch_inst);
2921 ebmb_delete(&sni->name);
2922 free(sni);
2923 }
2924 LIST_DEL(&inst->by_ckchs);
2925 LIST_DEL(&inst->by_crtlist_entry);
2926 free(inst);
2927}
2928
William Lallemand9117de92019-10-04 00:29:42 +02002929/* Alloc and init a ckch_inst */
2930static struct ckch_inst *ckch_inst_new()
2931{
2932 struct ckch_inst *ckch_inst;
2933
2934 ckch_inst = calloc(1, sizeof *ckch_inst);
William Lallemand9cef2e22020-04-09 16:25:10 +02002935 if (!ckch_inst)
2936 return NULL;
2937
2938 LIST_INIT(&ckch_inst->sni_ctx);
2939 LIST_INIT(&ckch_inst->by_ckchs);
2940 LIST_INIT(&ckch_inst->by_crtlist_entry);
William Lallemand9117de92019-10-04 00:29:42 +02002941
2942 return ckch_inst;
2943}
2944
William Lallemand82b21bb2020-04-10 10:26:27 +02002945/* free sni filters */
2946static void crtlist_free_filters(char **args)
2947{
2948 int i;
2949
2950 if (!args)
2951 return;
2952
2953 for (i = 0; args[i]; i++)
2954 free(args[i]);
2955
2956 free(args);
2957}
2958
2959/* Alloc and duplicate a char ** array */
2960static char **crtlist_dup_filters(char **args, int fcount)
2961{
2962 char **dst;
2963 int i;
2964
2965 if (fcount == 0)
2966 return NULL;
2967
2968 dst = calloc(fcount + 1, sizeof(*dst));
2969 if (!dst)
2970 return NULL;
2971
2972 for (i = 0; i < fcount; i++) {
2973 dst[i] = strdup(args[i]);
2974 if (!dst[i])
2975 goto error;
2976 }
2977 return dst;
2978
2979error:
2980 crtlist_free_filters(dst);
2981 return NULL;
2982}
2983
William Lallemande718dfb2020-04-10 11:09:25 +02002984/*
2985 * Detach and free a crtlist_entry.
2986 * Free the filters, the ssl_conf and call ckch_inst_free() for each ckch_inst
2987 */
2988static void crtlist_entry_free(struct crtlist_entry *entry)
2989{
2990 struct ckch_inst *inst, *inst_s;
2991
2992 if (entry == NULL)
2993 return;
2994
2995 ebpt_delete(&entry->node);
2996 LIST_DEL(&entry->by_crtlist);
2997 LIST_DEL(&entry->by_ckch_store);
2998 crtlist_free_filters(entry->filters);
2999 ssl_sock_free_ssl_conf(entry->ssl_conf);
3000 free(entry->ssl_conf);
3001 list_for_each_entry_safe(inst, inst_s, &entry->ckch_inst, by_crtlist_entry) {
3002 ckch_inst_free(inst);
3003 }
3004 free(entry);
3005}
3006
3007/*
3008 * Allocate and initialize a crtlist_entry
3009 */
3010static struct crtlist_entry *crtlist_entry_new()
3011{
3012 struct crtlist_entry *entry;
3013
3014 entry = calloc(1, sizeof(*entry));
3015 if (entry == NULL)
3016 return NULL;
3017
3018 LIST_INIT(&entry->ckch_inst);
3019
3020 /* initialize the nodes so we can LIST_DEL in any cases */
3021 LIST_INIT(&entry->by_crtlist);
3022 LIST_INIT(&entry->by_ckch_store);
3023
3024 return entry;
3025}
3026
William Lallemand82b21bb2020-04-10 10:26:27 +02003027/* Free a crtlist, from the crt_entry to the content of the ssl_conf */
3028static void crtlist_free(struct crtlist *crtlist)
3029{
3030 struct crtlist_entry *entry, *s_entry;
3031
3032 if (crtlist == NULL)
3033 return;
3034
3035 list_for_each_entry_safe(entry, s_entry, &crtlist->ord_entries, by_crtlist) {
3036 crtlist_entry_free(entry);
3037 }
3038 ebmb_delete(&crtlist->node);
3039 free(crtlist);
3040}
3041
3042/* Alloc and initialize a struct crtlist
3043 * <filename> is the key of the ebmb_node
3044 * <unique> initialize the list of entries to be unique (1) or not (0)
3045 */
3046static struct crtlist *crtlist_new(const char *filename, int unique)
3047{
3048 struct crtlist *newlist;
3049
3050 newlist = calloc(1, sizeof(*newlist) + strlen(filename) + 1);
3051 if (newlist == NULL)
3052 return NULL;
3053
3054 memcpy(newlist->node.key, filename, strlen(filename) + 1);
3055 if (unique)
3056 newlist->entries = EB_ROOT_UNIQUE;
3057 else
3058 newlist->entries = EB_ROOT;
3059
3060 LIST_INIT(&newlist->ord_entries);
3061
3062 return newlist;
3063}
William Lallemand9117de92019-10-04 00:29:42 +02003064
3065/* This function allocates a sni_ctx and adds it to the ckch_inst */
William Lallemand1d29c742019-10-04 00:53:29 +02003066static int ckch_inst_add_cert_sni(SSL_CTX *ctx, struct ckch_inst *ckch_inst,
William Lallemand9117de92019-10-04 00:29:42 +02003067 struct bind_conf *s, struct ssl_bind_conf *conf,
3068 struct pkey_info kinfo, char *name, int order)
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01003069{
3070 struct sni_ctx *sc;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02003071 int wild = 0, neg = 0;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01003072
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02003073 if (*name == '!') {
3074 neg = 1;
3075 name++;
3076 }
3077 if (*name == '*') {
3078 wild = 1;
3079 name++;
3080 }
3081 /* !* filter is a nop */
3082 if (neg && wild)
3083 return order;
3084 if (*name) {
3085 int j, len;
3086 len = strlen(name);
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +02003087 for (j = 0; j < len && j < trash.size; j++)
Willy Tarreau843b7cb2018-07-13 10:54:26 +02003088 trash.area[j] = tolower(name[j]);
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +02003089 if (j >= trash.size)
William Lallemandfe49bb32019-10-03 23:46:33 +02003090 return -1;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02003091 trash.area[j] = 0;
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +02003092
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01003093 sc = malloc(sizeof(struct sni_ctx) + len + 1);
Thierry FOURNIER / OZON.IO7a3bd3b2016-10-06 10:35:29 +02003094 if (!sc)
William Lallemandfe49bb32019-10-03 23:46:33 +02003095 return -1;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02003096 memcpy(sc->name.key, trash.area, len + 1);
William Lallemand02e19a52020-04-08 16:11:26 +02003097 SSL_CTX_up_ref(ctx);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01003098 sc->ctx = ctx;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01003099 sc->conf = conf;
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02003100 sc->kinfo = kinfo;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02003101 sc->order = order++;
3102 sc->neg = neg;
William Lallemand1d29c742019-10-04 00:53:29 +02003103 sc->wild = wild;
3104 sc->name.node.leaf_p = NULL;
William Lallemandcfca1422020-03-05 10:17:47 +01003105 sc->ckch_inst = ckch_inst;
William Lallemand1d29c742019-10-04 00:53:29 +02003106 LIST_ADDQ(&ckch_inst->sni_ctx, &sc->by_ckch_inst);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01003107 }
3108 return order;
3109}
3110
William Lallemand6af03992019-07-23 15:00:54 +02003111/*
William Lallemand1d29c742019-10-04 00:53:29 +02003112 * Insert the sni_ctxs that are listed in the ckch_inst, in the bind_conf's sni_ctx tree
3113 * This function can't return an error.
3114 *
3115 * *CAUTION*: The caller must lock the sni tree if called in multithreading mode
3116 */
3117static void ssl_sock_load_cert_sni(struct ckch_inst *ckch_inst, struct bind_conf *bind_conf)
3118{
3119
3120 struct sni_ctx *sc0, *sc0b, *sc1;
3121 struct ebmb_node *node;
William Lallemand21724f02019-11-04 17:56:13 +01003122 int def = 0;
William Lallemand1d29c742019-10-04 00:53:29 +02003123
3124 list_for_each_entry_safe(sc0, sc0b, &ckch_inst->sni_ctx, by_ckch_inst) {
3125
3126 /* ignore if sc0 was already inserted in a tree */
3127 if (sc0->name.node.leaf_p)
3128 continue;
3129
3130 /* Check for duplicates. */
3131 if (sc0->wild)
3132 node = ebst_lookup(&bind_conf->sni_w_ctx, (char *)sc0->name.key);
3133 else
3134 node = ebst_lookup(&bind_conf->sni_ctx, (char *)sc0->name.key);
3135
3136 for (; node; node = ebmb_next_dup(node)) {
3137 sc1 = ebmb_entry(node, struct sni_ctx, name);
3138 if (sc1->ctx == sc0->ctx && sc1->conf == sc0->conf
3139 && sc1->neg == sc0->neg && sc1->wild == sc0->wild) {
3140 /* it's a duplicate, we should remove and free it */
3141 LIST_DEL(&sc0->by_ckch_inst);
William Lallemand02e19a52020-04-08 16:11:26 +02003142 SSL_CTX_free(sc0->ctx);
William Lallemand1d29c742019-10-04 00:53:29 +02003143 free(sc0);
3144 sc0 = NULL;
William Lallemande15029b2019-10-14 10:46:58 +02003145 break;
William Lallemand1d29c742019-10-04 00:53:29 +02003146 }
3147 }
3148
3149 /* if duplicate, ignore the insertion */
3150 if (!sc0)
3151 continue;
3152
3153 if (sc0->wild)
3154 ebst_insert(&bind_conf->sni_w_ctx, &sc0->name);
3155 else
3156 ebst_insert(&bind_conf->sni_ctx, &sc0->name);
William Lallemand21724f02019-11-04 17:56:13 +01003157
3158 /* replace the default_ctx if required with the first ctx */
3159 if (ckch_inst->is_default && !def) {
William Lallemand02e19a52020-04-08 16:11:26 +02003160 SSL_CTX_free(bind_conf->default_ctx);
3161 SSL_CTX_up_ref(sc0->ctx);
William Lallemand21724f02019-11-04 17:56:13 +01003162 bind_conf->default_ctx = sc0->ctx;
3163 def = 1;
3164 }
William Lallemand1d29c742019-10-04 00:53:29 +02003165 }
3166}
3167
3168/*
William Lallemande3af8fb2019-10-08 11:36:53 +02003169 * tree used to store the ckchs ordered by filename/bundle name
William Lallemand6af03992019-07-23 15:00:54 +02003170 */
William Lallemande3af8fb2019-10-08 11:36:53 +02003171struct eb_root ckchs_tree = EB_ROOT_UNIQUE;
William Lallemand6af03992019-07-23 15:00:54 +02003172
William Lallemand2954c472020-03-06 21:54:13 +01003173/* tree of crtlist (crt-list/directory) */
3174static struct eb_root crtlists_tree = EB_ROOT_UNIQUE;
William Lallemandfa892222019-07-23 16:06:08 +02003175
Emeric Brun7a883362019-10-17 13:27:40 +02003176/* Loads Diffie-Hellman parameter from a ckchs to an SSL_CTX.
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +05003177 * If there is no DH parameter available in the ckchs, the global
Emeric Brun7a883362019-10-17 13:27:40 +02003178 * DH parameter is loaded into the SSL_CTX and if there is no
3179 * DH parameter available in ckchs nor in global, the default
3180 * DH parameters are applied on the SSL_CTX.
3181 * Returns a bitfield containing the flags:
3182 * ERR_FATAL in any fatal error case
3183 * ERR_ALERT if a reason of the error is availabine in err
3184 * ERR_WARN if a warning is available into err
3185 * The value 0 means there is no error nor warning and
3186 * the operation succeed.
3187 */
William Lallemandfa892222019-07-23 16:06:08 +02003188#ifndef OPENSSL_NO_DH
Emeric Brun7a883362019-10-17 13:27:40 +02003189static int ssl_sock_load_dh_params(SSL_CTX *ctx, const struct cert_key_and_chain *ckch,
3190 const char *path, char **err)
William Lallemandfa892222019-07-23 16:06:08 +02003191{
Emeric Brun7a883362019-10-17 13:27:40 +02003192 int ret = 0;
William Lallemandfa892222019-07-23 16:06:08 +02003193 DH *dh = NULL;
3194
William Lallemanda8c73742019-07-31 18:31:34 +02003195 if (ckch && ckch->dh) {
William Lallemandfa892222019-07-23 16:06:08 +02003196 dh = ckch->dh;
Emeric Bruna9363eb2019-10-17 14:53:03 +02003197 if (!SSL_CTX_set_tmp_dh(ctx, dh)) {
3198 memprintf(err, "%sunable to load the DH parameter specified in '%s'",
3199 err && *err ? *err : "", path);
3200#if defined(SSL_CTX_set_dh_auto)
3201 SSL_CTX_set_dh_auto(ctx, 1);
3202 memprintf(err, "%s, SSL library will use an automatically generated DH parameter.\n",
3203 err && *err ? *err : "");
3204#else
3205 memprintf(err, "%s, DH ciphers won't be available.\n",
3206 err && *err ? *err : "");
3207#endif
3208 ret |= ERR_WARN;
3209 goto end;
3210 }
William Lallemandfa892222019-07-23 16:06:08 +02003211
3212 if (ssl_dh_ptr_index >= 0) {
3213 /* store a pointer to the DH params to avoid complaining about
3214 ssl-default-dh-param not being set for this SSL_CTX */
3215 SSL_CTX_set_ex_data(ctx, ssl_dh_ptr_index, dh);
3216 }
3217 }
3218 else if (global_dh) {
Emeric Bruna9363eb2019-10-17 14:53:03 +02003219 if (!SSL_CTX_set_tmp_dh(ctx, global_dh)) {
3220 memprintf(err, "%sunable to use the global DH parameter for certificate '%s'",
3221 err && *err ? *err : "", path);
3222#if defined(SSL_CTX_set_dh_auto)
3223 SSL_CTX_set_dh_auto(ctx, 1);
3224 memprintf(err, "%s, SSL library will use an automatically generated DH parameter.\n",
3225 err && *err ? *err : "");
3226#else
3227 memprintf(err, "%s, DH ciphers won't be available.\n",
3228 err && *err ? *err : "");
3229#endif
3230 ret |= ERR_WARN;
3231 goto end;
3232 }
William Lallemandfa892222019-07-23 16:06:08 +02003233 }
3234 else {
3235 /* Clear openssl global errors stack */
3236 ERR_clear_error();
3237
3238 if (global_ssl.default_dh_param <= 1024) {
3239 /* we are limited to DH parameter of 1024 bits anyway */
3240 if (local_dh_1024 == NULL)
3241 local_dh_1024 = ssl_get_dh_1024();
3242
Emeric Brun7a883362019-10-17 13:27:40 +02003243 if (local_dh_1024 == NULL) {
3244 memprintf(err, "%sunable to load default 1024 bits DH parameter for certificate '%s'.\n",
3245 err && *err ? *err : "", path);
3246 ret |= ERR_ALERT | ERR_FATAL;
William Lallemandfa892222019-07-23 16:06:08 +02003247 goto end;
Emeric Brun7a883362019-10-17 13:27:40 +02003248 }
William Lallemandfa892222019-07-23 16:06:08 +02003249
Emeric Bruna9363eb2019-10-17 14:53:03 +02003250 if (!SSL_CTX_set_tmp_dh(ctx, local_dh_1024)) {
3251 memprintf(err, "%sunable to load default 1024 bits DH parameter for certificate '%s'.\n",
3252 err && *err ? *err : "", path);
3253#if defined(SSL_CTX_set_dh_auto)
3254 SSL_CTX_set_dh_auto(ctx, 1);
3255 memprintf(err, "%s, SSL library will use an automatically generated DH parameter.\n",
3256 err && *err ? *err : "");
3257#else
3258 memprintf(err, "%s, DH ciphers won't be available.\n",
3259 err && *err ? *err : "");
3260#endif
3261 ret |= ERR_WARN;
3262 goto end;
3263 }
William Lallemandfa892222019-07-23 16:06:08 +02003264 }
3265 else {
3266 SSL_CTX_set_tmp_dh_callback(ctx, ssl_get_tmp_dh);
3267 }
William Lallemandfa892222019-07-23 16:06:08 +02003268 }
3269
3270end:
William Lallemand4dd145a2020-02-05 11:46:33 +01003271 ERR_clear_error();
William Lallemandfa892222019-07-23 16:06:08 +02003272 return ret;
3273}
3274#endif
yanbzhu08ce6ab2015-12-02 13:01:29 -05003275
yanbzhu488a4d22015-12-01 15:16:07 -05003276/* Frees the contents of a cert_key_and_chain
3277 */
3278static void ssl_sock_free_cert_key_and_chain_contents(struct cert_key_and_chain *ckch)
3279{
yanbzhu488a4d22015-12-01 15:16:07 -05003280 if (!ckch)
3281 return;
3282
3283 /* Free the certificate and set pointer to NULL */
3284 if (ckch->cert)
3285 X509_free(ckch->cert);
3286 ckch->cert = NULL;
3287
3288 /* Free the key and set pointer to NULL */
3289 if (ckch->key)
3290 EVP_PKEY_free(ckch->key);
3291 ckch->key = NULL;
3292
3293 /* Free each certificate in the chain */
Emmanuel Hocdet9246f8b2018-11-30 16:00:21 +01003294 if (ckch->chain)
3295 sk_X509_pop_free(ckch->chain, X509_free);
3296 ckch->chain = NULL;
yanbzhu488a4d22015-12-01 15:16:07 -05003297
William Lallemand455af502019-10-17 18:04:45 +02003298 if (ckch->dh)
3299 DH_free(ckch->dh);
3300 ckch->dh = NULL;
3301
3302 if (ckch->sctl) {
3303 free(ckch->sctl->area);
3304 ckch->sctl->area = NULL;
3305 free(ckch->sctl);
3306 ckch->sctl = NULL;
3307 }
3308
3309 if (ckch->ocsp_response) {
3310 free(ckch->ocsp_response->area);
3311 ckch->ocsp_response->area = NULL;
3312 free(ckch->ocsp_response);
3313 ckch->ocsp_response = NULL;
3314 }
William Lallemand5c3c96f2020-01-23 11:53:13 +01003315
3316 if (ckch->ocsp_issuer)
William Lallemanddad239d2020-01-23 11:59:02 +01003317 X509_free(ckch->ocsp_issuer);
William Lallemand5c3c96f2020-01-23 11:53:13 +01003318 ckch->ocsp_issuer = NULL;
yanbzhu488a4d22015-12-01 15:16:07 -05003319}
3320
William Lallemand8d0f8932019-10-17 18:03:58 +02003321/*
3322 *
3323 * This function copy a cert_key_and_chain in memory
3324 *
3325 * It's used to try to apply changes on a ckch before committing them, because
3326 * most of the time it's not possible to revert those changes
3327 *
3328 * Return a the dst or NULL
3329 */
3330static struct cert_key_and_chain *ssl_sock_copy_cert_key_and_chain(struct cert_key_and_chain *src,
3331 struct cert_key_and_chain *dst)
3332{
3333 if (src->cert) {
3334 dst->cert = src->cert;
3335 X509_up_ref(src->cert);
3336 }
3337
3338 if (src->key) {
3339 dst->key = src->key;
3340 EVP_PKEY_up_ref(src->key);
3341 }
3342
3343 if (src->chain) {
3344 dst->chain = X509_chain_up_ref(src->chain);
3345 }
3346
3347 if (src->dh) {
3348 DH_up_ref(src->dh);
3349 dst->dh = src->dh;
3350 }
3351
3352 if (src->sctl) {
3353 struct buffer *sctl;
3354
3355 sctl = calloc(1, sizeof(*sctl));
3356 if (!chunk_dup(sctl, src->sctl)) {
3357 free(sctl);
3358 sctl = NULL;
3359 goto error;
3360 }
3361 dst->sctl = sctl;
3362 }
3363
3364 if (src->ocsp_response) {
3365 struct buffer *ocsp_response;
3366
3367 ocsp_response = calloc(1, sizeof(*ocsp_response));
3368 if (!chunk_dup(ocsp_response, src->ocsp_response)) {
3369 free(ocsp_response);
3370 ocsp_response = NULL;
3371 goto error;
3372 }
3373 dst->ocsp_response = ocsp_response;
3374 }
3375
3376 if (src->ocsp_issuer) {
3377 X509_up_ref(src->ocsp_issuer);
3378 dst->ocsp_issuer = src->ocsp_issuer;
3379 }
3380
3381 return dst;
3382
3383error:
3384
3385 /* free everything */
3386 ssl_sock_free_cert_key_and_chain_contents(dst);
3387
3388 return NULL;
3389}
3390
3391
yanbzhu488a4d22015-12-01 15:16:07 -05003392/* checks if a key and cert exists in the ckch
3393 */
William Lallemand1633e392019-09-30 12:58:13 +02003394#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhu488a4d22015-12-01 15:16:07 -05003395static int ssl_sock_is_ckch_valid(struct cert_key_and_chain *ckch)
3396{
3397 return (ckch->cert != NULL && ckch->key != NULL);
3398}
William Lallemand1633e392019-09-30 12:58:13 +02003399#endif
yanbzhu488a4d22015-12-01 15:16:07 -05003400
William Lallemandf9568fc2019-10-16 18:27:58 +02003401/*
3402 * return 0 on success or != 0 on failure
3403 */
3404static int ssl_sock_load_issuer_file_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch, char **err)
3405{
3406 int ret = 1;
3407 BIO *in = NULL;
3408 X509 *issuer;
3409
3410 if (buf) {
3411 /* reading from a buffer */
3412 in = BIO_new_mem_buf(buf, -1);
3413 if (in == NULL) {
3414 memprintf(err, "%sCan't allocate memory\n", err && *err ? *err : "");
3415 goto end;
3416 }
3417
3418 } else {
3419 /* reading from a file */
3420 in = BIO_new(BIO_s_file());
3421 if (in == NULL)
3422 goto end;
3423
3424 if (BIO_read_filename(in, path) <= 0)
3425 goto end;
3426 }
3427
3428 issuer = PEM_read_bio_X509_AUX(in, NULL, NULL, NULL);
3429 if (!issuer) {
3430 memprintf(err, "%s'%s' cannot be read or parsed'.\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01003431 err && *err ? *err : "", path);
William Lallemandf9568fc2019-10-16 18:27:58 +02003432 goto end;
3433 }
Emmanuel Hocdeteb73dc32020-01-16 14:45:00 +01003434 /* no error, fill ckch with new context, old context must be free */
3435 if (ckch->ocsp_issuer)
3436 X509_free(ckch->ocsp_issuer);
William Lallemandf9568fc2019-10-16 18:27:58 +02003437 ckch->ocsp_issuer = issuer;
Emmanuel Hocdeteb73dc32020-01-16 14:45:00 +01003438 ret = 0;
William Lallemandf9568fc2019-10-16 18:27:58 +02003439
3440end:
3441
3442 ERR_clear_error();
3443 if (in)
3444 BIO_free(in);
3445
3446 return ret;
3447}
3448
William Lallemand96a9c972019-10-17 11:56:17 +02003449
3450/*
3451 * Try to load a PEM file from a <path> or a buffer <buf>
William Lallemand4c5adbf2020-02-24 14:23:22 +01003452 * The PEM must contain at least a Certificate,
3453 * It could contain a DH, a certificate chain and a PrivateKey.
yanbzhu488a4d22015-12-01 15:16:07 -05003454 *
William Lallemand96a9c972019-10-17 11:56:17 +02003455 * If it failed you should not attempt to use the ckch but free it.
3456 *
3457 * Return 0 on success or != 0 on failure
yanbzhu488a4d22015-12-01 15:16:07 -05003458 */
William Lallemand96a9c972019-10-17 11:56:17 +02003459static int ssl_sock_load_pem_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch , char **err)
yanbzhu488a4d22015-12-01 15:16:07 -05003460{
William Lallemandf11365b2019-09-19 14:25:58 +02003461 BIO *in = NULL;
yanbzhu488a4d22015-12-01 15:16:07 -05003462 int ret = 1;
Emmanuel Hocdet83cbd3c2019-10-25 11:55:03 +02003463 X509 *ca;
William Lallemand96a9c972019-10-17 11:56:17 +02003464 X509 *cert = NULL;
3465 EVP_PKEY *key = NULL;
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003466 DH *dh = NULL;
3467 STACK_OF(X509) *chain = NULL;
William Lallemand96a9c972019-10-17 11:56:17 +02003468
3469 if (buf) {
3470 /* reading from a buffer */
3471 in = BIO_new_mem_buf(buf, -1);
3472 if (in == NULL) {
3473 memprintf(err, "%sCan't allocate memory\n", err && *err ? *err : "");
3474 goto end;
3475 }
yanbzhu488a4d22015-12-01 15:16:07 -05003476
William Lallemand96a9c972019-10-17 11:56:17 +02003477 } else {
3478 /* reading from a file */
William Lallemandf11365b2019-09-19 14:25:58 +02003479 in = BIO_new(BIO_s_file());
William Lallemand7fd01b32020-04-07 14:16:32 +02003480 if (in == NULL) {
3481 memprintf(err, "%sCan't allocate memory\n", err && *err ? *err : "");
William Lallemandf11365b2019-09-19 14:25:58 +02003482 goto end;
William Lallemand7fd01b32020-04-07 14:16:32 +02003483 }
yanbzhu488a4d22015-12-01 15:16:07 -05003484
William Lallemand7fd01b32020-04-07 14:16:32 +02003485 if (BIO_read_filename(in, path) <= 0) {
3486 memprintf(err, "%scannot open the file '%s'.\n",
3487 err && *err ? *err : "", path);
William Lallemandf11365b2019-09-19 14:25:58 +02003488 goto end;
William Lallemand7fd01b32020-04-07 14:16:32 +02003489 }
William Lallemandf11365b2019-09-19 14:25:58 +02003490 }
yanbzhu488a4d22015-12-01 15:16:07 -05003491
yanbzhu488a4d22015-12-01 15:16:07 -05003492 /* Read Private Key */
William Lallemand96a9c972019-10-17 11:56:17 +02003493 key = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL);
William Lallemand4c5adbf2020-02-24 14:23:22 +01003494 /* no need to check for errors here, because the private key could be loaded later */
yanbzhu488a4d22015-12-01 15:16:07 -05003495
Emmanuel Hocdet54227d82019-07-30 17:04:01 +02003496#ifndef OPENSSL_NO_DH
William Lallemandfa892222019-07-23 16:06:08 +02003497 /* Seek back to beginning of file */
3498 if (BIO_reset(in) == -1) {
3499 memprintf(err, "%san error occurred while reading the file '%s'.\n",
3500 err && *err ? *err : "", path);
3501 goto end;
3502 }
3503
William Lallemand96a9c972019-10-17 11:56:17 +02003504 dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
3505 /* no need to return an error there, dh is not mandatory */
Emmanuel Hocdet54227d82019-07-30 17:04:01 +02003506#endif
William Lallemandfa892222019-07-23 16:06:08 +02003507
Willy Tarreaubb137a82016-04-06 19:02:38 +02003508 /* Seek back to beginning of file */
Thierry FOURNIER / OZON.IOd44ea3f2016-10-14 00:49:21 +02003509 if (BIO_reset(in) == -1) {
3510 memprintf(err, "%san error occurred while reading the file '%s'.\n",
3511 err && *err ? *err : "", path);
3512 goto end;
3513 }
Willy Tarreaubb137a82016-04-06 19:02:38 +02003514
3515 /* Read Certificate */
William Lallemand96a9c972019-10-17 11:56:17 +02003516 cert = PEM_read_bio_X509_AUX(in, NULL, NULL, NULL);
3517 if (cert == NULL) {
Willy Tarreaubb137a82016-04-06 19:02:38 +02003518 memprintf(err, "%sunable to load certificate from file '%s'.\n",
William Lallemand96a9c972019-10-17 11:56:17 +02003519 err && *err ? *err : "", path);
Willy Tarreaubb137a82016-04-06 19:02:38 +02003520 goto end;
3521 }
3522
William Lallemand96a9c972019-10-17 11:56:17 +02003523 /* Look for a Certificate Chain */
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003524 while ((ca = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
3525 if (chain == NULL)
3526 chain = sk_X509_new_null();
3527 if (!sk_X509_push(chain, ca)) {
William Lallemand96a9c972019-10-17 11:56:17 +02003528 X509_free(ca);
3529 goto end;
3530 }
3531 }
Emmanuel Hocdeted17f472019-10-24 18:28:33 +02003532
yanbzhu488a4d22015-12-01 15:16:07 -05003533 ret = ERR_get_error();
3534 if (ret && (ERR_GET_LIB(ret) != ERR_LIB_PEM && ERR_GET_REASON(ret) != PEM_R_NO_START_LINE)) {
3535 memprintf(err, "%sunable to load certificate chain from file '%s'.\n",
William Lallemand96a9c972019-10-17 11:56:17 +02003536 err && *err ? *err : "", path);
yanbzhu488a4d22015-12-01 15:16:07 -05003537 goto end;
William Lallemand246c0242019-10-11 08:59:13 +02003538 }
3539
William Lallemand75b15f72020-01-23 10:56:05 +01003540 /* once it loaded the PEM, it should remove everything else in the ckch */
3541 if (ckch->ocsp_response) {
3542 free(ckch->ocsp_response->area);
3543 ckch->ocsp_response->area = NULL;
3544 free(ckch->ocsp_response);
3545 ckch->ocsp_response = NULL;
3546 }
3547
3548 if (ckch->sctl) {
3549 free(ckch->sctl->area);
3550 ckch->sctl->area = NULL;
3551 free(ckch->sctl);
3552 ckch->sctl = NULL;
3553 }
3554
3555 if (ckch->ocsp_issuer) {
3556 X509_free(ckch->ocsp_issuer);
3557 ckch->ocsp_issuer = NULL;
3558 }
3559
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003560 /* no error, fill ckch with new context, old context will be free at end: */
3561 SWAP(ckch->key, key);
3562 SWAP(ckch->dh, dh);
3563 SWAP(ckch->cert, cert);
3564 SWAP(ckch->chain, chain);
3565
William Lallemand246c0242019-10-11 08:59:13 +02003566 ret = 0;
3567
William Lallemand96a9c972019-10-17 11:56:17 +02003568end:
William Lallemand246c0242019-10-11 08:59:13 +02003569
3570 ERR_clear_error();
William Lallemand96a9c972019-10-17 11:56:17 +02003571 if (in)
William Lallemand246c0242019-10-11 08:59:13 +02003572 BIO_free(in);
Emmanuel Hocdet83cbd3c2019-10-25 11:55:03 +02003573 if (key)
3574 EVP_PKEY_free(key);
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003575 if (dh)
3576 DH_free(dh);
Emmanuel Hocdet83cbd3c2019-10-25 11:55:03 +02003577 if (cert)
3578 X509_free(cert);
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003579 if (chain)
3580 sk_X509_pop_free(chain, X509_free);
William Lallemanda17f4112019-10-10 15:16:44 +02003581
William Lallemand96a9c972019-10-17 11:56:17 +02003582 return ret;
3583}
3584
3585/*
William Lallemand4c5adbf2020-02-24 14:23:22 +01003586 * Try to load a private key file from a <path> or a buffer <buf>
3587 *
3588 * If it failed you should not attempt to use the ckch but free it.
3589 *
3590 * Return 0 on success or != 0 on failure
3591 */
3592static int ssl_sock_load_key_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch , char **err)
3593{
3594 BIO *in = NULL;
3595 int ret = 1;
3596 EVP_PKEY *key = NULL;
3597
3598 if (buf) {
3599 /* reading from a buffer */
3600 in = BIO_new_mem_buf(buf, -1);
3601 if (in == NULL) {
3602 memprintf(err, "%sCan't allocate memory\n", err && *err ? *err : "");
3603 goto end;
3604 }
3605
3606 } else {
3607 /* reading from a file */
3608 in = BIO_new(BIO_s_file());
3609 if (in == NULL)
3610 goto end;
3611
3612 if (BIO_read_filename(in, path) <= 0)
3613 goto end;
3614 }
3615
3616 /* Read Private Key */
3617 key = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL);
3618 if (key == NULL) {
3619 memprintf(err, "%sunable to load private key from file '%s'.\n",
3620 err && *err ? *err : "", path);
3621 goto end;
3622 }
3623
3624 ret = 0;
3625
3626 SWAP(ckch->key, key);
3627
3628end:
3629
3630 ERR_clear_error();
3631 if (in)
3632 BIO_free(in);
3633 if (key)
3634 EVP_PKEY_free(key);
3635
3636 return ret;
3637}
3638
3639/*
William Lallemand96a9c972019-10-17 11:56:17 +02003640 * Try to load in a ckch every files related to a ckch.
3641 * (PEM, sctl, ocsp, issuer etc.)
3642 *
3643 * This function is only used to load files during the configuration parsing,
3644 * it is not used with the CLI.
3645 *
3646 * This allows us to carry the contents of the file without having to read the
3647 * file multiple times. The caller must call
3648 * ssl_sock_free_cert_key_and_chain_contents.
3649 *
3650 * returns:
3651 * 0 on Success
3652 * 1 on SSL Failure
3653 */
3654static int ssl_sock_load_files_into_ckch(const char *path, struct cert_key_and_chain *ckch, char **err)
3655{
3656 int ret = 1;
3657
3658 /* try to load the PEM */
3659 if (ssl_sock_load_pem_into_ckch(path, NULL, ckch , err) != 0) {
3660 goto end;
3661 }
3662
William Lallemand4c5adbf2020-02-24 14:23:22 +01003663 /* try to load an external private key if it wasn't in the PEM */
3664 if ((ckch->key == NULL) && (global_ssl.extra_files & SSL_GF_KEY)) {
3665 char fp[MAXPATHLEN+1];
3666 struct stat st;
3667
3668 snprintf(fp, MAXPATHLEN+1, "%s.key", path);
3669 if (stat(fp, &st) == 0) {
3670 if (ssl_sock_load_key_into_ckch(fp, NULL, ckch, err)) {
3671 memprintf(err, "%s '%s' is present but cannot be read or parsed'.\n",
3672 err && *err ? *err : "", fp);
3673 goto end;
3674 }
3675 }
3676 }
3677
3678 if (ckch->key == NULL) {
3679 memprintf(err, "%sNo Private Key found in '%s' or '%s.key'.\n", err && *err ? *err : "", path, path);
3680 goto end;
3681 }
3682
3683 if (!X509_check_private_key(ckch->cert, ckch->key)) {
3684 memprintf(err, "%sinconsistencies between private key and certificate loaded '%s'.\n",
3685 err && *err ? *err : "", path);
3686 goto end;
3687 }
3688
William Lallemanda17f4112019-10-10 15:16:44 +02003689#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
3690 /* try to load the sctl file */
William Lallemand3af48e72020-02-03 17:15:52 +01003691 if (global_ssl.extra_files & SSL_GF_SCTL) {
William Lallemanda17f4112019-10-10 15:16:44 +02003692 char fp[MAXPATHLEN+1];
3693 struct stat st;
3694
3695 snprintf(fp, MAXPATHLEN+1, "%s.sctl", path);
3696 if (stat(fp, &st) == 0) {
William Lallemand0dfae6c2019-10-16 18:06:58 +02003697 if (ssl_sock_load_sctl_from_file(fp, NULL, ckch, err)) {
William Lallemanda17f4112019-10-10 15:16:44 +02003698 memprintf(err, "%s '%s.sctl' is present but cannot be read or parsed'.\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01003699 err && *err ? *err : "", fp);
William Lallemanda17f4112019-10-10 15:16:44 +02003700 ret = 1;
3701 goto end;
3702 }
3703 }
3704 }
3705#endif
yanbzhu488a4d22015-12-01 15:16:07 -05003706
William Lallemand246c0242019-10-11 08:59:13 +02003707 /* try to load an ocsp response file */
William Lallemand3af48e72020-02-03 17:15:52 +01003708 if (global_ssl.extra_files & SSL_GF_OCSP) {
William Lallemand246c0242019-10-11 08:59:13 +02003709 char fp[MAXPATHLEN+1];
3710 struct stat st;
3711
3712 snprintf(fp, MAXPATHLEN+1, "%s.ocsp", path);
3713 if (stat(fp, &st) == 0) {
William Lallemand3b5f3602019-10-16 18:05:05 +02003714 if (ssl_sock_load_ocsp_response_from_file(fp, NULL, ckch, err)) {
William Lallemand246c0242019-10-11 08:59:13 +02003715 ret = 1;
3716 goto end;
3717 }
3718 }
3719 }
3720
Emmanuel Hocdeteaad5cc2019-10-25 12:19:00 +02003721#ifndef OPENSSL_IS_BORINGSSL /* Useless for BoringSSL */
William Lallemand3af48e72020-02-03 17:15:52 +01003722 if (ckch->ocsp_response && (global_ssl.extra_files & SSL_GF_OCSP_ISSUER)) {
William Lallemand246c0242019-10-11 08:59:13 +02003723 /* if no issuer was found, try to load an issuer from the .issuer */
Emmanuel Hocdet078156d2020-01-22 17:02:53 +01003724 if (!ckch->ocsp_issuer) {
William Lallemand246c0242019-10-11 08:59:13 +02003725 struct stat st;
3726 char fp[MAXPATHLEN+1];
3727
3728 snprintf(fp, MAXPATHLEN+1, "%s.issuer", path);
3729 if (stat(fp, &st) == 0) {
William Lallemandf9568fc2019-10-16 18:27:58 +02003730 if (ssl_sock_load_issuer_file_into_ckch(fp, NULL, ckch, err)) {
William Lallemand246c0242019-10-11 08:59:13 +02003731 ret = 1;
3732 goto end;
3733 }
3734
3735 if (X509_check_issued(ckch->ocsp_issuer, ckch->cert) != X509_V_OK) {
William Lallemand786188f2019-10-15 10:05:37 +02003736 memprintf(err, "%s '%s' is not an issuer'.\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01003737 err && *err ? *err : "", fp);
William Lallemand246c0242019-10-11 08:59:13 +02003738 ret = 1;
3739 goto end;
3740 }
William Lallemand246c0242019-10-11 08:59:13 +02003741 }
3742 }
3743 }
Emmanuel Hocdeteaad5cc2019-10-25 12:19:00 +02003744#endif
William Lallemand246c0242019-10-11 08:59:13 +02003745
yanbzhu488a4d22015-12-01 15:16:07 -05003746 ret = 0;
3747
3748end:
3749
3750 ERR_clear_error();
yanbzhu488a4d22015-12-01 15:16:07 -05003751
3752 /* Something went wrong in one of the reads */
3753 if (ret != 0)
3754 ssl_sock_free_cert_key_and_chain_contents(ckch);
3755
3756 return ret;
3757}
3758
3759/* Loads the info in ckch into ctx
Emeric Bruna96b5822019-10-17 13:25:14 +02003760 * Returns a bitfield containing the flags:
3761 * ERR_FATAL in any fatal error case
3762 * ERR_ALERT if the reason of the error is available in err
3763 * ERR_WARN if a warning is available into err
3764 * The value 0 means there is no error nor warning and
3765 * the operation succeed.
yanbzhu488a4d22015-12-01 15:16:07 -05003766 */
3767static int ssl_sock_put_ckch_into_ctx(const char *path, const struct cert_key_and_chain *ckch, SSL_CTX *ctx, char **err)
3768{
Emeric Bruna96b5822019-10-17 13:25:14 +02003769 int errcode = 0;
Emmanuel Hocdetb90d2cb2020-02-18 15:27:32 +01003770 STACK_OF(X509) *find_chain = NULL;
Emeric Bruna96b5822019-10-17 13:25:14 +02003771
yanbzhu488a4d22015-12-01 15:16:07 -05003772 if (SSL_CTX_use_PrivateKey(ctx, ckch->key) <= 0) {
3773 memprintf(err, "%sunable to load SSL private key into SSL Context '%s'.\n",
3774 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003775 errcode |= ERR_ALERT | ERR_FATAL;
3776 return errcode;
yanbzhu488a4d22015-12-01 15:16:07 -05003777 }
3778
3779 if (!SSL_CTX_use_certificate(ctx, ckch->cert)) {
3780 memprintf(err, "%sunable to load SSL certificate into SSL Context '%s'.\n",
3781 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003782 errcode |= ERR_ALERT | ERR_FATAL;
3783 goto end;
yanbzhu488a4d22015-12-01 15:16:07 -05003784 }
3785
Emmanuel Hocdetb90d2cb2020-02-18 15:27:32 +01003786 if (ckch->chain) {
3787 find_chain = ckch->chain;
3788 } else {
3789 /* Find Certificate Chain in global */
3790 struct issuer_chain *issuer;
Emmanuel Hocdetef87e0a2020-03-23 11:29:11 +01003791 issuer = ssl_get0_issuer_chain(ckch->cert);
Emmanuel Hocdetb90d2cb2020-02-18 15:27:32 +01003792 if (issuer)
3793 find_chain = issuer->chain;
3794 }
William Lallemand85888572020-02-27 14:48:35 +01003795
Emmanuel Hocdet16739772020-02-28 16:00:34 +01003796 /* Load all certs from chain, except Root, in the ssl_ctx */
Emmanuel Hocdet4fed93e2020-02-28 16:00:34 +01003797 if (find_chain) {
3798 int i;
3799 X509 *ca;
3800 for (i = 0; i < sk_X509_num(find_chain); i++) {
3801 ca = sk_X509_value(find_chain, i);
Emmanuel Hocdet16739772020-02-28 16:00:34 +01003802 /* skip self issued (Root CA) */
Emmanuel Hocdetc3b7e742020-04-22 11:06:19 +02003803 if (global_ssl.skip_self_issued_ca && !X509_NAME_cmp(X509_get_subject_name(ca), X509_get_issuer_name(ca)))
Emmanuel Hocdet16739772020-02-28 16:00:34 +01003804 continue;
Emmanuel Hocdet4fed93e2020-02-28 16:00:34 +01003805 /*
3806 SSL_CTX_add1_chain_cert could be used with openssl >= 1.0.2
3807 Used SSL_CTX_add_extra_chain_cert for compat (aka SSL_CTX_add0_chain_cert)
3808 */
3809 X509_up_ref(ca);
3810 if (!SSL_CTX_add_extra_chain_cert(ctx, ca)) {
3811 X509_free(ca);
3812 memprintf(err, "%sunable to load chain certificate into SSL Context '%s'.\n",
3813 err && *err ? *err : "", path);
3814 errcode |= ERR_ALERT | ERR_FATAL;
3815 goto end;
3816 }
Emmanuel Hocdetf4f14ea2020-03-23 10:31:47 +01003817 }
Emmanuel Hocdet4fed93e2020-02-28 16:00:34 +01003818 }
yanbzhu488a4d22015-12-01 15:16:07 -05003819
William Lallemandfa892222019-07-23 16:06:08 +02003820#ifndef OPENSSL_NO_DH
3821 /* store a NULL pointer to indicate we have not yet loaded
3822 a custom DH param file */
3823 if (ssl_dh_ptr_index >= 0) {
3824 SSL_CTX_set_ex_data(ctx, ssl_dh_ptr_index, NULL);
3825 }
3826
Emeric Brun7a883362019-10-17 13:27:40 +02003827 errcode |= ssl_sock_load_dh_params(ctx, ckch, path, err);
3828 if (errcode & ERR_CODE) {
William Lallemandfa892222019-07-23 16:06:08 +02003829 memprintf(err, "%sunable to load DH parameters from file '%s'.\n",
3830 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003831 goto end;
William Lallemandfa892222019-07-23 16:06:08 +02003832 }
3833#endif
3834
William Lallemanda17f4112019-10-10 15:16:44 +02003835#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
3836 if (sctl_ex_index >= 0 && ckch->sctl) {
3837 if (ssl_sock_load_sctl(ctx, ckch->sctl) < 0) {
3838 memprintf(err, "%s '%s.sctl' is present but cannot be read or parsed'.\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01003839 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003840 errcode |= ERR_ALERT | ERR_FATAL;
3841 goto end;
William Lallemanda17f4112019-10-10 15:16:44 +02003842 }
3843 }
3844#endif
3845
William Lallemand4a660132019-10-14 14:51:41 +02003846#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
William Lallemand246c0242019-10-11 08:59:13 +02003847 /* Load OCSP Info into context */
3848 if (ckch->ocsp_response) {
Emmanuel Hocdet6f507c72020-02-18 15:56:39 +01003849 if (ssl_sock_load_ocsp(ctx, ckch, find_chain) < 0) {
Tim Duesterhus93128532019-11-23 23:45:10 +01003850 memprintf(err, "%s '%s.ocsp' is present and activates OCSP but it is impossible to compute the OCSP certificate ID (maybe the issuer could not be found)'.\n",
3851 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003852 errcode |= ERR_ALERT | ERR_FATAL;
3853 goto end;
William Lallemand246c0242019-10-11 08:59:13 +02003854 }
3855 }
William Lallemand246c0242019-10-11 08:59:13 +02003856#endif
3857
Emeric Bruna96b5822019-10-17 13:25:14 +02003858 end:
3859 return errcode;
yanbzhu488a4d22015-12-01 15:16:07 -05003860}
3861
William Lallemandc4ecddf2019-07-31 16:50:08 +02003862#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhu08ce6ab2015-12-02 13:01:29 -05003863
William Lallemand28a8fce2019-10-04 17:36:55 +02003864static int ssl_sock_populate_sni_keytypes_hplr(const char *str, struct eb_root *sni_keytypes, int key_index)
yanbzhu08ce6ab2015-12-02 13:01:29 -05003865{
3866 struct sni_keytype *s_kt = NULL;
3867 struct ebmb_node *node;
3868 int i;
3869
3870 for (i = 0; i < trash.size; i++) {
3871 if (!str[i])
3872 break;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02003873 trash.area[i] = tolower(str[i]);
yanbzhu08ce6ab2015-12-02 13:01:29 -05003874 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +02003875 trash.area[i] = 0;
3876 node = ebst_lookup(sni_keytypes, trash.area);
yanbzhu08ce6ab2015-12-02 13:01:29 -05003877 if (!node) {
3878 /* CN not found in tree */
3879 s_kt = malloc(sizeof(struct sni_keytype) + i + 1);
3880 /* Using memcpy here instead of strncpy.
3881 * strncpy will cause sig_abrt errors under certain versions of gcc with -O2
3882 * See: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=60792
3883 */
William Lallemand28a8fce2019-10-04 17:36:55 +02003884 if (!s_kt)
3885 return -1;
3886
Willy Tarreau843b7cb2018-07-13 10:54:26 +02003887 memcpy(s_kt->name.key, trash.area, i+1);
yanbzhu08ce6ab2015-12-02 13:01:29 -05003888 s_kt->keytypes = 0;
3889 ebst_insert(sni_keytypes, &s_kt->name);
3890 } else {
3891 /* CN found in tree */
3892 s_kt = container_of(node, struct sni_keytype, name);
3893 }
3894
3895 /* Mark that this CN has the keytype of key_index via keytypes mask */
3896 s_kt->keytypes |= 1<<key_index;
3897
William Lallemand28a8fce2019-10-04 17:36:55 +02003898 return 0;
3899
yanbzhu08ce6ab2015-12-02 13:01:29 -05003900}
3901
William Lallemandc4ecddf2019-07-31 16:50:08 +02003902#endif
William Lallemand8c1cdde2019-10-18 10:58:14 +02003903/*
William Lallemandba1c33f2020-04-08 17:55:45 +02003904 * Free a ckch_store, its ckch, its instances and remove it from the ebtree
William Lallemand8c1cdde2019-10-18 10:58:14 +02003905 */
William Lallemandba1c33f2020-04-08 17:55:45 +02003906static void ckch_store_free(struct ckch_store *store)
William Lallemand8c1cdde2019-10-18 10:58:14 +02003907{
William Lallemandba1c33f2020-04-08 17:55:45 +02003908 struct ckch_inst *inst, *inst_s;
3909
3910 if (!store)
William Lallemand8c1cdde2019-10-18 10:58:14 +02003911 return;
3912
William Lallemandba1c33f2020-04-08 17:55:45 +02003913#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200L
3914 if (store->multi) {
William Lallemand8c1cdde2019-10-18 10:58:14 +02003915 int n;
3916
William Lallemandba1c33f2020-04-08 17:55:45 +02003917 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++)
3918 ssl_sock_free_cert_key_and_chain_contents(&store->ckch[n]);
William Lallemand8c1cdde2019-10-18 10:58:14 +02003919 } else
3920#endif
3921 {
William Lallemandba1c33f2020-04-08 17:55:45 +02003922 ssl_sock_free_cert_key_and_chain_contents(store->ckch);
William Lallemand8c1cdde2019-10-18 10:58:14 +02003923 }
3924
William Lallemandba1c33f2020-04-08 17:55:45 +02003925 free(store->ckch);
3926 store->ckch = NULL;
3927
3928 list_for_each_entry_safe(inst, inst_s, &store->ckch_inst, by_ckchs) {
3929 ckch_inst_free(inst);
3930 }
3931 ebmb_delete(&store->node);
3932 free(store);
William Lallemand8c1cdde2019-10-18 10:58:14 +02003933}
3934
William Lallemand8a874e42020-04-09 10:32:53 +02003935/*
3936 * create and initialize a ckch_store
3937 * <path> is the key name
3938 * <nmemb> is the number of store->ckch objects to allocate
3939 *
3940 * Return a ckch_store or NULL upon failure.
3941 */
3942static struct ckch_store *ckch_store_new(const char *filename, int nmemb)
William Lallemand8c1cdde2019-10-18 10:58:14 +02003943{
William Lallemand8a874e42020-04-09 10:32:53 +02003944 struct ckch_store *store;
William Lallemand8c1cdde2019-10-18 10:58:14 +02003945 int pathlen;
3946
William Lallemand8a874e42020-04-09 10:32:53 +02003947 pathlen = strlen(filename);
3948 store = calloc(1, sizeof(*store) + pathlen + 1);
3949 if (!store)
William Lallemand8c1cdde2019-10-18 10:58:14 +02003950 return NULL;
William Lallemand8a874e42020-04-09 10:32:53 +02003951
3952 if (nmemb > 1)
3953 store->multi = 1;
3954 else
3955 store->multi = 0;
3956
3957 memcpy(store->path, filename, pathlen + 1);
3958
3959 LIST_INIT(&store->ckch_inst);
3960 LIST_INIT(&store->crtlist_entry);
William Lallemand8c1cdde2019-10-18 10:58:14 +02003961
William Lallemand8a874e42020-04-09 10:32:53 +02003962 store->ckch = calloc(nmemb, sizeof(*store->ckch));
3963 if (!store->ckch)
William Lallemand8c1cdde2019-10-18 10:58:14 +02003964 goto error;
3965
William Lallemand8a874e42020-04-09 10:32:53 +02003966 return store;
3967error:
3968 ckch_store_free(store);
3969 return NULL;
3970}
3971
3972/* allocate and duplicate a ckch_store
3973 * Return a new ckch_store or NULL */
3974static struct ckch_store *ckchs_dup(const struct ckch_store *src)
3975{
3976 struct ckch_store *dst;
3977
3978 dst = ckch_store_new(src->path, src->multi ? SSL_SOCK_NUM_KEYTYPES : 1);
3979
William Lallemand8c1cdde2019-10-18 10:58:14 +02003980#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
3981 if (src->multi) {
3982 int n;
3983
3984 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
3985 if (&src->ckch[n]) {
3986 if (!ssl_sock_copy_cert_key_and_chain(&src->ckch[n], &dst->ckch[n]))
3987 goto error;
3988 }
3989 }
3990 } else
3991#endif
3992 {
3993 if (!ssl_sock_copy_cert_key_and_chain(src->ckch, dst->ckch))
3994 goto error;
3995 }
3996
3997 return dst;
3998
3999error:
William Lallemandba1c33f2020-04-08 17:55:45 +02004000 ckch_store_free(dst);
William Lallemand8c1cdde2019-10-18 10:58:14 +02004001
4002 return NULL;
4003}
William Lallemandc4ecddf2019-07-31 16:50:08 +02004004
William Lallemand36b84632019-07-18 19:28:17 +02004005/*
William Lallemande3af8fb2019-10-08 11:36:53 +02004006 * lookup a path into the ckchs tree.
William Lallemand6af03992019-07-23 15:00:54 +02004007 */
William Lallemande3af8fb2019-10-08 11:36:53 +02004008static inline struct ckch_store *ckchs_lookup(char *path)
William Lallemand6af03992019-07-23 15:00:54 +02004009{
4010 struct ebmb_node *eb;
4011
William Lallemande3af8fb2019-10-08 11:36:53 +02004012 eb = ebst_lookup(&ckchs_tree, path);
William Lallemand6af03992019-07-23 15:00:54 +02004013 if (!eb)
4014 return NULL;
4015
William Lallemande3af8fb2019-10-08 11:36:53 +02004016 return ebmb_entry(eb, struct ckch_store, node);
William Lallemand6af03992019-07-23 15:00:54 +02004017}
4018
4019/*
William Lallemande3af8fb2019-10-08 11:36:53 +02004020 * This function allocate a ckch_store and populate it with certificates from files.
William Lallemand36b84632019-07-18 19:28:17 +02004021 */
William Lallemande3af8fb2019-10-08 11:36:53 +02004022static struct ckch_store *ckchs_load_cert_file(char *path, int multi, char **err)
William Lallemand36b84632019-07-18 19:28:17 +02004023{
William Lallemande3af8fb2019-10-08 11:36:53 +02004024 struct ckch_store *ckchs;
William Lallemand36b84632019-07-18 19:28:17 +02004025
William Lallemand8a874e42020-04-09 10:32:53 +02004026 ckchs = ckch_store_new(path, multi ? SSL_SOCK_NUM_KEYTYPES : 1);
William Lallemande3af8fb2019-10-08 11:36:53 +02004027 if (!ckchs) {
William Lallemand36b84632019-07-18 19:28:17 +02004028 memprintf(err, "%sunable to allocate memory.\n", err && *err ? *err : "");
4029 goto end;
4030 }
William Lallemand36b84632019-07-18 19:28:17 +02004031 if (!multi) {
4032
William Lallemand96a9c972019-10-17 11:56:17 +02004033 if (ssl_sock_load_files_into_ckch(path, ckchs->ckch, err) == 1)
William Lallemand36b84632019-07-18 19:28:17 +02004034 goto end;
4035
William Lallemande3af8fb2019-10-08 11:36:53 +02004036 /* insert into the ckchs tree */
4037 memcpy(ckchs->path, path, strlen(path) + 1);
4038 ebst_insert(&ckchs_tree, &ckchs->node);
William Lallemand36b84632019-07-18 19:28:17 +02004039 } else {
4040 int found = 0;
William Lallemandc4ecddf2019-07-31 16:50:08 +02004041#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
4042 char fp[MAXPATHLEN+1] = {0};
4043 int n = 0;
William Lallemand36b84632019-07-18 19:28:17 +02004044
4045 /* Load all possible certs and keys */
4046 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
4047 struct stat buf;
4048 snprintf(fp, sizeof(fp), "%s.%s", path, SSL_SOCK_KEYTYPE_NAMES[n]);
4049 if (stat(fp, &buf) == 0) {
William Lallemand96a9c972019-10-17 11:56:17 +02004050 if (ssl_sock_load_files_into_ckch(fp, &ckchs->ckch[n], err) == 1)
William Lallemand36b84632019-07-18 19:28:17 +02004051 goto end;
4052 found = 1;
William Lallemande3af8fb2019-10-08 11:36:53 +02004053 ckchs->multi = 1;
William Lallemand36b84632019-07-18 19:28:17 +02004054 }
4055 }
William Lallemandc4ecddf2019-07-31 16:50:08 +02004056#endif
William Lallemand36b84632019-07-18 19:28:17 +02004057
4058 if (!found) {
William Lallemand6e5f2ce2019-08-01 14:43:20 +02004059 memprintf(err, "%sDidn't find any certificate for bundle '%s'.\n", err && *err ? *err : "", path);
William Lallemand36b84632019-07-18 19:28:17 +02004060 goto end;
4061 }
William Lallemande3af8fb2019-10-08 11:36:53 +02004062 /* insert into the ckchs tree */
4063 memcpy(ckchs->path, path, strlen(path) + 1);
4064 ebst_insert(&ckchs_tree, &ckchs->node);
William Lallemand36b84632019-07-18 19:28:17 +02004065 }
William Lallemande3af8fb2019-10-08 11:36:53 +02004066 return ckchs;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004067
William Lallemand36b84632019-07-18 19:28:17 +02004068end:
William Lallemandba1c33f2020-04-08 17:55:45 +02004069 ckch_store_free(ckchs);
William Lallemand36b84632019-07-18 19:28:17 +02004070
4071 return NULL;
4072}
4073
William Lallemandc4ecddf2019-07-31 16:50:08 +02004074#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
4075
William Lallemand36b84632019-07-18 19:28:17 +02004076/*
William Lallemande3af8fb2019-10-08 11:36:53 +02004077 * Take a ckch_store which contains a multi-certificate bundle.
William Lallemand36b84632019-07-18 19:28:17 +02004078 * Group these certificates into a set of SSL_CTX*
yanbzhu08ce6ab2015-12-02 13:01:29 -05004079 * based on shared and unique CN and SAN entries. Add these SSL_CTX* to the SNI tree.
4080 *
Joseph Herlant017b3da2018-11-15 09:07:59 -08004081 * This will allow the user to explicitly group multiple cert/keys for a single purpose
yanbzhu08ce6ab2015-12-02 13:01:29 -05004082 *
Emeric Brun054563d2019-10-17 13:16:58 +02004083 * Returns a bitfield containing the flags:
4084 * ERR_FATAL in any fatal error case
4085 * ERR_ALERT if the reason of the error is available in err
4086 * ERR_WARN if a warning is available into err
William Lallemand36b84632019-07-18 19:28:17 +02004087 *
yanbzhu08ce6ab2015-12-02 13:01:29 -05004088 */
Emeric Brun054563d2019-10-17 13:16:58 +02004089static int ckch_inst_new_load_multi_store(const char *path, struct ckch_store *ckchs,
4090 struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf,
4091 char **sni_filter, int fcount, struct ckch_inst **ckchi, char **err)
yanbzhu08ce6ab2015-12-02 13:01:29 -05004092{
William Lallemand36b84632019-07-18 19:28:17 +02004093 int i = 0, n = 0;
4094 struct cert_key_and_chain *certs_and_keys;
William Lallemand4b989f22019-10-04 18:36:55 +02004095 struct eb_root sni_keytypes_map = EB_ROOT;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004096 struct ebmb_node *node;
4097 struct ebmb_node *next;
4098 /* Array of SSL_CTX pointers corresponding to each possible combo
4099 * of keytypes
4100 */
4101 struct key_combo_ctx key_combos[SSL_SOCK_POSSIBLE_KT_COMBOS] = { {0} };
Emeric Brun054563d2019-10-17 13:16:58 +02004102 int errcode = 0;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004103 X509_NAME *xname = NULL;
4104 char *str = NULL;
4105#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
4106 STACK_OF(GENERAL_NAME) *names = NULL;
4107#endif
William Lallemand614ca0d2019-10-07 13:52:11 +02004108 struct ckch_inst *ckch_inst;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004109
Emeric Brun054563d2019-10-17 13:16:58 +02004110 *ckchi = NULL;
4111
William Lallemande3af8fb2019-10-08 11:36:53 +02004112 if (!ckchs || !ckchs->ckch || !ckchs->multi) {
William Lallemand36b84632019-07-18 19:28:17 +02004113 memprintf(err, "%sunable to load SSL certificate file '%s' file does not exist.\n",
4114 err && *err ? *err : "", path);
Emeric Brun054563d2019-10-17 13:16:58 +02004115 return ERR_ALERT | ERR_FATAL;
William Lallemand614ca0d2019-10-07 13:52:11 +02004116 }
4117
4118 ckch_inst = ckch_inst_new();
4119 if (!ckch_inst) {
4120 memprintf(err, "%sunable to allocate SSL context for cert '%s'.\n",
4121 err && *err ? *err : "", path);
Emeric Brun054563d2019-10-17 13:16:58 +02004122 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemand614ca0d2019-10-07 13:52:11 +02004123 goto end;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004124 }
4125
William Lallemande3af8fb2019-10-08 11:36:53 +02004126 certs_and_keys = ckchs->ckch;
William Lallemand36b84632019-07-18 19:28:17 +02004127
yanbzhu08ce6ab2015-12-02 13:01:29 -05004128 /* Process each ckch and update keytypes for each CN/SAN
4129 * for example, if CN/SAN www.a.com is associated with
4130 * certs with keytype 0 and 2, then at the end of the loop,
4131 * www.a.com will have:
4132 * keyindex = 0 | 1 | 4 = 5
4133 */
4134 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
William Lallemand28a8fce2019-10-04 17:36:55 +02004135 int ret;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004136
4137 if (!ssl_sock_is_ckch_valid(&certs_and_keys[n]))
4138 continue;
4139
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004140 if (fcount) {
William Lallemand28a8fce2019-10-04 17:36:55 +02004141 for (i = 0; i < fcount; i++) {
4142 ret = ssl_sock_populate_sni_keytypes_hplr(sni_filter[i], &sni_keytypes_map, n);
4143 if (ret < 0) {
4144 memprintf(err, "%sunable to allocate SSL context.\n",
4145 err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004146 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemand28a8fce2019-10-04 17:36:55 +02004147 goto end;
4148 }
4149 }
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004150 } else {
4151 /* A lot of the following code is OpenSSL boilerplate for processing CN's and SAN's,
4152 * so the line that contains logic is marked via comments
4153 */
4154 xname = X509_get_subject_name(certs_and_keys[n].cert);
4155 i = -1;
4156 while ((i = X509_NAME_get_index_by_NID(xname, NID_commonName, i)) != -1) {
4157 X509_NAME_ENTRY *entry = X509_NAME_get_entry(xname, i);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02004158 ASN1_STRING *value;
4159 value = X509_NAME_ENTRY_get_data(entry);
4160 if (ASN1_STRING_to_UTF8((unsigned char **)&str, value) >= 0) {
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004161 /* Important line is here */
William Lallemand28a8fce2019-10-04 17:36:55 +02004162 ret = ssl_sock_populate_sni_keytypes_hplr(str, &sni_keytypes_map, n);
yanbzhu08ce6ab2015-12-02 13:01:29 -05004163
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004164 OPENSSL_free(str);
4165 str = NULL;
William Lallemand28a8fce2019-10-04 17:36:55 +02004166 if (ret < 0) {
4167 memprintf(err, "%sunable to allocate SSL context.\n",
4168 err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004169 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemand28a8fce2019-10-04 17:36:55 +02004170 goto end;
4171 }
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004172 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004173 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004174
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004175 /* Do the above logic for each SAN */
yanbzhu08ce6ab2015-12-02 13:01:29 -05004176#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004177 names = X509_get_ext_d2i(certs_and_keys[n].cert, NID_subject_alt_name, NULL, NULL);
4178 if (names) {
4179 for (i = 0; i < sk_GENERAL_NAME_num(names); i++) {
4180 GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
yanbzhu08ce6ab2015-12-02 13:01:29 -05004181
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004182 if (name->type == GEN_DNS) {
4183 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
4184 /* Important line is here */
William Lallemand28a8fce2019-10-04 17:36:55 +02004185 ret = ssl_sock_populate_sni_keytypes_hplr(str, &sni_keytypes_map, n);
yanbzhu08ce6ab2015-12-02 13:01:29 -05004186
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004187 OPENSSL_free(str);
4188 str = NULL;
William Lallemand28a8fce2019-10-04 17:36:55 +02004189 if (ret < 0) {
4190 memprintf(err, "%sunable to allocate SSL context.\n",
4191 err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004192 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemand28a8fce2019-10-04 17:36:55 +02004193 goto end;
4194 }
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004195 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004196 }
4197 }
4198 }
4199 }
4200#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
4201 }
4202
4203 /* If no files found, return error */
4204 if (eb_is_empty(&sni_keytypes_map)) {
4205 memprintf(err, "%sunable to load SSL certificate file '%s' file does not exist.\n",
4206 err && *err ? *err : "", path);
Emeric Brun054563d2019-10-17 13:16:58 +02004207 errcode |= ERR_ALERT | ERR_FATAL;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004208 goto end;
4209 }
4210
4211 /* We now have a map of CN/SAN to keytypes that are loaded in
4212 * Iterate through the map to create the SSL_CTX's (if needed)
4213 * and add each CTX to the SNI tree
4214 *
4215 * Some math here:
Joseph Herlant017b3da2018-11-15 09:07:59 -08004216 * There are 2^n - 1 possible combinations, each unique
yanbzhu08ce6ab2015-12-02 13:01:29 -05004217 * combination is denoted by the key in the map. Each key
4218 * has a value between 1 and 2^n - 1. Conveniently, the array
4219 * of SSL_CTX* is sized 2^n. So, we can simply use the i'th
4220 * entry in the array to correspond to the unique combo (key)
4221 * associated with i. This unique key combo (i) will be associated
4222 * with combos[i-1]
4223 */
4224
4225 node = ebmb_first(&sni_keytypes_map);
4226 while (node) {
4227 SSL_CTX *cur_ctx;
Bertrand Jacquin33423092016-11-13 16:37:13 +00004228 char cur_file[MAXPATHLEN+1];
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02004229 const struct pkey_info kinfo = { .sig = TLSEXT_signature_anonymous, .bits = 0 };
yanbzhu08ce6ab2015-12-02 13:01:29 -05004230
4231 str = (char *)container_of(node, struct sni_keytype, name)->name.key;
4232 i = container_of(node, struct sni_keytype, name)->keytypes;
4233 cur_ctx = key_combos[i-1].ctx;
4234
4235 if (cur_ctx == NULL) {
4236 /* need to create SSL_CTX */
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01004237 cur_ctx = SSL_CTX_new(SSLv23_server_method());
yanbzhu08ce6ab2015-12-02 13:01:29 -05004238 if (cur_ctx == NULL) {
4239 memprintf(err, "%sunable to allocate SSL context.\n",
4240 err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004241 errcode |= ERR_ALERT | ERR_FATAL;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004242 goto end;
4243 }
4244
yanbzhube2774d2015-12-10 15:07:30 -05004245 /* Load all required certs/keys/chains/OCSPs info into SSL_CTX */
yanbzhu08ce6ab2015-12-02 13:01:29 -05004246 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
4247 if (i & (1<<n)) {
4248 /* Key combo contains ckch[n] */
Bertrand Jacquin33423092016-11-13 16:37:13 +00004249 snprintf(cur_file, MAXPATHLEN+1, "%s.%s", path, SSL_SOCK_KEYTYPE_NAMES[n]);
Emeric Bruna96b5822019-10-17 13:25:14 +02004250 errcode |= ssl_sock_put_ckch_into_ctx(cur_file, &certs_and_keys[n], cur_ctx, err);
4251 if (errcode & ERR_CODE)
yanbzhu08ce6ab2015-12-02 13:01:29 -05004252 goto end;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004253 }
4254 }
4255
yanbzhu08ce6ab2015-12-02 13:01:29 -05004256 /* Update key_combos */
4257 key_combos[i-1].ctx = cur_ctx;
4258 }
4259
4260 /* Update SNI Tree */
William Lallemand9117de92019-10-04 00:29:42 +02004261
William Lallemand1d29c742019-10-04 00:53:29 +02004262 key_combos[i-1].order = ckch_inst_add_cert_sni(cur_ctx, ckch_inst, bind_conf, ssl_conf,
William Lallemandfe49bb32019-10-03 23:46:33 +02004263 kinfo, str, key_combos[i-1].order);
4264 if (key_combos[i-1].order < 0) {
4265 memprintf(err, "%sunable to create a sni context.\n", err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004266 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandfe49bb32019-10-03 23:46:33 +02004267 goto end;
4268 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004269 node = ebmb_next(node);
4270 }
4271
4272
4273 /* Mark a default context if none exists, using the ctx that has the most shared keys */
4274 if (!bind_conf->default_ctx) {
4275 for (i = SSL_SOCK_POSSIBLE_KT_COMBOS - 1; i >= 0; i--) {
4276 if (key_combos[i].ctx) {
4277 bind_conf->default_ctx = key_combos[i].ctx;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004278 bind_conf->default_ssl_conf = ssl_conf;
William Lallemand21724f02019-11-04 17:56:13 +01004279 ckch_inst->is_default = 1;
William Lallemand02e19a52020-04-08 16:11:26 +02004280 SSL_CTX_up_ref(bind_conf->default_ctx);
yanbzhu08ce6ab2015-12-02 13:01:29 -05004281 break;
4282 }
4283 }
4284 }
4285
William Lallemand614ca0d2019-10-07 13:52:11 +02004286 ckch_inst->bind_conf = bind_conf;
William Lallemand150bfa82019-09-19 17:12:49 +02004287 ckch_inst->ssl_conf = ssl_conf;
William Lallemandcfca1422020-03-05 10:17:47 +01004288 ckch_inst->ckch_store = ckchs;
William Lallemand02e19a52020-04-08 16:11:26 +02004289
yanbzhu08ce6ab2015-12-02 13:01:29 -05004290end:
4291
4292 if (names)
4293 sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
4294
yanbzhu08ce6ab2015-12-02 13:01:29 -05004295 node = ebmb_first(&sni_keytypes_map);
4296 while (node) {
4297 next = ebmb_next(node);
4298 ebmb_delete(node);
William Lallemand8ed5b962019-10-04 17:24:39 +02004299 free(ebmb_entry(node, struct sni_keytype, name));
yanbzhu08ce6ab2015-12-02 13:01:29 -05004300 node = next;
4301 }
4302
William Lallemand02e19a52020-04-08 16:11:26 +02004303 /* we need to free the ctx since we incremented the refcount where it's used */
4304 for (i = 0; i < SSL_SOCK_POSSIBLE_KT_COMBOS; i++) {
4305 if (key_combos[i].ctx)
4306 SSL_CTX_free(key_combos[i].ctx);
4307 }
4308
Emeric Brun054563d2019-10-17 13:16:58 +02004309 if (errcode & ERR_CODE && ckch_inst) {
William Lallemand02e19a52020-04-08 16:11:26 +02004310 if (ckch_inst->is_default) {
4311 SSL_CTX_free(bind_conf->default_ctx);
4312 bind_conf->default_ctx = NULL;
4313 }
4314
William Lallemandd9d5d1b2020-04-09 16:31:05 +02004315 ckch_inst_free(ckch_inst);
William Lallemand614ca0d2019-10-07 13:52:11 +02004316 ckch_inst = NULL;
William Lallemand0c6d12f2019-10-04 18:38:51 +02004317 }
4318
Emeric Brun054563d2019-10-17 13:16:58 +02004319 *ckchi = ckch_inst;
4320 return errcode;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004321}
4322#else
4323/* This is a dummy, that just logs an error and returns error */
Emeric Brun054563d2019-10-17 13:16:58 +02004324static int ckch_inst_new_load_multi_store(const char *path, struct ckch_store *ckchs,
4325 struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf,
4326 char **sni_filter, int fcount, struct ckch_inst **ckchi, char **err)
yanbzhu08ce6ab2015-12-02 13:01:29 -05004327{
4328 memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
4329 err && *err ? *err : "", path, strerror(errno));
Emeric Brun054563d2019-10-17 13:16:58 +02004330 return ERR_ALERT | ERR_FATAL;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004331}
4332
Willy Tarreau9a1ab082019-05-09 13:26:41 +02004333#endif /* #if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL: Support for loading multiple certs into a single SSL_CTX */
yanbzhu488a4d22015-12-01 15:16:07 -05004334
William Lallemand614ca0d2019-10-07 13:52:11 +02004335/*
4336 * This function allocate a ckch_inst and create its snis
Emeric Brun054563d2019-10-17 13:16:58 +02004337 *
4338 * Returns a bitfield containing the flags:
4339 * ERR_FATAL in any fatal error case
4340 * ERR_ALERT if the reason of the error is available in err
4341 * ERR_WARN if a warning is available into err
William Lallemand614ca0d2019-10-07 13:52:11 +02004342 */
Emeric Brun054563d2019-10-17 13:16:58 +02004343static int ckch_inst_new_load_store(const char *path, struct ckch_store *ckchs, struct bind_conf *bind_conf,
4344 struct ssl_bind_conf *ssl_conf, char **sni_filter, int fcount, struct ckch_inst **ckchi, char **err)
Emeric Brunfc0421f2012-09-07 17:30:07 +02004345{
William Lallemandc9402072019-05-15 15:33:54 +02004346 SSL_CTX *ctx;
William Lallemandc9402072019-05-15 15:33:54 +02004347 int i;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004348 int order = 0;
4349 X509_NAME *xname;
4350 char *str;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01004351 EVP_PKEY *pkey;
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02004352 struct pkey_info kinfo = { .sig = TLSEXT_signature_anonymous, .bits = 0 };
Emeric Brunfc0421f2012-09-07 17:30:07 +02004353#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
4354 STACK_OF(GENERAL_NAME) *names;
4355#endif
William Lallemand36b84632019-07-18 19:28:17 +02004356 struct cert_key_and_chain *ckch;
William Lallemand614ca0d2019-10-07 13:52:11 +02004357 struct ckch_inst *ckch_inst = NULL;
Emeric Brun054563d2019-10-17 13:16:58 +02004358 int errcode = 0;
4359
4360 *ckchi = NULL;
William Lallemanda59191b2019-05-15 16:08:56 +02004361
William Lallemande3af8fb2019-10-08 11:36:53 +02004362 if (!ckchs || !ckchs->ckch)
Emeric Brun054563d2019-10-17 13:16:58 +02004363 return ERR_FATAL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004364
William Lallemande3af8fb2019-10-08 11:36:53 +02004365 ckch = ckchs->ckch;
William Lallemand36b84632019-07-18 19:28:17 +02004366
William Lallemandc9402072019-05-15 15:33:54 +02004367 ctx = SSL_CTX_new(SSLv23_server_method());
4368 if (!ctx) {
4369 memprintf(err, "%sunable to allocate SSL context for cert '%s'.\n",
4370 err && *err ? *err : "", path);
Emeric Brun054563d2019-10-17 13:16:58 +02004371 errcode |= ERR_ALERT | ERR_FATAL;
4372 goto error;
William Lallemandc9402072019-05-15 15:33:54 +02004373 }
4374
Emeric Bruna96b5822019-10-17 13:25:14 +02004375 errcode |= ssl_sock_put_ckch_into_ctx(path, ckch, ctx, err);
4376 if (errcode & ERR_CODE)
William Lallemand614ca0d2019-10-07 13:52:11 +02004377 goto error;
William Lallemand614ca0d2019-10-07 13:52:11 +02004378
4379 ckch_inst = ckch_inst_new();
4380 if (!ckch_inst) {
4381 memprintf(err, "%sunable to allocate SSL context for cert '%s'.\n",
4382 err && *err ? *err : "", path);
Emeric Brun054563d2019-10-17 13:16:58 +02004383 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandd9199372019-10-04 15:37:05 +02004384 goto error;
William Lallemandc9402072019-05-15 15:33:54 +02004385 }
4386
William Lallemand36b84632019-07-18 19:28:17 +02004387 pkey = X509_get_pubkey(ckch->cert);
Emmanuel Hocdet05942112017-02-20 16:11:50 +01004388 if (pkey) {
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02004389 kinfo.bits = EVP_PKEY_bits(pkey);
Emmanuel Hocdet05942112017-02-20 16:11:50 +01004390 switch(EVP_PKEY_base_id(pkey)) {
4391 case EVP_PKEY_RSA:
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02004392 kinfo.sig = TLSEXT_signature_rsa;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01004393 break;
4394 case EVP_PKEY_EC:
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02004395 kinfo.sig = TLSEXT_signature_ecdsa;
4396 break;
4397 case EVP_PKEY_DSA:
4398 kinfo.sig = TLSEXT_signature_dsa;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01004399 break;
4400 }
4401 EVP_PKEY_free(pkey);
4402 }
4403
Emeric Brun50bcecc2013-04-22 13:05:23 +02004404 if (fcount) {
William Lallemandfe49bb32019-10-03 23:46:33 +02004405 while (fcount--) {
William Lallemand1d29c742019-10-04 00:53:29 +02004406 order = ckch_inst_add_cert_sni(ctx, ckch_inst, bind_conf, ssl_conf, kinfo, sni_filter[fcount], order);
William Lallemandfe49bb32019-10-03 23:46:33 +02004407 if (order < 0) {
4408 memprintf(err, "%sunable to create a sni context.\n", err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004409 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandd9199372019-10-04 15:37:05 +02004410 goto error;
William Lallemandfe49bb32019-10-03 23:46:33 +02004411 }
4412 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004413 }
4414 else {
Emeric Brunfc0421f2012-09-07 17:30:07 +02004415#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
William Lallemand36b84632019-07-18 19:28:17 +02004416 names = X509_get_ext_d2i(ckch->cert, NID_subject_alt_name, NULL, NULL);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004417 if (names) {
4418 for (i = 0; i < sk_GENERAL_NAME_num(names); i++) {
4419 GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
4420 if (name->type == GEN_DNS) {
4421 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
William Lallemand1d29c742019-10-04 00:53:29 +02004422 order = ckch_inst_add_cert_sni(ctx, ckch_inst, bind_conf, ssl_conf, kinfo, str, order);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004423 OPENSSL_free(str);
William Lallemandfe49bb32019-10-03 23:46:33 +02004424 if (order < 0) {
4425 memprintf(err, "%sunable to create a sni context.\n", err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004426 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandd9199372019-10-04 15:37:05 +02004427 goto error;
William Lallemandfe49bb32019-10-03 23:46:33 +02004428 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004429 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004430 }
4431 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004432 sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
Emeric Brunfc0421f2012-09-07 17:30:07 +02004433 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004434#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
William Lallemand36b84632019-07-18 19:28:17 +02004435 xname = X509_get_subject_name(ckch->cert);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004436 i = -1;
4437 while ((i = X509_NAME_get_index_by_NID(xname, NID_commonName, i)) != -1) {
4438 X509_NAME_ENTRY *entry = X509_NAME_get_entry(xname, i);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02004439 ASN1_STRING *value;
4440
4441 value = X509_NAME_ENTRY_get_data(entry);
4442 if (ASN1_STRING_to_UTF8((unsigned char **)&str, value) >= 0) {
William Lallemand1d29c742019-10-04 00:53:29 +02004443 order = ckch_inst_add_cert_sni(ctx, ckch_inst, bind_conf, ssl_conf, kinfo, str, order);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004444 OPENSSL_free(str);
William Lallemandfe49bb32019-10-03 23:46:33 +02004445 if (order < 0) {
4446 memprintf(err, "%sunable to create a sni context.\n", err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004447 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandd9199372019-10-04 15:37:05 +02004448 goto error;
William Lallemandfe49bb32019-10-03 23:46:33 +02004449 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004450 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004451 }
4452 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004453 /* we must not free the SSL_CTX anymore below, since it's already in
4454 * the tree, so it will be discovered and cleaned in time.
4455 */
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02004456
Emeric Brunfc0421f2012-09-07 17:30:07 +02004457#ifndef SSL_CTRL_SET_TLSEXT_HOSTNAME
Willy Tarreau2a65ff02012-09-13 17:54:29 +02004458 if (bind_conf->default_ctx) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +02004459 memprintf(err, "%sthis version of openssl cannot load multiple SSL certificates.\n",
4460 err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004461 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandd9199372019-10-04 15:37:05 +02004462 goto error;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004463 }
4464#endif
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004465 if (!bind_conf->default_ctx) {
Willy Tarreau2a65ff02012-09-13 17:54:29 +02004466 bind_conf->default_ctx = ctx;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004467 bind_conf->default_ssl_conf = ssl_conf;
William Lallemand21724f02019-11-04 17:56:13 +01004468 ckch_inst->is_default = 1;
William Lallemand02e19a52020-04-08 16:11:26 +02004469 SSL_CTX_up_ref(ctx);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004470 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004471
William Lallemand9117de92019-10-04 00:29:42 +02004472 /* everything succeed, the ckch instance can be used */
4473 ckch_inst->bind_conf = bind_conf;
William Lallemand150bfa82019-09-19 17:12:49 +02004474 ckch_inst->ssl_conf = ssl_conf;
William Lallemandcfca1422020-03-05 10:17:47 +01004475 ckch_inst->ckch_store = ckchs;
William Lallemand9117de92019-10-04 00:29:42 +02004476
William Lallemand02e19a52020-04-08 16:11:26 +02004477 SSL_CTX_free(ctx); /* we need to free the ctx since we incremented the refcount where it's used */
4478
Emeric Brun054563d2019-10-17 13:16:58 +02004479 *ckchi = ckch_inst;
4480 return errcode;
William Lallemandd9199372019-10-04 15:37:05 +02004481
4482error:
4483 /* free the allocated sni_ctxs */
William Lallemand614ca0d2019-10-07 13:52:11 +02004484 if (ckch_inst) {
William Lallemand02e19a52020-04-08 16:11:26 +02004485 if (ckch_inst->is_default)
4486 SSL_CTX_free(ctx);
4487
William Lallemandd9d5d1b2020-04-09 16:31:05 +02004488 ckch_inst_free(ckch_inst);
William Lallemand614ca0d2019-10-07 13:52:11 +02004489 ckch_inst = NULL;
William Lallemandd9199372019-10-04 15:37:05 +02004490 }
William Lallemandd9199372019-10-04 15:37:05 +02004491 SSL_CTX_free(ctx);
4492
Emeric Brun054563d2019-10-17 13:16:58 +02004493 return errcode;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004494}
4495
Willy Tarreau8c5414a2019-10-16 17:06:25 +02004496/* Returns a set of ERR_* flags possibly with an error in <err>. */
William Lallemand614ca0d2019-10-07 13:52:11 +02004497static int ssl_sock_load_ckchs(const char *path, struct ckch_store *ckchs,
4498 struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf,
William Lallemand24bde432020-03-09 16:48:43 +01004499 char **sni_filter, int fcount, struct ckch_inst **ckch_inst, char **err)
William Lallemand614ca0d2019-10-07 13:52:11 +02004500{
Emeric Brun054563d2019-10-17 13:16:58 +02004501 int errcode = 0;
William Lallemand614ca0d2019-10-07 13:52:11 +02004502
4503 /* we found the ckchs in the tree, we can use it directly */
4504 if (ckchs->multi)
William Lallemand24bde432020-03-09 16:48:43 +01004505 errcode |= ckch_inst_new_load_multi_store(path, ckchs, bind_conf, ssl_conf, sni_filter, fcount, ckch_inst, err);
William Lallemand614ca0d2019-10-07 13:52:11 +02004506 else
William Lallemand24bde432020-03-09 16:48:43 +01004507 errcode |= ckch_inst_new_load_store(path, ckchs, bind_conf, ssl_conf, sni_filter, fcount, ckch_inst, err);
William Lallemand614ca0d2019-10-07 13:52:11 +02004508
Emeric Brun054563d2019-10-17 13:16:58 +02004509 if (errcode & ERR_CODE)
4510 return errcode;
William Lallemand614ca0d2019-10-07 13:52:11 +02004511
William Lallemand24bde432020-03-09 16:48:43 +01004512 ssl_sock_load_cert_sni(*ckch_inst, bind_conf);
William Lallemand614ca0d2019-10-07 13:52:11 +02004513
4514 /* succeed, add the instance to the ckch_store's list of instance */
William Lallemand24bde432020-03-09 16:48:43 +01004515 LIST_ADDQ(&ckchs->ckch_inst, &((*ckch_inst)->by_ckchs));
Emeric Brun054563d2019-10-17 13:16:58 +02004516 return errcode;
William Lallemand614ca0d2019-10-07 13:52:11 +02004517}
4518
William Lallemand6be66ec2020-03-06 22:26:32 +01004519
William Lallemand4c68bba2020-03-30 18:45:10 +02004520
4521
4522/* Make sure openssl opens /dev/urandom before the chroot. The work is only
4523 * done once. Zero is returned if the operation fails. No error is returned
4524 * if the random is said as not implemented, because we expect that openssl
4525 * will use another method once needed.
4526 */
4527static int ssl_initialize_random()
4528{
4529 unsigned char random;
4530 static int random_initialized = 0;
4531
4532 if (!random_initialized && RAND_bytes(&random, 1) != 0)
4533 random_initialized = 1;
4534
4535 return random_initialized;
4536}
4537
William Lallemandec2d4932020-04-09 13:44:21 +02004538
William Lallemand6be66ec2020-03-06 22:26:32 +01004539/* This function reads a directory and stores it in a struct crtlist, each file is a crtlist_entry structure
4540 * Fill the <crtlist> argument with a pointer to a new crtlist struct
4541 *
4542 * This function tries to open and store certificate files.
4543 */
4544static int crtlist_load_cert_dir(char *path, struct bind_conf *bind_conf, struct crtlist **crtlist, char **err)
Emeric Brunfc0421f2012-09-07 17:30:07 +02004545{
William Lallemand6be66ec2020-03-06 22:26:32 +01004546 struct crtlist *dir;
Cyril Bonté3180f7b2015-01-25 00:16:08 +01004547 struct dirent **de_list;
4548 int i, n;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004549 struct stat buf;
Willy Tarreauee2663b2012-12-06 11:36:59 +01004550 char *end;
4551 char fp[MAXPATHLEN+1];
Emeric Brunfc0421f2012-09-07 17:30:07 +02004552 int cfgerr = 0;
William Lallemande3af8fb2019-10-08 11:36:53 +02004553 struct ckch_store *ckchs;
Willy Tarreau9a1ab082019-05-09 13:26:41 +02004554#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhu63ea8462015-12-09 13:35:14 -05004555 int is_bundle;
4556 int j;
4557#endif
Willy Tarreaubbc91962019-10-16 16:42:19 +02004558
William Lallemandec2d4932020-04-09 13:44:21 +02004559 dir = crtlist_new(path, 1);
William Lallemand6be66ec2020-03-06 22:26:32 +01004560 if (dir == NULL) {
4561 memprintf(err, "not enough memory");
4562 return ERR_ALERT | ERR_FATAL;
4563 }
William Lallemand6be66ec2020-03-06 22:26:32 +01004564
William Lallemand2d232c22020-03-06 22:12:35 +01004565 n = scandir(path, &de_list, 0, alphasort);
4566 if (n < 0) {
4567 memprintf(err, "%sunable to scan directory '%s' : %s.\n",
4568 err && *err ? *err : "", path, strerror(errno));
4569 cfgerr |= ERR_ALERT | ERR_FATAL;
4570 }
4571 else {
4572 for (i = 0; i < n; i++) {
William Lallemand6be66ec2020-03-06 22:26:32 +01004573 struct crtlist_entry *entry;
William Lallemand2d232c22020-03-06 22:12:35 +01004574 struct dirent *de = de_list[i];
Emeric Brun2aab7222014-06-18 18:15:09 +02004575
William Lallemand2d232c22020-03-06 22:12:35 +01004576 end = strrchr(de->d_name, '.');
4577 if (end && (!strcmp(end, ".issuer") || !strcmp(end, ".ocsp") || !strcmp(end, ".sctl") || !strcmp(end, ".key")))
4578 goto ignore_entry;
Cyril Bonté3180f7b2015-01-25 00:16:08 +01004579
William Lallemanda64593c2020-03-17 20:11:41 +01004580 snprintf(fp, sizeof(fp), "%s/%s", path, de->d_name);
4581 if (stat(fp, &buf) != 0) {
4582 memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
4583 err && *err ? *err : "", fp, strerror(errno));
4584 cfgerr |= ERR_ALERT | ERR_FATAL;
4585 goto ignore_entry;
4586 }
4587 if (!S_ISREG(buf.st_mode))
4588 goto ignore_entry;
4589
William Lallemande718dfb2020-04-10 11:09:25 +02004590 entry = crtlist_entry_new();
William Lallemand6be66ec2020-03-06 22:26:32 +01004591 if (entry == NULL) {
4592 memprintf(err, "not enough memory '%s'", fp);
4593 cfgerr |= ERR_ALERT | ERR_FATAL;
4594 goto ignore_entry;
4595 }
4596
Willy Tarreau9a1ab082019-05-09 13:26:41 +02004597#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
William Lallemand2d232c22020-03-06 22:12:35 +01004598 is_bundle = 0;
4599 /* Check if current entry in directory is part of a multi-cert bundle */
yanbzhu63ea8462015-12-09 13:35:14 -05004600
William Lallemand2d232c22020-03-06 22:12:35 +01004601 if ((global_ssl.extra_files & SSL_GF_BUNDLE) && end) {
4602 for (j = 0; j < SSL_SOCK_NUM_KEYTYPES; j++) {
4603 if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) {
4604 is_bundle = 1;
4605 break;
yanbzhu63ea8462015-12-09 13:35:14 -05004606 }
William Lallemand2d232c22020-03-06 22:12:35 +01004607 }
yanbzhu63ea8462015-12-09 13:35:14 -05004608
William Lallemand2d232c22020-03-06 22:12:35 +01004609 if (is_bundle) {
4610 int dp_len;
yanbzhu63ea8462015-12-09 13:35:14 -05004611
William Lallemand2d232c22020-03-06 22:12:35 +01004612 dp_len = end - de->d_name;
yanbzhu63ea8462015-12-09 13:35:14 -05004613
William Lallemand2d232c22020-03-06 22:12:35 +01004614 /* increment i and free de until we get to a non-bundle cert
4615 * Note here that we look at de_list[i + 1] before freeing de
4616 * this is important since ignore_entry will free de. This also
4617 * guarantees that de->d_name continues to hold the same prefix.
4618 */
4619 while (i + 1 < n && !strncmp(de_list[i + 1]->d_name, de->d_name, dp_len)) {
4620 free(de);
4621 i++;
4622 de = de_list[i];
yanbzhu63ea8462015-12-09 13:35:14 -05004623 }
William Lallemand2d232c22020-03-06 22:12:35 +01004624
4625 snprintf(fp, sizeof(fp), "%s/%.*s", path, dp_len, de->d_name);
William Lallemand6be66ec2020-03-06 22:26:32 +01004626 ckchs = ckchs_lookup(fp);
4627 if (ckchs == NULL)
4628 ckchs = ckchs_load_cert_file(fp, 1, err);
4629 if (ckchs == NULL) {
4630 free(de);
4631 free(entry);
William Lallemand2d232c22020-03-06 22:12:35 +01004632 cfgerr |= ERR_ALERT | ERR_FATAL;
William Lallemand6be66ec2020-03-06 22:26:32 +01004633 goto end;
4634 }
William Lallemand6be66ec2020-03-06 22:26:32 +01004635 entry->node.key = ckchs;
William Lallemandfa8cf0c2020-03-30 19:59:57 +02004636 entry->crtlist = dir;
William Lallemand23d61c02020-03-30 18:27:58 +02004637 LIST_ADDQ(&ckchs->crtlist_entry, &entry->by_ckch_store);
William Lallemand83918e22020-03-16 17:21:51 +01004638 LIST_ADDQ(&dir->ord_entries, &entry->by_crtlist);
William Lallemand6be66ec2020-03-06 22:26:32 +01004639 ebpt_insert(&dir->entries, &entry->node);
4640
William Lallemand2d232c22020-03-06 22:12:35 +01004641 /* Successfully processed the bundle */
4642 goto ignore_entry;
yanbzhu63ea8462015-12-09 13:35:14 -05004643 }
William Lallemand2d232c22020-03-06 22:12:35 +01004644 }
yanbzhu63ea8462015-12-09 13:35:14 -05004645
4646#endif
William Lallemand6be66ec2020-03-06 22:26:32 +01004647 ckchs = ckchs_lookup(fp);
4648 if (ckchs == NULL)
4649 ckchs = ckchs_load_cert_file(fp, 0, err);
4650 if (ckchs == NULL) {
4651 free(de);
4652 free(entry);
William Lallemand2d232c22020-03-06 22:12:35 +01004653 cfgerr |= ERR_ALERT | ERR_FATAL;
William Lallemand6be66ec2020-03-06 22:26:32 +01004654 goto end;
4655 }
4656 entry->node.key = ckchs;
William Lallemandfa8cf0c2020-03-30 19:59:57 +02004657 entry->crtlist = dir;
William Lallemand23d61c02020-03-30 18:27:58 +02004658 LIST_ADDQ(&ckchs->crtlist_entry, &entry->by_ckch_store);
William Lallemand83918e22020-03-16 17:21:51 +01004659 LIST_ADDQ(&dir->ord_entries, &entry->by_crtlist);
William Lallemand6be66ec2020-03-06 22:26:32 +01004660 ebpt_insert(&dir->entries, &entry->node);
William Lallemand36b84632019-07-18 19:28:17 +02004661
yanbzhu08ce6ab2015-12-02 13:01:29 -05004662ignore_entry:
William Lallemand2d232c22020-03-06 22:12:35 +01004663 free(de);
Emeric Brunfc0421f2012-09-07 17:30:07 +02004664 }
William Lallemand6be66ec2020-03-06 22:26:32 +01004665end:
William Lallemand2d232c22020-03-06 22:12:35 +01004666 free(de_list);
4667 }
William Lallemand6be66ec2020-03-06 22:26:32 +01004668
4669 if (cfgerr & ERR_CODE) {
4670 /* free the dir and entries on error */
William Lallemand09bd5a02020-03-30 18:19:43 +02004671 crtlist_free(dir);
William Lallemand83918e22020-03-16 17:21:51 +01004672 } else {
4673 *crtlist = dir;
William Lallemand6be66ec2020-03-06 22:26:32 +01004674 }
William Lallemand2d232c22020-03-06 22:12:35 +01004675 return cfgerr;
William Lallemand6be66ec2020-03-06 22:26:32 +01004676
William Lallemand2d232c22020-03-06 22:12:35 +01004677}
yanbzhu08ce6ab2015-12-02 13:01:29 -05004678
William Lallemand97b08102020-04-01 10:14:00 +02004679/*
4680 * Read a single crt-list line. /!\ alter the <line> string.
4681 * Fill <crt_path> and <crtlist_entry>
4682 * <crtlist_entry> must be alloc and free by the caller
4683 * <crtlist_entry->ssl_conf> is alloc by the function
4684 * <crtlist_entry->filters> is alloc by the function
4685 * <crt_path> is a ptr in <line>
4686 * Return an error code
4687 */
4688static int crtlist_parse_line(char *line, char **crt_path, struct crtlist_entry *entry, const char *file, int linenum, char **err)
4689{
4690 int cfgerr = 0;
4691 int arg, newarg, cur_arg, i, ssl_b = 0, ssl_e = 0;
4692 char *end;
4693 char *args[MAX_CRT_ARGS + 1];
4694 struct ssl_bind_conf *ssl_conf = NULL;
4695
4696 if (!line || !crt_path || !entry)
4697 return ERR_ALERT | ERR_FATAL;
4698
4699 end = line + strlen(line);
4700 if (end-line >= CRT_LINESIZE-1 && *(end-1) != '\n') {
4701 /* Check if we reached the limit and the last char is not \n.
4702 * Watch out for the last line without the terminating '\n'!
4703 */
4704 memprintf(err, "line %d too long in file '%s', limit is %d characters",
4705 linenum, file, CRT_LINESIZE-1);
4706 cfgerr |= ERR_ALERT | ERR_FATAL;
4707 goto error;
4708 }
4709 arg = 0;
4710 newarg = 1;
4711 while (*line) {
4712 if (isspace((unsigned char)*line)) {
4713 newarg = 1;
4714 *line = 0;
4715 } else if (*line == '[') {
4716 if (ssl_b) {
4717 memprintf(err, "too many '[' on line %d in file '%s'.", linenum, file);
4718 cfgerr |= ERR_ALERT | ERR_FATAL;
4719 goto error;
4720 }
4721 if (!arg) {
4722 memprintf(err, "file must start with a cert on line %d in file '%s'", linenum, file);
4723 cfgerr |= ERR_ALERT | ERR_FATAL;
4724 goto error;
4725 }
4726 ssl_b = arg;
4727 newarg = 1;
4728 *line = 0;
4729 } else if (*line == ']') {
4730 if (ssl_e) {
4731 memprintf(err, "too many ']' on line %d in file '%s'.", linenum, file);
4732 cfgerr |= ERR_ALERT | ERR_FATAL;
4733 goto error;
4734 }
4735 if (!ssl_b) {
4736 memprintf(err, "missing '[' in line %d in file '%s'.", linenum, file);
4737 cfgerr |= ERR_ALERT | ERR_FATAL;
4738 goto error;
4739 }
4740 ssl_e = arg;
4741 newarg = 1;
4742 *line = 0;
4743 } else if (newarg) {
4744 if (arg == MAX_CRT_ARGS) {
4745 memprintf(err, "too many args on line %d in file '%s'.", linenum, file);
4746 cfgerr |= ERR_ALERT | ERR_FATAL;
4747 goto error;
4748 }
4749 newarg = 0;
4750 args[arg++] = line;
4751 }
4752 line++;
4753 }
4754 args[arg++] = line;
4755
4756 /* empty line */
4757 if (!*args[0]) {
4758 cfgerr |= ERR_NONE;
4759 goto error;
4760 }
4761
4762 *crt_path = args[0];
4763
William Lallemand1b2988b2020-04-10 17:20:45 +02004764 if (ssl_b) {
4765 ssl_conf = calloc(1, sizeof *ssl_conf);
4766 if (!ssl_conf) {
4767 memprintf(err, "not enough memory!");
4768 cfgerr |= ERR_ALERT | ERR_FATAL;
4769 goto error;
4770 }
William Lallemand97b08102020-04-01 10:14:00 +02004771 }
4772 cur_arg = ssl_b ? ssl_b : 1;
4773 while (cur_arg < ssl_e) {
4774 newarg = 0;
4775 for (i = 0; ssl_bind_kws[i].kw != NULL; i++) {
4776 if (strcmp(ssl_bind_kws[i].kw, args[cur_arg]) == 0) {
4777 newarg = 1;
4778 cfgerr |= ssl_bind_kws[i].parse(args, cur_arg, NULL, ssl_conf, err);
4779 if (cur_arg + 1 + ssl_bind_kws[i].skip > ssl_e) {
4780 memprintf(err, "ssl args out of '[]' for %s on line %d in file '%s'",
4781 args[cur_arg], linenum, file);
4782 cfgerr |= ERR_ALERT | ERR_FATAL;
4783 goto error;
4784 }
4785 cur_arg += 1 + ssl_bind_kws[i].skip;
4786 break;
4787 }
4788 }
4789 if (!cfgerr && !newarg) {
4790 memprintf(err, "unknown ssl keyword %s on line %d in file '%s'.",
4791 args[cur_arg], linenum, file);
4792 cfgerr |= ERR_ALERT | ERR_FATAL;
4793 goto error;
4794 }
4795 }
William Lallemandc69f02d2020-04-06 19:07:03 +02004796 entry->linenum = linenum;
William Lallemand97b08102020-04-01 10:14:00 +02004797 entry->ssl_conf = ssl_conf;
4798 entry->filters = crtlist_dup_filters(&args[cur_arg], arg - cur_arg - 1);
4799 entry->fcount = arg - cur_arg - 1;
4800
4801 return cfgerr;
4802
4803error:
4804 crtlist_free_filters(entry->filters);
4805 entry->filters = NULL;
4806 ssl_sock_free_ssl_conf(entry->ssl_conf);
4807 free(entry->ssl_conf);
4808 entry->ssl_conf = NULL;
4809 return cfgerr;
4810}
4811
William Lallemand2954c472020-03-06 21:54:13 +01004812/* This function parse a crt-list file and store it in a struct crtlist, each line is a crtlist_entry structure
4813 * Fill the <crtlist> argument with a pointer to a new crtlist struct
4814 *
4815 * This function tries to open and store certificate files.
4816 */
4817static int crtlist_parse_file(char *file, struct bind_conf *bind_conf, struct proxy *curproxy, struct crtlist **crtlist, char **err)
4818{
4819 struct crtlist *newlist;
William Lallemand97b08102020-04-01 10:14:00 +02004820 struct crtlist_entry *entry = NULL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004821 char thisline[CRT_LINESIZE];
4822 char path[MAXPATHLEN+1];
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004823 FILE *f;
yanbzhu1b04e5b2015-12-02 13:54:14 -05004824 struct stat buf;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004825 int linenum = 0;
4826 int cfgerr = 0;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004827
Willy Tarreauad1731d2013-04-02 17:35:58 +02004828 if ((f = fopen(file, "r")) == NULL) {
4829 memprintf(err, "cannot open file '%s' : %s", file, strerror(errno));
Willy Tarreaubbc91962019-10-16 16:42:19 +02004830 return ERR_ALERT | ERR_FATAL;
Willy Tarreauad1731d2013-04-02 17:35:58 +02004831 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004832
William Lallemandec2d4932020-04-09 13:44:21 +02004833 newlist = crtlist_new(file, 0);
William Lallemand2954c472020-03-06 21:54:13 +01004834 if (newlist == NULL) {
4835 memprintf(err, "Not enough memory!");
4836 cfgerr |= ERR_ALERT | ERR_FATAL;
4837 goto error;
4838 }
William Lallemand2954c472020-03-06 21:54:13 +01004839
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004840 while (fgets(thisline, sizeof(thisline), f) != NULL) {
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004841 char *end;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004842 char *line = thisline;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004843 char *crt_path;
William Lallemand2954c472020-03-06 21:54:13 +01004844 struct ckch_store *ckchs;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004845
4846 linenum++;
4847 end = line + strlen(line);
4848 if (end-line == sizeof(thisline)-1 && *(end-1) != '\n') {
4849 /* Check if we reached the limit and the last char is not \n.
4850 * Watch out for the last line without the terminating '\n'!
4851 */
Willy Tarreauad1731d2013-04-02 17:35:58 +02004852 memprintf(err, "line %d too long in file '%s', limit is %d characters",
4853 linenum, file, (int)sizeof(thisline)-1);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004854 cfgerr |= ERR_ALERT | ERR_FATAL;
Willy Tarreauad1731d2013-04-02 17:35:58 +02004855 break;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004856 }
William Lallemand97b08102020-04-01 10:14:00 +02004857
4858 if (*line == '#' || *line == '\n' || *line == '\r')
4859 continue;
4860
William Lallemande718dfb2020-04-10 11:09:25 +02004861 entry = crtlist_entry_new();
William Lallemand97b08102020-04-01 10:14:00 +02004862 if (entry == NULL) {
4863 memprintf(err, "Not enough memory!");
4864 cfgerr |= ERR_ALERT | ERR_FATAL;
4865 goto error;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004866 }
William Lallemand97b08102020-04-01 10:14:00 +02004867
4868 *(end - 1) = '\0'; /* line parser mustn't receive any \n */
4869 cfgerr |= crtlist_parse_line(thisline, &crt_path, entry, file, linenum, err);
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02004870 if (cfgerr)
William Lallemand97b08102020-04-01 10:14:00 +02004871 goto error;
Willy Tarreauad1731d2013-04-02 17:35:58 +02004872
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004873 /* empty line */
William Lallemand97b08102020-04-01 10:14:00 +02004874 if (!crt_path || !*crt_path) {
William Lallemande718dfb2020-04-10 11:09:25 +02004875 crtlist_entry_free(entry);
William Lallemand97b08102020-04-01 10:14:00 +02004876 entry = NULL;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004877 continue;
William Lallemand97b08102020-04-01 10:14:00 +02004878 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004879
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004880 if (*crt_path != '/' && global_ssl.crt_base) {
4881 if ((strlen(global_ssl.crt_base) + 1 + strlen(crt_path)) > MAXPATHLEN) {
4882 memprintf(err, "'%s' : path too long on line %d in file '%s'",
4883 crt_path, linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004884 cfgerr |= ERR_ALERT | ERR_FATAL;
William Lallemand97b08102020-04-01 10:14:00 +02004885 goto error;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004886 }
4887 snprintf(path, sizeof(path), "%s/%s", global_ssl.crt_base, crt_path);
4888 crt_path = path;
4889 }
4890
William Lallemand2954c472020-03-06 21:54:13 +01004891 /* Look for a ckch_store or create one */
4892 ckchs = ckchs_lookup(crt_path);
4893 if (ckchs == NULL) {
William Lallemandeed4bf22019-10-10 11:38:13 +02004894 if (stat(crt_path, &buf) == 0)
William Lallemande3af8fb2019-10-08 11:36:53 +02004895 ckchs = ckchs_load_cert_file(crt_path, 0, err);
Emmanuel Hocdet1503e052019-07-31 18:30:33 +02004896 else
William Lallemande3af8fb2019-10-08 11:36:53 +02004897 ckchs = ckchs_load_cert_file(crt_path, 1, err);
yanbzhu1b04e5b2015-12-02 13:54:14 -05004898 }
William Lallemand909086e2020-03-17 16:53:27 +01004899 if (ckchs == NULL)
William Lallemand2954c472020-03-06 21:54:13 +01004900 cfgerr |= ERR_ALERT | ERR_FATAL;
William Lallemandeed4bf22019-10-10 11:38:13 +02004901
William Lallemand97b08102020-04-01 10:14:00 +02004902 if (cfgerr & ERR_CODE)
William Lallemand2954c472020-03-06 21:54:13 +01004903 goto error;
William Lallemand97b08102020-04-01 10:14:00 +02004904
William Lallemand2954c472020-03-06 21:54:13 +01004905 entry->node.key = ckchs;
William Lallemandfa8cf0c2020-03-30 19:59:57 +02004906 entry->crtlist = newlist;
William Lallemand2954c472020-03-06 21:54:13 +01004907 ebpt_insert(&newlist->entries, &entry->node);
4908 LIST_ADDQ(&newlist->ord_entries, &entry->by_crtlist);
William Lallemand23d61c02020-03-30 18:27:58 +02004909 LIST_ADDQ(&ckchs->crtlist_entry, &entry->by_ckch_store);
William Lallemand97b08102020-04-01 10:14:00 +02004910
4911 entry = NULL;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004912 }
William Lallemand2954c472020-03-06 21:54:13 +01004913 if (cfgerr & ERR_CODE)
4914 goto error;
4915
William Lallemandc69f02d2020-04-06 19:07:03 +02004916 newlist->linecount = linenum;
4917
William Lallemand2954c472020-03-06 21:54:13 +01004918 fclose(f);
4919 *crtlist = newlist;
4920
4921 return cfgerr;
4922error:
William Lallemande718dfb2020-04-10 11:09:25 +02004923 crtlist_entry_free(entry);
William Lallemand97b08102020-04-01 10:14:00 +02004924
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004925 fclose(f);
William Lallemand2954c472020-03-06 21:54:13 +01004926 crtlist_free(newlist);
4927 return cfgerr;
4928}
4929
4930/* Load a crt-list file, this is done in 2 parts:
4931 * - store the content of the file in a crtlist structure with crtlist_entry structures
4932 * - generate the instances by iterating on entries in the crtlist struct
4933 *
4934 * Nothing is locked there, this function is used in the configuration parser.
4935 *
4936 * Returns a set of ERR_* flags possibly with an error in <err>.
4937 */
William Lallemand6be66ec2020-03-06 22:26:32 +01004938int ssl_sock_load_cert_list_file(char *file, int dir, struct bind_conf *bind_conf, struct proxy *curproxy, char **err)
William Lallemand2954c472020-03-06 21:54:13 +01004939{
4940 struct crtlist *crtlist = NULL;
4941 struct ebmb_node *eb;
William Lallemand49398312020-03-30 17:01:33 +02004942 struct crtlist_entry *entry = NULL;
William Lallemand79d31ec2020-03-25 15:10:49 +01004943 struct bind_conf_list *bind_conf_node = NULL;
William Lallemand2954c472020-03-06 21:54:13 +01004944 int cfgerr = 0;
William Lallemand41ca9302020-04-08 13:15:18 +02004945 char *end;
William Lallemand2954c472020-03-06 21:54:13 +01004946
William Lallemand79d31ec2020-03-25 15:10:49 +01004947 bind_conf_node = malloc(sizeof(*bind_conf_node));
4948 if (!bind_conf_node) {
4949 memprintf(err, "%sCan't alloc memory!\n", err && *err ? *err : "");
4950 cfgerr |= ERR_FATAL | ERR_ALERT;
4951 goto error;
4952 }
4953 bind_conf_node->next = NULL;
4954 bind_conf_node->bind_conf = bind_conf;
4955
William Lallemand41ca9302020-04-08 13:15:18 +02004956 /* strip trailing slashes, including first one */
4957 for (end = file + strlen(file) - 1; end >= file && *end == '/'; end--)
4958 *end = 0;
4959
William Lallemand2954c472020-03-06 21:54:13 +01004960 /* look for an existing crtlist or create one */
4961 eb = ebst_lookup(&crtlists_tree, file);
4962 if (eb) {
4963 crtlist = ebmb_entry(eb, struct crtlist, node);
4964 } else {
William Lallemand6be66ec2020-03-06 22:26:32 +01004965 /* load a crt-list OR a directory */
4966 if (dir)
4967 cfgerr |= crtlist_load_cert_dir(file, bind_conf, &crtlist, err);
4968 else
4969 cfgerr |= crtlist_parse_file(file, bind_conf, curproxy, &crtlist, err);
4970
William Lallemand2954c472020-03-06 21:54:13 +01004971 if (!(cfgerr & ERR_CODE))
4972 ebst_insert(&crtlists_tree, &crtlist->node);
4973 }
4974
4975 if (cfgerr & ERR_CODE) {
4976 cfgerr |= ERR_FATAL | ERR_ALERT;
4977 goto error;
4978 }
4979
4980 /* generates ckch instance from the crtlist_entry */
4981 list_for_each_entry(entry, &crtlist->ord_entries, by_crtlist) {
4982 struct ckch_store *store;
4983 struct ckch_inst *ckch_inst = NULL;
4984
4985 store = entry->node.key;
4986 cfgerr |= ssl_sock_load_ckchs(store->path, store, bind_conf, entry->ssl_conf, entry->filters, entry->fcount, &ckch_inst, err);
4987 if (cfgerr & ERR_CODE) {
4988 memprintf(err, "error processing line %d in file '%s' : %s", entry->linenum, file, *err);
4989 goto error;
4990 }
William Lallemand49398312020-03-30 17:01:33 +02004991 LIST_ADDQ(&entry->ckch_inst, &ckch_inst->by_crtlist_entry);
William Lallemandcaa16192020-04-08 16:29:15 +02004992 ckch_inst->crtlist_entry = entry;
William Lallemand2954c472020-03-06 21:54:13 +01004993 }
William Lallemand2954c472020-03-06 21:54:13 +01004994
William Lallemand79d31ec2020-03-25 15:10:49 +01004995 /* add the bind_conf to the list */
4996 bind_conf_node->next = crtlist->bind_conf;
4997 crtlist->bind_conf = bind_conf_node;
4998
William Lallemand2954c472020-03-06 21:54:13 +01004999 return cfgerr;
5000error:
5001 {
William Lallemand49398312020-03-30 17:01:33 +02005002 struct crtlist_entry *lastentry;
William Lallemand2954c472020-03-06 21:54:13 +01005003 struct ckch_inst *inst, *s_inst;
5004
William Lallemand49398312020-03-30 17:01:33 +02005005 lastentry = entry; /* which entry we tried to generate last */
5006 if (lastentry) {
5007 list_for_each_entry(entry, &crtlist->ord_entries, by_crtlist) {
5008 if (entry == lastentry) /* last entry we tried to generate, no need to go further */
5009 break;
5010
5011 list_for_each_entry_safe(inst, s_inst, &entry->ckch_inst, by_crtlist_entry) {
William Lallemand2954c472020-03-06 21:54:13 +01005012
William Lallemand49398312020-03-30 17:01:33 +02005013 /* this was not generated for this bind_conf, skip */
5014 if (inst->bind_conf != bind_conf)
5015 continue;
5016
William Lallemandd9d5d1b2020-04-09 16:31:05 +02005017 /* free the sni_ctx and instance */
5018 ckch_inst_free(inst);
William Lallemand49398312020-03-30 17:01:33 +02005019 }
William Lallemand2954c472020-03-06 21:54:13 +01005020 }
William Lallemand2954c472020-03-06 21:54:13 +01005021 }
William Lallemand79d31ec2020-03-25 15:10:49 +01005022 free(bind_conf_node);
William Lallemand2954c472020-03-06 21:54:13 +01005023 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01005024 return cfgerr;
5025}
5026
William Lallemand06b22a82020-03-16 14:45:55 +01005027/* Returns a set of ERR_* flags possibly with an error in <err>. */
5028int ssl_sock_load_cert(char *path, struct bind_conf *bind_conf, char **err)
5029{
5030 struct stat buf;
5031 char fp[MAXPATHLEN+1];
5032 int cfgerr = 0;
5033 struct ckch_store *ckchs;
William Lallemand24bde432020-03-09 16:48:43 +01005034 struct ckch_inst *ckch_inst = NULL;
William Lallemand06b22a82020-03-16 14:45:55 +01005035
5036 if ((ckchs = ckchs_lookup(path))) {
5037 /* we found the ckchs in the tree, we can use it directly */
William Lallemand24bde432020-03-09 16:48:43 +01005038 return ssl_sock_load_ckchs(path, ckchs, bind_conf, NULL, NULL, 0, &ckch_inst, err);
William Lallemand06b22a82020-03-16 14:45:55 +01005039 }
5040 if (stat(path, &buf) == 0) {
5041 if (S_ISDIR(buf.st_mode) == 0) {
5042 ckchs = ckchs_load_cert_file(path, 0, err);
5043 if (!ckchs)
5044 return ERR_ALERT | ERR_FATAL;
5045
William Lallemand24bde432020-03-09 16:48:43 +01005046 return ssl_sock_load_ckchs(path, ckchs, bind_conf, NULL, NULL, 0, &ckch_inst, err);
William Lallemand06b22a82020-03-16 14:45:55 +01005047 } else {
William Lallemand6be66ec2020-03-06 22:26:32 +01005048 return ssl_sock_load_cert_list_file(path, 1, bind_conf, bind_conf->frontend, err);
William Lallemand06b22a82020-03-16 14:45:55 +01005049 }
5050 } else {
5051 /* stat failed, could be a bundle */
5052 if (global_ssl.extra_files & SSL_GF_BUNDLE) {
5053 /* try to load a bundle if it is permitted */
5054 ckchs = ckchs_load_cert_file(path, 1, err);
5055 if (!ckchs)
5056 return ERR_ALERT | ERR_FATAL;
William Lallemand24bde432020-03-09 16:48:43 +01005057 cfgerr |= ssl_sock_load_ckchs(path, ckchs, bind_conf, NULL, NULL, 0, &ckch_inst, err);
William Lallemand06b22a82020-03-16 14:45:55 +01005058 } else {
5059 memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
5060 err && *err ? *err : "", fp, strerror(errno));
5061 cfgerr |= ERR_ALERT | ERR_FATAL;
5062 }
5063 }
5064
5065 return cfgerr;
5066}
5067
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005068/* Create an initial CTX used to start the SSL connection before switchctx */
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005069static int
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005070ssl_sock_initial_ctx(struct bind_conf *bind_conf)
Emeric Brunfc0421f2012-09-07 17:30:07 +02005071{
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005072 SSL_CTX *ctx = NULL;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005073 long options =
Emeric Brunfc0421f2012-09-07 17:30:07 +02005074 SSL_OP_ALL | /* all known workarounds for bugs */
5075 SSL_OP_NO_SSLv2 |
5076 SSL_OP_NO_COMPRESSION |
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02005077 SSL_OP_SINGLE_DH_USE |
Emeric Brun2b58d042012-09-20 17:10:03 +02005078 SSL_OP_SINGLE_ECDH_USE |
Emeric Brun3c4bc6e2012-10-04 18:44:19 +02005079 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION |
Lukas Tribus926594f2018-05-18 17:55:57 +02005080 SSL_OP_PRIORITIZE_CHACHA |
Emeric Brun3c4bc6e2012-10-04 18:44:19 +02005081 SSL_OP_CIPHER_SERVER_PREFERENCE;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005082 long mode =
Emeric Brunfc0421f2012-09-07 17:30:07 +02005083 SSL_MODE_ENABLE_PARTIAL_WRITE |
5084 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
Willy Tarreau396a1862014-11-13 14:06:52 +01005085 SSL_MODE_RELEASE_BUFFERS |
5086 SSL_MODE_SMALL_BUFFERS;
Emmanuel Hocdet43664762017-08-09 18:26:20 +02005087 struct tls_version_filter *conf_ssl_methods = &bind_conf->ssl_conf.ssl_methods;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005088 int i, min, max, hole;
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005089 int flags = MC_SSL_O_ALL;
5090 int cfgerr = 0;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005091
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005092 ctx = SSL_CTX_new(SSLv23_server_method());
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005093 bind_conf->initial_ctx = ctx;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005094
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005095 if (conf_ssl_methods->flags && (conf_ssl_methods->min || conf_ssl_methods->max))
Christopher Faulet767a84b2017-11-24 16:50:31 +01005096 ha_warning("Proxy '%s': no-sslv3/no-tlsv1x are ignored for bind '%s' at [%s:%d]. "
5097 "Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
5098 bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005099 else
5100 flags = conf_ssl_methods->flags;
5101
Emmanuel Hocdetbd695fe2017-05-15 15:53:41 +02005102 min = conf_ssl_methods->min;
5103 max = conf_ssl_methods->max;
5104 /* start with TLSv10 to remove SSLv3 per default */
5105 if (!min && (!max || max >= CONF_TLSV10))
5106 min = CONF_TLSV10;
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02005107 /* Real min and max should be determinate with configuration and openssl's capabilities */
Emmanuel Hocdetbd695fe2017-05-15 15:53:41 +02005108 if (min)
5109 flags |= (methodVersions[min].flag - 1);
5110 if (max)
5111 flags |= ~((methodVersions[max].flag << 1) - 1);
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02005112 /* find min, max and holes */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005113 min = max = CONF_TLSV_NONE;
5114 hole = 0;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005115 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005116 /* version is in openssl && version not disable in configuration */
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005117 if (methodVersions[i].option && !(flags & methodVersions[i].flag)) {
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005118 if (min) {
5119 if (hole) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005120 ha_warning("Proxy '%s': SSL/TLS versions range not contiguous for bind '%s' at [%s:%d]. "
5121 "Hole find for %s. Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
5122 bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line,
5123 methodVersions[hole].name);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005124 hole = 0;
5125 }
5126 max = i;
5127 }
5128 else {
5129 min = max = i;
5130 }
5131 }
5132 else {
5133 if (min)
5134 hole = i;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005135 }
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005136 if (!min) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005137 ha_alert("Proxy '%s': all SSL/TLS versions are disabled for bind '%s' at [%s:%d].\n",
5138 bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005139 cfgerr += 1;
5140 }
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02005141 /* save real min/max in bind_conf */
5142 conf_ssl_methods->min = min;
5143 conf_ssl_methods->max = max;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005144
Willy Tarreau9a1ab082019-05-09 13:26:41 +02005145#if (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005146 /* Keep force-xxx implementation as it is in older haproxy. It's a
Joseph Herlant017b3da2018-11-15 09:07:59 -08005147 precautionary measure to avoid any surprise with older openssl version. */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005148 if (min == max)
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02005149 methodVersions[min].ctx_set_version(ctx, SET_SERVER);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005150 else
5151 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
5152 if (flags & methodVersions[i].flag)
5153 options |= methodVersions[i].option;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005154#else /* openssl >= 1.1.0 */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005155 /* set the max_version is required to cap TLS version or activate new TLS (v1.3) */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02005156 methodVersions[min].ctx_set_version(ctx, SET_MIN);
5157 methodVersions[max].ctx_set_version(ctx, SET_MAX);
Emeric Brunfa5c5c82017-04-28 16:19:51 +02005158#endif
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005159
5160 if (bind_conf->ssl_options & BC_SSL_O_NO_TLS_TICKETS)
5161 options |= SSL_OP_NO_TICKET;
5162 if (bind_conf->ssl_options & BC_SSL_O_PREF_CLIE_CIPH)
5163 options &= ~SSL_OP_CIPHER_SERVER_PREFERENCE;
Dirkjan Bussink526894f2019-01-21 09:35:03 -08005164
5165#ifdef SSL_OP_NO_RENEGOTIATION
5166 options |= SSL_OP_NO_RENEGOTIATION;
5167#endif
5168
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005169 SSL_CTX_set_options(ctx, options);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00005170
Willy Tarreau5db847a2019-05-09 14:13:35 +02005171#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00005172 if (global_ssl.async)
5173 mode |= SSL_MODE_ASYNC;
5174#endif
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005175 SSL_CTX_set_mode(ctx, mode);
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005176 if (global_ssl.life_time)
5177 SSL_CTX_set_timeout(ctx, global_ssl.life_time);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005178
5179#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
5180#ifdef OPENSSL_IS_BORINGSSL
5181 SSL_CTX_set_select_certificate_cb(ctx, ssl_sock_switchctx_cbk);
5182 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
Ilya Shipitsine9ff8992020-01-19 12:20:14 +05005183#elif defined(SSL_OP_NO_ANTI_REPLAY)
Olivier Houchard545989f2019-12-17 15:39:54 +01005184 if (bind_conf->ssl_conf.early_data)
Olivier Houchard51088ce2019-01-02 18:46:41 +01005185 SSL_CTX_set_options(ctx, SSL_OP_NO_ANTI_REPLAY);
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02005186 SSL_CTX_set_client_hello_cb(ctx, ssl_sock_switchctx_cbk, NULL);
5187 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005188#else
5189 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_cbk);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005190#endif
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02005191 SSL_CTX_set_tlsext_servername_arg(ctx, bind_conf);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005192#endif
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005193 return cfgerr;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005194}
5195
William Lallemand4f45bb92017-10-30 20:08:51 +01005196
5197static inline void sh_ssl_sess_free_blocks(struct shared_block *first, struct shared_block *block)
5198{
5199 if (first == block) {
5200 struct sh_ssl_sess_hdr *sh_ssl_sess = (struct sh_ssl_sess_hdr *)first->data;
5201 if (first->len > 0)
5202 sh_ssl_sess_tree_delete(sh_ssl_sess);
5203 }
5204}
5205
5206/* return first block from sh_ssl_sess */
5207static inline struct shared_block *sh_ssl_sess_first_block(struct sh_ssl_sess_hdr *sh_ssl_sess)
5208{
5209 return (struct shared_block *)((unsigned char *)sh_ssl_sess - ((struct shared_block *)NULL)->data);
5210
5211}
5212
5213/* store a session into the cache
5214 * s_id : session id padded with zero to SSL_MAX_SSL_SESSION_ID_LENGTH
5215 * data: asn1 encoded session
5216 * data_len: asn1 encoded session length
5217 * Returns 1 id session was stored (else 0)
5218 */
5219static int sh_ssl_sess_store(unsigned char *s_id, unsigned char *data, int data_len)
5220{
5221 struct shared_block *first;
5222 struct sh_ssl_sess_hdr *sh_ssl_sess, *oldsh_ssl_sess;
5223
Frédéric Lécaille0bec8072018-10-22 17:55:57 +02005224 first = shctx_row_reserve_hot(ssl_shctx, NULL, data_len + sizeof(struct sh_ssl_sess_hdr));
William Lallemand4f45bb92017-10-30 20:08:51 +01005225 if (!first) {
5226 /* Could not retrieve enough free blocks to store that session */
5227 return 0;
5228 }
5229
5230 /* STORE the key in the first elem */
5231 sh_ssl_sess = (struct sh_ssl_sess_hdr *)first->data;
5232 memcpy(sh_ssl_sess->key_data, s_id, SSL_MAX_SSL_SESSION_ID_LENGTH);
5233 first->len = sizeof(struct sh_ssl_sess_hdr);
5234
5235 /* it returns the already existing node
5236 or current node if none, never returns null */
5237 oldsh_ssl_sess = sh_ssl_sess_tree_insert(sh_ssl_sess);
5238 if (oldsh_ssl_sess != sh_ssl_sess) {
5239 /* NOTE: Row couldn't be in use because we lock read & write function */
5240 /* release the reserved row */
5241 shctx_row_dec_hot(ssl_shctx, first);
5242 /* replace the previous session already in the tree */
5243 sh_ssl_sess = oldsh_ssl_sess;
5244 /* ignore the previous session data, only use the header */
5245 first = sh_ssl_sess_first_block(sh_ssl_sess);
5246 shctx_row_inc_hot(ssl_shctx, first);
5247 first->len = sizeof(struct sh_ssl_sess_hdr);
5248 }
5249
Frédéric Lécaille0bec8072018-10-22 17:55:57 +02005250 if (shctx_row_data_append(ssl_shctx, first, NULL, data, data_len) < 0) {
William Lallemand99b90af2018-01-03 19:15:51 +01005251 shctx_row_dec_hot(ssl_shctx, first);
William Lallemand4f45bb92017-10-30 20:08:51 +01005252 return 0;
William Lallemand99b90af2018-01-03 19:15:51 +01005253 }
5254
5255 shctx_row_dec_hot(ssl_shctx, first);
William Lallemand4f45bb92017-10-30 20:08:51 +01005256
5257 return 1;
5258}
William Lallemanded0b5ad2017-10-30 19:36:36 +01005259
Olivier Houchardbd84ac82017-11-03 13:43:35 +01005260/* SSL callback used when a new session is created while connecting to a server */
5261static int ssl_sess_new_srv_cb(SSL *ssl, SSL_SESSION *sess)
5262{
Thierry FOURNIER28962c92018-06-17 21:37:05 +02005263 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Olivier Houcharde6060c52017-11-16 17:42:52 +01005264 struct server *s;
Olivier Houchardbd84ac82017-11-03 13:43:35 +01005265
Willy Tarreau07d94e42018-09-20 10:57:52 +02005266 s = __objt_server(conn->target);
Olivier Houchardbd84ac82017-11-03 13:43:35 +01005267
Olivier Houcharde6060c52017-11-16 17:42:52 +01005268 if (!(s->ssl_ctx.options & SRV_SSL_O_NO_REUSE)) {
5269 int len;
5270 unsigned char *ptr;
Olivier Houchardbd84ac82017-11-03 13:43:35 +01005271
Olivier Houcharde6060c52017-11-16 17:42:52 +01005272 len = i2d_SSL_SESSION(sess, NULL);
5273 if (s->ssl_ctx.reused_sess[tid].ptr && s->ssl_ctx.reused_sess[tid].allocated_size >= len) {
5274 ptr = s->ssl_ctx.reused_sess[tid].ptr;
5275 } else {
5276 free(s->ssl_ctx.reused_sess[tid].ptr);
5277 ptr = s->ssl_ctx.reused_sess[tid].ptr = malloc(len);
5278 s->ssl_ctx.reused_sess[tid].allocated_size = len;
5279 }
5280 if (s->ssl_ctx.reused_sess[tid].ptr) {
5281 s->ssl_ctx.reused_sess[tid].size = i2d_SSL_SESSION(sess,
5282 &ptr);
5283 }
5284 } else {
5285 free(s->ssl_ctx.reused_sess[tid].ptr);
5286 s->ssl_ctx.reused_sess[tid].ptr = NULL;
5287 }
5288
5289 return 0;
Olivier Houchardbd84ac82017-11-03 13:43:35 +01005290}
5291
Olivier Houcharde6060c52017-11-16 17:42:52 +01005292
William Lallemanded0b5ad2017-10-30 19:36:36 +01005293/* SSL callback used on new session creation */
William Lallemand4f45bb92017-10-30 20:08:51 +01005294int sh_ssl_sess_new_cb(SSL *ssl, SSL_SESSION *sess)
William Lallemanded0b5ad2017-10-30 19:36:36 +01005295{
5296 unsigned char encsess[SHSESS_MAX_DATA_LEN]; /* encoded session */
5297 unsigned char encid[SSL_MAX_SSL_SESSION_ID_LENGTH]; /* encoded id */
5298 unsigned char *p;
5299 int data_len;
Emeric Bruneb469652019-10-08 18:27:37 +02005300 unsigned int sid_length;
William Lallemanded0b5ad2017-10-30 19:36:36 +01005301 const unsigned char *sid_data;
William Lallemanded0b5ad2017-10-30 19:36:36 +01005302
5303 /* Session id is already stored in to key and session id is known
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +05005304 * so we don't store it to keep size.
Emeric Bruneb469652019-10-08 18:27:37 +02005305 * note: SSL_SESSION_set1_id is using
5306 * a memcpy so we need to use a different pointer
5307 * than sid_data or sid_ctx_data to avoid valgrind
5308 * complaining.
William Lallemanded0b5ad2017-10-30 19:36:36 +01005309 */
5310
5311 sid_data = SSL_SESSION_get_id(sess, &sid_length);
Emeric Bruneb469652019-10-08 18:27:37 +02005312
5313 /* copy value in an other buffer */
5314 memcpy(encid, sid_data, sid_length);
5315
5316 /* pad with 0 */
5317 if (sid_length < SSL_MAX_SSL_SESSION_ID_LENGTH)
5318 memset(encid + sid_length, 0, SSL_MAX_SSL_SESSION_ID_LENGTH-sid_length);
5319
5320 /* force length to zero to avoid ASN1 encoding */
5321 SSL_SESSION_set1_id(sess, encid, 0);
5322
5323 /* force length to zero to avoid ASN1 encoding */
5324 SSL_SESSION_set1_id_context(sess, (const unsigned char *)SHCTX_APPNAME, 0);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005325
5326 /* check if buffer is large enough for the ASN1 encoded session */
5327 data_len = i2d_SSL_SESSION(sess, NULL);
5328 if (data_len > SHSESS_MAX_DATA_LEN)
5329 goto err;
5330
5331 p = encsess;
5332
5333 /* process ASN1 session encoding before the lock */
5334 i2d_SSL_SESSION(sess, &p);
5335
William Lallemanded0b5ad2017-10-30 19:36:36 +01005336
William Lallemanda3c77cf2017-10-30 23:44:40 +01005337 shctx_lock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005338 /* store to cache */
William Lallemand4f45bb92017-10-30 20:08:51 +01005339 sh_ssl_sess_store(encid, encsess, data_len);
William Lallemanda3c77cf2017-10-30 23:44:40 +01005340 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005341err:
5342 /* reset original length values */
Emeric Bruneb469652019-10-08 18:27:37 +02005343 SSL_SESSION_set1_id(sess, encid, sid_length);
5344 SSL_SESSION_set1_id_context(sess, (const unsigned char *)SHCTX_APPNAME, strlen(SHCTX_APPNAME));
William Lallemanded0b5ad2017-10-30 19:36:36 +01005345
5346 return 0; /* do not increment session reference count */
5347}
5348
5349/* SSL callback used on lookup an existing session cause none found in internal cache */
William Lallemand4f45bb92017-10-30 20:08:51 +01005350SSL_SESSION *sh_ssl_sess_get_cb(SSL *ssl, __OPENSSL_110_CONST__ unsigned char *key, int key_len, int *do_copy)
William Lallemanded0b5ad2017-10-30 19:36:36 +01005351{
William Lallemand4f45bb92017-10-30 20:08:51 +01005352 struct sh_ssl_sess_hdr *sh_ssl_sess;
William Lallemanded0b5ad2017-10-30 19:36:36 +01005353 unsigned char data[SHSESS_MAX_DATA_LEN], *p;
5354 unsigned char tmpkey[SSL_MAX_SSL_SESSION_ID_LENGTH];
William Lallemanded0b5ad2017-10-30 19:36:36 +01005355 SSL_SESSION *sess;
William Lallemand4f45bb92017-10-30 20:08:51 +01005356 struct shared_block *first;
William Lallemanded0b5ad2017-10-30 19:36:36 +01005357
5358 global.shctx_lookups++;
5359
5360 /* allow the session to be freed automatically by openssl */
5361 *do_copy = 0;
5362
5363 /* tree key is zeros padded sessionid */
5364 if (key_len < SSL_MAX_SSL_SESSION_ID_LENGTH) {
5365 memcpy(tmpkey, key, key_len);
5366 memset(tmpkey + key_len, 0, SSL_MAX_SSL_SESSION_ID_LENGTH - key_len);
5367 key = tmpkey;
5368 }
5369
5370 /* lock cache */
William Lallemanda3c77cf2017-10-30 23:44:40 +01005371 shctx_lock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005372
5373 /* lookup for session */
William Lallemand4f45bb92017-10-30 20:08:51 +01005374 sh_ssl_sess = sh_ssl_sess_tree_lookup(key);
5375 if (!sh_ssl_sess) {
William Lallemanded0b5ad2017-10-30 19:36:36 +01005376 /* no session found: unlock cache and exit */
William Lallemanda3c77cf2017-10-30 23:44:40 +01005377 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005378 global.shctx_misses++;
5379 return NULL;
5380 }
5381
William Lallemand4f45bb92017-10-30 20:08:51 +01005382 /* sh_ssl_sess (shared_block->data) is at the end of shared_block */
5383 first = sh_ssl_sess_first_block(sh_ssl_sess);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005384
William Lallemand4f45bb92017-10-30 20:08:51 +01005385 shctx_row_data_get(ssl_shctx, first, data, sizeof(struct sh_ssl_sess_hdr), first->len-sizeof(struct sh_ssl_sess_hdr));
William Lallemanded0b5ad2017-10-30 19:36:36 +01005386
William Lallemanda3c77cf2017-10-30 23:44:40 +01005387 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005388
5389 /* decode ASN1 session */
5390 p = data;
William Lallemand4f45bb92017-10-30 20:08:51 +01005391 sess = d2i_SSL_SESSION(NULL, (const unsigned char **)&p, first->len-sizeof(struct sh_ssl_sess_hdr));
William Lallemanded0b5ad2017-10-30 19:36:36 +01005392 /* Reset session id and session id contenxt */
5393 if (sess) {
5394 SSL_SESSION_set1_id(sess, key, key_len);
5395 SSL_SESSION_set1_id_context(sess, (const unsigned char *)SHCTX_APPNAME, strlen(SHCTX_APPNAME));
5396 }
5397
5398 return sess;
5399}
5400
William Lallemand4f45bb92017-10-30 20:08:51 +01005401
William Lallemanded0b5ad2017-10-30 19:36:36 +01005402/* SSL callback used to signal session is no more used in internal cache */
William Lallemand4f45bb92017-10-30 20:08:51 +01005403void sh_ssl_sess_remove_cb(SSL_CTX *ctx, SSL_SESSION *sess)
William Lallemanded0b5ad2017-10-30 19:36:36 +01005404{
William Lallemand4f45bb92017-10-30 20:08:51 +01005405 struct sh_ssl_sess_hdr *sh_ssl_sess;
William Lallemanded0b5ad2017-10-30 19:36:36 +01005406 unsigned char tmpkey[SSL_MAX_SSL_SESSION_ID_LENGTH];
5407 unsigned int sid_length;
5408 const unsigned char *sid_data;
5409 (void)ctx;
5410
5411 sid_data = SSL_SESSION_get_id(sess, &sid_length);
5412 /* tree key is zeros padded sessionid */
5413 if (sid_length < SSL_MAX_SSL_SESSION_ID_LENGTH) {
5414 memcpy(tmpkey, sid_data, sid_length);
5415 memset(tmpkey+sid_length, 0, SSL_MAX_SSL_SESSION_ID_LENGTH - sid_length);
5416 sid_data = tmpkey;
5417 }
5418
William Lallemanda3c77cf2017-10-30 23:44:40 +01005419 shctx_lock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005420
5421 /* lookup for session */
William Lallemand4f45bb92017-10-30 20:08:51 +01005422 sh_ssl_sess = sh_ssl_sess_tree_lookup(sid_data);
5423 if (sh_ssl_sess) {
William Lallemanded0b5ad2017-10-30 19:36:36 +01005424 /* free session */
William Lallemand4f45bb92017-10-30 20:08:51 +01005425 sh_ssl_sess_tree_delete(sh_ssl_sess);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005426 }
5427
5428 /* unlock cache */
William Lallemanda3c77cf2017-10-30 23:44:40 +01005429 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005430}
5431
5432/* Set session cache mode to server and disable openssl internal cache.
5433 * Set shared cache callbacks on an ssl context.
5434 * Shared context MUST be firstly initialized */
William Lallemand4f45bb92017-10-30 20:08:51 +01005435void ssl_set_shctx(SSL_CTX *ctx)
William Lallemanded0b5ad2017-10-30 19:36:36 +01005436{
5437 SSL_CTX_set_session_id_context(ctx, (const unsigned char *)SHCTX_APPNAME, strlen(SHCTX_APPNAME));
5438
5439 if (!ssl_shctx) {
5440 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
5441 return;
5442 }
5443
5444 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER |
5445 SSL_SESS_CACHE_NO_INTERNAL |
5446 SSL_SESS_CACHE_NO_AUTO_CLEAR);
5447
5448 /* Set callbacks */
William Lallemand4f45bb92017-10-30 20:08:51 +01005449 SSL_CTX_sess_set_new_cb(ctx, sh_ssl_sess_new_cb);
5450 SSL_CTX_sess_set_get_cb(ctx, sh_ssl_sess_get_cb);
5451 SSL_CTX_sess_set_remove_cb(ctx, sh_ssl_sess_remove_cb);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005452}
5453
William Lallemand8b453912019-11-21 15:48:10 +01005454/*
5455 * This function applies the SSL configuration on a SSL_CTX
5456 * It returns an error code and fills the <err> buffer
5457 */
5458int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf, SSL_CTX *ctx, char **err)
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005459{
5460 struct proxy *curproxy = bind_conf->frontend;
5461 int cfgerr = 0;
5462 int verify = SSL_VERIFY_NONE;
Willy Tarreau5d4cafb2018-01-04 18:55:19 +01005463 struct ssl_bind_conf __maybe_unused *ssl_conf_cur;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005464 const char *conf_ciphers;
Emmanuel Hocdet839af572019-05-14 16:27:35 +02005465#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02005466 const char *conf_ciphersuites;
5467#endif
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01005468 const char *conf_curves = NULL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02005469
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02005470 if (ssl_conf) {
5471 struct tls_version_filter *conf_ssl_methods = &ssl_conf->ssl_methods;
5472 int i, min, max;
5473 int flags = MC_SSL_O_ALL;
5474
5475 /* Real min and max should be determinate with configuration and openssl's capabilities */
Emmanuel Hocdet43664762017-08-09 18:26:20 +02005476 min = conf_ssl_methods->min ? conf_ssl_methods->min : bind_conf->ssl_conf.ssl_methods.min;
5477 max = conf_ssl_methods->max ? conf_ssl_methods->max : bind_conf->ssl_conf.ssl_methods.max;
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02005478 if (min)
5479 flags |= (methodVersions[min].flag - 1);
5480 if (max)
5481 flags |= ~((methodVersions[max].flag << 1) - 1);
5482 min = max = CONF_TLSV_NONE;
5483 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
5484 if (methodVersions[i].option && !(flags & methodVersions[i].flag)) {
5485 if (min)
5486 max = i;
5487 else
5488 min = max = i;
5489 }
5490 /* save real min/max */
5491 conf_ssl_methods->min = min;
5492 conf_ssl_methods->max = max;
5493 if (!min) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005494 memprintf(err, "%sProxy '%s': all SSL/TLS versions are disabled for bind '%s' at [%s:%d].\n",
5495 err && *err ? *err : "", bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005496 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02005497 }
5498 }
5499
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005500 switch ((ssl_conf && ssl_conf->verify) ? ssl_conf->verify : bind_conf->ssl_conf.verify) {
Emeric Brun850efd52014-01-29 12:24:34 +01005501 case SSL_SOCK_VERIFY_NONE:
5502 verify = SSL_VERIFY_NONE;
5503 break;
5504 case SSL_SOCK_VERIFY_OPTIONAL:
5505 verify = SSL_VERIFY_PEER;
5506 break;
5507 case SSL_SOCK_VERIFY_REQUIRED:
5508 verify = SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
5509 break;
5510 }
5511 SSL_CTX_set_verify(ctx, verify, ssl_sock_bind_verifycbk);
5512 if (verify & SSL_VERIFY_PEER) {
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005513 char *ca_file = (ssl_conf && ssl_conf->ca_file) ? ssl_conf->ca_file : bind_conf->ssl_conf.ca_file;
Emmanuel Hocdet842e94e2019-12-16 16:39:17 +01005514 char *ca_verify_file = (ssl_conf && ssl_conf->ca_verify_file) ? ssl_conf->ca_verify_file : bind_conf->ssl_conf.ca_verify_file;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005515 char *crl_file = (ssl_conf && ssl_conf->crl_file) ? ssl_conf->crl_file : bind_conf->ssl_conf.crl_file;
Emmanuel Hocdet842e94e2019-12-16 16:39:17 +01005516 if (ca_file || ca_verify_file) {
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +02005517 /* set CAfile to verify */
Emmanuel Hocdet842e94e2019-12-16 16:39:17 +01005518 if (ca_file && !ssl_set_verify_locations_file(ctx, ca_file)) {
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +02005519 memprintf(err, "%sProxy '%s': unable to set CA file '%s' for bind '%s' at [%s:%d].\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01005520 err && *err ? *err : "", curproxy->id, ca_file, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005521 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brund94b3fe2012-09-20 18:23:56 +02005522 }
Emmanuel Hocdet842e94e2019-12-16 16:39:17 +01005523 if (ca_verify_file && !ssl_set_verify_locations_file(ctx, ca_verify_file)) {
5524 memprintf(err, "%sProxy '%s': unable to set CA-no-names file '%s' for bind '%s' at [%s:%d].\n",
5525 err && *err ? *err : "", curproxy->id, ca_verify_file, bind_conf->arg, bind_conf->file, bind_conf->line);
5526 cfgerr |= ERR_ALERT | ERR_FATAL;
5527 }
5528 if (ca_file && !((ssl_conf && ssl_conf->no_ca_names) || bind_conf->ssl_conf.no_ca_names)) {
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +02005529 /* set CA names for client cert request, function returns void */
Emmanuel Hocdet129d3282019-10-24 18:08:51 +02005530 SSL_CTX_set_client_CA_list(ctx, SSL_dup_CA_list(ssl_get_client_ca_file(ca_file)));
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +02005531 }
Emeric Brund94b3fe2012-09-20 18:23:56 +02005532 }
Emeric Brun850efd52014-01-29 12:24:34 +01005533 else {
Tim Duesterhus93128532019-11-23 23:45:10 +01005534 memprintf(err, "%sProxy '%s': verify is enabled but no CA file specified for bind '%s' at [%s:%d].\n",
5535 err && *err ? *err : "", curproxy->id, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005536 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brun850efd52014-01-29 12:24:34 +01005537 }
Emeric Brun051cdab2012-10-02 19:25:50 +02005538#ifdef X509_V_FLAG_CRL_CHECK
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005539 if (crl_file) {
Emeric Brund94b3fe2012-09-20 18:23:56 +02005540 X509_STORE *store = SSL_CTX_get_cert_store(ctx);
5541
Emmanuel Hocdetb270e812019-11-21 19:09:31 +01005542 if (!ssl_set_cert_crl_file(store, crl_file)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005543 memprintf(err, "%sProxy '%s': unable to configure CRL file '%s' for bind '%s' at [%s:%d].\n",
5544 err && *err ? *err : "", curproxy->id, crl_file, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005545 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brund94b3fe2012-09-20 18:23:56 +02005546 }
Emeric Brun561e5742012-10-02 15:20:55 +02005547 else {
5548 X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
5549 }
Emeric Brund94b3fe2012-09-20 18:23:56 +02005550 }
Emeric Brun051cdab2012-10-02 19:25:50 +02005551#endif
Emeric Brun644cde02012-12-14 11:21:13 +01005552 ERR_clear_error();
Emeric Brund94b3fe2012-09-20 18:23:56 +02005553 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +01005554#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
Nenad Merdanovic146defa2015-05-09 08:46:00 +02005555 if(bind_conf->keys_ref) {
Nenad Merdanovic05552d42015-02-27 19:56:49 +01005556 if (!SSL_CTX_set_tlsext_ticket_key_cb(ctx, ssl_tlsext_ticket_key_cb)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005557 memprintf(err, "%sProxy '%s': unable to set callback for TLS ticket validation for bind '%s' at [%s:%d].\n",
5558 err && *err ? *err : "", curproxy->id, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005559 cfgerr |= ERR_ALERT | ERR_FATAL;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01005560 }
5561 }
5562#endif
5563
William Lallemand4f45bb92017-10-30 20:08:51 +01005564 ssl_set_shctx(ctx);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005565 conf_ciphers = (ssl_conf && ssl_conf->ciphers) ? ssl_conf->ciphers : bind_conf->ssl_conf.ciphers;
5566 if (conf_ciphers &&
5567 !SSL_CTX_set_cipher_list(ctx, conf_ciphers)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005568 memprintf(err, "%sProxy '%s': unable to set SSL cipher list to '%s' for bind '%s' at [%s:%d].\n",
5569 err && *err ? *err : "", curproxy->id, conf_ciphers, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005570 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02005571 }
5572
Emmanuel Hocdet839af572019-05-14 16:27:35 +02005573#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02005574 conf_ciphersuites = (ssl_conf && ssl_conf->ciphersuites) ? ssl_conf->ciphersuites : bind_conf->ssl_conf.ciphersuites;
5575 if (conf_ciphersuites &&
5576 !SSL_CTX_set_ciphersuites(ctx, conf_ciphersuites)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005577 memprintf(err, "%sProxy '%s': unable to set TLS 1.3 cipher suites to '%s' for bind '%s' at [%s:%d].\n",
5578 err && *err ? *err : "", curproxy->id, conf_ciphersuites, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005579 cfgerr |= ERR_ALERT | ERR_FATAL;
Dirkjan Bussink415150f2018-09-14 11:14:21 +02005580 }
5581#endif
5582
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +01005583#ifndef OPENSSL_NO_DH
Remi Gacogne47783ef2015-05-29 15:53:22 +02005584 /* If tune.ssl.default-dh-param has not been set,
5585 neither has ssl-default-dh-file and no static DH
5586 params were in the certificate file. */
Willy Tarreauef934602016-12-22 23:12:01 +01005587 if (global_ssl.default_dh_param == 0 &&
Remi Gacogne47783ef2015-05-29 15:53:22 +02005588 global_dh == NULL &&
Remi Gacogne4f902b82015-05-28 16:23:00 +02005589 (ssl_dh_ptr_index == -1 ||
5590 SSL_CTX_get_ex_data(ctx, ssl_dh_ptr_index) == NULL)) {
Willy Tarreau3ba77d22020-05-08 09:31:18 +02005591 /* default to dh-param 2048 */
5592 global_ssl.default_dh_param = 2048;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02005593 }
Remi Gacogne8de54152014-07-15 11:36:40 +02005594
Willy Tarreauef934602016-12-22 23:12:01 +01005595 if (global_ssl.default_dh_param >= 1024) {
Remi Gacogne8de54152014-07-15 11:36:40 +02005596 if (local_dh_1024 == NULL) {
5597 local_dh_1024 = ssl_get_dh_1024();
5598 }
Willy Tarreauef934602016-12-22 23:12:01 +01005599 if (global_ssl.default_dh_param >= 2048) {
Remi Gacogne8de54152014-07-15 11:36:40 +02005600 if (local_dh_2048 == NULL) {
5601 local_dh_2048 = ssl_get_dh_2048();
5602 }
Willy Tarreauef934602016-12-22 23:12:01 +01005603 if (global_ssl.default_dh_param >= 4096) {
Remi Gacogne8de54152014-07-15 11:36:40 +02005604 if (local_dh_4096 == NULL) {
5605 local_dh_4096 = ssl_get_dh_4096();
5606 }
Remi Gacogne8de54152014-07-15 11:36:40 +02005607 }
5608 }
5609 }
5610#endif /* OPENSSL_NO_DH */
Remi Gacognef46cd6e2014-06-12 14:58:40 +02005611
Emeric Brunfc0421f2012-09-07 17:30:07 +02005612 SSL_CTX_set_info_callback(ctx, ssl_sock_infocbk);
Willy Tarreau9a1ab082019-05-09 13:26:41 +02005613#if HA_OPENSSL_VERSION_NUMBER >= 0x00907000L
Emeric Brun29f037d2014-04-25 19:05:36 +02005614 SSL_CTX_set_msg_callback(ctx, ssl_sock_msgcbk);
Willy Tarreau5cbe4ef2014-05-08 22:45:11 +02005615#endif
Emeric Brun29f037d2014-04-25 19:05:36 +02005616
Bernard Spil13c53f82018-02-15 13:34:58 +01005617#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005618 ssl_conf_cur = NULL;
5619 if (ssl_conf && ssl_conf->npn_str)
5620 ssl_conf_cur = ssl_conf;
5621 else if (bind_conf->ssl_conf.npn_str)
5622 ssl_conf_cur = &bind_conf->ssl_conf;
5623 if (ssl_conf_cur)
5624 SSL_CTX_set_next_protos_advertised_cb(ctx, ssl_sock_advertise_npn_protos, ssl_conf_cur);
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02005625#endif
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01005626#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005627 ssl_conf_cur = NULL;
5628 if (ssl_conf && ssl_conf->alpn_str)
5629 ssl_conf_cur = ssl_conf;
5630 else if (bind_conf->ssl_conf.alpn_str)
5631 ssl_conf_cur = &bind_conf->ssl_conf;
5632 if (ssl_conf_cur)
5633 SSL_CTX_set_alpn_select_cb(ctx, ssl_sock_advertise_alpn_protos, ssl_conf_cur);
Willy Tarreauab861d32013-04-02 02:30:41 +02005634#endif
Lukas Tribusd14b49c2019-11-24 18:20:40 +01005635#if ((HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL) || defined(LIBRESSL_VERSION_NUMBER))
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01005636 conf_curves = (ssl_conf && ssl_conf->curves) ? ssl_conf->curves : bind_conf->ssl_conf.curves;
5637 if (conf_curves) {
5638 if (!SSL_CTX_set1_curves_list(ctx, conf_curves)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005639 memprintf(err, "%sProxy '%s': unable to set SSL curves list to '%s' for bind '%s' at [%s:%d].\n",
5640 err && *err ? *err : "", curproxy->id, conf_curves, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005641 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01005642 }
Emmanuel Hocdeta52bb152017-03-20 11:11:49 +01005643 (void)SSL_CTX_set_ecdh_auto(ctx, 1);
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01005644 }
5645#endif
Emeric Brun2b58d042012-09-20 17:10:03 +02005646#if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01005647 if (!conf_curves) {
Emeric Brun2b58d042012-09-20 17:10:03 +02005648 int i;
5649 EC_KEY *ecdh;
Willy Tarreau9a1ab082019-05-09 13:26:41 +02005650#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005651 const char *ecdhe = (ssl_conf && ssl_conf->ecdhe) ? ssl_conf->ecdhe :
Olivier Houchardc2aae742017-09-22 18:26:28 +02005652 (bind_conf->ssl_conf.ecdhe ? bind_conf->ssl_conf.ecdhe :
5653 NULL);
5654
5655 if (ecdhe == NULL) {
Eric Salama3c8bde82019-11-20 11:33:40 +01005656 (void)SSL_CTX_set_ecdh_auto(ctx, 1);
Olivier Houchardc2aae742017-09-22 18:26:28 +02005657 return cfgerr;
5658 }
5659#else
5660 const char *ecdhe = (ssl_conf && ssl_conf->ecdhe) ? ssl_conf->ecdhe :
5661 (bind_conf->ssl_conf.ecdhe ? bind_conf->ssl_conf.ecdhe :
5662 ECDHE_DEFAULT_CURVE);
5663#endif
Emeric Brun2b58d042012-09-20 17:10:03 +02005664
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005665 i = OBJ_sn2nid(ecdhe);
Emeric Brun2b58d042012-09-20 17:10:03 +02005666 if (!i || ((ecdh = EC_KEY_new_by_curve_name(i)) == NULL)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005667 memprintf(err, "%sProxy '%s': unable to set elliptic named curve to '%s' for bind '%s' at [%s:%d].\n",
5668 err && *err ? *err : "", curproxy->id, ecdhe, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005669 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brun2b58d042012-09-20 17:10:03 +02005670 }
5671 else {
5672 SSL_CTX_set_tmp_ecdh(ctx, ecdh);
5673 EC_KEY_free(ecdh);
5674 }
5675 }
5676#endif
5677
Emeric Brunfc0421f2012-09-07 17:30:07 +02005678 return cfgerr;
5679}
5680
Evan Broderbe554312013-06-27 00:05:25 -07005681static int ssl_sock_srv_hostcheck(const char *pattern, const char *hostname)
5682{
5683 const char *pattern_wildcard, *pattern_left_label_end, *hostname_left_label_end;
5684 size_t prefixlen, suffixlen;
5685
5686 /* Trivial case */
5687 if (strcmp(pattern, hostname) == 0)
5688 return 1;
5689
Evan Broderbe554312013-06-27 00:05:25 -07005690 /* The rest of this logic is based on RFC 6125, section 6.4.3
5691 * (http://tools.ietf.org/html/rfc6125#section-6.4.3) */
5692
Emeric Bruna848dae2013-10-08 11:27:28 +02005693 pattern_wildcard = NULL;
5694 pattern_left_label_end = pattern;
5695 while (*pattern_left_label_end != '.') {
5696 switch (*pattern_left_label_end) {
5697 case 0:
5698 /* End of label not found */
5699 return 0;
5700 case '*':
5701 /* If there is more than one wildcards */
5702 if (pattern_wildcard)
5703 return 0;
5704 pattern_wildcard = pattern_left_label_end;
5705 break;
5706 }
5707 pattern_left_label_end++;
5708 }
5709
5710 /* If it's not trivial and there is no wildcard, it can't
5711 * match */
5712 if (!pattern_wildcard)
Evan Broderbe554312013-06-27 00:05:25 -07005713 return 0;
5714
5715 /* Make sure all labels match except the leftmost */
5716 hostname_left_label_end = strchr(hostname, '.');
5717 if (!hostname_left_label_end
5718 || strcmp(pattern_left_label_end, hostname_left_label_end) != 0)
5719 return 0;
5720
5721 /* Make sure the leftmost label of the hostname is long enough
5722 * that the wildcard can match */
Emeric Brun369da852013-10-08 11:39:35 +02005723 if (hostname_left_label_end - hostname < (pattern_left_label_end - pattern) - 1)
Evan Broderbe554312013-06-27 00:05:25 -07005724 return 0;
5725
5726 /* Finally compare the string on either side of the
5727 * wildcard */
5728 prefixlen = pattern_wildcard - pattern;
5729 suffixlen = pattern_left_label_end - (pattern_wildcard + 1);
Emeric Bruna848dae2013-10-08 11:27:28 +02005730 if ((prefixlen && (memcmp(pattern, hostname, prefixlen) != 0))
5731 || (suffixlen && (memcmp(pattern_wildcard + 1, hostname_left_label_end - suffixlen, suffixlen) != 0)))
Evan Broderbe554312013-06-27 00:05:25 -07005732 return 0;
5733
5734 return 1;
5735}
5736
5737static int ssl_sock_srv_verifycbk(int ok, X509_STORE_CTX *ctx)
5738{
5739 SSL *ssl;
5740 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01005741 struct ssl_sock_ctx *ssl_ctx;
Willy Tarreau2ab88672017-07-05 18:23:03 +02005742 const char *servername;
Willy Tarreau71d058c2017-07-26 20:09:56 +02005743 const char *sni;
Evan Broderbe554312013-06-27 00:05:25 -07005744
5745 int depth;
5746 X509 *cert;
5747 STACK_OF(GENERAL_NAME) *alt_names;
5748 int i;
5749 X509_NAME *cert_subject;
5750 char *str;
5751
5752 if (ok == 0)
5753 return ok;
5754
5755 ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
Thierry FOURNIER28962c92018-06-17 21:37:05 +02005756 conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Olivier Houchard66ab4982019-02-26 18:37:15 +01005757 ssl_ctx = conn->xprt_ctx;
Evan Broderbe554312013-06-27 00:05:25 -07005758
Willy Tarreauad92a9a2017-07-28 11:38:41 +02005759 /* We're checking if the provided hostnames match the desired one. The
5760 * desired hostname comes from the SNI we presented if any, or if not
5761 * provided then it may have been explicitly stated using a "verifyhost"
5762 * directive. If neither is set, we don't care about the name so the
5763 * verification is OK.
Willy Tarreau2ab88672017-07-05 18:23:03 +02005764 */
Olivier Houchard66ab4982019-02-26 18:37:15 +01005765 servername = SSL_get_servername(ssl_ctx->ssl, TLSEXT_NAMETYPE_host_name);
Willy Tarreau71d058c2017-07-26 20:09:56 +02005766 sni = servername;
Willy Tarreau2ab88672017-07-05 18:23:03 +02005767 if (!servername) {
Willy Tarreau07d94e42018-09-20 10:57:52 +02005768 servername = __objt_server(conn->target)->ssl_ctx.verify_host;
Willy Tarreau2ab88672017-07-05 18:23:03 +02005769 if (!servername)
5770 return ok;
5771 }
Evan Broderbe554312013-06-27 00:05:25 -07005772
5773 /* We only need to verify the CN on the actual server cert,
5774 * not the indirect CAs */
5775 depth = X509_STORE_CTX_get_error_depth(ctx);
5776 if (depth != 0)
5777 return ok;
5778
5779 /* At this point, the cert is *not* OK unless we can find a
5780 * hostname match */
5781 ok = 0;
5782
5783 cert = X509_STORE_CTX_get_current_cert(ctx);
5784 /* It seems like this might happen if verify peer isn't set */
5785 if (!cert)
5786 return ok;
5787
5788 alt_names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
5789 if (alt_names) {
5790 for (i = 0; !ok && i < sk_GENERAL_NAME_num(alt_names); i++) {
5791 GENERAL_NAME *name = sk_GENERAL_NAME_value(alt_names, i);
5792 if (name->type == GEN_DNS) {
Willy Tarreau9a1ab082019-05-09 13:26:41 +02005793#if HA_OPENSSL_VERSION_NUMBER < 0x00907000L
Emeric Bruna33410c2013-09-17 15:47:48 +02005794 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.ia5) >= 0) {
5795#else
Evan Broderbe554312013-06-27 00:05:25 -07005796 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
Emeric Bruna33410c2013-09-17 15:47:48 +02005797#endif
Evan Broderbe554312013-06-27 00:05:25 -07005798 ok = ssl_sock_srv_hostcheck(str, servername);
5799 OPENSSL_free(str);
5800 }
5801 }
5802 }
Emeric Brun4ad50a42013-09-17 15:19:54 +02005803 sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
Evan Broderbe554312013-06-27 00:05:25 -07005804 }
5805
5806 cert_subject = X509_get_subject_name(cert);
5807 i = -1;
5808 while (!ok && (i = X509_NAME_get_index_by_NID(cert_subject, NID_commonName, i)) != -1) {
5809 X509_NAME_ENTRY *entry = X509_NAME_get_entry(cert_subject, i);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02005810 ASN1_STRING *value;
5811 value = X509_NAME_ENTRY_get_data(entry);
5812 if (ASN1_STRING_to_UTF8((unsigned char **)&str, value) >= 0) {
Evan Broderbe554312013-06-27 00:05:25 -07005813 ok = ssl_sock_srv_hostcheck(str, servername);
5814 OPENSSL_free(str);
5815 }
5816 }
5817
Willy Tarreau71d058c2017-07-26 20:09:56 +02005818 /* report the mismatch and indicate if SNI was used or not */
5819 if (!ok && !conn->err_code)
5820 conn->err_code = sni ? CO_ER_SSL_MISMATCH_SNI : CO_ER_SSL_MISMATCH;
Evan Broderbe554312013-06-27 00:05:25 -07005821 return ok;
5822}
5823
Emeric Brun94324a42012-10-11 14:00:19 +02005824/* prepare ssl context from servers options. Returns an error count */
Willy Tarreau03209342016-12-22 17:08:28 +01005825int ssl_sock_prepare_srv_ctx(struct server *srv)
Emeric Brun94324a42012-10-11 14:00:19 +02005826{
Willy Tarreau03209342016-12-22 17:08:28 +01005827 struct proxy *curproxy = srv->proxy;
Emeric Brun94324a42012-10-11 14:00:19 +02005828 int cfgerr = 0;
Remi Gacogneaf5c3da2014-05-19 10:29:58 +02005829 long options =
Emeric Brun94324a42012-10-11 14:00:19 +02005830 SSL_OP_ALL | /* all known workarounds for bugs */
5831 SSL_OP_NO_SSLv2 |
5832 SSL_OP_NO_COMPRESSION;
Remi Gacogneaf5c3da2014-05-19 10:29:58 +02005833 long mode =
Emeric Brun94324a42012-10-11 14:00:19 +02005834 SSL_MODE_ENABLE_PARTIAL_WRITE |
5835 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
Willy Tarreau396a1862014-11-13 14:06:52 +01005836 SSL_MODE_RELEASE_BUFFERS |
5837 SSL_MODE_SMALL_BUFFERS;
Emeric Brun850efd52014-01-29 12:24:34 +01005838 int verify = SSL_VERIFY_NONE;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005839 SSL_CTX *ctx = NULL;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005840 struct tls_version_filter *conf_ssl_methods = &srv->ssl_ctx.methods;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005841 int i, min, max, hole;
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005842 int flags = MC_SSL_O_ALL;
Emeric Brun94324a42012-10-11 14:00:19 +02005843
Thierry Fournier383085f2013-01-24 14:15:43 +01005844 /* Make sure openssl opens /dev/urandom before the chroot */
5845 if (!ssl_initialize_random()) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005846 ha_alert("OpenSSL random data generator initialization failed.\n");
Thierry Fournier383085f2013-01-24 14:15:43 +01005847 cfgerr++;
5848 }
5849
Willy Tarreaufce03112015-01-15 21:32:40 +01005850 /* Automatic memory computations need to know we use SSL there */
5851 global.ssl_used_backend = 1;
5852
5853 /* Initiate SSL context for current server */
Emeric Brun821bb9b2017-06-15 16:37:39 +02005854 if (!srv->ssl_ctx.reused_sess) {
Olivier Houcharde6060c52017-11-16 17:42:52 +01005855 if ((srv->ssl_ctx.reused_sess = calloc(1, global.nbthread*sizeof(*srv->ssl_ctx.reused_sess))) == NULL) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005856 ha_alert("Proxy '%s', server '%s' [%s:%d] out of memory.\n",
5857 curproxy->id, srv->id,
5858 srv->conf.file, srv->conf.line);
Emeric Brun821bb9b2017-06-15 16:37:39 +02005859 cfgerr++;
5860 return cfgerr;
5861 }
5862 }
Christopher Fauletf61f33a2020-03-27 18:55:49 +01005863 if (srv->use_ssl == 1)
Emeric Brun94324a42012-10-11 14:00:19 +02005864 srv->xprt = &ssl_sock;
Emeric Brun94324a42012-10-11 14:00:19 +02005865
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005866 ctx = SSL_CTX_new(SSLv23_client_method());
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005867 if (!ctx) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005868 ha_alert("config : %s '%s', server '%s': unable to allocate ssl context.\n",
5869 proxy_type_str(curproxy), curproxy->id,
5870 srv->id);
Emeric Brun94324a42012-10-11 14:00:19 +02005871 cfgerr++;
5872 return cfgerr;
5873 }
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005874
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005875 if (conf_ssl_methods->flags && (conf_ssl_methods->min || conf_ssl_methods->max))
Christopher Faulet767a84b2017-11-24 16:50:31 +01005876 ha_warning("config : %s '%s': no-sslv3/no-tlsv1x are ignored for server '%s'. "
5877 "Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
5878 proxy_type_str(curproxy), curproxy->id, srv->id);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005879 else
5880 flags = conf_ssl_methods->flags;
5881
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005882 /* Real min and max should be determinate with configuration and openssl's capabilities */
5883 if (conf_ssl_methods->min)
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005884 flags |= (methodVersions[conf_ssl_methods->min].flag - 1);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005885 if (conf_ssl_methods->max)
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005886 flags |= ~((methodVersions[conf_ssl_methods->max].flag << 1) - 1);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005887
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02005888 /* find min, max and holes */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005889 min = max = CONF_TLSV_NONE;
5890 hole = 0;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005891 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005892 /* version is in openssl && version not disable in configuration */
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005893 if (methodVersions[i].option && !(flags & methodVersions[i].flag)) {
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005894 if (min) {
5895 if (hole) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005896 ha_warning("config : %s '%s': SSL/TLS versions range not contiguous for server '%s'. "
5897 "Hole find for %s. Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
5898 proxy_type_str(curproxy), curproxy->id, srv->id,
5899 methodVersions[hole].name);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005900 hole = 0;
5901 }
5902 max = i;
5903 }
5904 else {
5905 min = max = i;
5906 }
5907 }
5908 else {
5909 if (min)
5910 hole = i;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005911 }
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005912 if (!min) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005913 ha_alert("config : %s '%s': all SSL/TLS versions are disabled for server '%s'.\n",
5914 proxy_type_str(curproxy), curproxy->id, srv->id);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005915 cfgerr += 1;
5916 }
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005917
Willy Tarreau9a1ab082019-05-09 13:26:41 +02005918#if (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005919 /* Keep force-xxx implementation as it is in older haproxy. It's a
Joseph Herlant017b3da2018-11-15 09:07:59 -08005920 precautionary measure to avoid any surprise with older openssl version. */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005921 if (min == max)
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02005922 methodVersions[min].ctx_set_version(ctx, SET_CLIENT);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005923 else
5924 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
5925 if (flags & methodVersions[i].flag)
5926 options |= methodVersions[i].option;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005927#else /* openssl >= 1.1.0 */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005928 /* set the max_version is required to cap TLS version or activate new TLS (v1.3) */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02005929 methodVersions[min].ctx_set_version(ctx, SET_MIN);
5930 methodVersions[max].ctx_set_version(ctx, SET_MAX);
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005931#endif
5932
5933 if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLS_TICKETS)
5934 options |= SSL_OP_NO_TICKET;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005935 SSL_CTX_set_options(ctx, options);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00005936
Willy Tarreau5db847a2019-05-09 14:13:35 +02005937#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00005938 if (global_ssl.async)
5939 mode |= SSL_MODE_ASYNC;
5940#endif
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005941 SSL_CTX_set_mode(ctx, mode);
5942 srv->ssl_ctx.ctx = ctx;
5943
Emeric Bruna7aa3092012-10-26 12:58:00 +02005944 if (srv->ssl_ctx.client_crt) {
5945 if (SSL_CTX_use_PrivateKey_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt, SSL_FILETYPE_PEM) <= 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005946 ha_alert("config : %s '%s', server '%s': unable to load SSL private key from PEM file '%s'.\n",
5947 proxy_type_str(curproxy), curproxy->id,
5948 srv->id, srv->ssl_ctx.client_crt);
Emeric Bruna7aa3092012-10-26 12:58:00 +02005949 cfgerr++;
5950 }
5951 else if (SSL_CTX_use_certificate_chain_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt) <= 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005952 ha_alert("config : %s '%s', server '%s': unable to load ssl certificate from PEM file '%s'.\n",
5953 proxy_type_str(curproxy), curproxy->id,
5954 srv->id, srv->ssl_ctx.client_crt);
Emeric Bruna7aa3092012-10-26 12:58:00 +02005955 cfgerr++;
5956 }
5957 else if (SSL_CTX_check_private_key(srv->ssl_ctx.ctx) <= 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005958 ha_alert("config : %s '%s', server '%s': inconsistencies between private key and certificate loaded from PEM file '%s'.\n",
5959 proxy_type_str(curproxy), curproxy->id,
5960 srv->id, srv->ssl_ctx.client_crt);
Emeric Bruna7aa3092012-10-26 12:58:00 +02005961 cfgerr++;
5962 }
5963 }
Emeric Brun94324a42012-10-11 14:00:19 +02005964
Emeric Brun850efd52014-01-29 12:24:34 +01005965 if (global.ssl_server_verify == SSL_SERVER_VERIFY_REQUIRED)
5966 verify = SSL_VERIFY_PEER;
Emeric Brun850efd52014-01-29 12:24:34 +01005967 switch (srv->ssl_ctx.verify) {
5968 case SSL_SOCK_VERIFY_NONE:
5969 verify = SSL_VERIFY_NONE;
5970 break;
5971 case SSL_SOCK_VERIFY_REQUIRED:
5972 verify = SSL_VERIFY_PEER;
5973 break;
5974 }
Evan Broderbe554312013-06-27 00:05:25 -07005975 SSL_CTX_set_verify(srv->ssl_ctx.ctx,
Emeric Brun850efd52014-01-29 12:24:34 +01005976 verify,
Willy Tarreau2ab88672017-07-05 18:23:03 +02005977 (srv->ssl_ctx.verify_host || (verify & SSL_VERIFY_PEER)) ? ssl_sock_srv_verifycbk : NULL);
Emeric Brun850efd52014-01-29 12:24:34 +01005978 if (verify & SSL_VERIFY_PEER) {
Emeric Brunef42d922012-10-11 16:11:36 +02005979 if (srv->ssl_ctx.ca_file) {
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +02005980 /* set CAfile to verify */
5981 if (!ssl_set_verify_locations_file(srv->ssl_ctx.ctx, srv->ssl_ctx.ca_file)) {
5982 ha_alert("Proxy '%s', server '%s' [%s:%d] unable to set CA file '%s'.\n",
Christopher Faulet767a84b2017-11-24 16:50:31 +01005983 curproxy->id, srv->id,
5984 srv->conf.file, srv->conf.line, srv->ssl_ctx.ca_file);
Emeric Brunef42d922012-10-11 16:11:36 +02005985 cfgerr++;
5986 }
5987 }
Emeric Brun850efd52014-01-29 12:24:34 +01005988 else {
5989 if (global.ssl_server_verify == SSL_SERVER_VERIFY_REQUIRED)
Christopher Faulet767a84b2017-11-24 16:50:31 +01005990 ha_alert("Proxy '%s', server '%s' [%s:%d] verify is enabled by default but no CA file specified. If you're running on a LAN where you're certain to trust the server's certificate, please set an explicit 'verify none' statement on the 'server' line, or use 'ssl-server-verify none' in the global section to disable server-side verifications by default.\n",
5991 curproxy->id, srv->id,
5992 srv->conf.file, srv->conf.line);
Emeric Brun850efd52014-01-29 12:24:34 +01005993 else
Christopher Faulet767a84b2017-11-24 16:50:31 +01005994 ha_alert("Proxy '%s', server '%s' [%s:%d] verify is enabled but no CA file specified.\n",
5995 curproxy->id, srv->id,
5996 srv->conf.file, srv->conf.line);
Emeric Brun850efd52014-01-29 12:24:34 +01005997 cfgerr++;
5998 }
Emeric Brunef42d922012-10-11 16:11:36 +02005999#ifdef X509_V_FLAG_CRL_CHECK
6000 if (srv->ssl_ctx.crl_file) {
6001 X509_STORE *store = SSL_CTX_get_cert_store(srv->ssl_ctx.ctx);
6002
Emmanuel Hocdetb270e812019-11-21 19:09:31 +01006003 if (!ssl_set_cert_crl_file(store, srv->ssl_ctx.crl_file)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01006004 ha_alert("Proxy '%s', server '%s' [%s:%d] unable to configure CRL file '%s'.\n",
6005 curproxy->id, srv->id,
6006 srv->conf.file, srv->conf.line, srv->ssl_ctx.crl_file);
Emeric Brunef42d922012-10-11 16:11:36 +02006007 cfgerr++;
6008 }
6009 else {
6010 X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
6011 }
6012 }
6013#endif
6014 }
6015
Olivier Houchardbd84ac82017-11-03 13:43:35 +01006016 SSL_CTX_set_session_cache_mode(srv->ssl_ctx.ctx, SSL_SESS_CACHE_CLIENT |
6017 SSL_SESS_CACHE_NO_INTERNAL_STORE);
6018 SSL_CTX_sess_set_new_cb(srv->ssl_ctx.ctx, ssl_sess_new_srv_cb);
Emeric Brun94324a42012-10-11 14:00:19 +02006019 if (srv->ssl_ctx.ciphers &&
6020 !SSL_CTX_set_cipher_list(srv->ssl_ctx.ctx, srv->ssl_ctx.ciphers)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01006021 ha_alert("Proxy '%s', server '%s' [%s:%d] : unable to set SSL cipher list to '%s'.\n",
6022 curproxy->id, srv->id,
6023 srv->conf.file, srv->conf.line, srv->ssl_ctx.ciphers);
Emeric Brun94324a42012-10-11 14:00:19 +02006024 cfgerr++;
6025 }
Dirkjan Bussink415150f2018-09-14 11:14:21 +02006026
Emmanuel Hocdet839af572019-05-14 16:27:35 +02006027#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02006028 if (srv->ssl_ctx.ciphersuites &&
Pierre Cheynierbc34cd12019-03-21 16:15:47 +00006029 !SSL_CTX_set_ciphersuites(srv->ssl_ctx.ctx, srv->ssl_ctx.ciphersuites)) {
Dirkjan Bussink415150f2018-09-14 11:14:21 +02006030 ha_alert("Proxy '%s', server '%s' [%s:%d] : unable to set TLS 1.3 cipher suites to '%s'.\n",
6031 curproxy->id, srv->id,
6032 srv->conf.file, srv->conf.line, srv->ssl_ctx.ciphersuites);
6033 cfgerr++;
6034 }
6035#endif
Olivier Houchardc7566002018-11-20 23:33:50 +01006036#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
6037 if (srv->ssl_ctx.npn_str)
6038 SSL_CTX_set_next_proto_select_cb(ctx, ssl_sock_srv_select_protos, srv);
6039#endif
6040#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
6041 if (srv->ssl_ctx.alpn_str)
6042 SSL_CTX_set_alpn_protos(ctx, (unsigned char *)srv->ssl_ctx.alpn_str, srv->ssl_ctx.alpn_len);
6043#endif
6044
Emeric Brun94324a42012-10-11 14:00:19 +02006045
6046 return cfgerr;
6047}
6048
Willy Tarreau2a65ff02012-09-13 17:54:29 +02006049/* Walks down the two trees in bind_conf and prepares all certs. The pointer may
Emeric Brunfc0421f2012-09-07 17:30:07 +02006050 * be NULL, in which case nothing is done. Returns the number of errors
6051 * encountered.
6052 */
Willy Tarreau03209342016-12-22 17:08:28 +01006053int ssl_sock_prepare_all_ctx(struct bind_conf *bind_conf)
Emeric Brunfc0421f2012-09-07 17:30:07 +02006054{
6055 struct ebmb_node *node;
6056 struct sni_ctx *sni;
6057 int err = 0;
William Lallemand8b453912019-11-21 15:48:10 +01006058 int errcode = 0;
6059 char *errmsg = NULL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02006060
Willy Tarreaufce03112015-01-15 21:32:40 +01006061 /* Automatic memory computations need to know we use SSL there */
6062 global.ssl_used_frontend = 1;
6063
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01006064 /* Make sure openssl opens /dev/urandom before the chroot */
6065 if (!ssl_initialize_random()) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01006066 ha_alert("OpenSSL random data generator initialization failed.\n");
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01006067 err++;
6068 }
6069 /* Create initial_ctx used to start the ssl connection before do switchctx */
6070 if (!bind_conf->initial_ctx) {
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02006071 err += ssl_sock_initial_ctx(bind_conf);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01006072 /* It should not be necessary to call this function, but it's
6073 necessary first to check and move all initialisation related
6074 to initial_ctx in ssl_sock_initial_ctx. */
William Lallemand8b453912019-11-21 15:48:10 +01006075 errcode |= ssl_sock_prepare_ctx(bind_conf, NULL, bind_conf->initial_ctx, &errmsg);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01006076 }
Emeric Brun0bed9942014-10-30 19:25:24 +01006077 if (bind_conf->default_ctx)
William Lallemand8b453912019-11-21 15:48:10 +01006078 errcode |= ssl_sock_prepare_ctx(bind_conf, bind_conf->default_ssl_conf, bind_conf->default_ctx, &errmsg);
Emeric Brun0bed9942014-10-30 19:25:24 +01006079
Willy Tarreau2a65ff02012-09-13 17:54:29 +02006080 node = ebmb_first(&bind_conf->sni_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02006081 while (node) {
6082 sni = ebmb_entry(node, struct sni_ctx, name);
Emeric Brun0bed9942014-10-30 19:25:24 +01006083 if (!sni->order && sni->ctx != bind_conf->default_ctx)
6084 /* only initialize the CTX on its first occurrence and
6085 if it is not the default_ctx */
William Lallemand8b453912019-11-21 15:48:10 +01006086 errcode |= ssl_sock_prepare_ctx(bind_conf, sni->conf, sni->ctx, &errmsg);
Emeric Brunfc0421f2012-09-07 17:30:07 +02006087 node = ebmb_next(node);
6088 }
6089
Willy Tarreau2a65ff02012-09-13 17:54:29 +02006090 node = ebmb_first(&bind_conf->sni_w_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02006091 while (node) {
6092 sni = ebmb_entry(node, struct sni_ctx, name);
William Lallemand8b453912019-11-21 15:48:10 +01006093 if (!sni->order && sni->ctx != bind_conf->default_ctx) {
Emeric Brun0bed9942014-10-30 19:25:24 +01006094 /* only initialize the CTX on its first occurrence and
6095 if it is not the default_ctx */
William Lallemand8b453912019-11-21 15:48:10 +01006096 errcode |= ssl_sock_prepare_ctx(bind_conf, sni->conf, sni->ctx, &errmsg);
6097 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02006098 node = ebmb_next(node);
6099 }
William Lallemand8b453912019-11-21 15:48:10 +01006100
6101 if (errcode & ERR_WARN) {
Tim Duesterhusc0e820c2019-11-23 23:52:30 +01006102 ha_warning("%s", errmsg);
William Lallemand8b453912019-11-21 15:48:10 +01006103 } else if (errcode & ERR_CODE) {
Tim Duesterhusc0e820c2019-11-23 23:52:30 +01006104 ha_alert("%s", errmsg);
William Lallemand8b453912019-11-21 15:48:10 +01006105 err++;
6106 }
6107
6108 free(errmsg);
Emeric Brunfc0421f2012-09-07 17:30:07 +02006109 return err;
6110}
6111
Willy Tarreau55d37912016-12-21 23:38:39 +01006112/* Prepares all the contexts for a bind_conf and allocates the shared SSL
6113 * context if needed. Returns < 0 on error, 0 on success. The warnings and
6114 * alerts are directly emitted since the rest of the stack does it below.
6115 */
6116int ssl_sock_prepare_bind_conf(struct bind_conf *bind_conf)
6117{
6118 struct proxy *px = bind_conf->frontend;
6119 int alloc_ctx;
6120 int err;
6121
6122 if (!bind_conf->is_ssl) {
6123 if (bind_conf->default_ctx) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01006124 ha_warning("Proxy '%s': A certificate was specified but SSL was not enabled on bind '%s' at [%s:%d] (use 'ssl').\n",
6125 px->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Willy Tarreau55d37912016-12-21 23:38:39 +01006126 }
6127 return 0;
6128 }
6129 if (!bind_conf->default_ctx) {
Emmanuel Hocdetaa0d6372017-08-09 11:24:25 +02006130 if (bind_conf->strict_sni && !bind_conf->generate_certs) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01006131 ha_warning("Proxy '%s': no SSL certificate specified for bind '%s' at [%s:%d], ssl connections will fail (use 'crt').\n",
6132 px->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetaa0d6372017-08-09 11:24:25 +02006133 }
6134 else {
Christopher Faulet767a84b2017-11-24 16:50:31 +01006135 ha_alert("Proxy '%s': no SSL certificate specified for bind '%s' at [%s:%d] (use 'crt').\n",
6136 px->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetaa0d6372017-08-09 11:24:25 +02006137 return -1;
6138 }
Willy Tarreau55d37912016-12-21 23:38:39 +01006139 }
William Lallemandc61c0b32017-12-04 18:46:39 +01006140 if (!ssl_shctx && global.tune.sslcachesize) {
William Lallemandc3cd35f2017-11-28 11:04:43 +01006141 alloc_ctx = shctx_init(&ssl_shctx, global.tune.sslcachesize,
Frédéric Lécailleb7838af2018-10-22 16:21:39 +02006142 sizeof(struct sh_ssl_sess_hdr) + SHSESS_BLOCK_MIN_SIZE, -1,
William Lallemandc3cd35f2017-11-28 11:04:43 +01006143 sizeof(*sh_ssl_sess_tree),
6144 ((global.nbthread > 1) || (!global_ssl.private_cache && (global.nbproc > 1))) ? 1 : 0);
Frédéric Lécaille4c8aa112018-10-25 20:22:46 +02006145 if (alloc_ctx <= 0) {
William Lallemandc3cd35f2017-11-28 11:04:43 +01006146 if (alloc_ctx == SHCTX_E_INIT_LOCK)
6147 ha_alert("Unable to initialize the lock for the shared SSL session cache. You can retry using the global statement 'tune.ssl.force-private-cache' but it could increase CPU usage due to renegotiations if nbproc > 1.\n");
6148 else
6149 ha_alert("Unable to allocate SSL session cache.\n");
6150 return -1;
6151 }
6152 /* free block callback */
6153 ssl_shctx->free_block = sh_ssl_sess_free_blocks;
6154 /* init the root tree within the extra space */
6155 sh_ssl_sess_tree = (void *)ssl_shctx + sizeof(struct shared_context);
6156 *sh_ssl_sess_tree = EB_ROOT_UNIQUE;
Willy Tarreau55d37912016-12-21 23:38:39 +01006157 }
Willy Tarreau55d37912016-12-21 23:38:39 +01006158 err = 0;
6159 /* initialize all certificate contexts */
6160 err += ssl_sock_prepare_all_ctx(bind_conf);
6161
6162 /* initialize CA variables if the certificates generation is enabled */
6163 err += ssl_sock_load_ca(bind_conf);
6164
6165 return -err;
6166}
Christopher Faulet77fe80c2015-07-29 13:02:40 +02006167
6168/* release ssl context allocated for servers. */
6169void ssl_sock_free_srv_ctx(struct server *srv)
6170{
Olivier Houchardc7566002018-11-20 23:33:50 +01006171#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
6172 if (srv->ssl_ctx.alpn_str)
6173 free(srv->ssl_ctx.alpn_str);
6174#endif
Lukas Tribusda95fd92018-11-25 13:21:27 +01006175#ifdef OPENSSL_NPN_NEGOTIATED
Olivier Houchardc7566002018-11-20 23:33:50 +01006176 if (srv->ssl_ctx.npn_str)
6177 free(srv->ssl_ctx.npn_str);
Lukas Tribus7706b852018-11-26 22:57:17 +01006178#endif
Christopher Faulet77fe80c2015-07-29 13:02:40 +02006179 if (srv->ssl_ctx.ctx)
6180 SSL_CTX_free(srv->ssl_ctx.ctx);
6181}
6182
Willy Tarreau2a65ff02012-09-13 17:54:29 +02006183/* Walks down the two trees in bind_conf and frees all the certs. The pointer may
Emeric Brunfc0421f2012-09-07 17:30:07 +02006184 * be NULL, in which case nothing is done. The default_ctx is nullified too.
6185 */
Willy Tarreau2a65ff02012-09-13 17:54:29 +02006186void ssl_sock_free_all_ctx(struct bind_conf *bind_conf)
Emeric Brunfc0421f2012-09-07 17:30:07 +02006187{
6188 struct ebmb_node *node, *back;
6189 struct sni_ctx *sni;
6190
Willy Tarreau2a65ff02012-09-13 17:54:29 +02006191 node = ebmb_first(&bind_conf->sni_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02006192 while (node) {
6193 sni = ebmb_entry(node, struct sni_ctx, name);
6194 back = ebmb_next(node);
6195 ebmb_delete(node);
William Lallemand02e19a52020-04-08 16:11:26 +02006196 SSL_CTX_free(sni->ctx);
6197 if (!sni->order) { /* only free the CTX conf on its first occurrence */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01006198 ssl_sock_free_ssl_conf(sni->conf);
6199 free(sni->conf);
6200 sni->conf = NULL;
6201 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02006202 free(sni);
6203 node = back;
6204 }
6205
Willy Tarreau2a65ff02012-09-13 17:54:29 +02006206 node = ebmb_first(&bind_conf->sni_w_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02006207 while (node) {
6208 sni = ebmb_entry(node, struct sni_ctx, name);
6209 back = ebmb_next(node);
6210 ebmb_delete(node);
William Lallemand02e19a52020-04-08 16:11:26 +02006211 SSL_CTX_free(sni->ctx);
6212 if (!sni->order) { /* only free the SSL conf its first occurrence */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01006213 ssl_sock_free_ssl_conf(sni->conf);
6214 free(sni->conf);
6215 sni->conf = NULL;
6216 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02006217 free(sni);
6218 node = back;
6219 }
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01006220 SSL_CTX_free(bind_conf->initial_ctx);
6221 bind_conf->initial_ctx = NULL;
William Lallemand02e19a52020-04-08 16:11:26 +02006222 SSL_CTX_free(bind_conf->default_ctx);
Willy Tarreau2a65ff02012-09-13 17:54:29 +02006223 bind_conf->default_ctx = NULL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01006224 bind_conf->default_ssl_conf = NULL;
Emeric Brune1f38db2012-09-03 20:36:47 +02006225}
6226
Willy Tarreau795cdab2016-12-22 17:30:54 +01006227/* Destroys all the contexts for a bind_conf. This is used during deinit(). */
6228void ssl_sock_destroy_bind_conf(struct bind_conf *bind_conf)
6229{
6230 ssl_sock_free_ca(bind_conf);
6231 ssl_sock_free_all_ctx(bind_conf);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01006232 ssl_sock_free_ssl_conf(&bind_conf->ssl_conf);
Willy Tarreau795cdab2016-12-22 17:30:54 +01006233 free(bind_conf->ca_sign_file);
6234 free(bind_conf->ca_sign_pass);
Willy Tarreau17b4aa12018-07-17 10:05:32 +02006235 if (bind_conf->keys_ref && !--bind_conf->keys_ref->refcount) {
Willy Tarreau795cdab2016-12-22 17:30:54 +01006236 free(bind_conf->keys_ref->filename);
6237 free(bind_conf->keys_ref->tlskeys);
6238 LIST_DEL(&bind_conf->keys_ref->list);
6239 free(bind_conf->keys_ref);
6240 }
6241 bind_conf->keys_ref = NULL;
Willy Tarreau795cdab2016-12-22 17:30:54 +01006242 bind_conf->ca_sign_pass = NULL;
6243 bind_conf->ca_sign_file = NULL;
Willy Tarreau795cdab2016-12-22 17:30:54 +01006244}
6245
Christopher Faulet31af49d2015-06-09 17:29:50 +02006246/* Load CA cert file and private key used to generate certificates */
6247int
Willy Tarreau03209342016-12-22 17:08:28 +01006248ssl_sock_load_ca(struct bind_conf *bind_conf)
Christopher Faulet31af49d2015-06-09 17:29:50 +02006249{
Willy Tarreau03209342016-12-22 17:08:28 +01006250 struct proxy *px = bind_conf->frontend;
Christopher Faulet31af49d2015-06-09 17:29:50 +02006251 FILE *fp;
6252 X509 *cacert = NULL;
6253 EVP_PKEY *capkey = NULL;
6254 int err = 0;
6255
Christopher Fauletf8bb0ce2017-09-15 09:52:49 +02006256 if (!bind_conf->generate_certs)
Christopher Faulet31af49d2015-06-09 17:29:50 +02006257 return err;
6258
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006259#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Emeric Brun821bb9b2017-06-15 16:37:39 +02006260 if (global_ssl.ctx_cache) {
Willy Tarreauef934602016-12-22 23:12:01 +01006261 ssl_ctx_lru_tree = lru64_new(global_ssl.ctx_cache);
Emeric Brun821bb9b2017-06-15 16:37:39 +02006262 }
Christopher Fauletd2cab922015-07-28 16:03:47 +02006263 ssl_ctx_lru_seed = (unsigned int)time(NULL);
Emeric Brun821bb9b2017-06-15 16:37:39 +02006264 ssl_ctx_serial = now_ms;
Willy Tarreaua84c2672015-10-09 12:10:13 +02006265#endif
Christopher Fauletd2cab922015-07-28 16:03:47 +02006266
Christopher Faulet31af49d2015-06-09 17:29:50 +02006267 if (!bind_conf->ca_sign_file) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01006268 ha_alert("Proxy '%s': cannot enable certificate generation, "
6269 "no CA certificate File configured at [%s:%d].\n",
6270 px->id, bind_conf->file, bind_conf->line);
Christopher Faulet31af49d2015-06-09 17:29:50 +02006271 goto load_error;
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02006272 }
Christopher Faulet31af49d2015-06-09 17:29:50 +02006273
6274 /* read in the CA certificate */
6275 if (!(fp = fopen(bind_conf->ca_sign_file, "r"))) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01006276 ha_alert("Proxy '%s': Failed to read CA certificate file '%s' at [%s:%d].\n",
6277 px->id, bind_conf->ca_sign_file, bind_conf->file, bind_conf->line);
Christopher Faulet31af49d2015-06-09 17:29:50 +02006278 goto load_error;
6279 }
6280 if (!(cacert = PEM_read_X509(fp, NULL, NULL, NULL))) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01006281 ha_alert("Proxy '%s': Failed to read CA certificate file '%s' at [%s:%d].\n",
6282 px->id, bind_conf->ca_sign_file, bind_conf->file, bind_conf->line);
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02006283 goto read_error;
Christopher Faulet31af49d2015-06-09 17:29:50 +02006284 }
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02006285 rewind(fp);
Christopher Faulet31af49d2015-06-09 17:29:50 +02006286 if (!(capkey = PEM_read_PrivateKey(fp, NULL, NULL, bind_conf->ca_sign_pass))) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01006287 ha_alert("Proxy '%s': Failed to read CA private key file '%s' at [%s:%d].\n",
6288 px->id, bind_conf->ca_sign_file, bind_conf->file, bind_conf->line);
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02006289 goto read_error;
Christopher Faulet31af49d2015-06-09 17:29:50 +02006290 }
Christopher Faulet31af49d2015-06-09 17:29:50 +02006291
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02006292 fclose (fp);
Christopher Faulet31af49d2015-06-09 17:29:50 +02006293 bind_conf->ca_sign_cert = cacert;
6294 bind_conf->ca_sign_pkey = capkey;
6295 return err;
6296
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02006297 read_error:
6298 fclose (fp);
Christopher Faulet31af49d2015-06-09 17:29:50 +02006299 if (capkey) EVP_PKEY_free(capkey);
6300 if (cacert) X509_free(cacert);
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02006301 load_error:
6302 bind_conf->generate_certs = 0;
6303 err++;
Christopher Faulet31af49d2015-06-09 17:29:50 +02006304 return err;
6305}
6306
6307/* Release CA cert and private key used to generate certificated */
6308void
6309ssl_sock_free_ca(struct bind_conf *bind_conf)
6310{
Christopher Faulet31af49d2015-06-09 17:29:50 +02006311 if (bind_conf->ca_sign_pkey)
6312 EVP_PKEY_free(bind_conf->ca_sign_pkey);
6313 if (bind_conf->ca_sign_cert)
6314 X509_free(bind_conf->ca_sign_cert);
Willy Tarreau94ff03a2016-12-22 17:57:46 +01006315 bind_conf->ca_sign_pkey = NULL;
6316 bind_conf->ca_sign_cert = NULL;
Christopher Faulet31af49d2015-06-09 17:29:50 +02006317}
6318
Emeric Brun46591952012-05-18 15:47:34 +02006319/*
6320 * This function is called if SSL * context is not yet allocated. The function
6321 * is designed to be called before any other data-layer operation and sets the
6322 * handshake flag on the connection. It is safe to call it multiple times.
6323 * It returns 0 on success and -1 in error case.
6324 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006325static int ssl_sock_init(struct connection *conn, void **xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +02006326{
Olivier Houchard66ab4982019-02-26 18:37:15 +01006327 struct ssl_sock_ctx *ctx;
Emeric Brun46591952012-05-18 15:47:34 +02006328 /* already initialized */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006329 if (*xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +02006330 return 0;
6331
Willy Tarreau3c728722014-01-23 13:50:42 +01006332 if (!conn_ctrl_ready(conn))
Willy Tarreauf79c8172013-10-21 16:30:56 +02006333 return 0;
6334
Olivier Houchard66ab4982019-02-26 18:37:15 +01006335 ctx = pool_alloc(ssl_sock_ctx_pool);
6336 if (!ctx) {
6337 conn->err_code = CO_ER_SSL_NO_MEM;
6338 return -1;
6339 }
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006340 ctx->wait_event.tasklet = tasklet_new();
6341 if (!ctx->wait_event.tasklet) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006342 conn->err_code = CO_ER_SSL_NO_MEM;
6343 pool_free(ssl_sock_ctx_pool, ctx);
6344 return -1;
6345 }
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006346 ctx->wait_event.tasklet->process = ssl_sock_io_cb;
6347 ctx->wait_event.tasklet->context = ctx;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006348 ctx->wait_event.events = 0;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006349 ctx->sent_early_data = 0;
Olivier Houchard54907bb2019-12-19 15:02:39 +01006350 ctx->early_buf = BUF_NULL;
Olivier Houcharda8955d52019-04-07 22:00:38 +02006351 ctx->conn = conn;
Willy Tarreau113d52b2020-01-10 09:20:26 +01006352 ctx->subs = NULL;
Emeric Brun5762a0d2019-09-06 15:36:02 +02006353 ctx->xprt_st = 0;
6354 ctx->xprt_ctx = NULL;
Olivier Houcharda8955d52019-04-07 22:00:38 +02006355
6356 /* Only work with sockets for now, this should be adapted when we'll
6357 * add QUIC support.
6358 */
6359 ctx->xprt = xprt_get(XPRT_RAW);
Olivier Houchard19afb272019-05-23 18:24:07 +02006360 if (ctx->xprt->init) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006361 if (ctx->xprt->init(conn, &ctx->xprt_ctx) != 0)
6362 goto err;
Olivier Houchard19afb272019-05-23 18:24:07 +02006363 }
Olivier Houchard66ab4982019-02-26 18:37:15 +01006364
Willy Tarreau20879a02012-12-03 16:32:10 +01006365 if (global.maxsslconn && sslconns >= global.maxsslconn) {
6366 conn->err_code = CO_ER_SSL_TOO_MANY;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006367 goto err;
Willy Tarreau20879a02012-12-03 16:32:10 +01006368 }
Willy Tarreau403edff2012-09-06 11:58:37 +02006369
Emeric Brun46591952012-05-18 15:47:34 +02006370 /* If it is in client mode initiate SSL session
6371 in connect state otherwise accept state */
Willy Tarreau3fdb3662012-11-12 00:42:33 +01006372 if (objt_server(conn->target)) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006373 int may_retry = 1;
6374
6375 retry_connect:
Emeric Brun46591952012-05-18 15:47:34 +02006376 /* Alloc a new SSL session ctx */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006377 ctx->ssl = SSL_new(__objt_server(conn->target)->ssl_ctx.ctx);
6378 if (!ctx->ssl) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006379 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006380 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006381 goto retry_connect;
6382 }
Willy Tarreau20879a02012-12-03 16:32:10 +01006383 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006384 goto err;
Willy Tarreau20879a02012-12-03 16:32:10 +01006385 }
Olivier Houcharda8955d52019-04-07 22:00:38 +02006386 ctx->bio = BIO_new(ha_meth);
6387 if (!ctx->bio) {
Olivier Houchardefe5e8e2020-01-24 15:17:38 +01006388 SSL_free(ctx->ssl);
6389 ctx->ssl = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006390 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006391 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006392 goto retry_connect;
6393 }
Emeric Brun55476152014-11-12 17:35:37 +01006394 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006395 goto err;
Emeric Brun55476152014-11-12 17:35:37 +01006396 }
Olivier Houcharda8955d52019-04-07 22:00:38 +02006397 BIO_set_data(ctx->bio, ctx);
Olivier Houcharda8955d52019-04-07 22:00:38 +02006398 SSL_set_bio(ctx->ssl, ctx->bio, ctx->bio);
Emeric Brun46591952012-05-18 15:47:34 +02006399
Evan Broderbe554312013-06-27 00:05:25 -07006400 /* set connection pointer */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006401 if (!SSL_set_ex_data(ctx->ssl, ssl_app_data_index, conn)) {
6402 SSL_free(ctx->ssl);
6403 ctx->ssl = NULL;
Emeric Brun55476152014-11-12 17:35:37 +01006404 conn->xprt_ctx = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006405 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006406 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006407 goto retry_connect;
6408 }
Emeric Brun55476152014-11-12 17:35:37 +01006409 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006410 goto err;
Emeric Brun55476152014-11-12 17:35:37 +01006411 }
6412
Olivier Houchard66ab4982019-02-26 18:37:15 +01006413 SSL_set_connect_state(ctx->ssl);
Willy Tarreau07d94e42018-09-20 10:57:52 +02006414 if (__objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr) {
6415 const unsigned char *ptr = __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr;
6416 SSL_SESSION *sess = d2i_SSL_SESSION(NULL, &ptr, __objt_server(conn->target)->ssl_ctx.reused_sess[tid].size);
Olivier Houchard66ab4982019-02-26 18:37:15 +01006417 if (sess && !SSL_set_session(ctx->ssl, sess)) {
Olivier Houcharde6060c52017-11-16 17:42:52 +01006418 SSL_SESSION_free(sess);
Willy Tarreau07d94e42018-09-20 10:57:52 +02006419 free(__objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr);
6420 __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr = NULL;
Olivier Houcharde6060c52017-11-16 17:42:52 +01006421 } else if (sess) {
6422 SSL_SESSION_free(sess);
Emeric Brun55476152014-11-12 17:35:37 +01006423 }
6424 }
Evan Broderbe554312013-06-27 00:05:25 -07006425
Emeric Brun46591952012-05-18 15:47:34 +02006426 /* leave init state and start handshake */
Willy Tarreau05737472012-09-04 08:03:39 +02006427 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Willy Tarreau403edff2012-09-06 11:58:37 +02006428
Olivier Houchard2be5a4c2019-03-08 18:54:43 +01006429 _HA_ATOMIC_ADD(&sslconns, 1);
6430 _HA_ATOMIC_ADD(&totalsslconns, 1);
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006431 *xprt_ctx = ctx;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006432 /* Start the handshake */
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006433 tasklet_wakeup(ctx->wait_event.tasklet);
Emeric Brun46591952012-05-18 15:47:34 +02006434 return 0;
6435 }
Willy Tarreau3fdb3662012-11-12 00:42:33 +01006436 else if (objt_listener(conn->target)) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006437 int may_retry = 1;
6438
6439 retry_accept:
Emeric Brun46591952012-05-18 15:47:34 +02006440 /* Alloc a new SSL session ctx */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006441 ctx->ssl = SSL_new(__objt_listener(conn->target)->bind_conf->initial_ctx);
6442 if (!ctx->ssl) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006443 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006444 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006445 goto retry_accept;
6446 }
Willy Tarreau20879a02012-12-03 16:32:10 +01006447 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006448 goto err;
Willy Tarreau20879a02012-12-03 16:32:10 +01006449 }
Olivier Houcharda8955d52019-04-07 22:00:38 +02006450 ctx->bio = BIO_new(ha_meth);
6451 if (!ctx->bio) {
Olivier Houchardefe5e8e2020-01-24 15:17:38 +01006452 SSL_free(ctx->ssl);
6453 ctx->ssl = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006454 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006455 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006456 goto retry_accept;
6457 }
Emeric Brun55476152014-11-12 17:35:37 +01006458 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006459 goto err;
Emeric Brun55476152014-11-12 17:35:37 +01006460 }
Olivier Houcharda8955d52019-04-07 22:00:38 +02006461 BIO_set_data(ctx->bio, ctx);
Olivier Houcharda8955d52019-04-07 22:00:38 +02006462 SSL_set_bio(ctx->ssl, ctx->bio, ctx->bio);
Emeric Brun46591952012-05-18 15:47:34 +02006463
Emeric Brune1f38db2012-09-03 20:36:47 +02006464 /* set connection pointer */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006465 if (!SSL_set_ex_data(ctx->ssl, ssl_app_data_index, conn)) {
6466 SSL_free(ctx->ssl);
6467 ctx->ssl = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006468 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006469 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006470 goto retry_accept;
6471 }
Emeric Brun55476152014-11-12 17:35:37 +01006472 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006473 goto err;
Emeric Brun55476152014-11-12 17:35:37 +01006474 }
6475
Frédéric Lécaille3139c1b2020-01-24 14:56:18 +01006476#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
6477 if (__objt_listener(conn->target)->bind_conf->ssl_conf.early_data) {
6478 b_alloc(&ctx->early_buf);
6479 SSL_set_max_early_data(ctx->ssl,
6480 /* Only allow early data if we managed to allocate
6481 * a buffer.
6482 */
6483 (!b_is_null(&ctx->early_buf)) ?
6484 global.tune.bufsize - global.tune.maxrewrite : 0);
6485 }
6486#endif
6487
Olivier Houchard66ab4982019-02-26 18:37:15 +01006488 SSL_set_accept_state(ctx->ssl);
Emeric Brune1f38db2012-09-03 20:36:47 +02006489
Emeric Brun46591952012-05-18 15:47:34 +02006490 /* leave init state and start handshake */
Willy Tarreau05737472012-09-04 08:03:39 +02006491 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Emmanuel Hocdetf967c312019-08-05 18:04:16 +02006492#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchardc2aae742017-09-22 18:26:28 +02006493 conn->flags |= CO_FL_EARLY_SSL_HS;
6494#endif
Willy Tarreau403edff2012-09-06 11:58:37 +02006495
Olivier Houchard2be5a4c2019-03-08 18:54:43 +01006496 _HA_ATOMIC_ADD(&sslconns, 1);
6497 _HA_ATOMIC_ADD(&totalsslconns, 1);
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006498 *xprt_ctx = ctx;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006499 /* Start the handshake */
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006500 tasklet_wakeup(ctx->wait_event.tasklet);
Emeric Brun46591952012-05-18 15:47:34 +02006501 return 0;
6502 }
6503 /* don't know how to handle such a target */
Willy Tarreau20879a02012-12-03 16:32:10 +01006504 conn->err_code = CO_ER_SSL_NO_TARGET;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006505err:
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006506 if (ctx && ctx->wait_event.tasklet)
6507 tasklet_free(ctx->wait_event.tasklet);
Olivier Houchard66ab4982019-02-26 18:37:15 +01006508 pool_free(ssl_sock_ctx_pool, ctx);
Emeric Brun46591952012-05-18 15:47:34 +02006509 return -1;
6510}
6511
6512
6513/* This is the callback which is used when an SSL handshake is pending. It
6514 * updates the FD status if it wants some polling before being called again.
6515 * It returns 0 if it fails in a fatal way or needs to poll to go further,
6516 * otherwise it returns non-zero and removes itself from the connection's
6517 * flags (the bit is provided in <flag> by the caller).
6518 */
Olivier Houchard000694c2019-05-23 14:45:12 +02006519static int ssl_sock_handshake(struct connection *conn, unsigned int flag)
Emeric Brun46591952012-05-18 15:47:34 +02006520{
Olivier Houchard66ab4982019-02-26 18:37:15 +01006521 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Emeric Brun46591952012-05-18 15:47:34 +02006522 int ret;
6523
Willy Tarreau3c728722014-01-23 13:50:42 +01006524 if (!conn_ctrl_ready(conn))
Willy Tarreauf79c8172013-10-21 16:30:56 +02006525 return 0;
6526
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02006527 if (!conn->xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +02006528 goto out_error;
6529
Willy Tarreau5db847a2019-05-09 14:13:35 +02006530#if HA_OPENSSL_VERSION_NUMBER >= 0x10101000L
Olivier Houchardc2aae742017-09-22 18:26:28 +02006531 /*
6532 * Check if we have early data. If we do, we have to read them
6533 * before SSL_do_handshake() is called, And there's no way to
6534 * detect early data, except to try to read them
6535 */
6536 if (conn->flags & CO_FL_EARLY_SSL_HS) {
Olivier Houchard54907bb2019-12-19 15:02:39 +01006537 size_t read_data = 0;
Olivier Houchardc2aae742017-09-22 18:26:28 +02006538
Olivier Houchard54907bb2019-12-19 15:02:39 +01006539 while (1) {
6540 ret = SSL_read_early_data(ctx->ssl,
6541 b_tail(&ctx->early_buf), b_room(&ctx->early_buf),
6542 &read_data);
6543 if (ret == SSL_READ_EARLY_DATA_ERROR)
6544 goto check_error;
6545 if (read_data > 0) {
6546 conn->flags |= CO_FL_EARLY_DATA;
6547 b_add(&ctx->early_buf, read_data);
6548 }
6549 if (ret == SSL_READ_EARLY_DATA_FINISH) {
6550 conn->flags &= ~CO_FL_EARLY_SSL_HS;
6551 if (!b_data(&ctx->early_buf))
6552 b_free(&ctx->early_buf);
6553 break;
6554 }
6555 }
Olivier Houchardc2aae742017-09-22 18:26:28 +02006556 }
6557#endif
Emeric Brun674b7432012-11-08 19:21:55 +01006558 /* If we use SSL_do_handshake to process a reneg initiated by
6559 * the remote peer, it sometimes returns SSL_ERROR_SSL.
6560 * Usually SSL_write and SSL_read are used and process implicitly
6561 * the reneg handshake.
6562 * Here we use SSL_peek as a workaround for reneg.
6563 */
Willy Tarreauc192b0a2020-01-23 09:11:58 +01006564 if (!(conn->flags & CO_FL_WAIT_L6_CONN) && SSL_renegotiate_pending(ctx->ssl)) {
Emeric Brun674b7432012-11-08 19:21:55 +01006565 char c;
6566
Olivier Houchard66ab4982019-02-26 18:37:15 +01006567 ret = SSL_peek(ctx->ssl, &c, 1);
Emeric Brun674b7432012-11-08 19:21:55 +01006568 if (ret <= 0) {
6569 /* handshake may have not been completed, let's find why */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006570 ret = SSL_get_error(ctx->ssl, ret);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006571
Emeric Brun674b7432012-11-08 19:21:55 +01006572 if (ret == SSL_ERROR_WANT_WRITE) {
6573 /* SSL handshake needs to write, L4 connection may not be ready */
Olivier Houchard03abf2d2019-05-28 10:12:02 +02006574 if (!(ctx->wait_event.events & SUB_RETRY_SEND))
Olivier Houchardea8dd942019-05-20 14:02:16 +02006575 ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_SEND, &ctx->wait_event);
Emeric Brun674b7432012-11-08 19:21:55 +01006576 return 0;
6577 }
6578 else if (ret == SSL_ERROR_WANT_READ) {
6579 /* handshake may have been completed but we have
6580 * no more data to read.
6581 */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006582 if (!SSL_renegotiate_pending(ctx->ssl)) {
Emeric Brun674b7432012-11-08 19:21:55 +01006583 ret = 1;
6584 goto reneg_ok;
6585 }
6586 /* SSL handshake needs to read, L4 connection is ready */
Olivier Houchard03abf2d2019-05-28 10:12:02 +02006587 if (!(ctx->wait_event.events & SUB_RETRY_RECV))
Olivier Houchardea8dd942019-05-20 14:02:16 +02006588 ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_RECV, &ctx->wait_event);
Emeric Brun674b7432012-11-08 19:21:55 +01006589 return 0;
6590 }
Willy Tarreau5db847a2019-05-09 14:13:35 +02006591#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006592 else if (ret == SSL_ERROR_WANT_ASYNC) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006593 ssl_async_process_fds(ctx);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006594 return 0;
6595 }
6596#endif
Emeric Brun674b7432012-11-08 19:21:55 +01006597 else if (ret == SSL_ERROR_SYSCALL) {
6598 /* if errno is null, then connection was successfully established */
6599 if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
6600 conn->flags &= ~CO_FL_WAIT_L4_CONN;
Willy Tarreau20879a02012-12-03 16:32:10 +01006601 if (!conn->err_code) {
Lukas Tribus49799162019-07-08 14:29:15 +02006602#if defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER)
6603 /* do not handle empty handshakes in BoringSSL or LibreSSL */
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006604 conn->err_code = CO_ER_SSL_HANDSHAKE;
6605#else
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006606 int empty_handshake;
Willy Tarreau5db847a2019-05-09 14:13:35 +02006607#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL)
Lukas Tribus49799162019-07-08 14:29:15 +02006608 /* use SSL_get_state() in OpenSSL >= 1.1.0; SSL_state() is broken */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006609 OSSL_HANDSHAKE_STATE state = SSL_get_state((SSL *)ctx->ssl);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006610 empty_handshake = state == TLS_ST_BEFORE;
6611#else
Lukas Tribus49799162019-07-08 14:29:15 +02006612 /* access packet_length directly in OpenSSL <= 1.0.2; SSL_state() is broken */
6613 empty_handshake = !ctx->ssl->packet_length;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006614#endif
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006615 if (empty_handshake) {
Emeric Brun29f037d2014-04-25 19:05:36 +02006616 if (!errno) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006617 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +02006618 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
6619 else
6620 conn->err_code = CO_ER_SSL_EMPTY;
6621 }
6622 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006623 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +02006624 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
6625 else
6626 conn->err_code = CO_ER_SSL_ABORT;
6627 }
6628 }
6629 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006630 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +02006631 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
Willy Tarreau20879a02012-12-03 16:32:10 +01006632 else
Emeric Brun29f037d2014-04-25 19:05:36 +02006633 conn->err_code = CO_ER_SSL_HANDSHAKE;
6634 }
Lukas Tribus49799162019-07-08 14:29:15 +02006635#endif /* BoringSSL or LibreSSL */
Willy Tarreau20879a02012-12-03 16:32:10 +01006636 }
Emeric Brun674b7432012-11-08 19:21:55 +01006637 goto out_error;
6638 }
6639 else {
6640 /* Fail on all other handshake errors */
6641 /* Note: OpenSSL may leave unread bytes in the socket's
6642 * buffer, causing an RST to be emitted upon close() on
6643 * TCP sockets. We first try to drain possibly pending
6644 * data to avoid this as much as possible.
6645 */
Willy Tarreaud85c4852015-03-13 00:40:28 +01006646 conn_sock_drain(conn);
Willy Tarreau20879a02012-12-03 16:32:10 +01006647 if (!conn->err_code)
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006648 conn->err_code = (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT) ?
Willy Tarreauf51c6982014-04-25 20:02:39 +02006649 CO_ER_SSL_KILLED_HB : CO_ER_SSL_HANDSHAKE;
Emeric Brun674b7432012-11-08 19:21:55 +01006650 goto out_error;
6651 }
6652 }
6653 /* read some data: consider handshake completed */
6654 goto reneg_ok;
6655 }
Olivier Houchard66ab4982019-02-26 18:37:15 +01006656 ret = SSL_do_handshake(ctx->ssl);
Olivier Houchardc2aae742017-09-22 18:26:28 +02006657check_error:
Emeric Brun46591952012-05-18 15:47:34 +02006658 if (ret != 1) {
6659 /* handshake did not complete, let's find why */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006660 ret = SSL_get_error(ctx->ssl, ret);
Emeric Brun46591952012-05-18 15:47:34 +02006661
6662 if (ret == SSL_ERROR_WANT_WRITE) {
6663 /* SSL handshake needs to write, L4 connection may not be ready */
Olivier Houchard03abf2d2019-05-28 10:12:02 +02006664 if (!(ctx->wait_event.events & SUB_RETRY_SEND))
Olivier Houchardea8dd942019-05-20 14:02:16 +02006665 ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_SEND, &ctx->wait_event);
Emeric Brun46591952012-05-18 15:47:34 +02006666 return 0;
6667 }
6668 else if (ret == SSL_ERROR_WANT_READ) {
6669 /* SSL handshake needs to read, L4 connection is ready */
Olivier Houchardea8dd942019-05-20 14:02:16 +02006670 if (!(ctx->wait_event.events & SUB_RETRY_RECV))
Olivier Houchardea8dd942019-05-20 14:02:16 +02006671 ctx->xprt->subscribe(conn, ctx->xprt_ctx,
6672 SUB_RETRY_RECV, &ctx->wait_event);
Emeric Brun46591952012-05-18 15:47:34 +02006673 return 0;
6674 }
Willy Tarreau5db847a2019-05-09 14:13:35 +02006675#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006676 else if (ret == SSL_ERROR_WANT_ASYNC) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006677 ssl_async_process_fds(ctx);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006678 return 0;
6679 }
6680#endif
Willy Tarreau89230192012-09-28 20:22:13 +02006681 else if (ret == SSL_ERROR_SYSCALL) {
6682 /* if errno is null, then connection was successfully established */
6683 if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
6684 conn->flags &= ~CO_FL_WAIT_L4_CONN;
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006685 if (!conn->err_code) {
Lukas Tribus49799162019-07-08 14:29:15 +02006686#if defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER)
6687 /* do not handle empty handshakes in BoringSSL or LibreSSL */
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006688 conn->err_code = CO_ER_SSL_HANDSHAKE;
6689#else
6690 int empty_handshake;
Willy Tarreau5db847a2019-05-09 14:13:35 +02006691#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL)
Lukas Tribus49799162019-07-08 14:29:15 +02006692 /* use SSL_get_state() in OpenSSL >= 1.1.0; SSL_state() is broken */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006693 OSSL_HANDSHAKE_STATE state = SSL_get_state(ctx->ssl);
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006694 empty_handshake = state == TLS_ST_BEFORE;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006695#else
Lukas Tribus49799162019-07-08 14:29:15 +02006696 /* access packet_length directly in OpenSSL <= 1.0.2; SSL_state() is broken */
6697 empty_handshake = !ctx->ssl->packet_length;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006698#endif
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006699 if (empty_handshake) {
6700 if (!errno) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006701 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006702 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
6703 else
6704 conn->err_code = CO_ER_SSL_EMPTY;
6705 }
6706 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006707 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006708 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
6709 else
6710 conn->err_code = CO_ER_SSL_ABORT;
6711 }
Emeric Brun29f037d2014-04-25 19:05:36 +02006712 }
6713 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006714 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +02006715 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
6716 else
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006717 conn->err_code = CO_ER_SSL_HANDSHAKE;
Emeric Brun29f037d2014-04-25 19:05:36 +02006718 }
Lukas Tribus49799162019-07-08 14:29:15 +02006719#endif /* BoringSSL or LibreSSL */
Emeric Brun29f037d2014-04-25 19:05:36 +02006720 }
Willy Tarreau89230192012-09-28 20:22:13 +02006721 goto out_error;
6722 }
Emeric Brun46591952012-05-18 15:47:34 +02006723 else {
6724 /* Fail on all other handshake errors */
Willy Tarreau566dc552012-10-19 20:52:18 +02006725 /* Note: OpenSSL may leave unread bytes in the socket's
6726 * buffer, causing an RST to be emitted upon close() on
6727 * TCP sockets. We first try to drain possibly pending
6728 * data to avoid this as much as possible.
6729 */
Willy Tarreaud85c4852015-03-13 00:40:28 +01006730 conn_sock_drain(conn);
Willy Tarreau20879a02012-12-03 16:32:10 +01006731 if (!conn->err_code)
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006732 conn->err_code = (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT) ?
Willy Tarreauf51c6982014-04-25 20:02:39 +02006733 CO_ER_SSL_KILLED_HB : CO_ER_SSL_HANDSHAKE;
Emeric Brun46591952012-05-18 15:47:34 +02006734 goto out_error;
6735 }
6736 }
Willy Tarreau5db847a2019-05-09 14:13:35 +02006737#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchard522eea72017-11-03 16:27:47 +01006738 else {
6739 /*
6740 * If the server refused the early data, we have to send a
6741 * 425 to the client, as we no longer have the data to sent
6742 * them again.
6743 */
6744 if ((conn->flags & CO_FL_EARLY_DATA) && (objt_server(conn->target))) {
Olivier Houchard66ab4982019-02-26 18:37:15 +01006745 if (SSL_get_early_data_status(ctx->ssl) == SSL_EARLY_DATA_REJECTED) {
Olivier Houchard522eea72017-11-03 16:27:47 +01006746 conn->err_code = CO_ER_SSL_EARLY_FAILED;
6747 goto out_error;
6748 }
6749 }
6750 }
6751#endif
6752
Emeric Brun46591952012-05-18 15:47:34 +02006753
Emeric Brun674b7432012-11-08 19:21:55 +01006754reneg_ok:
Emeric Brunb5e42a82017-06-06 12:35:14 +00006755
Willy Tarreau5db847a2019-05-09 14:13:35 +02006756#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +00006757 /* ASYNC engine API doesn't support moving read/write
6758 * buffers. So we disable ASYNC mode right after
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +05006759 * the handshake to avoid buffer overflow.
Emeric Brunb5e42a82017-06-06 12:35:14 +00006760 */
6761 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +01006762 SSL_clear_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +00006763#endif
Emeric Brun46591952012-05-18 15:47:34 +02006764 /* Handshake succeeded */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006765 if (!SSL_session_reused(ctx->ssl)) {
Willy Tarreau0c9c2722014-05-28 12:28:58 +02006766 if (objt_server(conn->target)) {
6767 update_freq_ctr(&global.ssl_be_keys_per_sec, 1);
6768 if (global.ssl_be_keys_per_sec.curr_ctr > global.ssl_be_keys_max)
6769 global.ssl_be_keys_max = global.ssl_be_keys_per_sec.curr_ctr;
Emeric Brun46591952012-05-18 15:47:34 +02006770 }
Willy Tarreau0c9c2722014-05-28 12:28:58 +02006771 else {
6772 update_freq_ctr(&global.ssl_fe_keys_per_sec, 1);
6773 if (global.ssl_fe_keys_per_sec.curr_ctr > global.ssl_fe_keys_max)
6774 global.ssl_fe_keys_max = global.ssl_fe_keys_per_sec.curr_ctr;
6775 }
Emeric Brun46591952012-05-18 15:47:34 +02006776 }
6777
6778 /* The connection is now established at both layers, it's time to leave */
6779 conn->flags &= ~(flag | CO_FL_WAIT_L4_CONN | CO_FL_WAIT_L6_CONN);
6780 return 1;
6781
6782 out_error:
Emeric Brun644cde02012-12-14 11:21:13 +01006783 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02006784 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +01006785 ERR_clear_error();
6786
Emeric Brun9fa89732012-10-04 17:09:56 +02006787 /* free resumed session if exists */
Willy Tarreau07d94e42018-09-20 10:57:52 +02006788 if (objt_server(conn->target) && __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr) {
6789 free(__objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr);
6790 __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr = NULL;
Emeric Brun9fa89732012-10-04 17:09:56 +02006791 }
6792
Emeric Brun46591952012-05-18 15:47:34 +02006793 /* Fail on all other handshake errors */
6794 conn->flags |= CO_FL_ERROR;
Willy Tarreau20879a02012-12-03 16:32:10 +01006795 if (!conn->err_code)
6796 conn->err_code = CO_ER_SSL_HANDSHAKE;
Emeric Brun46591952012-05-18 15:47:34 +02006797 return 0;
6798}
6799
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006800/* Called from the upper layer, to subscribe <es> to events <event_type>. The
6801 * event subscriber <es> is not allowed to change from a previous call as long
6802 * as at least one event is still subscribed. The <event_type> must only be a
6803 * combination of SUB_RETRY_RECV and SUB_RETRY_SEND. It always returns 0,
6804 * unless the transport layer was already released.
6805 */
6806static int ssl_subscribe(struct connection *conn, void *xprt_ctx, int event_type, struct wait_event *es)
Olivier Houcharddf357842019-03-21 16:30:07 +01006807{
Olivier Houchardea8dd942019-05-20 14:02:16 +02006808 struct ssl_sock_ctx *ctx = xprt_ctx;
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006809
Olivier Houchard0ff28652019-06-24 18:57:39 +02006810 if (!ctx)
6811 return -1;
6812
Willy Tarreau113d52b2020-01-10 09:20:26 +01006813 BUG_ON(event_type & ~(SUB_RETRY_SEND|SUB_RETRY_RECV));
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006814 BUG_ON(ctx->subs && ctx->subs != es);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006815
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006816 ctx->subs = es;
6817 es->events |= event_type;
Willy Tarreau113d52b2020-01-10 09:20:26 +01006818
6819 /* we may have to subscribe to lower layers for new events */
6820 event_type &= ~ctx->wait_event.events;
6821 if (event_type && !(conn->flags & CO_FL_SSL_WAIT_HS))
6822 ctx->xprt->subscribe(conn, ctx->xprt_ctx, event_type, &ctx->wait_event);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006823 return 0;
Olivier Houcharddf357842019-03-21 16:30:07 +01006824}
6825
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006826/* Called from the upper layer, to unsubscribe <es> from events <event_type>.
6827 * The <es> pointer is not allowed to differ from the one passed to the
6828 * subscribe() call. It always returns zero.
6829 */
6830static int ssl_unsubscribe(struct connection *conn, void *xprt_ctx, int event_type, struct wait_event *es)
Olivier Houcharddf357842019-03-21 16:30:07 +01006831{
Olivier Houchardea8dd942019-05-20 14:02:16 +02006832 struct ssl_sock_ctx *ctx = xprt_ctx;
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006833
Willy Tarreau113d52b2020-01-10 09:20:26 +01006834 BUG_ON(event_type & ~(SUB_RETRY_SEND|SUB_RETRY_RECV));
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006835 BUG_ON(ctx->subs && ctx->subs != es);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006836
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006837 es->events &= ~event_type;
6838 if (!es->events)
Willy Tarreau113d52b2020-01-10 09:20:26 +01006839 ctx->subs = NULL;
6840
6841 /* If we subscribed, and we're not doing the handshake,
6842 * then we subscribed because the upper layer asked for it,
6843 * as the upper layer is no longer interested, we can
6844 * unsubscribe too.
6845 */
6846 event_type &= ctx->wait_event.events;
6847 if (event_type && !(ctx->conn->flags & CO_FL_SSL_WAIT_HS))
6848 conn_unsubscribe(conn, ctx->xprt_ctx, event_type, &ctx->wait_event);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006849
6850 return 0;
Olivier Houcharddf357842019-03-21 16:30:07 +01006851}
6852
Olivier Houchard2e055482019-05-27 19:50:12 +02006853/* Use the provided XPRT as an underlying XPRT, and provide the old one.
6854 * Returns 0 on success, and non-zero on failure.
6855 */
6856static int ssl_add_xprt(struct connection *conn, void *xprt_ctx, void *toadd_ctx, const struct xprt_ops *toadd_ops, void **oldxprt_ctx, const struct xprt_ops **oldxprt_ops)
6857{
6858 struct ssl_sock_ctx *ctx = xprt_ctx;
6859
6860 if (oldxprt_ops != NULL)
6861 *oldxprt_ops = ctx->xprt;
6862 if (oldxprt_ctx != NULL)
6863 *oldxprt_ctx = ctx->xprt_ctx;
6864 ctx->xprt = toadd_ops;
6865 ctx->xprt_ctx = toadd_ctx;
6866 return 0;
6867}
6868
Olivier Houchard5149b592019-05-23 17:47:36 +02006869/* Remove the specified xprt. If if it our underlying XPRT, remove it and
6870 * return 0, otherwise just call the remove_xprt method from the underlying
6871 * XPRT.
6872 */
6873static int ssl_remove_xprt(struct connection *conn, void *xprt_ctx, void *toremove_ctx, const struct xprt_ops *newops, void *newctx)
6874{
6875 struct ssl_sock_ctx *ctx = xprt_ctx;
6876
6877 if (ctx->xprt_ctx == toremove_ctx) {
6878 ctx->xprt_ctx = newctx;
6879 ctx->xprt = newops;
6880 return 0;
6881 }
6882 return (ctx->xprt->remove_xprt(conn, ctx->xprt_ctx, toremove_ctx, newops, newctx));
6883}
6884
Olivier Houchardea8dd942019-05-20 14:02:16 +02006885static struct task *ssl_sock_io_cb(struct task *t, void *context, unsigned short state)
6886{
6887 struct ssl_sock_ctx *ctx = context;
6888
6889 /* First if we're doing an handshake, try that */
6890 if (ctx->conn->flags & CO_FL_SSL_WAIT_HS)
6891 ssl_sock_handshake(ctx->conn, CO_FL_SSL_WAIT_HS);
6892 /* If we had an error, or the handshake is done and I/O is available,
6893 * let the upper layer know.
Olivier Houchard477902b2020-01-22 18:08:48 +01006894 * If no mux was set up yet, then call conn_create_mux()
Olivier Houchardea8dd942019-05-20 14:02:16 +02006895 * we can't be sure conn_fd_handler() will be called again.
6896 */
6897 if ((ctx->conn->flags & CO_FL_ERROR) ||
6898 !(ctx->conn->flags & CO_FL_SSL_WAIT_HS)) {
6899 int ret = 0;
6900 int woke = 0;
6901
6902 /* On error, wake any waiter */
Willy Tarreau113d52b2020-01-10 09:20:26 +01006903 if (ctx->subs) {
6904 tasklet_wakeup(ctx->subs->tasklet);
6905 ctx->subs->events = 0;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006906 woke = 1;
Willy Tarreau113d52b2020-01-10 09:20:26 +01006907 ctx->subs = NULL;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006908 }
Willy Tarreau113d52b2020-01-10 09:20:26 +01006909
Olivier Houchardea8dd942019-05-20 14:02:16 +02006910 /* If we're the first xprt for the connection, let the
Olivier Houchard477902b2020-01-22 18:08:48 +01006911 * upper layers know. If we have no mux, create it,
6912 * and once we have a mux, call its wake method if we didn't
6913 * woke a tasklet already.
Olivier Houchardea8dd942019-05-20 14:02:16 +02006914 */
6915 if (ctx->conn->xprt_ctx == ctx) {
Olivier Houchard477902b2020-01-22 18:08:48 +01006916 if (!ctx->conn->mux)
6917 ret = conn_create_mux(ctx->conn);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006918 if (ret >= 0 && !woke && ctx->conn->mux && ctx->conn->mux->wake)
6919 ctx->conn->mux->wake(ctx->conn);
6920 return NULL;
6921 }
6922 }
Olivier Houchard54907bb2019-12-19 15:02:39 +01006923#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
6924 /* If we have early data and somebody wants to receive, let them */
Willy Tarreau113d52b2020-01-10 09:20:26 +01006925 else if (b_data(&ctx->early_buf) && ctx->subs &&
6926 ctx->subs->events & SUB_RETRY_RECV) {
6927 tasklet_wakeup(ctx->subs->tasklet);
6928 ctx->subs->events &= ~SUB_RETRY_RECV;
6929 if (!ctx->subs->events)
6930 ctx->subs = NULL;
Olivier Houchard54907bb2019-12-19 15:02:39 +01006931 }
6932#endif
Olivier Houchardea8dd942019-05-20 14:02:16 +02006933 return NULL;
6934}
6935
Emeric Brun46591952012-05-18 15:47:34 +02006936/* Receive up to <count> bytes from connection <conn>'s socket and store them
Willy Tarreauabf08d92014-01-14 11:31:27 +01006937 * into buffer <buf>. Only one call to recv() is performed, unless the
Emeric Brun46591952012-05-18 15:47:34 +02006938 * buffer wraps, in which case a second call may be performed. The connection's
6939 * flags are updated with whatever special event is detected (error, read0,
6940 * empty). The caller is responsible for taking care of those events and
6941 * avoiding the call if inappropriate. The function does not call the
6942 * connection's polling update function, so the caller is responsible for this.
6943 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006944static size_t ssl_sock_to_buf(struct connection *conn, void *xprt_ctx, struct buffer *buf, size_t count, int flags)
Emeric Brun46591952012-05-18 15:47:34 +02006945{
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006946 struct ssl_sock_ctx *ctx = xprt_ctx;
Willy Tarreaubfc4d772018-07-18 11:22:03 +02006947 ssize_t ret;
6948 size_t try, done = 0;
Emeric Brun46591952012-05-18 15:47:34 +02006949
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006950 if (!ctx)
Emeric Brun46591952012-05-18 15:47:34 +02006951 goto out_error;
6952
Olivier Houchard54907bb2019-12-19 15:02:39 +01006953#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
6954 if (b_data(&ctx->early_buf)) {
6955 try = b_contig_space(buf);
6956 if (try > b_data(&ctx->early_buf))
6957 try = b_data(&ctx->early_buf);
6958 memcpy(b_tail(buf), b_head(&ctx->early_buf), try);
6959 b_add(buf, try);
6960 b_del(&ctx->early_buf, try);
6961 if (b_data(&ctx->early_buf) == 0)
6962 b_free(&ctx->early_buf);
6963 return try;
6964 }
6965#endif
6966
Willy Tarreau911db9b2020-01-23 16:27:54 +01006967 if (conn->flags & (CO_FL_WAIT_XPRT | CO_FL_SSL_WAIT_HS))
Emeric Brun46591952012-05-18 15:47:34 +02006968 /* a handshake was requested */
6969 return 0;
6970
Emeric Brun46591952012-05-18 15:47:34 +02006971 /* read the largest possible block. For this, we perform only one call
6972 * to recv() unless the buffer wraps and we exactly fill the first hunk,
6973 * in which case we accept to do it once again. A new attempt is made on
6974 * EINTR too.
6975 */
Willy Tarreau00b0fb92014-01-17 11:09:40 +01006976 while (count > 0) {
Olivier Houchardc2aae742017-09-22 18:26:28 +02006977
Willy Tarreau591d4452018-06-15 17:21:00 +02006978 try = b_contig_space(buf);
6979 if (!try)
6980 break;
6981
Willy Tarreauabf08d92014-01-14 11:31:27 +01006982 if (try > count)
6983 try = count;
Willy Tarreau591d4452018-06-15 17:21:00 +02006984
Olivier Houchard66ab4982019-02-26 18:37:15 +01006985 ret = SSL_read(ctx->ssl, b_tail(buf), try);
Emmanuel Hocdetf967c312019-08-05 18:04:16 +02006986
Emeric Brune1f38db2012-09-03 20:36:47 +02006987 if (conn->flags & CO_FL_ERROR) {
6988 /* CO_FL_ERROR may be set by ssl_sock_infocbk */
Emeric Brun644cde02012-12-14 11:21:13 +01006989 goto out_error;
Emeric Brune1f38db2012-09-03 20:36:47 +02006990 }
Emeric Brun46591952012-05-18 15:47:34 +02006991 if (ret > 0) {
Olivier Houchardacd14032018-06-28 18:17:23 +02006992 b_add(buf, ret);
Emeric Brun46591952012-05-18 15:47:34 +02006993 done += ret;
Emeric Brun46591952012-05-18 15:47:34 +02006994 count -= ret;
Emeric Brun46591952012-05-18 15:47:34 +02006995 }
Emeric Brun46591952012-05-18 15:47:34 +02006996 else {
Olivier Houchard66ab4982019-02-26 18:37:15 +01006997 ret = SSL_get_error(ctx->ssl, ret);
Emeric Brun46591952012-05-18 15:47:34 +02006998 if (ret == SSL_ERROR_WANT_WRITE) {
Emeric Brun8af8dd12012-11-08 17:56:20 +01006999 /* handshake is running, and it needs to enable write */
Emeric Brun46591952012-05-18 15:47:34 +02007000 conn->flags |= CO_FL_SSL_WAIT_HS;
Olivier Houchardea8dd942019-05-20 14:02:16 +02007001 ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_SEND, &ctx->wait_event);
Willy Tarreau5db847a2019-05-09 14:13:35 +02007002#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +00007003 /* Async mode can be re-enabled, because we're leaving data state.*/
7004 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007005 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +00007006#endif
Emeric Brun46591952012-05-18 15:47:34 +02007007 break;
7008 }
7009 else if (ret == SSL_ERROR_WANT_READ) {
Olivier Houchard66ab4982019-02-26 18:37:15 +01007010 if (SSL_renegotiate_pending(ctx->ssl)) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02007011 ctx->xprt->subscribe(conn, ctx->xprt_ctx,
7012 SUB_RETRY_RECV,
7013 &ctx->wait_event);
Emeric Brun282a76a2012-11-08 18:02:56 +01007014 /* handshake is running, and it may need to re-enable read */
7015 conn->flags |= CO_FL_SSL_WAIT_HS;
Willy Tarreau5db847a2019-05-09 14:13:35 +02007016#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +00007017 /* Async mode can be re-enabled, because we're leaving data state.*/
7018 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007019 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +00007020#endif
Emeric Brun282a76a2012-11-08 18:02:56 +01007021 break;
7022 }
Emeric Brun46591952012-05-18 15:47:34 +02007023 break;
Olivier Houchardc2aae742017-09-22 18:26:28 +02007024 } else if (ret == SSL_ERROR_ZERO_RETURN)
7025 goto read0;
Christopher Faulet4ac77a92018-02-19 14:25:15 +01007026 /* For SSL_ERROR_SYSCALL, make sure to clear the error
7027 * stack before shutting down the connection for
7028 * reading. */
Olivier Houchard7e2e5052018-02-13 15:17:23 +01007029 if (ret == SSL_ERROR_SYSCALL && (!errno || errno == EAGAIN))
7030 goto clear_ssl_error;
Emeric Brun46591952012-05-18 15:47:34 +02007031 /* otherwise it's a real error */
7032 goto out_error;
7033 }
7034 }
Willy Tarreau31d4dbe2017-10-25 09:32:15 +02007035 leave:
Emeric Brun46591952012-05-18 15:47:34 +02007036 return done;
7037
Christopher Faulet4ac77a92018-02-19 14:25:15 +01007038 clear_ssl_error:
7039 /* Clear openssl global errors stack */
7040 ssl_sock_dump_errors(conn);
7041 ERR_clear_error();
Emeric Brun46591952012-05-18 15:47:34 +02007042 read0:
7043 conn_sock_read0(conn);
Willy Tarreau31d4dbe2017-10-25 09:32:15 +02007044 goto leave;
Christopher Faulet4ac77a92018-02-19 14:25:15 +01007045
Emeric Brun46591952012-05-18 15:47:34 +02007046 out_error:
Olivier Houchard7e2e5052018-02-13 15:17:23 +01007047 conn->flags |= CO_FL_ERROR;
Emeric Brun644cde02012-12-14 11:21:13 +01007048 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02007049 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +01007050 ERR_clear_error();
Willy Tarreau31d4dbe2017-10-25 09:32:15 +02007051 goto leave;
Emeric Brun46591952012-05-18 15:47:34 +02007052}
7053
7054
Willy Tarreau787db9a2018-06-14 18:31:46 +02007055/* Send up to <count> pending bytes from buffer <buf> to connection <conn>'s
7056 * socket. <flags> may contain some CO_SFL_* flags to hint the system about
7057 * other pending data for example, but this flag is ignored at the moment.
Emeric Brun46591952012-05-18 15:47:34 +02007058 * Only one call to send() is performed, unless the buffer wraps, in which case
7059 * a second call may be performed. The connection's flags are updated with
7060 * whatever special event is detected (error, empty). The caller is responsible
7061 * for taking care of those events and avoiding the call if inappropriate. The
7062 * function does not call the connection's polling update function, so the caller
Willy Tarreau787db9a2018-06-14 18:31:46 +02007063 * is responsible for this. The buffer's output is not adjusted, it's up to the
7064 * caller to take care of this. It's up to the caller to update the buffer's
7065 * contents based on the return value.
Emeric Brun46591952012-05-18 15:47:34 +02007066 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007067static size_t ssl_sock_from_buf(struct connection *conn, void *xprt_ctx, const struct buffer *buf, size_t count, int flags)
Emeric Brun46591952012-05-18 15:47:34 +02007068{
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007069 struct ssl_sock_ctx *ctx = xprt_ctx;
Willy Tarreau787db9a2018-06-14 18:31:46 +02007070 ssize_t ret;
7071 size_t try, done;
Emeric Brun46591952012-05-18 15:47:34 +02007072
7073 done = 0;
7074
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007075 if (!ctx)
Emeric Brun46591952012-05-18 15:47:34 +02007076 goto out_error;
7077
Willy Tarreau911db9b2020-01-23 16:27:54 +01007078 if (conn->flags & (CO_FL_WAIT_XPRT | CO_FL_SSL_WAIT_HS | CO_FL_EARLY_SSL_HS))
Emeric Brun46591952012-05-18 15:47:34 +02007079 /* a handshake was requested */
7080 return 0;
7081
7082 /* send the largest possible block. For this we perform only one call
7083 * to send() unless the buffer wraps and we exactly fill the first hunk,
7084 * in which case we accept to do it once again.
7085 */
Willy Tarreau787db9a2018-06-14 18:31:46 +02007086 while (count) {
Willy Tarreau5db847a2019-05-09 14:13:35 +02007087#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchardc2aae742017-09-22 18:26:28 +02007088 size_t written_data;
7089#endif
7090
Willy Tarreau787db9a2018-06-14 18:31:46 +02007091 try = b_contig_data(buf, done);
7092 if (try > count)
7093 try = count;
Willy Tarreaubfd59462013-02-21 07:46:09 +01007094
Willy Tarreau7bed9452014-02-02 02:00:24 +01007095 if (!(flags & CO_SFL_STREAMER) &&
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007096 !(ctx->xprt_st & SSL_SOCK_SEND_UNLIMITED) &&
Willy Tarreauef934602016-12-22 23:12:01 +01007097 global_ssl.max_record && try > global_ssl.max_record) {
7098 try = global_ssl.max_record;
Willy Tarreau518cedd2014-02-17 15:43:01 +01007099 }
7100 else {
7101 /* we need to keep the information about the fact that
7102 * we're not limiting the upcoming send(), because if it
7103 * fails, we'll have to retry with at least as many data.
7104 */
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007105 ctx->xprt_st |= SSL_SOCK_SEND_UNLIMITED;
Willy Tarreau518cedd2014-02-17 15:43:01 +01007106 }
Willy Tarreaubfd59462013-02-21 07:46:09 +01007107
Willy Tarreau5db847a2019-05-09 14:13:35 +02007108#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchard010941f2019-05-03 20:56:19 +02007109 if (!SSL_is_init_finished(ctx->ssl) && conn_is_back(conn)) {
Olivier Houchardc2aae742017-09-22 18:26:28 +02007110 unsigned int max_early;
7111
Olivier Houchard522eea72017-11-03 16:27:47 +01007112 if (objt_listener(conn->target))
Olivier Houchard66ab4982019-02-26 18:37:15 +01007113 max_early = SSL_get_max_early_data(ctx->ssl);
Olivier Houchard522eea72017-11-03 16:27:47 +01007114 else {
Olivier Houchard66ab4982019-02-26 18:37:15 +01007115 if (SSL_get0_session(ctx->ssl))
7116 max_early = SSL_SESSION_get_max_early_data(SSL_get0_session(ctx->ssl));
Olivier Houchard522eea72017-11-03 16:27:47 +01007117 else
7118 max_early = 0;
7119 }
7120
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007121 if (try + ctx->sent_early_data > max_early) {
7122 try -= (try + ctx->sent_early_data) - max_early;
Olivier Houchard522eea72017-11-03 16:27:47 +01007123 if (try <= 0) {
Olivier Houchard010941f2019-05-03 20:56:19 +02007124 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Olivier Houchard965e84e2019-06-15 20:59:30 +02007125 tasklet_wakeup(ctx->wait_event.tasklet);
Olivier Houchardc2aae742017-09-22 18:26:28 +02007126 break;
Olivier Houchard522eea72017-11-03 16:27:47 +01007127 }
Olivier Houchardc2aae742017-09-22 18:26:28 +02007128 }
Olivier Houchard66ab4982019-02-26 18:37:15 +01007129 ret = SSL_write_early_data(ctx->ssl, b_peek(buf, done), try, &written_data);
Olivier Houchardc2aae742017-09-22 18:26:28 +02007130 if (ret == 1) {
7131 ret = written_data;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007132 ctx->sent_early_data += ret;
Olivier Houchard965e84e2019-06-15 20:59:30 +02007133 if (objt_server(conn->target)) {
Olivier Houchard522eea72017-11-03 16:27:47 +01007134 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN | CO_FL_EARLY_DATA;
Olivier Houchard965e84e2019-06-15 20:59:30 +02007135 /* Initiate the handshake, now */
7136 tasklet_wakeup(ctx->wait_event.tasklet);
7137 }
Olivier Houchard522eea72017-11-03 16:27:47 +01007138
Olivier Houchardc2aae742017-09-22 18:26:28 +02007139 }
7140
7141 } else
7142#endif
Olivier Houchard66ab4982019-02-26 18:37:15 +01007143 ret = SSL_write(ctx->ssl, b_peek(buf, done), try);
Willy Tarreau518cedd2014-02-17 15:43:01 +01007144
Emeric Brune1f38db2012-09-03 20:36:47 +02007145 if (conn->flags & CO_FL_ERROR) {
7146 /* CO_FL_ERROR may be set by ssl_sock_infocbk */
Emeric Brun644cde02012-12-14 11:21:13 +01007147 goto out_error;
Emeric Brune1f38db2012-09-03 20:36:47 +02007148 }
Emeric Brun46591952012-05-18 15:47:34 +02007149 if (ret > 0) {
Willy Tarreauc192b0a2020-01-23 09:11:58 +01007150 /* A send succeeded, so we can consider ourself connected */
7151 conn->flags &= ~CO_FL_WAIT_L4L6;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007152 ctx->xprt_st &= ~SSL_SOCK_SEND_UNLIMITED;
Willy Tarreau787db9a2018-06-14 18:31:46 +02007153 count -= ret;
Emeric Brun46591952012-05-18 15:47:34 +02007154 done += ret;
Emeric Brun46591952012-05-18 15:47:34 +02007155 }
7156 else {
Olivier Houchard66ab4982019-02-26 18:37:15 +01007157 ret = SSL_get_error(ctx->ssl, ret);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00007158
Emeric Brun46591952012-05-18 15:47:34 +02007159 if (ret == SSL_ERROR_WANT_WRITE) {
Olivier Houchard66ab4982019-02-26 18:37:15 +01007160 if (SSL_renegotiate_pending(ctx->ssl)) {
Emeric Brun282a76a2012-11-08 18:02:56 +01007161 /* handshake is running, and it may need to re-enable write */
7162 conn->flags |= CO_FL_SSL_WAIT_HS;
Olivier Houchardea8dd942019-05-20 14:02:16 +02007163 ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_SEND, &ctx->wait_event);
Willy Tarreau5db847a2019-05-09 14:13:35 +02007164#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +00007165 /* Async mode can be re-enabled, because we're leaving data state.*/
7166 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007167 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +00007168#endif
Emeric Brun282a76a2012-11-08 18:02:56 +01007169 break;
7170 }
Olivier Houchardea8dd942019-05-20 14:02:16 +02007171
Emeric Brun46591952012-05-18 15:47:34 +02007172 break;
7173 }
7174 else if (ret == SSL_ERROR_WANT_READ) {
Emeric Brun8af8dd12012-11-08 17:56:20 +01007175 /* handshake is running, and it needs to enable read */
Emeric Brun46591952012-05-18 15:47:34 +02007176 conn->flags |= CO_FL_SSL_WAIT_HS;
Olivier Houchardea8dd942019-05-20 14:02:16 +02007177 ctx->xprt->subscribe(conn, ctx->xprt_ctx,
7178 SUB_RETRY_RECV,
7179 &ctx->wait_event);
Willy Tarreau5db847a2019-05-09 14:13:35 +02007180#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +00007181 /* Async mode can be re-enabled, because we're leaving data state.*/
7182 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007183 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +00007184#endif
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00007185 break;
7186 }
Emeric Brun46591952012-05-18 15:47:34 +02007187 goto out_error;
7188 }
7189 }
Willy Tarreau31d4dbe2017-10-25 09:32:15 +02007190 leave:
Emeric Brun46591952012-05-18 15:47:34 +02007191 return done;
7192
7193 out_error:
Emeric Brun644cde02012-12-14 11:21:13 +01007194 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02007195 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +01007196 ERR_clear_error();
7197
Emeric Brun46591952012-05-18 15:47:34 +02007198 conn->flags |= CO_FL_ERROR;
Willy Tarreau31d4dbe2017-10-25 09:32:15 +02007199 goto leave;
Emeric Brun46591952012-05-18 15:47:34 +02007200}
7201
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007202static void ssl_sock_close(struct connection *conn, void *xprt_ctx) {
Emeric Brun46591952012-05-18 15:47:34 +02007203
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007204 struct ssl_sock_ctx *ctx = xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007205
Olivier Houchardea8dd942019-05-20 14:02:16 +02007206
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007207 if (ctx) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02007208 if (ctx->wait_event.events != 0)
7209 ctx->xprt->unsubscribe(ctx->conn, ctx->xprt_ctx,
7210 ctx->wait_event.events,
7211 &ctx->wait_event);
Willy Tarreau113d52b2020-01-10 09:20:26 +01007212 if (ctx->subs) {
7213 ctx->subs->events = 0;
7214 tasklet_wakeup(ctx->subs->tasklet);
Olivier Houchardea8dd942019-05-20 14:02:16 +02007215 }
Willy Tarreau113d52b2020-01-10 09:20:26 +01007216
Olivier Houchard692c1d02019-05-23 18:41:47 +02007217 if (ctx->xprt->close)
7218 ctx->xprt->close(conn, ctx->xprt_ctx);
Willy Tarreau5db847a2019-05-09 14:13:35 +02007219#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brun3854e012017-05-17 20:42:48 +02007220 if (global_ssl.async) {
7221 OSSL_ASYNC_FD all_fd[32], afd;
7222 size_t num_all_fds = 0;
7223 int i;
7224
Olivier Houchard66ab4982019-02-26 18:37:15 +01007225 SSL_get_all_async_fds(ctx->ssl, NULL, &num_all_fds);
Emeric Brun3854e012017-05-17 20:42:48 +02007226 if (num_all_fds > 32) {
7227 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
7228 return;
7229 }
7230
Olivier Houchard66ab4982019-02-26 18:37:15 +01007231 SSL_get_all_async_fds(ctx->ssl, all_fd, &num_all_fds);
Emeric Brun3854e012017-05-17 20:42:48 +02007232
7233 /* If an async job is pending, we must try to
7234 to catch the end using polling before calling
7235 SSL_free */
Olivier Houchard66ab4982019-02-26 18:37:15 +01007236 if (num_all_fds && SSL_waiting_for_async(ctx->ssl)) {
Emeric Brun3854e012017-05-17 20:42:48 +02007237 for (i=0 ; i < num_all_fds ; i++) {
7238 /* switch on an handler designed to
7239 * handle the SSL_free
7240 */
7241 afd = all_fd[i];
7242 fdtab[afd].iocb = ssl_async_fd_free;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007243 fdtab[afd].owner = ctx->ssl;
Emeric Brun3854e012017-05-17 20:42:48 +02007244 fd_want_recv(afd);
Emeric Brunce9e01c2017-05-31 10:02:53 +00007245 /* To ensure that the fd cache won't be used
7246 * and we'll catch a real RD event.
7247 */
7248 fd_cant_recv(afd);
Emeric Brun3854e012017-05-17 20:42:48 +02007249 }
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02007250 tasklet_free(ctx->wait_event.tasklet);
Olivier Houchard66ab4982019-02-26 18:37:15 +01007251 pool_free(ssl_sock_ctx_pool, ctx);
Olivier Houchard2be5a4c2019-03-08 18:54:43 +01007252 _HA_ATOMIC_ADD(&jobs, 1);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00007253 return;
7254 }
Emeric Brun3854e012017-05-17 20:42:48 +02007255 /* Else we can remove the fds from the fdtab
7256 * and call SSL_free.
7257 * note: we do a fd_remove and not a delete
7258 * because the fd is owned by the engine.
7259 * the engine is responsible to close
7260 */
7261 for (i=0 ; i < num_all_fds ; i++)
7262 fd_remove(all_fd[i]);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00007263 }
7264#endif
Olivier Houchard66ab4982019-02-26 18:37:15 +01007265 SSL_free(ctx->ssl);
Olivier Houchard54907bb2019-12-19 15:02:39 +01007266 b_free(&ctx->early_buf);
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02007267 tasklet_free(ctx->wait_event.tasklet);
Olivier Houchard66ab4982019-02-26 18:37:15 +01007268 pool_free(ssl_sock_ctx_pool, ctx);
Olivier Houchard2be5a4c2019-03-08 18:54:43 +01007269 _HA_ATOMIC_SUB(&sslconns, 1);
Emeric Brun46591952012-05-18 15:47:34 +02007270 }
Emeric Brun46591952012-05-18 15:47:34 +02007271}
7272
7273/* This function tries to perform a clean shutdown on an SSL connection, and in
7274 * any case, flags the connection as reusable if no handshake was in progress.
7275 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007276static void ssl_sock_shutw(struct connection *conn, void *xprt_ctx, int clean)
Emeric Brun46591952012-05-18 15:47:34 +02007277{
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007278 struct ssl_sock_ctx *ctx = xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007279
Willy Tarreau911db9b2020-01-23 16:27:54 +01007280 if (conn->flags & (CO_FL_WAIT_XPRT | CO_FL_SSL_WAIT_HS))
Emeric Brun46591952012-05-18 15:47:34 +02007281 return;
Emmanuel Hocdet405ff312017-01-08 14:07:39 +01007282 if (!clean)
7283 /* don't sent notify on SSL_shutdown */
Olivier Houchard66ab4982019-02-26 18:37:15 +01007284 SSL_set_quiet_shutdown(ctx->ssl, 1);
Emeric Brun46591952012-05-18 15:47:34 +02007285 /* no handshake was in progress, try a clean ssl shutdown */
Olivier Houchard66ab4982019-02-26 18:37:15 +01007286 if (SSL_shutdown(ctx->ssl) <= 0) {
Emeric Brun644cde02012-12-14 11:21:13 +01007287 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02007288 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +01007289 ERR_clear_error();
7290 }
Emeric Brun46591952012-05-18 15:47:34 +02007291}
7292
William Lallemandd4f946c2019-12-05 10:26:40 +01007293/* fill a buffer with the algorithm and size of a public key */
7294static int cert_get_pkey_algo(X509 *crt, struct buffer *out)
Emmanuel Hocdet96b78342017-10-31 15:46:07 +01007295{
Emmanuel Hocdet96b78342017-10-31 15:46:07 +01007296 int bits = 0;
7297 int sig = TLSEXT_signature_anonymous;
7298 int len = -1;
Emmanuel Hocdetc3775d22019-11-04 18:19:32 +01007299 EVP_PKEY *pkey;
Emmanuel Hocdet96b78342017-10-31 15:46:07 +01007300
Emmanuel Hocdetc3775d22019-11-04 18:19:32 +01007301 pkey = X509_get_pubkey(crt);
7302 if (pkey) {
7303 bits = EVP_PKEY_bits(pkey);
7304 switch(EVP_PKEY_base_id(pkey)) {
7305 case EVP_PKEY_RSA:
7306 sig = TLSEXT_signature_rsa;
7307 break;
7308 case EVP_PKEY_EC:
7309 sig = TLSEXT_signature_ecdsa;
7310 break;
7311 case EVP_PKEY_DSA:
7312 sig = TLSEXT_signature_dsa;
7313 break;
Emmanuel Hocdet96b78342017-10-31 15:46:07 +01007314 }
Emmanuel Hocdetc3775d22019-11-04 18:19:32 +01007315 EVP_PKEY_free(pkey);
Emmanuel Hocdet96b78342017-10-31 15:46:07 +01007316 }
7317
7318 switch(sig) {
7319 case TLSEXT_signature_rsa:
7320 len = chunk_printf(out, "RSA%d", bits);
7321 break;
7322 case TLSEXT_signature_ecdsa:
7323 len = chunk_printf(out, "EC%d", bits);
7324 break;
7325 case TLSEXT_signature_dsa:
7326 len = chunk_printf(out, "DSA%d", bits);
7327 break;
7328 default:
7329 return 0;
7330 }
7331 if (len < 0)
7332 return 0;
7333 return 1;
7334}
7335
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +05007336/* used for ppv2 pkey algo (can be used for logging) */
William Lallemandd4f946c2019-12-05 10:26:40 +01007337int ssl_sock_get_pkey_algo(struct connection *conn, struct buffer *out)
7338{
7339 struct ssl_sock_ctx *ctx;
7340 X509 *crt;
7341
7342 if (!ssl_sock_is_ssl(conn))
7343 return 0;
7344
7345 ctx = conn->xprt_ctx;
7346
7347 crt = SSL_get_certificate(ctx->ssl);
7348 if (!crt)
7349 return 0;
7350
7351 return cert_get_pkey_algo(crt, out);
7352}
7353
Emmanuel Hocdet283e0042017-11-02 14:05:23 +01007354/* used for ppv2 cert signature (can be used for logging) */
7355const char *ssl_sock_get_cert_sig(struct connection *conn)
7356{
Christopher Faulet82004142019-09-10 10:12:03 +02007357 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007358
Emmanuel Hocdet283e0042017-11-02 14:05:23 +01007359 __OPENSSL_110_CONST__ ASN1_OBJECT *algorithm;
7360 X509 *crt;
7361
7362 if (!ssl_sock_is_ssl(conn))
7363 return NULL;
Christopher Faulet82004142019-09-10 10:12:03 +02007364 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007365 crt = SSL_get_certificate(ctx->ssl);
Emmanuel Hocdet283e0042017-11-02 14:05:23 +01007366 if (!crt)
7367 return NULL;
7368 X509_ALGOR_get0(&algorithm, NULL, NULL, X509_get0_tbs_sigalg(crt));
7369 return OBJ_nid2sn(OBJ_obj2nid(algorithm));
7370}
7371
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +01007372/* used for ppv2 authority */
7373const char *ssl_sock_get_sni(struct connection *conn)
7374{
7375#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Christopher Faulet82004142019-09-10 10:12:03 +02007376 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007377
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +01007378 if (!ssl_sock_is_ssl(conn))
7379 return NULL;
Christopher Faulet82004142019-09-10 10:12:03 +02007380 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007381 return SSL_get_servername(ctx->ssl, TLSEXT_NAMETYPE_host_name);
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +01007382#else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007383 return NULL;
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +01007384#endif
7385}
7386
Emmanuel Hocdet01da5712017-10-13 16:59:49 +02007387/* used for logging/ppv2, may be changed for a sample fetch later */
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007388const char *ssl_sock_get_cipher_name(struct connection *conn)
7389{
Christopher Faulet82004142019-09-10 10:12:03 +02007390 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007391
Emmanuel Hocdet01da5712017-10-13 16:59:49 +02007392 if (!ssl_sock_is_ssl(conn))
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007393 return NULL;
Christopher Faulet82004142019-09-10 10:12:03 +02007394 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007395 return SSL_get_cipher_name(ctx->ssl);
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007396}
7397
Emmanuel Hocdet01da5712017-10-13 16:59:49 +02007398/* used for logging/ppv2, may be changed for a sample fetch later */
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007399const char *ssl_sock_get_proto_version(struct connection *conn)
7400{
Christopher Faulet82004142019-09-10 10:12:03 +02007401 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007402
Emmanuel Hocdet01da5712017-10-13 16:59:49 +02007403 if (!ssl_sock_is_ssl(conn))
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007404 return NULL;
Christopher Faulet82004142019-09-10 10:12:03 +02007405 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007406 return SSL_get_version(ctx->ssl);
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007407}
7408
Willy Tarreau8d598402012-10-22 17:58:39 +02007409/* Extract a serial from a cert, and copy it to a chunk.
7410 * Returns 1 if serial is found and copied, 0 if no serial found and
7411 * -1 if output is not large enough.
7412 */
7413static int
Willy Tarreau83061a82018-07-13 11:56:34 +02007414ssl_sock_get_serial(X509 *crt, struct buffer *out)
Willy Tarreau8d598402012-10-22 17:58:39 +02007415{
7416 ASN1_INTEGER *serial;
7417
7418 serial = X509_get_serialNumber(crt);
7419 if (!serial)
7420 return 0;
7421
7422 if (out->size < serial->length)
7423 return -1;
7424
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007425 memcpy(out->area, serial->data, serial->length);
7426 out->data = serial->length;
Willy Tarreau8d598402012-10-22 17:58:39 +02007427 return 1;
7428}
7429
Emeric Brun43e79582014-10-29 19:03:26 +01007430/* Extract a cert to der, and copy it to a chunk.
Joseph Herlant017b3da2018-11-15 09:07:59 -08007431 * Returns 1 if the cert is found and copied, 0 on der conversion failure
7432 * and -1 if the output is not large enough.
Emeric Brun43e79582014-10-29 19:03:26 +01007433 */
7434static int
Willy Tarreau83061a82018-07-13 11:56:34 +02007435ssl_sock_crt2der(X509 *crt, struct buffer *out)
Emeric Brun43e79582014-10-29 19:03:26 +01007436{
7437 int len;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007438 unsigned char *p = (unsigned char *) out->area;;
Emeric Brun43e79582014-10-29 19:03:26 +01007439
7440 len =i2d_X509(crt, NULL);
7441 if (len <= 0)
7442 return 1;
7443
7444 if (out->size < len)
7445 return -1;
7446
7447 i2d_X509(crt,&p);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007448 out->data = len;
Emeric Brun43e79582014-10-29 19:03:26 +01007449 return 1;
7450}
7451
Emeric Brunce5ad802012-10-22 14:11:22 +02007452
Willy Tarreau83061a82018-07-13 11:56:34 +02007453/* Copy Date in ASN1_UTCTIME format in struct buffer out.
Emeric Brunce5ad802012-10-22 14:11:22 +02007454 * Returns 1 if serial is found and copied, 0 if no valid time found
7455 * and -1 if output is not large enough.
7456 */
7457static int
Willy Tarreau83061a82018-07-13 11:56:34 +02007458ssl_sock_get_time(ASN1_TIME *tm, struct buffer *out)
Emeric Brunce5ad802012-10-22 14:11:22 +02007459{
7460 if (tm->type == V_ASN1_GENERALIZEDTIME) {
7461 ASN1_GENERALIZEDTIME *gentm = (ASN1_GENERALIZEDTIME *)tm;
7462
7463 if (gentm->length < 12)
7464 return 0;
7465 if (gentm->data[0] != 0x32 || gentm->data[1] != 0x30)
7466 return 0;
7467 if (out->size < gentm->length-2)
7468 return -1;
7469
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007470 memcpy(out->area, gentm->data+2, gentm->length-2);
7471 out->data = gentm->length-2;
Emeric Brunce5ad802012-10-22 14:11:22 +02007472 return 1;
7473 }
7474 else if (tm->type == V_ASN1_UTCTIME) {
7475 ASN1_UTCTIME *utctm = (ASN1_UTCTIME *)tm;
7476
7477 if (utctm->length < 10)
7478 return 0;
7479 if (utctm->data[0] >= 0x35)
7480 return 0;
7481 if (out->size < utctm->length)
7482 return -1;
7483
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007484 memcpy(out->area, utctm->data, utctm->length);
7485 out->data = utctm->length;
Emeric Brunce5ad802012-10-22 14:11:22 +02007486 return 1;
7487 }
7488
7489 return 0;
7490}
7491
Emeric Brun87855892012-10-17 17:39:35 +02007492/* Extract an entry from a X509_NAME and copy its value to an output chunk.
7493 * Returns 1 if entry found, 0 if entry not found, or -1 if output not large enough.
7494 */
7495static int
Willy Tarreau83061a82018-07-13 11:56:34 +02007496ssl_sock_get_dn_entry(X509_NAME *a, const struct buffer *entry, int pos,
7497 struct buffer *out)
Emeric Brun87855892012-10-17 17:39:35 +02007498{
7499 X509_NAME_ENTRY *ne;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007500 ASN1_OBJECT *obj;
7501 ASN1_STRING *data;
7502 const unsigned char *data_ptr;
7503 int data_len;
Emeric Brun87855892012-10-17 17:39:35 +02007504 int i, j, n;
7505 int cur = 0;
7506 const char *s;
7507 char tmp[128];
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007508 int name_count;
7509
7510 name_count = X509_NAME_entry_count(a);
Emeric Brun87855892012-10-17 17:39:35 +02007511
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007512 out->data = 0;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007513 for (i = 0; i < name_count; i++) {
Emeric Brun87855892012-10-17 17:39:35 +02007514 if (pos < 0)
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007515 j = (name_count-1) - i;
Emeric Brun87855892012-10-17 17:39:35 +02007516 else
7517 j = i;
7518
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007519 ne = X509_NAME_get_entry(a, j);
7520 obj = X509_NAME_ENTRY_get_object(ne);
7521 data = X509_NAME_ENTRY_get_data(ne);
7522 data_ptr = ASN1_STRING_get0_data(data);
7523 data_len = ASN1_STRING_length(data);
7524 n = OBJ_obj2nid(obj);
Emeric Brun87855892012-10-17 17:39:35 +02007525 if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007526 i2t_ASN1_OBJECT(tmp, sizeof(tmp), obj);
Emeric Brun87855892012-10-17 17:39:35 +02007527 s = tmp;
7528 }
7529
7530 if (chunk_strcasecmp(entry, s) != 0)
7531 continue;
7532
7533 if (pos < 0)
7534 cur--;
7535 else
7536 cur++;
7537
7538 if (cur != pos)
7539 continue;
7540
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007541 if (data_len > out->size)
Emeric Brun87855892012-10-17 17:39:35 +02007542 return -1;
7543
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007544 memcpy(out->area, data_ptr, data_len);
7545 out->data = data_len;
Emeric Brun87855892012-10-17 17:39:35 +02007546 return 1;
7547 }
7548
7549 return 0;
7550
William Lallemandd4f946c2019-12-05 10:26:40 +01007551}
7552
7553/*
7554 * Extract and format the DNS SAN extensions and copy result into a chuink
7555 * Return 0;
7556 */
7557#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
7558static int ssl_sock_get_san_oneline(X509 *cert, struct buffer *out)
7559{
7560 int i;
7561 char *str;
7562 STACK_OF(GENERAL_NAME) *names = NULL;
7563
7564 names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
7565 if (names) {
7566 for (i = 0; i < sk_GENERAL_NAME_num(names); i++) {
7567 GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
7568 if (i > 0)
7569 chunk_appendf(out, ", ");
7570 if (name->type == GEN_DNS) {
7571 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
7572 chunk_appendf(out, "DNS:%s", str);
7573 OPENSSL_free(str);
7574 }
7575 }
7576 }
7577 sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
7578 }
7579 return 0;
Emeric Brun87855892012-10-17 17:39:35 +02007580}
William Lallemandd4f946c2019-12-05 10:26:40 +01007581#endif
Emeric Brun87855892012-10-17 17:39:35 +02007582
Elliot Otchet71f82972020-01-15 08:12:14 -05007583/*
7584 * Extract the DN in the specified format from the X509_NAME and copy result to a chunk.
7585 * Currently supports rfc2253 for returning LDAP V3 DNs.
7586 * Returns 1 if dn entries exist, 0 if no dn entry was found.
7587 */
7588static int
7589ssl_sock_get_dn_formatted(X509_NAME *a, const struct buffer *format, struct buffer *out)
7590{
7591 BIO *bio = NULL;
7592 int ret = 0;
7593 int data_len = 0;
7594
7595 if (chunk_strcmp(format, "rfc2253") == 0) {
7596 bio = BIO_new(BIO_s_mem());
7597 if (bio == NULL)
7598 goto out;
7599
7600 if (X509_NAME_print_ex(bio, a, 0, XN_FLAG_RFC2253) < 0)
7601 goto out;
7602
7603 if ((data_len = BIO_read(bio, out->area, out->size)) <= 0)
7604 goto out;
7605
7606 out->data = data_len;
7607
7608 ret = 1;
7609 }
7610out:
7611 if (bio)
7612 BIO_free(bio);
7613 return ret;
7614}
7615
Emeric Brun87855892012-10-17 17:39:35 +02007616/* Extract and format full DN from a X509_NAME and copy result into a chunk
7617 * Returns 1 if dn entries exits, 0 if no dn entry found or -1 if output is not large enough.
7618 */
7619static int
Willy Tarreau83061a82018-07-13 11:56:34 +02007620ssl_sock_get_dn_oneline(X509_NAME *a, struct buffer *out)
Emeric Brun87855892012-10-17 17:39:35 +02007621{
7622 X509_NAME_ENTRY *ne;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007623 ASN1_OBJECT *obj;
7624 ASN1_STRING *data;
7625 const unsigned char *data_ptr;
7626 int data_len;
Emeric Brun87855892012-10-17 17:39:35 +02007627 int i, n, ln;
7628 int l = 0;
7629 const char *s;
7630 char *p;
7631 char tmp[128];
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007632 int name_count;
7633
7634
7635 name_count = X509_NAME_entry_count(a);
Emeric Brun87855892012-10-17 17:39:35 +02007636
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007637 out->data = 0;
7638 p = out->area;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007639 for (i = 0; i < name_count; i++) {
7640 ne = X509_NAME_get_entry(a, i);
7641 obj = X509_NAME_ENTRY_get_object(ne);
7642 data = X509_NAME_ENTRY_get_data(ne);
7643 data_ptr = ASN1_STRING_get0_data(data);
7644 data_len = ASN1_STRING_length(data);
7645 n = OBJ_obj2nid(obj);
Emeric Brun87855892012-10-17 17:39:35 +02007646 if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007647 i2t_ASN1_OBJECT(tmp, sizeof(tmp), obj);
Emeric Brun87855892012-10-17 17:39:35 +02007648 s = tmp;
7649 }
7650 ln = strlen(s);
7651
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007652 l += 1 + ln + 1 + data_len;
Emeric Brun87855892012-10-17 17:39:35 +02007653 if (l > out->size)
7654 return -1;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007655 out->data = l;
Emeric Brun87855892012-10-17 17:39:35 +02007656
7657 *(p++)='/';
7658 memcpy(p, s, ln);
7659 p += ln;
7660 *(p++)='=';
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007661 memcpy(p, data_ptr, data_len);
7662 p += data_len;
Emeric Brun87855892012-10-17 17:39:35 +02007663 }
7664
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007665 if (!out->data)
Emeric Brun87855892012-10-17 17:39:35 +02007666 return 0;
7667
7668 return 1;
7669}
7670
Olivier Houchardab28a322018-12-21 19:45:40 +01007671void ssl_sock_set_alpn(struct connection *conn, const unsigned char *alpn, int len)
7672{
7673#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Christopher Faulet82004142019-09-10 10:12:03 +02007674 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007675
Olivier Houcharde488ea82019-06-28 14:10:33 +02007676 if (!ssl_sock_is_ssl(conn))
7677 return;
Christopher Faulet82004142019-09-10 10:12:03 +02007678 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007679 SSL_set_alpn_protos(ctx->ssl, alpn, len);
Olivier Houchardab28a322018-12-21 19:45:40 +01007680#endif
7681}
7682
Willy Tarreau119a4082016-12-22 21:58:38 +01007683/* Sets advertised SNI for outgoing connections. Please set <hostname> to NULL
7684 * to disable SNI.
7685 */
Willy Tarreau63076412015-07-10 11:33:32 +02007686void ssl_sock_set_servername(struct connection *conn, const char *hostname)
7687{
7688#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Christopher Faulet82004142019-09-10 10:12:03 +02007689 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007690
Willy Tarreau119a4082016-12-22 21:58:38 +01007691 char *prev_name;
7692
Willy Tarreau63076412015-07-10 11:33:32 +02007693 if (!ssl_sock_is_ssl(conn))
7694 return;
Christopher Faulet82004142019-09-10 10:12:03 +02007695 ctx = conn->xprt_ctx;
Willy Tarreau63076412015-07-10 11:33:32 +02007696
Willy Tarreau119a4082016-12-22 21:58:38 +01007697 /* if the SNI changes, we must destroy the reusable context so that a
7698 * new connection will present a new SNI. As an optimization we could
7699 * later imagine having a small cache of ssl_ctx to hold a few SNI per
7700 * server.
7701 */
Olivier Houchard66ab4982019-02-26 18:37:15 +01007702 prev_name = (char *)SSL_get_servername(ctx->ssl, TLSEXT_NAMETYPE_host_name);
Willy Tarreau119a4082016-12-22 21:58:38 +01007703 if ((!prev_name && hostname) ||
7704 (prev_name && (!hostname || strcmp(hostname, prev_name) != 0)))
Olivier Houchard66ab4982019-02-26 18:37:15 +01007705 SSL_set_session(ctx->ssl, NULL);
Willy Tarreau119a4082016-12-22 21:58:38 +01007706
Olivier Houchard66ab4982019-02-26 18:37:15 +01007707 SSL_set_tlsext_host_name(ctx->ssl, hostname);
Willy Tarreau63076412015-07-10 11:33:32 +02007708#endif
7709}
7710
Emeric Brun0abf8362014-06-24 18:26:41 +02007711/* Extract peer certificate's common name into the chunk dest
7712 * Returns
7713 * the len of the extracted common name
7714 * or 0 if no CN found in DN
7715 * or -1 on error case (i.e. no peer certificate)
7716 */
Willy Tarreau83061a82018-07-13 11:56:34 +02007717int ssl_sock_get_remote_common_name(struct connection *conn,
7718 struct buffer *dest)
David Safb76832014-05-08 23:42:08 -04007719{
Christopher Faulet82004142019-09-10 10:12:03 +02007720 struct ssl_sock_ctx *ctx;
David Safb76832014-05-08 23:42:08 -04007721 X509 *crt = NULL;
7722 X509_NAME *name;
David Safb76832014-05-08 23:42:08 -04007723 const char find_cn[] = "CN";
Willy Tarreau83061a82018-07-13 11:56:34 +02007724 const struct buffer find_cn_chunk = {
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007725 .area = (char *)&find_cn,
7726 .data = sizeof(find_cn)-1
David Safb76832014-05-08 23:42:08 -04007727 };
Emeric Brun0abf8362014-06-24 18:26:41 +02007728 int result = -1;
David Safb76832014-05-08 23:42:08 -04007729
7730 if (!ssl_sock_is_ssl(conn))
Emeric Brun0abf8362014-06-24 18:26:41 +02007731 goto out;
Christopher Faulet82004142019-09-10 10:12:03 +02007732 ctx = conn->xprt_ctx;
David Safb76832014-05-08 23:42:08 -04007733
7734 /* SSL_get_peer_certificate, it increase X509 * ref count */
Olivier Houchard66ab4982019-02-26 18:37:15 +01007735 crt = SSL_get_peer_certificate(ctx->ssl);
David Safb76832014-05-08 23:42:08 -04007736 if (!crt)
7737 goto out;
7738
7739 name = X509_get_subject_name(crt);
7740 if (!name)
7741 goto out;
David Safb76832014-05-08 23:42:08 -04007742
Emeric Brun0abf8362014-06-24 18:26:41 +02007743 result = ssl_sock_get_dn_entry(name, &find_cn_chunk, 1, dest);
7744out:
David Safb76832014-05-08 23:42:08 -04007745 if (crt)
7746 X509_free(crt);
7747
7748 return result;
7749}
7750
Dave McCowan328fb582014-07-30 10:39:13 -04007751/* returns 1 if client passed a certificate for this session, 0 if not */
7752int ssl_sock_get_cert_used_sess(struct connection *conn)
7753{
Christopher Faulet82004142019-09-10 10:12:03 +02007754 struct ssl_sock_ctx *ctx;
Dave McCowan328fb582014-07-30 10:39:13 -04007755 X509 *crt = NULL;
7756
7757 if (!ssl_sock_is_ssl(conn))
7758 return 0;
Christopher Faulet82004142019-09-10 10:12:03 +02007759 ctx = conn->xprt_ctx;
Dave McCowan328fb582014-07-30 10:39:13 -04007760
7761 /* SSL_get_peer_certificate, it increase X509 * ref count */
Olivier Houchard66ab4982019-02-26 18:37:15 +01007762 crt = SSL_get_peer_certificate(ctx->ssl);
Dave McCowan328fb582014-07-30 10:39:13 -04007763 if (!crt)
7764 return 0;
7765
7766 X509_free(crt);
7767 return 1;
7768}
7769
7770/* returns 1 if client passed a certificate for this connection, 0 if not */
7771int ssl_sock_get_cert_used_conn(struct connection *conn)
David Safb76832014-05-08 23:42:08 -04007772{
Christopher Faulet82004142019-09-10 10:12:03 +02007773 struct ssl_sock_ctx *ctx;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007774
David Safb76832014-05-08 23:42:08 -04007775 if (!ssl_sock_is_ssl(conn))
7776 return 0;
Christopher Faulet82004142019-09-10 10:12:03 +02007777 ctx = conn->xprt_ctx;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007778 return SSL_SOCK_ST_FL_VERIFY_DONE & ctx->xprt_st ? 1 : 0;
David Safb76832014-05-08 23:42:08 -04007779}
7780
7781/* returns result from SSL verify */
7782unsigned int ssl_sock_get_verify_result(struct connection *conn)
7783{
Christopher Faulet82004142019-09-10 10:12:03 +02007784 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007785
David Safb76832014-05-08 23:42:08 -04007786 if (!ssl_sock_is_ssl(conn))
7787 return (unsigned int)X509_V_ERR_APPLICATION_VERIFICATION;
Christopher Faulet82004142019-09-10 10:12:03 +02007788 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007789 return (unsigned int)SSL_get_verify_result(ctx->ssl);
David Safb76832014-05-08 23:42:08 -04007790}
7791
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007792/* Returns the application layer protocol name in <str> and <len> when known.
7793 * Zero is returned if the protocol name was not found, otherwise non-zero is
7794 * returned. The string is allocated in the SSL context and doesn't have to be
7795 * freed by the caller. NPN is also checked if available since older versions
7796 * of openssl (1.0.1) which are more common in field only support this one.
7797 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007798static int ssl_sock_get_alpn(const struct connection *conn, void *xprt_ctx, const char **str, int *len)
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007799{
Olivier Houchard66ab4982019-02-26 18:37:15 +01007800#if defined(TLSEXT_TYPE_application_layer_protocol_negotiation) || \
7801 defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007802 struct ssl_sock_ctx *ctx = xprt_ctx;
7803 if (!ctx)
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007804 return 0;
7805
7806 *str = NULL;
7807
7808#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Olivier Houchard66ab4982019-02-26 18:37:15 +01007809 SSL_get0_alpn_selected(ctx->ssl, (const unsigned char **)str, (unsigned *)len);
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007810 if (*str)
7811 return 1;
7812#endif
Bernard Spil13c53f82018-02-15 13:34:58 +01007813#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007814 SSL_get0_next_proto_negotiated(ctx->ssl, (const unsigned char **)str, (unsigned *)len);
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007815 if (*str)
7816 return 1;
7817#endif
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007818#endif
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007819 return 0;
7820}
7821
Willy Tarreau7875d092012-09-10 08:20:03 +02007822/***** Below are some sample fetching functions for ACL/patterns *****/
7823
Olivier Houchardccaa7de2017-10-02 11:51:03 +02007824static int
7825smp_fetch_ssl_fc_has_early(const struct arg *args, struct sample *smp, const char *kw, void *private)
7826{
Dragan Dosen2dec6a32020-05-11 17:25:19 +02007827 SSL *ssl;
Olivier Houchardccaa7de2017-10-02 11:51:03 +02007828 struct connection *conn;
7829
7830 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02007831 ssl = ssl_sock_get_ssl_object(conn);
7832 if (!ssl)
Olivier Houchardccaa7de2017-10-02 11:51:03 +02007833 return 0;
7834
7835 smp->flags = 0;
7836 smp->data.type = SMP_T_BOOL;
Emmanuel Hocdetc9858012019-08-07 14:44:49 +02007837#ifdef OPENSSL_IS_BORINGSSL
7838 {
Dragan Dosen2dec6a32020-05-11 17:25:19 +02007839 smp->data.u.sint = (SSL_in_early_data(ssl) &&
7840 SSL_early_data_accepted(ssl));
Emmanuel Hocdetc9858012019-08-07 14:44:49 +02007841 }
7842#else
Olivier Houchard25ae45a2017-11-29 19:51:19 +01007843 smp->data.u.sint = ((conn->flags & CO_FL_EARLY_DATA) &&
Olivier Houchard220a26c2020-01-23 14:57:36 +01007844 (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_SSL_WAIT_HS))) ? 1 : 0;
Emmanuel Hocdetc9858012019-08-07 14:44:49 +02007845#endif
Olivier Houchardccaa7de2017-10-02 11:51:03 +02007846 return 1;
7847}
7848
Emeric Brune64aef12012-09-21 13:15:06 +02007849/* boolean, returns true if client cert was present */
7850static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007851smp_fetch_ssl_fc_has_crt(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brune64aef12012-09-21 13:15:06 +02007852{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007853 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007854 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007855
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007856 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007857 if (!conn || conn->xprt != &ssl_sock)
Emeric Brune64aef12012-09-21 13:15:06 +02007858 return 0;
7859
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007860 ctx = conn->xprt_ctx;
7861
Willy Tarreau911db9b2020-01-23 16:27:54 +01007862 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brune64aef12012-09-21 13:15:06 +02007863 smp->flags |= SMP_F_MAY_CHANGE;
7864 return 0;
7865 }
7866
7867 smp->flags = 0;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007868 smp->data.type = SMP_T_BOOL;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007869 smp->data.u.sint = SSL_SOCK_ST_FL_VERIFY_DONE & ctx->xprt_st ? 1 : 0;
Emeric Brune64aef12012-09-21 13:15:06 +02007870
7871 return 1;
7872}
7873
Emeric Brun43e79582014-10-29 19:03:26 +01007874/* binary, returns a certificate in a binary chunk (der/raw).
7875 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7876 * should be use.
7877 */
7878static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007879smp_fetch_ssl_x_der(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun43e79582014-10-29 19:03:26 +01007880{
7881 int cert_peer = (kw[4] == 'c') ? 1 : 0;
7882 X509 *crt = NULL;
7883 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007884 struct buffer *smp_trash;
Emeric Brun43e79582014-10-29 19:03:26 +01007885 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02007886 SSL *ssl;
Emeric Brun43e79582014-10-29 19:03:26 +01007887
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007888 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02007889 ssl = ssl_sock_get_ssl_object(conn);
7890 if (!ssl)
Emeric Brun43e79582014-10-29 19:03:26 +01007891 return 0;
7892
Willy Tarreau911db9b2020-01-23 16:27:54 +01007893 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun43e79582014-10-29 19:03:26 +01007894 smp->flags |= SMP_F_MAY_CHANGE;
7895 return 0;
7896 }
7897
7898 if (cert_peer)
Dragan Dosen2dec6a32020-05-11 17:25:19 +02007899 crt = SSL_get_peer_certificate(ssl);
Emeric Brun43e79582014-10-29 19:03:26 +01007900 else
Dragan Dosen2dec6a32020-05-11 17:25:19 +02007901 crt = SSL_get_certificate(ssl);
Emeric Brun43e79582014-10-29 19:03:26 +01007902
7903 if (!crt)
7904 goto out;
7905
7906 smp_trash = get_trash_chunk();
7907 if (ssl_sock_crt2der(crt, smp_trash) <= 0)
7908 goto out;
7909
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007910 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007911 smp->data.type = SMP_T_BIN;
Emeric Brun43e79582014-10-29 19:03:26 +01007912 ret = 1;
7913out:
7914 /* SSL_get_peer_certificate, it increase X509 * ref count */
7915 if (cert_peer && crt)
7916 X509_free(crt);
7917 return ret;
7918}
7919
Emeric Brunba841a12014-04-30 17:05:08 +02007920/* binary, returns serial of certificate in a binary chunk.
7921 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7922 * should be use.
7923 */
Willy Tarreau8d598402012-10-22 17:58:39 +02007924static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007925smp_fetch_ssl_x_serial(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau8d598402012-10-22 17:58:39 +02007926{
Emeric Brunba841a12014-04-30 17:05:08 +02007927 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Willy Tarreau8d598402012-10-22 17:58:39 +02007928 X509 *crt = NULL;
7929 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007930 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007931 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02007932 SSL *ssl;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007933
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007934 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02007935 ssl = ssl_sock_get_ssl_object(conn);
7936 if (!ssl)
Willy Tarreau8d598402012-10-22 17:58:39 +02007937 return 0;
7938
Willy Tarreau911db9b2020-01-23 16:27:54 +01007939 if (conn->flags & CO_FL_WAIT_XPRT) {
Willy Tarreau8d598402012-10-22 17:58:39 +02007940 smp->flags |= SMP_F_MAY_CHANGE;
7941 return 0;
7942 }
7943
Emeric Brunba841a12014-04-30 17:05:08 +02007944 if (cert_peer)
Dragan Dosen2dec6a32020-05-11 17:25:19 +02007945 crt = SSL_get_peer_certificate(ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007946 else
Dragan Dosen2dec6a32020-05-11 17:25:19 +02007947 crt = SSL_get_certificate(ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007948
Willy Tarreau8d598402012-10-22 17:58:39 +02007949 if (!crt)
7950 goto out;
7951
Willy Tarreau47ca5452012-12-23 20:22:19 +01007952 smp_trash = get_trash_chunk();
Willy Tarreau8d598402012-10-22 17:58:39 +02007953 if (ssl_sock_get_serial(crt, smp_trash) <= 0)
7954 goto out;
7955
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007956 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007957 smp->data.type = SMP_T_BIN;
Willy Tarreau8d598402012-10-22 17:58:39 +02007958 ret = 1;
7959out:
Emeric Brunba841a12014-04-30 17:05:08 +02007960 /* SSL_get_peer_certificate, it increase X509 * ref count */
7961 if (cert_peer && crt)
Willy Tarreau8d598402012-10-22 17:58:39 +02007962 X509_free(crt);
7963 return ret;
7964}
Emeric Brune64aef12012-09-21 13:15:06 +02007965
Emeric Brunba841a12014-04-30 17:05:08 +02007966/* binary, returns the client certificate's SHA-1 fingerprint (SHA-1 hash of DER-encoded certificate) in a binary chunk.
7967 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7968 * should be use.
7969 */
James Votha051b4a2013-05-14 20:37:59 +02007970static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007971smp_fetch_ssl_x_sha1(const struct arg *args, struct sample *smp, const char *kw, void *private)
James Votha051b4a2013-05-14 20:37:59 +02007972{
Emeric Brunba841a12014-04-30 17:05:08 +02007973 int cert_peer = (kw[4] == 'c') ? 1 : 0;
James Votha051b4a2013-05-14 20:37:59 +02007974 X509 *crt = NULL;
7975 const EVP_MD *digest;
7976 int ret = 0;
Willy Tarreau105599c2020-02-25 08:59:23 +01007977 unsigned int len = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007978 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007979 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02007980 SSL *ssl;
James Votha051b4a2013-05-14 20:37:59 +02007981
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007982 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02007983 ssl = ssl_sock_get_ssl_object(conn);
7984 if (!ssl)
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007985 return 0;
7986
Willy Tarreau911db9b2020-01-23 16:27:54 +01007987 if (conn->flags & CO_FL_WAIT_XPRT) {
James Votha051b4a2013-05-14 20:37:59 +02007988 smp->flags |= SMP_F_MAY_CHANGE;
7989 return 0;
7990 }
7991
Emeric Brunba841a12014-04-30 17:05:08 +02007992 if (cert_peer)
Dragan Dosen2dec6a32020-05-11 17:25:19 +02007993 crt = SSL_get_peer_certificate(ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007994 else
Dragan Dosen2dec6a32020-05-11 17:25:19 +02007995 crt = SSL_get_certificate(ssl);
James Votha051b4a2013-05-14 20:37:59 +02007996 if (!crt)
7997 goto out;
7998
7999 smp_trash = get_trash_chunk();
8000 digest = EVP_sha1();
Willy Tarreau105599c2020-02-25 08:59:23 +01008001 X509_digest(crt, digest, (unsigned char *) smp_trash->area, &len);
8002 smp_trash->data = len;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008003 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008004 smp->data.type = SMP_T_BIN;
James Votha051b4a2013-05-14 20:37:59 +02008005 ret = 1;
8006out:
Emeric Brunba841a12014-04-30 17:05:08 +02008007 /* SSL_get_peer_certificate, it increase X509 * ref count */
8008 if (cert_peer && crt)
James Votha051b4a2013-05-14 20:37:59 +02008009 X509_free(crt);
8010 return ret;
8011}
8012
Emeric Brunba841a12014-04-30 17:05:08 +02008013/* string, returns certificate's notafter date in ASN1_UTCTIME format.
8014 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
8015 * should be use.
8016 */
Emeric Brunce5ad802012-10-22 14:11:22 +02008017static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008018smp_fetch_ssl_x_notafter(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunce5ad802012-10-22 14:11:22 +02008019{
Emeric Brunba841a12014-04-30 17:05:08 +02008020 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brunce5ad802012-10-22 14:11:22 +02008021 X509 *crt = NULL;
8022 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02008023 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008024 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008025 SSL *ssl;
Emeric Brunce5ad802012-10-22 14:11:22 +02008026
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008027 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008028 ssl = ssl_sock_get_ssl_object(conn);
8029 if (!ssl)
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008030 return 0;
8031
Willy Tarreau911db9b2020-01-23 16:27:54 +01008032 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunce5ad802012-10-22 14:11:22 +02008033 smp->flags |= SMP_F_MAY_CHANGE;
8034 return 0;
8035 }
8036
Emeric Brunba841a12014-04-30 17:05:08 +02008037 if (cert_peer)
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008038 crt = SSL_get_peer_certificate(ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02008039 else
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008040 crt = SSL_get_certificate(ssl);
Emeric Brunce5ad802012-10-22 14:11:22 +02008041 if (!crt)
8042 goto out;
8043
Willy Tarreau47ca5452012-12-23 20:22:19 +01008044 smp_trash = get_trash_chunk();
Rosen Penev68185952018-12-14 08:47:02 -08008045 if (ssl_sock_get_time(X509_getm_notAfter(crt), smp_trash) <= 0)
Emeric Brunce5ad802012-10-22 14:11:22 +02008046 goto out;
8047
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008048 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008049 smp->data.type = SMP_T_STR;
Emeric Brunce5ad802012-10-22 14:11:22 +02008050 ret = 1;
8051out:
Emeric Brunba841a12014-04-30 17:05:08 +02008052 /* SSL_get_peer_certificate, it increase X509 * ref count */
8053 if (cert_peer && crt)
Emeric Brunce5ad802012-10-22 14:11:22 +02008054 X509_free(crt);
8055 return ret;
8056}
8057
Emeric Brunba841a12014-04-30 17:05:08 +02008058/* string, returns a string of a formatted full dn \C=..\O=..\OU=.. \CN=.. of certificate's issuer
8059 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
8060 * should be use.
8061 */
Emeric Brun87855892012-10-17 17:39:35 +02008062static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008063smp_fetch_ssl_x_i_dn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun87855892012-10-17 17:39:35 +02008064{
Emeric Brunba841a12014-04-30 17:05:08 +02008065 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun87855892012-10-17 17:39:35 +02008066 X509 *crt = NULL;
8067 X509_NAME *name;
8068 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02008069 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008070 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008071 SSL *ssl;
Emeric Brun87855892012-10-17 17:39:35 +02008072
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008073 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008074 ssl = ssl_sock_get_ssl_object(conn);
8075 if (!ssl)
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008076 return 0;
8077
Willy Tarreau911db9b2020-01-23 16:27:54 +01008078 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun87855892012-10-17 17:39:35 +02008079 smp->flags |= SMP_F_MAY_CHANGE;
8080 return 0;
8081 }
8082
Emeric Brunba841a12014-04-30 17:05:08 +02008083 if (cert_peer)
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008084 crt = SSL_get_peer_certificate(ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02008085 else
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008086 crt = SSL_get_certificate(ssl);
Emeric Brun87855892012-10-17 17:39:35 +02008087 if (!crt)
8088 goto out;
8089
8090 name = X509_get_issuer_name(crt);
8091 if (!name)
8092 goto out;
8093
Willy Tarreau47ca5452012-12-23 20:22:19 +01008094 smp_trash = get_trash_chunk();
Elliot Otchet71f82972020-01-15 08:12:14 -05008095 if (args && args[0].type == ARGT_STR && args[0].data.str.data > 0) {
Emeric Brun87855892012-10-17 17:39:35 +02008096 int pos = 1;
8097
8098 if (args[1].type == ARGT_SINT)
8099 pos = args[1].data.sint;
Emeric Brun87855892012-10-17 17:39:35 +02008100
8101 if (ssl_sock_get_dn_entry(name, &args[0].data.str, pos, smp_trash) <= 0)
8102 goto out;
8103 }
Elliot Otchet71f82972020-01-15 08:12:14 -05008104 else if (args && args[2].type == ARGT_STR && args[2].data.str.data > 0) {
8105 if (ssl_sock_get_dn_formatted(name, &args[2].data.str, smp_trash) <= 0)
8106 goto out;
8107 }
Emeric Brun87855892012-10-17 17:39:35 +02008108 else if (ssl_sock_get_dn_oneline(name, smp_trash) <= 0)
8109 goto out;
8110
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008111 smp->data.type = SMP_T_STR;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008112 smp->data.u.str = *smp_trash;
Emeric Brun87855892012-10-17 17:39:35 +02008113 ret = 1;
8114out:
Emeric Brunba841a12014-04-30 17:05:08 +02008115 /* SSL_get_peer_certificate, it increase X509 * ref count */
8116 if (cert_peer && crt)
Emeric Brun87855892012-10-17 17:39:35 +02008117 X509_free(crt);
8118 return ret;
8119}
8120
Emeric Brunba841a12014-04-30 17:05:08 +02008121/* string, returns notbefore date in ASN1_UTCTIME format.
8122 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
8123 * should be use.
8124 */
Emeric Brunce5ad802012-10-22 14:11:22 +02008125static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008126smp_fetch_ssl_x_notbefore(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunce5ad802012-10-22 14:11:22 +02008127{
Emeric Brunba841a12014-04-30 17:05:08 +02008128 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brunce5ad802012-10-22 14:11:22 +02008129 X509 *crt = NULL;
8130 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02008131 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008132 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008133 SSL *ssl;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008134
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008135 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008136 ssl = ssl_sock_get_ssl_object(conn);
8137 if (!ssl)
Emeric Brunce5ad802012-10-22 14:11:22 +02008138 return 0;
8139
Willy Tarreau911db9b2020-01-23 16:27:54 +01008140 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunce5ad802012-10-22 14:11:22 +02008141 smp->flags |= SMP_F_MAY_CHANGE;
8142 return 0;
8143 }
8144
Emeric Brunba841a12014-04-30 17:05:08 +02008145 if (cert_peer)
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008146 crt = SSL_get_peer_certificate(ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02008147 else
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008148 crt = SSL_get_certificate(ssl);
Emeric Brunce5ad802012-10-22 14:11:22 +02008149 if (!crt)
8150 goto out;
8151
Willy Tarreau47ca5452012-12-23 20:22:19 +01008152 smp_trash = get_trash_chunk();
Rosen Penev68185952018-12-14 08:47:02 -08008153 if (ssl_sock_get_time(X509_getm_notBefore(crt), smp_trash) <= 0)
Emeric Brunce5ad802012-10-22 14:11:22 +02008154 goto out;
8155
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008156 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008157 smp->data.type = SMP_T_STR;
Emeric Brunce5ad802012-10-22 14:11:22 +02008158 ret = 1;
8159out:
Emeric Brunba841a12014-04-30 17:05:08 +02008160 /* SSL_get_peer_certificate, it increase X509 * ref count */
8161 if (cert_peer && crt)
Emeric Brunce5ad802012-10-22 14:11:22 +02008162 X509_free(crt);
8163 return ret;
8164}
8165
Emeric Brunba841a12014-04-30 17:05:08 +02008166/* string, returns a string of a formatted full dn \C=..\O=..\OU=.. \CN=.. of certificate's subject
8167 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
8168 * should be use.
8169 */
Emeric Brun87855892012-10-17 17:39:35 +02008170static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008171smp_fetch_ssl_x_s_dn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun87855892012-10-17 17:39:35 +02008172{
Emeric Brunba841a12014-04-30 17:05:08 +02008173 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun87855892012-10-17 17:39:35 +02008174 X509 *crt = NULL;
8175 X509_NAME *name;
8176 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02008177 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008178 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008179 SSL *ssl;
Emeric Brun87855892012-10-17 17:39:35 +02008180
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008181 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008182 ssl = ssl_sock_get_ssl_object(conn);
8183 if (!ssl)
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008184 return 0;
8185
Willy Tarreau911db9b2020-01-23 16:27:54 +01008186 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun87855892012-10-17 17:39:35 +02008187 smp->flags |= SMP_F_MAY_CHANGE;
8188 return 0;
8189 }
8190
Emeric Brunba841a12014-04-30 17:05:08 +02008191 if (cert_peer)
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008192 crt = SSL_get_peer_certificate(ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02008193 else
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008194 crt = SSL_get_certificate(ssl);
Emeric Brun87855892012-10-17 17:39:35 +02008195 if (!crt)
8196 goto out;
8197
8198 name = X509_get_subject_name(crt);
8199 if (!name)
8200 goto out;
8201
Willy Tarreau47ca5452012-12-23 20:22:19 +01008202 smp_trash = get_trash_chunk();
Elliot Otchet71f82972020-01-15 08:12:14 -05008203 if (args && args[0].type == ARGT_STR && args[0].data.str.data > 0) {
Emeric Brun87855892012-10-17 17:39:35 +02008204 int pos = 1;
8205
8206 if (args[1].type == ARGT_SINT)
8207 pos = args[1].data.sint;
Emeric Brun87855892012-10-17 17:39:35 +02008208
8209 if (ssl_sock_get_dn_entry(name, &args[0].data.str, pos, smp_trash) <= 0)
8210 goto out;
8211 }
Elliot Otchet71f82972020-01-15 08:12:14 -05008212 else if (args && args[2].type == ARGT_STR && args[2].data.str.data > 0) {
8213 if (ssl_sock_get_dn_formatted(name, &args[2].data.str, smp_trash) <= 0)
8214 goto out;
8215 }
Emeric Brun87855892012-10-17 17:39:35 +02008216 else if (ssl_sock_get_dn_oneline(name, smp_trash) <= 0)
8217 goto out;
8218
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008219 smp->data.type = SMP_T_STR;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008220 smp->data.u.str = *smp_trash;
Emeric Brun87855892012-10-17 17:39:35 +02008221 ret = 1;
8222out:
Emeric Brunba841a12014-04-30 17:05:08 +02008223 /* SSL_get_peer_certificate, it increase X509 * ref count */
8224 if (cert_peer && crt)
Emeric Brun87855892012-10-17 17:39:35 +02008225 X509_free(crt);
8226 return ret;
8227}
Emeric Brun9143d372012-12-20 15:44:16 +01008228
8229/* integer, returns true if current session use a client certificate */
8230static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008231smp_fetch_ssl_c_used(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun9143d372012-12-20 15:44:16 +01008232{
8233 X509 *crt;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008234 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008235 SSL *ssl;
Emeric Brun9143d372012-12-20 15:44:16 +01008236
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008237 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008238 ssl = ssl_sock_get_ssl_object(conn);
8239 if (!ssl)
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008240 return 0;
8241
Willy Tarreau911db9b2020-01-23 16:27:54 +01008242 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun9143d372012-12-20 15:44:16 +01008243 smp->flags |= SMP_F_MAY_CHANGE;
8244 return 0;
8245 }
8246
8247 /* SSL_get_peer_certificate returns a ptr on allocated X509 struct */
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008248 crt = SSL_get_peer_certificate(ssl);
Emeric Brun9143d372012-12-20 15:44:16 +01008249 if (crt) {
8250 X509_free(crt);
8251 }
8252
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008253 smp->data.type = SMP_T_BOOL;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008254 smp->data.u.sint = (crt != NULL);
Emeric Brun9143d372012-12-20 15:44:16 +01008255 return 1;
8256}
8257
Emeric Brunba841a12014-04-30 17:05:08 +02008258/* integer, returns the certificate version
8259 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
8260 * should be use.
8261 */
Emeric Bruna7359fd2012-10-17 15:03:11 +02008262static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008263smp_fetch_ssl_x_version(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Bruna7359fd2012-10-17 15:03:11 +02008264{
Emeric Brunba841a12014-04-30 17:05:08 +02008265 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Bruna7359fd2012-10-17 15:03:11 +02008266 X509 *crt;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008267 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008268 SSL *ssl;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008269
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008270 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008271 ssl = ssl_sock_get_ssl_object(conn);
8272 if (!ssl)
Emeric Bruna7359fd2012-10-17 15:03:11 +02008273 return 0;
8274
Willy Tarreau911db9b2020-01-23 16:27:54 +01008275 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Bruna7359fd2012-10-17 15:03:11 +02008276 smp->flags |= SMP_F_MAY_CHANGE;
8277 return 0;
8278 }
8279
Emeric Brunba841a12014-04-30 17:05:08 +02008280 if (cert_peer)
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008281 crt = SSL_get_peer_certificate(ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02008282 else
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008283 crt = SSL_get_certificate(ssl);
Emeric Bruna7359fd2012-10-17 15:03:11 +02008284 if (!crt)
8285 return 0;
8286
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008287 smp->data.u.sint = (unsigned int)(1 + X509_get_version(crt));
Emeric Brunba841a12014-04-30 17:05:08 +02008288 /* SSL_get_peer_certificate increase X509 * ref count */
8289 if (cert_peer)
8290 X509_free(crt);
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008291 smp->data.type = SMP_T_SINT;
Emeric Bruna7359fd2012-10-17 15:03:11 +02008292
8293 return 1;
8294}
8295
Emeric Brunba841a12014-04-30 17:05:08 +02008296/* string, returns the certificate's signature algorithm.
8297 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
8298 * should be use.
8299 */
Emeric Brun7f56e742012-10-19 18:15:40 +02008300static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008301smp_fetch_ssl_x_sig_alg(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun7f56e742012-10-19 18:15:40 +02008302{
Emeric Brunba841a12014-04-30 17:05:08 +02008303 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun7f56e742012-10-19 18:15:40 +02008304 X509 *crt;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02008305 __OPENSSL_110_CONST__ ASN1_OBJECT *algorithm;
Emeric Brun7f56e742012-10-19 18:15:40 +02008306 int nid;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008307 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008308 SSL *ssl;
Emeric Brun7f56e742012-10-19 18:15:40 +02008309
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008310 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008311 ssl = ssl_sock_get_ssl_object(conn);
8312 if (!ssl)
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008313 return 0;
8314
Willy Tarreau911db9b2020-01-23 16:27:54 +01008315 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun7f56e742012-10-19 18:15:40 +02008316 smp->flags |= SMP_F_MAY_CHANGE;
8317 return 0;
8318 }
8319
Emeric Brunba841a12014-04-30 17:05:08 +02008320 if (cert_peer)
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008321 crt = SSL_get_peer_certificate(ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02008322 else
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008323 crt = SSL_get_certificate(ssl);
Emeric Brun7f56e742012-10-19 18:15:40 +02008324 if (!crt)
8325 return 0;
8326
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02008327 X509_ALGOR_get0(&algorithm, NULL, NULL, X509_get0_tbs_sigalg(crt));
8328 nid = OBJ_obj2nid(algorithm);
Emeric Brun7f56e742012-10-19 18:15:40 +02008329
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008330 smp->data.u.str.area = (char *)OBJ_nid2sn(nid);
8331 if (!smp->data.u.str.area) {
Emeric Brunba841a12014-04-30 17:05:08 +02008332 /* SSL_get_peer_certificate increase X509 * ref count */
8333 if (cert_peer)
8334 X509_free(crt);
Emeric Brun7f56e742012-10-19 18:15:40 +02008335 return 0;
Emeric Brun9bf3ba22013-10-07 14:31:44 +02008336 }
Emeric Brun7f56e742012-10-19 18:15:40 +02008337
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008338 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008339 smp->flags |= SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008340 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brunba841a12014-04-30 17:05:08 +02008341 /* SSL_get_peer_certificate increase X509 * ref count */
8342 if (cert_peer)
8343 X509_free(crt);
Emeric Brun7f56e742012-10-19 18:15:40 +02008344
8345 return 1;
8346}
8347
Emeric Brunba841a12014-04-30 17:05:08 +02008348/* string, returns the certificate's key algorithm.
8349 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
8350 * should be use.
8351 */
Emeric Brun521a0112012-10-22 12:22:55 +02008352static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008353smp_fetch_ssl_x_key_alg(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun521a0112012-10-22 12:22:55 +02008354{
Emeric Brunba841a12014-04-30 17:05:08 +02008355 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun521a0112012-10-22 12:22:55 +02008356 X509 *crt;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02008357 ASN1_OBJECT *algorithm;
Emeric Brun521a0112012-10-22 12:22:55 +02008358 int nid;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008359 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008360 SSL *ssl;
Emeric Brun521a0112012-10-22 12:22:55 +02008361
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008362 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008363 ssl = ssl_sock_get_ssl_object(conn);
8364 if (!ssl)
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008365 return 0;
8366
Willy Tarreau911db9b2020-01-23 16:27:54 +01008367 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun521a0112012-10-22 12:22:55 +02008368 smp->flags |= SMP_F_MAY_CHANGE;
8369 return 0;
8370 }
8371
Emeric Brunba841a12014-04-30 17:05:08 +02008372 if (cert_peer)
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008373 crt = SSL_get_peer_certificate(ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02008374 else
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008375 crt = SSL_get_certificate(ssl);
Emeric Brun521a0112012-10-22 12:22:55 +02008376 if (!crt)
8377 return 0;
8378
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02008379 X509_PUBKEY_get0_param(&algorithm, NULL, NULL, NULL, X509_get_X509_PUBKEY(crt));
8380 nid = OBJ_obj2nid(algorithm);
Emeric Brun521a0112012-10-22 12:22:55 +02008381
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008382 smp->data.u.str.area = (char *)OBJ_nid2sn(nid);
8383 if (!smp->data.u.str.area) {
Emeric Brunba841a12014-04-30 17:05:08 +02008384 /* SSL_get_peer_certificate increase X509 * ref count */
8385 if (cert_peer)
8386 X509_free(crt);
Emeric Brun521a0112012-10-22 12:22:55 +02008387 return 0;
Emeric Brun9bf3ba22013-10-07 14:31:44 +02008388 }
Emeric Brun521a0112012-10-22 12:22:55 +02008389
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008390 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008391 smp->flags |= SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008392 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brunba841a12014-04-30 17:05:08 +02008393 if (cert_peer)
8394 X509_free(crt);
Emeric Brun521a0112012-10-22 12:22:55 +02008395
8396 return 1;
8397}
8398
Emeric Brun645ae792014-04-30 14:21:06 +02008399/* boolean, returns true if front conn. transport layer is SSL.
8400 * This function is also usable on backend conn if the fetch keyword 5th
8401 * char is 'b'.
8402 */
Willy Tarreau7875d092012-09-10 08:20:03 +02008403static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008404smp_fetch_ssl_fc(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau7875d092012-09-10 08:20:03 +02008405{
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008406 struct connection *conn;
8407
Christopher Fauletf98e6262020-05-06 09:42:04 +02008408 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008409 conn = (kw[4] != 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
8410 else
8411 conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8412 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008413
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008414 smp->data.type = SMP_T_BOOL;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008415 smp->data.u.sint = (conn && conn->xprt == &ssl_sock);
Willy Tarreau7875d092012-09-10 08:20:03 +02008416 return 1;
8417}
8418
Emeric Brun2525b6b2012-10-18 15:59:43 +02008419/* boolean, returns true if client present a SNI */
Willy Tarreau7875d092012-09-10 08:20:03 +02008420static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008421smp_fetch_ssl_fc_has_sni(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau7875d092012-09-10 08:20:03 +02008422{
8423#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008424 struct connection *conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008425 SSL *ssl = ssl_sock_get_ssl_object(conn);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008426
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008427 smp->data.type = SMP_T_BOOL;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008428 smp->data.u.sint = ssl && SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name) != NULL;
Willy Tarreau7875d092012-09-10 08:20:03 +02008429 return 1;
8430#else
8431 return 0;
8432#endif
8433}
8434
Emeric Brun74f7ffa2018-02-19 16:14:12 +01008435/* boolean, returns true if client session has been resumed.
8436 * This function is also usable on backend conn if the fetch keyword 5th
8437 * char is 'b'.
8438 */
Nenad Merdanovic26ea8222015-05-18 02:28:57 +02008439static int
8440smp_fetch_ssl_fc_is_resumed(const struct arg *args, struct sample *smp, const char *kw, void *private)
8441{
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008442 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008443 SSL *ssl;
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008444
Christopher Fauletf98e6262020-05-06 09:42:04 +02008445 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008446 conn = (kw[4] != 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
8447 else
8448 conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8449 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Emeric Brun74f7ffa2018-02-19 16:14:12 +01008450
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008451 ssl = ssl_sock_get_ssl_object(conn);
Nenad Merdanovic26ea8222015-05-18 02:28:57 +02008452
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008453 smp->data.type = SMP_T_BOOL;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008454 smp->data.u.sint = ssl && SSL_session_reused(ssl);
Nenad Merdanovic26ea8222015-05-18 02:28:57 +02008455 return 1;
8456}
8457
Emeric Brun645ae792014-04-30 14:21:06 +02008458/* string, returns the used cipher if front conn. transport layer is SSL.
8459 * This function is also usable on backend conn if the fetch keyword 5th
8460 * char is 'b'.
8461 */
Emeric Brun589fcad2012-10-16 14:13:26 +02008462static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008463smp_fetch_ssl_fc_cipher(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02008464{
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008465 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008466 SSL *ssl;
Emeric Brun589fcad2012-10-16 14:13:26 +02008467
Christopher Fauletf98e6262020-05-06 09:42:04 +02008468 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008469 conn = (kw[4] != 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
8470 else
8471 conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8472 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
8473
Willy Tarreaube508f12016-03-10 11:47:01 +01008474 smp->flags = 0;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008475 ssl = ssl_sock_get_ssl_object(conn);
8476 if (!ssl)
Emeric Brun589fcad2012-10-16 14:13:26 +02008477 return 0;
8478
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008479 smp->data.u.str.area = (char *)SSL_get_cipher_name(ssl);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008480 if (!smp->data.u.str.area)
Emeric Brun589fcad2012-10-16 14:13:26 +02008481 return 0;
8482
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008483 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008484 smp->flags |= SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008485 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brun589fcad2012-10-16 14:13:26 +02008486
8487 return 1;
8488}
8489
Emeric Brun645ae792014-04-30 14:21:06 +02008490/* integer, returns the algoritm's keysize if front conn. transport layer
8491 * is SSL.
8492 * This function is also usable on backend conn if the fetch keyword 5th
8493 * char is 'b'.
8494 */
Emeric Brun589fcad2012-10-16 14:13:26 +02008495static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008496smp_fetch_ssl_fc_alg_keysize(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02008497{
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008498 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008499 SSL *ssl;
Willy Tarreaue237fe12016-03-10 17:05:28 +01008500 int sint;
Willy Tarreaube508f12016-03-10 11:47:01 +01008501
Christopher Fauletf98e6262020-05-06 09:42:04 +02008502 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008503 conn = (kw[4] != 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
8504 else
8505 conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8506 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
8507
Emeric Brun589fcad2012-10-16 14:13:26 +02008508 smp->flags = 0;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008509 ssl = ssl_sock_get_ssl_object(conn);
8510 if (!ssl)
Emeric Brun589fcad2012-10-16 14:13:26 +02008511 return 0;
8512
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008513 if (!SSL_get_cipher_bits(ssl, &sint))
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008514 return 0;
8515
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008516 smp->data.u.sint = sint;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008517 smp->data.type = SMP_T_SINT;
Emeric Brun589fcad2012-10-16 14:13:26 +02008518
8519 return 1;
8520}
8521
Emeric Brun645ae792014-04-30 14:21:06 +02008522/* integer, returns the used keysize if front conn. transport layer is SSL.
8523 * This function is also usable on backend conn if the fetch keyword 5th
8524 * char is 'b'.
8525 */
Emeric Brun589fcad2012-10-16 14:13:26 +02008526static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008527smp_fetch_ssl_fc_use_keysize(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02008528{
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008529 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008530 SSL *ssl;
Willy Tarreaube508f12016-03-10 11:47:01 +01008531
Christopher Fauletf98e6262020-05-06 09:42:04 +02008532 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008533 conn = (kw[4] != 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
8534 else
8535 conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8536 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
8537
Emeric Brun589fcad2012-10-16 14:13:26 +02008538 smp->flags = 0;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008539 ssl = ssl_sock_get_ssl_object(conn);
8540 if (!ssl)
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008541 return 0;
8542
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008543 smp->data.u.sint = (unsigned int)SSL_get_cipher_bits(ssl, NULL);
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008544 if (!smp->data.u.sint)
Emeric Brun589fcad2012-10-16 14:13:26 +02008545 return 0;
8546
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008547 smp->data.type = SMP_T_SINT;
Emeric Brun589fcad2012-10-16 14:13:26 +02008548
8549 return 1;
8550}
8551
Bernard Spil13c53f82018-02-15 13:34:58 +01008552#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Willy Tarreau7875d092012-09-10 08:20:03 +02008553static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008554smp_fetch_ssl_fc_npn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreaua33c6542012-10-15 13:19:06 +02008555{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008556 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008557 SSL *ssl;
Willy Tarreau105599c2020-02-25 08:59:23 +01008558 unsigned int len = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008559
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008560 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008561 smp->data.type = SMP_T_STR;
Willy Tarreaua33c6542012-10-15 13:19:06 +02008562
Christopher Fauletf98e6262020-05-06 09:42:04 +02008563 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008564 conn = (kw[4] != 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
8565 else
8566 conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8567 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
8568
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008569 ssl = ssl_sock_get_ssl_object(conn);
8570 if (!ssl)
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008571 return 0;
8572
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008573 smp->data.u.str.area = NULL;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008574 SSL_get0_next_proto_negotiated(ssl,
Willy Tarreau105599c2020-02-25 08:59:23 +01008575 (const unsigned char **)&smp->data.u.str.area,
8576 &len);
Willy Tarreaua33c6542012-10-15 13:19:06 +02008577
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008578 if (!smp->data.u.str.area)
Willy Tarreaua33c6542012-10-15 13:19:06 +02008579 return 0;
8580
Willy Tarreau105599c2020-02-25 08:59:23 +01008581 smp->data.u.str.data = len;
Willy Tarreaua33c6542012-10-15 13:19:06 +02008582 return 1;
Willy Tarreaua33c6542012-10-15 13:19:06 +02008583}
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02008584#endif
Willy Tarreaua33c6542012-10-15 13:19:06 +02008585
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01008586#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Willy Tarreauab861d32013-04-02 02:30:41 +02008587static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008588smp_fetch_ssl_fc_alpn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreauab861d32013-04-02 02:30:41 +02008589{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008590 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008591 SSL *ssl;
Willy Tarreau105599c2020-02-25 08:59:23 +01008592 unsigned int len = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008593
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008594 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008595 smp->data.type = SMP_T_STR;
Willy Tarreauab861d32013-04-02 02:30:41 +02008596
Christopher Fauletf98e6262020-05-06 09:42:04 +02008597 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008598 conn = (kw[4] != 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
8599 else
8600 conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8601 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard6b77f492018-11-22 18:18:29 +01008602
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008603 ssl = ssl_sock_get_ssl_object(conn);
8604 if (!ssl)
Willy Tarreauab861d32013-04-02 02:30:41 +02008605 return 0;
8606
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008607 smp->data.u.str.area = NULL;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008608 SSL_get0_alpn_selected(ssl,
Willy Tarreau105599c2020-02-25 08:59:23 +01008609 (const unsigned char **)&smp->data.u.str.area,
8610 &len);
Willy Tarreauab861d32013-04-02 02:30:41 +02008611
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008612 if (!smp->data.u.str.area)
Willy Tarreauab861d32013-04-02 02:30:41 +02008613 return 0;
8614
Willy Tarreau105599c2020-02-25 08:59:23 +01008615 smp->data.u.str.data = len;
Willy Tarreauab861d32013-04-02 02:30:41 +02008616 return 1;
8617}
8618#endif
8619
Emeric Brun645ae792014-04-30 14:21:06 +02008620/* string, returns the used protocol if front conn. transport layer is SSL.
8621 * This function is also usable on backend conn if the fetch keyword 5th
8622 * char is 'b'.
8623 */
Willy Tarreaua33c6542012-10-15 13:19:06 +02008624static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008625smp_fetch_ssl_fc_protocol(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02008626{
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008627 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008628 SSL *ssl;
Willy Tarreaube508f12016-03-10 11:47:01 +01008629
Christopher Fauletf98e6262020-05-06 09:42:04 +02008630 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008631 conn = (kw[4] != 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
8632 else
8633 conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8634 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
8635
Emeric Brun589fcad2012-10-16 14:13:26 +02008636 smp->flags = 0;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008637 ssl = ssl_sock_get_ssl_object(conn);
8638 if (!ssl)
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008639 return 0;
8640
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008641 smp->data.u.str.area = (char *)SSL_get_version(ssl);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008642 if (!smp->data.u.str.area)
Emeric Brun589fcad2012-10-16 14:13:26 +02008643 return 0;
8644
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008645 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008646 smp->flags = SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008647 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brun589fcad2012-10-16 14:13:26 +02008648
8649 return 1;
8650}
8651
Willy Tarreau87b09662015-04-03 00:22:06 +02008652/* binary, returns the SSL stream id if front conn. transport layer is SSL.
Emeric Brun645ae792014-04-30 14:21:06 +02008653 * This function is also usable on backend conn if the fetch keyword 5th
8654 * char is 'b'.
8655 */
Willy Tarreau9a1ab082019-05-09 13:26:41 +02008656#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Emeric Brun589fcad2012-10-16 14:13:26 +02008657static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008658smp_fetch_ssl_fc_session_id(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunfe68f682012-10-16 14:59:28 +02008659{
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008660 struct connection *conn;
Willy Tarreaue237fe12016-03-10 17:05:28 +01008661 SSL_SESSION *ssl_sess;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008662 SSL *ssl;
Willy Tarreau105599c2020-02-25 08:59:23 +01008663 unsigned int len = 0;
Willy Tarreaube508f12016-03-10 11:47:01 +01008664
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008665 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008666 smp->data.type = SMP_T_BIN;
Emeric Brunfe68f682012-10-16 14:59:28 +02008667
Christopher Fauletf98e6262020-05-06 09:42:04 +02008668 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008669 conn = (kw[4] != 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
8670 else
8671 conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8672 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
8673
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008674 ssl = ssl_sock_get_ssl_object(conn);
8675 if (!ssl)
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008676 return 0;
8677
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008678 ssl_sess = SSL_get_session(ssl);
Willy Tarreau192252e2015-04-04 01:47:55 +02008679 if (!ssl_sess)
Emeric Brunfe68f682012-10-16 14:59:28 +02008680 return 0;
8681
Willy Tarreau105599c2020-02-25 08:59:23 +01008682 smp->data.u.str.area = (char *)SSL_SESSION_get_id(ssl_sess, &len);
Dragan Dosenf35d69e2020-05-04 09:07:28 +02008683 if (!smp->data.u.str.area || !len)
Emeric Brunfe68f682012-10-16 14:59:28 +02008684 return 0;
8685
Willy Tarreau105599c2020-02-25 08:59:23 +01008686 smp->data.u.str.data = len;
Emeric Brunfe68f682012-10-16 14:59:28 +02008687 return 1;
Emeric Brunfe68f682012-10-16 14:59:28 +02008688}
Patrick Hemmer41966772018-04-28 19:15:48 -04008689#endif
8690
Emeric Brunfe68f682012-10-16 14:59:28 +02008691
Emmanuel Hocdet839af572019-05-14 16:27:35 +02008692#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
Patrick Hemmere0275472018-04-28 19:15:51 -04008693static int
Patrick Hemmer65674662019-06-04 08:13:03 -04008694smp_fetch_ssl_fc_random(const struct arg *args, struct sample *smp, const char *kw, void *private)
8695{
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008696 struct connection *conn;
Patrick Hemmer65674662019-06-04 08:13:03 -04008697 struct buffer *data;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008698 SSL *ssl;
Patrick Hemmer65674662019-06-04 08:13:03 -04008699
Christopher Fauletf98e6262020-05-06 09:42:04 +02008700 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008701 conn = (kw[4] != 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
8702 else
8703 conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8704 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
8705
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008706 ssl = ssl_sock_get_ssl_object(conn);
8707 if (!ssl)
Patrick Hemmer65674662019-06-04 08:13:03 -04008708 return 0;
Patrick Hemmer65674662019-06-04 08:13:03 -04008709
8710 data = get_trash_chunk();
8711 if (kw[7] == 'c')
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008712 data->data = SSL_get_client_random(ssl,
Patrick Hemmer65674662019-06-04 08:13:03 -04008713 (unsigned char *) data->area,
8714 data->size);
8715 else
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008716 data->data = SSL_get_server_random(ssl,
Patrick Hemmer65674662019-06-04 08:13:03 -04008717 (unsigned char *) data->area,
8718 data->size);
8719 if (!data->data)
8720 return 0;
8721
8722 smp->flags = 0;
8723 smp->data.type = SMP_T_BIN;
8724 smp->data.u.str = *data;
8725
8726 return 1;
8727}
8728
8729static int
Patrick Hemmere0275472018-04-28 19:15:51 -04008730smp_fetch_ssl_fc_session_key(const struct arg *args, struct sample *smp, const char *kw, void *private)
8731{
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008732 struct connection *conn;
Patrick Hemmere0275472018-04-28 19:15:51 -04008733 SSL_SESSION *ssl_sess;
Willy Tarreau83061a82018-07-13 11:56:34 +02008734 struct buffer *data;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008735 SSL *ssl;
Patrick Hemmere0275472018-04-28 19:15:51 -04008736
Christopher Fauletf98e6262020-05-06 09:42:04 +02008737 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008738 conn = (kw[4] != 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
8739 else
8740 conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8741 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
8742
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008743 ssl = ssl_sock_get_ssl_object(conn);
8744 if (!ssl)
Patrick Hemmere0275472018-04-28 19:15:51 -04008745 return 0;
8746
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008747 ssl_sess = SSL_get_session(ssl);
Patrick Hemmere0275472018-04-28 19:15:51 -04008748 if (!ssl_sess)
8749 return 0;
8750
8751 data = get_trash_chunk();
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008752 data->data = SSL_SESSION_get_master_key(ssl_sess,
8753 (unsigned char *) data->area,
8754 data->size);
8755 if (!data->data)
Patrick Hemmere0275472018-04-28 19:15:51 -04008756 return 0;
8757
8758 smp->flags = 0;
8759 smp->data.type = SMP_T_BIN;
8760 smp->data.u.str = *data;
8761
8762 return 1;
8763}
8764#endif
8765
Patrick Hemmer41966772018-04-28 19:15:48 -04008766#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Emeric Brunfe68f682012-10-16 14:59:28 +02008767static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008768smp_fetch_ssl_fc_sni(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau7875d092012-09-10 08:20:03 +02008769{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008770 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008771 SSL *ssl;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008772
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008773 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008774 smp->data.type = SMP_T_STR;
Willy Tarreau7875d092012-09-10 08:20:03 +02008775
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008776 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008777 ssl = ssl_sock_get_ssl_object(conn);
8778 if (!ssl)
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008779 return 0;
8780
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008781 smp->data.u.str.area = (char *)SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008782 if (!smp->data.u.str.area)
Willy Tarreau3e394c92012-09-14 23:56:58 +02008783 return 0;
8784
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008785 smp->data.u.str.data = strlen(smp->data.u.str.area);
Willy Tarreau7875d092012-09-10 08:20:03 +02008786 return 1;
Willy Tarreau7875d092012-09-10 08:20:03 +02008787}
Patrick Hemmer41966772018-04-28 19:15:48 -04008788#endif
Willy Tarreau7875d092012-09-10 08:20:03 +02008789
David Sc1ad52e2014-04-08 18:48:47 -04008790static int
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008791smp_fetch_ssl_fc_cl_bin(const struct arg *args, struct sample *smp, const char *kw, void *private)
8792{
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008793 struct connection *conn;
8794 struct ssl_capture *capture;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008795 SSL *ssl;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008796
8797 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008798 ssl = ssl_sock_get_ssl_object(conn);
8799 if (!ssl)
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008800 return 0;
8801
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008802 capture = SSL_get_ex_data(ssl, ssl_capture_ptr_index);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008803 if (!capture)
8804 return 0;
8805
8806 smp->flags = SMP_F_CONST;
8807 smp->data.type = SMP_T_BIN;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008808 smp->data.u.str.area = capture->ciphersuite;
8809 smp->data.u.str.data = capture->ciphersuite_len;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008810 return 1;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008811}
8812
8813static int
8814smp_fetch_ssl_fc_cl_hex(const struct arg *args, struct sample *smp, const char *kw, void *private)
8815{
Willy Tarreau83061a82018-07-13 11:56:34 +02008816 struct buffer *data;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008817
8818 if (!smp_fetch_ssl_fc_cl_bin(args, smp, kw, private))
8819 return 0;
8820
8821 data = get_trash_chunk();
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008822 dump_binary(data, smp->data.u.str.area, smp->data.u.str.data);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008823 smp->data.type = SMP_T_BIN;
8824 smp->data.u.str = *data;
8825 return 1;
8826}
8827
8828static int
8829smp_fetch_ssl_fc_cl_xxh64(const struct arg *args, struct sample *smp, const char *kw, void *private)
8830{
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008831 struct connection *conn;
8832 struct ssl_capture *capture;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008833 SSL *ssl;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008834
8835 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008836 ssl = ssl_sock_get_ssl_object(conn);
8837 if (!ssl)
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008838 return 0;
8839
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008840 capture = SSL_get_ex_data(ssl, ssl_capture_ptr_index);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008841 if (!capture)
8842 return 0;
8843
8844 smp->data.type = SMP_T_SINT;
8845 smp->data.u.sint = capture->xxh64;
8846 return 1;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008847}
8848
8849static int
8850smp_fetch_ssl_fc_cl_str(const struct arg *args, struct sample *smp, const char *kw, void *private)
8851{
Willy Tarreau5db847a2019-05-09 14:13:35 +02008852#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL)
Willy Tarreau83061a82018-07-13 11:56:34 +02008853 struct buffer *data;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008854 int i;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008855
8856 if (!smp_fetch_ssl_fc_cl_bin(args, smp, kw, private))
8857 return 0;
8858
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008859 data = get_trash_chunk();
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008860 for (i = 0; i + 1 < smp->data.u.str.data; i += 2) {
Emmanuel Hocdetddcde192017-09-01 17:32:08 +02008861 const char *str;
8862 const SSL_CIPHER *cipher;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008863 const unsigned char *bin = (const unsigned char *) smp->data.u.str.area + i;
Emmanuel Hocdetddcde192017-09-01 17:32:08 +02008864 uint16_t id = (bin[0] << 8) | bin[1];
8865#if defined(OPENSSL_IS_BORINGSSL)
8866 cipher = SSL_get_cipher_by_value(id);
8867#else
Willy Tarreaub7290772018-10-15 11:01:59 +02008868 struct connection *conn = __objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008869 SSL *ssl = ssl_sock_get_ssl_object(conn);
8870 cipher = SSL_CIPHER_find(ssl, bin);
Emmanuel Hocdetddcde192017-09-01 17:32:08 +02008871#endif
8872 str = SSL_CIPHER_get_name(cipher);
8873 if (!str || strcmp(str, "(NONE)") == 0)
8874 chunk_appendf(data, "%sUNKNOWN(%04x)", i == 0 ? "" : ",", id);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008875 else
8876 chunk_appendf(data, "%s%s", i == 0 ? "" : ",", str);
8877 }
8878 smp->data.type = SMP_T_STR;
8879 smp->data.u.str = *data;
8880 return 1;
8881#else
8882 return smp_fetch_ssl_fc_cl_xxh64(args, smp, kw, private);
8883#endif
8884}
8885
Willy Tarreau9a1ab082019-05-09 13:26:41 +02008886#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008887static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008888smp_fetch_ssl_fc_unique_id(const struct arg *args, struct sample *smp, const char *kw, void *private)
David Sc1ad52e2014-04-08 18:48:47 -04008889{
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008890 struct connection *conn;
David Sc1ad52e2014-04-08 18:48:47 -04008891 int finished_len;
Willy Tarreau83061a82018-07-13 11:56:34 +02008892 struct buffer *finished_trash;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008893 SSL *ssl;
David Sc1ad52e2014-04-08 18:48:47 -04008894
Christopher Fauletf98e6262020-05-06 09:42:04 +02008895 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
Christopher Fauletd92ea7f2020-04-30 10:03:55 +02008896 conn = (kw[4] != 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
8897 else
8898 conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8899 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
8900
David Sc1ad52e2014-04-08 18:48:47 -04008901 smp->flags = 0;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008902 ssl = ssl_sock_get_ssl_object(conn);
8903 if (!ssl)
David Sc1ad52e2014-04-08 18:48:47 -04008904 return 0;
8905
Willy Tarreau911db9b2020-01-23 16:27:54 +01008906 if (conn->flags & CO_FL_WAIT_XPRT) {
David Sc1ad52e2014-04-08 18:48:47 -04008907 smp->flags |= SMP_F_MAY_CHANGE;
8908 return 0;
8909 }
8910
8911 finished_trash = get_trash_chunk();
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008912 if (!SSL_session_reused(ssl))
8913 finished_len = SSL_get_peer_finished(ssl,
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008914 finished_trash->area,
8915 finished_trash->size);
David Sc1ad52e2014-04-08 18:48:47 -04008916 else
Dragan Dosen2dec6a32020-05-11 17:25:19 +02008917 finished_len = SSL_get_finished(ssl,
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008918 finished_trash->area,
8919 finished_trash->size);
David Sc1ad52e2014-04-08 18:48:47 -04008920
8921 if (!finished_len)
8922 return 0;
8923
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008924 finished_trash->data = finished_len;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008925 smp->data.u.str = *finished_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008926 smp->data.type = SMP_T_BIN;
David Sc1ad52e2014-04-08 18:48:47 -04008927
8928 return 1;
David Sc1ad52e2014-04-08 18:48:47 -04008929}
Patrick Hemmer41966772018-04-28 19:15:48 -04008930#endif
David Sc1ad52e2014-04-08 18:48:47 -04008931
Emeric Brun2525b6b2012-10-18 15:59:43 +02008932/* integer, returns the first verify error in CA chain of client certificate chain. */
Emeric Brunf282a812012-09-21 15:27:54 +02008933static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008934smp_fetch_ssl_c_ca_err(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunf282a812012-09-21 15:27:54 +02008935{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008936 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008937 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008938
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008939 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008940 if (!conn || conn->xprt != &ssl_sock)
8941 return 0;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008942 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008943
Willy Tarreau911db9b2020-01-23 16:27:54 +01008944 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunf282a812012-09-21 15:27:54 +02008945 smp->flags = SMP_F_MAY_CHANGE;
8946 return 0;
8947 }
8948
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008949 smp->data.type = SMP_T_SINT;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008950 smp->data.u.sint = (unsigned long long int)SSL_SOCK_ST_TO_CA_ERROR(ctx->xprt_st);
Emeric Brunf282a812012-09-21 15:27:54 +02008951 smp->flags = 0;
8952
8953 return 1;
8954}
8955
Emeric Brun2525b6b2012-10-18 15:59:43 +02008956/* integer, returns the depth of the first verify error in CA chain of client certificate chain. */
Emeric Brunf282a812012-09-21 15:27:54 +02008957static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008958smp_fetch_ssl_c_ca_err_depth(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunf282a812012-09-21 15:27:54 +02008959{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008960 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008961 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008962
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008963 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008964 if (!conn || conn->xprt != &ssl_sock)
Emeric Brunf282a812012-09-21 15:27:54 +02008965 return 0;
8966
Willy Tarreau911db9b2020-01-23 16:27:54 +01008967 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunf282a812012-09-21 15:27:54 +02008968 smp->flags = SMP_F_MAY_CHANGE;
8969 return 0;
8970 }
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008971 ctx = conn->xprt_ctx;
Emeric Brunf282a812012-09-21 15:27:54 +02008972
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008973 smp->data.type = SMP_T_SINT;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008974 smp->data.u.sint = (long long int)SSL_SOCK_ST_TO_CAEDEPTH(ctx->xprt_st);
Emeric Brunf282a812012-09-21 15:27:54 +02008975 smp->flags = 0;
8976
8977 return 1;
8978}
8979
Emeric Brun2525b6b2012-10-18 15:59:43 +02008980/* integer, returns the first verify error on client certificate */
Emeric Brunf282a812012-09-21 15:27:54 +02008981static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008982smp_fetch_ssl_c_err(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunf282a812012-09-21 15:27:54 +02008983{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008984 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008985 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008986
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008987 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008988 if (!conn || conn->xprt != &ssl_sock)
8989 return 0;
8990
Willy Tarreau911db9b2020-01-23 16:27:54 +01008991 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunf282a812012-09-21 15:27:54 +02008992 smp->flags = SMP_F_MAY_CHANGE;
8993 return 0;
8994 }
8995
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008996 ctx = conn->xprt_ctx;
8997
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008998 smp->data.type = SMP_T_SINT;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008999 smp->data.u.sint = (long long int)SSL_SOCK_ST_TO_CRTERROR(ctx->xprt_st);
Emeric Brunf282a812012-09-21 15:27:54 +02009000 smp->flags = 0;
9001
9002 return 1;
9003}
9004
Emeric Brun2525b6b2012-10-18 15:59:43 +02009005/* integer, returns the verify result on client cert */
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02009006static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02009007smp_fetch_ssl_c_verify(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02009008{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02009009 struct connection *conn;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02009010 SSL *ssl;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02009011
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02009012 conn = objt_conn(smp->sess->origin);
Dragan Dosen2dec6a32020-05-11 17:25:19 +02009013 ssl = ssl_sock_get_ssl_object(conn);
9014 if (!ssl)
Willy Tarreaub363a1f2013-10-01 10:45:07 +02009015 return 0;
9016
Willy Tarreau911db9b2020-01-23 16:27:54 +01009017 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02009018 smp->flags = SMP_F_MAY_CHANGE;
9019 return 0;
9020 }
9021
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02009022 smp->data.type = SMP_T_SINT;
Dragan Dosen2dec6a32020-05-11 17:25:19 +02009023 smp->data.u.sint = (long long int)SSL_get_verify_result(ssl);
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02009024 smp->flags = 0;
9025
9026 return 1;
9027}
9028
Emmanuel Hocdet842e94e2019-12-16 16:39:17 +01009029/* for ca-file and ca-verify-file */
9030static int ssl_bind_parse_ca_file_common(char **args, int cur_arg, char **ca_file_p, char **err)
Emeric Brund94b3fe2012-09-20 18:23:56 +02009031{
9032 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009033 memprintf(err, "'%s' : missing CAfile path", args[cur_arg]);
Emeric Brund94b3fe2012-09-20 18:23:56 +02009034 return ERR_ALERT | ERR_FATAL;
9035 }
9036
Willy Tarreauef934602016-12-22 23:12:01 +01009037 if ((*args[cur_arg + 1] != '/') && global_ssl.ca_base)
Emmanuel Hocdet842e94e2019-12-16 16:39:17 +01009038 memprintf(ca_file_p, "%s/%s", global_ssl.ca_base, args[cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +02009039 else
Emmanuel Hocdet842e94e2019-12-16 16:39:17 +01009040 memprintf(ca_file_p, "%s", args[cur_arg + 1]);
Emeric Brunc8e8d122012-10-02 18:42:10 +02009041
Emmanuel Hocdet842e94e2019-12-16 16:39:17 +01009042 if (!ssl_store_load_locations_file(*ca_file_p)) {
9043 memprintf(err, "'%s' : unable to load %s", args[cur_arg], *ca_file_p);
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +02009044 return ERR_ALERT | ERR_FATAL;
9045 }
Emeric Brund94b3fe2012-09-20 18:23:56 +02009046 return 0;
9047}
Emmanuel Hocdet842e94e2019-12-16 16:39:17 +01009048
9049/* parse the "ca-file" bind keyword */
9050static int ssl_bind_parse_ca_file(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
9051{
9052 return ssl_bind_parse_ca_file_common(args, cur_arg, &conf->ca_file, err);
9053}
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009054static int bind_parse_ca_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9055{
9056 return ssl_bind_parse_ca_file(args, cur_arg, px, &conf->ssl_conf, err);
9057}
Emeric Brund94b3fe2012-09-20 18:23:56 +02009058
Emmanuel Hocdet842e94e2019-12-16 16:39:17 +01009059/* parse the "ca-verify-file" bind keyword */
9060static int ssl_bind_parse_ca_verify_file(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
9061{
9062 return ssl_bind_parse_ca_file_common(args, cur_arg, &conf->ca_verify_file, err);
9063}
9064static int bind_parse_ca_verify_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9065{
9066 return ssl_bind_parse_ca_verify_file(args, cur_arg, px, &conf->ssl_conf, err);
9067}
9068
Christopher Faulet31af49d2015-06-09 17:29:50 +02009069/* parse the "ca-sign-file" bind keyword */
9070static int bind_parse_ca_sign_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9071{
9072 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009073 memprintf(err, "'%s' : missing CAfile path", args[cur_arg]);
Christopher Faulet31af49d2015-06-09 17:29:50 +02009074 return ERR_ALERT | ERR_FATAL;
9075 }
9076
Willy Tarreauef934602016-12-22 23:12:01 +01009077 if ((*args[cur_arg + 1] != '/') && global_ssl.ca_base)
9078 memprintf(&conf->ca_sign_file, "%s/%s", global_ssl.ca_base, args[cur_arg + 1]);
Christopher Faulet31af49d2015-06-09 17:29:50 +02009079 else
9080 memprintf(&conf->ca_sign_file, "%s", args[cur_arg + 1]);
9081
9082 return 0;
9083}
9084
Bertrand Jacquinff13c062016-11-13 16:37:11 +00009085/* parse the "ca-sign-pass" bind keyword */
Christopher Faulet31af49d2015-06-09 17:29:50 +02009086static int bind_parse_ca_sign_pass(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9087{
9088 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009089 memprintf(err, "'%s' : missing CAkey password", args[cur_arg]);
Christopher Faulet31af49d2015-06-09 17:29:50 +02009090 return ERR_ALERT | ERR_FATAL;
9091 }
9092 memprintf(&conf->ca_sign_pass, "%s", args[cur_arg + 1]);
9093 return 0;
9094}
9095
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009096/* parse the "ciphers" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009097static int ssl_bind_parse_ciphers(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009098{
9099 if (!*args[cur_arg + 1]) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +02009100 memprintf(err, "'%s' : missing cipher suite", args[cur_arg]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009101 return ERR_ALERT | ERR_FATAL;
9102 }
9103
Emeric Brun76d88952012-10-05 15:47:31 +02009104 free(conf->ciphers);
Willy Tarreau4348fad2012-09-20 16:48:07 +02009105 conf->ciphers = strdup(args[cur_arg + 1]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009106 return 0;
9107}
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009108static int bind_parse_ciphers(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9109{
9110 return ssl_bind_parse_ciphers(args, cur_arg, px, &conf->ssl_conf, err);
9111}
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009112
Emmanuel Hocdet839af572019-05-14 16:27:35 +02009113#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009114/* parse the "ciphersuites" bind keyword */
9115static int ssl_bind_parse_ciphersuites(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
9116{
9117 if (!*args[cur_arg + 1]) {
9118 memprintf(err, "'%s' : missing cipher suite", args[cur_arg]);
9119 return ERR_ALERT | ERR_FATAL;
9120 }
9121
9122 free(conf->ciphersuites);
9123 conf->ciphersuites = strdup(args[cur_arg + 1]);
9124 return 0;
9125}
9126static int bind_parse_ciphersuites(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9127{
9128 return ssl_bind_parse_ciphersuites(args, cur_arg, px, &conf->ssl_conf, err);
9129}
9130#endif
9131
Willy Tarreaubbc91962019-10-16 16:42:19 +02009132/* parse the "crt" bind keyword. Returns a set of ERR_* flags possibly with an error in <err>. */
Willy Tarreau4348fad2012-09-20 16:48:07 +02009133static int bind_parse_crt(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009134{
Willy Tarreau38011032013-08-13 16:59:39 +02009135 char path[MAXPATHLEN];
Willy Tarreaub75d6922014-04-14 18:05:41 +02009136
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009137 if (!*args[cur_arg + 1]) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +02009138 memprintf(err, "'%s' : missing certificate location", args[cur_arg]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009139 return ERR_ALERT | ERR_FATAL;
9140 }
9141
Willy Tarreauef934602016-12-22 23:12:01 +01009142 if ((*args[cur_arg + 1] != '/' ) && global_ssl.crt_base) {
9143 if ((strlen(global_ssl.crt_base) + 1 + strlen(args[cur_arg + 1]) + 1) > MAXPATHLEN) {
Emeric Brunc8e8d122012-10-02 18:42:10 +02009144 memprintf(err, "'%s' : path too long", args[cur_arg]);
9145 return ERR_ALERT | ERR_FATAL;
9146 }
Willy Tarreauef934602016-12-22 23:12:01 +01009147 snprintf(path, sizeof(path), "%s/%s", global_ssl.crt_base, args[cur_arg + 1]);
Willy Tarreaubbc91962019-10-16 16:42:19 +02009148 return ssl_sock_load_cert(path, conf, err);
Emeric Brunc8e8d122012-10-02 18:42:10 +02009149 }
9150
Willy Tarreaubbc91962019-10-16 16:42:19 +02009151 return ssl_sock_load_cert(args[cur_arg + 1], conf, err);
Emeric Brund94b3fe2012-09-20 18:23:56 +02009152}
9153
Willy Tarreaubbc91962019-10-16 16:42:19 +02009154/* parse the "crt-list" bind keyword. Returns a set of ERR_* flags possibly with an error in <err>. */
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01009155static int bind_parse_crt_list(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9156{
Willy Tarreaubbc91962019-10-16 16:42:19 +02009157 int err_code;
9158
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01009159 if (!*args[cur_arg + 1]) {
9160 memprintf(err, "'%s' : missing certificate location", args[cur_arg]);
9161 return ERR_ALERT | ERR_FATAL;
9162 }
9163
William Lallemand6be66ec2020-03-06 22:26:32 +01009164 err_code = ssl_sock_load_cert_list_file(args[cur_arg + 1], 0, conf, px, err);
Willy Tarreaubbc91962019-10-16 16:42:19 +02009165 if (err_code)
Willy Tarreauad1731d2013-04-02 17:35:58 +02009166 memprintf(err, "'%s' : %s", args[cur_arg], *err);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01009167
Willy Tarreaubbc91962019-10-16 16:42:19 +02009168 return err_code;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01009169}
9170
Emeric Brunfb510ea2012-10-05 12:00:26 +02009171/* parse the "crl-file" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009172static int ssl_bind_parse_crl_file(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Emeric Brund94b3fe2012-09-20 18:23:56 +02009173{
Emeric Brun051cdab2012-10-02 19:25:50 +02009174#ifndef X509_V_FLAG_CRL_CHECK
Tim Duesterhus93128532019-11-23 23:45:10 +01009175 memprintf(err, "'%s' : library does not support CRL verify", args[cur_arg]);
Emeric Brun051cdab2012-10-02 19:25:50 +02009176 return ERR_ALERT | ERR_FATAL;
9177#else
Emeric Brund94b3fe2012-09-20 18:23:56 +02009178 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009179 memprintf(err, "'%s' : missing CRLfile path", args[cur_arg]);
Emeric Brund94b3fe2012-09-20 18:23:56 +02009180 return ERR_ALERT | ERR_FATAL;
9181 }
Emeric Brun2b58d042012-09-20 17:10:03 +02009182
Willy Tarreauef934602016-12-22 23:12:01 +01009183 if ((*args[cur_arg + 1] != '/') && global_ssl.ca_base)
9184 memprintf(&conf->crl_file, "%s/%s", global_ssl.ca_base, args[cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +02009185 else
9186 memprintf(&conf->crl_file, "%s", args[cur_arg + 1]);
Emeric Brunc8e8d122012-10-02 18:42:10 +02009187
Emmanuel Hocdetb270e812019-11-21 19:09:31 +01009188 if (!ssl_store_load_locations_file(conf->crl_file)) {
9189 memprintf(err, "'%s' : unable to load %s", args[cur_arg], conf->crl_file);
9190 return ERR_ALERT | ERR_FATAL;
9191 }
Emeric Brun2b58d042012-09-20 17:10:03 +02009192 return 0;
Emeric Brun051cdab2012-10-02 19:25:50 +02009193#endif
Emeric Brun2b58d042012-09-20 17:10:03 +02009194}
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009195static int bind_parse_crl_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9196{
9197 return ssl_bind_parse_crl_file(args, cur_arg, px, &conf->ssl_conf, err);
9198}
Emeric Brun2b58d042012-09-20 17:10:03 +02009199
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01009200/* parse the "curves" bind keyword keyword */
9201static int ssl_bind_parse_curves(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
9202{
Lukas Tribusd14b49c2019-11-24 18:20:40 +01009203#if ((HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL) || defined(LIBRESSL_VERSION_NUMBER))
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01009204 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009205 memprintf(err, "'%s' : missing curve suite", args[cur_arg]);
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01009206 return ERR_ALERT | ERR_FATAL;
9207 }
9208 conf->curves = strdup(args[cur_arg + 1]);
9209 return 0;
9210#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009211 memprintf(err, "'%s' : library does not support curve suite", args[cur_arg]);
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01009212 return ERR_ALERT | ERR_FATAL;
9213#endif
9214}
9215static int bind_parse_curves(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9216{
9217 return ssl_bind_parse_curves(args, cur_arg, px, &conf->ssl_conf, err);
9218}
9219
Bertrand Jacquinff13c062016-11-13 16:37:11 +00009220/* parse the "ecdhe" bind keyword keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009221static int ssl_bind_parse_ecdhe(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Emeric Brun2b58d042012-09-20 17:10:03 +02009222{
Willy Tarreau9a1ab082019-05-09 13:26:41 +02009223#if HA_OPENSSL_VERSION_NUMBER < 0x0090800fL
Tim Duesterhus93128532019-11-23 23:45:10 +01009224 memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (too old)", args[cur_arg]);
Emeric Brun2b58d042012-09-20 17:10:03 +02009225 return ERR_ALERT | ERR_FATAL;
9226#elif defined(OPENSSL_NO_ECDH)
Tim Duesterhus93128532019-11-23 23:45:10 +01009227 memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (disabled via OPENSSL_NO_ECDH)", args[cur_arg]);
Emeric Brun2b58d042012-09-20 17:10:03 +02009228 return ERR_ALERT | ERR_FATAL;
9229#else
9230 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009231 memprintf(err, "'%s' : missing named curve", args[cur_arg]);
Emeric Brun2b58d042012-09-20 17:10:03 +02009232 return ERR_ALERT | ERR_FATAL;
9233 }
9234
9235 conf->ecdhe = strdup(args[cur_arg + 1]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009236
9237 return 0;
Emeric Brun2b58d042012-09-20 17:10:03 +02009238#endif
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009239}
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009240static int bind_parse_ecdhe(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9241{
9242 return ssl_bind_parse_ecdhe(args, cur_arg, px, &conf->ssl_conf, err);
9243}
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009244
Bertrand Jacquinff13c062016-11-13 16:37:11 +00009245/* parse the "crt-ignore-err" and "ca-ignore-err" bind keywords */
Emeric Brun81c00f02012-09-21 14:31:21 +02009246static int bind_parse_ignore_err(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9247{
9248 int code;
9249 char *p = args[cur_arg + 1];
9250 unsigned long long *ignerr = &conf->crt_ignerr;
9251
9252 if (!*p) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009253 memprintf(err, "'%s' : missing error IDs list", args[cur_arg]);
Emeric Brun81c00f02012-09-21 14:31:21 +02009254 return ERR_ALERT | ERR_FATAL;
9255 }
9256
9257 if (strcmp(args[cur_arg], "ca-ignore-err") == 0)
9258 ignerr = &conf->ca_ignerr;
9259
9260 if (strcmp(p, "all") == 0) {
9261 *ignerr = ~0ULL;
9262 return 0;
9263 }
9264
9265 while (p) {
9266 code = atoi(p);
9267 if ((code <= 0) || (code > 63)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009268 memprintf(err, "'%s' : ID '%d' out of range (1..63) in error IDs list '%s'",
9269 args[cur_arg], code, args[cur_arg + 1]);
Emeric Brun81c00f02012-09-21 14:31:21 +02009270 return ERR_ALERT | ERR_FATAL;
9271 }
9272 *ignerr |= 1ULL << code;
9273 p = strchr(p, ',');
9274 if (p)
9275 p++;
9276 }
9277
Emeric Brun2cb7ae52012-10-05 14:14:21 +02009278 return 0;
9279}
9280
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009281/* parse tls_method_options "no-xxx" and "force-xxx" */
9282static int parse_tls_method_options(char *arg, struct tls_version_filter *methods, char **err)
Emeric Brun2cb7ae52012-10-05 14:14:21 +02009283{
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009284 uint16_t v;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02009285 char *p;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02009286 p = strchr(arg, '-');
9287 if (!p)
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009288 goto fail;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02009289 p++;
9290 if (!strcmp(p, "sslv3"))
9291 v = CONF_SSLV3;
9292 else if (!strcmp(p, "tlsv10"))
9293 v = CONF_TLSV10;
9294 else if (!strcmp(p, "tlsv11"))
9295 v = CONF_TLSV11;
9296 else if (!strcmp(p, "tlsv12"))
9297 v = CONF_TLSV12;
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +02009298 else if (!strcmp(p, "tlsv13"))
9299 v = CONF_TLSV13;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02009300 else
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009301 goto fail;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02009302 if (!strncmp(arg, "no-", 3))
9303 methods->flags |= methodVersions[v].flag;
9304 else if (!strncmp(arg, "force-", 6))
9305 methods->min = methods->max = v;
9306 else
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009307 goto fail;
Emeric Brun2d0c4822012-10-02 13:45:20 +02009308 return 0;
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009309 fail:
Tim Duesterhus93128532019-11-23 23:45:10 +01009310 memprintf(err, "'%s' : option not implemented", arg);
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009311 return ERR_ALERT | ERR_FATAL;
Emeric Brun2d0c4822012-10-02 13:45:20 +02009312}
9313
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02009314static int bind_parse_tls_method_options(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Emeric Brun2cb7ae52012-10-05 14:14:21 +02009315{
Emmanuel Hocdet43664762017-08-09 18:26:20 +02009316 return parse_tls_method_options(args[cur_arg], &conf->ssl_conf.ssl_methods, err);
Emeric Brun2cb7ae52012-10-05 14:14:21 +02009317}
9318
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02009319static int srv_parse_tls_method_options(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
Emeric Brun2cb7ae52012-10-05 14:14:21 +02009320{
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009321 return parse_tls_method_options(args[*cur_arg], &newsrv->ssl_ctx.methods, err);
9322}
9323
9324/* parse tls_method min/max: "ssl-min-ver" and "ssl-max-ver" */
9325static int parse_tls_method_minmax(char **args, int cur_arg, struct tls_version_filter *methods, char **err)
9326{
9327 uint16_t i, v = 0;
9328 char *argv = args[cur_arg + 1];
9329 if (!*argv) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009330 memprintf(err, "'%s' : missing the ssl/tls version", args[cur_arg]);
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009331 return ERR_ALERT | ERR_FATAL;
9332 }
9333 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
9334 if (!strcmp(argv, methodVersions[i].name))
9335 v = i;
9336 if (!v) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009337 memprintf(err, "'%s' : unknown ssl/tls version", args[cur_arg + 1]);
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02009338 return ERR_ALERT | ERR_FATAL;
9339 }
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009340 if (!strcmp("ssl-min-ver", args[cur_arg]))
9341 methods->min = v;
9342 else if (!strcmp("ssl-max-ver", args[cur_arg]))
9343 methods->max = v;
9344 else {
Tim Duesterhus93128532019-11-23 23:45:10 +01009345 memprintf(err, "'%s' : option not implemented", args[cur_arg]);
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009346 return ERR_ALERT | ERR_FATAL;
9347 }
Emeric Brun2cb7ae52012-10-05 14:14:21 +02009348 return 0;
Emeric Brun2cb7ae52012-10-05 14:14:21 +02009349}
Emeric Brun2cb7ae52012-10-05 14:14:21 +02009350
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02009351static int ssl_bind_parse_tls_method_minmax(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
9352{
Willy Tarreau9a1ab082019-05-09 13:26:41 +02009353#if (HA_OPENSSL_VERSION_NUMBER < 0x10101000L) && !defined(OPENSSL_IS_BORINGSSL)
Christopher Faulet767a84b2017-11-24 16:50:31 +01009354 ha_warning("crt-list: ssl-min-ver and ssl-max-ver are not supported with this Openssl version (skipped).\n");
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02009355#endif
9356 return parse_tls_method_minmax(args, cur_arg, &conf->ssl_methods, err);
9357}
9358
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009359static int bind_parse_tls_method_minmax(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9360{
Emmanuel Hocdet43664762017-08-09 18:26:20 +02009361 return parse_tls_method_minmax(args, cur_arg, &conf->ssl_conf.ssl_methods, err);
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009362}
9363
9364static int srv_parse_tls_method_minmax(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9365{
9366 return parse_tls_method_minmax(args, *cur_arg, &newsrv->ssl_ctx.methods, err);
9367}
9368
Emeric Brun2d0c4822012-10-02 13:45:20 +02009369/* parse the "no-tls-tickets" bind keyword */
Emmanuel Hocdet4608ed92017-01-20 13:06:27 +01009370static int bind_parse_no_tls_tickets(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Emeric Brun2d0c4822012-10-02 13:45:20 +02009371{
Emeric Brun89675492012-10-05 13:48:26 +02009372 conf->ssl_options |= BC_SSL_O_NO_TLS_TICKETS;
Emeric Brun81c00f02012-09-21 14:31:21 +02009373 return 0;
9374}
Emeric Brun2d0c4822012-10-02 13:45:20 +02009375
Olivier Houchardc2aae742017-09-22 18:26:28 +02009376/* parse the "allow-0rtt" bind keyword */
9377static int ssl_bind_parse_allow_0rtt(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
9378{
9379 conf->early_data = 1;
9380 return 0;
9381}
9382
9383static int bind_parse_allow_0rtt(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9384{
Olivier Houchard9679ac92017-10-27 14:58:08 +02009385 conf->ssl_conf.early_data = 1;
Olivier Houchardc2aae742017-09-22 18:26:28 +02009386 return 0;
9387}
9388
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02009389/* parse the "npn" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009390static int ssl_bind_parse_npn(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02009391{
Bernard Spil13c53f82018-02-15 13:34:58 +01009392#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02009393 char *p1, *p2;
9394
9395 if (!*args[cur_arg + 1]) {
9396 memprintf(err, "'%s' : missing the comma-delimited NPN protocol suite", args[cur_arg]);
9397 return ERR_ALERT | ERR_FATAL;
9398 }
9399
9400 free(conf->npn_str);
9401
Willy Tarreau3724da12016-02-12 17:11:12 +01009402 /* the NPN string is built as a suite of (<len> <name>)*,
9403 * so we reuse each comma to store the next <len> and need
9404 * one more for the end of the string.
9405 */
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02009406 conf->npn_len = strlen(args[cur_arg + 1]) + 1;
Willy Tarreau3724da12016-02-12 17:11:12 +01009407 conf->npn_str = calloc(1, conf->npn_len + 1);
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02009408 memcpy(conf->npn_str + 1, args[cur_arg + 1], conf->npn_len);
9409
9410 /* replace commas with the name length */
9411 p1 = conf->npn_str;
9412 p2 = p1 + 1;
9413 while (1) {
9414 p2 = memchr(p1 + 1, ',', conf->npn_str + conf->npn_len - (p1 + 1));
9415 if (!p2)
9416 p2 = p1 + 1 + strlen(p1 + 1);
9417
9418 if (p2 - (p1 + 1) > 255) {
9419 *p2 = '\0';
9420 memprintf(err, "'%s' : NPN protocol name too long : '%s'", args[cur_arg], p1 + 1);
9421 return ERR_ALERT | ERR_FATAL;
9422 }
9423
9424 *p1 = p2 - (p1 + 1);
9425 p1 = p2;
9426
9427 if (!*p2)
9428 break;
9429
9430 *(p2++) = '\0';
9431 }
9432 return 0;
9433#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009434 memprintf(err, "'%s' : library does not support TLS NPN extension", args[cur_arg]);
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02009435 return ERR_ALERT | ERR_FATAL;
9436#endif
9437}
9438
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009439static int bind_parse_npn(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9440{
9441 return ssl_bind_parse_npn(args, cur_arg, px, &conf->ssl_conf, err);
9442}
9443
Christopher Fauletd75f57e2020-04-20 18:32:29 +02009444
9445/* Parses a alpn string and converts it to the right format for the SSL api */
9446int ssl_sock_parse_alpn(char *arg, char **alpn_str, int *alpn_len, char **err)
Willy Tarreauab861d32013-04-02 02:30:41 +02009447{
Christopher Fauletd75f57e2020-04-20 18:32:29 +02009448 char *p1, *p2, *alpn = NULL;
9449 int len, ret = 0;
Willy Tarreauab861d32013-04-02 02:30:41 +02009450
Christopher Fauletd75f57e2020-04-20 18:32:29 +02009451 *alpn_str = NULL;
9452 *alpn_len = 0;
Willy Tarreauab861d32013-04-02 02:30:41 +02009453
Christopher Fauletd75f57e2020-04-20 18:32:29 +02009454 if (!*arg) {
9455 memprintf(err, "missing the comma-delimited ALPN protocol suite");
9456 goto error;
9457 }
Willy Tarreauab861d32013-04-02 02:30:41 +02009458
Marcoen Hirschbergbef60912016-02-12 17:05:24 +01009459 /* the ALPN string is built as a suite of (<len> <name>)*,
9460 * so we reuse each comma to store the next <len> and need
9461 * one more for the end of the string.
9462 */
Christopher Fauletd75f57e2020-04-20 18:32:29 +02009463 len = strlen(arg) + 1;
9464 alpn = calloc(1, len+1);
9465 if (!alpn) {
9466 memprintf(err, "'%s' : out of memory", arg);
9467 goto error;
9468 }
9469 memcpy(alpn+1, arg, len);
Willy Tarreauab861d32013-04-02 02:30:41 +02009470
9471 /* replace commas with the name length */
Christopher Fauletd75f57e2020-04-20 18:32:29 +02009472 p1 = alpn;
Willy Tarreauab861d32013-04-02 02:30:41 +02009473 p2 = p1 + 1;
9474 while (1) {
Christopher Fauletd75f57e2020-04-20 18:32:29 +02009475 p2 = memchr(p1 + 1, ',', alpn + len - (p1 + 1));
Willy Tarreauab861d32013-04-02 02:30:41 +02009476 if (!p2)
9477 p2 = p1 + 1 + strlen(p1 + 1);
9478
9479 if (p2 - (p1 + 1) > 255) {
9480 *p2 = '\0';
Christopher Fauletd75f57e2020-04-20 18:32:29 +02009481 memprintf(err, "ALPN protocol name too long : '%s'", p1 + 1);
9482 goto error;
Willy Tarreauab861d32013-04-02 02:30:41 +02009483 }
9484
9485 *p1 = p2 - (p1 + 1);
9486 p1 = p2;
9487
9488 if (!*p2)
9489 break;
9490
9491 *(p2++) = '\0';
9492 }
Christopher Fauletd75f57e2020-04-20 18:32:29 +02009493
9494 *alpn_str = alpn;
9495 *alpn_len = len;
9496
9497 out:
9498 return ret;
9499
9500 error:
9501 free(alpn);
9502 ret = ERR_ALERT | ERR_FATAL;
9503 goto out;
9504}
9505
9506/* parse the "alpn" bind keyword */
9507static int ssl_bind_parse_alpn(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
9508{
9509#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
9510 int ret;
9511
9512 free(conf->alpn_str);
9513
9514 ret = ssl_sock_parse_alpn(args[cur_arg + 1], &conf->alpn_str, &conf->alpn_len, err);
9515 if (ret)
9516 memprintf(err, "'%s' : %s", args[cur_arg], *err);
9517 return ret;
Willy Tarreauab861d32013-04-02 02:30:41 +02009518#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009519 memprintf(err, "'%s' : library does not support TLS ALPN extension", args[cur_arg]);
Willy Tarreauab861d32013-04-02 02:30:41 +02009520 return ERR_ALERT | ERR_FATAL;
9521#endif
9522}
9523
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009524static int bind_parse_alpn(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9525{
9526 return ssl_bind_parse_alpn(args, cur_arg, px, &conf->ssl_conf, err);
9527}
9528
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009529/* parse the "ssl" bind keyword */
Willy Tarreau4348fad2012-09-20 16:48:07 +02009530static int bind_parse_ssl(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009531{
Willy Tarreau71a8c7c2016-12-21 22:04:54 +01009532 conf->xprt = &ssl_sock;
Willy Tarreau4348fad2012-09-20 16:48:07 +02009533 conf->is_ssl = 1;
Emeric Brun76d88952012-10-05 15:47:31 +02009534
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009535 if (global_ssl.listen_default_ciphers && !conf->ssl_conf.ciphers)
9536 conf->ssl_conf.ciphers = strdup(global_ssl.listen_default_ciphers);
Jerome Magninb203ff62020-04-03 15:28:22 +02009537#if ((HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL) || defined(LIBRESSL_VERSION_NUMBER))
9538 if (global_ssl.listen_default_curves && !conf->ssl_conf.curves)
9539 conf->ssl_conf.curves = strdup(global_ssl.listen_default_curves);
9540#endif
Emmanuel Hocdet839af572019-05-14 16:27:35 +02009541#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009542 if (global_ssl.listen_default_ciphersuites && !conf->ssl_conf.ciphersuites)
9543 conf->ssl_conf.ciphersuites = strdup(global_ssl.listen_default_ciphersuites);
9544#endif
Emmanuel Hocdet4608ed92017-01-20 13:06:27 +01009545 conf->ssl_options |= global_ssl.listen_default_ssloptions;
Emmanuel Hocdet43664762017-08-09 18:26:20 +02009546 conf->ssl_conf.ssl_methods.flags |= global_ssl.listen_default_sslmethods.flags;
9547 if (!conf->ssl_conf.ssl_methods.min)
9548 conf->ssl_conf.ssl_methods.min = global_ssl.listen_default_sslmethods.min;
9549 if (!conf->ssl_conf.ssl_methods.max)
9550 conf->ssl_conf.ssl_methods.max = global_ssl.listen_default_sslmethods.max;
Emeric Brun76d88952012-10-05 15:47:31 +02009551
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009552 return 0;
9553}
9554
Lukas Tribus53ae85c2017-05-04 15:45:40 +00009555/* parse the "prefer-client-ciphers" bind keyword */
9556static int bind_parse_pcc(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9557{
9558 conf->ssl_options |= BC_SSL_O_PREF_CLIE_CIPH;
9559 return 0;
9560}
9561
Christopher Faulet31af49d2015-06-09 17:29:50 +02009562/* parse the "generate-certificates" bind keyword */
9563static int bind_parse_generate_certs(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9564{
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01009565#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Christopher Faulet31af49d2015-06-09 17:29:50 +02009566 conf->generate_certs = 1;
9567#else
9568 memprintf(err, "%sthis version of openssl cannot generate SSL certificates.\n",
9569 err && *err ? *err : "");
9570#endif
9571 return 0;
9572}
9573
Emmanuel Hocdet65623372013-01-24 17:17:15 +01009574/* parse the "strict-sni" bind keyword */
9575static int bind_parse_strict_sni(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9576{
9577 conf->strict_sni = 1;
9578 return 0;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009579}
9580
9581/* parse the "tls-ticket-keys" bind keyword */
9582static int bind_parse_tls_ticket_keys(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9583{
9584#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
Christopher Faulete566f3d2019-10-21 09:55:49 +02009585 FILE *f = NULL;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009586 int i = 0;
9587 char thisline[LINESIZE];
Christopher Faulete566f3d2019-10-21 09:55:49 +02009588 struct tls_keys_ref *keys_ref = NULL;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009589
9590 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009591 memprintf(err, "'%s' : missing TLS ticket keys file path", args[cur_arg]);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009592 goto fail;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009593 }
9594
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02009595 keys_ref = tlskeys_ref_lookup(args[cur_arg + 1]);
Willy Tarreau17b4aa12018-07-17 10:05:32 +02009596 if (keys_ref) {
9597 keys_ref->refcount++;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02009598 conf->keys_ref = keys_ref;
9599 return 0;
9600 }
9601
Christopher Faulete566f3d2019-10-21 09:55:49 +02009602 keys_ref = calloc(1, sizeof(*keys_ref));
Emeric Brun09852f72019-01-10 10:51:13 +01009603 if (!keys_ref) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009604 memprintf(err, "'%s' : allocation error", args[cur_arg+1]);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009605 goto fail;
Emeric Brun09852f72019-01-10 10:51:13 +01009606 }
9607
Emeric Brun9e754772019-01-10 17:51:55 +01009608 keys_ref->tlskeys = malloc(TLS_TICKETS_NO * sizeof(union tls_sess_key));
Emeric Brun09852f72019-01-10 10:51:13 +01009609 if (!keys_ref->tlskeys) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009610 memprintf(err, "'%s' : allocation error", args[cur_arg+1]);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009611 goto fail;
Emeric Brun09852f72019-01-10 10:51:13 +01009612 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009613
9614 if ((f = fopen(args[cur_arg + 1], "r")) == NULL) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009615 memprintf(err, "'%s' : unable to load ssl tickets keys file", args[cur_arg+1]);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009616 goto fail;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009617 }
9618
Nenad Merdanovic146defa2015-05-09 08:46:00 +02009619 keys_ref->filename = strdup(args[cur_arg + 1]);
Emeric Brun09852f72019-01-10 10:51:13 +01009620 if (!keys_ref->filename) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009621 memprintf(err, "'%s' : allocation error", args[cur_arg+1]);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009622 goto fail;
Emeric Brun09852f72019-01-10 10:51:13 +01009623 }
Nenad Merdanovic146defa2015-05-09 08:46:00 +02009624
Emeric Brun9e754772019-01-10 17:51:55 +01009625 keys_ref->key_size_bits = 0;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009626 while (fgets(thisline, sizeof(thisline), f) != NULL) {
9627 int len = strlen(thisline);
Emeric Brun9e754772019-01-10 17:51:55 +01009628 int dec_size;
9629
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009630 /* Strip newline characters from the end */
9631 if(thisline[len - 1] == '\n')
9632 thisline[--len] = 0;
9633
9634 if(thisline[len - 1] == '\r')
9635 thisline[--len] = 0;
9636
Emeric Brun9e754772019-01-10 17:51:55 +01009637 dec_size = base64dec(thisline, len, (char *) (keys_ref->tlskeys + i % TLS_TICKETS_NO), sizeof(union tls_sess_key));
9638 if (dec_size < 0) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009639 memprintf(err, "'%s' : unable to decode base64 key on line %d", args[cur_arg+1], i + 1);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009640 goto fail;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009641 }
Emeric Brun9e754772019-01-10 17:51:55 +01009642 else if (!keys_ref->key_size_bits && (dec_size == sizeof(struct tls_sess_key_128))) {
9643 keys_ref->key_size_bits = 128;
9644 }
9645 else if (!keys_ref->key_size_bits && (dec_size == sizeof(struct tls_sess_key_256))) {
9646 keys_ref->key_size_bits = 256;
9647 }
9648 else if (((dec_size != sizeof(struct tls_sess_key_128)) && (dec_size != sizeof(struct tls_sess_key_256)))
9649 || ((dec_size == sizeof(struct tls_sess_key_128) && (keys_ref->key_size_bits != 128)))
9650 || ((dec_size == sizeof(struct tls_sess_key_256) && (keys_ref->key_size_bits != 256)))) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009651 memprintf(err, "'%s' : wrong sized key on line %d", args[cur_arg+1], i + 1);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009652 goto fail;
Emeric Brun9e754772019-01-10 17:51:55 +01009653 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009654 i++;
9655 }
9656
9657 if (i < TLS_TICKETS_NO) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009658 memprintf(err, "'%s' : please supply at least %d keys in the tls-tickets-file", args[cur_arg+1], TLS_TICKETS_NO);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009659 goto fail;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009660 }
9661
9662 fclose(f);
9663
9664 /* Use penultimate key for encryption, handle when TLS_TICKETS_NO = 1 */
Nenad Merdanovic17891152016-03-25 22:16:57 +01009665 i -= 2;
9666 keys_ref->tls_ticket_enc_index = i < 0 ? 0 : i % TLS_TICKETS_NO;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02009667 keys_ref->unique_id = -1;
Willy Tarreau17b4aa12018-07-17 10:05:32 +02009668 keys_ref->refcount = 1;
Christopher Faulet16f45c82018-02-16 11:23:49 +01009669 HA_RWLOCK_INIT(&keys_ref->lock);
Nenad Merdanovic146defa2015-05-09 08:46:00 +02009670 conf->keys_ref = keys_ref;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009671
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02009672 LIST_ADD(&tlskeys_reference, &keys_ref->list);
9673
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009674 return 0;
Christopher Faulete566f3d2019-10-21 09:55:49 +02009675
9676 fail:
9677 if (f)
9678 fclose(f);
9679 if (keys_ref) {
9680 free(keys_ref->filename);
9681 free(keys_ref->tlskeys);
9682 free(keys_ref);
9683 }
9684 return ERR_ALERT | ERR_FATAL;
9685
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009686#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009687 memprintf(err, "'%s' : TLS ticket callback extension not supported", args[cur_arg]);
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009688 return ERR_ALERT | ERR_FATAL;
9689#endif /* SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB */
Emmanuel Hocdet65623372013-01-24 17:17:15 +01009690}
9691
Emeric Brund94b3fe2012-09-20 18:23:56 +02009692/* parse the "verify" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009693static int ssl_bind_parse_verify(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Emeric Brund94b3fe2012-09-20 18:23:56 +02009694{
9695 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009696 memprintf(err, "'%s' : missing verify method", args[cur_arg]);
Emeric Brund94b3fe2012-09-20 18:23:56 +02009697 return ERR_ALERT | ERR_FATAL;
9698 }
9699
9700 if (strcmp(args[cur_arg + 1], "none") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01009701 conf->verify = SSL_SOCK_VERIFY_NONE;
Emeric Brund94b3fe2012-09-20 18:23:56 +02009702 else if (strcmp(args[cur_arg + 1], "optional") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01009703 conf->verify = SSL_SOCK_VERIFY_OPTIONAL;
Emeric Brund94b3fe2012-09-20 18:23:56 +02009704 else if (strcmp(args[cur_arg + 1], "required") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01009705 conf->verify = SSL_SOCK_VERIFY_REQUIRED;
Emeric Brund94b3fe2012-09-20 18:23:56 +02009706 else {
Tim Duesterhus93128532019-11-23 23:45:10 +01009707 memprintf(err, "'%s' : unknown verify method '%s', only 'none', 'optional', and 'required' are supported\n",
9708 args[cur_arg], args[cur_arg + 1]);
Emeric Brund94b3fe2012-09-20 18:23:56 +02009709 return ERR_ALERT | ERR_FATAL;
9710 }
9711
9712 return 0;
9713}
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009714static int bind_parse_verify(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9715{
9716 return ssl_bind_parse_verify(args, cur_arg, px, &conf->ssl_conf, err);
9717}
Emeric Brund94b3fe2012-09-20 18:23:56 +02009718
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +02009719/* parse the "no-ca-names" bind keyword */
9720static int ssl_bind_parse_no_ca_names(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
9721{
9722 conf->no_ca_names = 1;
9723 return 0;
9724}
9725static int bind_parse_no_ca_names(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9726{
9727 return ssl_bind_parse_no_ca_names(args, cur_arg, px, &conf->ssl_conf, err);
9728}
9729
Willy Tarreau92faadf2012-10-10 23:04:25 +02009730/************** "server" keywords ****************/
9731
Olivier Houchardc7566002018-11-20 23:33:50 +01009732/* parse the "npn" bind keyword */
9733static int srv_parse_npn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9734{
9735#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
9736 char *p1, *p2;
9737
9738 if (!*args[*cur_arg + 1]) {
9739 memprintf(err, "'%s' : missing the comma-delimited NPN protocol suite", args[*cur_arg]);
9740 return ERR_ALERT | ERR_FATAL;
9741 }
9742
9743 free(newsrv->ssl_ctx.npn_str);
9744
9745 /* the NPN string is built as a suite of (<len> <name>)*,
9746 * so we reuse each comma to store the next <len> and need
9747 * one more for the end of the string.
9748 */
9749 newsrv->ssl_ctx.npn_len = strlen(args[*cur_arg + 1]) + 1;
9750 newsrv->ssl_ctx.npn_str = calloc(1, newsrv->ssl_ctx.npn_len + 1);
9751 memcpy(newsrv->ssl_ctx.npn_str + 1, args[*cur_arg + 1],
9752 newsrv->ssl_ctx.npn_len);
9753
9754 /* replace commas with the name length */
9755 p1 = newsrv->ssl_ctx.npn_str;
9756 p2 = p1 + 1;
9757 while (1) {
9758 p2 = memchr(p1 + 1, ',', newsrv->ssl_ctx.npn_str +
9759 newsrv->ssl_ctx.npn_len - (p1 + 1));
9760 if (!p2)
9761 p2 = p1 + 1 + strlen(p1 + 1);
9762
9763 if (p2 - (p1 + 1) > 255) {
9764 *p2 = '\0';
9765 memprintf(err, "'%s' : NPN protocol name too long : '%s'", args[*cur_arg], p1 + 1);
9766 return ERR_ALERT | ERR_FATAL;
9767 }
9768
9769 *p1 = p2 - (p1 + 1);
9770 p1 = p2;
9771
9772 if (!*p2)
9773 break;
9774
9775 *(p2++) = '\0';
9776 }
9777 return 0;
9778#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009779 memprintf(err, "'%s' : library does not support TLS NPN extension", args[*cur_arg]);
Olivier Houchardc7566002018-11-20 23:33:50 +01009780 return ERR_ALERT | ERR_FATAL;
9781#endif
9782}
9783
Olivier Houchard92150142018-12-21 19:47:01 +01009784/* parse the "alpn" or the "check-alpn" server keyword */
Olivier Houchardc7566002018-11-20 23:33:50 +01009785static int srv_parse_alpn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9786{
9787#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Olivier Houchard92150142018-12-21 19:47:01 +01009788 char **alpn_str;
9789 int *alpn_len;
Christopher Fauletd75f57e2020-04-20 18:32:29 +02009790 int ret;
Olivier Houchardc7566002018-11-20 23:33:50 +01009791
Olivier Houchard92150142018-12-21 19:47:01 +01009792 if (*args[*cur_arg] == 'c') {
9793 alpn_str = &newsrv->check.alpn_str;
9794 alpn_len = &newsrv->check.alpn_len;
9795 } else {
9796 alpn_str = &newsrv->ssl_ctx.alpn_str;
9797 alpn_len = &newsrv->ssl_ctx.alpn_len;
9798
9799 }
Olivier Houchardc7566002018-11-20 23:33:50 +01009800
Olivier Houchard92150142018-12-21 19:47:01 +01009801 free(*alpn_str);
Christopher Fauletd75f57e2020-04-20 18:32:29 +02009802 ret = ssl_sock_parse_alpn(args[*cur_arg + 1], alpn_str, alpn_len, err);
9803 if (ret)
9804 memprintf(err, "'%s' : %s", args[*cur_arg], *err);
9805 return ret;
Olivier Houchardc7566002018-11-20 23:33:50 +01009806#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009807 memprintf(err, "'%s' : library does not support TLS ALPN extension", args[*cur_arg]);
Olivier Houchardc7566002018-11-20 23:33:50 +01009808 return ERR_ALERT | ERR_FATAL;
9809#endif
9810}
9811
Emeric Brunef42d922012-10-11 16:11:36 +02009812/* parse the "ca-file" server keyword */
9813static int srv_parse_ca_file(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9814{
9815 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009816 memprintf(err, "'%s' : missing CAfile path", args[*cur_arg]);
Emeric Brunef42d922012-10-11 16:11:36 +02009817 return ERR_ALERT | ERR_FATAL;
9818 }
9819
Willy Tarreauef934602016-12-22 23:12:01 +01009820 if ((*args[*cur_arg + 1] != '/') && global_ssl.ca_base)
9821 memprintf(&newsrv->ssl_ctx.ca_file, "%s/%s", global_ssl.ca_base, args[*cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +02009822 else
9823 memprintf(&newsrv->ssl_ctx.ca_file, "%s", args[*cur_arg + 1]);
9824
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +02009825 if (!ssl_store_load_locations_file(newsrv->ssl_ctx.ca_file)) {
9826 memprintf(err, "'%s' : unable to load %s", args[*cur_arg], newsrv->ssl_ctx.ca_file);
9827 return ERR_ALERT | ERR_FATAL;
9828 }
Emeric Brunef42d922012-10-11 16:11:36 +02009829 return 0;
9830}
9831
Olivier Houchard9130a962017-10-17 17:33:43 +02009832/* parse the "check-sni" server keyword */
9833static int srv_parse_check_sni(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9834{
9835 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009836 memprintf(err, "'%s' : missing SNI", args[*cur_arg]);
Olivier Houchard9130a962017-10-17 17:33:43 +02009837 return ERR_ALERT | ERR_FATAL;
9838 }
9839
9840 newsrv->check.sni = strdup(args[*cur_arg + 1]);
9841 if (!newsrv->check.sni) {
9842 memprintf(err, "'%s' : failed to allocate memory", args[*cur_arg]);
9843 return ERR_ALERT | ERR_FATAL;
9844 }
9845 return 0;
9846
9847}
9848
Willy Tarreau92faadf2012-10-10 23:04:25 +02009849/* parse the "check-ssl" server keyword */
9850static int srv_parse_check_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9851{
9852 newsrv->check.use_ssl = 1;
Willy Tarreauef934602016-12-22 23:12:01 +01009853 if (global_ssl.connect_default_ciphers && !newsrv->ssl_ctx.ciphers)
9854 newsrv->ssl_ctx.ciphers = strdup(global_ssl.connect_default_ciphers);
Emmanuel Hocdet839af572019-05-14 16:27:35 +02009855#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009856 if (global_ssl.connect_default_ciphersuites && !newsrv->ssl_ctx.ciphersuites)
9857 newsrv->ssl_ctx.ciphersuites = strdup(global_ssl.connect_default_ciphersuites);
9858#endif
Willy Tarreauef934602016-12-22 23:12:01 +01009859 newsrv->ssl_ctx.options |= global_ssl.connect_default_ssloptions;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02009860 newsrv->ssl_ctx.methods.flags |= global_ssl.connect_default_sslmethods.flags;
9861 if (!newsrv->ssl_ctx.methods.min)
9862 newsrv->ssl_ctx.methods.min = global_ssl.connect_default_sslmethods.min;
9863 if (!newsrv->ssl_ctx.methods.max)
9864 newsrv->ssl_ctx.methods.max = global_ssl.connect_default_sslmethods.max;
9865
Willy Tarreau92faadf2012-10-10 23:04:25 +02009866 return 0;
9867}
9868
9869/* parse the "ciphers" server keyword */
9870static int srv_parse_ciphers(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9871{
9872 if (!*args[*cur_arg + 1]) {
9873 memprintf(err, "'%s' : missing cipher suite", args[*cur_arg]);
9874 return ERR_ALERT | ERR_FATAL;
9875 }
9876
9877 free(newsrv->ssl_ctx.ciphers);
9878 newsrv->ssl_ctx.ciphers = strdup(args[*cur_arg + 1]);
9879 return 0;
9880}
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009881
Emmanuel Hocdet839af572019-05-14 16:27:35 +02009882#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009883/* parse the "ciphersuites" server keyword */
9884static int srv_parse_ciphersuites(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9885{
9886 if (!*args[*cur_arg + 1]) {
9887 memprintf(err, "'%s' : missing cipher suite", args[*cur_arg]);
9888 return ERR_ALERT | ERR_FATAL;
9889 }
9890
9891 free(newsrv->ssl_ctx.ciphersuites);
9892 newsrv->ssl_ctx.ciphersuites = strdup(args[*cur_arg + 1]);
9893 return 0;
9894}
9895#endif
Willy Tarreau92faadf2012-10-10 23:04:25 +02009896
Emeric Brunef42d922012-10-11 16:11:36 +02009897/* parse the "crl-file" server keyword */
9898static int srv_parse_crl_file(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9899{
9900#ifndef X509_V_FLAG_CRL_CHECK
Tim Duesterhus93128532019-11-23 23:45:10 +01009901 memprintf(err, "'%s' : library does not support CRL verify", args[*cur_arg]);
Emeric Brunef42d922012-10-11 16:11:36 +02009902 return ERR_ALERT | ERR_FATAL;
9903#else
9904 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009905 memprintf(err, "'%s' : missing CRLfile path", args[*cur_arg]);
Emeric Brunef42d922012-10-11 16:11:36 +02009906 return ERR_ALERT | ERR_FATAL;
9907 }
9908
Willy Tarreauef934602016-12-22 23:12:01 +01009909 if ((*args[*cur_arg + 1] != '/') && global_ssl.ca_base)
9910 memprintf(&newsrv->ssl_ctx.crl_file, "%s/%s", global_ssl.ca_base, args[*cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +02009911 else
9912 memprintf(&newsrv->ssl_ctx.crl_file, "%s", args[*cur_arg + 1]);
9913
Emmanuel Hocdetb270e812019-11-21 19:09:31 +01009914 if (!ssl_store_load_locations_file(newsrv->ssl_ctx.crl_file)) {
9915 memprintf(err, "'%s' : unable to load %s", args[*cur_arg], newsrv->ssl_ctx.crl_file);
9916 return ERR_ALERT | ERR_FATAL;
9917 }
Emeric Brunef42d922012-10-11 16:11:36 +02009918 return 0;
9919#endif
9920}
9921
Emeric Bruna7aa3092012-10-26 12:58:00 +02009922/* parse the "crt" server keyword */
9923static int srv_parse_crt(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9924{
9925 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009926 memprintf(err, "'%s' : missing certificate file path", args[*cur_arg]);
Emeric Bruna7aa3092012-10-26 12:58:00 +02009927 return ERR_ALERT | ERR_FATAL;
9928 }
9929
Willy Tarreauef934602016-12-22 23:12:01 +01009930 if ((*args[*cur_arg + 1] != '/') && global_ssl.crt_base)
Christopher Fauletff3a41e2017-11-23 09:13:32 +01009931 memprintf(&newsrv->ssl_ctx.client_crt, "%s/%s", global_ssl.crt_base, args[*cur_arg + 1]);
Emeric Bruna7aa3092012-10-26 12:58:00 +02009932 else
9933 memprintf(&newsrv->ssl_ctx.client_crt, "%s", args[*cur_arg + 1]);
9934
9935 return 0;
9936}
Emeric Brunef42d922012-10-11 16:11:36 +02009937
Frédéric Lécaille340ae602017-03-13 10:38:04 +01009938/* parse the "no-check-ssl" server keyword */
9939static int srv_parse_no_check_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9940{
Christopher Fauletf61f33a2020-03-27 18:55:49 +01009941 newsrv->check.use_ssl = -1;
Frédéric Lécaille340ae602017-03-13 10:38:04 +01009942 free(newsrv->ssl_ctx.ciphers);
9943 newsrv->ssl_ctx.ciphers = NULL;
9944 newsrv->ssl_ctx.options &= ~global_ssl.connect_default_ssloptions;
9945 return 0;
9946}
9947
Frédéric Lécaillee892c4c2017-03-13 12:08:01 +01009948/* parse the "no-send-proxy-v2-ssl" server keyword */
9949static int srv_parse_no_send_proxy_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9950{
9951 newsrv->pp_opts &= ~SRV_PP_V2;
9952 newsrv->pp_opts &= ~SRV_PP_V2_SSL;
9953 return 0;
9954}
9955
9956/* parse the "no-send-proxy-v2-ssl-cn" server keyword */
9957static int srv_parse_no_send_proxy_cn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9958{
9959 newsrv->pp_opts &= ~SRV_PP_V2;
9960 newsrv->pp_opts &= ~SRV_PP_V2_SSL;
9961 newsrv->pp_opts &= ~SRV_PP_V2_SSL_CN;
9962 return 0;
9963}
9964
Frédéric Lécaillee381d762017-03-13 11:54:17 +01009965/* parse the "no-ssl" server keyword */
9966static int srv_parse_no_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9967{
Christopher Fauletf61f33a2020-03-27 18:55:49 +01009968 newsrv->use_ssl = -1;
Frédéric Lécaillee381d762017-03-13 11:54:17 +01009969 free(newsrv->ssl_ctx.ciphers);
9970 newsrv->ssl_ctx.ciphers = NULL;
9971 return 0;
9972}
9973
Olivier Houchard522eea72017-11-03 16:27:47 +01009974/* parse the "allow-0rtt" server keyword */
9975static int srv_parse_allow_0rtt(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9976{
9977 newsrv->ssl_ctx.options |= SRV_SSL_O_EARLY_DATA;
9978 return 0;
9979}
9980
Willy Tarreau2a3fb1c2015-02-05 16:47:07 +01009981/* parse the "no-ssl-reuse" server keyword */
9982static int srv_parse_no_ssl_reuse(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9983{
9984 newsrv->ssl_ctx.options |= SRV_SSL_O_NO_REUSE;
9985 return 0;
9986}
9987
Emeric Brunf9c5c472012-10-11 15:28:34 +02009988/* parse the "no-tls-tickets" server keyword */
9989static int srv_parse_no_tls_tickets(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9990{
9991 newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLS_TICKETS;
9992 return 0;
9993}
David Safb76832014-05-08 23:42:08 -04009994/* parse the "send-proxy-v2-ssl" server keyword */
9995static int srv_parse_send_proxy_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9996{
9997 newsrv->pp_opts |= SRV_PP_V2;
9998 newsrv->pp_opts |= SRV_PP_V2_SSL;
9999 return 0;
10000}
10001
10002/* parse the "send-proxy-v2-ssl-cn" server keyword */
10003static int srv_parse_send_proxy_cn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
10004{
10005 newsrv->pp_opts |= SRV_PP_V2;
10006 newsrv->pp_opts |= SRV_PP_V2_SSL;
10007 newsrv->pp_opts |= SRV_PP_V2_SSL_CN;
10008 return 0;
10009}
Emeric Brunf9c5c472012-10-11 15:28:34 +020010010
Willy Tarreau732eac42015-07-09 11:40:25 +020010011/* parse the "sni" server keyword */
10012static int srv_parse_sni(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
10013{
10014#ifndef SSL_CTRL_SET_TLSEXT_HOSTNAME
10015 memprintf(err, "'%s' : the current SSL library doesn't support the SNI TLS extension", args[*cur_arg]);
10016 return ERR_ALERT | ERR_FATAL;
10017#else
Frédéric Lécaille9a146de2017-03-20 14:54:41 +010010018 char *arg;
Willy Tarreau732eac42015-07-09 11:40:25 +020010019
Frédéric Lécaille9a146de2017-03-20 14:54:41 +010010020 arg = args[*cur_arg + 1];
10021 if (!*arg) {
Willy Tarreau732eac42015-07-09 11:40:25 +020010022 memprintf(err, "'%s' : missing sni expression", args[*cur_arg]);
10023 return ERR_ALERT | ERR_FATAL;
10024 }
10025
Frédéric Lécaille9a146de2017-03-20 14:54:41 +010010026 free(newsrv->sni_expr);
10027 newsrv->sni_expr = strdup(arg);
Willy Tarreau732eac42015-07-09 11:40:25 +020010028
Willy Tarreau732eac42015-07-09 11:40:25 +020010029 return 0;
10030#endif
10031}
10032
Willy Tarreau92faadf2012-10-10 23:04:25 +020010033/* parse the "ssl" server keyword */
10034static int srv_parse_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
10035{
10036 newsrv->use_ssl = 1;
Willy Tarreauef934602016-12-22 23:12:01 +010010037 if (global_ssl.connect_default_ciphers && !newsrv->ssl_ctx.ciphers)
10038 newsrv->ssl_ctx.ciphers = strdup(global_ssl.connect_default_ciphers);
Emmanuel Hocdet839af572019-05-14 16:27:35 +020010039#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020010040 if (global_ssl.connect_default_ciphersuites && !newsrv->ssl_ctx.ciphersuites)
10041 newsrv->ssl_ctx.ciphersuites = strdup(global_ssl.connect_default_ciphersuites);
10042#endif
Jerome Magnin2e8d52f2020-04-22 11:40:18 +020010043 newsrv->ssl_ctx.options |= global_ssl.connect_default_ssloptions;
10044 newsrv->ssl_ctx.methods.flags |= global_ssl.connect_default_sslmethods.flags;
10045
10046 if (!newsrv->ssl_ctx.methods.min)
10047 newsrv->ssl_ctx.methods.min = global_ssl.connect_default_sslmethods.min;
10048
10049 if (!newsrv->ssl_ctx.methods.max)
10050 newsrv->ssl_ctx.methods.max = global_ssl.connect_default_sslmethods.max;
10051
10052
Willy Tarreau92faadf2012-10-10 23:04:25 +020010053 return 0;
10054}
10055
Frédéric Lécaille2cfcdbe2017-03-13 11:32:20 +010010056/* parse the "ssl-reuse" server keyword */
10057static int srv_parse_ssl_reuse(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
10058{
10059 newsrv->ssl_ctx.options &= ~SRV_SSL_O_NO_REUSE;
10060 return 0;
10061}
10062
Frédéric Lécaille2cfcdbe2017-03-13 11:32:20 +010010063/* parse the "tls-tickets" server keyword */
10064static int srv_parse_tls_tickets(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
10065{
10066 newsrv->ssl_ctx.options &= ~SRV_SSL_O_NO_TLS_TICKETS;
10067 return 0;
10068}
10069
Emeric Brunef42d922012-10-11 16:11:36 +020010070/* parse the "verify" server keyword */
10071static int srv_parse_verify(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
10072{
10073 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +010010074 memprintf(err, "'%s' : missing verify method", args[*cur_arg]);
Emeric Brunef42d922012-10-11 16:11:36 +020010075 return ERR_ALERT | ERR_FATAL;
10076 }
10077
10078 if (strcmp(args[*cur_arg + 1], "none") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +010010079 newsrv->ssl_ctx.verify = SSL_SOCK_VERIFY_NONE;
Emeric Brunef42d922012-10-11 16:11:36 +020010080 else if (strcmp(args[*cur_arg + 1], "required") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +010010081 newsrv->ssl_ctx.verify = SSL_SOCK_VERIFY_REQUIRED;
Emeric Brunef42d922012-10-11 16:11:36 +020010082 else {
Tim Duesterhus93128532019-11-23 23:45:10 +010010083 memprintf(err, "'%s' : unknown verify method '%s', only 'none' and 'required' are supported\n",
10084 args[*cur_arg], args[*cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +020010085 return ERR_ALERT | ERR_FATAL;
10086 }
10087
Evan Broderbe554312013-06-27 00:05:25 -070010088 return 0;
10089}
10090
10091/* parse the "verifyhost" server keyword */
10092static int srv_parse_verifyhost(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
10093{
10094 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +010010095 memprintf(err, "'%s' : missing hostname to verify against", args[*cur_arg]);
Evan Broderbe554312013-06-27 00:05:25 -070010096 return ERR_ALERT | ERR_FATAL;
10097 }
10098
Frédéric Lécaille273f3212017-03-13 15:52:01 +010010099 free(newsrv->ssl_ctx.verify_host);
Evan Broderbe554312013-06-27 00:05:25 -070010100 newsrv->ssl_ctx.verify_host = strdup(args[*cur_arg + 1]);
10101
Emeric Brunef42d922012-10-11 16:11:36 +020010102 return 0;
10103}
10104
Emeric Brun2c86cbf2014-10-30 15:56:50 +010010105/* parse the "ssl-default-bind-options" keyword in global section */
10106static int ssl_parse_default_bind_options(char **args, int section_type, struct proxy *curpx,
10107 struct proxy *defpx, const char *file, int line,
10108 char **err) {
10109 int i = 1;
10110
10111 if (*(args[i]) == 0) {
10112 memprintf(err, "global statement '%s' expects an option as an argument.", args[0]);
10113 return -1;
10114 }
10115 while (*(args[i])) {
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020010116 if (!strcmp(args[i], "no-tls-tickets"))
Willy Tarreauef934602016-12-22 23:12:01 +010010117 global_ssl.listen_default_ssloptions |= BC_SSL_O_NO_TLS_TICKETS;
Lukas Tribus53ae85c2017-05-04 15:45:40 +000010118 else if (!strcmp(args[i], "prefer-client-ciphers"))
10119 global_ssl.listen_default_ssloptions |= BC_SSL_O_PREF_CLIE_CIPH;
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020010120 else if (!strcmp(args[i], "ssl-min-ver") || !strcmp(args[i], "ssl-max-ver")) {
10121 if (!parse_tls_method_minmax(args, i, &global_ssl.listen_default_sslmethods, err))
10122 i++;
10123 else {
10124 memprintf(err, "%s on global statement '%s'.", *err, args[0]);
10125 return -1;
10126 }
10127 }
10128 else if (parse_tls_method_options(args[i], &global_ssl.listen_default_sslmethods, err)) {
Emeric Brun2c86cbf2014-10-30 15:56:50 +010010129 memprintf(err, "unknown option '%s' on global statement '%s'.", args[i], args[0]);
10130 return -1;
10131 }
10132 i++;
10133 }
10134 return 0;
10135}
10136
10137/* parse the "ssl-default-server-options" keyword in global section */
10138static int ssl_parse_default_server_options(char **args, int section_type, struct proxy *curpx,
10139 struct proxy *defpx, const char *file, int line,
10140 char **err) {
10141 int i = 1;
10142
10143 if (*(args[i]) == 0) {
10144 memprintf(err, "global statement '%s' expects an option as an argument.", args[0]);
10145 return -1;
10146 }
10147 while (*(args[i])) {
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020010148 if (!strcmp(args[i], "no-tls-tickets"))
Willy Tarreauef934602016-12-22 23:12:01 +010010149 global_ssl.connect_default_ssloptions |= SRV_SSL_O_NO_TLS_TICKETS;
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020010150 else if (!strcmp(args[i], "ssl-min-ver") || !strcmp(args[i], "ssl-max-ver")) {
10151 if (!parse_tls_method_minmax(args, i, &global_ssl.connect_default_sslmethods, err))
10152 i++;
10153 else {
10154 memprintf(err, "%s on global statement '%s'.", *err, args[0]);
10155 return -1;
10156 }
10157 }
10158 else if (parse_tls_method_options(args[i], &global_ssl.connect_default_sslmethods, err)) {
Emeric Brun2c86cbf2014-10-30 15:56:50 +010010159 memprintf(err, "unknown option '%s' on global statement '%s'.", args[i], args[0]);
10160 return -1;
10161 }
10162 i++;
10163 }
10164 return 0;
10165}
10166
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +010010167/* parse the "ca-base" / "crt-base" keywords in global section.
10168 * Returns <0 on alert, >0 on warning, 0 on success.
10169 */
10170static int ssl_parse_global_ca_crt_base(char **args, int section_type, struct proxy *curpx,
10171 struct proxy *defpx, const char *file, int line,
10172 char **err)
10173{
10174 char **target;
10175
Willy Tarreauef934602016-12-22 23:12:01 +010010176 target = (args[0][1] == 'a') ? &global_ssl.ca_base : &global_ssl.crt_base;
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +010010177
10178 if (too_many_args(1, args, err, NULL))
10179 return -1;
10180
10181 if (*target) {
10182 memprintf(err, "'%s' already specified.", args[0]);
10183 return -1;
10184 }
10185
10186 if (*(args[1]) == 0) {
10187 memprintf(err, "global statement '%s' expects a directory path as an argument.", args[0]);
10188 return -1;
10189 }
10190 *target = strdup(args[1]);
10191 return 0;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +000010192}
10193
Emmanuel Hocdetc3b7e742020-04-22 11:06:19 +020010194/* parse the "ssl-skip-self-issued-ca" keyword in global section. */
10195static int ssl_parse_skip_self_issued_ca(char **args, int section_type, struct proxy *curpx,
10196 struct proxy *defpx, const char *file, int line,
10197 char **err)
10198{
10199 global_ssl.skip_self_issued_ca = 1;
10200 return 0;
10201}
10202
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +010010203/* "issuers-chain-path" load chain certificate in global */
10204static int ssl_load_global_issuer_from_BIO(BIO *in, char *fp, char **err)
10205{
10206 X509 *ca;
10207 X509_NAME *name = NULL;
10208 ASN1_OCTET_STRING *skid = NULL;
10209 STACK_OF(X509) *chain = NULL;
10210 struct issuer_chain *issuer;
10211 struct eb64_node *node;
10212 char *path;
10213 u64 key;
10214 int ret = 0;
10215
10216 while ((ca = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
10217 if (chain == NULL) {
10218 chain = sk_X509_new_null();
10219 skid = X509_get_ext_d2i(ca, NID_subject_key_identifier, NULL, NULL);
10220 name = X509_get_subject_name(ca);
10221 }
10222 if (!sk_X509_push(chain, ca)) {
10223 X509_free(ca);
10224 goto end;
10225 }
10226 }
10227 if (!chain) {
10228 memprintf(err, "unable to load issuers-chain %s : pem certificate not found.\n", fp);
10229 goto end;
10230 }
10231 if (!skid) {
10232 memprintf(err, "unable to load issuers-chain %s : SubjectKeyIdentifier not found.\n", fp);
10233 goto end;
10234 }
10235 if (!name) {
10236 memprintf(err, "unable to load issuers-chain %s : SubjectName not found.\n", fp);
10237 goto end;
10238 }
10239 key = XXH64(ASN1_STRING_get0_data(skid), ASN1_STRING_length(skid), 0);
William Lallemande0f3fd52020-02-25 14:53:06 +010010240 for (node = eb64_lookup(&cert_issuer_tree, key); node; node = eb64_next(node)) {
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +010010241 issuer = container_of(node, typeof(*issuer), node);
10242 if (!X509_NAME_cmp(name, X509_get_subject_name(sk_X509_value(issuer->chain, 0)))) {
10243 memprintf(err, "duplicate issuers-chain %s: %s already in store\n", fp, issuer->path);
10244 goto end;
10245 }
10246 }
10247 issuer = calloc(1, sizeof *issuer);
10248 path = strdup(fp);
10249 if (!issuer || !path) {
10250 free(issuer);
10251 free(path);
10252 goto end;
10253 }
10254 issuer->node.key = key;
10255 issuer->path = path;
10256 issuer->chain = chain;
10257 chain = NULL;
William Lallemande0f3fd52020-02-25 14:53:06 +010010258 eb64_insert(&cert_issuer_tree, &issuer->node);
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +010010259 ret = 1;
10260 end:
10261 if (skid)
10262 ASN1_OCTET_STRING_free(skid);
10263 if (chain)
10264 sk_X509_pop_free(chain, X509_free);
10265 return ret;
10266}
10267
Emmanuel Hocdetef87e0a2020-03-23 11:29:11 +010010268static struct issuer_chain* ssl_get0_issuer_chain(X509 *cert)
Emmanuel Hocdet75a7aa12020-02-18 15:19:24 +010010269{
10270 AUTHORITY_KEYID *akid;
10271 struct issuer_chain *issuer = NULL;
10272
10273 akid = X509_get_ext_d2i(cert, NID_authority_key_identifier, NULL, NULL);
10274 if (akid) {
10275 struct eb64_node *node;
10276 u64 hk;
10277 hk = XXH64(ASN1_STRING_get0_data(akid->keyid), ASN1_STRING_length(akid->keyid), 0);
10278 for (node = eb64_lookup(&cert_issuer_tree, hk); node; node = eb64_next(node)) {
10279 struct issuer_chain *ti = container_of(node, typeof(*issuer), node);
10280 if (X509_check_issued(sk_X509_value(ti->chain, 0), cert) == X509_V_OK) {
10281 issuer = ti;
10282 break;
10283 }
10284 }
10285 AUTHORITY_KEYID_free(akid);
10286 }
10287 return issuer;
10288}
10289
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +010010290static void ssl_free_global_issuers(void)
10291{
10292 struct eb64_node *node, *back;
10293 struct issuer_chain *issuer;
10294
William Lallemande0f3fd52020-02-25 14:53:06 +010010295 node = eb64_first(&cert_issuer_tree);
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +010010296 while (node) {
10297 issuer = container_of(node, typeof(*issuer), node);
10298 back = eb64_next(node);
10299 eb64_delete(node);
10300 free(issuer->path);
10301 sk_X509_pop_free(issuer->chain, X509_free);
10302 free(issuer);
10303 node = back;
10304 }
10305}
10306
10307static int ssl_load_global_issuers_from_path(char **args, int section_type, struct proxy *curpx,
10308 struct proxy *defpx, const char *file, int line,
10309 char **err)
10310{
10311 char *path;
10312 struct dirent **de_list;
10313 int i, n;
10314 struct stat buf;
10315 char *end;
10316 char fp[MAXPATHLEN+1];
10317
10318 if (too_many_args(1, args, err, NULL))
10319 return -1;
10320
10321 path = args[1];
10322 if (*path == 0 || stat(path, &buf)) {
10323 memprintf(err, "%sglobal statement '%s' expects a directory path as an argument.\n",
10324 err && *err ? *err : "", args[0]);
10325 return -1;
10326 }
10327 if (S_ISDIR(buf.st_mode) == 0) {
10328 memprintf(err, "%sglobal statement '%s': %s is not a directory.\n",
10329 err && *err ? *err : "", args[0], path);
10330 return -1;
10331 }
10332
10333 /* strip trailing slashes, including first one */
10334 for (end = path + strlen(path) - 1; end >= path && *end == '/'; end--)
10335 *end = 0;
10336 /* path already parsed? */
10337 if (global_ssl.issuers_chain_path && strcmp(global_ssl.issuers_chain_path, path) == 0)
10338 return 0;
10339 /* overwrite old issuers_chain_path */
10340 free(global_ssl.issuers_chain_path);
10341 global_ssl.issuers_chain_path = strdup(path);
10342 ssl_free_global_issuers();
10343
10344 n = scandir(path, &de_list, 0, alphasort);
10345 if (n < 0) {
10346 memprintf(err, "%sglobal statement '%s': unable to scan directory '%s' : %s.\n",
10347 err && *err ? *err : "", args[0], path, strerror(errno));
10348 return -1;
10349 }
10350 for (i = 0; i < n; i++) {
10351 struct dirent *de = de_list[i];
10352 BIO *in = NULL;
10353 char *warn = NULL;
10354
10355 snprintf(fp, sizeof(fp), "%s/%s", path, de->d_name);
10356 free(de);
10357 if (stat(fp, &buf) != 0) {
10358 ha_warning("unable to stat certificate from file '%s' : %s.\n", fp, strerror(errno));
10359 goto next;
10360 }
10361 if (!S_ISREG(buf.st_mode))
10362 goto next;
10363
10364 in = BIO_new(BIO_s_file());
10365 if (in == NULL)
10366 goto next;
10367 if (BIO_read_filename(in, fp) <= 0)
10368 goto next;
10369 ssl_load_global_issuer_from_BIO(in, fp, &warn);
10370 if (warn) {
Tim Duesterhuse8aa5f22020-02-19 11:41:13 +010010371 ha_warning("%s", warn);
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +010010372 free(warn);
10373 warn = NULL;
10374 }
10375 next:
10376 if (in)
10377 BIO_free(in);
10378 }
10379 free(de_list);
10380
10381 return 0;
10382}
10383
Grant Zhangfa6c7ee2017-01-14 01:42:15 +000010384/* parse the "ssl-mode-async" keyword in global section.
10385 * Returns <0 on alert, >0 on warning, 0 on success.
10386 */
10387static int ssl_parse_global_ssl_async(char **args, int section_type, struct proxy *curpx,
10388 struct proxy *defpx, const char *file, int line,
10389 char **err)
10390{
Willy Tarreau5db847a2019-05-09 14:13:35 +020010391#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +000010392 global_ssl.async = 1;
Emeric Brunece0c332017-12-06 13:51:49 +010010393 global.ssl_used_async_engines = nb_engines;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +000010394 return 0;
10395#else
10396 memprintf(err, "'%s': openssl library does not support async mode", args[0]);
10397 return -1;
10398#endif
10399}
10400
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020010401#ifndef OPENSSL_NO_ENGINE
Grant Zhangfa6c7ee2017-01-14 01:42:15 +000010402static int ssl_check_async_engine_count(void) {
10403 int err_code = 0;
10404
Emeric Brun3854e012017-05-17 20:42:48 +020010405 if (global_ssl.async && (openssl_engines_initialized > 32)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +010010406 ha_alert("ssl-mode-async only supports a maximum of 32 engines.\n");
Grant Zhangfa6c7ee2017-01-14 01:42:15 +000010407 err_code = ERR_ABORT;
10408 }
10409 return err_code;
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +010010410}
10411
Grant Zhang872f9c22017-01-21 01:10:18 +000010412/* parse the "ssl-engine" keyword in global section.
10413 * Returns <0 on alert, >0 on warning, 0 on success.
10414 */
10415static int ssl_parse_global_ssl_engine(char **args, int section_type, struct proxy *curpx,
10416 struct proxy *defpx, const char *file, int line,
10417 char **err)
10418{
10419 char *algo;
10420 int ret = -1;
10421
10422 if (*(args[1]) == 0) {
10423 memprintf(err, "global statement '%s' expects a valid engine name as an argument.", args[0]);
10424 return ret;
10425 }
10426
10427 if (*(args[2]) == 0) {
10428 /* if no list of algorithms is given, it defaults to ALL */
10429 algo = strdup("ALL");
10430 goto add_engine;
10431 }
10432
10433 /* otherwise the expected format is ssl-engine <engine_name> algo <list of algo> */
10434 if (strcmp(args[2], "algo") != 0) {
10435 memprintf(err, "global statement '%s' expects to have algo keyword.", args[0]);
10436 return ret;
10437 }
10438
10439 if (*(args[3]) == 0) {
10440 memprintf(err, "global statement '%s' expects algorithm names as an argument.", args[0]);
10441 return ret;
10442 }
10443 algo = strdup(args[3]);
10444
10445add_engine:
10446 if (ssl_init_single_engine(args[1], algo)==0) {
10447 openssl_engines_initialized++;
10448 ret = 0;
10449 }
10450 free(algo);
10451 return ret;
10452}
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020010453#endif
Grant Zhang872f9c22017-01-21 01:10:18 +000010454
Willy Tarreauf22e9682016-12-21 23:23:19 +010010455/* parse the "ssl-default-bind-ciphers" / "ssl-default-server-ciphers" keywords
10456 * in global section. Returns <0 on alert, >0 on warning, 0 on success.
10457 */
10458static int ssl_parse_global_ciphers(char **args, int section_type, struct proxy *curpx,
10459 struct proxy *defpx, const char *file, int line,
10460 char **err)
10461{
10462 char **target;
10463
Willy Tarreauef934602016-12-22 23:12:01 +010010464 target = (args[0][12] == 'b') ? &global_ssl.listen_default_ciphers : &global_ssl.connect_default_ciphers;
Willy Tarreauf22e9682016-12-21 23:23:19 +010010465
10466 if (too_many_args(1, args, err, NULL))
10467 return -1;
10468
10469 if (*(args[1]) == 0) {
10470 memprintf(err, "global statement '%s' expects a cipher suite as an argument.", args[0]);
10471 return -1;
10472 }
10473
10474 free(*target);
10475 *target = strdup(args[1]);
10476 return 0;
10477}
Dirkjan Bussink415150f2018-09-14 11:14:21 +020010478
Emmanuel Hocdet839af572019-05-14 16:27:35 +020010479#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020010480/* parse the "ssl-default-bind-ciphersuites" / "ssl-default-server-ciphersuites" keywords
10481 * in global section. Returns <0 on alert, >0 on warning, 0 on success.
10482 */
10483static int ssl_parse_global_ciphersuites(char **args, int section_type, struct proxy *curpx,
10484 struct proxy *defpx, const char *file, int line,
10485 char **err)
10486{
10487 char **target;
10488
10489 target = (args[0][12] == 'b') ? &global_ssl.listen_default_ciphersuites : &global_ssl.connect_default_ciphersuites;
10490
10491 if (too_many_args(1, args, err, NULL))
10492 return -1;
10493
10494 if (*(args[1]) == 0) {
10495 memprintf(err, "global statement '%s' expects a cipher suite as an argument.", args[0]);
10496 return -1;
10497 }
10498
10499 free(*target);
10500 *target = strdup(args[1]);
10501 return 0;
10502}
10503#endif
Willy Tarreauf22e9682016-12-21 23:23:19 +010010504
Jerome Magninb203ff62020-04-03 15:28:22 +020010505#if ((HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL) || defined(LIBRESSL_VERSION_NUMBER))
10506/*
10507 * parse the "ssl-default-bind-curves" keyword in a global section.
10508 * Returns <0 on alert, >0 on warning, 0 on success.
10509 */
10510static int ssl_parse_global_curves(char **args, int section_type, struct proxy *curpx,
10511 struct proxy *defpx, const char *file, int line,
10512 char **err)
10513{
10514 char **target;
10515 target = &global_ssl.listen_default_curves;
10516
10517 if (too_many_args(1, args, err, NULL))
10518 return -1;
10519
10520 if (*(args[1]) == 0) {
10521 memprintf(err, "global statement '%s' expects a curves suite as an arguments.", args[0]);
10522 return -1;
10523 }
10524
10525 free(*target);
10526 *target = strdup(args[1]);
10527 return 0;
10528}
10529#endif
Willy Tarreau9ceda382016-12-21 23:13:03 +010010530/* parse various global tune.ssl settings consisting in positive integers.
10531 * Returns <0 on alert, >0 on warning, 0 on success.
10532 */
10533static int ssl_parse_global_int(char **args, int section_type, struct proxy *curpx,
10534 struct proxy *defpx, const char *file, int line,
10535 char **err)
10536{
10537 int *target;
10538
10539 if (strcmp(args[0], "tune.ssl.cachesize") == 0)
10540 target = &global.tune.sslcachesize;
10541 else if (strcmp(args[0], "tune.ssl.maxrecord") == 0)
Willy Tarreauef934602016-12-22 23:12:01 +010010542 target = (int *)&global_ssl.max_record;
Willy Tarreau9ceda382016-12-21 23:13:03 +010010543 else if (strcmp(args[0], "tune.ssl.ssl-ctx-cache-size") == 0)
Willy Tarreauef934602016-12-22 23:12:01 +010010544 target = &global_ssl.ctx_cache;
Willy Tarreau0bea58d2016-12-21 23:17:25 +010010545 else if (strcmp(args[0], "maxsslconn") == 0)
10546 target = &global.maxsslconn;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010010547 else if (strcmp(args[0], "tune.ssl.capture-cipherlist-size") == 0)
10548 target = &global_ssl.capture_cipherlist;
Willy Tarreau9ceda382016-12-21 23:13:03 +010010549 else {
10550 memprintf(err, "'%s' keyword not unhandled (please report this bug).", args[0]);
10551 return -1;
10552 }
10553
10554 if (too_many_args(1, args, err, NULL))
10555 return -1;
10556
10557 if (*(args[1]) == 0) {
10558 memprintf(err, "'%s' expects an integer argument.", args[0]);
10559 return -1;
10560 }
10561
10562 *target = atoi(args[1]);
10563 if (*target < 0) {
10564 memprintf(err, "'%s' expects a positive numeric value.", args[0]);
10565 return -1;
10566 }
10567 return 0;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010010568}
10569
10570static int ssl_parse_global_capture_cipherlist(char **args, int section_type, struct proxy *curpx,
10571 struct proxy *defpx, const char *file, int line,
10572 char **err)
10573{
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010010574 int ret;
10575
10576 ret = ssl_parse_global_int(args, section_type, curpx, defpx, file, line, err);
10577 if (ret != 0)
10578 return ret;
10579
Willy Tarreaubafbe012017-11-24 17:34:44 +010010580 if (pool_head_ssl_capture) {
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010010581 memprintf(err, "'%s' is already configured.", args[0]);
10582 return -1;
10583 }
10584
Willy Tarreaubafbe012017-11-24 17:34:44 +010010585 pool_head_ssl_capture = create_pool("ssl-capture", sizeof(struct ssl_capture) + global_ssl.capture_cipherlist, MEM_F_SHARED);
10586 if (!pool_head_ssl_capture) {
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010010587 memprintf(err, "Out of memory error.");
10588 return -1;
10589 }
10590 return 0;
Willy Tarreau9ceda382016-12-21 23:13:03 +010010591}
10592
10593/* parse "ssl.force-private-cache".
10594 * Returns <0 on alert, >0 on warning, 0 on success.
10595 */
10596static int ssl_parse_global_private_cache(char **args, int section_type, struct proxy *curpx,
10597 struct proxy *defpx, const char *file, int line,
10598 char **err)
10599{
10600 if (too_many_args(0, args, err, NULL))
10601 return -1;
10602
Willy Tarreauef934602016-12-22 23:12:01 +010010603 global_ssl.private_cache = 1;
Willy Tarreau9ceda382016-12-21 23:13:03 +010010604 return 0;
10605}
10606
10607/* parse "ssl.lifetime".
10608 * Returns <0 on alert, >0 on warning, 0 on success.
10609 */
10610static int ssl_parse_global_lifetime(char **args, int section_type, struct proxy *curpx,
10611 struct proxy *defpx, const char *file, int line,
10612 char **err)
10613{
10614 const char *res;
10615
10616 if (too_many_args(1, args, err, NULL))
10617 return -1;
10618
10619 if (*(args[1]) == 0) {
10620 memprintf(err, "'%s' expects ssl sessions <lifetime> in seconds as argument.", args[0]);
10621 return -1;
10622 }
10623
Willy Tarreauef934602016-12-22 23:12:01 +010010624 res = parse_time_err(args[1], &global_ssl.life_time, TIME_UNIT_S);
Willy Tarreau9faebe32019-06-07 19:00:37 +020010625 if (res == PARSE_TIME_OVER) {
10626 memprintf(err, "timer overflow in argument '%s' to <%s> (maximum value is 2147483647 s or ~68 years).",
10627 args[1], args[0]);
10628 return -1;
10629 }
10630 else if (res == PARSE_TIME_UNDER) {
10631 memprintf(err, "timer underflow in argument '%s' to <%s> (minimum non-null value is 1 s).",
10632 args[1], args[0]);
10633 return -1;
10634 }
10635 else if (res) {
Willy Tarreau9ceda382016-12-21 23:13:03 +010010636 memprintf(err, "unexpected character '%c' in argument to <%s>.", *res, args[0]);
10637 return -1;
10638 }
10639 return 0;
10640}
10641
10642#ifndef OPENSSL_NO_DH
Willy Tarreau14e36a12016-12-21 23:28:13 +010010643/* parse "ssl-dh-param-file".
10644 * Returns <0 on alert, >0 on warning, 0 on success.
10645 */
10646static int ssl_parse_global_dh_param_file(char **args, int section_type, struct proxy *curpx,
10647 struct proxy *defpx, const char *file, int line,
10648 char **err)
10649{
10650 if (too_many_args(1, args, err, NULL))
10651 return -1;
10652
10653 if (*(args[1]) == 0) {
10654 memprintf(err, "'%s' expects a file path as an argument.", args[0]);
10655 return -1;
10656 }
10657
10658 if (ssl_sock_load_global_dh_param_from_file(args[1])) {
10659 memprintf(err, "'%s': unable to load DH parameters from file <%s>.", args[0], args[1]);
10660 return -1;
10661 }
10662 return 0;
10663}
10664
Willy Tarreau9ceda382016-12-21 23:13:03 +010010665/* parse "ssl.default-dh-param".
10666 * Returns <0 on alert, >0 on warning, 0 on success.
10667 */
10668static int ssl_parse_global_default_dh(char **args, int section_type, struct proxy *curpx,
10669 struct proxy *defpx, const char *file, int line,
10670 char **err)
10671{
10672 if (too_many_args(1, args, err, NULL))
10673 return -1;
10674
10675 if (*(args[1]) == 0) {
10676 memprintf(err, "'%s' expects an integer argument.", args[0]);
10677 return -1;
10678 }
10679
Willy Tarreauef934602016-12-22 23:12:01 +010010680 global_ssl.default_dh_param = atoi(args[1]);
10681 if (global_ssl.default_dh_param < 1024) {
Willy Tarreau9ceda382016-12-21 23:13:03 +010010682 memprintf(err, "'%s' expects a value >= 1024.", args[0]);
10683 return -1;
10684 }
10685 return 0;
10686}
10687#endif
10688
William Lallemand3af48e72020-02-03 17:15:52 +010010689
10690/*
10691 * parse "ssl-load-extra-files".
10692 * multiple arguments are allowed: "bundle", "sctl", "ocsp", "issuer", "all", "none"
10693 */
10694static int ssl_parse_global_extra_files(char **args, int section_type, struct proxy *curpx,
10695 struct proxy *defpx, const char *file, int line,
10696 char **err)
10697{
10698 int i;
10699 int gf = SSL_GF_NONE;
10700
10701 if (*(args[1]) == 0)
10702 goto err_arg;
10703
10704 for (i = 1; *args[i]; i++) {
10705
10706 if (!strcmp("bundle", args[i])) {
10707 gf |= SSL_GF_BUNDLE;
10708
10709 } else if (!strcmp("sctl", args[i])) {
10710 gf |= SSL_GF_SCTL;
10711
10712 } else if (!strcmp("ocsp", args[i])){
10713 gf |= SSL_GF_OCSP;
10714
10715 } else if (!strcmp("issuer", args[i])){
10716 gf |= SSL_GF_OCSP_ISSUER;
10717
William Lallemand4c5adbf2020-02-24 14:23:22 +010010718 } else if (!strcmp("key", args[i])) {
10719 gf |= SSL_GF_KEY;
10720
William Lallemand3af48e72020-02-03 17:15:52 +010010721 } else if (!strcmp("none", args[i])) {
10722 if (gf != SSL_GF_NONE)
10723 goto err_alone;
10724 gf = SSL_GF_NONE;
10725 i++;
10726 break;
10727
10728 } else if (!strcmp("all", args[i])) {
10729 if (gf != SSL_GF_NONE)
10730 goto err_alone;
10731 gf = SSL_GF_ALL;
10732 i++;
10733 break;
10734 } else {
10735 goto err_arg;
10736 }
10737 }
10738 /* break from loop but there are still arguments */
10739 if (*args[i])
10740 goto err_alone;
10741
10742 global_ssl.extra_files = gf;
10743
10744 return 0;
10745
10746err_alone:
10747 memprintf(err, "'%s' 'none' and 'all' can be only used alone", args[0]);
10748 return -1;
10749
10750err_arg:
10751 memprintf(err, "'%s' expects one or multiple arguments (none, all, bundle, sctl, ocsp, issuer).", args[0]);
10752 return -1;
10753}
10754
Willy Tarreau9ceda382016-12-21 23:13:03 +010010755
William Lallemand32af2032016-10-29 18:09:35 +020010756/* This function is used with TLS ticket keys management. It permits to browse
10757 * each reference. The variable <getnext> must contain the current node,
10758 * <end> point to the root node.
10759 */
10760#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
10761static inline
10762struct tls_keys_ref *tlskeys_list_get_next(struct tls_keys_ref *getnext, struct list *end)
10763{
10764 struct tls_keys_ref *ref = getnext;
10765
10766 while (1) {
10767
10768 /* Get next list entry. */
10769 ref = LIST_NEXT(&ref->list, struct tls_keys_ref *, list);
10770
10771 /* If the entry is the last of the list, return NULL. */
10772 if (&ref->list == end)
10773 return NULL;
10774
10775 return ref;
10776 }
10777}
10778
10779static inline
10780struct tls_keys_ref *tlskeys_ref_lookup_ref(const char *reference)
10781{
10782 int id;
10783 char *error;
10784
10785 /* If the reference starts by a '#', this is numeric id. */
10786 if (reference[0] == '#') {
10787 /* Try to convert the numeric id. If the conversion fails, the lookup fails. */
10788 id = strtol(reference + 1, &error, 10);
10789 if (*error != '\0')
10790 return NULL;
10791
10792 /* Perform the unique id lookup. */
10793 return tlskeys_ref_lookupid(id);
10794 }
10795
10796 /* Perform the string lookup. */
10797 return tlskeys_ref_lookup(reference);
10798}
10799#endif
10800
10801
10802#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
10803
10804static int cli_io_handler_tlskeys_files(struct appctx *appctx);
10805
10806static inline int cli_io_handler_tlskeys_entries(struct appctx *appctx) {
10807 return cli_io_handler_tlskeys_files(appctx);
10808}
10809
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010810/* dumps all tls keys. Relies on cli.i0 (non-null = only list file names), cli.i1
10811 * (next index to be dumped), and cli.p0 (next key reference).
10812 */
William Lallemand32af2032016-10-29 18:09:35 +020010813static int cli_io_handler_tlskeys_files(struct appctx *appctx) {
10814
10815 struct stream_interface *si = appctx->owner;
10816
10817 switch (appctx->st2) {
10818 case STAT_ST_INIT:
10819 /* Display the column headers. If the message cannot be sent,
Joseph Herlant017b3da2018-11-15 09:07:59 -080010820 * quit the function with returning 0. The function is called
William Lallemand32af2032016-10-29 18:09:35 +020010821 * later and restart at the state "STAT_ST_INIT".
10822 */
10823 chunk_reset(&trash);
10824
10825 if (appctx->io_handler == cli_io_handler_tlskeys_entries)
10826 chunk_appendf(&trash, "# id secret\n");
10827 else
10828 chunk_appendf(&trash, "# id (file)\n");
10829
Willy Tarreau06d80a92017-10-19 14:32:15 +020010830 if (ci_putchk(si_ic(si), &trash) == -1) {
Willy Tarreaudb398432018-11-15 11:08:52 +010010831 si_rx_room_blk(si);
William Lallemand32af2032016-10-29 18:09:35 +020010832 return 0;
10833 }
10834
William Lallemand32af2032016-10-29 18:09:35 +020010835 /* Now, we start the browsing of the references lists.
10836 * Note that the following call to LIST_ELEM return bad pointer. The only
10837 * available field of this pointer is <list>. It is used with the function
10838 * tlskeys_list_get_next() for retruning the first available entry
10839 */
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010840 if (appctx->ctx.cli.p0 == NULL) {
10841 appctx->ctx.cli.p0 = LIST_ELEM(&tlskeys_reference, struct tls_keys_ref *, list);
10842 appctx->ctx.cli.p0 = tlskeys_list_get_next(appctx->ctx.cli.p0, &tlskeys_reference);
William Lallemand32af2032016-10-29 18:09:35 +020010843 }
10844
10845 appctx->st2 = STAT_ST_LIST;
10846 /* fall through */
10847
10848 case STAT_ST_LIST:
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010849 while (appctx->ctx.cli.p0) {
10850 struct tls_keys_ref *ref = appctx->ctx.cli.p0;
William Lallemand32af2032016-10-29 18:09:35 +020010851
10852 chunk_reset(&trash);
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010853 if (appctx->io_handler == cli_io_handler_tlskeys_entries && appctx->ctx.cli.i1 == 0)
William Lallemand32af2032016-10-29 18:09:35 +020010854 chunk_appendf(&trash, "# ");
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010855
10856 if (appctx->ctx.cli.i1 == 0)
10857 chunk_appendf(&trash, "%d (%s)\n", ref->unique_id, ref->filename);
10858
William Lallemand32af2032016-10-29 18:09:35 +020010859 if (appctx->io_handler == cli_io_handler_tlskeys_entries) {
Christopher Faulet16f45c82018-02-16 11:23:49 +010010860 int head;
10861
10862 HA_RWLOCK_RDLOCK(TLSKEYS_REF_LOCK, &ref->lock);
10863 head = ref->tls_ticket_enc_index;
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010864 while (appctx->ctx.cli.i1 < TLS_TICKETS_NO) {
Willy Tarreau83061a82018-07-13 11:56:34 +020010865 struct buffer *t2 = get_trash_chunk();
William Lallemand32af2032016-10-29 18:09:35 +020010866
10867 chunk_reset(t2);
10868 /* should never fail here because we dump only a key in the t2 buffer */
Emeric Brun9e754772019-01-10 17:51:55 +010010869 if (ref->key_size_bits == 128) {
10870 t2->data = a2base64((char *)(ref->tlskeys + (head + 2 + appctx->ctx.cli.i1) % TLS_TICKETS_NO),
10871 sizeof(struct tls_sess_key_128),
10872 t2->area, t2->size);
10873 chunk_appendf(&trash, "%d.%d %s\n", ref->unique_id, appctx->ctx.cli.i1,
10874 t2->area);
10875 }
10876 else if (ref->key_size_bits == 256) {
10877 t2->data = a2base64((char *)(ref->tlskeys + (head + 2 + appctx->ctx.cli.i1) % TLS_TICKETS_NO),
10878 sizeof(struct tls_sess_key_256),
10879 t2->area, t2->size);
10880 chunk_appendf(&trash, "%d.%d %s\n", ref->unique_id, appctx->ctx.cli.i1,
10881 t2->area);
10882 }
10883 else {
10884 /* This case should never happen */
10885 chunk_appendf(&trash, "%d.%d <unknown>\n", ref->unique_id, appctx->ctx.cli.i1);
10886 }
William Lallemand32af2032016-10-29 18:09:35 +020010887
Willy Tarreau06d80a92017-10-19 14:32:15 +020010888 if (ci_putchk(si_ic(si), &trash) == -1) {
William Lallemand32af2032016-10-29 18:09:35 +020010889 /* let's try again later from this stream. We add ourselves into
10890 * this stream's users so that it can remove us upon termination.
10891 */
Christopher Faulet16f45c82018-02-16 11:23:49 +010010892 HA_RWLOCK_RDUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Willy Tarreaudb398432018-11-15 11:08:52 +010010893 si_rx_room_blk(si);
William Lallemand32af2032016-10-29 18:09:35 +020010894 return 0;
10895 }
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010896 appctx->ctx.cli.i1++;
William Lallemand32af2032016-10-29 18:09:35 +020010897 }
Christopher Faulet16f45c82018-02-16 11:23:49 +010010898 HA_RWLOCK_RDUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010899 appctx->ctx.cli.i1 = 0;
William Lallemand32af2032016-10-29 18:09:35 +020010900 }
Willy Tarreau06d80a92017-10-19 14:32:15 +020010901 if (ci_putchk(si_ic(si), &trash) == -1) {
William Lallemand32af2032016-10-29 18:09:35 +020010902 /* let's try again later from this stream. We add ourselves into
10903 * this stream's users so that it can remove us upon termination.
10904 */
Willy Tarreaudb398432018-11-15 11:08:52 +010010905 si_rx_room_blk(si);
William Lallemand32af2032016-10-29 18:09:35 +020010906 return 0;
10907 }
10908
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010909 if (appctx->ctx.cli.i0 == 0) /* don't display everything if not necessary */
William Lallemand32af2032016-10-29 18:09:35 +020010910 break;
10911
10912 /* get next list entry and check the end of the list */
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010913 appctx->ctx.cli.p0 = tlskeys_list_get_next(appctx->ctx.cli.p0, &tlskeys_reference);
William Lallemand32af2032016-10-29 18:09:35 +020010914 }
10915
10916 appctx->st2 = STAT_ST_FIN;
10917 /* fall through */
10918
10919 default:
10920 appctx->st2 = STAT_ST_FIN;
10921 return 1;
10922 }
10923 return 0;
10924}
10925
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010926/* sets cli.i0 to non-zero if only file lists should be dumped */
Aurélien Nephtaliabbf6072018-04-18 13:26:46 +020010927static int cli_parse_show_tlskeys(char **args, char *payload, struct appctx *appctx, void *private)
William Lallemand32af2032016-10-29 18:09:35 +020010928{
William Lallemand32af2032016-10-29 18:09:35 +020010929 /* no parameter, shows only file list */
10930 if (!*args[2]) {
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010931 appctx->ctx.cli.i0 = 1;
William Lallemand32af2032016-10-29 18:09:35 +020010932 appctx->io_handler = cli_io_handler_tlskeys_files;
Willy Tarreau3067bfa2016-12-05 14:50:15 +010010933 return 0;
William Lallemand32af2032016-10-29 18:09:35 +020010934 }
10935
10936 if (args[2][0] == '*') {
10937 /* list every TLS ticket keys */
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010938 appctx->ctx.cli.i0 = 1;
William Lallemand32af2032016-10-29 18:09:35 +020010939 } else {
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010940 appctx->ctx.cli.p0 = tlskeys_ref_lookup_ref(args[2]);
Willy Tarreau9d008692019-08-09 11:21:01 +020010941 if (!appctx->ctx.cli.p0)
10942 return cli_err(appctx, "'show tls-keys' unable to locate referenced filename\n");
William Lallemand32af2032016-10-29 18:09:35 +020010943 }
William Lallemand32af2032016-10-29 18:09:35 +020010944 appctx->io_handler = cli_io_handler_tlskeys_entries;
Willy Tarreau3067bfa2016-12-05 14:50:15 +010010945 return 0;
William Lallemand32af2032016-10-29 18:09:35 +020010946}
10947
Aurélien Nephtaliabbf6072018-04-18 13:26:46 +020010948static int cli_parse_set_tlskeys(char **args, char *payload, struct appctx *appctx, void *private)
William Lallemand32af2032016-10-29 18:09:35 +020010949{
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010950 struct tls_keys_ref *ref;
Willy Tarreau1c913e42018-08-22 05:26:57 +020010951 int ret;
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010952
William Lallemand32af2032016-10-29 18:09:35 +020010953 /* Expect two parameters: the filename and the new new TLS key in encoding */
Willy Tarreau9d008692019-08-09 11:21:01 +020010954 if (!*args[3] || !*args[4])
10955 return cli_err(appctx, "'set ssl tls-key' expects a filename and the new TLS key in base64 encoding.\n");
William Lallemand32af2032016-10-29 18:09:35 +020010956
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010957 ref = tlskeys_ref_lookup_ref(args[3]);
Willy Tarreau9d008692019-08-09 11:21:01 +020010958 if (!ref)
10959 return cli_err(appctx, "'set ssl tls-key' unable to locate referenced filename\n");
William Lallemand32af2032016-10-29 18:09:35 +020010960
Willy Tarreau1c913e42018-08-22 05:26:57 +020010961 ret = base64dec(args[4], strlen(args[4]), trash.area, trash.size);
Willy Tarreau9d008692019-08-09 11:21:01 +020010962 if (ret < 0)
10963 return cli_err(appctx, "'set ssl tls-key' received invalid base64 encoded TLS key.\n");
Emeric Brun9e754772019-01-10 17:51:55 +010010964
Willy Tarreau1c913e42018-08-22 05:26:57 +020010965 trash.data = ret;
Willy Tarreau9d008692019-08-09 11:21:01 +020010966 if (ssl_sock_update_tlskey_ref(ref, &trash) < 0)
10967 return cli_err(appctx, "'set ssl tls-key' received a key of wrong size.\n");
William Lallemand32af2032016-10-29 18:09:35 +020010968
Willy Tarreau9d008692019-08-09 11:21:01 +020010969 return cli_msg(appctx, LOG_INFO, "TLS ticket key updated!\n");
William Lallemand32af2032016-10-29 18:09:35 +020010970}
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +010010971#endif
William Lallemand32af2032016-10-29 18:09:35 +020010972
William Lallemanda6ffd5b2020-03-09 13:35:19 +010010973/*
10974 * Take an ssl_bind_conf structure and append the configuration line used to
10975 * create it in the buffer
10976 */
10977static void dump_crtlist_sslconf(struct buffer *buf, const struct ssl_bind_conf *conf)
10978{
10979 int space = 0;
10980
10981 if (conf == NULL)
10982 return;
10983
10984 chunk_appendf(buf, " [");
10985#ifdef OPENSSL_NPN_NEGOTIATED
10986 if (conf->npn_str) {
10987 int len = conf->npn_len;
10988 char *ptr = conf->npn_str;
10989 int comma = 0;
10990
10991 if (space) chunk_appendf(buf, " ");
10992 chunk_appendf(buf, "npn ");
10993 while (len) {
10994 unsigned short size;
10995
10996 size = *ptr;
10997 ptr++;
10998 if (comma)
10999 chunk_memcat(buf, ",", 1);
11000 chunk_memcat(buf, ptr, size);
11001 ptr += size;
11002 len -= size + 1;
11003 comma = 1;
11004 }
11005 chunk_memcat(buf, "", 1); /* finish with a \0 */
11006 space++;
11007 }
11008#endif
11009#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
11010 if (conf->alpn_str) {
11011 int len = conf->alpn_len;
11012 char *ptr = conf->alpn_str;
11013 int comma = 0;
11014
11015 if (space) chunk_appendf(buf, " ");
11016 chunk_appendf(buf, "alpn ");
11017 while (len) {
11018 unsigned short size;
11019
11020 size = *ptr;
11021 ptr++;
11022 if (comma)
11023 chunk_memcat(buf, ",", 1);
11024 chunk_memcat(buf, ptr, size);
11025 ptr += size;
11026 len -= size + 1;
11027 comma = 1;
11028 }
11029 chunk_memcat(buf, "", 1); /* finish with a \0 */
11030 space++;
11031 }
11032#endif
11033 /* verify */
11034 {
11035 if (conf->verify == SSL_SOCK_VERIFY_NONE) {
11036 if (space) chunk_appendf(buf, " ");
11037 chunk_appendf(buf, "verify none");
11038 space++;
11039 } else if (conf->verify == SSL_SOCK_VERIFY_OPTIONAL) {
11040 if (space) chunk_appendf(buf, " ");
11041 chunk_appendf(buf, "verify optional");
11042 space++;
11043 } else if (conf->verify == SSL_SOCK_VERIFY_REQUIRED) {
11044 if (space) chunk_appendf(buf, " ");
11045 chunk_appendf(buf, "verify required");
11046 space++;
11047 }
11048 }
11049
11050 if (conf->no_ca_names) {
11051 if (space) chunk_appendf(buf, " ");
11052 chunk_appendf(buf, "no-ca-names");
11053 space++;
11054 }
11055
11056 if (conf->early_data) {
11057 if (space) chunk_appendf(buf, " ");
11058 chunk_appendf(buf, "allow-0rtt");
11059 space++;
11060 }
11061 if (conf->ca_file) {
11062 if (space) chunk_appendf(buf, " ");
11063 chunk_appendf(buf, "ca-file %s", conf->ca_file);
11064 space++;
11065 }
11066 if (conf->crl_file) {
11067 if (space) chunk_appendf(buf, " ");
11068 chunk_appendf(buf, "crl-file %s", conf->crl_file);
11069 space++;
11070 }
11071 if (conf->ciphers) {
11072 if (space) chunk_appendf(buf, " ");
11073 chunk_appendf(buf, "ciphers %s", conf->ciphers);
11074 space++;
11075 }
11076#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL && !defined LIBRESSL_VERSION_NUMBER)
11077 if (conf->ciphersuites) {
11078 if (space) chunk_appendf(buf, " ");
11079 chunk_appendf(buf, "ciphersuites %s", conf->ciphersuites);
11080 space++;
11081 }
11082#endif
11083 if (conf->curves) {
11084 if (space) chunk_appendf(buf, " ");
11085 chunk_appendf(buf, "curves %s", conf->curves);
11086 space++;
11087 }
11088 if (conf->ecdhe) {
11089 if (space) chunk_appendf(buf, " ");
11090 chunk_appendf(buf, "ecdhe %s", conf->ecdhe);
11091 space++;
11092 }
11093
11094 /* the crt-lists only support ssl-min-ver and ssl-max-ver */
11095 /* XXX: this part need to be revamp so we don't dump the default settings */
11096 if (conf->ssl_methods.min) {
11097 if (space) chunk_appendf(buf, " ");
11098 chunk_appendf(buf, "ssl-min-ver %s", methodVersions[conf->ssl_methods.min].name);
11099 space++;
11100 }
11101
11102 if (conf->ssl_methods.max) {
11103 if (space) chunk_appendf(buf, " ");
11104 chunk_appendf(buf, "ssl-max-ver %s", methodVersions[conf->ssl_methods.max].name);
11105 space++;
11106 }
11107
William Lallemand58a52222020-04-02 18:11:47 +020011108 chunk_appendf(buf, "]");
William Lallemanda6ffd5b2020-03-09 13:35:19 +010011109
11110 return;
11111}
11112
11113/* dump a list of filters */
11114static void dump_crtlist_filters(struct buffer *buf, struct crtlist_entry *entry)
11115{
William Lallemanda6ffd5b2020-03-09 13:35:19 +010011116 int i;
11117
11118 if (!entry->fcount)
11119 return;
11120
11121 for (i = 0; i < entry->fcount; i++) {
William Lallemand58a52222020-04-02 18:11:47 +020011122 chunk_appendf(buf, " %s", entry->filters[i]);
William Lallemanda6ffd5b2020-03-09 13:35:19 +010011123 }
11124 return;
11125}
11126
11127/* CLI IO handler for '(show|dump) ssl crt-list' */
11128static int cli_io_handler_dump_crtlist(struct appctx *appctx)
11129{
11130 struct buffer *trash = alloc_trash_chunk();
11131 struct stream_interface *si = appctx->owner;
11132 struct ebmb_node *lnode;
11133
11134 if (trash == NULL)
11135 return 1;
11136
11137 /* dump the list of crt-lists */
11138 lnode = appctx->ctx.cli.p1;
11139 if (lnode == NULL)
11140 lnode = ebmb_first(&crtlists_tree);
11141 while (lnode) {
11142 chunk_appendf(trash, "%s\n", lnode->key);
11143 if (ci_putchk(si_ic(si), trash) == -1) {
11144 si_rx_room_blk(si);
11145 goto yield;
11146 }
11147 lnode = ebmb_next(lnode);
11148 }
William Lallemand2ea1b492020-03-17 15:13:11 +010011149 free_trash_chunk(trash);
William Lallemanda6ffd5b2020-03-09 13:35:19 +010011150 return 1;
11151yield:
11152 appctx->ctx.cli.p1 = lnode;
William Lallemand2ea1b492020-03-17 15:13:11 +010011153 free_trash_chunk(trash);
William Lallemanda6ffd5b2020-03-09 13:35:19 +010011154 return 0;
11155}
11156
11157/* CLI IO handler for '(show|dump) ssl crt-list <filename>' */
11158static int cli_io_handler_dump_crtlist_entries(struct appctx *appctx)
11159{
11160 struct buffer *trash = alloc_trash_chunk();
11161 struct crtlist *crtlist;
11162 struct stream_interface *si = appctx->owner;
11163 struct crtlist_entry *entry;
11164
11165 if (trash == NULL)
11166 return 1;
11167
11168 crtlist = ebmb_entry(appctx->ctx.cli.p0, struct crtlist, node);
11169
11170 entry = appctx->ctx.cli.p1;
11171 if (entry == NULL) {
11172 entry = LIST_ELEM((crtlist->ord_entries).n, typeof(entry), by_crtlist);
11173 chunk_appendf(trash, "# %s\n", crtlist->node.key);
11174 if (ci_putchk(si_ic(si), trash) == -1) {
11175 si_rx_room_blk(si);
11176 goto yield;
11177 }
11178 }
11179
11180 list_for_each_entry_from(entry, &crtlist->ord_entries, by_crtlist) {
11181 struct ckch_store *store;
11182 const char *filename;
11183
11184 store = entry->node.key;
11185 filename = store->path;
William Lallemanda6ffd5b2020-03-09 13:35:19 +010011186 chunk_appendf(trash, "%s", filename);
William Lallemandc69f02d2020-04-06 19:07:03 +020011187 if (appctx->ctx.cli.i0 == 's') /* show */
11188 chunk_appendf(trash, ":%d", entry->linenum);
William Lallemanda6ffd5b2020-03-09 13:35:19 +010011189 dump_crtlist_sslconf(trash, entry->ssl_conf);
11190 dump_crtlist_filters(trash, entry);
11191 chunk_appendf(trash, "\n");
11192
11193 if (ci_putchk(si_ic(si), trash) == -1) {
11194 si_rx_room_blk(si);
11195 goto yield;
11196 }
11197 }
William Lallemand2ea1b492020-03-17 15:13:11 +010011198 free_trash_chunk(trash);
William Lallemanda6ffd5b2020-03-09 13:35:19 +010011199 return 1;
11200yield:
11201 appctx->ctx.cli.p1 = entry;
William Lallemand2ea1b492020-03-17 15:13:11 +010011202 free_trash_chunk(trash);
William Lallemanda6ffd5b2020-03-09 13:35:19 +010011203 return 0;
11204}
11205
11206/* CLI argument parser for '(show|dump) ssl crt-list' */
11207static int cli_parse_dump_crtlist(char **args, char *payload, struct appctx *appctx, void *private)
11208{
11209 struct ebmb_node *lnode;
William Lallemandc69f02d2020-04-06 19:07:03 +020011210 char *filename = NULL;
William Lallemanda6ffd5b2020-03-09 13:35:19 +010011211 int mode;
11212
11213 if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
11214 return 1;
11215
11216 appctx->ctx.cli.p0 = NULL;
11217 appctx->ctx.cli.p1 = NULL;
William Lallemanda6ffd5b2020-03-09 13:35:19 +010011218
William Lallemandc69f02d2020-04-06 19:07:03 +020011219 if (*args[3] && !strcmp(args[3], "-n")) {
11220 mode = 's';
11221 filename = args[4];
11222 } else {
11223 mode = 'd';
11224 filename = args[3];
11225 }
William Lallemanda6ffd5b2020-03-09 13:35:19 +010011226
William Lallemandc69f02d2020-04-06 19:07:03 +020011227 if (mode == 's' && !*args[4])
11228 return cli_err(appctx, "'show ssl crt-list -n' expects a filename or a directory\n");
11229
11230 if (filename && *filename) {
11231 lnode = ebst_lookup(&crtlists_tree, filename);
William Lallemanda6ffd5b2020-03-09 13:35:19 +010011232 if (lnode == NULL)
11233 return cli_err(appctx, "didn't find the specified filename\n");
11234
11235 appctx->ctx.cli.p0 = lnode;
11236 appctx->io_handler = cli_io_handler_dump_crtlist_entries;
11237 }
11238 appctx->ctx.cli.i0 = mode;
11239
11240 return 0;
11241}
William Lallemand44b35322019-10-17 16:28:40 +020011242
William Lallemande67c80b2020-03-25 14:42:37 +010011243/* release function of the "add ssl crt-list' command, free things and unlock
11244 the spinlock */
11245static void cli_release_add_crtlist(struct appctx *appctx)
11246{
11247 struct crtlist_entry *entry = appctx->ctx.cli.p1;
11248
11249 if (appctx->st2 != SETCERT_ST_FIN) {
11250 struct ckch_inst *inst, *inst_s;
11251 /* upon error free the ckch_inst and everything inside */
11252 ebpt_delete(&entry->node);
11253 LIST_DEL(&entry->by_crtlist);
11254 LIST_DEL(&entry->by_ckch_store);
11255
11256 list_for_each_entry_safe(inst, inst_s, &entry->ckch_inst, by_ckchs) {
William Lallemandd9d5d1b2020-04-09 16:31:05 +020011257 ckch_inst_free(inst);
William Lallemande67c80b2020-03-25 14:42:37 +010011258 }
11259 crtlist_free_filters(entry->filters);
11260 ssl_sock_free_ssl_conf(entry->ssl_conf);
11261 free(entry->ssl_conf);
11262 free(entry);
11263 }
11264
11265 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
11266}
11267
11268
11269/* IO Handler for the "add ssl crt-list" command It adds a new entry in the
11270 * crt-list and generates the ckch_insts for each bind_conf that uses this crt-list
11271 *
11272 * The logic is the same as the "commit ssl cert" command but without the
11273 * freeing of the old structures, because there are none.
11274 */
11275static int cli_io_handler_add_crtlist(struct appctx *appctx)
11276{
11277 struct bind_conf_list *bind_conf_node;
11278 struct stream_interface *si = appctx->owner;
11279 struct crtlist *crtlist = appctx->ctx.cli.p0;
11280 struct crtlist_entry *entry = appctx->ctx.cli.p1;
11281 struct ckch_store *store = entry->node.key;
11282 struct buffer *trash = alloc_trash_chunk();
11283 struct ckch_inst *new_inst;
11284 char *err = NULL;
11285 int i = 0;
11286 int errcode = 0;
11287
11288 if (trash == NULL)
11289 goto error;
11290
11291 /* for each bind_conf which use the crt-list, a new ckch_inst must be
11292 * created.
11293 */
11294 if (unlikely(si_ic(si)->flags & (CF_WRITE_ERROR|CF_SHUTW)))
11295 goto error;
11296
11297 while (1) {
11298 switch (appctx->st2) {
11299 case SETCERT_ST_INIT:
11300 /* This state just print the update message */
11301 chunk_printf(trash, "Inserting certificate '%s' in crt-list '%s'", store->path, crtlist->node.key);
11302 if (ci_putchk(si_ic(si), trash) == -1) {
11303 si_rx_room_blk(si);
11304 goto yield;
11305 }
11306 appctx->st2 = SETCERT_ST_GEN;
11307 /* fallthrough */
11308 case SETCERT_ST_GEN:
11309 bind_conf_node = appctx->ctx.cli.p2; /* get the previous ptr from the yield */
11310 if (bind_conf_node == NULL)
11311 bind_conf_node = crtlist->bind_conf;
11312 for (; bind_conf_node; bind_conf_node = bind_conf_node->next) {
11313 struct bind_conf *bind_conf = bind_conf_node->bind_conf;
11314 struct sni_ctx *sni;
11315
11316 /* yield every 10 generations */
11317 if (i > 10) {
11318 appctx->ctx.cli.p2 = bind_conf_node;
11319 goto yield;
11320 }
11321
11322 /* we don't support multi-cert bundles, only simple ones */
11323 errcode |= ckch_inst_new_load_store(store->path, store, bind_conf, entry->ssl_conf, entry->filters, entry->fcount, &new_inst, &err);
11324 if (errcode & ERR_CODE)
11325 goto error;
11326
11327 /* we need to initialize the SSL_CTX generated */
11328 /* this iterate on the newly generated SNIs in the new instance to prepare their SSL_CTX */
11329 list_for_each_entry(sni, &new_inst->sni_ctx, by_ckch_inst) {
11330 if (!sni->order) { /* we initialized only the first SSL_CTX because it's the same in the other sni_ctx's */
11331 errcode |= ssl_sock_prepare_ctx(bind_conf, new_inst->ssl_conf, sni->ctx, &err);
11332 if (errcode & ERR_CODE)
11333 goto error;
11334 }
11335 }
11336 /* display one dot for each new instance */
11337 chunk_appendf(trash, ".");
11338 i++;
11339 LIST_ADDQ(&store->ckch_inst, &new_inst->by_ckchs);
11340 }
11341 appctx->st2 = SETCERT_ST_INSERT;
11342 /* fallthrough */
11343 case SETCERT_ST_INSERT:
11344 /* insert SNIs in bind_conf */
11345 list_for_each_entry(new_inst, &store->ckch_inst, by_ckchs) {
11346 HA_RWLOCK_WRLOCK(SNI_LOCK, &new_inst->bind_conf->sni_lock);
11347 ssl_sock_load_cert_sni(new_inst, new_inst->bind_conf);
11348 HA_RWLOCK_WRUNLOCK(SNI_LOCK, &new_inst->bind_conf->sni_lock);
11349 }
William Lallemandc69f02d2020-04-06 19:07:03 +020011350 entry->linenum = ++crtlist->linecount;
William Lallemande67c80b2020-03-25 14:42:37 +010011351 appctx->st2 = SETCERT_ST_FIN;
11352 goto end;
11353 }
11354 }
11355
11356end:
11357 chunk_appendf(trash, "\n");
11358 if (errcode & ERR_WARN)
11359 chunk_appendf(trash, "%s", err);
11360 chunk_appendf(trash, "Success!\n");
11361 if (ci_putchk(si_ic(si), trash) == -1)
11362 si_rx_room_blk(si);
11363 free_trash_chunk(trash);
11364 /* success: call the release function and don't come back */
11365 return 1;
11366yield:
11367 /* store the state */
11368 if (ci_putchk(si_ic(si), trash) == -1)
11369 si_rx_room_blk(si);
11370 free_trash_chunk(trash);
11371 si_rx_endp_more(si); /* let's come back later */
11372 return 0; /* should come back */
11373
11374error:
11375 /* spin unlock and free are done in the release function */
11376 if (trash) {
11377 chunk_appendf(trash, "\n%sFailed!\n", err);
11378 if (ci_putchk(si_ic(si), trash) == -1)
11379 si_rx_room_blk(si);
11380 free_trash_chunk(trash);
11381 }
11382 /* error: call the release function and don't come back */
11383 return 1;
11384}
11385
11386
11387/*
11388 * Parse a "add ssl crt-list <crt-list> <certfile>" line.
William Lallemandc7c7a6b2020-04-01 17:32:46 +020011389 * Filters and option must be passed through payload:
William Lallemande67c80b2020-03-25 14:42:37 +010011390 */
11391static int cli_parse_add_crtlist(char **args, char *payload, struct appctx *appctx, void *private)
11392{
William Lallemandc7c7a6b2020-04-01 17:32:46 +020011393 int cfgerr = 0;
William Lallemande67c80b2020-03-25 14:42:37 +010011394 struct ckch_store *store;
11395 char *err = NULL;
William Lallemandc7c7a6b2020-04-01 17:32:46 +020011396 char path[MAXPATHLEN+1];
11397 char *crtlist_path;
11398 char *cert_path = NULL;
William Lallemande67c80b2020-03-25 14:42:37 +010011399 struct ebmb_node *eb;
11400 struct ebpt_node *inserted;
11401 struct crtlist *crtlist;
William Lallemandc7c7a6b2020-04-01 17:32:46 +020011402 struct crtlist_entry *entry = NULL;
William Lallemande67c80b2020-03-25 14:42:37 +010011403
11404 if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
11405 return 1;
11406
William Lallemandc7c7a6b2020-04-01 17:32:46 +020011407 if (!*args[3] || (!payload && !*args[4]))
William Lallemande67c80b2020-03-25 14:42:37 +010011408 return cli_err(appctx, "'add ssl crtlist' expects a filename and a certificate name\n");
11409
11410 crtlist_path = args[3];
William Lallemande67c80b2020-03-25 14:42:37 +010011411
11412 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
11413 return cli_err(appctx, "Operations on certificates are currently locked!\n");
11414
11415 eb = ebst_lookup(&crtlists_tree, crtlist_path);
11416 if (!eb) {
11417 memprintf(&err, "crt-list '%s' does not exist!", crtlist_path);
11418 goto error;
11419 }
11420 crtlist = ebmb_entry(eb, struct crtlist, node);
11421
William Lallemande718dfb2020-04-10 11:09:25 +020011422 entry = crtlist_entry_new();
William Lallemandc7c7a6b2020-04-01 17:32:46 +020011423 if (entry == NULL) {
11424 memprintf(&err, "Not enough memory!");
11425 goto error;
11426 }
William Lallemandc7c7a6b2020-04-01 17:32:46 +020011427
11428 if (payload) {
11429 char *lf;
11430
11431 lf = strrchr(payload, '\n');
11432 if (lf) {
11433 memprintf(&err, "only one line of payload is supported!");
11434 goto error;
11435 }
11436 /* cert_path is filled here */
11437 cfgerr |= crtlist_parse_line(payload, &cert_path, entry, "CLI", 1, &err);
11438 if (cfgerr & ERR_CODE)
11439 goto error;
11440 } else {
11441 cert_path = args[4];
11442 }
11443
11444 if (!cert_path) {
11445 memprintf(&err, "'add ssl crtlist' should contain the certificate name in the payload");
11446 cfgerr |= ERR_ALERT | ERR_FATAL;
11447 goto error;
11448 }
11449
William Lallemand916d0b52020-04-21 18:29:12 +020011450 if (eb_gettag(crtlist->entries.b[EB_RGHT])) {
11451 char *slash;
11452
11453 slash = strrchr(cert_path, '/');
11454 if (!slash) {
11455 memprintf(&err, "'%s' is a directory, certificate path '%s' must contain the directory path", (char *)crtlist->node.key, cert_path);
11456 goto error;
11457 }
11458 /* temporary replace / by 0 to do an strcmp */
11459 *slash = '\0';
11460 if (strcmp(cert_path, (char*)crtlist->node.key) != 0) {
11461 *slash = '/';
11462 memprintf(&err, "'%s' is a directory, certificate path '%s' must contain the directory path", (char *)crtlist->node.key, cert_path);
11463 goto error;
11464 }
11465 *slash = '/';
11466 }
11467
William Lallemandc7c7a6b2020-04-01 17:32:46 +020011468 if (*cert_path != '/' && global_ssl.crt_base) {
11469 if ((strlen(global_ssl.crt_base) + 1 + strlen(cert_path)) > MAXPATHLEN) {
11470 memprintf(&err, "'%s' : path too long", cert_path);
11471 cfgerr |= ERR_ALERT | ERR_FATAL;
11472 goto error;
11473 }
11474 snprintf(path, sizeof(path), "%s/%s", global_ssl.crt_base, cert_path);
11475 cert_path = path;
11476 }
11477
William Lallemande67c80b2020-03-25 14:42:37 +010011478 store = ckchs_lookup(cert_path);
11479 if (store == NULL) {
11480 memprintf(&err, "certificate '%s' does not exist!", cert_path);
11481 goto error;
11482 }
William Lallemand36ccc392020-04-08 10:57:24 +020011483 if (store->multi) {
11484 memprintf(&err, "certificate '%s' is a bundle. You can disable the bundle merging with the directive 'ssl-load-extra-files' in the global section.", cert_path);
11485 goto error;
11486 }
William Lallemande67c80b2020-03-25 14:42:37 +010011487 if (store->ckch == NULL || store->ckch->cert == NULL) {
11488 memprintf(&err, "certificate '%s' is empty!", cert_path);
11489 goto error;
11490 }
11491
William Lallemande67c80b2020-03-25 14:42:37 +010011492 /* check if it's possible to insert this new crtlist_entry */
11493 entry->node.key = store;
11494 inserted = ebpt_insert(&crtlist->entries, &entry->node);
11495 if (inserted != &entry->node) {
11496 memprintf(&err, "file already exists in this directory!");
William Lallemande67c80b2020-03-25 14:42:37 +010011497 goto error;
11498 }
11499
William Lallemandb74d5642020-04-21 16:54:19 +020011500 /* this is supposed to be a directory (EB_ROOT_UNIQUE), so no ssl_conf are allowed */
11501 if ((entry->ssl_conf || entry->filters) && eb_gettag(crtlist->entries.b[EB_RGHT])) {
11502 memprintf(&err, "this is a directory, SSL configuration and filters are not allowed");
11503 goto error;
11504 }
11505
William Lallemande67c80b2020-03-25 14:42:37 +010011506 LIST_ADDQ(&crtlist->ord_entries, &entry->by_crtlist);
William Lallemande67c80b2020-03-25 14:42:37 +010011507 entry->crtlist = crtlist;
11508 LIST_ADDQ(&store->crtlist_entry, &entry->by_ckch_store);
11509
11510 appctx->st2 = SETCERT_ST_INIT;
11511 appctx->ctx.cli.p0 = crtlist;
11512 appctx->ctx.cli.p1 = entry;
11513
11514 /* unlock is done in the release handler */
11515 return 0;
11516
11517error:
William Lallemande718dfb2020-04-10 11:09:25 +020011518 crtlist_entry_free(entry);
William Lallemande67c80b2020-03-25 14:42:37 +010011519 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
11520 err = memprintf(&err, "Can't edit the crt-list: %s\n", err ? err : "");
11521 return cli_dynerr(appctx, err);
11522}
11523
William Lallemand0a9b9412020-04-06 17:43:05 +020011524/* Parse a "del ssl crt-list <crt-list> <certfile>" line. */
11525static int cli_parse_del_crtlist(char **args, char *payload, struct appctx *appctx, void *private)
11526{
11527 struct ckch_store *store;
11528 char *err = NULL;
11529 char *crtlist_path, *cert_path;
11530 struct ebmb_node *ebmb;
11531 struct ebpt_node *ebpt;
11532 struct crtlist *crtlist;
11533 struct crtlist_entry *entry = NULL;
11534 struct ckch_inst *inst, *inst_s;
11535 int linenum = 0;
11536 char *colons;
11537
11538 if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
11539 return 1;
11540
11541 if (!*args[3] || !*args[4])
11542 return cli_err(appctx, "'del ssl crtlist' expects a filename and a certificate name\n");
11543
William Lallemand463b5242020-04-08 10:30:44 +020011544 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
11545 return cli_err(appctx, "Can't delete!\nOperations on certificates are currently locked!\n");
11546
William Lallemand0a9b9412020-04-06 17:43:05 +020011547 crtlist_path = args[3];
11548 cert_path = args[4];
11549
11550 colons = strchr(cert_path, ':');
11551 if (colons) {
11552 char *endptr;
11553
11554 linenum = strtol(colons + 1, &endptr, 10);
11555 if (colons + 1 == endptr || *endptr != '\0') {
11556 memprintf(&err, "wrong line number after colons in '%s'!", cert_path);
11557 goto error;
11558 }
11559 *colons = '\0';
11560 }
11561 /* look for crtlist */
11562 ebmb = ebst_lookup(&crtlists_tree, crtlist_path);
11563 if (!ebmb) {
11564 memprintf(&err, "crt-list '%s' does not exist!", crtlist_path);
11565 goto error;
11566 }
11567 crtlist = ebmb_entry(ebmb, struct crtlist, node);
11568
11569 /* look for store */
11570 store = ckchs_lookup(cert_path);
11571 if (store == NULL) {
11572 memprintf(&err, "certificate '%s' does not exist!", cert_path);
11573 goto error;
11574 }
William Lallemand36ccc392020-04-08 10:57:24 +020011575 if (store->multi) {
11576 memprintf(&err, "certificate '%s' is a bundle. You can disable the bundle merging with the directive 'ssl-load-extra-files' in the global section.", cert_path);
11577 goto error;
11578 }
William Lallemand0a9b9412020-04-06 17:43:05 +020011579 if (store->ckch == NULL || store->ckch->cert == NULL) {
11580 memprintf(&err, "certificate '%s' is empty!", cert_path);
11581 goto error;
11582 }
11583
11584 ebpt = ebpt_lookup(&crtlist->entries, store);
11585 if (!ebpt) {
11586 memprintf(&err, "certificate '%s' can't be found in crt-list '%s'!", cert_path, crtlist_path);
11587 goto error;
11588 }
11589
11590 /* list the line number of entries for errors in err, and select the right ebpt */
11591 for (; ebpt; ebpt = ebpt_next_dup(ebpt)) {
11592 struct crtlist_entry *tmp;
11593
11594 tmp = ebpt_entry(ebpt, struct crtlist_entry, node);
11595 memprintf(&err, "%s%s%d", err ? err : "", err ? ", " : "", tmp->linenum);
11596
11597 /* select the entry we wanted */
11598 if (linenum == 0 || tmp->linenum == linenum) {
11599 if (!entry)
11600 entry = tmp;
11601 }
11602 }
11603
11604 /* we didn't found the specified entry */
11605 if (!entry) {
11606 memprintf(&err, "found a certificate '%s' but the line number is incorrect, please specify a correct line number preceded by colons (%s)!", cert_path, err ? err : NULL);
11607 goto error;
11608 }
11609
11610 /* we didn't specified a line number but there were several entries */
11611 if (linenum == 0 && ebpt_next_dup(&entry->node)) {
11612 memprintf(&err, "found the certificate '%s' in several entries, please specify a line number preceded by colons (%s)!", cert_path, err ? err : NULL);
11613 goto error;
11614 }
11615
11616 /* upon error free the ckch_inst and everything inside */
11617
11618 ebpt_delete(&entry->node);
11619 LIST_DEL(&entry->by_crtlist);
11620 LIST_DEL(&entry->by_ckch_store);
11621
11622 list_for_each_entry_safe(inst, inst_s, &entry->ckch_inst, by_crtlist_entry) {
11623 struct sni_ctx *sni, *sni_s;
11624
11625 HA_RWLOCK_WRLOCK(SNI_LOCK, &inst->bind_conf->sni_lock);
11626 list_for_each_entry_safe(sni, sni_s, &inst->sni_ctx, by_ckch_inst) {
11627 ebmb_delete(&sni->name);
11628 LIST_DEL(&sni->by_ckch_inst);
William Lallemand02e19a52020-04-08 16:11:26 +020011629 SSL_CTX_free(sni->ctx);
William Lallemand0a9b9412020-04-06 17:43:05 +020011630 free(sni);
11631 }
11632 HA_RWLOCK_WRUNLOCK(SNI_LOCK, &inst->bind_conf->sni_lock);
11633 LIST_DEL(&inst->by_ckchs);
11634 free(inst);
11635 }
11636
11637 crtlist_free_filters(entry->filters);
11638 ssl_sock_free_ssl_conf(entry->ssl_conf);
11639 free(entry->ssl_conf);
11640 free(entry);
11641
11642 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
11643 err = memprintf(&err, "Entry '%s' deleted in crtlist '%s'!\n", cert_path, crtlist_path);
11644 return cli_dynmsg(appctx, LOG_NOTICE, err);
11645
11646error:
11647 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
11648 err = memprintf(&err, "Can't delete the entry: %s\n", err ? err : "");
11649 return cli_dynerr(appctx, err);
11650}
William Lallemande67c80b2020-03-25 14:42:37 +010011651
William Lallemand44b35322019-10-17 16:28:40 +020011652/* Type of SSL payloads that can be updated over the CLI */
11653
11654enum {
11655 CERT_TYPE_PEM = 0,
William Lallemand4c5adbf2020-02-24 14:23:22 +010011656 CERT_TYPE_KEY,
Emmanuel Hocdetf6ac4fa2019-10-30 17:41:27 +010011657#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
William Lallemand44b35322019-10-17 16:28:40 +020011658 CERT_TYPE_OCSP,
Emmanuel Hocdetf6ac4fa2019-10-30 17:41:27 +010011659#endif
William Lallemand44b35322019-10-17 16:28:40 +020011660 CERT_TYPE_ISSUER,
Emmanuel Hocdetf6ac4fa2019-10-30 17:41:27 +010011661#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
William Lallemand44b35322019-10-17 16:28:40 +020011662 CERT_TYPE_SCTL,
Emmanuel Hocdetf6ac4fa2019-10-30 17:41:27 +010011663#endif
William Lallemand44b35322019-10-17 16:28:40 +020011664 CERT_TYPE_MAX,
11665};
11666
11667struct {
11668 const char *ext;
11669 int type;
11670 int (*load)(const char *path, char *payload, struct cert_key_and_chain *ckch, char **err);
11671 /* add a parsing callback */
William Lallemandf29cdef2019-10-23 15:00:52 +020011672} cert_exts[CERT_TYPE_MAX+1] = {
William Lallemand44b35322019-10-17 16:28:40 +020011673 [CERT_TYPE_PEM] = { "", CERT_TYPE_PEM, &ssl_sock_load_pem_into_ckch }, /* default mode, no extensions */
William Lallemand4c5adbf2020-02-24 14:23:22 +010011674 [CERT_TYPE_KEY] = { "key", CERT_TYPE_KEY, &ssl_sock_load_key_into_ckch },
William Lallemand541a5342019-10-23 14:11:54 +020011675#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
William Lallemand44b35322019-10-17 16:28:40 +020011676 [CERT_TYPE_OCSP] = { "ocsp", CERT_TYPE_OCSP, &ssl_sock_load_ocsp_response_from_file },
William Lallemand541a5342019-10-23 14:11:54 +020011677#endif
11678#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
William Lallemand44b35322019-10-17 16:28:40 +020011679 [CERT_TYPE_SCTL] = { "sctl", CERT_TYPE_SCTL, &ssl_sock_load_sctl_from_file },
William Lallemand541a5342019-10-23 14:11:54 +020011680#endif
William Lallemand44b35322019-10-17 16:28:40 +020011681 [CERT_TYPE_ISSUER] = { "issuer", CERT_TYPE_ISSUER, &ssl_sock_load_issuer_file_into_ckch },
William Lallemandf29cdef2019-10-23 15:00:52 +020011682 [CERT_TYPE_MAX] = { NULL, CERT_TYPE_MAX, NULL },
William Lallemand44b35322019-10-17 16:28:40 +020011683};
11684
William Lallemand8f840d72019-10-23 10:53:05 +020011685
William Lallemandd4f946c2019-12-05 10:26:40 +010011686/* release function of the `show ssl cert' command */
11687static void cli_release_show_cert(struct appctx *appctx)
11688{
11689 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
11690}
11691
11692/* IO handler of "show ssl cert <filename>" */
11693static int cli_io_handler_show_cert(struct appctx *appctx)
11694{
11695 struct buffer *trash = alloc_trash_chunk();
11696 struct ebmb_node *node;
11697 struct stream_interface *si = appctx->owner;
11698 struct ckch_store *ckchs;
William Lallemandd4f946c2019-12-05 10:26:40 +010011699
11700 if (trash == NULL)
11701 return 1;
11702
11703 if (!appctx->ctx.ssl.old_ckchs) {
11704 if (ckchs_transaction.old_ckchs) {
11705 ckchs = ckchs_transaction.old_ckchs;
11706 chunk_appendf(trash, "# transaction\n");
11707 if (!ckchs->multi) {
11708 chunk_appendf(trash, "*%s\n", ckchs->path);
William Lallemandba22e902019-12-18 20:36:01 +010011709#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
William Lallemandd4f946c2019-12-05 10:26:40 +010011710 } else {
William Lallemanda25a19f2020-01-29 00:04:24 +010011711 int n;
11712
William Lallemandd4f946c2019-12-05 10:26:40 +010011713 chunk_appendf(trash, "*%s:", ckchs->path);
11714 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
11715 if (ckchs->ckch[n].cert)
11716 chunk_appendf(trash, " %s.%s\n", ckchs->path, SSL_SOCK_KEYTYPE_NAMES[n]);
11717 }
11718 chunk_appendf(trash, "\n");
William Lallemandba22e902019-12-18 20:36:01 +010011719#endif
William Lallemandd4f946c2019-12-05 10:26:40 +010011720 }
11721 }
11722 }
11723
11724 if (!appctx->ctx.cli.p0) {
11725 chunk_appendf(trash, "# filename\n");
11726 node = ebmb_first(&ckchs_tree);
11727 } else {
11728 node = &((struct ckch_store *)appctx->ctx.cli.p0)->node;
11729 }
11730 while (node) {
11731 ckchs = ebmb_entry(node, struct ckch_store, node);
11732 if (!ckchs->multi) {
11733 chunk_appendf(trash, "%s\n", ckchs->path);
William Lallemandba22e902019-12-18 20:36:01 +010011734#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
William Lallemandd4f946c2019-12-05 10:26:40 +010011735 } else {
William Lallemanda25a19f2020-01-29 00:04:24 +010011736 int n;
11737
William Lallemandd4f946c2019-12-05 10:26:40 +010011738 chunk_appendf(trash, "%s:", ckchs->path);
11739 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
11740 if (ckchs->ckch[n].cert)
11741 chunk_appendf(trash, " %s.%s", ckchs->path, SSL_SOCK_KEYTYPE_NAMES[n]);
11742 }
11743 chunk_appendf(trash, "\n");
William Lallemandba22e902019-12-18 20:36:01 +010011744#endif
William Lallemandd4f946c2019-12-05 10:26:40 +010011745 }
11746
11747 node = ebmb_next(node);
11748 if (ci_putchk(si_ic(si), trash) == -1) {
11749 si_rx_room_blk(si);
11750 goto yield;
11751 }
11752 }
11753
11754 appctx->ctx.cli.p0 = NULL;
11755 free_trash_chunk(trash);
11756 return 1;
11757yield:
11758
11759 free_trash_chunk(trash);
11760 appctx->ctx.cli.p0 = ckchs;
11761 return 0; /* should come back */
11762}
11763
11764/* IO handler of the details "show ssl cert <filename>" */
11765static int cli_io_handler_show_cert_detail(struct appctx *appctx)
11766{
11767 struct stream_interface *si = appctx->owner;
11768 struct ckch_store *ckchs = appctx->ctx.cli.p0;
11769 struct buffer *out = alloc_trash_chunk();
11770 struct buffer *tmp = alloc_trash_chunk();
11771 X509_NAME *name = NULL;
Emmanuel Hocdetcf8cf6c2020-02-18 16:06:14 +010011772 STACK_OF(X509) *chain;
Willy Tarreau105599c2020-02-25 08:59:23 +010011773 unsigned int len = 0;
William Lallemandd4f946c2019-12-05 10:26:40 +010011774 int write = -1;
11775 BIO *bio = NULL;
William Lallemand35f4a9d2020-02-25 11:56:32 +010011776 int i;
William Lallemandd4f946c2019-12-05 10:26:40 +010011777
11778 if (!tmp || !out)
William Lallemand18eeb8e2020-03-20 14:42:36 +010011779 goto end_no_putchk;
William Lallemandd4f946c2019-12-05 10:26:40 +010011780
11781 if (!ckchs->multi) {
11782 chunk_appendf(out, "Filename: ");
11783 if (ckchs == ckchs_transaction.new_ckchs)
11784 chunk_appendf(out, "*");
11785 chunk_appendf(out, "%s\n", ckchs->path);
Emmanuel Hocdetcf8cf6c2020-02-18 16:06:14 +010011786
William Lallemand59c16fc2020-03-19 20:26:02 +010011787 chunk_appendf(out, "Status: ");
11788 if (ckchs->ckch->cert == NULL)
11789 chunk_appendf(out, "Empty\n");
11790 else if (LIST_ISEMPTY(&ckchs->ckch_inst))
11791 chunk_appendf(out, "Unused\n");
11792 else
11793 chunk_appendf(out, "Used\n");
11794
William Lallemandea987ed2020-03-19 16:48:33 +010011795 if (ckchs->ckch->cert == NULL)
11796 goto end;
11797
Emmanuel Hocdetcf8cf6c2020-02-18 16:06:14 +010011798 chain = ckchs->ckch->chain;
11799 if (chain == NULL) {
11800 struct issuer_chain *issuer;
Emmanuel Hocdetef87e0a2020-03-23 11:29:11 +010011801 issuer = ssl_get0_issuer_chain(ckchs->ckch->cert);
Emmanuel Hocdetcf8cf6c2020-02-18 16:06:14 +010011802 if (issuer) {
11803 chain = issuer->chain;
11804 chunk_appendf(out, "Chain Filename: ");
11805 chunk_appendf(out, "%s\n", issuer->path);
11806 }
11807 }
William Lallemandd4f946c2019-12-05 10:26:40 +010011808 chunk_appendf(out, "Serial: ");
11809 if (ssl_sock_get_serial(ckchs->ckch->cert, tmp) == -1)
11810 goto end;
11811 dump_binary(out, tmp->area, tmp->data);
11812 chunk_appendf(out, "\n");
11813
11814 chunk_appendf(out, "notBefore: ");
11815 chunk_reset(tmp);
11816 if ((bio = BIO_new(BIO_s_mem())) == NULL)
11817 goto end;
11818 if (ASN1_TIME_print(bio, X509_getm_notBefore(ckchs->ckch->cert)) == 0)
11819 goto end;
11820 write = BIO_read(bio, tmp->area, tmp->size-1);
11821 tmp->area[write] = '\0';
11822 BIO_free(bio);
William Lallemand67b991d2020-03-20 14:10:17 +010011823 bio = NULL;
William Lallemandd4f946c2019-12-05 10:26:40 +010011824 chunk_appendf(out, "%s\n", tmp->area);
11825
11826 chunk_appendf(out, "notAfter: ");
11827 chunk_reset(tmp);
11828 if ((bio = BIO_new(BIO_s_mem())) == NULL)
11829 goto end;
11830 if (ASN1_TIME_print(bio, X509_getm_notAfter(ckchs->ckch->cert)) == 0)
11831 goto end;
11832 if ((write = BIO_read(bio, tmp->area, tmp->size-1)) <= 0)
11833 goto end;
11834 tmp->area[write] = '\0';
11835 BIO_free(bio);
William Lallemand67b991d2020-03-20 14:10:17 +010011836 bio = NULL;
William Lallemandd4f946c2019-12-05 10:26:40 +010011837 chunk_appendf(out, "%s\n", tmp->area);
11838
William Lallemandd4f946c2019-12-05 10:26:40 +010011839#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
11840 chunk_appendf(out, "Subject Alternative Name: ");
11841 if (ssl_sock_get_san_oneline(ckchs->ckch->cert, out) == -1)
11842 goto end;
11843 *(out->area + out->data) = '\0';
11844 chunk_appendf(out, "\n");
11845#endif
11846 chunk_reset(tmp);
11847 chunk_appendf(out, "Algorithm: ");
11848 if (cert_get_pkey_algo(ckchs->ckch->cert, tmp) == 0)
11849 goto end;
11850 chunk_appendf(out, "%s\n", tmp->area);
11851
11852 chunk_reset(tmp);
11853 chunk_appendf(out, "SHA1 FingerPrint: ");
Willy Tarreau105599c2020-02-25 08:59:23 +010011854 if (X509_digest(ckchs->ckch->cert, EVP_sha1(), (unsigned char *) tmp->area, &len) == 0)
William Lallemandd4f946c2019-12-05 10:26:40 +010011855 goto end;
Willy Tarreau105599c2020-02-25 08:59:23 +010011856 tmp->data = len;
William Lallemandd4f946c2019-12-05 10:26:40 +010011857 dump_binary(out, tmp->area, tmp->data);
11858 chunk_appendf(out, "\n");
William Lallemand35f4a9d2020-02-25 11:56:32 +010011859
William Lallemanda90e5932020-02-25 14:07:58 +010011860 chunk_appendf(out, "Subject: ");
11861 if ((name = X509_get_subject_name(ckchs->ckch->cert)) == NULL)
11862 goto end;
11863 if ((ssl_sock_get_dn_oneline(name, tmp)) == -1)
11864 goto end;
11865 *(tmp->area + tmp->data) = '\0';
11866 chunk_appendf(out, "%s\n", tmp->area);
11867
11868 chunk_appendf(out, "Issuer: ");
11869 if ((name = X509_get_issuer_name(ckchs->ckch->cert)) == NULL)
11870 goto end;
11871 if ((ssl_sock_get_dn_oneline(name, tmp)) == -1)
11872 goto end;
11873 *(tmp->area + tmp->data) = '\0';
11874 chunk_appendf(out, "%s\n", tmp->area);
11875
William Lallemand35f4a9d2020-02-25 11:56:32 +010011876 /* Displays subject of each certificate in the chain */
Emmanuel Hocdetcf8cf6c2020-02-18 16:06:14 +010011877 for (i = 0; i < sk_X509_num(chain); i++) {
11878 X509 *ca = sk_X509_value(chain, i);
William Lallemand35f4a9d2020-02-25 11:56:32 +010011879
William Lallemandbb7288a2020-02-25 14:04:33 +010011880 chunk_appendf(out, "Chain Subject: ");
William Lallemand35f4a9d2020-02-25 11:56:32 +010011881 if ((name = X509_get_subject_name(ca)) == NULL)
11882 goto end;
11883 if ((ssl_sock_get_dn_oneline(name, tmp)) == -1)
11884 goto end;
11885 *(tmp->area + tmp->data) = '\0';
11886 chunk_appendf(out, "%s\n", tmp->area);
11887
William Lallemandbb7288a2020-02-25 14:04:33 +010011888 chunk_appendf(out, "Chain Issuer: ");
11889 if ((name = X509_get_issuer_name(ca)) == NULL)
11890 goto end;
11891 if ((ssl_sock_get_dn_oneline(name, tmp)) == -1)
11892 goto end;
11893 *(tmp->area + tmp->data) = '\0';
11894 chunk_appendf(out, "%s\n", tmp->area);
William Lallemand35f4a9d2020-02-25 11:56:32 +010011895 }
William Lallemandd4f946c2019-12-05 10:26:40 +010011896 }
11897
William Lallemandea987ed2020-03-19 16:48:33 +010011898end:
William Lallemandd4f946c2019-12-05 10:26:40 +010011899 if (ci_putchk(si_ic(si), out) == -1) {
11900 si_rx_room_blk(si);
11901 goto yield;
11902 }
11903
William Lallemand18eeb8e2020-03-20 14:42:36 +010011904end_no_putchk:
William Lallemand67b991d2020-03-20 14:10:17 +010011905 if (bio)
11906 BIO_free(bio);
William Lallemandd4f946c2019-12-05 10:26:40 +010011907 free_trash_chunk(tmp);
11908 free_trash_chunk(out);
11909 return 1;
11910yield:
11911 free_trash_chunk(tmp);
11912 free_trash_chunk(out);
11913 return 0; /* should come back */
11914}
11915
11916/* parsing function for 'show ssl cert [certfile]' */
11917static int cli_parse_show_cert(char **args, char *payload, struct appctx *appctx, void *private)
11918{
11919 struct ckch_store *ckchs;
11920
11921 if (!cli_has_level(appctx, ACCESS_LVL_OPER))
11922 return cli_err(appctx, "Can't allocate memory!\n");
11923
11924 /* The operations on the CKCH architecture are locked so we can
11925 * manipulate ckch_store and ckch_inst */
11926 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
11927 return cli_err(appctx, "Can't show!\nOperations on certificates are currently locked!\n");
11928
11929 /* check if there is a certificate to lookup */
11930 if (*args[3]) {
11931 if (*args[3] == '*') {
11932 if (!ckchs_transaction.new_ckchs)
11933 goto error;
11934
11935 ckchs = ckchs_transaction.new_ckchs;
11936
11937 if (strcmp(args[3] + 1, ckchs->path))
11938 goto error;
11939
11940 } else {
11941 if ((ckchs = ckchs_lookup(args[3])) == NULL)
11942 goto error;
11943
11944 }
11945
11946 if (ckchs->multi)
11947 goto error;
11948
11949 appctx->ctx.cli.p0 = ckchs;
11950 /* use the IO handler that shows details */
11951 appctx->io_handler = cli_io_handler_show_cert_detail;
11952 }
11953
11954 return 0;
11955
11956error:
11957 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
11958 return cli_err(appctx, "Can't display the certificate: Not found or the certificate is a bundle!\n");
11959}
11960
William Lallemand430413e2019-10-28 14:30:47 +010011961/* release function of the `set ssl cert' command, free things and unlock the spinlock */
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011962static void cli_release_commit_cert(struct appctx *appctx)
William Lallemand8f840d72019-10-23 10:53:05 +020011963{
11964 struct ckch_store *new_ckchs;
William Lallemand8f840d72019-10-23 10:53:05 +020011965
William Lallemand430413e2019-10-28 14:30:47 +010011966 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
William Lallemand8f840d72019-10-23 10:53:05 +020011967
William Lallemand430413e2019-10-28 14:30:47 +010011968 if (appctx->st2 != SETCERT_ST_FIN) {
William Lallemand8f840d72019-10-23 10:53:05 +020011969 /* free every new sni_ctx and the new store, which are not in the trees so no spinlock there */
William Lallemandbeea2a42019-10-30 17:45:33 +010011970 new_ckchs = appctx->ctx.ssl.new_ckchs;
William Lallemand8f840d72019-10-23 10:53:05 +020011971
William Lallemandbeea2a42019-10-30 17:45:33 +010011972 /* if the allocation failed, we need to free everything from the temporary list */
William Lallemandba1c33f2020-04-08 17:55:45 +020011973 ckch_store_free(new_ckchs);
William Lallemand8f840d72019-10-23 10:53:05 +020011974 }
11975}
11976
11977
11978/*
11979 * This function tries to create the new ckch_inst and their SNIs
11980 */
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011981static int cli_io_handler_commit_cert(struct appctx *appctx)
William Lallemand8f840d72019-10-23 10:53:05 +020011982{
11983 struct stream_interface *si = appctx->owner;
11984 int y = 0;
11985 char *err = NULL;
11986 int errcode = 0;
11987 struct ckch_store *old_ckchs, *new_ckchs = NULL;
11988 struct ckch_inst *ckchi, *ckchis;
William Lallemand8f840d72019-10-23 10:53:05 +020011989 struct buffer *trash = alloc_trash_chunk();
William Lallemand8ef0c2a2019-11-21 16:30:34 +010011990 struct sni_ctx *sc0, *sc0s;
William Lallemand90afe902020-03-30 19:29:45 +020011991 struct crtlist_entry *entry;
William Lallemand8f840d72019-10-23 10:53:05 +020011992
William Lallemand33cc76f2019-10-31 11:43:45 +010011993 if (trash == NULL)
11994 goto error;
11995
William Lallemand8f840d72019-10-23 10:53:05 +020011996 if (unlikely(si_ic(si)->flags & (CF_WRITE_ERROR|CF_SHUTW)))
11997 goto error;
11998
William Lallemand430413e2019-10-28 14:30:47 +010011999 while (1) {
12000 switch (appctx->st2) {
12001 case SETCERT_ST_INIT:
12002 /* This state just print the update message */
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012003 chunk_printf(trash, "Committing %s", ckchs_transaction.path);
William Lallemand430413e2019-10-28 14:30:47 +010012004 if (ci_putchk(si_ic(si), trash) == -1) {
12005 si_rx_room_blk(si);
William Lallemand8f840d72019-10-23 10:53:05 +020012006 goto yield;
William Lallemand430413e2019-10-28 14:30:47 +010012007 }
12008 appctx->st2 = SETCERT_ST_GEN;
12009 /* fallthrough */
12010 case SETCERT_ST_GEN:
12011 /*
12012 * This state generates the ckch instances with their
12013 * sni_ctxs and SSL_CTX.
12014 *
William Lallemand430413e2019-10-28 14:30:47 +010012015 * Since the SSL_CTX generation can be CPU consumer, we
12016 * yield every 10 instances.
12017 */
William Lallemand8f840d72019-10-23 10:53:05 +020012018
William Lallemandbeea2a42019-10-30 17:45:33 +010012019 old_ckchs = appctx->ctx.ssl.old_ckchs;
12020 new_ckchs = appctx->ctx.ssl.new_ckchs;
William Lallemand8f840d72019-10-23 10:53:05 +020012021
William Lallemandbeea2a42019-10-30 17:45:33 +010012022 if (!new_ckchs)
12023 continue;
William Lallemand8f840d72019-10-23 10:53:05 +020012024
William Lallemandbeea2a42019-10-30 17:45:33 +010012025 /* get the next ckchi to regenerate */
12026 ckchi = appctx->ctx.ssl.next_ckchi;
12027 /* we didn't start yet, set it to the first elem */
12028 if (ckchi == NULL)
12029 ckchi = LIST_ELEM(old_ckchs->ckch_inst.n, typeof(ckchi), by_ckchs);
William Lallemand8f840d72019-10-23 10:53:05 +020012030
William Lallemandbeea2a42019-10-30 17:45:33 +010012031 /* walk through the old ckch_inst and creates new ckch_inst using the updated ckchs */
12032 list_for_each_entry_from(ckchi, &old_ckchs->ckch_inst, by_ckchs) {
12033 struct ckch_inst *new_inst;
William Lallemand38df1c82019-12-04 15:39:35 +010012034 char **sni_filter = NULL;
12035 int fcount = 0;
William Lallemand8f840d72019-10-23 10:53:05 +020012036
William Lallemandbeea2a42019-10-30 17:45:33 +010012037 /* it takes a lot of CPU to creates SSL_CTXs, so we yield every 10 CKCH instances */
12038 if (y >= 10) {
12039 /* save the next ckchi to compute */
12040 appctx->ctx.ssl.next_ckchi = ckchi;
12041 goto yield;
12042 }
William Lallemandcaa16192020-04-08 16:29:15 +020012043
12044 if (ckchi->crtlist_entry) {
12045 sni_filter = ckchi->crtlist_entry->filters;
12046 fcount = ckchi->crtlist_entry->fcount;
William Lallemand67630162020-03-09 16:56:39 +010012047 }
William Lallemand38df1c82019-12-04 15:39:35 +010012048
William Lallemandbeea2a42019-10-30 17:45:33 +010012049 if (new_ckchs->multi)
William Lallemand38df1c82019-12-04 15:39:35 +010012050 errcode |= ckch_inst_new_load_multi_store(new_ckchs->path, new_ckchs, ckchi->bind_conf, ckchi->ssl_conf, sni_filter, fcount, &new_inst, &err);
William Lallemandbeea2a42019-10-30 17:45:33 +010012051 else
William Lallemand38df1c82019-12-04 15:39:35 +010012052 errcode |= ckch_inst_new_load_store(new_ckchs->path, new_ckchs, ckchi->bind_conf, ckchi->ssl_conf, sni_filter, fcount, &new_inst, &err);
12053
William Lallemandbeea2a42019-10-30 17:45:33 +010012054 if (errcode & ERR_CODE)
12055 goto error;
William Lallemand8f840d72019-10-23 10:53:05 +020012056
William Lallemand21724f02019-11-04 17:56:13 +010012057 /* if the previous ckchi was used as the default */
12058 if (ckchi->is_default)
12059 new_inst->is_default = 1;
12060
William Lallemand8ef0c2a2019-11-21 16:30:34 +010012061 /* we need to initialize the SSL_CTX generated */
William Lallemand696f3172020-02-07 20:45:24 +010012062 /* this iterate on the newly generated SNIs in the new instance to prepare their SSL_CTX */
12063 list_for_each_entry_safe(sc0, sc0s, &new_inst->sni_ctx, by_ckch_inst) {
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +050012064 if (!sc0->order) { /* we initialized only the first SSL_CTX because it's the same in the other sni_ctx's */
William Lallemand8ef0c2a2019-11-21 16:30:34 +010012065 errcode |= ssl_sock_prepare_ctx(ckchi->bind_conf, ckchi->ssl_conf, sc0->ctx, &err);
12066 if (errcode & ERR_CODE)
12067 goto error;
12068 }
12069 }
12070
12071
William Lallemandbeea2a42019-10-30 17:45:33 +010012072 /* display one dot per new instance */
12073 chunk_appendf(trash, ".");
12074 /* link the new ckch_inst to the duplicate */
12075 LIST_ADDQ(&new_ckchs->ckch_inst, &new_inst->by_ckchs);
12076 y++;
12077 }
William Lallemand430413e2019-10-28 14:30:47 +010012078 appctx->st2 = SETCERT_ST_INSERT;
12079 /* fallthrough */
12080 case SETCERT_ST_INSERT:
12081 /* The generation is finished, we can insert everything */
William Lallemand8f840d72019-10-23 10:53:05 +020012082
William Lallemandbeea2a42019-10-30 17:45:33 +010012083 old_ckchs = appctx->ctx.ssl.old_ckchs;
12084 new_ckchs = appctx->ctx.ssl.new_ckchs;
William Lallemand8f840d72019-10-23 10:53:05 +020012085
William Lallemandbeea2a42019-10-30 17:45:33 +010012086 if (!new_ckchs)
12087 continue;
William Lallemand430413e2019-10-28 14:30:47 +010012088
William Lallemand90afe902020-03-30 19:29:45 +020012089 /* get the list of crtlist_entry in the old store, and update the pointers to the store */
12090 LIST_SPLICE(&new_ckchs->crtlist_entry, &old_ckchs->crtlist_entry);
12091 list_for_each_entry(entry, &new_ckchs->crtlist_entry, by_ckch_store) {
12092 ebpt_delete(&entry->node);
12093 /* change the ptr and reinsert the node */
12094 entry->node.key = new_ckchs;
12095 ebpt_insert(&entry->crtlist->entries, &entry->node);
12096 }
12097
William Lallemand21724f02019-11-04 17:56:13 +010012098 /* First, we insert every new SNIs in the trees, also replace the default_ctx */
William Lallemandbeea2a42019-10-30 17:45:33 +010012099 list_for_each_entry_safe(ckchi, ckchis, &new_ckchs->ckch_inst, by_ckchs) {
12100 HA_RWLOCK_WRLOCK(SNI_LOCK, &ckchi->bind_conf->sni_lock);
12101 ssl_sock_load_cert_sni(ckchi, ckchi->bind_conf);
12102 HA_RWLOCK_WRUNLOCK(SNI_LOCK, &ckchi->bind_conf->sni_lock);
12103 }
William Lallemand8f840d72019-10-23 10:53:05 +020012104
William Lallemandbeea2a42019-10-30 17:45:33 +010012105 /* delete the old sni_ctx, the old ckch_insts and the ckch_store */
12106 list_for_each_entry_safe(ckchi, ckchis, &old_ckchs->ckch_inst, by_ckchs) {
Willy Tarreaua6cd0782020-05-01 11:38:39 +020012107 struct bind_conf __maybe_unused *bind_conf = ckchi->bind_conf;
William Lallemandd5e93772020-04-09 17:12:16 +020012108
12109 HA_RWLOCK_WRLOCK(SNI_LOCK, &bind_conf->sni_lock);
William Lallemandd9d5d1b2020-04-09 16:31:05 +020012110 ckch_inst_free(ckchi);
William Lallemandd5e93772020-04-09 17:12:16 +020012111 HA_RWLOCK_WRUNLOCK(SNI_LOCK, &bind_conf->sni_lock);
William Lallemandbeea2a42019-10-30 17:45:33 +010012112 }
William Lallemand8f840d72019-10-23 10:53:05 +020012113
William Lallemandbeea2a42019-10-30 17:45:33 +010012114 /* Replace the old ckchs by the new one */
William Lallemandba1c33f2020-04-08 17:55:45 +020012115 ckch_store_free(old_ckchs);
William Lallemandbeea2a42019-10-30 17:45:33 +010012116 ebst_insert(&ckchs_tree, &new_ckchs->node);
William Lallemand430413e2019-10-28 14:30:47 +010012117 appctx->st2 = SETCERT_ST_FIN;
12118 /* fallthrough */
12119 case SETCERT_ST_FIN:
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012120 /* we achieved the transaction, we can set everything to NULL */
12121 free(ckchs_transaction.path);
12122 ckchs_transaction.path = NULL;
12123 ckchs_transaction.new_ckchs = NULL;
12124 ckchs_transaction.old_ckchs = NULL;
William Lallemand430413e2019-10-28 14:30:47 +010012125 goto end;
12126 }
William Lallemand8f840d72019-10-23 10:53:05 +020012127 }
William Lallemand430413e2019-10-28 14:30:47 +010012128end:
William Lallemand8f840d72019-10-23 10:53:05 +020012129
William Lallemanded442432019-11-21 16:41:07 +010012130 chunk_appendf(trash, "\n");
12131 if (errcode & ERR_WARN)
Tim Duesterhusc0e820c2019-11-23 23:52:30 +010012132 chunk_appendf(trash, "%s", err);
William Lallemanded442432019-11-21 16:41:07 +010012133 chunk_appendf(trash, "Success!\n");
William Lallemand430413e2019-10-28 14:30:47 +010012134 if (ci_putchk(si_ic(si), trash) == -1)
12135 si_rx_room_blk(si);
12136 free_trash_chunk(trash);
12137 /* success: call the release function and don't come back */
12138 return 1;
William Lallemand8f840d72019-10-23 10:53:05 +020012139yield:
12140 /* store the state */
12141 if (ci_putchk(si_ic(si), trash) == -1)
12142 si_rx_room_blk(si);
12143 free_trash_chunk(trash);
12144 si_rx_endp_more(si); /* let's come back later */
William Lallemand8f840d72019-10-23 10:53:05 +020012145 return 0; /* should come back */
12146
12147error:
12148 /* spin unlock and free are done in the release function */
William Lallemand33cc76f2019-10-31 11:43:45 +010012149 if (trash) {
12150 chunk_appendf(trash, "\n%sFailed!\n", err);
12151 if (ci_putchk(si_ic(si), trash) == -1)
12152 si_rx_room_blk(si);
12153 free_trash_chunk(trash);
12154 }
William Lallemand430413e2019-10-28 14:30:47 +010012155 /* error: call the release function and don't come back */
12156 return 1;
William Lallemand8f840d72019-10-23 10:53:05 +020012157}
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012158
12159/*
12160 * Parsing function of 'commit ssl cert'
12161 */
12162static int cli_parse_commit_cert(char **args, char *payload, struct appctx *appctx, void *private)
12163{
12164 char *err = NULL;
12165
William Lallemand230662a2019-12-03 13:32:54 +010012166 if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
12167 return 1;
12168
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012169 if (!*args[3])
12170 return cli_err(appctx, "'commit ssl cert expects a filename\n");
12171
12172 /* The operations on the CKCH architecture are locked so we can
12173 * manipulate ckch_store and ckch_inst */
12174 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
12175 return cli_err(appctx, "Can't commit the certificate!\nOperations on certificates are currently locked!\n");
12176
12177 if (!ckchs_transaction.path) {
12178 memprintf(&err, "No ongoing transaction! !\n");
12179 goto error;
12180 }
12181
12182 if (strcmp(ckchs_transaction.path, args[3]) != 0) {
12183 memprintf(&err, "The ongoing transaction is about '%s' but you are trying to set '%s'\n", ckchs_transaction.path, args[3]);
12184 goto error;
12185 }
12186
William Lallemand4c5adbf2020-02-24 14:23:22 +010012187#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
12188 if (ckchs_transaction.new_ckchs->multi) {
12189 int n;
12190
12191 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
12192 if (ckchs_transaction.new_ckchs->ckch[n].cert && !X509_check_private_key(ckchs_transaction.new_ckchs->ckch[n].cert, ckchs_transaction.new_ckchs->ckch[n].key)) {
12193 memprintf(&err, "inconsistencies between private key and certificate loaded '%s'.\n", ckchs_transaction.path);
12194 goto error;
12195 }
12196 }
12197 } else
12198#endif
12199 {
12200 if (!X509_check_private_key(ckchs_transaction.new_ckchs->ckch->cert, ckchs_transaction.new_ckchs->ckch->key)) {
12201 memprintf(&err, "inconsistencies between private key and certificate loaded '%s'.\n", ckchs_transaction.path);
12202 goto error;
12203 }
12204 }
12205
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012206 /* init the appctx structure */
12207 appctx->st2 = SETCERT_ST_INIT;
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012208 appctx->ctx.ssl.next_ckchi = NULL;
12209 appctx->ctx.ssl.new_ckchs = ckchs_transaction.new_ckchs;
12210 appctx->ctx.ssl.old_ckchs = ckchs_transaction.old_ckchs;
12211
12212 /* we don't unlock there, it will be unlock after the IO handler, in the release handler */
12213 return 0;
12214
12215error:
12216
12217 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
12218 err = memprintf(&err, "%sCan't commit %s!\n", err ? err : "", args[3]);
12219
12220 return cli_dynerr(appctx, err);
12221}
12222
William Lallemand8f840d72019-10-23 10:53:05 +020012223/*
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012224 * Parsing function of `set ssl cert`, it updates or creates a temporary ckch.
William Lallemand8f840d72019-10-23 10:53:05 +020012225 */
William Lallemand150bfa82019-09-19 17:12:49 +020012226static int cli_parse_set_cert(char **args, char *payload, struct appctx *appctx, void *private)
12227{
William Lallemand0c3b7d92019-10-18 11:27:07 +020012228 struct ckch_store *new_ckchs = NULL;
William Lallemand8f840d72019-10-23 10:53:05 +020012229 struct ckch_store *old_ckchs = NULL;
William Lallemand150bfa82019-09-19 17:12:49 +020012230 char *err = NULL;
William Lallemand963b2e72019-10-14 11:38:36 +020012231 int i;
William Lallemand849eed62019-10-17 16:23:50 +020012232 int bundle = -1; /* TRUE if >= 0 (ckch index) */
Emeric Brunf69ed1d2019-10-17 11:56:56 +020012233 int errcode = 0;
William Lallemand44b35322019-10-17 16:28:40 +020012234 char *end;
12235 int type = CERT_TYPE_PEM;
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012236 struct cert_key_and_chain *ckch;
12237 struct buffer *buf;
William Lallemand8f840d72019-10-23 10:53:05 +020012238
William Lallemand230662a2019-12-03 13:32:54 +010012239 if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
12240 return 1;
12241
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012242 if ((buf = alloc_trash_chunk()) == NULL)
12243 return cli_err(appctx, "Can't allocate memory\n");
William Lallemand150bfa82019-09-19 17:12:49 +020012244
12245 if (!*args[3] || !payload)
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +050012246 return cli_err(appctx, "'set ssl cert expects a filename and a certificate as a payload\n");
William Lallemand150bfa82019-09-19 17:12:49 +020012247
12248 /* The operations on the CKCH architecture are locked so we can
12249 * manipulate ckch_store and ckch_inst */
12250 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
12251 return cli_err(appctx, "Can't update the certificate!\nOperations on certificates are currently locked!\n");
12252
William Lallemand8f840d72019-10-23 10:53:05 +020012253 if (!chunk_strcpy(buf, args[3])) {
12254 memprintf(&err, "%sCan't allocate memory\n", err ? err : "");
12255 errcode |= ERR_ALERT | ERR_FATAL;
12256 goto end;
12257 }
12258
William Lallemand44b35322019-10-17 16:28:40 +020012259 /* check which type of file we want to update */
William Lallemandf29cdef2019-10-23 15:00:52 +020012260 for (i = 0; cert_exts[i].type < CERT_TYPE_MAX; i++) {
William Lallemand8f840d72019-10-23 10:53:05 +020012261 end = strrchr(buf->area, '.');
William Lallemand44b35322019-10-17 16:28:40 +020012262 if (end && *cert_exts[i].ext && (!strcmp(end + 1, cert_exts[i].ext))) {
12263 *end = '\0';
12264 type = cert_exts[i].type;
12265 break;
12266 }
12267 }
12268
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012269 appctx->ctx.ssl.old_ckchs = NULL;
12270 appctx->ctx.ssl.new_ckchs = NULL;
William Lallemand849eed62019-10-17 16:23:50 +020012271
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012272 /* if there is an ongoing transaction */
12273 if (ckchs_transaction.path) {
12274 /* if the ongoing transaction is a bundle, we need to find which part of the bundle need to be updated */
William Lallemand963b2e72019-10-14 11:38:36 +020012275#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012276 if (ckchs_transaction.new_ckchs->multi) {
Emmanuel Hocdet40f2f1e2019-10-30 17:31:28 +010012277 char *end;
William Lallemand963b2e72019-10-14 11:38:36 +020012278 int j;
William Lallemand150bfa82019-09-19 17:12:49 +020012279
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012280 /* check if it was used in a bundle by removing the
William Lallemand963b2e72019-10-14 11:38:36 +020012281 * .dsa/.rsa/.ecdsa at the end of the filename */
William Lallemand8f840d72019-10-23 10:53:05 +020012282 end = strrchr(buf->area, '.');
Emmanuel Hocdet40f2f1e2019-10-30 17:31:28 +010012283 for (j = 0; end && j < SSL_SOCK_NUM_KEYTYPES; j++) {
William Lallemand963b2e72019-10-14 11:38:36 +020012284 if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) {
12285 bundle = j; /* keep the type of certificate so we insert it at the right place */
12286 *end = '\0'; /* it's a bundle let's end the string*/
12287 break;
12288 }
William Lallemand150bfa82019-09-19 17:12:49 +020012289 }
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012290 if (bundle < 0) {
12291 memprintf(&err, "The ongoing transaction is the '%s' bundle. You need to specify which part of the bundle you want to update ('%s.{rsa,ecdsa,dsa}')\n", ckchs_transaction.path, buf->area);
12292 errcode |= ERR_ALERT | ERR_FATAL;
12293 goto end;
12294 }
12295 }
12296#endif
12297
12298 /* if there is an ongoing transaction, check if this is the same file */
12299 if (strcmp(ckchs_transaction.path, buf->area) != 0) {
12300 memprintf(&err, "The ongoing transaction is about '%s' but you are trying to set '%s'\n", ckchs_transaction.path, buf->area);
12301 errcode |= ERR_ALERT | ERR_FATAL;
12302 goto end;
William Lallemand150bfa82019-09-19 17:12:49 +020012303 }
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012304
12305 appctx->ctx.ssl.old_ckchs = ckchs_transaction.new_ckchs;
12306
12307 } else {
12308 struct ckch_store *find_ckchs[2] = { NULL, NULL };
12309
12310 /* lookup for the certificate in the tree:
12311 * check if this is used as a bundle AND as a unique certificate */
12312 for (i = 0; i < 2; i++) {
12313
12314 if ((find_ckchs[i] = ckchs_lookup(buf->area)) != NULL) {
12315 /* only the bundle name is in the tree and you should
12316 * never update a bundle name, only a filename */
12317 if (bundle < 0 && find_ckchs[i]->multi) {
12318 /* we tried to look for a non-bundle and we found a bundle */
12319 memprintf(&err, "%s%s is a multi-cert bundle. Try updating %s.{dsa,rsa,ecdsa}\n",
12320 err ? err : "", args[3], args[3]);
12321 errcode |= ERR_ALERT | ERR_FATAL;
12322 goto end;
12323 }
William Lallemand3246d942019-11-04 14:02:11 +010012324 /* If we want a bundle but this is not a bundle
12325 * example: When you try to update <file>.rsa, but
12326 * <file> is a regular file */
12327 if (bundle >= 0 && find_ckchs[i]->multi == 0) {
12328 find_ckchs[i] = NULL;
12329 break;
12330 }
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012331 }
12332#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
12333 {
Emmanuel Hocdet40f2f1e2019-10-30 17:31:28 +010012334 char *end;
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012335 int j;
12336
12337 /* check if it was used in a bundle by removing the
12338 * .dsa/.rsa/.ecdsa at the end of the filename */
12339 end = strrchr(buf->area, '.');
Emmanuel Hocdet40f2f1e2019-10-30 17:31:28 +010012340 for (j = 0; end && j < SSL_SOCK_NUM_KEYTYPES; j++) {
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012341 if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) {
12342 bundle = j; /* keep the type of certificate so we insert it at the right place */
12343 *end = '\0'; /* it's a bundle let's end the string*/
12344 break;
12345 }
12346 }
William Lallemand37031b82019-11-04 13:38:53 +010012347 if (bundle < 0) /* we didn't find a bundle extension */
12348 break;
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012349 }
William Lallemand963b2e72019-10-14 11:38:36 +020012350#else
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012351 /* bundles are not supported here, so we don't need to lookup again */
12352 break;
William Lallemand963b2e72019-10-14 11:38:36 +020012353#endif
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012354 }
12355
12356 if (find_ckchs[0] && find_ckchs[1]) {
12357 memprintf(&err, "%sUpdating a certificate which is used in the HAProxy configuration as a bundle and as a unique certificate is not supported. ('%s' and '%s')\n",
12358 err ? err : "", find_ckchs[0]->path, find_ckchs[1]->path);
12359 errcode |= ERR_ALERT | ERR_FATAL;
12360 goto end;
12361 }
12362
12363 appctx->ctx.ssl.old_ckchs = find_ckchs[0] ? find_ckchs[0] : find_ckchs[1];
William Lallemand150bfa82019-09-19 17:12:49 +020012364 }
12365
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012366 if (!appctx->ctx.ssl.old_ckchs) {
12367 memprintf(&err, "%sCan't replace a certificate which is not referenced by the configuration!\n",
William Lallemand150bfa82019-09-19 17:12:49 +020012368 err ? err : "");
Emeric Brunf69ed1d2019-10-17 11:56:56 +020012369 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemand8f840d72019-10-23 10:53:05 +020012370 goto end;
William Lallemand150bfa82019-09-19 17:12:49 +020012371 }
12372
William Lallemand8a7fdf02019-11-04 10:59:32 +010012373 if (!appctx->ctx.ssl.path) {
12374 /* this is a new transaction, set the path of the transaction */
12375 appctx->ctx.ssl.path = strdup(appctx->ctx.ssl.old_ckchs->path);
12376 if (!appctx->ctx.ssl.path) {
12377 memprintf(&err, "%sCan't allocate memory\n", err ? err : "");
12378 errcode |= ERR_ALERT | ERR_FATAL;
12379 goto end;
12380 }
12381 }
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012382
12383 old_ckchs = appctx->ctx.ssl.old_ckchs;
12384
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012385 /* duplicate the ckch store */
12386 new_ckchs = ckchs_dup(old_ckchs);
12387 if (!new_ckchs) {
12388 memprintf(&err, "%sCannot allocate memory!\n",
12389 err ? err : "");
12390 errcode |= ERR_ALERT | ERR_FATAL;
12391 goto end;
12392 }
12393
12394 if (!new_ckchs->multi)
12395 ckch = new_ckchs->ckch;
12396 else
12397 ckch = &new_ckchs->ckch[bundle];
12398
12399 /* appply the change on the duplicate */
12400 if (cert_exts[type].load(buf->area, payload, ckch, &err) != 0) {
12401 memprintf(&err, "%sCan't load the payload\n", err ? err : "");
12402 errcode |= ERR_ALERT | ERR_FATAL;
12403 goto end;
12404 }
12405
12406 appctx->ctx.ssl.new_ckchs = new_ckchs;
12407
12408 /* we succeed, we can save the ckchs in the transaction */
12409
12410 /* if there wasn't a transaction, update the old ckchs */
William Dauchyc8bb1532019-11-24 15:04:20 +010012411 if (!ckchs_transaction.old_ckchs) {
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012412 ckchs_transaction.old_ckchs = appctx->ctx.ssl.old_ckchs;
12413 ckchs_transaction.path = appctx->ctx.ssl.path;
12414 err = memprintf(&err, "Transaction created for certificate %s!\n", ckchs_transaction.path);
12415 } else {
12416 err = memprintf(&err, "Transaction updated for certificate %s!\n", ckchs_transaction.path);
12417
12418 }
12419
12420 /* free the previous ckchs if there was a transaction */
William Lallemandba1c33f2020-04-08 17:55:45 +020012421 ckch_store_free(ckchs_transaction.new_ckchs);
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012422
12423 ckchs_transaction.new_ckchs = appctx->ctx.ssl.new_ckchs;
12424
12425
William Lallemand8f840d72019-10-23 10:53:05 +020012426 /* creates the SNI ctxs later in the IO handler */
William Lallemand150bfa82019-09-19 17:12:49 +020012427
William Lallemand8f840d72019-10-23 10:53:05 +020012428end:
12429 free_trash_chunk(buf);
William Lallemand150bfa82019-09-19 17:12:49 +020012430
Emeric Brunf69ed1d2019-10-17 11:56:56 +020012431 if (errcode & ERR_CODE) {
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012432
William Lallemandba1c33f2020-04-08 17:55:45 +020012433 ckch_store_free(appctx->ctx.ssl.new_ckchs);
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012434 appctx->ctx.ssl.new_ckchs = NULL;
12435
12436 appctx->ctx.ssl.old_ckchs = NULL;
12437
12438 free(appctx->ctx.ssl.path);
12439 appctx->ctx.ssl.path = NULL;
12440
12441 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
William Lallemand44b35322019-10-17 16:28:40 +020012442 return cli_dynerr(appctx, memprintf(&err, "%sCan't update %s!\n", err ? err : "", args[3]));
William Lallemand430413e2019-10-28 14:30:47 +010012443 } else {
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012444
12445 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
12446 return cli_dynmsg(appctx, LOG_NOTICE, err);
William Lallemand430413e2019-10-28 14:30:47 +010012447 }
William Lallemand8f840d72019-10-23 10:53:05 +020012448 /* TODO: handle the ERR_WARN which are not handled because of the io_handler */
William Lallemand150bfa82019-09-19 17:12:49 +020012449}
12450
William Lallemand0bc9c8a2019-11-19 15:51:51 +010012451/* parsing function of 'abort ssl cert' */
12452static int cli_parse_abort_cert(char **args, char *payload, struct appctx *appctx, void *private)
12453{
12454 char *err = NULL;
12455
William Lallemand230662a2019-12-03 13:32:54 +010012456 if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
12457 return 1;
12458
William Lallemand0bc9c8a2019-11-19 15:51:51 +010012459 if (!*args[3])
12460 return cli_err(appctx, "'abort ssl cert' expects a filename\n");
12461
12462 /* The operations on the CKCH architecture are locked so we can
12463 * manipulate ckch_store and ckch_inst */
12464 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
12465 return cli_err(appctx, "Can't abort!\nOperations on certificates are currently locked!\n");
12466
12467 if (!ckchs_transaction.path) {
12468 memprintf(&err, "No ongoing transaction!\n");
12469 goto error;
12470 }
12471
12472 if (strcmp(ckchs_transaction.path, args[3]) != 0) {
12473 memprintf(&err, "The ongoing transaction is about '%s' but you are trying to abort a transaction for '%s'\n", ckchs_transaction.path, args[3]);
12474 goto error;
12475 }
12476
12477 /* Only free the ckchs there, because the SNI and instances were not generated yet */
William Lallemandba1c33f2020-04-08 17:55:45 +020012478 ckch_store_free(ckchs_transaction.new_ckchs);
William Lallemand0bc9c8a2019-11-19 15:51:51 +010012479 ckchs_transaction.new_ckchs = NULL;
William Lallemandba1c33f2020-04-08 17:55:45 +020012480 ckch_store_free(ckchs_transaction.old_ckchs);
William Lallemand0bc9c8a2019-11-19 15:51:51 +010012481 ckchs_transaction.old_ckchs = NULL;
12482 free(ckchs_transaction.path);
12483 ckchs_transaction.path = NULL;
12484
12485 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
12486
12487 err = memprintf(&err, "Transaction aborted for certificate '%s'!\n", args[3]);
12488 return cli_dynmsg(appctx, LOG_NOTICE, err);
12489
12490error:
12491 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
12492
12493 return cli_dynerr(appctx, err);
12494}
12495
William Lallemandea987ed2020-03-19 16:48:33 +010012496/* parsing function of 'new ssl cert' */
12497static int cli_parse_new_cert(char **args, char *payload, struct appctx *appctx, void *private)
12498{
12499 struct ckch_store *store;
12500 char *err = NULL;
12501 char *path;
12502
12503 if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
12504 return 1;
12505
12506 if (!*args[3])
12507 return cli_err(appctx, "'new ssl cert' expects a filename\n");
12508
12509 path = args[3];
12510
12511 /* The operations on the CKCH architecture are locked so we can
12512 * manipulate ckch_store and ckch_inst */
12513 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
12514 return cli_err(appctx, "Can't create a certificate!\nOperations on certificates are currently locked!\n");
12515
12516 store = ckchs_lookup(path);
12517 if (store != NULL) {
12518 memprintf(&err, "Certificate '%s' already exists!\n", path);
12519 store = NULL; /* we don't want to free it */
12520 goto error;
12521 }
William Lallemand8a874e42020-04-09 10:32:53 +020012522 /* we won't support multi-certificate bundle here */
12523 store = ckch_store_new(path, 1);
William Lallemandea987ed2020-03-19 16:48:33 +010012524 if (!store) {
12525 memprintf(&err, "unable to allocate memory.\n");
12526 goto error;
12527 }
William Lallemandea987ed2020-03-19 16:48:33 +010012528
12529 /* insert into the ckchs tree */
William Lallemandea987ed2020-03-19 16:48:33 +010012530 ebst_insert(&ckchs_tree, &store->node);
12531 memprintf(&err, "New empty certificate store '%s'!\n", args[3]);
12532
12533 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
12534 return cli_dynmsg(appctx, LOG_NOTICE, err);
12535error:
12536 free(store);
12537 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
12538 return cli_dynerr(appctx, err);
12539}
12540
William Lallemand419e6342020-04-08 12:05:39 +020012541/* parsing function of 'del ssl cert' */
12542static int cli_parse_del_cert(char **args, char *payload, struct appctx *appctx, void *private)
12543{
12544 struct ckch_store *store;
12545 char *err = NULL;
12546 char *filename;
12547
12548 if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
12549 return 1;
12550
12551 if (!*args[3])
12552 return cli_err(appctx, "'del ssl cert' expects a certificate name\n");
12553
12554 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
12555 return cli_err(appctx, "Can't delete the certificate!\nOperations on certificates are currently locked!\n");
12556
12557 filename = args[3];
12558
12559 store = ckchs_lookup(filename);
12560 if (store == NULL) {
12561 memprintf(&err, "certificate '%s' doesn't exist!\n", filename);
12562 goto error;
12563 }
12564 if (!LIST_ISEMPTY(&store->ckch_inst)) {
12565 memprintf(&err, "certificate '%s' in use, can't be deleted!\n", filename);
12566 goto error;
12567 }
12568
12569 ebmb_delete(&store->node);
William Lallemandba1c33f2020-04-08 17:55:45 +020012570 ckch_store_free(store);
William Lallemand419e6342020-04-08 12:05:39 +020012571
12572 memprintf(&err, "Certificate '%s' deleted!\n", filename);
12573
12574 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
12575 return cli_dynmsg(appctx, LOG_NOTICE, err);
12576
12577error:
12578 memprintf(&err, "Can't remove the certificate: %s\n", err ? err : "");
12579 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
12580 return cli_dynerr(appctx, err);
12581}
12582
12583
12584
Aurélien Nephtaliabbf6072018-04-18 13:26:46 +020012585static int cli_parse_set_ocspresponse(char **args, char *payload, struct appctx *appctx, void *private)
William Lallemand32af2032016-10-29 18:09:35 +020012586{
12587#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
12588 char *err = NULL;
Willy Tarreau1c913e42018-08-22 05:26:57 +020012589 int i, j, ret;
Aurélien Nephtali1e0867c2018-04-18 14:04:58 +020012590
12591 if (!payload)
12592 payload = args[3];
William Lallemand32af2032016-10-29 18:09:35 +020012593
12594 /* Expect one parameter: the new response in base64 encoding */
Willy Tarreau9d008692019-08-09 11:21:01 +020012595 if (!*payload)
12596 return cli_err(appctx, "'set ssl ocsp-response' expects response in base64 encoding.\n");
Aurélien Nephtali1e0867c2018-04-18 14:04:58 +020012597
12598 /* remove \r and \n from the payload */
12599 for (i = 0, j = 0; payload[i]; i++) {
12600 if (payload[i] == '\r' || payload[i] == '\n')
12601 continue;
12602 payload[j++] = payload[i];
12603 }
12604 payload[j] = 0;
William Lallemand32af2032016-10-29 18:09:35 +020012605
Willy Tarreau1c913e42018-08-22 05:26:57 +020012606 ret = base64dec(payload, j, trash.area, trash.size);
Willy Tarreau9d008692019-08-09 11:21:01 +020012607 if (ret < 0)
12608 return cli_err(appctx, "'set ssl ocsp-response' received invalid base64 encoded response.\n");
William Lallemand32af2032016-10-29 18:09:35 +020012609
Willy Tarreau1c913e42018-08-22 05:26:57 +020012610 trash.data = ret;
William Lallemand32af2032016-10-29 18:09:35 +020012611 if (ssl_sock_update_ocsp_response(&trash, &err)) {
Willy Tarreau9d008692019-08-09 11:21:01 +020012612 if (err)
12613 return cli_dynerr(appctx, memprintf(&err, "%s.\n", err));
12614 else
12615 return cli_err(appctx, "Failed to update OCSP response.\n");
William Lallemand32af2032016-10-29 18:09:35 +020012616 }
Willy Tarreau9d008692019-08-09 11:21:01 +020012617
12618 return cli_msg(appctx, LOG_INFO, "OCSP Response updated!\n");
William Lallemand32af2032016-10-29 18:09:35 +020012619#else
Willy Tarreau9d008692019-08-09 11:21:01 +020012620 return cli_err(appctx, "HAProxy was compiled against a version of OpenSSL that doesn't support OCSP stapling.\n");
William Lallemand32af2032016-10-29 18:09:35 +020012621#endif
12622
Nenad Merdanovicc31499d2019-03-23 11:00:32 +010012623}
12624
Elliot Otchet71f82972020-01-15 08:12:14 -050012625/* Argument validation functions */
12626
12627/* This function is used to validate the arguments passed to any "x_dn" ssl
12628 * keywords. These keywords support specifying a third parameter that must be
12629 * either empty or the value "rfc2253". Returns 0 on error, non-zero if OK.
12630 */
12631int val_dnfmt(struct arg *arg, char **err_msg)
12632{
12633 if (arg && arg[2].type == ARGT_STR && arg[2].data.str.data > 0 && (strcmp(arg[2].data.str.area, "rfc2253") != 0)) {
12634 memprintf(err_msg, "only rfc2253 or a blank value are currently supported as the format argument.");
12635 return 0;
12636 }
12637 return 1;
12638}
12639
William Lallemand32af2032016-10-29 18:09:35 +020012640/* register cli keywords */
12641static struct cli_kw_list cli_kws = {{ },{
12642#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
12643 { { "show", "tls-keys", NULL }, "show tls-keys [id|*]: show tls keys references or dump tls ticket keys when id specified", cli_parse_show_tlskeys, NULL },
Lukas Tribusf4bbc432017-10-24 12:26:31 +020012644 { { "set", "ssl", "tls-key", NULL }, "set ssl tls-key [id|keyfile] <tlskey>: set the next TLS key for the <id> or <keyfile> listener to <tlskey>", cli_parse_set_tlskeys, NULL },
William Lallemand32af2032016-10-29 18:09:35 +020012645#endif
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +010012646 { { "set", "ssl", "ocsp-response", NULL }, NULL, cli_parse_set_ocspresponse, NULL },
William Lallemandea987ed2020-03-19 16:48:33 +010012647 { { "new", "ssl", "cert", NULL }, "new ssl cert <certfile> : create a new certificate file to be used in a crt-list or a directory", cli_parse_new_cert, NULL, NULL },
William Lallemandbc6ca7c2019-10-29 23:48:19 +010012648 { { "set", "ssl", "cert", NULL }, "set ssl cert <certfile> <payload> : replace a certificate file", cli_parse_set_cert, NULL, NULL },
12649 { { "commit", "ssl", "cert", NULL }, "commit ssl cert <certfile> : commit a certificate file", cli_parse_commit_cert, cli_io_handler_commit_cert, cli_release_commit_cert },
William Lallemand0bc9c8a2019-11-19 15:51:51 +010012650 { { "abort", "ssl", "cert", NULL }, "abort ssl cert <certfile> : abort a transaction for a certificate file", cli_parse_abort_cert, NULL, NULL },
William Lallemand419e6342020-04-08 12:05:39 +020012651 { { "del", "ssl", "cert", NULL }, "del ssl cert <certfile> : delete an unused certificate file", cli_parse_del_cert, NULL, NULL },
William Lallemandd4f946c2019-12-05 10:26:40 +010012652 { { "show", "ssl", "cert", NULL }, "show ssl cert [<certfile>] : display the SSL certificates used in memory, or the details of a <certfile>", cli_parse_show_cert, cli_io_handler_show_cert, cli_release_show_cert },
William Lallemande67c80b2020-03-25 14:42:37 +010012653 { { "add", "ssl", "crt-list", NULL }, "add ssl crt-list <filename> <certfile> [options] : add a line <certfile> to a crt-list <filename>", cli_parse_add_crtlist, cli_io_handler_add_crtlist, cli_release_add_crtlist },
William Lallemand0a9b9412020-04-06 17:43:05 +020012654 { { "del", "ssl", "crt-list", NULL }, "del ssl crt-list <filename> <certfile[:line]> : delete a line <certfile> in a crt-list <filename>", cli_parse_del_crtlist, NULL, NULL },
William Lallemandc69f02d2020-04-06 19:07:03 +020012655 { { "show", "ssl", "crt-list", NULL }, "show ssl crt-list [-n] [<filename>] : show the list of crt-lists or the content of a crt-list <filename>", cli_parse_dump_crtlist, cli_io_handler_dump_crtlist, NULL },
William Lallemand32af2032016-10-29 18:09:35 +020012656 { { NULL }, NULL, NULL, NULL }
12657}};
12658
Willy Tarreau0108d902018-11-25 19:14:37 +010012659INITCALL1(STG_REGISTER, cli_register_kw, &cli_kws);
William Lallemand32af2032016-10-29 18:09:35 +020012660
Willy Tarreau7875d092012-09-10 08:20:03 +020012661/* Note: must not be declared <const> as its list will be overwritten.
12662 * Please take care of keeping this list alphabetically sorted.
12663 */
Willy Tarreaudc13c112013-06-21 23:16:39 +020012664static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
Emeric Brun645ae792014-04-30 14:21:06 +020012665 { "ssl_bc", smp_fetch_ssl_fc, 0, NULL, SMP_T_BOOL, SMP_USE_L5SRV },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020012666 { "ssl_bc_alg_keysize", smp_fetch_ssl_fc_alg_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5SRV },
Olivier Houchard6b77f492018-11-22 18:18:29 +010012667#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Jérôme Magnine064a802018-12-03 22:21:04 +010012668 { "ssl_bc_alpn", smp_fetch_ssl_fc_alpn, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
Olivier Houchard6b77f492018-11-22 18:18:29 +010012669#endif
Emeric Brun645ae792014-04-30 14:21:06 +020012670 { "ssl_bc_cipher", smp_fetch_ssl_fc_cipher, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
Olivier Houchard6b77f492018-11-22 18:18:29 +010012671#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
12672 { "ssl_bc_npn", smp_fetch_ssl_fc_npn, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
12673#endif
Emeric Brun74f7ffa2018-02-19 16:14:12 +010012674 { "ssl_bc_is_resumed", smp_fetch_ssl_fc_is_resumed, 0, NULL, SMP_T_BOOL, SMP_USE_L5SRV },
Emeric Brun645ae792014-04-30 14:21:06 +020012675 { "ssl_bc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
Emeric Brunb73a9b02014-04-30 18:49:19 +020012676 { "ssl_bc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020012677 { "ssl_bc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5SRV },
Willy Tarreau9a1ab082019-05-09 13:26:41 +020012678#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Emeric Brun645ae792014-04-30 14:21:06 +020012679 { "ssl_bc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
Patrick Hemmer41966772018-04-28 19:15:48 -040012680#endif
Emmanuel Hocdet839af572019-05-14 16:27:35 +020012681#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
Patrick Hemmer65674662019-06-04 08:13:03 -040012682 { "ssl_bc_client_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
12683 { "ssl_bc_server_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
Patrick Hemmere0275472018-04-28 19:15:51 -040012684 { "ssl_bc_session_key", smp_fetch_ssl_fc_session_key, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
12685#endif
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020012686 { "ssl_c_ca_err", smp_fetch_ssl_c_ca_err, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
12687 { "ssl_c_ca_err_depth", smp_fetch_ssl_c_ca_err_depth, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Emeric Brun43e79582014-10-29 19:03:26 +010012688 { "ssl_c_der", smp_fetch_ssl_x_der, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020012689 { "ssl_c_err", smp_fetch_ssl_c_err, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Elliot Otchet71f82972020-01-15 08:12:14 -050012690 { "ssl_c_i_dn", smp_fetch_ssl_x_i_dn, ARG3(0,STR,SINT,STR),val_dnfmt, SMP_T_STR, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +020012691 { "ssl_c_key_alg", smp_fetch_ssl_x_key_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
12692 { "ssl_c_notafter", smp_fetch_ssl_x_notafter, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
12693 { "ssl_c_notbefore", smp_fetch_ssl_x_notbefore, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
12694 { "ssl_c_sig_alg", smp_fetch_ssl_x_sig_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Elliot Otchet71f82972020-01-15 08:12:14 -050012695 { "ssl_c_s_dn", smp_fetch_ssl_x_s_dn, ARG3(0,STR,SINT,STR),val_dnfmt, SMP_T_STR, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +020012696 { "ssl_c_serial", smp_fetch_ssl_x_serial, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
12697 { "ssl_c_sha1", smp_fetch_ssl_x_sha1, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +010012698 { "ssl_c_used", smp_fetch_ssl_c_used, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020012699 { "ssl_c_verify", smp_fetch_ssl_c_verify, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
12700 { "ssl_c_version", smp_fetch_ssl_x_version, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Emeric Brun43e79582014-10-29 19:03:26 +010012701 { "ssl_f_der", smp_fetch_ssl_x_der, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Elliot Otchet71f82972020-01-15 08:12:14 -050012702 { "ssl_f_i_dn", smp_fetch_ssl_x_i_dn, ARG3(0,STR,SINT,STR),val_dnfmt, SMP_T_STR, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +020012703 { "ssl_f_key_alg", smp_fetch_ssl_x_key_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
12704 { "ssl_f_notafter", smp_fetch_ssl_x_notafter, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
12705 { "ssl_f_notbefore", smp_fetch_ssl_x_notbefore, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
12706 { "ssl_f_sig_alg", smp_fetch_ssl_x_sig_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Elliot Otchet71f82972020-01-15 08:12:14 -050012707 { "ssl_f_s_dn", smp_fetch_ssl_x_s_dn, ARG3(0,STR,SINT,STR),val_dnfmt, SMP_T_STR, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +020012708 { "ssl_f_serial", smp_fetch_ssl_x_serial, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Emeric Brun55f4fa82014-04-30 17:11:25 +020012709 { "ssl_f_sha1", smp_fetch_ssl_x_sha1, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020012710 { "ssl_f_version", smp_fetch_ssl_x_version, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +010012711 { "ssl_fc", smp_fetch_ssl_fc, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020012712 { "ssl_fc_alg_keysize", smp_fetch_ssl_fc_alg_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010012713 { "ssl_fc_cipher", smp_fetch_ssl_fc_cipher, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +010012714 { "ssl_fc_has_crt", smp_fetch_ssl_fc_has_crt, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Olivier Houchardccaa7de2017-10-02 11:51:03 +020012715 { "ssl_fc_has_early", smp_fetch_ssl_fc_has_early, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +010012716 { "ssl_fc_has_sni", smp_fetch_ssl_fc_has_sni, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Nenad Merdanovic26ea8222015-05-18 02:28:57 +020012717 { "ssl_fc_is_resumed", smp_fetch_ssl_fc_is_resumed, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Bernard Spil13c53f82018-02-15 13:34:58 +010012718#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010012719 { "ssl_fc_npn", smp_fetch_ssl_fc_npn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreaua33c6542012-10-15 13:19:06 +020012720#endif
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +010012721#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010012722 { "ssl_fc_alpn", smp_fetch_ssl_fc_alpn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreauab861d32013-04-02 02:30:41 +020012723#endif
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010012724 { "ssl_fc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreau9a1ab082019-05-09 13:26:41 +020012725#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Emeric Brunb73a9b02014-04-30 18:49:19 +020012726 { "ssl_fc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Patrick Hemmer41966772018-04-28 19:15:48 -040012727#endif
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020012728 { "ssl_fc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Willy Tarreau9a1ab082019-05-09 13:26:41 +020012729#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010012730 { "ssl_fc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Patrick Hemmer41966772018-04-28 19:15:48 -040012731#endif
Emmanuel Hocdet839af572019-05-14 16:27:35 +020012732#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
Patrick Hemmer65674662019-06-04 08:13:03 -040012733 { "ssl_fc_client_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
12734 { "ssl_fc_server_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Patrick Hemmere0275472018-04-28 19:15:51 -040012735 { "ssl_fc_session_key", smp_fetch_ssl_fc_session_key, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
12736#endif
Patrick Hemmer41966772018-04-28 19:15:48 -040012737#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010012738 { "ssl_fc_sni", smp_fetch_ssl_fc_sni, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Patrick Hemmer41966772018-04-28 19:15:48 -040012739#endif
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010012740 { "ssl_fc_cipherlist_bin", smp_fetch_ssl_fc_cl_bin, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
12741 { "ssl_fc_cipherlist_hex", smp_fetch_ssl_fc_cl_hex, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
12742 { "ssl_fc_cipherlist_str", smp_fetch_ssl_fc_cl_str, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
12743 { "ssl_fc_cipherlist_xxh", smp_fetch_ssl_fc_cl_xxh64, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Willy Tarreau7875d092012-09-10 08:20:03 +020012744 { NULL, NULL, 0, 0, 0 },
12745}};
12746
Willy Tarreau0108d902018-11-25 19:14:37 +010012747INITCALL1(STG_REGISTER, sample_register_fetches, &sample_fetch_keywords);
12748
Willy Tarreau7875d092012-09-10 08:20:03 +020012749/* Note: must not be declared <const> as its list will be overwritten.
12750 * Please take care of keeping this list alphabetically sorted.
12751 */
Willy Tarreaudc13c112013-06-21 23:16:39 +020012752static struct acl_kw_list acl_kws = {ILH, {
Thierry FOURNIERc5a4e982014-03-05 16:07:08 +010012753 { "ssl_fc_sni_end", "ssl_fc_sni", PAT_MATCH_END },
12754 { "ssl_fc_sni_reg", "ssl_fc_sni", PAT_MATCH_REG },
Willy Tarreau8ed669b2013-01-11 15:49:37 +010012755 { /* END */ },
Willy Tarreau7875d092012-09-10 08:20:03 +020012756}};
12757
Willy Tarreau0108d902018-11-25 19:14:37 +010012758INITCALL1(STG_REGISTER, acl_register_keywords, &acl_kws);
12759
Willy Tarreau79eeafa2012-09-14 07:53:05 +020012760/* Note: must not be declared <const> as its list will be overwritten.
12761 * Please take care of keeping this list alphabetically sorted, doing so helps
12762 * all code contributors.
12763 * Optional keywords are also declared with a NULL ->parse() function so that
12764 * the config parser can report an appropriate error when a known keyword was
12765 * not enabled.
12766 */
William Lallemand557823f2020-04-01 17:42:47 +020012767
12768/* the <ssl_bind_kws> keywords are used for crt-list parsing, they *MUST* be safe
12769 * with their proxy argument NULL and must only fill the ssl_bind_conf */
William Lallemandd4632b22020-05-12 14:46:24 +020012770struct ssl_bind_kw ssl_bind_kws[] = {
Olivier Houchardc2aae742017-09-22 18:26:28 +020012771 { "allow-0rtt", ssl_bind_parse_allow_0rtt, 0 }, /* allow 0-RTT */
Emmanuel Hocdet98263292016-12-29 18:26:15 +010012772 { "alpn", ssl_bind_parse_alpn, 1 }, /* set ALPN supported protocols */
Emmanuel Hocdet842e94e2019-12-16 16:39:17 +010012773 { "ca-file", ssl_bind_parse_ca_file, 1 }, /* set CAfile to process ca-names and verify on client cert */
12774 { "ca-verify-file", ssl_bind_parse_ca_verify_file, 1 }, /* set CAverify file to process verify on client cert */
Emmanuel Hocdet98263292016-12-29 18:26:15 +010012775 { "ciphers", ssl_bind_parse_ciphers, 1 }, /* set SSL cipher suite */
Emmanuel Hocdet839af572019-05-14 16:27:35 +020012776#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020012777 { "ciphersuites", ssl_bind_parse_ciphersuites, 1 }, /* set TLS 1.3 cipher suite */
12778#endif
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +050012779 { "crl-file", ssl_bind_parse_crl_file, 1 }, /* set certificate revocation list file use on client cert verify */
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +010012780 { "curves", ssl_bind_parse_curves, 1 }, /* set SSL curve suite */
Emmanuel Hocdet98263292016-12-29 18:26:15 +010012781 { "ecdhe", ssl_bind_parse_ecdhe, 1 }, /* defines named curve for elliptic curve Diffie-Hellman */
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +020012782 { "no-ca-names", ssl_bind_parse_no_ca_names, 0 }, /* do not send ca names to clients (ca_file related) */
Emmanuel Hocdet98263292016-12-29 18:26:15 +010012783 { "npn", ssl_bind_parse_npn, 1 }, /* set NPN supported protocols */
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +020012784 { "ssl-min-ver", ssl_bind_parse_tls_method_minmax,1 }, /* minimum version */
12785 { "ssl-max-ver", ssl_bind_parse_tls_method_minmax,1 }, /* maximum version */
Emmanuel Hocdet98263292016-12-29 18:26:15 +010012786 { "verify", ssl_bind_parse_verify, 1 }, /* set SSL verify method */
12787 { NULL, NULL, 0 },
12788};
12789
Willy Tarreau0108d902018-11-25 19:14:37 +010012790/* no initcall for ssl_bind_kws, these ones are parsed in the parser loop */
12791
Willy Tarreau51fb7652012-09-18 18:24:39 +020012792static struct bind_kw_list bind_kws = { "SSL", { }, {
Olivier Houchardc2aae742017-09-22 18:26:28 +020012793 { "allow-0rtt", bind_parse_allow_0rtt, 0 }, /* Allow 0RTT */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020012794 { "alpn", bind_parse_alpn, 1 }, /* set ALPN supported protocols */
Emmanuel Hocdet842e94e2019-12-16 16:39:17 +010012795 { "ca-file", bind_parse_ca_file, 1 }, /* set CAfile to process ca-names and verify on client cert */
12796 { "ca-verify-file", bind_parse_ca_verify_file, 1 }, /* set CAverify file to process verify on client cert */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020012797 { "ca-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ignore on verify depth > 0 */
12798 { "ca-sign-file", bind_parse_ca_sign_file, 1 }, /* set CAFile used to generate and sign server certs */
12799 { "ca-sign-pass", bind_parse_ca_sign_pass, 1 }, /* set CAKey passphrase */
12800 { "ciphers", bind_parse_ciphers, 1 }, /* set SSL cipher suite */
Emmanuel Hocdet839af572019-05-14 16:27:35 +020012801#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020012802 { "ciphersuites", bind_parse_ciphersuites, 1 }, /* set TLS 1.3 cipher suite */
12803#endif
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +050012804 { "crl-file", bind_parse_crl_file, 1 }, /* set certificate revocation list file use on client cert verify */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020012805 { "crt", bind_parse_crt, 1 }, /* load SSL certificates from this location */
Ilya Shipitsin77e3b4a2020-03-10 12:06:11 +050012806 { "crt-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ignore on verify depth == 0 */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020012807 { "crt-list", bind_parse_crt_list, 1 }, /* load a list of crt from this location */
12808 { "curves", bind_parse_curves, 1 }, /* set SSL curve suite */
12809 { "ecdhe", bind_parse_ecdhe, 1 }, /* defines named curve for elliptic curve Diffie-Hellman */
12810 { "force-sslv3", bind_parse_tls_method_options, 0 }, /* force SSLv3 */
12811 { "force-tlsv10", bind_parse_tls_method_options, 0 }, /* force TLSv10 */
12812 { "force-tlsv11", bind_parse_tls_method_options, 0 }, /* force TLSv11 */
12813 { "force-tlsv12", bind_parse_tls_method_options, 0 }, /* force TLSv12 */
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +020012814 { "force-tlsv13", bind_parse_tls_method_options, 0 }, /* force TLSv13 */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020012815 { "generate-certificates", bind_parse_generate_certs, 0 }, /* enable the server certificates generation */
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +020012816 { "no-ca-names", bind_parse_no_ca_names, 0 }, /* do not send ca names to clients (ca_file related) */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020012817 { "no-sslv3", bind_parse_tls_method_options, 0 }, /* disable SSLv3 */
12818 { "no-tlsv10", bind_parse_tls_method_options, 0 }, /* disable TLSv10 */
12819 { "no-tlsv11", bind_parse_tls_method_options, 0 }, /* disable TLSv11 */
12820 { "no-tlsv12", bind_parse_tls_method_options, 0 }, /* disable TLSv12 */
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +020012821 { "no-tlsv13", bind_parse_tls_method_options, 0 }, /* disable TLSv13 */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020012822 { "no-tls-tickets", bind_parse_no_tls_tickets, 0 }, /* disable session resumption tickets */
12823 { "ssl", bind_parse_ssl, 0 }, /* enable SSL processing */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020012824 { "ssl-min-ver", bind_parse_tls_method_minmax, 1 }, /* minimum version */
12825 { "ssl-max-ver", bind_parse_tls_method_minmax, 1 }, /* maximum version */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020012826 { "strict-sni", bind_parse_strict_sni, 0 }, /* refuse negotiation if sni doesn't match a certificate */
12827 { "tls-ticket-keys", bind_parse_tls_ticket_keys, 1 }, /* set file to load TLS ticket keys from */
12828 { "verify", bind_parse_verify, 1 }, /* set SSL verify method */
12829 { "npn", bind_parse_npn, 1 }, /* set NPN supported protocols */
12830 { "prefer-client-ciphers", bind_parse_pcc, 0 }, /* prefer client ciphers */
Willy Tarreau79eeafa2012-09-14 07:53:05 +020012831 { NULL, NULL, 0 },
12832}};
Emeric Brun46591952012-05-18 15:47:34 +020012833
Willy Tarreau0108d902018-11-25 19:14:37 +010012834INITCALL1(STG_REGISTER, bind_register_keywords, &bind_kws);
12835
Willy Tarreau92faadf2012-10-10 23:04:25 +020012836/* Note: must not be declared <const> as its list will be overwritten.
12837 * Please take care of keeping this list alphabetically sorted, doing so helps
12838 * all code contributors.
12839 * Optional keywords are also declared with a NULL ->parse() function so that
12840 * the config parser can report an appropriate error when a known keyword was
12841 * not enabled.
12842 */
12843static struct srv_kw_list srv_kws = { "SSL", { }, {
Olivier Houchard522eea72017-11-03 16:27:47 +010012844 { "allow-0rtt", srv_parse_allow_0rtt, 0, 1 }, /* Allow using early data on this server */
Olivier Houchardc7566002018-11-20 23:33:50 +010012845 { "alpn", srv_parse_alpn, 1, 1 }, /* Set ALPN supported protocols */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020012846 { "ca-file", srv_parse_ca_file, 1, 1 }, /* set CAfile to process verify server cert */
Olivier Houchard92150142018-12-21 19:47:01 +010012847 { "check-alpn", srv_parse_alpn, 1, 1 }, /* Set ALPN used for checks */
Olivier Houchard9130a962017-10-17 17:33:43 +020012848 { "check-sni", srv_parse_check_sni, 1, 1 }, /* set SNI */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020012849 { "check-ssl", srv_parse_check_ssl, 0, 1 }, /* enable SSL for health checks */
12850 { "ciphers", srv_parse_ciphers, 1, 1 }, /* select the cipher suite */
Emmanuel Hocdet839af572019-05-14 16:27:35 +020012851#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020012852 { "ciphersuites", srv_parse_ciphersuites, 1, 1 }, /* select the cipher suite */
12853#endif
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020012854 { "crl-file", srv_parse_crl_file, 1, 1 }, /* set certificate revocation list file use on server cert verify */
12855 { "crt", srv_parse_crt, 1, 1 }, /* set client certificate */
12856 { "force-sslv3", srv_parse_tls_method_options, 0, 1 }, /* force SSLv3 */
12857 { "force-tlsv10", srv_parse_tls_method_options, 0, 1 }, /* force TLSv10 */
12858 { "force-tlsv11", srv_parse_tls_method_options, 0, 1 }, /* force TLSv11 */
12859 { "force-tlsv12", srv_parse_tls_method_options, 0, 1 }, /* force TLSv12 */
12860 { "force-tlsv13", srv_parse_tls_method_options, 0, 1 }, /* force TLSv13 */
12861 { "no-check-ssl", srv_parse_no_check_ssl, 0, 1 }, /* disable SSL for health checks */
12862 { "no-send-proxy-v2-ssl", srv_parse_no_send_proxy_ssl, 0, 1 }, /* do not send PROXY protocol header v2 with SSL info */
12863 { "no-send-proxy-v2-ssl-cn", srv_parse_no_send_proxy_cn, 0, 1 }, /* do not send PROXY protocol header v2 with CN */
12864 { "no-ssl", srv_parse_no_ssl, 0, 1 }, /* disable SSL processing */
12865 { "no-ssl-reuse", srv_parse_no_ssl_reuse, 0, 1 }, /* disable session reuse */
12866 { "no-sslv3", srv_parse_tls_method_options, 0, 0 }, /* disable SSLv3 */
12867 { "no-tlsv10", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv10 */
12868 { "no-tlsv11", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv11 */
12869 { "no-tlsv12", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv12 */
12870 { "no-tlsv13", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv13 */
12871 { "no-tls-tickets", srv_parse_no_tls_tickets, 0, 1 }, /* disable session resumption tickets */
Olivier Houchardc7566002018-11-20 23:33:50 +010012872 { "npn", srv_parse_npn, 1, 1 }, /* Set NPN supported protocols */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020012873 { "send-proxy-v2-ssl", srv_parse_send_proxy_ssl, 0, 1 }, /* send PROXY protocol header v2 with SSL info */
12874 { "send-proxy-v2-ssl-cn", srv_parse_send_proxy_cn, 0, 1 }, /* send PROXY protocol header v2 with CN */
12875 { "sni", srv_parse_sni, 1, 1 }, /* send SNI extension */
12876 { "ssl", srv_parse_ssl, 0, 1 }, /* enable SSL processing */
12877 { "ssl-min-ver", srv_parse_tls_method_minmax, 1, 1 }, /* minimum version */
12878 { "ssl-max-ver", srv_parse_tls_method_minmax, 1, 1 }, /* maximum version */
12879 { "ssl-reuse", srv_parse_ssl_reuse, 0, 1 }, /* enable session reuse */
12880 { "tls-tickets", srv_parse_tls_tickets, 0, 1 }, /* enable session resumption tickets */
12881 { "verify", srv_parse_verify, 1, 1 }, /* set SSL verify method */
12882 { "verifyhost", srv_parse_verifyhost, 1, 1 }, /* require that SSL cert verifies for hostname */
Willy Tarreau92faadf2012-10-10 23:04:25 +020012883 { NULL, NULL, 0, 0 },
12884}};
12885
Willy Tarreau0108d902018-11-25 19:14:37 +010012886INITCALL1(STG_REGISTER, srv_register_keywords, &srv_kws);
12887
Emeric Brun2c86cbf2014-10-30 15:56:50 +010012888static struct cfg_kw_list cfg_kws = {ILH, {
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +010012889 { CFG_GLOBAL, "ca-base", ssl_parse_global_ca_crt_base },
12890 { CFG_GLOBAL, "crt-base", ssl_parse_global_ca_crt_base },
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +010012891 { CFG_GLOBAL, "issuers-chain-path", ssl_load_global_issuers_from_path },
Willy Tarreau0bea58d2016-12-21 23:17:25 +010012892 { CFG_GLOBAL, "maxsslconn", ssl_parse_global_int },
Emeric Brun2c86cbf2014-10-30 15:56:50 +010012893 { CFG_GLOBAL, "ssl-default-bind-options", ssl_parse_default_bind_options },
12894 { CFG_GLOBAL, "ssl-default-server-options", ssl_parse_default_server_options },
Willy Tarreau14e36a12016-12-21 23:28:13 +010012895#ifndef OPENSSL_NO_DH
12896 { CFG_GLOBAL, "ssl-dh-param-file", ssl_parse_global_dh_param_file },
12897#endif
Grant Zhangfa6c7ee2017-01-14 01:42:15 +000012898 { CFG_GLOBAL, "ssl-mode-async", ssl_parse_global_ssl_async },
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020012899#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +000012900 { CFG_GLOBAL, "ssl-engine", ssl_parse_global_ssl_engine },
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020012901#endif
Emmanuel Hocdetc3b7e742020-04-22 11:06:19 +020012902 { CFG_GLOBAL, "ssl-skip-self-issued-ca", ssl_parse_skip_self_issued_ca },
Willy Tarreau9ceda382016-12-21 23:13:03 +010012903 { CFG_GLOBAL, "tune.ssl.cachesize", ssl_parse_global_int },
12904#ifndef OPENSSL_NO_DH
12905 { CFG_GLOBAL, "tune.ssl.default-dh-param", ssl_parse_global_default_dh },
12906#endif
12907 { CFG_GLOBAL, "tune.ssl.force-private-cache", ssl_parse_global_private_cache },
12908 { CFG_GLOBAL, "tune.ssl.lifetime", ssl_parse_global_lifetime },
12909 { CFG_GLOBAL, "tune.ssl.maxrecord", ssl_parse_global_int },
12910 { CFG_GLOBAL, "tune.ssl.ssl-ctx-cache-size", ssl_parse_global_int },
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010012911 { CFG_GLOBAL, "tune.ssl.capture-cipherlist-size", ssl_parse_global_capture_cipherlist },
Willy Tarreauf22e9682016-12-21 23:23:19 +010012912 { CFG_GLOBAL, "ssl-default-bind-ciphers", ssl_parse_global_ciphers },
12913 { CFG_GLOBAL, "ssl-default-server-ciphers", ssl_parse_global_ciphers },
Jerome Magninb203ff62020-04-03 15:28:22 +020012914#if ((HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL) || defined(LIBRESSL_VERSION_NUMBER))
12915 { CFG_GLOBAL, "ssl-default-bind-curves", ssl_parse_global_curves },
12916#endif
Emmanuel Hocdet839af572019-05-14 16:27:35 +020012917#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020012918 { CFG_GLOBAL, "ssl-default-bind-ciphersuites", ssl_parse_global_ciphersuites },
12919 { CFG_GLOBAL, "ssl-default-server-ciphersuites", ssl_parse_global_ciphersuites },
12920#endif
William Lallemand3af48e72020-02-03 17:15:52 +010012921 { CFG_GLOBAL, "ssl-load-extra-files", ssl_parse_global_extra_files },
Emeric Brun2c86cbf2014-10-30 15:56:50 +010012922 { 0, NULL, NULL },
12923}};
12924
Willy Tarreau0108d902018-11-25 19:14:37 +010012925INITCALL1(STG_REGISTER, cfg_register_keywords, &cfg_kws);
12926
Willy Tarreauf7bc57c2012-10-03 00:19:48 +020012927/* transport-layer operations for SSL sockets */
Willy Tarreaud9f5cca2016-12-22 21:08:52 +010012928static struct xprt_ops ssl_sock = {
Emeric Brun46591952012-05-18 15:47:34 +020012929 .snd_buf = ssl_sock_from_buf,
12930 .rcv_buf = ssl_sock_to_buf,
Olivier Houcharddf357842019-03-21 16:30:07 +010012931 .subscribe = ssl_subscribe,
12932 .unsubscribe = ssl_unsubscribe,
Olivier Houchard5149b592019-05-23 17:47:36 +020012933 .remove_xprt = ssl_remove_xprt,
Olivier Houchard2e055482019-05-27 19:50:12 +020012934 .add_xprt = ssl_add_xprt,
Emeric Brun46591952012-05-18 15:47:34 +020012935 .rcv_pipe = NULL,
12936 .snd_pipe = NULL,
12937 .shutr = NULL,
12938 .shutw = ssl_sock_shutw,
12939 .close = ssl_sock_close,
12940 .init = ssl_sock_init,
Willy Tarreau55d37912016-12-21 23:38:39 +010012941 .prepare_bind_conf = ssl_sock_prepare_bind_conf,
Willy Tarreau795cdab2016-12-22 17:30:54 +010012942 .destroy_bind_conf = ssl_sock_destroy_bind_conf,
Willy Tarreau17d45382016-12-22 21:16:08 +010012943 .prepare_srv = ssl_sock_prepare_srv_ctx,
12944 .destroy_srv = ssl_sock_free_srv_ctx,
Willy Tarreau8743f7e2016-12-04 18:44:29 +010012945 .get_alpn = ssl_sock_get_alpn,
Willy Tarreau8e0bb0a2016-11-24 16:58:12 +010012946 .name = "SSL",
Emeric Brun46591952012-05-18 15:47:34 +020012947};
12948
Olivier Houchardccaa7de2017-10-02 11:51:03 +020012949enum act_return ssl_action_wait_for_hs(struct act_rule *rule, struct proxy *px,
12950 struct session *sess, struct stream *s, int flags)
12951{
12952 struct connection *conn;
Olivier Houchard6fa63d92017-11-27 18:41:32 +010012953 struct conn_stream *cs;
Olivier Houchardccaa7de2017-10-02 11:51:03 +020012954
12955 conn = objt_conn(sess->origin);
Olivier Houchard6fa63d92017-11-27 18:41:32 +010012956 cs = objt_cs(s->si[0].end);
Olivier Houchardccaa7de2017-10-02 11:51:03 +020012957
Olivier Houchard6fa63d92017-11-27 18:41:32 +010012958 if (conn && cs) {
Olivier Houchardccaa7de2017-10-02 11:51:03 +020012959 if (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_SSL_WAIT_HS)) {
Olivier Houchard6fa63d92017-11-27 18:41:32 +010012960 cs->flags |= CS_FL_WAIT_FOR_HS;
Olivier Houchardccaa7de2017-10-02 11:51:03 +020012961 s->req.flags |= CF_READ_NULL;
12962 return ACT_RET_YIELD;
12963 }
12964 }
12965 return (ACT_RET_CONT);
12966}
12967
12968static enum act_parse_ret ssl_parse_wait_for_hs(const char **args, int *orig_arg, struct proxy *px, struct act_rule *rule, char **err)
12969{
12970 rule->action_ptr = ssl_action_wait_for_hs;
12971
12972 return ACT_RET_PRS_OK;
12973}
12974
12975static struct action_kw_list http_req_actions = {ILH, {
12976 { "wait-for-handshake", ssl_parse_wait_for_hs },
12977 { /* END */ }
12978}};
12979
Willy Tarreau0108d902018-11-25 19:14:37 +010012980INITCALL1(STG_REGISTER, http_req_keywords_register, &http_req_actions);
12981
Willy Tarreau5db847a2019-05-09 14:13:35 +020012982#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +010012983
12984static void ssl_sock_sctl_free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp)
12985{
12986 if (ptr) {
12987 chunk_destroy(ptr);
12988 free(ptr);
12989 }
12990}
12991
12992#endif
Emmanuel Hocdetaaee7502017-03-07 18:34:58 +010012993static void ssl_sock_capture_free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp)
12994{
Willy Tarreaubafbe012017-11-24 17:34:44 +010012995 pool_free(pool_head_ssl_capture, ptr);
Emmanuel Hocdetaaee7502017-03-07 18:34:58 +010012996}
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +010012997
Emeric Brun46591952012-05-18 15:47:34 +020012998__attribute__((constructor))
Willy Tarreau92faadf2012-10-10 23:04:25 +020012999static void __ssl_sock_init(void)
13000{
Ilya Shipitsin0590f442019-05-25 19:30:50 +050013001#if (!defined(OPENSSL_NO_COMP) && !defined(SSL_OP_NO_COMPRESSION))
Emeric Brun46591952012-05-18 15:47:34 +020013002 STACK_OF(SSL_COMP)* cm;
Ilya Shipitsine242f3d2019-05-25 03:38:14 +050013003 int n;
Ilya Shipitsin0590f442019-05-25 19:30:50 +050013004#endif
Emeric Brun46591952012-05-18 15:47:34 +020013005
Willy Tarreauef934602016-12-22 23:12:01 +010013006 if (global_ssl.listen_default_ciphers)
13007 global_ssl.listen_default_ciphers = strdup(global_ssl.listen_default_ciphers);
13008 if (global_ssl.connect_default_ciphers)
13009 global_ssl.connect_default_ciphers = strdup(global_ssl.connect_default_ciphers);
Emmanuel Hocdet839af572019-05-14 16:27:35 +020013010#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020013011 if (global_ssl.listen_default_ciphersuites)
13012 global_ssl.listen_default_ciphersuites = strdup(global_ssl.listen_default_ciphersuites);
13013 if (global_ssl.connect_default_ciphersuites)
13014 global_ssl.connect_default_ciphersuites = strdup(global_ssl.connect_default_ciphersuites);
13015#endif
Willy Tarreau610f04b2014-02-13 11:36:41 +010013016
Willy Tarreau13e14102016-12-22 20:25:26 +010013017 xprt_register(XPRT_SSL, &ssl_sock);
Willy Tarreau9a1ab082019-05-09 13:26:41 +020013018#if HA_OPENSSL_VERSION_NUMBER < 0x10100000L
Emeric Brun46591952012-05-18 15:47:34 +020013019 SSL_library_init();
Rosen Penev68185952018-12-14 08:47:02 -080013020#endif
Ilya Shipitsin0590f442019-05-25 19:30:50 +050013021#if (!defined(OPENSSL_NO_COMP) && !defined(SSL_OP_NO_COMPRESSION))
Emeric Brun46591952012-05-18 15:47:34 +020013022 cm = SSL_COMP_get_compression_methods();
Ilya Shipitsine242f3d2019-05-25 03:38:14 +050013023 n = sk_SSL_COMP_num(cm);
13024 while (n--) {
13025 (void) sk_SSL_COMP_pop(cm);
13026 }
Ilya Shipitsin0590f442019-05-25 19:30:50 +050013027#endif
Ilya Shipitsine242f3d2019-05-25 03:38:14 +050013028
Willy Tarreau5db847a2019-05-09 14:13:35 +020013029#if defined(USE_THREAD) && (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Emeric Brun821bb9b2017-06-15 16:37:39 +020013030 ssl_locking_init();
13031#endif
Willy Tarreau5db847a2019-05-09 14:13:35 +020013032#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +010013033 sctl_ex_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, ssl_sock_sctl_free_func);
13034#endif
Thierry FOURNIER28962c92018-06-17 21:37:05 +020013035 ssl_app_data_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL);
Thierry FOURNIER16ff0502018-06-17 21:33:01 +020013036 ssl_capture_ptr_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, ssl_sock_capture_free_func);
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020013037#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +000013038 ENGINE_load_builtin_engines();
Grant Zhangfa6c7ee2017-01-14 01:42:15 +000013039 hap_register_post_check(ssl_check_async_engine_count);
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020013040#endif
Willy Tarreaud1c57502016-12-22 22:46:15 +010013041#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
13042 hap_register_post_check(tlskeys_finalize_config);
13043#endif
Willy Tarreau80713382018-11-26 10:19:54 +010013044
13045 global.ssl_session_max_cost = SSL_SESSION_MAX_COST;
13046 global.ssl_handshake_max_cost = SSL_HANDSHAKE_MAX_COST;
13047
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +010013048 hap_register_post_deinit(ssl_free_global_issuers);
13049
Willy Tarreau80713382018-11-26 10:19:54 +010013050#ifndef OPENSSL_NO_DH
13051 ssl_dh_ptr_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL);
13052 hap_register_post_deinit(ssl_free_dh);
13053#endif
13054#ifndef OPENSSL_NO_ENGINE
13055 hap_register_post_deinit(ssl_free_engines);
13056#endif
13057 /* Load SSL string for the verbose & debug mode. */
13058 ERR_load_SSL_strings();
Olivier Houcharda8955d52019-04-07 22:00:38 +020013059 ha_meth = BIO_meth_new(0x666, "ha methods");
13060 BIO_meth_set_write(ha_meth, ha_ssl_write);
13061 BIO_meth_set_read(ha_meth, ha_ssl_read);
13062 BIO_meth_set_ctrl(ha_meth, ha_ssl_ctrl);
13063 BIO_meth_set_create(ha_meth, ha_ssl_new);
13064 BIO_meth_set_destroy(ha_meth, ha_ssl_free);
13065 BIO_meth_set_puts(ha_meth, ha_ssl_puts);
13066 BIO_meth_set_gets(ha_meth, ha_ssl_gets);
William Lallemand150bfa82019-09-19 17:12:49 +020013067
13068 HA_SPIN_INIT(&ckch_lock);
Dragan Dosen1e7ed042020-05-08 18:30:00 +020013069
Dragan Dosen9ac98092020-05-11 15:51:45 +020013070 /* Try to register dedicated SSL/TLS protocol message callbacks for
13071 * heartbleed attack (CVE-2014-0160) and clienthello.
13072 */
13073 hap_register_post_check(ssl_sock_register_msg_callbacks);
13074
Dragan Dosen1e7ed042020-05-08 18:30:00 +020013075 /* Try to free all callbacks that were registered by using
13076 * ssl_sock_register_msg_callback().
13077 */
13078 hap_register_post_deinit(ssl_sock_unregister_msg_callbacks);
Willy Tarreau80713382018-11-26 10:19:54 +010013079}
Willy Tarreaud92aa5c2015-01-15 21:34:39 +010013080
Willy Tarreau80713382018-11-26 10:19:54 +010013081/* Compute and register the version string */
13082static void ssl_register_build_options()
13083{
13084 char *ptr = NULL;
13085 int i;
13086
Willy Tarreauc2c0b612016-12-21 19:23:20 +010013087 memprintf(&ptr, "Built with OpenSSL version : "
13088#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet50e25e12017-03-24 15:20:03 +010013089 "BoringSSL");
Willy Tarreauc2c0b612016-12-21 19:23:20 +010013090#else /* OPENSSL_IS_BORINGSSL */
13091 OPENSSL_VERSION_TEXT
13092 "\nRunning on OpenSSL version : %s%s",
Rosen Penev68185952018-12-14 08:47:02 -080013093 OpenSSL_version(OPENSSL_VERSION),
Willy Tarreau1d158ab2019-05-09 13:41:45 +020013094 ((OPENSSL_VERSION_NUMBER ^ OpenSSL_version_num()) >> 8) ? " (VERSIONS DIFFER!)" : "");
Willy Tarreauc2c0b612016-12-21 19:23:20 +010013095#endif
13096 memprintf(&ptr, "%s\nOpenSSL library supports TLS extensions : "
Willy Tarreau9a1ab082019-05-09 13:26:41 +020013097#if HA_OPENSSL_VERSION_NUMBER < 0x00907000L
Willy Tarreauc2c0b612016-12-21 19:23:20 +010013098 "no (library version too old)"
13099#elif defined(OPENSSL_NO_TLSEXT)
13100 "no (disabled via OPENSSL_NO_TLSEXT)"
13101#else
13102 "yes"
13103#endif
13104 "", ptr);
13105
13106 memprintf(&ptr, "%s\nOpenSSL library supports SNI : "
13107#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
13108 "yes"
13109#else
13110#ifdef OPENSSL_NO_TLSEXT
13111 "no (because of OPENSSL_NO_TLSEXT)"
13112#else
13113 "no (version might be too old, 0.9.8f min needed)"
13114#endif
13115#endif
13116 "", ptr);
13117
Emmanuel Hocdetf80bc242017-07-12 14:25:38 +020013118 memprintf(&ptr, "%s\nOpenSSL library supports :", ptr);
13119 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
13120 if (methodVersions[i].option)
13121 memprintf(&ptr, "%s %s", ptr, methodVersions[i].name);
Emmanuel Hocdet50e25e12017-03-24 15:20:03 +010013122
Willy Tarreauc2c0b612016-12-21 19:23:20 +010013123 hap_register_build_opts(ptr, 1);
Willy Tarreau80713382018-11-26 10:19:54 +010013124}
Willy Tarreauc2c0b612016-12-21 19:23:20 +010013125
Willy Tarreau80713382018-11-26 10:19:54 +010013126INITCALL0(STG_REGISTER, ssl_register_build_options);
Remi Gacogne4f902b82015-05-28 16:23:00 +020013127
Emeric Brun46591952012-05-18 15:47:34 +020013128
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020013129#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +000013130void ssl_free_engines(void) {
13131 struct ssl_engine_list *wl, *wlb;
13132 /* free up engine list */
13133 list_for_each_entry_safe(wl, wlb, &openssl_engines, list) {
13134 ENGINE_finish(wl->e);
13135 ENGINE_free(wl->e);
13136 LIST_DEL(&wl->list);
13137 free(wl);
13138 }
13139}
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020013140#endif
Christopher Faulet31af49d2015-06-09 17:29:50 +020013141
Remi Gacogned3a23c32015-05-28 16:39:47 +020013142#ifndef OPENSSL_NO_DH
Grant Zhang872f9c22017-01-21 01:10:18 +000013143void ssl_free_dh(void) {
13144 if (local_dh_1024) {
13145 DH_free(local_dh_1024);
13146 local_dh_1024 = NULL;
13147 }
13148 if (local_dh_2048) {
13149 DH_free(local_dh_2048);
13150 local_dh_2048 = NULL;
13151 }
13152 if (local_dh_4096) {
13153 DH_free(local_dh_4096);
13154 local_dh_4096 = NULL;
13155 }
Remi Gacogne47783ef2015-05-29 15:53:22 +020013156 if (global_dh) {
13157 DH_free(global_dh);
13158 global_dh = NULL;
13159 }
Grant Zhang872f9c22017-01-21 01:10:18 +000013160}
13161#endif
13162
13163__attribute__((destructor))
13164static void __ssl_sock_deinit(void)
13165{
13166#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Emeric Brun821bb9b2017-06-15 16:37:39 +020013167 if (ssl_ctx_lru_tree) {
13168 lru64_destroy(ssl_ctx_lru_tree);
Christopher Faulet2a944ee2017-11-07 10:42:54 +010013169 HA_RWLOCK_DESTROY(&ssl_ctx_lru_rwlock);
Emeric Brun821bb9b2017-06-15 16:37:39 +020013170 }
Remi Gacogned3a23c32015-05-28 16:39:47 +020013171#endif
13172
Willy Tarreau5db847a2019-05-09 14:13:35 +020013173#if (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Remi Gacogned3a23c32015-05-28 16:39:47 +020013174 ERR_remove_state(0);
13175 ERR_free_strings();
13176
13177 EVP_cleanup();
Rosen Penev68185952018-12-14 08:47:02 -080013178#endif
Remi Gacogned3a23c32015-05-28 16:39:47 +020013179
Willy Tarreau5db847a2019-05-09 14:13:35 +020013180#if (HA_OPENSSL_VERSION_NUMBER >= 0x00907000L) && (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Remi Gacogned3a23c32015-05-28 16:39:47 +020013181 CRYPTO_cleanup_all_ex_data();
13182#endif
Olivier Houcharda8955d52019-04-07 22:00:38 +020013183 BIO_meth_free(ha_meth);
Remi Gacogned3a23c32015-05-28 16:39:47 +020013184}
13185
13186
Emeric Brun46591952012-05-18 15:47:34 +020013187/*
13188 * Local variables:
13189 * c-indent-level: 8
13190 * c-basic-offset: 8
13191 * End:
13192 */