blob: 3943d186b9561396ec4a9d57bc9830726a7ba5ef [file] [log] [blame]
yanbzhu08ce6ab2015-12-02 13:01:29 -05001
Emeric Brun46591952012-05-18 15:47:34 +02002/*
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02003 * SSL/TLS transport layer over SOCK_STREAM sockets
Emeric Brun46591952012-05-18 15:47:34 +02004 *
5 * Copyright (C) 2012 EXCELIANCE, Emeric Brun <ebrun@exceliance.fr>
6 *
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version
10 * 2 of the License, or (at your option) any later version.
11 *
Willy Tarreau69845df2012-09-10 09:43:09 +020012 * Acknowledgement:
13 * We'd like to specially thank the Stud project authors for a very clean
14 * and well documented code which helped us understand how the OpenSSL API
15 * ought to be used in non-blocking mode. This is one difficult part which
16 * is not easy to get from the OpenSSL doc, and reading the Stud code made
17 * it much more obvious than the examples in the OpenSSL package. Keep up
18 * the good works, guys !
19 *
20 * Stud is an extremely efficient and scalable SSL/TLS proxy which combines
21 * particularly well with haproxy. For more info about this project, visit :
22 * https://github.com/bumptech/stud
23 *
Emeric Brun46591952012-05-18 15:47:34 +020024 */
25
Willy Tarreau8d164dc2019-05-10 09:35:00 +020026/* Note: do NOT include openssl/xxx.h here, do it in openssl-compat.h */
Emeric Brun46591952012-05-18 15:47:34 +020027#define _GNU_SOURCE
Emeric Brunfc0421f2012-09-07 17:30:07 +020028#include <ctype.h>
29#include <dirent.h>
Emeric Brun46591952012-05-18 15:47:34 +020030#include <errno.h>
31#include <fcntl.h>
32#include <stdio.h>
33#include <stdlib.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020034#include <string.h>
35#include <unistd.h>
Emeric Brun46591952012-05-18 15:47:34 +020036
37#include <sys/socket.h>
38#include <sys/stat.h>
39#include <sys/types.h>
Christopher Faulet31af49d2015-06-09 17:29:50 +020040#include <netdb.h>
Emeric Brun46591952012-05-18 15:47:34 +020041#include <netinet/tcp.h>
42
Christopher Faulet31af49d2015-06-09 17:29:50 +020043#include <import/lru.h>
44#include <import/xxhash.h>
45
Emeric Brun46591952012-05-18 15:47:34 +020046#include <common/buffer.h>
Willy Tarreau843b7cb2018-07-13 10:54:26 +020047#include <common/chunk.h>
Emeric Brun46591952012-05-18 15:47:34 +020048#include <common/compat.h>
49#include <common/config.h>
50#include <common/debug.h>
Willy Tarreau79eeafa2012-09-14 07:53:05 +020051#include <common/errors.h>
Willy Tarreau0108d902018-11-25 19:14:37 +010052#include <common/initcall.h>
Willy Tarreau55994562019-05-09 14:52:44 +020053#include <common/openssl-compat.h>
Emeric Brun46591952012-05-18 15:47:34 +020054#include <common/standard.h>
55#include <common/ticks.h>
56#include <common/time.h>
Emeric Brun2c86cbf2014-10-30 15:56:50 +010057#include <common/cfgparse.h>
Nenad Merdanovic05552d42015-02-27 19:56:49 +010058#include <common/base64.h>
Emeric Brun46591952012-05-18 15:47:34 +020059
Emeric Brunfc0421f2012-09-07 17:30:07 +020060#include <ebsttree.h>
61
William Lallemand32af2032016-10-29 18:09:35 +020062#include <types/applet.h>
63#include <types/cli.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020064#include <types/global.h>
65#include <types/ssl_sock.h>
William Lallemand32af2032016-10-29 18:09:35 +020066#include <types/stats.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020067
Willy Tarreau7875d092012-09-10 08:20:03 +020068#include <proto/acl.h>
69#include <proto/arg.h>
William Lallemand32af2032016-10-29 18:09:35 +020070#include <proto/channel.h>
Emeric Brun46591952012-05-18 15:47:34 +020071#include <proto/connection.h>
William Lallemand32af2032016-10-29 18:09:35 +020072#include <proto/cli.h>
Emeric Brun46591952012-05-18 15:47:34 +020073#include <proto/fd.h>
74#include <proto/freq_ctr.h>
75#include <proto/frontend.h>
Willy Tarreau61c112a2018-10-02 16:43:32 +020076#include <proto/http_rules.h>
Willy Tarreau79eeafa2012-09-14 07:53:05 +020077#include <proto/listener.h>
Thierry FOURNIERed66c292013-11-28 11:05:19 +010078#include <proto/pattern.h>
Christopher Faulet31af49d2015-06-09 17:29:50 +020079#include <proto/proto_tcp.h>
Christopher Fauletfc9cfe42019-07-16 14:54:53 +020080#include <proto/http_ana.h>
Willy Tarreau92faadf2012-10-10 23:04:25 +020081#include <proto/server.h>
William Lallemand32af2032016-10-29 18:09:35 +020082#include <proto/stream_interface.h>
Emeric Brun46591952012-05-18 15:47:34 +020083#include <proto/log.h>
Emeric Brun94324a42012-10-11 14:00:19 +020084#include <proto/proxy.h>
Emeric Brunfc0421f2012-09-07 17:30:07 +020085#include <proto/shctx.h>
Emeric Brun46591952012-05-18 15:47:34 +020086#include <proto/ssl_sock.h>
Willy Tarreau9ad7bd42015-04-03 19:19:59 +020087#include <proto/stream.h>
Emeric Brun46591952012-05-18 15:47:34 +020088#include <proto/task.h>
Nenad Merdanovicc31499d2019-03-23 11:00:32 +010089#include <proto/vars.h>
Emeric Brun46591952012-05-18 15:47:34 +020090
Willy Tarreau9356dac2019-05-10 09:22:53 +020091/* ***** READ THIS before adding code here! *****
92 *
93 * Due to API incompatibilities between multiple OpenSSL versions and their
94 * derivatives, it's often tempting to add macros to (re-)define certain
95 * symbols. Please do not do this here, and do it in common/openssl-compat.h
96 * exclusively so that the whole code consistently uses the same macros.
97 *
98 * Whenever possible if a macro is missing in certain versions, it's better
99 * to conditionally define it in openssl-compat.h than using lots of ifdefs.
100 */
101
Willy Tarreau518cedd2014-02-17 15:43:01 +0100102/* Warning, these are bits, not integers! */
Emeric Brune64aef12012-09-21 13:15:06 +0200103#define SSL_SOCK_ST_FL_VERIFY_DONE 0x00000001
Emeric Brund8b2bb52014-01-28 15:43:53 +0100104#define SSL_SOCK_ST_FL_16K_WBFSIZE 0x00000002
Willy Tarreau518cedd2014-02-17 15:43:01 +0100105#define SSL_SOCK_SEND_UNLIMITED 0x00000004
Emeric Brun29f037d2014-04-25 19:05:36 +0200106#define SSL_SOCK_RECV_HEARTBEAT 0x00000008
107
Emeric Brunf282a812012-09-21 15:27:54 +0200108/* bits 0xFFFF0000 are reserved to store verify errors */
109
110/* Verify errors macros */
111#define SSL_SOCK_CA_ERROR_TO_ST(e) (((e > 63) ? 63 : e) << (16))
112#define SSL_SOCK_CAEDEPTH_TO_ST(d) (((d > 15) ? 15 : d) << (6+16))
113#define SSL_SOCK_CRTERROR_TO_ST(e) (((e > 63) ? 63 : e) << (4+6+16))
114
115#define SSL_SOCK_ST_TO_CA_ERROR(s) ((s >> (16)) & 63)
116#define SSL_SOCK_ST_TO_CAEDEPTH(s) ((s >> (6+16)) & 15)
117#define SSL_SOCK_ST_TO_CRTERROR(s) ((s >> (4+6+16)) & 63)
Emeric Brune64aef12012-09-21 13:15:06 +0200118
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200119/* ssl_methods flags for ssl options */
120#define MC_SSL_O_ALL 0x0000
121#define MC_SSL_O_NO_SSLV3 0x0001 /* disable SSLv3 */
122#define MC_SSL_O_NO_TLSV10 0x0002 /* disable TLSv10 */
123#define MC_SSL_O_NO_TLSV11 0x0004 /* disable TLSv11 */
124#define MC_SSL_O_NO_TLSV12 0x0008 /* disable TLSv12 */
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +0200125#define MC_SSL_O_NO_TLSV13 0x0010 /* disable TLSv13 */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200126
William Lallemand3af48e72020-02-03 17:15:52 +0100127/* file to guess during file loading */
128#define SSL_GF_NONE 0x00000000 /* Don't guess any file, only open the files specified in the configuration files */
129#define SSL_GF_BUNDLE 0x00000001 /* try to open the bundles */
130#define SSL_GF_SCTL 0x00000002 /* try to open the .sctl file */
131#define SSL_GF_OCSP 0x00000004 /* try to open the .ocsp file */
132#define SSL_GF_OCSP_ISSUER 0x00000008 /* try to open the .issuer file if an OCSP file was loaded */
William Lallemand4c5adbf2020-02-24 14:23:22 +0100133#define SSL_GF_KEY 0x00000010 /* try to open the .key file to load a private key */
William Lallemand3af48e72020-02-03 17:15:52 +0100134
William Lallemand4c5adbf2020-02-24 14:23:22 +0100135#define SSL_GF_ALL (SSL_GF_BUNDLE|SSL_GF_SCTL|SSL_GF_OCSP|SSL_GF_OCSP_ISSUER|SSL_GF_KEY)
William Lallemand3af48e72020-02-03 17:15:52 +0100136
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200137/* ssl_methods versions */
138enum {
139 CONF_TLSV_NONE = 0,
140 CONF_TLSV_MIN = 1,
141 CONF_SSLV3 = 1,
142 CONF_TLSV10 = 2,
143 CONF_TLSV11 = 3,
144 CONF_TLSV12 = 4,
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +0200145 CONF_TLSV13 = 5,
146 CONF_TLSV_MAX = 5,
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200147};
148
Emeric Brun850efd52014-01-29 12:24:34 +0100149/* server and bind verify method, it uses a global value as default */
150enum {
151 SSL_SOCK_VERIFY_DEFAULT = 0,
152 SSL_SOCK_VERIFY_REQUIRED = 1,
153 SSL_SOCK_VERIFY_OPTIONAL = 2,
154 SSL_SOCK_VERIFY_NONE = 3,
155};
156
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +0100157/* issuer chain store with hash of Subject Key Identifier
158 certificate/issuer matching is verify with X509_check_issued
159*/
160struct issuer_chain {
161 struct eb64_node node;
162 STACK_OF(X509) *chain;
163 char *path;
164};
William Lallemand3f85c9a2017-10-09 16:30:50 +0200165
Willy Tarreau71b734c2014-01-28 15:19:44 +0100166int sslconns = 0;
167int totalsslconns = 0;
Willy Tarreaud9f5cca2016-12-22 21:08:52 +0100168static struct xprt_ops ssl_sock;
Emeric Brunece0c332017-12-06 13:51:49 +0100169int nb_engines = 0;
Emeric Brune1f38db2012-09-03 20:36:47 +0200170
Willy Tarreauef934602016-12-22 23:12:01 +0100171static struct {
172 char *crt_base; /* base directory path for certificates */
173 char *ca_base; /* base directory path for CAs and CRLs */
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +0100174 char *issuers_chain_path; /* from "issuers-chain-path" */
175 struct eb_root cert_issuer_tree; /* issuers tree from "issuers-chain-path" */
176
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000177 int async; /* whether we use ssl async mode */
Willy Tarreauef934602016-12-22 23:12:01 +0100178
179 char *listen_default_ciphers;
180 char *connect_default_ciphers;
Emmanuel Hocdet839af572019-05-14 16:27:35 +0200181#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200182 char *listen_default_ciphersuites;
183 char *connect_default_ciphersuites;
184#endif
Willy Tarreauef934602016-12-22 23:12:01 +0100185 int listen_default_ssloptions;
186 int connect_default_ssloptions;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200187 struct tls_version_filter listen_default_sslmethods;
188 struct tls_version_filter connect_default_sslmethods;
Willy Tarreauef934602016-12-22 23:12:01 +0100189
190 int private_cache; /* Force to use a private session cache even if nbproc > 1 */
191 unsigned int life_time; /* SSL session lifetime in seconds */
192 unsigned int max_record; /* SSL max record size */
193 unsigned int default_dh_param; /* SSL maximum DH parameter size */
194 int ctx_cache; /* max number of entries in the ssl_ctx cache. */
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100195 int capture_cipherlist; /* Size of the cipherlist buffer. */
William Lallemand3af48e72020-02-03 17:15:52 +0100196 int extra_files; /* which files not defined in the configuration file are we looking for */
Willy Tarreauef934602016-12-22 23:12:01 +0100197} global_ssl = {
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +0100198 .cert_issuer_tree = EB_ROOT,
Willy Tarreauef934602016-12-22 23:12:01 +0100199#ifdef LISTEN_DEFAULT_CIPHERS
200 .listen_default_ciphers = LISTEN_DEFAULT_CIPHERS,
201#endif
202#ifdef CONNECT_DEFAULT_CIPHERS
203 .connect_default_ciphers = CONNECT_DEFAULT_CIPHERS,
204#endif
Emmanuel Hocdet839af572019-05-14 16:27:35 +0200205#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +0200206#ifdef LISTEN_DEFAULT_CIPHERSUITES
207 .listen_default_ciphersuites = LISTEN_DEFAULT_CIPHERSUITES,
208#endif
209#ifdef CONNECT_DEFAULT_CIPHERSUITES
210 .connect_default_ciphersuites = CONNECT_DEFAULT_CIPHERSUITES,
211#endif
212#endif
Willy Tarreauef934602016-12-22 23:12:01 +0100213 .listen_default_ssloptions = BC_SSL_O_NONE,
214 .connect_default_ssloptions = SRV_SSL_O_NONE,
215
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +0200216 .listen_default_sslmethods.flags = MC_SSL_O_ALL,
217 .listen_default_sslmethods.min = CONF_TLSV_NONE,
218 .listen_default_sslmethods.max = CONF_TLSV_NONE,
219 .connect_default_sslmethods.flags = MC_SSL_O_ALL,
220 .connect_default_sslmethods.min = CONF_TLSV_NONE,
221 .connect_default_sslmethods.max = CONF_TLSV_NONE,
222
Willy Tarreauef934602016-12-22 23:12:01 +0100223#ifdef DEFAULT_SSL_MAX_RECORD
224 .max_record = DEFAULT_SSL_MAX_RECORD,
225#endif
226 .default_dh_param = SSL_DEFAULT_DH_PARAM,
227 .ctx_cache = DEFAULT_SSL_CTX_CACHE,
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100228 .capture_cipherlist = 0,
William Lallemand3af48e72020-02-03 17:15:52 +0100229 .extra_files = SSL_GF_ALL,
Willy Tarreauef934602016-12-22 23:12:01 +0100230};
231
Olivier Houcharda8955d52019-04-07 22:00:38 +0200232static BIO_METHOD *ha_meth;
233
Olivier Houchard66ab4982019-02-26 18:37:15 +0100234struct ssl_sock_ctx {
Olivier Houcharda8955d52019-04-07 22:00:38 +0200235 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100236 SSL *ssl;
Olivier Houcharda8955d52019-04-07 22:00:38 +0200237 BIO *bio;
Olivier Houchard5149b592019-05-23 17:47:36 +0200238 const struct xprt_ops *xprt;
Olivier Houchard66ab4982019-02-26 18:37:15 +0100239 void *xprt_ctx;
Olivier Houchardea8dd942019-05-20 14:02:16 +0200240 struct wait_event wait_event;
Willy Tarreau113d52b2020-01-10 09:20:26 +0100241 struct wait_event *subs;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100242 int xprt_st; /* transport layer state, initialized to zero */
Olivier Houchard54907bb2019-12-19 15:02:39 +0100243 struct buffer early_buf; /* buffer to store the early data received */
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +0100244 int sent_early_data; /* Amount of early data we sent so far */
245
Olivier Houchard66ab4982019-02-26 18:37:15 +0100246};
247
248DECLARE_STATIC_POOL(ssl_sock_ctx_pool, "ssl_sock_ctx_pool", sizeof(struct ssl_sock_ctx));
249
Olivier Houchardea8dd942019-05-20 14:02:16 +0200250static struct task *ssl_sock_io_cb(struct task *, void *, unsigned short);
Olivier Houchard000694c2019-05-23 14:45:12 +0200251static int ssl_sock_handshake(struct connection *conn, unsigned int flag);
Olivier Houchardea8dd942019-05-20 14:02:16 +0200252
Olivier Houcharda8955d52019-04-07 22:00:38 +0200253/* Methods to implement OpenSSL BIO */
254static int ha_ssl_write(BIO *h, const char *buf, int num)
255{
256 struct buffer tmpbuf;
257 struct ssl_sock_ctx *ctx;
258 int ret;
259
260 ctx = BIO_get_data(h);
261 tmpbuf.size = num;
262 tmpbuf.area = (void *)(uintptr_t)buf;
263 tmpbuf.data = num;
264 tmpbuf.head = 0;
265 ret = ctx->xprt->snd_buf(ctx->conn, ctx->xprt_ctx, &tmpbuf, num, 0);
Olivier Houchardb51937e2019-05-01 17:24:36 +0200266 if (ret == 0 && !(ctx->conn->flags & (CO_FL_ERROR | CO_FL_SOCK_WR_SH))) {
Olivier Houcharda8955d52019-04-07 22:00:38 +0200267 BIO_set_retry_write(h);
Olivier Houcharda28454e2019-04-24 12:04:36 +0200268 ret = -1;
Olivier Houchardb51937e2019-05-01 17:24:36 +0200269 } else if (ret == 0)
270 BIO_clear_retry_flags(h);
Olivier Houcharda8955d52019-04-07 22:00:38 +0200271 return ret;
272}
273
274static int ha_ssl_gets(BIO *h, char *buf, int size)
275{
276
277 return 0;
278}
279
280static int ha_ssl_puts(BIO *h, const char *str)
281{
282
283 return ha_ssl_write(h, str, strlen(str));
284}
285
286static int ha_ssl_read(BIO *h, char *buf, int size)
287{
288 struct buffer tmpbuf;
289 struct ssl_sock_ctx *ctx;
290 int ret;
291
292 ctx = BIO_get_data(h);
293 tmpbuf.size = size;
294 tmpbuf.area = buf;
295 tmpbuf.data = 0;
296 tmpbuf.head = 0;
297 ret = ctx->xprt->rcv_buf(ctx->conn, ctx->xprt_ctx, &tmpbuf, size, 0);
Olivier Houchardb51937e2019-05-01 17:24:36 +0200298 if (ret == 0 && !(ctx->conn->flags & (CO_FL_ERROR | CO_FL_SOCK_RD_SH))) {
Olivier Houcharda8955d52019-04-07 22:00:38 +0200299 BIO_set_retry_read(h);
Olivier Houcharda28454e2019-04-24 12:04:36 +0200300 ret = -1;
Olivier Houchardb51937e2019-05-01 17:24:36 +0200301 } else if (ret == 0)
302 BIO_clear_retry_flags(h);
Olivier Houcharda8955d52019-04-07 22:00:38 +0200303
304 return ret;
305}
306
307static long ha_ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2)
308{
309 int ret = 0;
310 switch (cmd) {
311 case BIO_CTRL_DUP:
312 case BIO_CTRL_FLUSH:
313 ret = 1;
314 break;
315 }
316 return ret;
317}
318
319static int ha_ssl_new(BIO *h)
320{
321 BIO_set_init(h, 1);
322 BIO_set_data(h, NULL);
323 BIO_clear_flags(h, ~0);
324 return 1;
325}
326
327static int ha_ssl_free(BIO *data)
328{
329
330 return 1;
331}
332
333
Willy Tarreau5db847a2019-05-09 14:13:35 +0200334#if defined(USE_THREAD) && (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Christopher Faulet9dcf9b62017-11-13 10:34:01 +0100335
Emeric Brun821bb9b2017-06-15 16:37:39 +0200336static HA_RWLOCK_T *ssl_rwlocks;
337
338
339unsigned long ssl_id_function(void)
340{
341 return (unsigned long)tid;
342}
343
344void ssl_locking_function(int mode, int n, const char * file, int line)
345{
346 if (mode & CRYPTO_LOCK) {
347 if (mode & CRYPTO_READ)
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100348 HA_RWLOCK_RDLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200349 else
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100350 HA_RWLOCK_WRLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200351 }
352 else {
353 if (mode & CRYPTO_READ)
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100354 HA_RWLOCK_RDUNLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200355 else
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100356 HA_RWLOCK_WRUNLOCK(SSL_LOCK, &ssl_rwlocks[n]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200357 }
358}
359
360static int ssl_locking_init(void)
361{
362 int i;
363
364 ssl_rwlocks = malloc(sizeof(HA_RWLOCK_T)*CRYPTO_num_locks());
365 if (!ssl_rwlocks)
366 return -1;
367
368 for (i = 0 ; i < CRYPTO_num_locks() ; i++)
Christopher Faulet2a944ee2017-11-07 10:42:54 +0100369 HA_RWLOCK_INIT(&ssl_rwlocks[i]);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200370
371 CRYPTO_set_id_callback(ssl_id_function);
372 CRYPTO_set_locking_callback(ssl_locking_function);
373
374 return 0;
375}
Christopher Faulet9dcf9b62017-11-13 10:34:01 +0100376
Emeric Brun821bb9b2017-06-15 16:37:39 +0200377#endif
378
William Lallemand150bfa82019-09-19 17:12:49 +0200379__decl_hathreads(HA_SPINLOCK_T ckch_lock);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200380
William Lallemandbc6ca7c2019-10-29 23:48:19 +0100381/* Uncommitted CKCH transaction */
382
383static struct {
384 struct ckch_store *new_ckchs;
385 struct ckch_store *old_ckchs;
386 char *path;
387} ckchs_transaction;
388
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +0200389/*
Emmanuel Hocdetb270e812019-11-21 19:09:31 +0100390 * deduplicate cafile (and crlfile)
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +0200391 */
392struct cafile_entry {
393 X509_STORE *ca_store;
Emmanuel Hocdet129d3282019-10-24 18:08:51 +0200394 STACK_OF(X509_NAME) *ca_list;
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +0200395 struct ebmb_node node;
396 char path[0];
397};
398
399static struct eb_root cafile_tree = EB_ROOT_UNIQUE;
400
401static X509_STORE* ssl_store_get0_locations_file(char *path)
402{
403 struct ebmb_node *eb;
404
405 eb = ebst_lookup(&cafile_tree, path);
406 if (eb) {
407 struct cafile_entry *ca_e;
408 ca_e = ebmb_entry(eb, struct cafile_entry, node);
409 return ca_e->ca_store;
410 }
411 return NULL;
412}
413
414static int ssl_store_load_locations_file(char *path)
415{
416 if (ssl_store_get0_locations_file(path) == NULL) {
417 struct cafile_entry *ca_e;
418 X509_STORE *store = X509_STORE_new();
419 if (X509_STORE_load_locations(store, path, NULL)) {
420 int pathlen;
421 pathlen = strlen(path);
422 ca_e = calloc(1, sizeof(*ca_e) + pathlen + 1);
423 if (ca_e) {
424 memcpy(ca_e->path, path, pathlen + 1);
425 ca_e->ca_store = store;
426 ebst_insert(&cafile_tree, &ca_e->node);
427 return 1;
428 }
429 }
430 X509_STORE_free(store);
431 return 0;
432 }
433 return 1;
434}
435
436/* mimic what X509_STORE_load_locations do with store_ctx */
437static int ssl_set_cert_crl_file(X509_STORE *store_ctx, char *path)
438{
439 X509_STORE *store;
440 store = ssl_store_get0_locations_file(path);
441 if (store_ctx && store) {
442 int i;
443 X509_OBJECT *obj;
444 STACK_OF(X509_OBJECT) *objs = X509_STORE_get0_objects(store);
445 for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
446 obj = sk_X509_OBJECT_value(objs, i);
447 switch (X509_OBJECT_get_type(obj)) {
448 case X509_LU_X509:
449 X509_STORE_add_cert(store_ctx, X509_OBJECT_get0_X509(obj));
450 break;
451 case X509_LU_CRL:
452 X509_STORE_add_crl(store_ctx, X509_OBJECT_get0_X509_CRL(obj));
453 break;
454 default:
455 break;
456 }
457 }
458 return 1;
459 }
460 return 0;
461}
462
463/* SSL_CTX_load_verify_locations substitute, internaly call X509_STORE_load_locations */
464static int ssl_set_verify_locations_file(SSL_CTX *ctx, char *path)
465{
466 X509_STORE *store_ctx = SSL_CTX_get_cert_store(ctx);
467 return ssl_set_cert_crl_file(store_ctx, path);
468}
469
Emmanuel Hocdet129d3282019-10-24 18:08:51 +0200470/*
471 Extract CA_list from CA_file already in tree.
472 Duplicate ca_name is tracking with ebtree. It's simplify openssl compatibility.
473 Return a shared ca_list: SSL_dup_CA_list must be used before set it on SSL_CTX.
474*/
475static STACK_OF(X509_NAME)* ssl_get_client_ca_file(char *path)
476{
477 struct ebmb_node *eb;
478 struct cafile_entry *ca_e;
479
480 eb = ebst_lookup(&cafile_tree, path);
481 if (!eb)
482 return NULL;
483 ca_e = ebmb_entry(eb, struct cafile_entry, node);
484
485 if (ca_e->ca_list == NULL) {
486 int i;
487 unsigned long key;
488 struct eb_root ca_name_tree = EB_ROOT;
489 struct eb64_node *node, *back;
490 struct {
491 struct eb64_node node;
492 X509_NAME *xname;
493 } *ca_name;
494 STACK_OF(X509_OBJECT) *objs;
495 STACK_OF(X509_NAME) *skn;
496 X509 *x;
497 X509_NAME *xn;
498
499 skn = sk_X509_NAME_new_null();
500 /* take x509 from cafile_tree */
501 objs = X509_STORE_get0_objects(ca_e->ca_store);
502 for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
503 x = X509_OBJECT_get0_X509(sk_X509_OBJECT_value(objs, i));
504 if (!x)
505 continue;
506 xn = X509_get_subject_name(x);
507 if (!xn)
508 continue;
509 /* Check for duplicates. */
510 key = X509_NAME_hash(xn);
511 for (node = eb64_lookup(&ca_name_tree, key), ca_name = NULL;
512 node && ca_name == NULL;
513 node = eb64_next(node)) {
514 ca_name = container_of(node, typeof(*ca_name), node);
515 if (X509_NAME_cmp(xn, ca_name->xname) != 0)
516 ca_name = NULL;
517 }
518 /* find a duplicate */
519 if (ca_name)
520 continue;
521 ca_name = calloc(1, sizeof *ca_name);
522 xn = X509_NAME_dup(xn);
523 if (!ca_name ||
524 !xn ||
525 !sk_X509_NAME_push(skn, xn)) {
526 free(ca_name);
527 X509_NAME_free(xn);
528 sk_X509_NAME_pop_free(skn, X509_NAME_free);
529 sk_X509_NAME_free(skn);
530 skn = NULL;
531 break;
532 }
533 ca_name->node.key = key;
534 ca_name->xname = xn;
535 eb64_insert(&ca_name_tree, &ca_name->node);
536 }
537 ca_e->ca_list = skn;
538 /* remove temporary ca_name tree */
539 node = eb64_first(&ca_name_tree);
540 while (node) {
541 ca_name = container_of(node, typeof(*ca_name), node);
542 back = eb64_next(node);
543 eb64_delete(node);
544 free(ca_name);
545 node = back;
546 }
547 }
548 return ca_e->ca_list;
549}
550
Emmanuel Hocdetaaee7502017-03-07 18:34:58 +0100551/* This memory pool is used for capturing clienthello parameters. */
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100552struct ssl_capture {
Thierry FOURNIER5bf77322017-02-25 12:45:22 +0100553 unsigned long long int xxh64;
554 unsigned char ciphersuite_len;
555 char ciphersuite[0];
556};
Willy Tarreaubafbe012017-11-24 17:34:44 +0100557struct pool_head *pool_head_ssl_capture = NULL;
Emmanuel Hocdetaaee7502017-03-07 18:34:58 +0100558static int ssl_capture_ptr_index = -1;
Thierry FOURNIER28962c92018-06-17 21:37:05 +0200559static int ssl_app_data_index = -1;
Willy Tarreauef934602016-12-22 23:12:01 +0100560
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +0200561#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
562struct list tlskeys_reference = LIST_HEAD_INIT(tlskeys_reference);
563#endif
564
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200565#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +0000566static unsigned int openssl_engines_initialized;
567struct list openssl_engines = LIST_HEAD_INIT(openssl_engines);
568struct ssl_engine_list {
569 struct list list;
570 ENGINE *e;
571};
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200572#endif
Grant Zhang872f9c22017-01-21 01:10:18 +0000573
Remi Gacogne8de54152014-07-15 11:36:40 +0200574#ifndef OPENSSL_NO_DH
Remi Gacogne4f902b82015-05-28 16:23:00 +0200575static int ssl_dh_ptr_index = -1;
Remi Gacogne47783ef2015-05-29 15:53:22 +0200576static DH *global_dh = NULL;
Remi Gacogne8de54152014-07-15 11:36:40 +0200577static DH *local_dh_1024 = NULL;
578static DH *local_dh_2048 = NULL;
579static DH *local_dh_4096 = NULL;
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +0100580static DH *ssl_get_tmp_dh(SSL *ssl, int export, int keylen);
Remi Gacogne8de54152014-07-15 11:36:40 +0200581#endif /* OPENSSL_NO_DH */
582
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100583#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Christopher Faulet31af49d2015-06-09 17:29:50 +0200584/* X509V3 Extensions that will be added on generated certificates */
585#define X509V3_EXT_SIZE 5
586static char *x509v3_ext_names[X509V3_EXT_SIZE] = {
587 "basicConstraints",
588 "nsComment",
589 "subjectKeyIdentifier",
590 "authorityKeyIdentifier",
591 "keyUsage",
592};
593static char *x509v3_ext_values[X509V3_EXT_SIZE] = {
594 "CA:FALSE",
595 "\"OpenSSL Generated Certificate\"",
596 "hash",
597 "keyid,issuer:always",
598 "nonRepudiation,digitalSignature,keyEncipherment"
599};
Christopher Faulet31af49d2015-06-09 17:29:50 +0200600/* LRU cache to store generated certificate */
601static struct lru64_head *ssl_ctx_lru_tree = NULL;
602static unsigned int ssl_ctx_lru_seed = 0;
Emeric Brun821bb9b2017-06-15 16:37:39 +0200603static unsigned int ssl_ctx_serial;
Willy Tarreau86abe442018-11-25 20:12:18 +0100604__decl_rwlock(ssl_ctx_lru_rwlock);
Emeric Brun821bb9b2017-06-15 16:37:39 +0200605
Willy Tarreauc8ad3be2015-06-17 15:48:26 +0200606#endif // SSL_CTRL_SET_TLSEXT_HOSTNAME
607
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100608static struct ssl_bind_kw ssl_bind_kws[];
609
Willy Tarreau9a1ab082019-05-09 13:26:41 +0200610#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhube2774d2015-12-10 15:07:30 -0500611/* The order here matters for picking a default context,
612 * keep the most common keytype at the bottom of the list
613 */
614const char *SSL_SOCK_KEYTYPE_NAMES[] = {
615 "dsa",
616 "ecdsa",
617 "rsa"
618};
619#define SSL_SOCK_NUM_KEYTYPES 3
Willy Tarreau30da7ad2015-12-14 11:28:33 +0100620#else
621#define SSL_SOCK_NUM_KEYTYPES 1
yanbzhube2774d2015-12-10 15:07:30 -0500622#endif
623
William Lallemandc3cd35f2017-11-28 11:04:43 +0100624static struct shared_context *ssl_shctx = NULL; /* ssl shared session cache */
William Lallemand4f45bb92017-10-30 20:08:51 +0100625static struct eb_root *sh_ssl_sess_tree; /* ssl shared session tree */
626
627#define sh_ssl_sess_tree_delete(s) ebmb_delete(&(s)->key);
628
629#define sh_ssl_sess_tree_insert(s) (struct sh_ssl_sess_hdr *)ebmb_insert(sh_ssl_sess_tree, \
630 &(s)->key, SSL_MAX_SSL_SESSION_ID_LENGTH);
631
632#define sh_ssl_sess_tree_lookup(k) (struct sh_ssl_sess_hdr *)ebmb_lookup(sh_ssl_sess_tree, \
633 (k), SSL_MAX_SSL_SESSION_ID_LENGTH);
William Lallemand3f85c9a2017-10-09 16:30:50 +0200634
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100635/*
636 * This function gives the detail of the SSL error. It is used only
637 * if the debug mode and the verbose mode are activated. It dump all
638 * the SSL error until the stack was empty.
639 */
640static forceinline void ssl_sock_dump_errors(struct connection *conn)
641{
642 unsigned long ret;
643
644 if (unlikely(global.mode & MODE_DEBUG)) {
645 while(1) {
646 ret = ERR_get_error();
647 if (ret == 0)
648 return;
649 fprintf(stderr, "fd[%04x] OpenSSL error[0x%lx] %s: %s\n",
Willy Tarreau585744b2017-08-24 14:31:19 +0200650 (unsigned short)conn->handle.fd, ret,
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +0100651 ERR_func_error_string(ret), ERR_reason_error_string(ret));
652 }
653 }
654}
655
yanbzhube2774d2015-12-10 15:07:30 -0500656
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200657#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +0000658static int ssl_init_single_engine(const char *engine_id, const char *def_algorithms)
659{
660 int err_code = ERR_ABORT;
661 ENGINE *engine;
662 struct ssl_engine_list *el;
663
664 /* grab the structural reference to the engine */
665 engine = ENGINE_by_id(engine_id);
666 if (engine == NULL) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100667 ha_alert("ssl-engine %s: failed to get structural reference\n", engine_id);
Grant Zhang872f9c22017-01-21 01:10:18 +0000668 goto fail_get;
669 }
670
671 if (!ENGINE_init(engine)) {
672 /* the engine couldn't initialise, release it */
Christopher Faulet767a84b2017-11-24 16:50:31 +0100673 ha_alert("ssl-engine %s: failed to initialize\n", engine_id);
Grant Zhang872f9c22017-01-21 01:10:18 +0000674 goto fail_init;
675 }
676
677 if (ENGINE_set_default_string(engine, def_algorithms) == 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +0100678 ha_alert("ssl-engine %s: failed on ENGINE_set_default_string\n", engine_id);
Grant Zhang872f9c22017-01-21 01:10:18 +0000679 goto fail_set_method;
680 }
681
682 el = calloc(1, sizeof(*el));
683 el->e = engine;
684 LIST_ADD(&openssl_engines, &el->list);
Emeric Brunece0c332017-12-06 13:51:49 +0100685 nb_engines++;
686 if (global_ssl.async)
687 global.ssl_used_async_engines = nb_engines;
Grant Zhang872f9c22017-01-21 01:10:18 +0000688 return 0;
689
690fail_set_method:
691 /* release the functional reference from ENGINE_init() */
692 ENGINE_finish(engine);
693
694fail_init:
695 /* release the structural reference from ENGINE_by_id() */
696 ENGINE_free(engine);
697
698fail_get:
699 return err_code;
700}
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +0200701#endif
Grant Zhang872f9c22017-01-21 01:10:18 +0000702
Willy Tarreau5db847a2019-05-09 14:13:35 +0200703#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brun3854e012017-05-17 20:42:48 +0200704/*
705 * openssl async fd handler
706 */
Emeric Brund0e095c2019-04-19 17:15:28 +0200707void ssl_async_fd_handler(int fd)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000708{
Olivier Houchardea8dd942019-05-20 14:02:16 +0200709 struct ssl_sock_ctx *ctx = fdtab[fd].owner;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000710
Emeric Brun3854e012017-05-17 20:42:48 +0200711 /* fd is an async enfine fd, we must stop
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000712 * to poll this fd until it is requested
713 */
Emeric Brunbbc16542017-06-02 15:54:06 +0000714 fd_stop_recv(fd);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000715 fd_cant_recv(fd);
716
717 /* crypto engine is available, let's notify the associated
718 * connection that it can pursue its processing.
719 */
Olivier Houchard03abf2d2019-05-28 10:12:02 +0200720 ssl_sock_io_cb(NULL, ctx, 0);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000721}
722
Emeric Brun3854e012017-05-17 20:42:48 +0200723/*
724 * openssl async delayed SSL_free handler
725 */
Emeric Brund0e095c2019-04-19 17:15:28 +0200726void ssl_async_fd_free(int fd)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000727{
728 SSL *ssl = fdtab[fd].owner;
Emeric Brun3854e012017-05-17 20:42:48 +0200729 OSSL_ASYNC_FD all_fd[32];
730 size_t num_all_fds = 0;
731 int i;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000732
Emeric Brun3854e012017-05-17 20:42:48 +0200733 /* We suppose that the async job for a same SSL *
734 * are serialized. So if we are awake it is
735 * because the running job has just finished
736 * and we can remove all async fds safely
737 */
738 SSL_get_all_async_fds(ssl, NULL, &num_all_fds);
739 if (num_all_fds > 32) {
740 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
741 return;
742 }
743
744 SSL_get_all_async_fds(ssl, all_fd, &num_all_fds);
745 for (i=0 ; i < num_all_fds ; i++)
746 fd_remove(all_fd[i]);
747
748 /* Now we can safely call SSL_free, no more pending job in engines */
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000749 SSL_free(ssl);
Olivier Houchard2be5a4c2019-03-08 18:54:43 +0100750 _HA_ATOMIC_SUB(&sslconns, 1);
751 _HA_ATOMIC_SUB(&jobs, 1);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000752}
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000753/*
Emeric Brun3854e012017-05-17 20:42:48 +0200754 * function used to manage a returned SSL_ERROR_WANT_ASYNC
755 * and enable/disable polling for async fds
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000756 */
Olivier Houchardea8dd942019-05-20 14:02:16 +0200757static inline void ssl_async_process_fds(struct ssl_sock_ctx *ctx)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000758{
Willy Tarreaua9786b62018-01-25 07:22:13 +0100759 OSSL_ASYNC_FD add_fd[32];
Emeric Brun3854e012017-05-17 20:42:48 +0200760 OSSL_ASYNC_FD del_fd[32];
Olivier Houchardea8dd942019-05-20 14:02:16 +0200761 SSL *ssl = ctx->ssl;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000762 size_t num_add_fds = 0;
763 size_t num_del_fds = 0;
Emeric Brun3854e012017-05-17 20:42:48 +0200764 int i;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000765
766 SSL_get_changed_async_fds(ssl, NULL, &num_add_fds, NULL,
767 &num_del_fds);
Emeric Brun3854e012017-05-17 20:42:48 +0200768 if (num_add_fds > 32 || num_del_fds > 32) {
769 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000770 return;
771 }
772
Emeric Brun3854e012017-05-17 20:42:48 +0200773 SSL_get_changed_async_fds(ssl, add_fd, &num_add_fds, del_fd, &num_del_fds);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000774
Emeric Brun3854e012017-05-17 20:42:48 +0200775 /* We remove unused fds from the fdtab */
776 for (i=0 ; i < num_del_fds ; i++)
777 fd_remove(del_fd[i]);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000778
Emeric Brun3854e012017-05-17 20:42:48 +0200779 /* We add new fds to the fdtab */
780 for (i=0 ; i < num_add_fds ; i++) {
Olivier Houchardea8dd942019-05-20 14:02:16 +0200781 fd_insert(add_fd[i], ctx, ssl_async_fd_handler, tid_bit);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000782 }
783
Emeric Brun3854e012017-05-17 20:42:48 +0200784 num_add_fds = 0;
785 SSL_get_all_async_fds(ssl, NULL, &num_add_fds);
786 if (num_add_fds > 32) {
787 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
788 return;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000789 }
Emeric Brun3854e012017-05-17 20:42:48 +0200790
791 /* We activate the polling for all known async fds */
792 SSL_get_all_async_fds(ssl, add_fd, &num_add_fds);
Emeric Brunce9e01c2017-05-31 10:02:53 +0000793 for (i=0 ; i < num_add_fds ; i++) {
Emeric Brun3854e012017-05-17 20:42:48 +0200794 fd_want_recv(add_fd[i]);
Emeric Brunce9e01c2017-05-31 10:02:53 +0000795 /* To ensure that the fd cache won't be used
796 * We'll prefer to catch a real RD event
797 * because handling an EAGAIN on this fd will
798 * result in a context switch and also
799 * some engines uses a fd in blocking mode.
800 */
801 fd_cant_recv(add_fd[i]);
802 }
Emeric Brun3854e012017-05-17 20:42:48 +0200803
Grant Zhangfa6c7ee2017-01-14 01:42:15 +0000804}
805#endif
806
William Lallemand104a7a62019-10-14 14:14:59 +0200807#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200808/*
809 * This function returns the number of seconds elapsed
810 * since the Epoch, 1970-01-01 00:00:00 +0000 (UTC) and the
811 * date presented un ASN1_GENERALIZEDTIME.
812 *
813 * In parsing error case, it returns -1.
814 */
815static long asn1_generalizedtime_to_epoch(ASN1_GENERALIZEDTIME *d)
816{
817 long epoch;
818 char *p, *end;
819 const unsigned short month_offset[12] = {
820 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334
821 };
822 int year, month;
823
824 if (!d || (d->type != V_ASN1_GENERALIZEDTIME)) return -1;
825
826 p = (char *)d->data;
827 end = p + d->length;
828
829 if (end - p < 4) return -1;
830 year = 1000 * (p[0] - '0') + 100 * (p[1] - '0') + 10 * (p[2] - '0') + p[3] - '0';
831 p += 4;
832 if (end - p < 2) return -1;
833 month = 10 * (p[0] - '0') + p[1] - '0';
834 if (month < 1 || month > 12) return -1;
835 /* Compute the number of seconds since 1 jan 1970 and the beginning of current month
836 We consider leap years and the current month (<marsh or not) */
837 epoch = ( ((year - 1970) * 365)
838 + ((year - (month < 3)) / 4 - (year - (month < 3)) / 100 + (year - (month < 3)) / 400)
839 - ((1970 - 1) / 4 - (1970 - 1) / 100 + (1970 - 1) / 400)
840 + month_offset[month-1]
841 ) * 24 * 60 * 60;
842 p += 2;
843 if (end - p < 2) return -1;
844 /* Add the number of seconds of completed days of current month */
845 epoch += (10 * (p[0] - '0') + p[1] - '0' - 1) * 24 * 60 * 60;
846 p += 2;
847 if (end - p < 2) return -1;
848 /* Add the completed hours of the current day */
849 epoch += (10 * (p[0] - '0') + p[1] - '0') * 60 * 60;
850 p += 2;
851 if (end - p < 2) return -1;
852 /* Add the completed minutes of the current hour */
853 epoch += (10 * (p[0] - '0') + p[1] - '0') * 60;
854 p += 2;
855 if (p == end) return -1;
856 /* Test if there is available seconds */
857 if (p[0] < '0' || p[0] > '9')
858 goto nosec;
859 if (end - p < 2) return -1;
860 /* Add the seconds of the current minute */
861 epoch += 10 * (p[0] - '0') + p[1] - '0';
862 p += 2;
863 if (p == end) return -1;
864 /* Ignore seconds float part if present */
865 if (p[0] == '.') {
866 do {
867 if (++p == end) return -1;
868 } while (p[0] >= '0' && p[0] <= '9');
869 }
870
871nosec:
872 if (p[0] == 'Z') {
873 if (end - p != 1) return -1;
874 return epoch;
875 }
876 else if (p[0] == '+') {
877 if (end - p != 5) return -1;
878 /* Apply timezone offset */
Frederik Deweerdt953917a2017-10-16 07:37:31 -0700879 return epoch - ((10 * (p[1] - '0') + p[2] - '0') * 60 * 60 + (10 * (p[3] - '0') + p[4] - '0')) * 60;
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200880 }
881 else if (p[0] == '-') {
882 if (end - p != 5) return -1;
883 /* Apply timezone offset */
Frederik Deweerdt953917a2017-10-16 07:37:31 -0700884 return epoch + ((10 * (p[1] - '0') + p[2] - '0') * 60 * 60 + (10 * (p[3] - '0') + p[4] - '0')) * 60;
Emeric Brun4f3c87a2014-06-20 15:46:13 +0200885 }
886
887 return -1;
888}
889
William Lallemand104a7a62019-10-14 14:14:59 +0200890/*
891 * struct alignment works here such that the key.key is the same as key_data
892 * Do not change the placement of key_data
893 */
894struct certificate_ocsp {
895 struct ebmb_node key;
896 unsigned char key_data[OCSP_MAX_CERTID_ASN1_LENGTH];
897 struct buffer response;
898 long expire;
899};
900
901struct ocsp_cbk_arg {
902 int is_single;
903 int single_kt;
904 union {
905 struct certificate_ocsp *s_ocsp;
906 /*
907 * m_ocsp will have multiple entries dependent on key type
908 * Entry 0 - DSA
909 * Entry 1 - ECDSA
910 * Entry 2 - RSA
911 */
912 struct certificate_ocsp *m_ocsp[SSL_SOCK_NUM_KEYTYPES];
913 };
914};
915
Emeric Brun1d3865b2014-06-20 15:37:32 +0200916static struct eb_root cert_ocsp_tree = EB_ROOT_UNIQUE;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200917
918/* This function starts to check if the OCSP response (in DER format) contained
919 * in chunk 'ocsp_response' is valid (else exits on error).
920 * If 'cid' is not NULL, it will be compared to the OCSP certificate ID
921 * contained in the OCSP Response and exits on error if no match.
922 * If it's a valid OCSP Response:
923 * If 'ocsp' is not NULL, the chunk is copied in the OCSP response's container
924 * pointed by 'ocsp'.
925 * If 'ocsp' is NULL, the function looks up into the OCSP response's
926 * containers tree (using as index the ASN1 form of the OCSP Certificate ID extracted
927 * from the response) and exits on error if not found. Finally, If an OCSP response is
928 * already present in the container, it will be overwritten.
929 *
930 * Note: OCSP response containing more than one OCSP Single response is not
931 * considered valid.
932 *
933 * Returns 0 on success, 1 in error case.
934 */
Willy Tarreau83061a82018-07-13 11:56:34 +0200935static int ssl_sock_load_ocsp_response(struct buffer *ocsp_response,
936 struct certificate_ocsp *ocsp,
937 OCSP_CERTID *cid, char **err)
Emeric Brun4147b2e2014-06-16 18:36:30 +0200938{
939 OCSP_RESPONSE *resp;
940 OCSP_BASICRESP *bs = NULL;
941 OCSP_SINGLERESP *sr;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200942 OCSP_CERTID *id;
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200943 unsigned char *p = (unsigned char *) ocsp_response->area;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200944 int rc , count_sr;
Emeric Brun13a6b482014-06-20 15:44:34 +0200945 ASN1_GENERALIZEDTIME *revtime, *thisupd, *nextupd = NULL;
Emeric Brun4147b2e2014-06-16 18:36:30 +0200946 int reason;
947 int ret = 1;
948
Willy Tarreau843b7cb2018-07-13 10:54:26 +0200949 resp = d2i_OCSP_RESPONSE(NULL, (const unsigned char **)&p,
950 ocsp_response->data);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200951 if (!resp) {
952 memprintf(err, "Unable to parse OCSP response");
953 goto out;
954 }
955
956 rc = OCSP_response_status(resp);
957 if (rc != OCSP_RESPONSE_STATUS_SUCCESSFUL) {
958 memprintf(err, "OCSP response status not successful");
959 goto out;
960 }
961
962 bs = OCSP_response_get1_basic(resp);
963 if (!bs) {
964 memprintf(err, "Failed to get basic response from OCSP Response");
965 goto out;
966 }
967
968 count_sr = OCSP_resp_count(bs);
969 if (count_sr > 1) {
970 memprintf(err, "OCSP response ignored because contains multiple single responses (%d)", count_sr);
971 goto out;
972 }
973
974 sr = OCSP_resp_get0(bs, 0);
975 if (!sr) {
976 memprintf(err, "Failed to get OCSP single response");
977 goto out;
978 }
979
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +0200980 id = (OCSP_CERTID*)OCSP_SINGLERESP_get0_id(sr);
981
Emeric Brun4147b2e2014-06-16 18:36:30 +0200982 rc = OCSP_single_get0_status(sr, &reason, &revtime, &thisupd, &nextupd);
Emmanuel Hocdetef607052017-10-24 14:57:16 +0200983 if (rc != V_OCSP_CERTSTATUS_GOOD && rc != V_OCSP_CERTSTATUS_REVOKED) {
Emmanuel Hocdet872085c2017-10-10 15:18:52 +0200984 memprintf(err, "OCSP single response: certificate status is unknown");
Emeric Brun4147b2e2014-06-16 18:36:30 +0200985 goto out;
986 }
987
Emeric Brun13a6b482014-06-20 15:44:34 +0200988 if (!nextupd) {
989 memprintf(err, "OCSP single response: missing nextupdate");
990 goto out;
991 }
992
Emeric Brunc8b27b62014-06-19 14:16:17 +0200993 rc = OCSP_check_validity(thisupd, nextupd, OCSP_MAX_RESPONSE_TIME_SKEW, -1);
Emeric Brun4147b2e2014-06-16 18:36:30 +0200994 if (!rc) {
995 memprintf(err, "OCSP single response: no longer valid.");
996 goto out;
997 }
998
999 if (cid) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001000 if (OCSP_id_cmp(id, cid)) {
Emeric Brun4147b2e2014-06-16 18:36:30 +02001001 memprintf(err, "OCSP single response: Certificate ID does not match certificate and issuer");
1002 goto out;
1003 }
1004 }
1005
1006 if (!ocsp) {
1007 unsigned char key[OCSP_MAX_CERTID_ASN1_LENGTH];
1008 unsigned char *p;
1009
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001010 rc = i2d_OCSP_CERTID(id, NULL);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001011 if (!rc) {
1012 memprintf(err, "OCSP single response: Unable to encode Certificate ID");
1013 goto out;
1014 }
1015
1016 if (rc > OCSP_MAX_CERTID_ASN1_LENGTH) {
1017 memprintf(err, "OCSP single response: Certificate ID too long");
1018 goto out;
1019 }
1020
1021 p = key;
1022 memset(key, 0, OCSP_MAX_CERTID_ASN1_LENGTH);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001023 i2d_OCSP_CERTID(id, &p);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001024 ocsp = (struct certificate_ocsp *)ebmb_lookup(&cert_ocsp_tree, key, OCSP_MAX_CERTID_ASN1_LENGTH);
1025 if (!ocsp) {
1026 memprintf(err, "OCSP single response: Certificate ID does not match any certificate or issuer");
1027 goto out;
1028 }
1029 }
1030
1031 /* According to comments on "chunk_dup", the
1032 previous chunk buffer will be freed */
1033 if (!chunk_dup(&ocsp->response, ocsp_response)) {
1034 memprintf(err, "OCSP response: Memory allocation error");
1035 goto out;
1036 }
1037
Emeric Brun4f3c87a2014-06-20 15:46:13 +02001038 ocsp->expire = asn1_generalizedtime_to_epoch(nextupd) - OCSP_MAX_RESPONSE_TIME_SKEW;
1039
Emeric Brun4147b2e2014-06-16 18:36:30 +02001040 ret = 0;
1041out:
Janusz Dziemidowicz8d710492017-03-08 16:59:41 +01001042 ERR_clear_error();
1043
Emeric Brun4147b2e2014-06-16 18:36:30 +02001044 if (bs)
1045 OCSP_BASICRESP_free(bs);
1046
1047 if (resp)
1048 OCSP_RESPONSE_free(resp);
1049
1050 return ret;
1051}
1052/*
1053 * External function use to update the OCSP response in the OCSP response's
1054 * containers tree. The chunk 'ocsp_response' must contain the OCSP response
1055 * to update in DER format.
1056 *
1057 * Returns 0 on success, 1 in error case.
1058 */
Willy Tarreau83061a82018-07-13 11:56:34 +02001059int ssl_sock_update_ocsp_response(struct buffer *ocsp_response, char **err)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001060{
1061 return ssl_sock_load_ocsp_response(ocsp_response, NULL, NULL, err);
1062}
1063
William Lallemand4a660132019-10-14 14:51:41 +02001064#endif
1065
1066#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001067/*
1068 * This function load the OCSP Resonse in DER format contained in file at
William Lallemand3b5f3602019-10-16 18:05:05 +02001069 * path 'ocsp_path' or base64 in a buffer <buf>
Emeric Brun4147b2e2014-06-16 18:36:30 +02001070 *
1071 * Returns 0 on success, 1 in error case.
1072 */
William Lallemand3b5f3602019-10-16 18:05:05 +02001073static int ssl_sock_load_ocsp_response_from_file(const char *ocsp_path, char *buf, struct cert_key_and_chain *ckch, char **err)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001074{
1075 int fd = -1;
1076 int r = 0;
1077 int ret = 1;
William Lallemand3b5f3602019-10-16 18:05:05 +02001078 struct buffer *ocsp_response;
1079 struct buffer *src = NULL;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001080
William Lallemand3b5f3602019-10-16 18:05:05 +02001081 if (buf) {
1082 int i, j;
1083 /* if it's from a buffer it will be base64 */
Emeric Brun4147b2e2014-06-16 18:36:30 +02001084
William Lallemand3b5f3602019-10-16 18:05:05 +02001085 /* remove \r and \n from the payload */
1086 for (i = 0, j = 0; buf[i]; i++) {
1087 if (buf[i] == '\r' || buf[i] == '\n')
Emeric Brun4147b2e2014-06-16 18:36:30 +02001088 continue;
William Lallemand3b5f3602019-10-16 18:05:05 +02001089 buf[j++] = buf[i];
1090 }
1091 buf[j] = 0;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001092
William Lallemand3b5f3602019-10-16 18:05:05 +02001093 ret = base64dec(buf, j, trash.area, trash.size);
1094 if (ret < 0) {
1095 memprintf(err, "Error reading OCSP response in base64 format");
Emeric Brun4147b2e2014-06-16 18:36:30 +02001096 goto end;
1097 }
William Lallemand3b5f3602019-10-16 18:05:05 +02001098 trash.data = ret;
1099 src = &trash;
1100 } else {
1101 fd = open(ocsp_path, O_RDONLY);
1102 if (fd == -1) {
1103 memprintf(err, "Error opening OCSP response file");
1104 goto end;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001105 }
William Lallemand3b5f3602019-10-16 18:05:05 +02001106
1107 trash.data = 0;
1108 while (trash.data < trash.size) {
1109 r = read(fd, trash.area + trash.data, trash.size - trash.data);
1110 if (r < 0) {
1111 if (errno == EINTR)
1112 continue;
1113
1114 memprintf(err, "Error reading OCSP response from file");
1115 goto end;
1116 }
1117 else if (r == 0) {
1118 break;
1119 }
1120 trash.data += r;
1121 }
1122 close(fd);
1123 fd = -1;
1124 src = &trash;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001125 }
1126
William Lallemand3b5f3602019-10-16 18:05:05 +02001127 ocsp_response = calloc(1, sizeof(*ocsp_response));
1128 if (!chunk_dup(ocsp_response, src)) {
1129 free(ocsp_response);
1130 ocsp_response = NULL;
William Lallemand246c0242019-10-11 08:59:13 +02001131 goto end;
1132 }
Emmanuel Hocdet0667fae2020-01-16 14:41:36 +01001133 /* no error, fill ckch with new context, old context must be free */
1134 if (ckch->ocsp_response) {
1135 free(ckch->ocsp_response->area);
1136 ckch->ocsp_response->area = NULL;
1137 free(ckch->ocsp_response);
1138 }
William Lallemand3b5f3602019-10-16 18:05:05 +02001139 ckch->ocsp_response = ocsp_response;
William Lallemande0f48ae2019-10-15 13:44:57 +02001140 ret = 0;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001141end:
1142 if (fd != -1)
1143 close(fd);
1144
1145 return ret;
1146}
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01001147#endif
Emeric Brun4147b2e2014-06-16 18:36:30 +02001148
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001149#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
1150static int ssl_tlsext_ticket_key_cb(SSL *s, unsigned char key_name[16], unsigned char *iv, EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc)
1151{
Christopher Faulet16f45c82018-02-16 11:23:49 +01001152 struct tls_keys_ref *ref;
Emeric Brun9e754772019-01-10 17:51:55 +01001153 union tls_sess_key *keys;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001154 struct connection *conn;
1155 int head;
1156 int i;
Christopher Faulet16f45c82018-02-16 11:23:49 +01001157 int ret = -1; /* error by default */
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001158
Thierry FOURNIER28962c92018-06-17 21:37:05 +02001159 conn = SSL_get_ex_data(s, ssl_app_data_index);
Willy Tarreau07d94e42018-09-20 10:57:52 +02001160 ref = __objt_listener(conn->target)->bind_conf->keys_ref;
Christopher Faulet16f45c82018-02-16 11:23:49 +01001161 HA_RWLOCK_RDLOCK(TLSKEYS_REF_LOCK, &ref->lock);
1162
1163 keys = ref->tlskeys;
1164 head = ref->tls_ticket_enc_index;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001165
1166 if (enc) {
1167 memcpy(key_name, keys[head].name, 16);
1168
1169 if(!RAND_pseudo_bytes(iv, EVP_MAX_IV_LENGTH))
Christopher Faulet16f45c82018-02-16 11:23:49 +01001170 goto end;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001171
Emeric Brun9e754772019-01-10 17:51:55 +01001172 if (ref->key_size_bits == 128) {
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001173
Emeric Brun9e754772019-01-10 17:51:55 +01001174 if(!EVP_EncryptInit_ex(ectx, EVP_aes_128_cbc(), NULL, keys[head].key_128.aes_key, iv))
1175 goto end;
1176
Willy Tarreau9356dac2019-05-10 09:22:53 +02001177 HMAC_Init_ex(hctx, keys[head].key_128.hmac_key, 16, TLS_TICKET_HASH_FUNCT(), NULL);
Emeric Brun9e754772019-01-10 17:51:55 +01001178 ret = 1;
1179 }
1180 else if (ref->key_size_bits == 256 ) {
1181
1182 if(!EVP_EncryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, keys[head].key_256.aes_key, iv))
1183 goto end;
1184
Willy Tarreau9356dac2019-05-10 09:22:53 +02001185 HMAC_Init_ex(hctx, keys[head].key_256.hmac_key, 32, TLS_TICKET_HASH_FUNCT(), NULL);
Emeric Brun9e754772019-01-10 17:51:55 +01001186 ret = 1;
1187 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001188 } else {
1189 for (i = 0; i < TLS_TICKETS_NO; i++) {
1190 if (!memcmp(key_name, keys[(head + i) % TLS_TICKETS_NO].name, 16))
1191 goto found;
1192 }
Christopher Faulet16f45c82018-02-16 11:23:49 +01001193 ret = 0;
1194 goto end;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001195
Christopher Faulet16f45c82018-02-16 11:23:49 +01001196 found:
Emeric Brun9e754772019-01-10 17:51:55 +01001197 if (ref->key_size_bits == 128) {
Willy Tarreau9356dac2019-05-10 09:22:53 +02001198 HMAC_Init_ex(hctx, keys[(head + i) % TLS_TICKETS_NO].key_128.hmac_key, 16, TLS_TICKET_HASH_FUNCT(), NULL);
Emeric Brun9e754772019-01-10 17:51:55 +01001199 if(!EVP_DecryptInit_ex(ectx, EVP_aes_128_cbc(), NULL, keys[(head + i) % TLS_TICKETS_NO].key_128.aes_key, iv))
1200 goto end;
1201 /* 2 for key renewal, 1 if current key is still valid */
1202 ret = i ? 2 : 1;
1203 }
1204 else if (ref->key_size_bits == 256) {
Willy Tarreau9356dac2019-05-10 09:22:53 +02001205 HMAC_Init_ex(hctx, keys[(head + i) % TLS_TICKETS_NO].key_256.hmac_key, 32, TLS_TICKET_HASH_FUNCT(), NULL);
Emeric Brun9e754772019-01-10 17:51:55 +01001206 if(!EVP_DecryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, keys[(head + i) % TLS_TICKETS_NO].key_256.aes_key, iv))
1207 goto end;
1208 /* 2 for key renewal, 1 if current key is still valid */
1209 ret = i ? 2 : 1;
1210 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001211 }
Emeric Brun9e754772019-01-10 17:51:55 +01001212
Christopher Faulet16f45c82018-02-16 11:23:49 +01001213 end:
1214 HA_RWLOCK_RDUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
1215 return ret;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001216}
1217
1218struct tls_keys_ref *tlskeys_ref_lookup(const char *filename)
1219{
1220 struct tls_keys_ref *ref;
1221
1222 list_for_each_entry(ref, &tlskeys_reference, list)
1223 if (ref->filename && strcmp(filename, ref->filename) == 0)
1224 return ref;
1225 return NULL;
1226}
1227
1228struct tls_keys_ref *tlskeys_ref_lookupid(int unique_id)
1229{
1230 struct tls_keys_ref *ref;
1231
1232 list_for_each_entry(ref, &tlskeys_reference, list)
1233 if (ref->unique_id == unique_id)
1234 return ref;
1235 return NULL;
1236}
1237
Emeric Brun9e754772019-01-10 17:51:55 +01001238/* Update the key into ref: if keysize doesnt
1239 * match existing ones, this function returns -1
1240 * else it returns 0 on success.
1241 */
1242int ssl_sock_update_tlskey_ref(struct tls_keys_ref *ref,
Willy Tarreau83061a82018-07-13 11:56:34 +02001243 struct buffer *tlskey)
Christopher Faulet16f45c82018-02-16 11:23:49 +01001244{
Emeric Brun9e754772019-01-10 17:51:55 +01001245 if (ref->key_size_bits == 128) {
1246 if (tlskey->data != sizeof(struct tls_sess_key_128))
1247 return -1;
1248 }
1249 else if (ref->key_size_bits == 256) {
1250 if (tlskey->data != sizeof(struct tls_sess_key_256))
1251 return -1;
1252 }
1253 else
1254 return -1;
1255
Christopher Faulet16f45c82018-02-16 11:23:49 +01001256 HA_RWLOCK_WRLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001257 memcpy((char *) (ref->tlskeys + ((ref->tls_ticket_enc_index + 2) % TLS_TICKETS_NO)),
1258 tlskey->area, tlskey->data);
Christopher Faulet16f45c82018-02-16 11:23:49 +01001259 ref->tls_ticket_enc_index = (ref->tls_ticket_enc_index + 1) % TLS_TICKETS_NO;
1260 HA_RWLOCK_WRUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Emeric Brun9e754772019-01-10 17:51:55 +01001261
1262 return 0;
Christopher Faulet16f45c82018-02-16 11:23:49 +01001263}
1264
Willy Tarreau83061a82018-07-13 11:56:34 +02001265int ssl_sock_update_tlskey(char *filename, struct buffer *tlskey, char **err)
Christopher Faulet16f45c82018-02-16 11:23:49 +01001266{
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001267 struct tls_keys_ref *ref = tlskeys_ref_lookup(filename);
1268
1269 if(!ref) {
1270 memprintf(err, "Unable to locate the referenced filename: %s", filename);
1271 return 1;
1272 }
Emeric Brun9e754772019-01-10 17:51:55 +01001273 if (ssl_sock_update_tlskey_ref(ref, tlskey) < 0) {
1274 memprintf(err, "Invalid key size");
1275 return 1;
1276 }
1277
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001278 return 0;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001279}
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001280
1281/* This function finalize the configuration parsing. Its set all the
Willy Tarreaud1c57502016-12-22 22:46:15 +01001282 * automatic ids. It's called just after the basic checks. It returns
1283 * 0 on success otherwise ERR_*.
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001284 */
Willy Tarreaud1c57502016-12-22 22:46:15 +01001285static int tlskeys_finalize_config(void)
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001286{
1287 int i = 0;
1288 struct tls_keys_ref *ref, *ref2, *ref3;
1289 struct list tkr = LIST_HEAD_INIT(tkr);
1290
1291 list_for_each_entry(ref, &tlskeys_reference, list) {
1292 if (ref->unique_id == -1) {
1293 /* Look for the first free id. */
1294 while (1) {
1295 list_for_each_entry(ref2, &tlskeys_reference, list) {
1296 if (ref2->unique_id == i) {
1297 i++;
1298 break;
1299 }
1300 }
1301 if (&ref2->list == &tlskeys_reference)
1302 break;
1303 }
1304
1305 /* Uses the unique id and increment it for the next entry. */
1306 ref->unique_id = i;
1307 i++;
1308 }
1309 }
1310
1311 /* This sort the reference list by id. */
1312 list_for_each_entry_safe(ref, ref2, &tlskeys_reference, list) {
1313 LIST_DEL(&ref->list);
1314 list_for_each_entry(ref3, &tkr, list) {
1315 if (ref->unique_id < ref3->unique_id) {
1316 LIST_ADDQ(&ref3->list, &ref->list);
1317 break;
1318 }
1319 }
1320 if (&ref3->list == &tkr)
1321 LIST_ADDQ(&tkr, &ref->list);
1322 }
1323
1324 /* swap root */
1325 LIST_ADD(&tkr, &tlskeys_reference);
1326 LIST_DEL(&tkr);
Willy Tarreaud1c57502016-12-22 22:46:15 +01001327 return 0;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02001328}
Nenad Merdanovic05552d42015-02-27 19:56:49 +01001329#endif /* SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB */
1330
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01001331#ifndef OPENSSL_NO_OCSP
yanbzhube2774d2015-12-10 15:07:30 -05001332int ssl_sock_get_ocsp_arg_kt_index(int evp_keytype)
1333{
1334 switch (evp_keytype) {
1335 case EVP_PKEY_RSA:
1336 return 2;
1337 case EVP_PKEY_DSA:
1338 return 0;
1339 case EVP_PKEY_EC:
1340 return 1;
1341 }
1342
1343 return -1;
1344}
1345
Emeric Brun4147b2e2014-06-16 18:36:30 +02001346/*
1347 * Callback used to set OCSP status extension content in server hello.
1348 */
1349int ssl_sock_ocsp_stapling_cbk(SSL *ssl, void *arg)
1350{
yanbzhube2774d2015-12-10 15:07:30 -05001351 struct certificate_ocsp *ocsp;
1352 struct ocsp_cbk_arg *ocsp_arg;
1353 char *ssl_buf;
1354 EVP_PKEY *ssl_pkey;
1355 int key_type;
1356 int index;
1357
Vincent Bernat3c2f2f22016-04-03 13:48:42 +02001358 ocsp_arg = arg;
yanbzhube2774d2015-12-10 15:07:30 -05001359
1360 ssl_pkey = SSL_get_privatekey(ssl);
1361 if (!ssl_pkey)
1362 return SSL_TLSEXT_ERR_NOACK;
1363
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001364 key_type = EVP_PKEY_base_id(ssl_pkey);
yanbzhube2774d2015-12-10 15:07:30 -05001365
1366 if (ocsp_arg->is_single && ocsp_arg->single_kt == key_type)
1367 ocsp = ocsp_arg->s_ocsp;
1368 else {
1369 /* For multiple certs per context, we have to find the correct OCSP response based on
1370 * the certificate type
1371 */
1372 index = ssl_sock_get_ocsp_arg_kt_index(key_type);
1373
1374 if (index < 0)
1375 return SSL_TLSEXT_ERR_NOACK;
1376
1377 ocsp = ocsp_arg->m_ocsp[index];
1378
1379 }
Emeric Brun4147b2e2014-06-16 18:36:30 +02001380
1381 if (!ocsp ||
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001382 !ocsp->response.area ||
1383 !ocsp->response.data ||
Emeric Brun4f3c87a2014-06-20 15:46:13 +02001384 (ocsp->expire < now.tv_sec))
Emeric Brun4147b2e2014-06-16 18:36:30 +02001385 return SSL_TLSEXT_ERR_NOACK;
1386
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001387 ssl_buf = OPENSSL_malloc(ocsp->response.data);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001388 if (!ssl_buf)
1389 return SSL_TLSEXT_ERR_NOACK;
1390
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001391 memcpy(ssl_buf, ocsp->response.area, ocsp->response.data);
1392 SSL_set_tlsext_status_ocsp_resp(ssl, ssl_buf, ocsp->response.data);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001393
1394 return SSL_TLSEXT_ERR_OK;
1395}
1396
William Lallemand4a660132019-10-14 14:51:41 +02001397#endif
1398
1399#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001400/*
1401 * This function enables the handling of OCSP status extension on 'ctx' if a
William Lallemand246c0242019-10-11 08:59:13 +02001402 * ocsp_response buffer was found in the cert_key_and_chain. To enable OCSP
1403 * status extension, the issuer's certificate is mandatory. It should be
1404 * present in ckch->ocsp_issuer.
Emeric Brun4147b2e2014-06-16 18:36:30 +02001405 *
William Lallemand246c0242019-10-11 08:59:13 +02001406 * In addition, the ckch->ocsp_reponse buffer is loaded as a DER format of an
1407 * OCSP response. If file is empty or content is not a valid OCSP response,
1408 * OCSP status extension is enabled but OCSP response is ignored (a warning is
1409 * displayed).
Emeric Brun4147b2e2014-06-16 18:36:30 +02001410 *
1411 * Returns 1 if no ".ocsp" file found, 0 if OCSP status extension is
Joseph Herlant017b3da2018-11-15 09:07:59 -08001412 * successfully enabled, or -1 in other error case.
Emeric Brun4147b2e2014-06-16 18:36:30 +02001413 */
William Lallemand4a660132019-10-14 14:51:41 +02001414#ifndef OPENSSL_IS_BORINGSSL
William Lallemand246c0242019-10-11 08:59:13 +02001415static int ssl_sock_load_ocsp(SSL_CTX *ctx, const struct cert_key_and_chain *ckch)
Emeric Brun4147b2e2014-06-16 18:36:30 +02001416{
William Lallemand246c0242019-10-11 08:59:13 +02001417 X509 *x = NULL, *issuer = NULL;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001418 OCSP_CERTID *cid = NULL;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001419 int i, ret = -1;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001420 struct certificate_ocsp *ocsp = NULL, *iocsp;
1421 char *warn = NULL;
1422 unsigned char *p;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001423 void (*callback) (void);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001424
Emeric Brun4147b2e2014-06-16 18:36:30 +02001425
William Lallemand246c0242019-10-11 08:59:13 +02001426 x = ckch->cert;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001427 if (!x)
1428 goto out;
1429
William Lallemand246c0242019-10-11 08:59:13 +02001430 issuer = ckch->ocsp_issuer;
1431 if (!issuer)
1432 goto out;
Emeric Brun4147b2e2014-06-16 18:36:30 +02001433
1434 cid = OCSP_cert_to_id(0, x, issuer);
1435 if (!cid)
1436 goto out;
1437
1438 i = i2d_OCSP_CERTID(cid, NULL);
1439 if (!i || (i > OCSP_MAX_CERTID_ASN1_LENGTH))
1440 goto out;
1441
Vincent Bernat02779b62016-04-03 13:48:43 +02001442 ocsp = calloc(1, sizeof(*ocsp));
Emeric Brun4147b2e2014-06-16 18:36:30 +02001443 if (!ocsp)
1444 goto out;
1445
1446 p = ocsp->key_data;
1447 i2d_OCSP_CERTID(cid, &p);
1448
1449 iocsp = (struct certificate_ocsp *)ebmb_insert(&cert_ocsp_tree, &ocsp->key, OCSP_MAX_CERTID_ASN1_LENGTH);
1450 if (iocsp == ocsp)
1451 ocsp = NULL;
1452
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001453#ifndef SSL_CTX_get_tlsext_status_cb
1454# define SSL_CTX_get_tlsext_status_cb(ctx, cb) \
1455 *cb = (void (*) (void))ctx->tlsext_status_cb;
1456#endif
1457 SSL_CTX_get_tlsext_status_cb(ctx, &callback);
1458
1459 if (!callback) {
Vincent Bernat02779b62016-04-03 13:48:43 +02001460 struct ocsp_cbk_arg *cb_arg = calloc(1, sizeof(*cb_arg));
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +01001461 EVP_PKEY *pkey;
yanbzhube2774d2015-12-10 15:07:30 -05001462
1463 cb_arg->is_single = 1;
1464 cb_arg->s_ocsp = iocsp;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001465
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +01001466 pkey = X509_get_pubkey(x);
1467 cb_arg->single_kt = EVP_PKEY_base_id(pkey);
1468 EVP_PKEY_free(pkey);
yanbzhube2774d2015-12-10 15:07:30 -05001469
1470 SSL_CTX_set_tlsext_status_cb(ctx, ssl_sock_ocsp_stapling_cbk);
1471 SSL_CTX_set_tlsext_status_arg(ctx, cb_arg);
1472 } else {
1473 /*
1474 * If the ctx has a status CB, then we have previously set an OCSP staple for this ctx
1475 * Update that cb_arg with the new cert's staple
1476 */
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001477 struct ocsp_cbk_arg *cb_arg;
yanbzhube2774d2015-12-10 15:07:30 -05001478 struct certificate_ocsp *tmp_ocsp;
1479 int index;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001480 int key_type;
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +01001481 EVP_PKEY *pkey;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001482
1483#ifdef SSL_CTX_get_tlsext_status_arg
1484 SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG, 0, &cb_arg);
1485#else
1486 cb_arg = ctx->tlsext_status_arg;
1487#endif
yanbzhube2774d2015-12-10 15:07:30 -05001488
1489 /*
1490 * The following few lines will convert cb_arg from a single ocsp to multi ocsp
1491 * the order of operations below matter, take care when changing it
1492 */
1493 tmp_ocsp = cb_arg->s_ocsp;
1494 index = ssl_sock_get_ocsp_arg_kt_index(cb_arg->single_kt);
1495 cb_arg->s_ocsp = NULL;
1496 cb_arg->m_ocsp[index] = tmp_ocsp;
1497 cb_arg->is_single = 0;
1498 cb_arg->single_kt = 0;
1499
Emmanuel Hocdetb7a4c342017-01-06 12:57:46 +01001500 pkey = X509_get_pubkey(x);
1501 key_type = EVP_PKEY_base_id(pkey);
1502 EVP_PKEY_free(pkey);
1503
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001504 index = ssl_sock_get_ocsp_arg_kt_index(key_type);
yanbzhube2774d2015-12-10 15:07:30 -05001505 if (index >= 0 && !cb_arg->m_ocsp[index])
1506 cb_arg->m_ocsp[index] = iocsp;
1507
1508 }
Emeric Brun4147b2e2014-06-16 18:36:30 +02001509
1510 ret = 0;
1511
1512 warn = NULL;
William Lallemand246c0242019-10-11 08:59:13 +02001513 if (ssl_sock_load_ocsp_response(ckch->ocsp_response, ocsp, cid, &warn)) {
William Lallemand3b5f3602019-10-16 18:05:05 +02001514 memprintf(&warn, "Loading: %s. Content will be ignored", warn ? warn : "failure");
Christopher Faulet767a84b2017-11-24 16:50:31 +01001515 ha_warning("%s.\n", warn);
Emeric Brun4147b2e2014-06-16 18:36:30 +02001516 }
1517
1518out:
Emeric Brun4147b2e2014-06-16 18:36:30 +02001519 if (cid)
1520 OCSP_CERTID_free(cid);
1521
1522 if (ocsp)
1523 free(ocsp);
1524
1525 if (warn)
1526 free(warn);
1527
Emeric Brun4147b2e2014-06-16 18:36:30 +02001528 return ret;
1529}
William Lallemand4a660132019-10-14 14:51:41 +02001530#else /* OPENSSL_IS_BORINGSSL */
1531static int ssl_sock_load_ocsp(SSL_CTX *ctx, const struct cert_key_and_chain *ckch)
Emmanuel Hocdet2c32d8f2017-05-22 14:58:00 +02001532{
William Lallemand4a660132019-10-14 14:51:41 +02001533 return SSL_CTX_set_ocsp_response(ctx, (const uint8_t *)ckch->ocsp_response->area, ckch->ocsp_response->data);
Emmanuel Hocdet2c32d8f2017-05-22 14:58:00 +02001534}
1535#endif
1536
William Lallemand4a660132019-10-14 14:51:41 +02001537#endif
1538
1539
Willy Tarreau5db847a2019-05-09 14:13:35 +02001540#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001541
1542#define CT_EXTENSION_TYPE 18
1543
1544static int sctl_ex_index = -1;
1545
1546/*
1547 * Try to parse Signed Certificate Timestamp List structure. This function
1548 * makes only basic test if the data seems like SCTL. No signature validation
1549 * is performed.
1550 */
Willy Tarreau83061a82018-07-13 11:56:34 +02001551static int ssl_sock_parse_sctl(struct buffer *sctl)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001552{
1553 int ret = 1;
1554 int len, pos, sct_len;
1555 unsigned char *data;
1556
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001557 if (sctl->data < 2)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001558 goto out;
1559
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001560 data = (unsigned char *) sctl->area;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001561 len = (data[0] << 8) | data[1];
1562
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001563 if (len + 2 != sctl->data)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001564 goto out;
1565
1566 data = data + 2;
1567 pos = 0;
1568 while (pos < len) {
1569 if (len - pos < 2)
1570 goto out;
1571
1572 sct_len = (data[pos] << 8) | data[pos + 1];
1573 if (pos + sct_len + 2 > len)
1574 goto out;
1575
1576 pos += sct_len + 2;
1577 }
1578
1579 ret = 0;
1580
1581out:
1582 return ret;
1583}
1584
William Lallemand0dfae6c2019-10-16 18:06:58 +02001585/* Try to load a sctl from a buffer <buf> if not NULL, or read the file <sctl_path>
1586 * It fills the ckch->sctl buffer
1587 * return 0 on success or != 0 on failure */
1588static int ssl_sock_load_sctl_from_file(const char *sctl_path, char *buf, struct cert_key_and_chain *ckch, char **err)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001589{
1590 int fd = -1;
1591 int r = 0;
1592 int ret = 1;
William Lallemand0dfae6c2019-10-16 18:06:58 +02001593 struct buffer tmp;
1594 struct buffer *src;
1595 struct buffer *sctl;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001596
William Lallemand0dfae6c2019-10-16 18:06:58 +02001597 if (buf) {
1598 tmp.area = buf;
1599 tmp.data = strlen(buf);
1600 tmp.size = tmp.data + 1;
1601 src = &tmp;
1602 } else {
1603 fd = open(sctl_path, O_RDONLY);
1604 if (fd == -1)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001605 goto end;
William Lallemand0dfae6c2019-10-16 18:06:58 +02001606
1607 trash.data = 0;
1608 while (trash.data < trash.size) {
1609 r = read(fd, trash.area + trash.data, trash.size - trash.data);
1610 if (r < 0) {
1611 if (errno == EINTR)
1612 continue;
1613 goto end;
1614 }
1615 else if (r == 0) {
1616 break;
1617 }
1618 trash.data += r;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001619 }
William Lallemand0dfae6c2019-10-16 18:06:58 +02001620 src = &trash;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001621 }
1622
William Lallemand0dfae6c2019-10-16 18:06:58 +02001623 ret = ssl_sock_parse_sctl(src);
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001624 if (ret)
1625 goto end;
1626
William Lallemand0dfae6c2019-10-16 18:06:58 +02001627 sctl = calloc(1, sizeof(*sctl));
1628 if (!chunk_dup(sctl, src)) {
1629 free(sctl);
1630 sctl = NULL;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001631 goto end;
1632 }
Emmanuel Hocdet224a0872020-01-16 15:15:49 +01001633 /* no error, fill ckch with new context, old context must be free */
1634 if (ckch->sctl) {
1635 free(ckch->sctl->area);
1636 ckch->sctl->area = NULL;
1637 free(ckch->sctl);
1638 }
William Lallemand0dfae6c2019-10-16 18:06:58 +02001639 ckch->sctl = sctl;
Emmanuel Hocdet224a0872020-01-16 15:15:49 +01001640 ret = 0;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001641end:
1642 if (fd != -1)
1643 close(fd);
1644
1645 return ret;
1646}
1647
1648int ssl_sock_sctl_add_cbk(SSL *ssl, unsigned ext_type, const unsigned char **out, size_t *outlen, int *al, void *add_arg)
1649{
Willy Tarreau83061a82018-07-13 11:56:34 +02001650 struct buffer *sctl = add_arg;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001651
Willy Tarreau843b7cb2018-07-13 10:54:26 +02001652 *out = (unsigned char *) sctl->area;
1653 *outlen = sctl->data;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001654
1655 return 1;
1656}
1657
1658int ssl_sock_sctl_parse_cbk(SSL *s, unsigned int ext_type, const unsigned char *in, size_t inlen, int *al, void *parse_arg)
1659{
1660 return 1;
1661}
1662
William Lallemanda17f4112019-10-10 15:16:44 +02001663static int ssl_sock_load_sctl(SSL_CTX *ctx, struct buffer *sctl)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001664{
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001665 int ret = -1;
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001666
William Lallemanda17f4112019-10-10 15:16:44 +02001667 if (!SSL_CTX_add_server_custom_ext(ctx, CT_EXTENSION_TYPE, ssl_sock_sctl_add_cbk, NULL, sctl, ssl_sock_sctl_parse_cbk, NULL))
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001668 goto out;
1669
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +01001670 SSL_CTX_set_ex_data(ctx, sctl_ex_index, sctl);
1671
1672 ret = 0;
1673
1674out:
1675 return ret;
1676}
1677
1678#endif
1679
Emeric Brune1f38db2012-09-03 20:36:47 +02001680void ssl_sock_infocbk(const SSL *ssl, int where, int ret)
1681{
Thierry FOURNIER28962c92018-06-17 21:37:05 +02001682 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001683 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Emeric Brund8b2bb52014-01-28 15:43:53 +01001684 BIO *write_bio;
Willy Tarreau622317d2015-02-27 16:36:16 +01001685 (void)ret; /* shut gcc stupid warning */
Emeric Brune1f38db2012-09-03 20:36:47 +02001686
Dirkjan Bussink526894f2019-01-21 09:35:03 -08001687#ifndef SSL_OP_NO_RENEGOTIATION
1688 /* Please note that BoringSSL defines this macro to zero so don't
1689 * change this to #if and do not assign a default value to this macro!
1690 */
Emeric Brune1f38db2012-09-03 20:36:47 +02001691 if (where & SSL_CB_HANDSHAKE_START) {
1692 /* Disable renegotiation (CVE-2009-3555) */
Willy Tarreauc192b0a2020-01-23 09:11:58 +01001693 if ((conn->flags & (CO_FL_WAIT_L6_CONN | CO_FL_EARLY_SSL_HS | CO_FL_EARLY_DATA)) == 0) {
Emeric Brune1f38db2012-09-03 20:36:47 +02001694 conn->flags |= CO_FL_ERROR;
Willy Tarreau20879a02012-12-03 16:32:10 +01001695 conn->err_code = CO_ER_SSL_RENEG;
1696 }
Emeric Brune1f38db2012-09-03 20:36:47 +02001697 }
Dirkjan Bussink526894f2019-01-21 09:35:03 -08001698#endif
Emeric Brund8b2bb52014-01-28 15:43:53 +01001699
1700 if ((where & SSL_CB_ACCEPT_LOOP) == SSL_CB_ACCEPT_LOOP) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001701 if (!(ctx->xprt_st & SSL_SOCK_ST_FL_16K_WBFSIZE)) {
Emeric Brund8b2bb52014-01-28 15:43:53 +01001702 /* Long certificate chains optimz
1703 If write and read bios are differents, we
1704 consider that the buffering was activated,
1705 so we rise the output buffer size from 4k
1706 to 16k */
1707 write_bio = SSL_get_wbio(ssl);
1708 if (write_bio != SSL_get_rbio(ssl)) {
1709 BIO_set_write_buffer_size(write_bio, 16384);
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001710 ctx->xprt_st |= SSL_SOCK_ST_FL_16K_WBFSIZE;
Emeric Brund8b2bb52014-01-28 15:43:53 +01001711 }
1712 }
1713 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02001714}
1715
Emeric Brune64aef12012-09-21 13:15:06 +02001716/* Callback is called for each certificate of the chain during a verify
1717 ok is set to 1 if preverify detect no error on current certificate.
1718 Returns 0 to break the handshake, 1 otherwise. */
Evan Broderbe554312013-06-27 00:05:25 -07001719int ssl_sock_bind_verifycbk(int ok, X509_STORE_CTX *x_store)
Emeric Brune64aef12012-09-21 13:15:06 +02001720{
1721 SSL *ssl;
1722 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001723 struct ssl_sock_ctx *ctx;
Emeric Brun81c00f02012-09-21 14:31:21 +02001724 int err, depth;
Emeric Brune64aef12012-09-21 13:15:06 +02001725
1726 ssl = X509_STORE_CTX_get_ex_data(x_store, SSL_get_ex_data_X509_STORE_CTX_idx());
Thierry FOURNIER28962c92018-06-17 21:37:05 +02001727 conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Emeric Brune64aef12012-09-21 13:15:06 +02001728
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001729 ctx = conn->xprt_ctx;
1730
1731 ctx->xprt_st |= SSL_SOCK_ST_FL_VERIFY_DONE;
Emeric Brune64aef12012-09-21 13:15:06 +02001732
Emeric Brun81c00f02012-09-21 14:31:21 +02001733 if (ok) /* no errors */
1734 return ok;
1735
1736 depth = X509_STORE_CTX_get_error_depth(x_store);
1737 err = X509_STORE_CTX_get_error(x_store);
1738
1739 /* check if CA error needs to be ignored */
1740 if (depth > 0) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001741 if (!SSL_SOCK_ST_TO_CA_ERROR(ctx->xprt_st)) {
1742 ctx->xprt_st |= SSL_SOCK_CA_ERROR_TO_ST(err);
1743 ctx->xprt_st |= SSL_SOCK_CAEDEPTH_TO_ST(depth);
Emeric Brunf282a812012-09-21 15:27:54 +02001744 }
1745
Willy Tarreau731248f2020-02-04 14:02:02 +01001746 if (err < 64 && __objt_listener(conn->target)->bind_conf->ca_ignerr & (1ULL << err)) {
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02001747 ssl_sock_dump_errors(conn);
Emeric Brun1eb20ef2012-12-03 13:24:29 +01001748 ERR_clear_error();
Emeric Brun81c00f02012-09-21 14:31:21 +02001749 return 1;
Emeric Brun1eb20ef2012-12-03 13:24:29 +01001750 }
Emeric Brun81c00f02012-09-21 14:31:21 +02001751
Willy Tarreau20879a02012-12-03 16:32:10 +01001752 conn->err_code = CO_ER_SSL_CA_FAIL;
Emeric Brun81c00f02012-09-21 14:31:21 +02001753 return 0;
1754 }
1755
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001756 if (!SSL_SOCK_ST_TO_CRTERROR(ctx->xprt_st))
1757 ctx->xprt_st |= SSL_SOCK_CRTERROR_TO_ST(err);
Emeric Brunf282a812012-09-21 15:27:54 +02001758
Emeric Brun81c00f02012-09-21 14:31:21 +02001759 /* check if certificate error needs to be ignored */
Willy Tarreau731248f2020-02-04 14:02:02 +01001760 if (err < 64 && __objt_listener(conn->target)->bind_conf->crt_ignerr & (1ULL << err)) {
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02001761 ssl_sock_dump_errors(conn);
Emeric Brun1eb20ef2012-12-03 13:24:29 +01001762 ERR_clear_error();
Emeric Brun81c00f02012-09-21 14:31:21 +02001763 return 1;
Emeric Brun1eb20ef2012-12-03 13:24:29 +01001764 }
Emeric Brun81c00f02012-09-21 14:31:21 +02001765
Willy Tarreau20879a02012-12-03 16:32:10 +01001766 conn->err_code = CO_ER_SSL_CRT_FAIL;
Emeric Brun81c00f02012-09-21 14:31:21 +02001767 return 0;
Emeric Brune64aef12012-09-21 13:15:06 +02001768}
1769
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001770static inline
1771void ssl_sock_parse_clienthello(int write_p, int version, int content_type,
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001772 const void *buf, size_t len, SSL *ssl)
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001773{
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001774 struct ssl_capture *capture;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001775 unsigned char *msg;
1776 unsigned char *end;
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001777 size_t rec_len;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001778
1779 /* This function is called for "from client" and "to server"
1780 * connections. The combination of write_p == 0 and content_type == 22
Joseph Herlant017b3da2018-11-15 09:07:59 -08001781 * is only available during "from client" connection.
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001782 */
1783
1784 /* "write_p" is set to 0 is the bytes are received messages,
1785 * otherwise it is set to 1.
1786 */
1787 if (write_p != 0)
1788 return;
1789
1790 /* content_type contains the type of message received or sent
1791 * according with the SSL/TLS protocol spec. This message is
1792 * encoded with one byte. The value 256 (two bytes) is used
1793 * for designing the SSL/TLS record layer. According with the
1794 * rfc6101, the expected message (other than 256) are:
1795 * - change_cipher_spec(20)
1796 * - alert(21)
1797 * - handshake(22)
1798 * - application_data(23)
1799 * - (255)
1800 * We are interessed by the handshake and specially the client
1801 * hello.
1802 */
1803 if (content_type != 22)
1804 return;
1805
1806 /* The message length is at least 4 bytes, containing the
1807 * message type and the message length.
1808 */
1809 if (len < 4)
1810 return;
1811
1812 /* First byte of the handshake message id the type of
1813 * message. The konwn types are:
1814 * - hello_request(0)
1815 * - client_hello(1)
1816 * - server_hello(2)
1817 * - certificate(11)
1818 * - server_key_exchange (12)
1819 * - certificate_request(13)
1820 * - server_hello_done(14)
1821 * We are interested by the client hello.
1822 */
1823 msg = (unsigned char *)buf;
1824 if (msg[0] != 1)
1825 return;
1826
1827 /* Next three bytes are the length of the message. The total length
1828 * must be this decoded length + 4. If the length given as argument
1829 * is not the same, we abort the protocol dissector.
1830 */
1831 rec_len = (msg[1] << 16) + (msg[2] << 8) + msg[3];
1832 if (len < rec_len + 4)
1833 return;
1834 msg += 4;
1835 end = msg + rec_len;
1836 if (end < msg)
1837 return;
1838
1839 /* Expect 2 bytes for protocol version (1 byte for major and 1 byte
1840 * for minor, the random, composed by 4 bytes for the unix time and
Baptiste Assmann6be139f2018-11-28 15:20:25 +01001841 * 28 bytes for unix payload. So we jump 1 + 1 + 4 + 28.
1842 */
1843 msg += 1 + 1 + 4 + 28;
1844 if (msg > end)
1845 return;
1846
1847 /* Next, is session id:
1848 * if present, we have to jump by length + 1 for the size information
1849 * if not present, we have to jump by 1 only
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001850 */
Baptiste Assmann6be139f2018-11-28 15:20:25 +01001851 if (msg[0] > 0)
1852 msg += msg[0];
1853 msg += 1;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001854 if (msg > end)
1855 return;
1856
1857 /* Next two bytes are the ciphersuite length. */
1858 if (msg + 2 > end)
1859 return;
1860 rec_len = (msg[0] << 8) + msg[1];
1861 msg += 2;
1862 if (msg + rec_len > end || msg + rec_len < msg)
1863 return;
1864
Willy Tarreaubafbe012017-11-24 17:34:44 +01001865 capture = pool_alloc_dirty(pool_head_ssl_capture);
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001866 if (!capture)
1867 return;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001868 /* Compute the xxh64 of the ciphersuite. */
1869 capture->xxh64 = XXH64(msg, rec_len, 0);
1870
1871 /* Capture the ciphersuite. */
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001872 capture->ciphersuite_len = (global_ssl.capture_cipherlist < rec_len) ?
1873 global_ssl.capture_cipherlist : rec_len;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001874 memcpy(capture->ciphersuite, msg, capture->ciphersuite_len);
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001875
1876 SSL_set_ex_data(ssl, ssl_capture_ptr_index, capture);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01001877}
1878
Emeric Brun29f037d2014-04-25 19:05:36 +02001879/* Callback is called for ssl protocol analyse */
1880void ssl_sock_msgcbk(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
1881{
Emeric Brun29f037d2014-04-25 19:05:36 +02001882#ifdef TLS1_RT_HEARTBEAT
1883 /* test heartbeat received (write_p is set to 0
1884 for a received record) */
Willy Tarreauf51c6982014-04-25 20:02:39 +02001885 if ((content_type == TLS1_RT_HEARTBEAT) && (write_p == 0)) {
Thierry FOURNIER28962c92018-06-17 21:37:05 +02001886 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
William Lallemand7e1770b2019-05-13 14:31:34 +02001887 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Willy Tarreauf51c6982014-04-25 20:02:39 +02001888 const unsigned char *p = buf;
1889 unsigned int payload;
1890
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01001891 ctx->xprt_st |= SSL_SOCK_RECV_HEARTBEAT;
Willy Tarreauf51c6982014-04-25 20:02:39 +02001892
1893 /* Check if this is a CVE-2014-0160 exploitation attempt. */
1894 if (*p != TLS1_HB_REQUEST)
1895 return;
1896
Willy Tarreauaeed6722014-04-25 23:59:58 +02001897 if (len < 1 + 2 + 16) /* 1 type + 2 size + 0 payload + 16 padding */
Willy Tarreauf51c6982014-04-25 20:02:39 +02001898 goto kill_it;
1899
1900 payload = (p[1] * 256) + p[2];
Willy Tarreau3b2fdb62014-04-25 23:44:22 +02001901 if (3 + payload + 16 <= len)
Willy Tarreauf51c6982014-04-25 20:02:39 +02001902 return; /* OK no problem */
Willy Tarreauaeed6722014-04-25 23:59:58 +02001903 kill_it:
Willy Tarreau3b2fdb62014-04-25 23:44:22 +02001904 /* We have a clear heartbleed attack (CVE-2014-0160), the
1905 * advertised payload is larger than the advertised packet
1906 * length, so we have garbage in the buffer between the
1907 * payload and the end of the buffer (p+len). We can't know
1908 * if the SSL stack is patched, and we don't know if we can
1909 * safely wipe out the area between p+3+len and payload.
1910 * So instead, we prevent the response from being sent by
1911 * setting the max_send_fragment to 0 and we report an SSL
1912 * error, which will kill this connection. It will be reported
1913 * above as SSL_ERROR_SSL while an other handshake failure with
Willy Tarreauf51c6982014-04-25 20:02:39 +02001914 * a heartbeat message will be reported as SSL_ERROR_SYSCALL.
1915 */
Willy Tarreau3b2fdb62014-04-25 23:44:22 +02001916 ssl->max_send_fragment = 0;
Willy Tarreauf51c6982014-04-25 20:02:39 +02001917 SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_SSL_HANDSHAKE_FAILURE);
1918 return;
1919 }
Emeric Brun29f037d2014-04-25 19:05:36 +02001920#endif
Emmanuel Hocdete3804742017-03-08 11:07:10 +01001921 if (global_ssl.capture_cipherlist > 0)
1922 ssl_sock_parse_clienthello(write_p, version, content_type, buf, len, ssl);
Emeric Brun29f037d2014-04-25 19:05:36 +02001923}
1924
Bernard Spil13c53f82018-02-15 13:34:58 +01001925#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Olivier Houchardc7566002018-11-20 23:33:50 +01001926static int ssl_sock_srv_select_protos(SSL *s, unsigned char **out, unsigned char *outlen,
1927 const unsigned char *in, unsigned int inlen,
1928 void *arg)
1929{
1930 struct server *srv = arg;
1931
1932 if (SSL_select_next_proto(out, outlen, in, inlen, (unsigned char *)srv->ssl_ctx.npn_str,
1933 srv->ssl_ctx.npn_len) == OPENSSL_NPN_NEGOTIATED)
1934 return SSL_TLSEXT_ERR_OK;
1935 return SSL_TLSEXT_ERR_NOACK;
1936}
1937#endif
1938
1939#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02001940/* This callback is used so that the server advertises the list of
1941 * negociable protocols for NPN.
1942 */
1943static int ssl_sock_advertise_npn_protos(SSL *s, const unsigned char **data,
1944 unsigned int *len, void *arg)
1945{
Emmanuel Hocdet98263292016-12-29 18:26:15 +01001946 struct ssl_bind_conf *conf = arg;
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02001947
1948 *data = (const unsigned char *)conf->npn_str;
1949 *len = conf->npn_len;
1950 return SSL_TLSEXT_ERR_OK;
1951}
1952#endif
1953
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01001954#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Willy Tarreauab861d32013-04-02 02:30:41 +02001955/* This callback is used so that the server advertises the list of
1956 * negociable protocols for ALPN.
1957 */
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01001958static int ssl_sock_advertise_alpn_protos(SSL *s, const unsigned char **out,
1959 unsigned char *outlen,
1960 const unsigned char *server,
1961 unsigned int server_len, void *arg)
Willy Tarreauab861d32013-04-02 02:30:41 +02001962{
Emmanuel Hocdet98263292016-12-29 18:26:15 +01001963 struct ssl_bind_conf *conf = arg;
Willy Tarreauab861d32013-04-02 02:30:41 +02001964
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01001965 if (SSL_select_next_proto((unsigned char**) out, outlen, (const unsigned char *)conf->alpn_str,
1966 conf->alpn_len, server, server_len) != OPENSSL_NPN_NEGOTIATED) {
1967 return SSL_TLSEXT_ERR_NOACK;
1968 }
Willy Tarreauab861d32013-04-02 02:30:41 +02001969 return SSL_TLSEXT_ERR_OK;
1970}
1971#endif
1972
Willy Tarreauc8ad3be2015-06-17 15:48:26 +02001973#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01001974#ifndef SSL_NO_GENERATE_CERTIFICATES
Christopher Faulet85b5a1a2015-10-09 11:46:32 +02001975
Christopher Faulet30548802015-06-11 13:39:32 +02001976/* Create a X509 certificate with the specified servername and serial. This
1977 * function returns a SSL_CTX object or NULL if an error occurs. */
Christopher Faulet7969a332015-10-09 11:15:03 +02001978static SSL_CTX *
Christopher Faulet635c0ad2015-11-12 11:35:51 +01001979ssl_sock_do_create_cert(const char *servername, struct bind_conf *bind_conf, SSL *ssl)
Christopher Faulet31af49d2015-06-09 17:29:50 +02001980{
Christopher Faulet7969a332015-10-09 11:15:03 +02001981 X509 *cacert = bind_conf->ca_sign_cert;
1982 EVP_PKEY *capkey = bind_conf->ca_sign_pkey;
Christopher Faulet31af49d2015-06-09 17:29:50 +02001983 SSL_CTX *ssl_ctx = NULL;
1984 X509 *newcrt = NULL;
1985 EVP_PKEY *pkey = NULL;
Emmanuel Hocdet15969292017-08-11 10:56:00 +02001986 SSL *tmp_ssl = NULL;
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +02001987 CONF *ctmp = NULL;
Christopher Faulet31af49d2015-06-09 17:29:50 +02001988 X509_NAME *name;
1989 const EVP_MD *digest;
1990 X509V3_CTX ctx;
1991 unsigned int i;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02001992 int key_type;
Christopher Faulet31af49d2015-06-09 17:29:50 +02001993
Christopher Faulet48a83322017-07-28 16:56:09 +02001994 /* Get the private key of the default certificate and use it */
Willy Tarreau5db847a2019-05-09 14:13:35 +02001995#if (HA_OPENSSL_VERSION_NUMBER >= 0x10002000L)
Emmanuel Hocdet15969292017-08-11 10:56:00 +02001996 pkey = SSL_CTX_get0_privatekey(bind_conf->default_ctx);
1997#else
1998 tmp_ssl = SSL_new(bind_conf->default_ctx);
1999 if (tmp_ssl)
2000 pkey = SSL_get_privatekey(tmp_ssl);
2001#endif
2002 if (!pkey)
Christopher Faulet31af49d2015-06-09 17:29:50 +02002003 goto mkcert_error;
2004
2005 /* Create the certificate */
2006 if (!(newcrt = X509_new()))
2007 goto mkcert_error;
2008
2009 /* Set version number for the certificate (X509v3) and the serial
2010 * number */
2011 if (X509_set_version(newcrt, 2L) != 1)
2012 goto mkcert_error;
Olivier Houchard2be5a4c2019-03-08 18:54:43 +01002013 ASN1_INTEGER_set(X509_get_serialNumber(newcrt), _HA_ATOMIC_ADD(&ssl_ctx_serial, 1));
Christopher Faulet31af49d2015-06-09 17:29:50 +02002014
2015 /* Set duration for the certificate */
Rosen Penev68185952018-12-14 08:47:02 -08002016 if (!X509_gmtime_adj(X509_getm_notBefore(newcrt), (long)-60*60*24) ||
2017 !X509_gmtime_adj(X509_getm_notAfter(newcrt),(long)60*60*24*365))
Christopher Faulet31af49d2015-06-09 17:29:50 +02002018 goto mkcert_error;
2019
2020 /* set public key in the certificate */
2021 if (X509_set_pubkey(newcrt, pkey) != 1)
2022 goto mkcert_error;
2023
2024 /* Set issuer name from the CA */
2025 if (!(name = X509_get_subject_name(cacert)))
2026 goto mkcert_error;
2027 if (X509_set_issuer_name(newcrt, name) != 1)
2028 goto mkcert_error;
2029
2030 /* Set the subject name using the same, but the CN */
2031 name = X509_NAME_dup(name);
2032 if (X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC,
2033 (const unsigned char *)servername,
2034 -1, -1, 0) != 1) {
2035 X509_NAME_free(name);
2036 goto mkcert_error;
2037 }
2038 if (X509_set_subject_name(newcrt, name) != 1) {
2039 X509_NAME_free(name);
2040 goto mkcert_error;
2041 }
2042 X509_NAME_free(name);
2043
2044 /* Add x509v3 extensions as specified */
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +02002045 ctmp = NCONF_new(NULL);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002046 X509V3_set_ctx(&ctx, cacert, newcrt, NULL, NULL, 0);
2047 for (i = 0; i < X509V3_EXT_SIZE; i++) {
2048 X509_EXTENSION *ext;
2049
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +02002050 if (!(ext = X509V3_EXT_nconf(ctmp, &ctx, x509v3_ext_names[i], x509v3_ext_values[i])))
Christopher Faulet31af49d2015-06-09 17:29:50 +02002051 goto mkcert_error;
2052 if (!X509_add_ext(newcrt, ext, -1)) {
2053 X509_EXTENSION_free(ext);
2054 goto mkcert_error;
2055 }
2056 X509_EXTENSION_free(ext);
2057 }
2058
2059 /* Sign the certificate with the CA private key */
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002060
2061 key_type = EVP_PKEY_base_id(capkey);
2062
2063 if (key_type == EVP_PKEY_DSA)
2064 digest = EVP_sha1();
2065 else if (key_type == EVP_PKEY_RSA)
Christopher Faulet31af49d2015-06-09 17:29:50 +02002066 digest = EVP_sha256();
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002067 else if (key_type == EVP_PKEY_EC)
Christopher Faulet7969a332015-10-09 11:15:03 +02002068 digest = EVP_sha256();
2069 else {
Willy Tarreau9a1ab082019-05-09 13:26:41 +02002070#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000000fL) && !defined(OPENSSL_IS_BORINGSSL)
Christopher Faulet7969a332015-10-09 11:15:03 +02002071 int nid;
2072
2073 if (EVP_PKEY_get_default_digest_nid(capkey, &nid) <= 0)
2074 goto mkcert_error;
2075 if (!(digest = EVP_get_digestbynid(nid)))
2076 goto mkcert_error;
Christopher Faulete7db2162015-10-19 13:59:24 +02002077#else
2078 goto mkcert_error;
2079#endif
Christopher Faulet7969a332015-10-09 11:15:03 +02002080 }
2081
Christopher Faulet31af49d2015-06-09 17:29:50 +02002082 if (!(X509_sign(newcrt, capkey, digest)))
2083 goto mkcert_error;
2084
2085 /* Create and set the new SSL_CTX */
2086 if (!(ssl_ctx = SSL_CTX_new(SSLv23_server_method())))
2087 goto mkcert_error;
2088 if (!SSL_CTX_use_PrivateKey(ssl_ctx, pkey))
2089 goto mkcert_error;
2090 if (!SSL_CTX_use_certificate(ssl_ctx, newcrt))
2091 goto mkcert_error;
2092 if (!SSL_CTX_check_private_key(ssl_ctx))
2093 goto mkcert_error;
2094
2095 if (newcrt) X509_free(newcrt);
Christopher Faulet7969a332015-10-09 11:15:03 +02002096
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +01002097#ifndef OPENSSL_NO_DH
Christopher Faulet85b5a1a2015-10-09 11:46:32 +02002098 SSL_CTX_set_tmp_dh_callback(ssl_ctx, ssl_get_tmp_dh);
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +01002099#endif
Christopher Faulet85b5a1a2015-10-09 11:46:32 +02002100#if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)
2101 {
Emmanuel Hocdet98263292016-12-29 18:26:15 +01002102 const char *ecdhe = (bind_conf->ssl_conf.ecdhe ? bind_conf->ssl_conf.ecdhe : ECDHE_DEFAULT_CURVE);
Christopher Faulet85b5a1a2015-10-09 11:46:32 +02002103 EC_KEY *ecc;
2104 int nid;
2105
2106 if ((nid = OBJ_sn2nid(ecdhe)) == NID_undef)
2107 goto end;
2108 if (!(ecc = EC_KEY_new_by_curve_name(nid)))
2109 goto end;
2110 SSL_CTX_set_tmp_ecdh(ssl_ctx, ecc);
2111 EC_KEY_free(ecc);
2112 }
2113#endif
2114 end:
Christopher Faulet31af49d2015-06-09 17:29:50 +02002115 return ssl_ctx;
2116
2117 mkcert_error:
Emmanuel Hocdeta9b84022018-10-01 18:41:36 +02002118 if (ctmp) NCONF_free(ctmp);
Emmanuel Hocdet15969292017-08-11 10:56:00 +02002119 if (tmp_ssl) SSL_free(tmp_ssl);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002120 if (ssl_ctx) SSL_CTX_free(ssl_ctx);
2121 if (newcrt) X509_free(newcrt);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002122 return NULL;
2123}
2124
Christopher Faulet7969a332015-10-09 11:15:03 +02002125SSL_CTX *
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002126ssl_sock_create_cert(struct connection *conn, const char *servername, unsigned int key)
Christopher Faulet7969a332015-10-09 11:15:03 +02002127{
Willy Tarreau07d94e42018-09-20 10:57:52 +02002128 struct bind_conf *bind_conf = __objt_listener(conn->target)->bind_conf;
Olivier Houchard66ab4982019-02-26 18:37:15 +01002129 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002130
Olivier Houchard66ab4982019-02-26 18:37:15 +01002131 return ssl_sock_do_create_cert(servername, bind_conf, ctx->ssl);
Christopher Faulet7969a332015-10-09 11:15:03 +02002132}
2133
Christopher Faulet30548802015-06-11 13:39:32 +02002134/* Do a lookup for a certificate in the LRU cache used to store generated
Emeric Brun821bb9b2017-06-15 16:37:39 +02002135 * certificates and immediately assign it to the SSL session if not null. */
Christopher Faulet30548802015-06-11 13:39:32 +02002136SSL_CTX *
Emeric Brun821bb9b2017-06-15 16:37:39 +02002137ssl_sock_assign_generated_cert(unsigned int key, struct bind_conf *bind_conf, SSL *ssl)
Christopher Faulet30548802015-06-11 13:39:32 +02002138{
2139 struct lru64 *lru = NULL;
2140
2141 if (ssl_ctx_lru_tree) {
Willy Tarreau03f4ec42018-05-17 10:56:47 +02002142 HA_RWLOCK_WRLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002143 lru = lru64_lookup(key, ssl_ctx_lru_tree, bind_conf->ca_sign_cert, 0);
Emeric Brun821bb9b2017-06-15 16:37:39 +02002144 if (lru && lru->domain) {
2145 if (ssl)
2146 SSL_set_SSL_CTX(ssl, (SSL_CTX *)lru->data);
Willy Tarreau03f4ec42018-05-17 10:56:47 +02002147 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet30548802015-06-11 13:39:32 +02002148 return (SSL_CTX *)lru->data;
Emeric Brun821bb9b2017-06-15 16:37:39 +02002149 }
Willy Tarreau03f4ec42018-05-17 10:56:47 +02002150 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet30548802015-06-11 13:39:32 +02002151 }
2152 return NULL;
2153}
2154
Emeric Brun821bb9b2017-06-15 16:37:39 +02002155/* Same as <ssl_sock_assign_generated_cert> but without SSL session. This
2156 * function is not thread-safe, it should only be used to check if a certificate
2157 * exists in the lru cache (with no warranty it will not be removed by another
2158 * thread). It is kept for backward compatibility. */
2159SSL_CTX *
2160ssl_sock_get_generated_cert(unsigned int key, struct bind_conf *bind_conf)
2161{
2162 return ssl_sock_assign_generated_cert(key, bind_conf, NULL);
2163}
2164
Christopher Fauletd2cab922015-07-28 16:03:47 +02002165/* Set a certificate int the LRU cache used to store generated
2166 * certificate. Return 0 on success, otherwise -1 */
2167int
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002168ssl_sock_set_generated_cert(SSL_CTX *ssl_ctx, unsigned int key, struct bind_conf *bind_conf)
Christopher Faulet30548802015-06-11 13:39:32 +02002169{
2170 struct lru64 *lru = NULL;
2171
2172 if (ssl_ctx_lru_tree) {
Christopher Faulet2a944ee2017-11-07 10:42:54 +01002173 HA_RWLOCK_WRLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002174 lru = lru64_get(key, ssl_ctx_lru_tree, bind_conf->ca_sign_cert, 0);
Emeric Brun821bb9b2017-06-15 16:37:39 +02002175 if (!lru) {
Christopher Faulet2a944ee2017-11-07 10:42:54 +01002176 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Fauletd2cab922015-07-28 16:03:47 +02002177 return -1;
Emeric Brun821bb9b2017-06-15 16:37:39 +02002178 }
Christopher Faulet30548802015-06-11 13:39:32 +02002179 if (lru->domain && lru->data)
2180 lru->free((SSL_CTX *)lru->data);
Christopher Faulet7969a332015-10-09 11:15:03 +02002181 lru64_commit(lru, ssl_ctx, bind_conf->ca_sign_cert, 0, (void (*)(void *))SSL_CTX_free);
Christopher Faulet2a944ee2017-11-07 10:42:54 +01002182 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Fauletd2cab922015-07-28 16:03:47 +02002183 return 0;
Christopher Faulet30548802015-06-11 13:39:32 +02002184 }
Christopher Fauletd2cab922015-07-28 16:03:47 +02002185 return -1;
Christopher Faulet30548802015-06-11 13:39:32 +02002186}
2187
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002188/* Compute the key of the certificate. */
Christopher Faulet30548802015-06-11 13:39:32 +02002189unsigned int
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002190ssl_sock_generated_cert_key(const void *data, size_t len)
Christopher Faulet30548802015-06-11 13:39:32 +02002191{
2192 return XXH32(data, len, ssl_ctx_lru_seed);
2193}
2194
Willy Tarreau2f63ef42015-10-20 15:16:01 +02002195/* Generate a cert and immediately assign it to the SSL session so that the cert's
2196 * refcount is maintained regardless of the cert's presence in the LRU cache.
2197 */
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002198static int
Christopher Faulet7969a332015-10-09 11:15:03 +02002199ssl_sock_generate_certificate(const char *servername, struct bind_conf *bind_conf, SSL *ssl)
Christopher Faulet31af49d2015-06-09 17:29:50 +02002200{
2201 X509 *cacert = bind_conf->ca_sign_cert;
Christopher Faulet31af49d2015-06-09 17:29:50 +02002202 SSL_CTX *ssl_ctx = NULL;
2203 struct lru64 *lru = NULL;
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002204 unsigned int key;
Christopher Faulet31af49d2015-06-09 17:29:50 +02002205
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002206 key = ssl_sock_generated_cert_key(servername, strlen(servername));
Christopher Faulet31af49d2015-06-09 17:29:50 +02002207 if (ssl_ctx_lru_tree) {
Christopher Faulet2a944ee2017-11-07 10:42:54 +01002208 HA_RWLOCK_WRLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002209 lru = lru64_get(key, ssl_ctx_lru_tree, cacert, 0);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002210 if (lru && lru->domain)
2211 ssl_ctx = (SSL_CTX *)lru->data;
Christopher Fauletd2cab922015-07-28 16:03:47 +02002212 if (!ssl_ctx && lru) {
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002213 ssl_ctx = ssl_sock_do_create_cert(servername, bind_conf, ssl);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002214 lru64_commit(lru, ssl_ctx, cacert, 0, (void (*)(void *))SSL_CTX_free);
Christopher Fauletd2cab922015-07-28 16:03:47 +02002215 }
Willy Tarreau2f63ef42015-10-20 15:16:01 +02002216 SSL_set_SSL_CTX(ssl, ssl_ctx);
Christopher Faulet2a944ee2017-11-07 10:42:54 +01002217 HA_RWLOCK_WRUNLOCK(SSL_GEN_CERTS_LOCK, &ssl_ctx_lru_rwlock);
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002218 return 1;
Christopher Faulet31af49d2015-06-09 17:29:50 +02002219 }
Willy Tarreau2f63ef42015-10-20 15:16:01 +02002220 else {
Christopher Faulet635c0ad2015-11-12 11:35:51 +01002221 ssl_ctx = ssl_sock_do_create_cert(servername, bind_conf, ssl);
Willy Tarreau2f63ef42015-10-20 15:16:01 +02002222 SSL_set_SSL_CTX(ssl, ssl_ctx);
2223 /* No LRU cache, this CTX will be released as soon as the session dies */
2224 SSL_CTX_free(ssl_ctx);
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002225 return 1;
Willy Tarreau2f63ef42015-10-20 15:16:01 +02002226 }
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002227 return 0;
2228}
2229static int
2230ssl_sock_generate_certificate_from_conn(struct bind_conf *bind_conf, SSL *ssl)
2231{
2232 unsigned int key;
Thierry FOURNIER28962c92018-06-17 21:37:05 +02002233 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002234
Willy Tarreauf5bdb642019-07-17 11:29:32 +02002235 if (conn_get_dst(conn)) {
Willy Tarreau085a1512019-07-17 14:47:35 +02002236 key = ssl_sock_generated_cert_key(conn->dst, get_addr_len(conn->dst));
Emeric Brun821bb9b2017-06-15 16:37:39 +02002237 if (ssl_sock_assign_generated_cert(key, bind_conf, ssl))
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002238 return 1;
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002239 }
2240 return 0;
Christopher Faulet31af49d2015-06-09 17:29:50 +02002241}
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002242#endif /* !defined SSL_NO_GENERATE_CERTIFICATES */
Christopher Faulet31af49d2015-06-09 17:29:50 +02002243
Willy Tarreau9a1ab082019-05-09 13:26:41 +02002244#if (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002245typedef enum { SET_CLIENT, SET_SERVER } set_context_func;
2246
2247static void ctx_set_SSLv3_func(SSL_CTX *ctx, set_context_func c)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002248{
Emmanuel Hocdet23877ab2017-07-12 12:53:02 +02002249#if SSL_OP_NO_SSLv3
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002250 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, SSLv3_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002251 : SSL_CTX_set_ssl_version(ctx, SSLv3_client_method());
2252#endif
2253}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002254static void ctx_set_TLSv10_func(SSL_CTX *ctx, set_context_func c) {
2255 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, TLSv1_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002256 : SSL_CTX_set_ssl_version(ctx, TLSv1_client_method());
2257}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002258static void ctx_set_TLSv11_func(SSL_CTX *ctx, set_context_func c) {
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002259#if SSL_OP_NO_TLSv1_1
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002260 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, TLSv1_1_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002261 : SSL_CTX_set_ssl_version(ctx, TLSv1_1_client_method());
2262#endif
2263}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002264static void ctx_set_TLSv12_func(SSL_CTX *ctx, set_context_func c) {
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002265#if SSL_OP_NO_TLSv1_2
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002266 c == SET_SERVER ? SSL_CTX_set_ssl_version(ctx, TLSv1_2_server_method())
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002267 : SSL_CTX_set_ssl_version(ctx, TLSv1_2_client_method());
2268#endif
2269}
Bertrand Jacquina25282b2018-08-14 00:56:13 +01002270/* TLSv1.2 is the last supported version in this context. */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002271static void ctx_set_TLSv13_func(SSL_CTX *ctx, set_context_func c) {}
2272/* Unusable in this context. */
2273static void ssl_set_SSLv3_func(SSL *ssl, set_context_func c) {}
2274static void ssl_set_TLSv10_func(SSL *ssl, set_context_func c) {}
2275static void ssl_set_TLSv11_func(SSL *ssl, set_context_func c) {}
2276static void ssl_set_TLSv12_func(SSL *ssl, set_context_func c) {}
2277static void ssl_set_TLSv13_func(SSL *ssl, set_context_func c) {}
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002278#else /* openssl >= 1.1.0 */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002279typedef enum { SET_MIN, SET_MAX } set_context_func;
2280
2281static void ctx_set_SSLv3_func(SSL_CTX *ctx, set_context_func c) {
2282 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, SSL3_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002283 : SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION);
2284}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002285static void ssl_set_SSLv3_func(SSL *ssl, set_context_func c) {
2286 c == SET_MAX ? SSL_set_max_proto_version(ssl, SSL3_VERSION)
2287 : SSL_set_min_proto_version(ssl, SSL3_VERSION);
2288}
2289static void ctx_set_TLSv10_func(SSL_CTX *ctx, set_context_func c) {
2290 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002291 : SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION);
2292}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002293static void ssl_set_TLSv10_func(SSL *ssl, set_context_func c) {
2294 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_VERSION)
2295 : SSL_set_min_proto_version(ssl, TLS1_VERSION);
2296}
2297static void ctx_set_TLSv11_func(SSL_CTX *ctx, set_context_func c) {
2298 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_1_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002299 : SSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION);
2300}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002301static void ssl_set_TLSv11_func(SSL *ssl, set_context_func c) {
2302 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_1_VERSION)
2303 : SSL_set_min_proto_version(ssl, TLS1_1_VERSION);
2304}
2305static void ctx_set_TLSv12_func(SSL_CTX *ctx, set_context_func c) {
2306 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002307 : SSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION);
2308}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002309static void ssl_set_TLSv12_func(SSL *ssl, set_context_func c) {
2310 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_2_VERSION)
2311 : SSL_set_min_proto_version(ssl, TLS1_2_VERSION);
2312}
2313static void ctx_set_TLSv13_func(SSL_CTX *ctx, set_context_func c) {
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002314#if SSL_OP_NO_TLSv1_3
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002315 c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_3_VERSION)
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002316 : SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION);
2317#endif
2318}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002319static void ssl_set_TLSv13_func(SSL *ssl, set_context_func c) {
2320#if SSL_OP_NO_TLSv1_3
2321 c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_3_VERSION)
2322 : SSL_set_min_proto_version(ssl, TLS1_3_VERSION);
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002323#endif
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002324}
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002325#endif
2326static void ctx_set_None_func(SSL_CTX *ctx, set_context_func c) { }
2327static void ssl_set_None_func(SSL *ssl, set_context_func c) { }
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002328
2329static struct {
2330 int option;
2331 uint16_t flag;
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002332 void (*ctx_set_version)(SSL_CTX *, set_context_func);
2333 void (*ssl_set_version)(SSL *, set_context_func);
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002334 const char *name;
2335} methodVersions[] = {
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02002336 {0, 0, ctx_set_None_func, ssl_set_None_func, "NONE"}, /* CONF_TLSV_NONE */
2337 {SSL_OP_NO_SSLv3, MC_SSL_O_NO_SSLV3, ctx_set_SSLv3_func, ssl_set_SSLv3_func, "SSLv3"}, /* CONF_SSLV3 */
2338 {SSL_OP_NO_TLSv1, MC_SSL_O_NO_TLSV10, ctx_set_TLSv10_func, ssl_set_TLSv10_func, "TLSv1.0"}, /* CONF_TLSV10 */
2339 {SSL_OP_NO_TLSv1_1, MC_SSL_O_NO_TLSV11, ctx_set_TLSv11_func, ssl_set_TLSv11_func, "TLSv1.1"}, /* CONF_TLSV11 */
2340 {SSL_OP_NO_TLSv1_2, MC_SSL_O_NO_TLSV12, ctx_set_TLSv12_func, ssl_set_TLSv12_func, "TLSv1.2"}, /* CONF_TLSV12 */
2341 {SSL_OP_NO_TLSv1_3, MC_SSL_O_NO_TLSV13, ctx_set_TLSv13_func, ssl_set_TLSv13_func, "TLSv1.3"}, /* CONF_TLSV13 */
Emmanuel Hocdetecb0e232017-05-18 11:56:58 +02002342};
2343
Emmanuel Hocdet530141f2017-03-01 18:54:56 +01002344static void ssl_sock_switchctx_set(SSL *ssl, SSL_CTX *ctx)
2345{
2346 SSL_set_verify(ssl, SSL_CTX_get_verify_mode(ctx), ssl_sock_bind_verifycbk);
2347 SSL_set_client_CA_list(ssl, SSL_dup_CA_list(SSL_CTX_get_client_CA_list(ctx)));
2348 SSL_set_SSL_CTX(ssl, ctx);
2349}
2350
Willy Tarreau5db847a2019-05-09 14:13:35 +02002351#if ((HA_OPENSSL_VERSION_NUMBER >= 0x10101000L) || defined(OPENSSL_IS_BORINGSSL))
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002352
2353static int ssl_sock_switchctx_err_cbk(SSL *ssl, int *al, void *priv)
2354{
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002355 struct bind_conf *s = priv;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002356 (void)al; /* shut gcc stupid warning */
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002357
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002358 if (SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name) || s->generate_certs)
2359 return SSL_TLSEXT_ERR_OK;
2360 return SSL_TLSEXT_ERR_NOACK;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002361}
2362
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002363#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002364static int ssl_sock_switchctx_cbk(const struct ssl_early_callback_ctx *ctx)
2365{
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002366 SSL *ssl = ctx->ssl;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002367#else
2368static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg)
2369{
2370#endif
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002371 struct connection *conn;
2372 struct bind_conf *s;
2373 const uint8_t *extension_data;
2374 size_t extension_len;
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002375 int has_rsa_sig = 0, has_ecdsa_sig = 0;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002376
2377 char *wildp = NULL;
2378 const uint8_t *servername;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002379 size_t servername_len;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002380 struct ebmb_node *node, *n, *node_ecdsa = NULL, *node_rsa = NULL, *node_anonymous = NULL;
Olivier Houchardc2aae742017-09-22 18:26:28 +02002381 int allow_early = 0;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002382 int i;
2383
Thierry FOURNIER28962c92018-06-17 21:37:05 +02002384 conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Willy Tarreaua8825522018-10-15 13:20:07 +02002385 s = __objt_listener(conn->target)->bind_conf;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002386
Olivier Houchard9679ac92017-10-27 14:58:08 +02002387 if (s->ssl_conf.early_data)
Olivier Houchardc2aae742017-09-22 18:26:28 +02002388 allow_early = 1;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002389#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002390 if (SSL_early_callback_ctx_extension_get(ctx, TLSEXT_TYPE_server_name,
2391 &extension_data, &extension_len)) {
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002392#else
2393 if (SSL_client_hello_get0_ext(ssl, TLSEXT_TYPE_server_name, &extension_data, &extension_len)) {
2394#endif
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002395 /*
2396 * The server_name extension was given too much extensibility when it
2397 * was written, so parsing the normal case is a bit complex.
2398 */
2399 size_t len;
2400 if (extension_len <= 2)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002401 goto abort;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002402 /* Extract the length of the supplied list of names. */
2403 len = (*extension_data++) << 8;
2404 len |= *extension_data++;
2405 if (len + 2 != extension_len)
2406 goto abort;
2407 /*
2408 * The list in practice only has a single element, so we only consider
2409 * the first one.
2410 */
2411 if (len == 0 || *extension_data++ != TLSEXT_NAMETYPE_host_name)
2412 goto abort;
2413 extension_len = len - 1;
2414 /* Now we can finally pull out the byte array with the actual hostname. */
2415 if (extension_len <= 2)
2416 goto abort;
2417 len = (*extension_data++) << 8;
2418 len |= *extension_data++;
2419 if (len == 0 || len + 2 > extension_len || len > TLSEXT_MAXLEN_host_name
2420 || memchr(extension_data, 0, len) != NULL)
2421 goto abort;
2422 servername = extension_data;
2423 servername_len = len;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002424 } else {
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002425#if (!defined SSL_NO_GENERATE_CERTIFICATES)
2426 if (s->generate_certs && ssl_sock_generate_certificate_from_conn(s, ssl)) {
Olivier Houchardc2aae742017-09-22 18:26:28 +02002427 goto allow_early;
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002428 }
2429#endif
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002430 /* without SNI extension, is the default_ctx (need SSL_TLSEXT_ERR_NOACK) */
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002431 if (!s->strict_sni) {
William Lallemand21724f02019-11-04 17:56:13 +01002432 HA_RWLOCK_RDLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002433 ssl_sock_switchctx_set(ssl, s->default_ctx);
William Lallemand21724f02019-11-04 17:56:13 +01002434 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Olivier Houchardc2aae742017-09-22 18:26:28 +02002435 goto allow_early;
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002436 }
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002437 goto abort;
2438 }
2439
2440 /* extract/check clientHello informations */
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002441#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002442 if (SSL_early_callback_ctx_extension_get(ctx, TLSEXT_TYPE_signature_algorithms, &extension_data, &extension_len)) {
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002443#else
2444 if (SSL_client_hello_get0_ext(ssl, TLSEXT_TYPE_signature_algorithms, &extension_data, &extension_len)) {
2445#endif
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002446 uint8_t sign;
2447 size_t len;
2448 if (extension_len < 2)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002449 goto abort;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002450 len = (*extension_data++) << 8;
2451 len |= *extension_data++;
2452 if (len + 2 != extension_len)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002453 goto abort;
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002454 if (len % 2 != 0)
2455 goto abort;
2456 for (; len > 0; len -= 2) {
2457 extension_data++; /* hash */
2458 sign = *extension_data++;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002459 switch (sign) {
2460 case TLSEXT_signature_rsa:
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002461 has_rsa_sig = 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002462 break;
2463 case TLSEXT_signature_ecdsa:
2464 has_ecdsa_sig = 1;
2465 break;
2466 default:
2467 continue;
2468 }
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002469 if (has_ecdsa_sig && has_rsa_sig)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002470 break;
2471 }
2472 } else {
Bertrand Jacquina25282b2018-08-14 00:56:13 +01002473 /* without TLSEXT_TYPE_signature_algorithms extension (< TLSv1.2) */
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002474 has_rsa_sig = 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002475 }
2476 if (has_ecdsa_sig) { /* in very rare case: has ecdsa sign but not a ECDSA cipher */
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002477 const SSL_CIPHER *cipher;
2478 size_t len;
2479 const uint8_t *cipher_suites;
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002480 has_ecdsa_sig = 0;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002481#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002482 len = ctx->cipher_suites_len;
2483 cipher_suites = ctx->cipher_suites;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002484#else
2485 len = SSL_client_hello_get0_ciphers(ssl, &cipher_suites);
2486#endif
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002487 if (len % 2 != 0)
2488 goto abort;
2489 for (; len != 0; len -= 2, cipher_suites += 2) {
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002490#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002491 uint16_t cipher_suite = (cipher_suites[0] << 8) | cipher_suites[1];
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002492 cipher = SSL_get_cipher_by_value(cipher_suite);
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002493#else
2494 cipher = SSL_CIPHER_find(ssl, cipher_suites);
2495#endif
Emmanuel Hocdet019f9b12017-10-02 17:12:06 +02002496 if (cipher && SSL_CIPHER_get_auth_nid(cipher) == NID_auth_ecdsa) {
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002497 has_ecdsa_sig = 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002498 break;
2499 }
2500 }
2501 }
2502
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002503 for (i = 0; i < trash.size && i < servername_len; i++) {
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002504 trash.area[i] = tolower(servername[i]);
2505 if (!wildp && (trash.area[i] == '.'))
2506 wildp = &trash.area[i];
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002507 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002508 trash.area[i] = 0;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002509
William Lallemand150bfa82019-09-19 17:12:49 +02002510 HA_RWLOCK_RDLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002511
Emmanuel Hocdet3777e3a2019-11-06 16:05:34 +01002512 for (i = 0; i < 2; i++) {
2513 if (i == 0) /* lookup in full qualified names */
2514 node = ebst_lookup(&s->sni_ctx, trash.area);
2515 else if (i == 1 && wildp) /* lookup in wildcards names */
2516 node = ebst_lookup(&s->sni_w_ctx, wildp);
2517 else
2518 break;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002519 for (n = node; n; n = ebmb_next_dup(n)) {
Emmanuel Hocdet3777e3a2019-11-06 16:05:34 +01002520 /* lookup a not neg filter */
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002521 if (!container_of(n, struct sni_ctx, name)->neg) {
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02002522 switch(container_of(n, struct sni_ctx, name)->kinfo.sig) {
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002523 case TLSEXT_signature_ecdsa:
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002524 if (!node_ecdsa)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002525 node_ecdsa = n;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002526 break;
2527 case TLSEXT_signature_rsa:
Emmanuel Hocdet9f9b0c62018-09-03 16:29:16 +02002528 if (!node_rsa)
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002529 node_rsa = n;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002530 break;
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02002531 default: /* TLSEXT_signature_anonymous|dsa */
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002532 if (!node_anonymous)
2533 node_anonymous = n;
2534 break;
2535 }
2536 }
2537 }
Emmanuel Hocdet3777e3a2019-11-06 16:05:34 +01002538 /* select by key_signature priority order */
2539 node = (has_ecdsa_sig && node_ecdsa) ? node_ecdsa
2540 : ((has_rsa_sig && node_rsa) ? node_rsa
2541 : (node_anonymous ? node_anonymous
2542 : (node_ecdsa ? node_ecdsa /* no ecdsa signature case (< TLSv1.2) */
2543 : node_rsa /* no rsa signature case (far far away) */
2544 )));
2545 if (node) {
2546 /* switch ctx */
2547 struct ssl_bind_conf *conf = container_of(node, struct sni_ctx, name)->conf;
2548 ssl_sock_switchctx_set(ssl, container_of(node, struct sni_ctx, name)->ctx);
Olivier Houchard35a63cc2017-11-02 19:04:38 +01002549 if (conf) {
2550 methodVersions[conf->ssl_methods.min].ssl_set_version(ssl, SET_MIN);
2551 methodVersions[conf->ssl_methods.max].ssl_set_version(ssl, SET_MAX);
2552 if (conf->early_data)
2553 allow_early = 1;
2554 }
William Lallemand02010472019-10-18 11:02:19 +02002555 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Olivier Houchard35a63cc2017-11-02 19:04:38 +01002556 goto allow_early;
Emmanuel Hocdet3777e3a2019-11-06 16:05:34 +01002557 }
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002558 }
William Lallemand150bfa82019-09-19 17:12:49 +02002559
William Lallemand02010472019-10-18 11:02:19 +02002560 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002561#if (!defined SSL_NO_GENERATE_CERTIFICATES)
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002562 if (s->generate_certs && ssl_sock_generate_certificate(trash.area, s, ssl)) {
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002563 /* switch ctx done in ssl_sock_generate_certificate */
Olivier Houchardc2aae742017-09-22 18:26:28 +02002564 goto allow_early;
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002565 }
2566#endif
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002567 if (!s->strict_sni) {
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002568 /* no certificate match, is the default_ctx */
William Lallemand21724f02019-11-04 17:56:13 +01002569 HA_RWLOCK_RDLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002570 ssl_sock_switchctx_set(ssl, s->default_ctx);
William Lallemand21724f02019-11-04 17:56:13 +01002571 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002572 }
Olivier Houchardc2aae742017-09-22 18:26:28 +02002573allow_early:
2574#ifdef OPENSSL_IS_BORINGSSL
2575 if (allow_early)
2576 SSL_set_early_data_enabled(ssl, 1);
2577#else
2578 if (!allow_early)
2579 SSL_set_max_early_data(ssl, 0);
2580#endif
2581 return 1;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002582 abort:
2583 /* abort handshake (was SSL_TLSEXT_ERR_ALERT_FATAL) */
2584 conn->err_code = CO_ER_SSL_HANDSHAKE;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002585#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet48e87552017-08-16 11:28:44 +02002586 return ssl_select_cert_error;
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02002587#else
2588 *al = SSL_AD_UNRECOGNIZED_NAME;
2589 return 0;
2590#endif
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002591}
2592
2593#else /* OPENSSL_IS_BORINGSSL */
2594
Emeric Brunfc0421f2012-09-07 17:30:07 +02002595/* Sets the SSL ctx of <ssl> to match the advertised server name. Returns a
2596 * warning when no match is found, which implies the default (first) cert
2597 * will keep being used.
2598 */
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002599static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *priv)
Emeric Brunfc0421f2012-09-07 17:30:07 +02002600{
2601 const char *servername;
2602 const char *wildp = NULL;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002603 struct ebmb_node *node, *n;
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002604 struct bind_conf *s = priv;
Emeric Brunfc0421f2012-09-07 17:30:07 +02002605 int i;
2606 (void)al; /* shut gcc stupid warning */
2607
2608 servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
Emmanuel Hocdet65623372013-01-24 17:17:15 +01002609 if (!servername) {
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002610#if (!defined SSL_NO_GENERATE_CERTIFICATES)
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002611 if (s->generate_certs && ssl_sock_generate_certificate_from_conn(s, ssl))
2612 return SSL_TLSEXT_ERR_OK;
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002613#endif
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002614 if (s->strict_sni)
2615 return SSL_TLSEXT_ERR_ALERT_FATAL;
William Lallemand21724f02019-11-04 17:56:13 +01002616 HA_RWLOCK_RDLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002617 ssl_sock_switchctx_set(ssl, s->default_ctx);
William Lallemand21724f02019-11-04 17:56:13 +01002618 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002619 return SSL_TLSEXT_ERR_NOACK;
Emmanuel Hocdet65623372013-01-24 17:17:15 +01002620 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02002621
Willy Tarreau19d14ef2012-10-29 16:51:55 +01002622 for (i = 0; i < trash.size; i++) {
Emeric Brunfc0421f2012-09-07 17:30:07 +02002623 if (!servername[i])
2624 break;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002625 trash.area[i] = tolower(servername[i]);
2626 if (!wildp && (trash.area[i] == '.'))
2627 wildp = &trash.area[i];
Emeric Brunfc0421f2012-09-07 17:30:07 +02002628 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002629 trash.area[i] = 0;
Emeric Brunfc0421f2012-09-07 17:30:07 +02002630
William Lallemand150bfa82019-09-19 17:12:49 +02002631 HA_RWLOCK_RDLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetc5fdf0f2019-11-04 15:49:46 +01002632 node = NULL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02002633 /* lookup in full qualified names */
Emmanuel Hocdetc5fdf0f2019-11-04 15:49:46 +01002634 for (n = ebst_lookup(&s->sni_ctx, trash.area); n; n = ebmb_next_dup(n)) {
2635 /* lookup a not neg filter */
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002636 if (!container_of(n, struct sni_ctx, name)->neg) {
2637 node = n;
2638 break;
Emmanuel Hocdet65623372013-01-24 17:17:15 +01002639 }
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002640 }
2641 if (!node && wildp) {
2642 /* lookup in wildcards names */
Emmanuel Hocdetc5fdf0f2019-11-04 15:49:46 +01002643 for (n = ebst_lookup(&s->sni_w_ctx, wildp); n; n = ebmb_next_dup(n)) {
2644 /* lookup a not neg filter */
2645 if (!container_of(n, struct sni_ctx, name)->neg) {
2646 node = n;
2647 break;
2648 }
2649 }
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002650 }
Emmanuel Hocdetc5fdf0f2019-11-04 15:49:46 +01002651 if (!node) {
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002652#if (!defined SSL_NO_GENERATE_CERTIFICATES)
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02002653 if (s->generate_certs && ssl_sock_generate_certificate(servername, s, ssl)) {
2654 /* switch ctx done in ssl_sock_generate_certificate */
William Lallemand150bfa82019-09-19 17:12:49 +02002655 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Christopher Faulet31af49d2015-06-09 17:29:50 +02002656 return SSL_TLSEXT_ERR_OK;
2657 }
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01002658#endif
William Lallemand21724f02019-11-04 17:56:13 +01002659 if (s->strict_sni) {
2660 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002661 return SSL_TLSEXT_ERR_ALERT_FATAL;
William Lallemand21724f02019-11-04 17:56:13 +01002662 }
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002663 ssl_sock_switchctx_set(ssl, s->default_ctx);
William Lallemand21724f02019-11-04 17:56:13 +01002664 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01002665 return SSL_TLSEXT_ERR_OK;
Emeric Brunfc0421f2012-09-07 17:30:07 +02002666 }
2667
2668 /* switch ctx */
Emmanuel Hocdet530141f2017-03-01 18:54:56 +01002669 ssl_sock_switchctx_set(ssl, container_of(node, struct sni_ctx, name)->ctx);
William Lallemand150bfa82019-09-19 17:12:49 +02002670 HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
Emeric Brunfc0421f2012-09-07 17:30:07 +02002671 return SSL_TLSEXT_ERR_OK;
2672}
Emmanuel Hocdet05942112017-02-20 16:11:50 +01002673#endif /* (!) OPENSSL_IS_BORINGSSL */
Emeric Brunfc0421f2012-09-07 17:30:07 +02002674#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
2675
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002676#ifndef OPENSSL_NO_DH
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002677
2678static DH * ssl_get_dh_1024(void)
2679{
Remi Gacogned3a341a2015-05-29 16:26:17 +02002680 static unsigned char dh1024_p[]={
2681 0xFA,0xF9,0x2A,0x22,0x2A,0xA7,0x7F,0xE1,0x67,0x4E,0x53,0xF7,
2682 0x56,0x13,0xC3,0xB1,0xE3,0x29,0x6B,0x66,0x31,0x6A,0x7F,0xB3,
2683 0xC2,0x68,0x6B,0xCB,0x1D,0x57,0x39,0x1D,0x1F,0xFF,0x1C,0xC9,
2684 0xA6,0xA4,0x98,0x82,0x31,0x5D,0x25,0xFF,0x8A,0xE0,0x73,0x96,
2685 0x81,0xC8,0x83,0x79,0xC1,0x5A,0x04,0xF8,0x37,0x0D,0xA8,0x3D,
2686 0xAE,0x74,0xBC,0xDB,0xB6,0xA4,0x75,0xD9,0x71,0x8A,0xA0,0x17,
2687 0x9E,0x2D,0xC8,0xA8,0xDF,0x2C,0x5F,0x82,0x95,0xF8,0x92,0x9B,
2688 0xA7,0x33,0x5F,0x89,0x71,0xC8,0x2D,0x6B,0x18,0x86,0xC4,0x94,
2689 0x22,0xA5,0x52,0x8D,0xF6,0xF6,0xD2,0x37,0x92,0x0F,0xA5,0xCC,
2690 0xDB,0x7B,0x1D,0x3D,0xA1,0x31,0xB7,0x80,0x8F,0x0B,0x67,0x5E,
2691 0x36,0xA5,0x60,0x0C,0xF1,0x95,0x33,0x8B,
2692 };
2693 static unsigned char dh1024_g[]={
2694 0x02,
2695 };
2696
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002697 BIGNUM *p;
2698 BIGNUM *g;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002699 DH *dh = DH_new();
2700 if (dh) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002701 p = BN_bin2bn(dh1024_p, sizeof dh1024_p, NULL);
2702 g = BN_bin2bn(dh1024_g, sizeof dh1024_g, NULL);
Remi Gacogned3a341a2015-05-29 16:26:17 +02002703
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002704 if (!p || !g) {
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002705 DH_free(dh);
2706 dh = NULL;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002707 } else {
2708 DH_set0_pqg(dh, p, NULL, g);
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002709 }
2710 }
2711 return dh;
2712}
2713
2714static DH *ssl_get_dh_2048(void)
2715{
Remi Gacogned3a341a2015-05-29 16:26:17 +02002716 static unsigned char dh2048_p[]={
2717 0xEC,0x86,0xF8,0x70,0xA0,0x33,0x16,0xEC,0x05,0x1A,0x73,0x59,
2718 0xCD,0x1F,0x8B,0xF8,0x29,0xE4,0xD2,0xCF,0x52,0xDD,0xC2,0x24,
2719 0x8D,0xB5,0x38,0x9A,0xFB,0x5C,0xA4,0xE4,0xB2,0xDA,0xCE,0x66,
2720 0x50,0x74,0xA6,0x85,0x4D,0x4B,0x1D,0x30,0xB8,0x2B,0xF3,0x10,
2721 0xE9,0xA7,0x2D,0x05,0x71,0xE7,0x81,0xDF,0x8B,0x59,0x52,0x3B,
2722 0x5F,0x43,0x0B,0x68,0xF1,0xDB,0x07,0xBE,0x08,0x6B,0x1B,0x23,
2723 0xEE,0x4D,0xCC,0x9E,0x0E,0x43,0xA0,0x1E,0xDF,0x43,0x8C,0xEC,
2724 0xBE,0xBE,0x90,0xB4,0x51,0x54,0xB9,0x2F,0x7B,0x64,0x76,0x4E,
2725 0x5D,0xD4,0x2E,0xAE,0xC2,0x9E,0xAE,0x51,0x43,0x59,0xC7,0x77,
2726 0x9C,0x50,0x3C,0x0E,0xED,0x73,0x04,0x5F,0xF1,0x4C,0x76,0x2A,
2727 0xD8,0xF8,0xCF,0xFC,0x34,0x40,0xD1,0xB4,0x42,0x61,0x84,0x66,
2728 0x42,0x39,0x04,0xF8,0x68,0xB2,0x62,0xD7,0x55,0xED,0x1B,0x74,
2729 0x75,0x91,0xE0,0xC5,0x69,0xC1,0x31,0x5C,0xDB,0x7B,0x44,0x2E,
2730 0xCE,0x84,0x58,0x0D,0x1E,0x66,0x0C,0xC8,0x44,0x9E,0xFD,0x40,
2731 0x08,0x67,0x5D,0xFB,0xA7,0x76,0x8F,0x00,0x11,0x87,0xE9,0x93,
2732 0xF9,0x7D,0xC4,0xBC,0x74,0x55,0x20,0xD4,0x4A,0x41,0x2F,0x43,
2733 0x42,0x1A,0xC1,0xF2,0x97,0x17,0x49,0x27,0x37,0x6B,0x2F,0x88,
2734 0x7E,0x1C,0xA0,0xA1,0x89,0x92,0x27,0xD9,0x56,0x5A,0x71,0xC1,
2735 0x56,0x37,0x7E,0x3A,0x9D,0x05,0xE7,0xEE,0x5D,0x8F,0x82,0x17,
2736 0xBC,0xE9,0xC2,0x93,0x30,0x82,0xF9,0xF4,0xC9,0xAE,0x49,0xDB,
2737 0xD0,0x54,0xB4,0xD9,0x75,0x4D,0xFA,0x06,0xB8,0xD6,0x38,0x41,
2738 0xB7,0x1F,0x77,0xF3,
2739 };
2740 static unsigned char dh2048_g[]={
2741 0x02,
2742 };
2743
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002744 BIGNUM *p;
2745 BIGNUM *g;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002746 DH *dh = DH_new();
2747 if (dh) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002748 p = BN_bin2bn(dh2048_p, sizeof dh2048_p, NULL);
2749 g = BN_bin2bn(dh2048_g, sizeof dh2048_g, NULL);
Remi Gacogned3a341a2015-05-29 16:26:17 +02002750
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002751 if (!p || !g) {
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002752 DH_free(dh);
2753 dh = NULL;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002754 } else {
2755 DH_set0_pqg(dh, p, NULL, g);
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002756 }
2757 }
2758 return dh;
2759}
2760
2761static DH *ssl_get_dh_4096(void)
2762{
Remi Gacogned3a341a2015-05-29 16:26:17 +02002763 static unsigned char dh4096_p[]={
2764 0xDE,0x16,0x94,0xCD,0x99,0x58,0x07,0xF1,0xF7,0x32,0x96,0x11,
2765 0x04,0x82,0xD4,0x84,0x72,0x80,0x99,0x06,0xCA,0xF0,0xA3,0x68,
2766 0x07,0xCE,0x64,0x50,0xE7,0x74,0x45,0x20,0x80,0x5E,0x4D,0xAD,
2767 0xA5,0xB6,0xED,0xFA,0x80,0x6C,0x3B,0x35,0xC4,0x9A,0x14,0x6B,
2768 0x32,0xBB,0xFD,0x1F,0x17,0x8E,0xB7,0x1F,0xD6,0xFA,0x3F,0x7B,
2769 0xEE,0x16,0xA5,0x62,0x33,0x0D,0xED,0xBC,0x4E,0x58,0xE5,0x47,
2770 0x4D,0xE9,0xAB,0x8E,0x38,0xD3,0x6E,0x90,0x57,0xE3,0x22,0x15,
2771 0x33,0xBD,0xF6,0x43,0x45,0xB5,0x10,0x0A,0xBE,0x2C,0xB4,0x35,
2772 0xB8,0x53,0x8D,0xAD,0xFB,0xA7,0x1F,0x85,0x58,0x41,0x7A,0x79,
2773 0x20,0x68,0xB3,0xE1,0x3D,0x08,0x76,0xBF,0x86,0x0D,0x49,0xE3,
2774 0x82,0x71,0x8C,0xB4,0x8D,0x81,0x84,0xD4,0xE7,0xBE,0x91,0xDC,
2775 0x26,0x39,0x48,0x0F,0x35,0xC4,0xCA,0x65,0xE3,0x40,0x93,0x52,
2776 0x76,0x58,0x7D,0xDD,0x51,0x75,0xDC,0x69,0x61,0xBF,0x47,0x2C,
2777 0x16,0x68,0x2D,0xC9,0x29,0xD3,0xE6,0xC0,0x99,0x48,0xA0,0x9A,
2778 0xC8,0x78,0xC0,0x6D,0x81,0x67,0x12,0x61,0x3F,0x71,0xBA,0x41,
2779 0x1F,0x6C,0x89,0x44,0x03,0xBA,0x3B,0x39,0x60,0xAA,0x28,0x55,
2780 0x59,0xAE,0xB8,0xFA,0xCB,0x6F,0xA5,0x1A,0xF7,0x2B,0xDD,0x52,
2781 0x8A,0x8B,0xE2,0x71,0xA6,0x5E,0x7E,0xD8,0x2E,0x18,0xE0,0x66,
2782 0xDF,0xDD,0x22,0x21,0x99,0x52,0x73,0xA6,0x33,0x20,0x65,0x0E,
2783 0x53,0xE7,0x6B,0x9B,0xC5,0xA3,0x2F,0x97,0x65,0x76,0xD3,0x47,
2784 0x23,0x77,0x12,0xB6,0x11,0x7B,0x24,0xED,0xF1,0xEF,0xC0,0xE2,
2785 0xA3,0x7E,0x67,0x05,0x3E,0x96,0x4D,0x45,0xC2,0x18,0xD1,0x73,
2786 0x9E,0x07,0xF3,0x81,0x6E,0x52,0x63,0xF6,0x20,0x76,0xB9,0x13,
2787 0xD2,0x65,0x30,0x18,0x16,0x09,0x16,0x9E,0x8F,0xF1,0xD2,0x10,
2788 0x5A,0xD3,0xD4,0xAF,0x16,0x61,0xDA,0x55,0x2E,0x18,0x5E,0x14,
2789 0x08,0x54,0x2E,0x2A,0x25,0xA2,0x1A,0x9B,0x8B,0x32,0xA9,0xFD,
2790 0xC2,0x48,0x96,0xE1,0x80,0xCA,0xE9,0x22,0x17,0xBB,0xCE,0x3E,
2791 0x9E,0xED,0xC7,0xF1,0x1F,0xEC,0x17,0x21,0xDC,0x7B,0x82,0x48,
2792 0x8E,0xBB,0x4B,0x9D,0x5B,0x04,0x04,0xDA,0xDB,0x39,0xDF,0x01,
2793 0x40,0xC3,0xAA,0x26,0x23,0x89,0x75,0xC6,0x0B,0xD0,0xA2,0x60,
2794 0x6A,0xF1,0xCC,0x65,0x18,0x98,0x1B,0x52,0xD2,0x74,0x61,0xCC,
2795 0xBD,0x60,0xAE,0xA3,0xA0,0x66,0x6A,0x16,0x34,0x92,0x3F,0x41,
2796 0x40,0x31,0x29,0xC0,0x2C,0x63,0xB2,0x07,0x8D,0xEB,0x94,0xB8,
2797 0xE8,0x47,0x92,0x52,0x93,0x6A,0x1B,0x7E,0x1A,0x61,0xB3,0x1B,
2798 0xF0,0xD6,0x72,0x9B,0xF1,0xB0,0xAF,0xBF,0x3E,0x65,0xEF,0x23,
2799 0x1D,0x6F,0xFF,0x70,0xCD,0x8A,0x4C,0x8A,0xA0,0x72,0x9D,0xBE,
2800 0xD4,0xBB,0x24,0x47,0x4A,0x68,0xB5,0xF5,0xC6,0xD5,0x7A,0xCD,
2801 0xCA,0x06,0x41,0x07,0xAD,0xC2,0x1E,0xE6,0x54,0xA7,0xAD,0x03,
2802 0xD9,0x12,0xC1,0x9C,0x13,0xB1,0xC9,0x0A,0x43,0x8E,0x1E,0x08,
2803 0xCE,0x50,0x82,0x73,0x5F,0xA7,0x55,0x1D,0xD9,0x59,0xAC,0xB5,
2804 0xEA,0x02,0x7F,0x6C,0x5B,0x74,0x96,0x98,0x67,0x24,0xA3,0x0F,
2805 0x15,0xFC,0xA9,0x7D,0x3E,0x67,0xD1,0x70,0xF8,0x97,0xF3,0x67,
2806 0xC5,0x8C,0x88,0x44,0x08,0x02,0xC7,0x2B,
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002807 };
Remi Gacogned3a341a2015-05-29 16:26:17 +02002808 static unsigned char dh4096_g[]={
2809 0x02,
2810 };
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002811
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002812 BIGNUM *p;
2813 BIGNUM *g;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002814 DH *dh = DH_new();
2815 if (dh) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002816 p = BN_bin2bn(dh4096_p, sizeof dh4096_p, NULL);
2817 g = BN_bin2bn(dh4096_g, sizeof dh4096_g, NULL);
Remi Gacogned3a341a2015-05-29 16:26:17 +02002818
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002819 if (!p || !g) {
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002820 DH_free(dh);
2821 dh = NULL;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002822 } else {
2823 DH_set0_pqg(dh, p, NULL, g);
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002824 }
2825 }
2826 return dh;
2827}
2828
2829/* Returns Diffie-Hellman parameters matching the private key length
Willy Tarreauef934602016-12-22 23:12:01 +01002830 but not exceeding global_ssl.default_dh_param */
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002831static DH *ssl_get_tmp_dh(SSL *ssl, int export, int keylen)
2832{
2833 DH *dh = NULL;
2834 EVP_PKEY *pkey = SSL_get_privatekey(ssl);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02002835 int type;
2836
2837 type = pkey ? EVP_PKEY_base_id(pkey) : EVP_PKEY_NONE;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002838
2839 /* The keylen supplied by OpenSSL can only be 512 or 1024.
2840 See ssl3_send_server_key_exchange() in ssl/s3_srvr.c
2841 */
2842 if (type == EVP_PKEY_RSA || type == EVP_PKEY_DSA) {
2843 keylen = EVP_PKEY_bits(pkey);
2844 }
2845
Willy Tarreauef934602016-12-22 23:12:01 +01002846 if (keylen > global_ssl.default_dh_param) {
2847 keylen = global_ssl.default_dh_param;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002848 }
2849
Remi Gacogned3a341a2015-05-29 16:26:17 +02002850 if (keylen >= 4096) {
Remi Gacogne8de54152014-07-15 11:36:40 +02002851 dh = local_dh_4096;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002852 }
2853 else if (keylen >= 2048) {
Remi Gacogne8de54152014-07-15 11:36:40 +02002854 dh = local_dh_2048;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002855 }
2856 else {
Remi Gacogne8de54152014-07-15 11:36:40 +02002857 dh = local_dh_1024;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02002858 }
2859
2860 return dh;
2861}
2862
Remi Gacogne47783ef2015-05-29 15:53:22 +02002863static DH * ssl_sock_get_dh_from_file(const char *filename)
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002864{
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002865 DH *dh = NULL;
Remi Gacogne47783ef2015-05-29 15:53:22 +02002866 BIO *in = BIO_new(BIO_s_file());
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002867
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002868 if (in == NULL)
2869 goto end;
2870
Remi Gacogne47783ef2015-05-29 15:53:22 +02002871 if (BIO_read_filename(in, filename) <= 0)
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002872 goto end;
2873
Remi Gacogne47783ef2015-05-29 15:53:22 +02002874 dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
2875
2876end:
2877 if (in)
2878 BIO_free(in);
2879
Emeric Brune1b4ed42018-08-16 15:14:12 +02002880 ERR_clear_error();
2881
Remi Gacogne47783ef2015-05-29 15:53:22 +02002882 return dh;
2883}
2884
2885int ssl_sock_load_global_dh_param_from_file(const char *filename)
2886{
2887 global_dh = ssl_sock_get_dh_from_file(filename);
2888
2889 if (global_dh) {
2890 return 0;
2891 }
2892
2893 return -1;
2894}
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02002895#endif
2896
William Lallemand9117de92019-10-04 00:29:42 +02002897/* Alloc and init a ckch_inst */
2898static struct ckch_inst *ckch_inst_new()
2899{
2900 struct ckch_inst *ckch_inst;
2901
2902 ckch_inst = calloc(1, sizeof *ckch_inst);
2903 if (ckch_inst)
2904 LIST_INIT(&ckch_inst->sni_ctx);
2905
2906 return ckch_inst;
2907}
2908
2909
2910/* This function allocates a sni_ctx and adds it to the ckch_inst */
William Lallemand1d29c742019-10-04 00:53:29 +02002911static int ckch_inst_add_cert_sni(SSL_CTX *ctx, struct ckch_inst *ckch_inst,
William Lallemand9117de92019-10-04 00:29:42 +02002912 struct bind_conf *s, struct ssl_bind_conf *conf,
2913 struct pkey_info kinfo, char *name, int order)
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01002914{
2915 struct sni_ctx *sc;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002916 int wild = 0, neg = 0;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01002917
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002918 if (*name == '!') {
2919 neg = 1;
2920 name++;
2921 }
2922 if (*name == '*') {
2923 wild = 1;
2924 name++;
2925 }
2926 /* !* filter is a nop */
2927 if (neg && wild)
2928 return order;
2929 if (*name) {
2930 int j, len;
2931 len = strlen(name);
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +02002932 for (j = 0; j < len && j < trash.size; j++)
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002933 trash.area[j] = tolower(name[j]);
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +02002934 if (j >= trash.size)
William Lallemandfe49bb32019-10-03 23:46:33 +02002935 return -1;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002936 trash.area[j] = 0;
Thierry FOURNIER / OZON.IO07c3d782016-10-06 10:56:48 +02002937
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01002938 sc = malloc(sizeof(struct sni_ctx) + len + 1);
Thierry FOURNIER / OZON.IO7a3bd3b2016-10-06 10:35:29 +02002939 if (!sc)
William Lallemandfe49bb32019-10-03 23:46:33 +02002940 return -1;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02002941 memcpy(sc->name.key, trash.area, len + 1);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01002942 sc->ctx = ctx;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01002943 sc->conf = conf;
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02002944 sc->kinfo = kinfo;
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02002945 sc->order = order++;
2946 sc->neg = neg;
William Lallemand1d29c742019-10-04 00:53:29 +02002947 sc->wild = wild;
2948 sc->name.node.leaf_p = NULL;
William Lallemand1d29c742019-10-04 00:53:29 +02002949 LIST_ADDQ(&ckch_inst->sni_ctx, &sc->by_ckch_inst);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01002950 }
2951 return order;
2952}
2953
William Lallemand6af03992019-07-23 15:00:54 +02002954/*
William Lallemand1d29c742019-10-04 00:53:29 +02002955 * Insert the sni_ctxs that are listed in the ckch_inst, in the bind_conf's sni_ctx tree
2956 * This function can't return an error.
2957 *
2958 * *CAUTION*: The caller must lock the sni tree if called in multithreading mode
2959 */
2960static void ssl_sock_load_cert_sni(struct ckch_inst *ckch_inst, struct bind_conf *bind_conf)
2961{
2962
2963 struct sni_ctx *sc0, *sc0b, *sc1;
2964 struct ebmb_node *node;
William Lallemand21724f02019-11-04 17:56:13 +01002965 int def = 0;
William Lallemand1d29c742019-10-04 00:53:29 +02002966
2967 list_for_each_entry_safe(sc0, sc0b, &ckch_inst->sni_ctx, by_ckch_inst) {
2968
2969 /* ignore if sc0 was already inserted in a tree */
2970 if (sc0->name.node.leaf_p)
2971 continue;
2972
2973 /* Check for duplicates. */
2974 if (sc0->wild)
2975 node = ebst_lookup(&bind_conf->sni_w_ctx, (char *)sc0->name.key);
2976 else
2977 node = ebst_lookup(&bind_conf->sni_ctx, (char *)sc0->name.key);
2978
2979 for (; node; node = ebmb_next_dup(node)) {
2980 sc1 = ebmb_entry(node, struct sni_ctx, name);
2981 if (sc1->ctx == sc0->ctx && sc1->conf == sc0->conf
2982 && sc1->neg == sc0->neg && sc1->wild == sc0->wild) {
2983 /* it's a duplicate, we should remove and free it */
2984 LIST_DEL(&sc0->by_ckch_inst);
2985 free(sc0);
2986 sc0 = NULL;
William Lallemande15029b2019-10-14 10:46:58 +02002987 break;
William Lallemand1d29c742019-10-04 00:53:29 +02002988 }
2989 }
2990
2991 /* if duplicate, ignore the insertion */
2992 if (!sc0)
2993 continue;
2994
2995 if (sc0->wild)
2996 ebst_insert(&bind_conf->sni_w_ctx, &sc0->name);
2997 else
2998 ebst_insert(&bind_conf->sni_ctx, &sc0->name);
William Lallemand21724f02019-11-04 17:56:13 +01002999
3000 /* replace the default_ctx if required with the first ctx */
3001 if (ckch_inst->is_default && !def) {
3002 /* we don't need to free the default_ctx because the refcount was not incremented */
3003 bind_conf->default_ctx = sc0->ctx;
3004 def = 1;
3005 }
William Lallemand1d29c742019-10-04 00:53:29 +02003006 }
3007}
3008
3009/*
William Lallemande3af8fb2019-10-08 11:36:53 +02003010 * tree used to store the ckchs ordered by filename/bundle name
William Lallemand6af03992019-07-23 15:00:54 +02003011 */
William Lallemande3af8fb2019-10-08 11:36:53 +02003012struct eb_root ckchs_tree = EB_ROOT_UNIQUE;
William Lallemand6af03992019-07-23 15:00:54 +02003013
William Lallemandfa892222019-07-23 16:06:08 +02003014
Emeric Brun7a883362019-10-17 13:27:40 +02003015/* Loads Diffie-Hellman parameter from a ckchs to an SSL_CTX.
3016 * If there is no DH paramater availaible in the ckchs, the global
3017 * DH parameter is loaded into the SSL_CTX and if there is no
3018 * DH parameter available in ckchs nor in global, the default
3019 * DH parameters are applied on the SSL_CTX.
3020 * Returns a bitfield containing the flags:
3021 * ERR_FATAL in any fatal error case
3022 * ERR_ALERT if a reason of the error is availabine in err
3023 * ERR_WARN if a warning is available into err
3024 * The value 0 means there is no error nor warning and
3025 * the operation succeed.
3026 */
William Lallemandfa892222019-07-23 16:06:08 +02003027#ifndef OPENSSL_NO_DH
Emeric Brun7a883362019-10-17 13:27:40 +02003028static int ssl_sock_load_dh_params(SSL_CTX *ctx, const struct cert_key_and_chain *ckch,
3029 const char *path, char **err)
William Lallemandfa892222019-07-23 16:06:08 +02003030{
Emeric Brun7a883362019-10-17 13:27:40 +02003031 int ret = 0;
William Lallemandfa892222019-07-23 16:06:08 +02003032 DH *dh = NULL;
3033
William Lallemanda8c73742019-07-31 18:31:34 +02003034 if (ckch && ckch->dh) {
William Lallemandfa892222019-07-23 16:06:08 +02003035 dh = ckch->dh;
Emeric Bruna9363eb2019-10-17 14:53:03 +02003036 if (!SSL_CTX_set_tmp_dh(ctx, dh)) {
3037 memprintf(err, "%sunable to load the DH parameter specified in '%s'",
3038 err && *err ? *err : "", path);
3039#if defined(SSL_CTX_set_dh_auto)
3040 SSL_CTX_set_dh_auto(ctx, 1);
3041 memprintf(err, "%s, SSL library will use an automatically generated DH parameter.\n",
3042 err && *err ? *err : "");
3043#else
3044 memprintf(err, "%s, DH ciphers won't be available.\n",
3045 err && *err ? *err : "");
3046#endif
3047 ret |= ERR_WARN;
3048 goto end;
3049 }
William Lallemandfa892222019-07-23 16:06:08 +02003050
3051 if (ssl_dh_ptr_index >= 0) {
3052 /* store a pointer to the DH params to avoid complaining about
3053 ssl-default-dh-param not being set for this SSL_CTX */
3054 SSL_CTX_set_ex_data(ctx, ssl_dh_ptr_index, dh);
3055 }
3056 }
3057 else if (global_dh) {
Emeric Bruna9363eb2019-10-17 14:53:03 +02003058 if (!SSL_CTX_set_tmp_dh(ctx, global_dh)) {
3059 memprintf(err, "%sunable to use the global DH parameter for certificate '%s'",
3060 err && *err ? *err : "", path);
3061#if defined(SSL_CTX_set_dh_auto)
3062 SSL_CTX_set_dh_auto(ctx, 1);
3063 memprintf(err, "%s, SSL library will use an automatically generated DH parameter.\n",
3064 err && *err ? *err : "");
3065#else
3066 memprintf(err, "%s, DH ciphers won't be available.\n",
3067 err && *err ? *err : "");
3068#endif
3069 ret |= ERR_WARN;
3070 goto end;
3071 }
William Lallemandfa892222019-07-23 16:06:08 +02003072 }
3073 else {
3074 /* Clear openssl global errors stack */
3075 ERR_clear_error();
3076
3077 if (global_ssl.default_dh_param <= 1024) {
3078 /* we are limited to DH parameter of 1024 bits anyway */
3079 if (local_dh_1024 == NULL)
3080 local_dh_1024 = ssl_get_dh_1024();
3081
Emeric Brun7a883362019-10-17 13:27:40 +02003082 if (local_dh_1024 == NULL) {
3083 memprintf(err, "%sunable to load default 1024 bits DH parameter for certificate '%s'.\n",
3084 err && *err ? *err : "", path);
3085 ret |= ERR_ALERT | ERR_FATAL;
William Lallemandfa892222019-07-23 16:06:08 +02003086 goto end;
Emeric Brun7a883362019-10-17 13:27:40 +02003087 }
William Lallemandfa892222019-07-23 16:06:08 +02003088
Emeric Bruna9363eb2019-10-17 14:53:03 +02003089 if (!SSL_CTX_set_tmp_dh(ctx, local_dh_1024)) {
3090 memprintf(err, "%sunable to load default 1024 bits DH parameter for certificate '%s'.\n",
3091 err && *err ? *err : "", path);
3092#if defined(SSL_CTX_set_dh_auto)
3093 SSL_CTX_set_dh_auto(ctx, 1);
3094 memprintf(err, "%s, SSL library will use an automatically generated DH parameter.\n",
3095 err && *err ? *err : "");
3096#else
3097 memprintf(err, "%s, DH ciphers won't be available.\n",
3098 err && *err ? *err : "");
3099#endif
3100 ret |= ERR_WARN;
3101 goto end;
3102 }
William Lallemandfa892222019-07-23 16:06:08 +02003103 }
3104 else {
3105 SSL_CTX_set_tmp_dh_callback(ctx, ssl_get_tmp_dh);
3106 }
William Lallemandfa892222019-07-23 16:06:08 +02003107 }
3108
3109end:
William Lallemand4dd145a2020-02-05 11:46:33 +01003110 ERR_clear_error();
William Lallemandfa892222019-07-23 16:06:08 +02003111 return ret;
3112}
3113#endif
yanbzhu08ce6ab2015-12-02 13:01:29 -05003114
yanbzhu488a4d22015-12-01 15:16:07 -05003115/* Frees the contents of a cert_key_and_chain
3116 */
3117static void ssl_sock_free_cert_key_and_chain_contents(struct cert_key_and_chain *ckch)
3118{
yanbzhu488a4d22015-12-01 15:16:07 -05003119 if (!ckch)
3120 return;
3121
3122 /* Free the certificate and set pointer to NULL */
3123 if (ckch->cert)
3124 X509_free(ckch->cert);
3125 ckch->cert = NULL;
3126
3127 /* Free the key and set pointer to NULL */
3128 if (ckch->key)
3129 EVP_PKEY_free(ckch->key);
3130 ckch->key = NULL;
3131
3132 /* Free each certificate in the chain */
Emmanuel Hocdet9246f8b2018-11-30 16:00:21 +01003133 if (ckch->chain)
3134 sk_X509_pop_free(ckch->chain, X509_free);
3135 ckch->chain = NULL;
yanbzhu488a4d22015-12-01 15:16:07 -05003136
William Lallemand455af502019-10-17 18:04:45 +02003137 if (ckch->dh)
3138 DH_free(ckch->dh);
3139 ckch->dh = NULL;
3140
3141 if (ckch->sctl) {
3142 free(ckch->sctl->area);
3143 ckch->sctl->area = NULL;
3144 free(ckch->sctl);
3145 ckch->sctl = NULL;
3146 }
3147
3148 if (ckch->ocsp_response) {
3149 free(ckch->ocsp_response->area);
3150 ckch->ocsp_response->area = NULL;
3151 free(ckch->ocsp_response);
3152 ckch->ocsp_response = NULL;
3153 }
William Lallemand5c3c96f2020-01-23 11:53:13 +01003154
3155 if (ckch->ocsp_issuer)
William Lallemanddad239d2020-01-23 11:59:02 +01003156 X509_free(ckch->ocsp_issuer);
William Lallemand5c3c96f2020-01-23 11:53:13 +01003157 ckch->ocsp_issuer = NULL;
yanbzhu488a4d22015-12-01 15:16:07 -05003158}
3159
William Lallemand8d0f8932019-10-17 18:03:58 +02003160/*
3161 *
3162 * This function copy a cert_key_and_chain in memory
3163 *
3164 * It's used to try to apply changes on a ckch before committing them, because
3165 * most of the time it's not possible to revert those changes
3166 *
3167 * Return a the dst or NULL
3168 */
3169static struct cert_key_and_chain *ssl_sock_copy_cert_key_and_chain(struct cert_key_and_chain *src,
3170 struct cert_key_and_chain *dst)
3171{
3172 if (src->cert) {
3173 dst->cert = src->cert;
3174 X509_up_ref(src->cert);
3175 }
3176
3177 if (src->key) {
3178 dst->key = src->key;
3179 EVP_PKEY_up_ref(src->key);
3180 }
3181
3182 if (src->chain) {
3183 dst->chain = X509_chain_up_ref(src->chain);
3184 }
3185
3186 if (src->dh) {
3187 DH_up_ref(src->dh);
3188 dst->dh = src->dh;
3189 }
3190
3191 if (src->sctl) {
3192 struct buffer *sctl;
3193
3194 sctl = calloc(1, sizeof(*sctl));
3195 if (!chunk_dup(sctl, src->sctl)) {
3196 free(sctl);
3197 sctl = NULL;
3198 goto error;
3199 }
3200 dst->sctl = sctl;
3201 }
3202
3203 if (src->ocsp_response) {
3204 struct buffer *ocsp_response;
3205
3206 ocsp_response = calloc(1, sizeof(*ocsp_response));
3207 if (!chunk_dup(ocsp_response, src->ocsp_response)) {
3208 free(ocsp_response);
3209 ocsp_response = NULL;
3210 goto error;
3211 }
3212 dst->ocsp_response = ocsp_response;
3213 }
3214
3215 if (src->ocsp_issuer) {
3216 X509_up_ref(src->ocsp_issuer);
3217 dst->ocsp_issuer = src->ocsp_issuer;
3218 }
3219
3220 return dst;
3221
3222error:
3223
3224 /* free everything */
3225 ssl_sock_free_cert_key_and_chain_contents(dst);
3226
3227 return NULL;
3228}
3229
3230
yanbzhu488a4d22015-12-01 15:16:07 -05003231/* checks if a key and cert exists in the ckch
3232 */
William Lallemand1633e392019-09-30 12:58:13 +02003233#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhu488a4d22015-12-01 15:16:07 -05003234static int ssl_sock_is_ckch_valid(struct cert_key_and_chain *ckch)
3235{
3236 return (ckch->cert != NULL && ckch->key != NULL);
3237}
William Lallemand1633e392019-09-30 12:58:13 +02003238#endif
yanbzhu488a4d22015-12-01 15:16:07 -05003239
William Lallemandf9568fc2019-10-16 18:27:58 +02003240/*
3241 * return 0 on success or != 0 on failure
3242 */
3243static int ssl_sock_load_issuer_file_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch, char **err)
3244{
3245 int ret = 1;
3246 BIO *in = NULL;
3247 X509 *issuer;
3248
3249 if (buf) {
3250 /* reading from a buffer */
3251 in = BIO_new_mem_buf(buf, -1);
3252 if (in == NULL) {
3253 memprintf(err, "%sCan't allocate memory\n", err && *err ? *err : "");
3254 goto end;
3255 }
3256
3257 } else {
3258 /* reading from a file */
3259 in = BIO_new(BIO_s_file());
3260 if (in == NULL)
3261 goto end;
3262
3263 if (BIO_read_filename(in, path) <= 0)
3264 goto end;
3265 }
3266
3267 issuer = PEM_read_bio_X509_AUX(in, NULL, NULL, NULL);
3268 if (!issuer) {
3269 memprintf(err, "%s'%s' cannot be read or parsed'.\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01003270 err && *err ? *err : "", path);
William Lallemandf9568fc2019-10-16 18:27:58 +02003271 goto end;
3272 }
Emmanuel Hocdeteb73dc32020-01-16 14:45:00 +01003273 /* no error, fill ckch with new context, old context must be free */
3274 if (ckch->ocsp_issuer)
3275 X509_free(ckch->ocsp_issuer);
William Lallemandf9568fc2019-10-16 18:27:58 +02003276 ckch->ocsp_issuer = issuer;
Emmanuel Hocdeteb73dc32020-01-16 14:45:00 +01003277 ret = 0;
William Lallemandf9568fc2019-10-16 18:27:58 +02003278
3279end:
3280
3281 ERR_clear_error();
3282 if (in)
3283 BIO_free(in);
3284
3285 return ret;
3286}
3287
William Lallemand96a9c972019-10-17 11:56:17 +02003288
3289/*
3290 * Try to load a PEM file from a <path> or a buffer <buf>
William Lallemand4c5adbf2020-02-24 14:23:22 +01003291 * The PEM must contain at least a Certificate,
3292 * It could contain a DH, a certificate chain and a PrivateKey.
yanbzhu488a4d22015-12-01 15:16:07 -05003293 *
William Lallemand96a9c972019-10-17 11:56:17 +02003294 * If it failed you should not attempt to use the ckch but free it.
3295 *
3296 * Return 0 on success or != 0 on failure
yanbzhu488a4d22015-12-01 15:16:07 -05003297 */
William Lallemand96a9c972019-10-17 11:56:17 +02003298static int ssl_sock_load_pem_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch , char **err)
yanbzhu488a4d22015-12-01 15:16:07 -05003299{
William Lallemandf11365b2019-09-19 14:25:58 +02003300 BIO *in = NULL;
yanbzhu488a4d22015-12-01 15:16:07 -05003301 int ret = 1;
Emmanuel Hocdet078156d2020-01-22 17:02:53 +01003302 int i;
Emmanuel Hocdet83cbd3c2019-10-25 11:55:03 +02003303 X509 *ca;
William Lallemand96a9c972019-10-17 11:56:17 +02003304 X509 *cert = NULL;
3305 EVP_PKEY *key = NULL;
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003306 DH *dh = NULL;
3307 STACK_OF(X509) *chain = NULL;
William Lallemand96a9c972019-10-17 11:56:17 +02003308
3309 if (buf) {
3310 /* reading from a buffer */
3311 in = BIO_new_mem_buf(buf, -1);
3312 if (in == NULL) {
3313 memprintf(err, "%sCan't allocate memory\n", err && *err ? *err : "");
3314 goto end;
3315 }
yanbzhu488a4d22015-12-01 15:16:07 -05003316
William Lallemand96a9c972019-10-17 11:56:17 +02003317 } else {
3318 /* reading from a file */
William Lallemandf11365b2019-09-19 14:25:58 +02003319 in = BIO_new(BIO_s_file());
3320 if (in == NULL)
3321 goto end;
yanbzhu488a4d22015-12-01 15:16:07 -05003322
William Lallemandf11365b2019-09-19 14:25:58 +02003323 if (BIO_read_filename(in, path) <= 0)
3324 goto end;
William Lallemandf11365b2019-09-19 14:25:58 +02003325 }
yanbzhu488a4d22015-12-01 15:16:07 -05003326
yanbzhu488a4d22015-12-01 15:16:07 -05003327 /* Read Private Key */
William Lallemand96a9c972019-10-17 11:56:17 +02003328 key = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL);
William Lallemand4c5adbf2020-02-24 14:23:22 +01003329 /* no need to check for errors here, because the private key could be loaded later */
yanbzhu488a4d22015-12-01 15:16:07 -05003330
Emmanuel Hocdet54227d82019-07-30 17:04:01 +02003331#ifndef OPENSSL_NO_DH
William Lallemandfa892222019-07-23 16:06:08 +02003332 /* Seek back to beginning of file */
3333 if (BIO_reset(in) == -1) {
3334 memprintf(err, "%san error occurred while reading the file '%s'.\n",
3335 err && *err ? *err : "", path);
3336 goto end;
3337 }
3338
William Lallemand96a9c972019-10-17 11:56:17 +02003339 dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
3340 /* no need to return an error there, dh is not mandatory */
Emmanuel Hocdet54227d82019-07-30 17:04:01 +02003341#endif
William Lallemandfa892222019-07-23 16:06:08 +02003342
Willy Tarreaubb137a82016-04-06 19:02:38 +02003343 /* Seek back to beginning of file */
Thierry FOURNIER / OZON.IOd44ea3f2016-10-14 00:49:21 +02003344 if (BIO_reset(in) == -1) {
3345 memprintf(err, "%san error occurred while reading the file '%s'.\n",
3346 err && *err ? *err : "", path);
3347 goto end;
3348 }
Willy Tarreaubb137a82016-04-06 19:02:38 +02003349
3350 /* Read Certificate */
William Lallemand96a9c972019-10-17 11:56:17 +02003351 cert = PEM_read_bio_X509_AUX(in, NULL, NULL, NULL);
3352 if (cert == NULL) {
Willy Tarreaubb137a82016-04-06 19:02:38 +02003353 memprintf(err, "%sunable to load certificate from file '%s'.\n",
William Lallemand96a9c972019-10-17 11:56:17 +02003354 err && *err ? *err : "", path);
Willy Tarreaubb137a82016-04-06 19:02:38 +02003355 goto end;
3356 }
3357
William Lallemand96a9c972019-10-17 11:56:17 +02003358 /* Look for a Certificate Chain */
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003359 while ((ca = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
3360 if (chain == NULL)
3361 chain = sk_X509_new_null();
3362 if (!sk_X509_push(chain, ca)) {
William Lallemand96a9c972019-10-17 11:56:17 +02003363 X509_free(ca);
3364 goto end;
3365 }
3366 }
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +01003367 /* Find Certificate Chain in global */
3368 if (chain == NULL) {
3369 AUTHORITY_KEYID *akid;
3370 akid = X509_get_ext_d2i(cert, NID_authority_key_identifier, NULL, NULL);
3371 if (akid) {
3372 struct issuer_chain *issuer;
3373 struct eb64_node *node;
3374 u64 hk;
3375 hk = XXH64(ASN1_STRING_get0_data(akid->keyid), ASN1_STRING_length(akid->keyid), 0);
3376 for (node = eb64_lookup(&global_ssl.cert_issuer_tree, hk); node; node = eb64_next(node)) {
3377 issuer = container_of(node, typeof(*issuer), node);
3378 if (X509_check_issued(sk_X509_value(issuer->chain, 0), cert) == X509_V_OK) {
3379 chain = X509_chain_up_ref(issuer->chain);
3380 break;
3381 }
3382 }
3383 AUTHORITY_KEYID_free(akid);
3384 }
3385 }
Emmanuel Hocdeted17f472019-10-24 18:28:33 +02003386 /* no chain */
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003387 if (chain == NULL) {
3388 chain = sk_X509_new_null();
Emmanuel Hocdeted17f472019-10-24 18:28:33 +02003389 }
3390
yanbzhu488a4d22015-12-01 15:16:07 -05003391 ret = ERR_get_error();
3392 if (ret && (ERR_GET_LIB(ret) != ERR_LIB_PEM && ERR_GET_REASON(ret) != PEM_R_NO_START_LINE)) {
3393 memprintf(err, "%sunable to load certificate chain from file '%s'.\n",
William Lallemand96a9c972019-10-17 11:56:17 +02003394 err && *err ? *err : "", path);
yanbzhu488a4d22015-12-01 15:16:07 -05003395 goto end;
William Lallemand246c0242019-10-11 08:59:13 +02003396 }
3397
William Lallemand75b15f72020-01-23 10:56:05 +01003398 /* once it loaded the PEM, it should remove everything else in the ckch */
3399 if (ckch->ocsp_response) {
3400 free(ckch->ocsp_response->area);
3401 ckch->ocsp_response->area = NULL;
3402 free(ckch->ocsp_response);
3403 ckch->ocsp_response = NULL;
3404 }
3405
3406 if (ckch->sctl) {
3407 free(ckch->sctl->area);
3408 ckch->sctl->area = NULL;
3409 free(ckch->sctl);
3410 ckch->sctl = NULL;
3411 }
3412
3413 if (ckch->ocsp_issuer) {
3414 X509_free(ckch->ocsp_issuer);
3415 ckch->ocsp_issuer = NULL;
3416 }
3417
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003418 /* no error, fill ckch with new context, old context will be free at end: */
3419 SWAP(ckch->key, key);
3420 SWAP(ckch->dh, dh);
3421 SWAP(ckch->cert, cert);
3422 SWAP(ckch->chain, chain);
3423
Emmanuel Hocdet078156d2020-01-22 17:02:53 +01003424 /* check if one of the certificate of the chain is the issuer */
3425 for (i = 0; i < sk_X509_num(ckch->chain); i++) {
3426 X509 *issuer = sk_X509_value(ckch->chain, i);
3427 if (X509_check_issued(issuer, ckch->cert) == X509_V_OK) {
3428 ckch->ocsp_issuer = issuer;
3429 X509_up_ref(issuer);
3430 break;
3431 }
3432 }
William Lallemand246c0242019-10-11 08:59:13 +02003433 ret = 0;
3434
William Lallemand96a9c972019-10-17 11:56:17 +02003435end:
William Lallemand246c0242019-10-11 08:59:13 +02003436
3437 ERR_clear_error();
William Lallemand96a9c972019-10-17 11:56:17 +02003438 if (in)
William Lallemand246c0242019-10-11 08:59:13 +02003439 BIO_free(in);
Emmanuel Hocdet83cbd3c2019-10-25 11:55:03 +02003440 if (key)
3441 EVP_PKEY_free(key);
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003442 if (dh)
3443 DH_free(dh);
Emmanuel Hocdet83cbd3c2019-10-25 11:55:03 +02003444 if (cert)
3445 X509_free(cert);
Emmanuel Hocdet6b5b44e2019-12-20 17:47:12 +01003446 if (chain)
3447 sk_X509_pop_free(chain, X509_free);
William Lallemanda17f4112019-10-10 15:16:44 +02003448
William Lallemand96a9c972019-10-17 11:56:17 +02003449 return ret;
3450}
3451
3452/*
William Lallemand4c5adbf2020-02-24 14:23:22 +01003453 * Try to load a private key file from a <path> or a buffer <buf>
3454 *
3455 * If it failed you should not attempt to use the ckch but free it.
3456 *
3457 * Return 0 on success or != 0 on failure
3458 */
3459static int ssl_sock_load_key_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch , char **err)
3460{
3461 BIO *in = NULL;
3462 int ret = 1;
3463 EVP_PKEY *key = NULL;
3464
3465 if (buf) {
3466 /* reading from a buffer */
3467 in = BIO_new_mem_buf(buf, -1);
3468 if (in == NULL) {
3469 memprintf(err, "%sCan't allocate memory\n", err && *err ? *err : "");
3470 goto end;
3471 }
3472
3473 } else {
3474 /* reading from a file */
3475 in = BIO_new(BIO_s_file());
3476 if (in == NULL)
3477 goto end;
3478
3479 if (BIO_read_filename(in, path) <= 0)
3480 goto end;
3481 }
3482
3483 /* Read Private Key */
3484 key = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL);
3485 if (key == NULL) {
3486 memprintf(err, "%sunable to load private key from file '%s'.\n",
3487 err && *err ? *err : "", path);
3488 goto end;
3489 }
3490
3491 ret = 0;
3492
3493 SWAP(ckch->key, key);
3494
3495end:
3496
3497 ERR_clear_error();
3498 if (in)
3499 BIO_free(in);
3500 if (key)
3501 EVP_PKEY_free(key);
3502
3503 return ret;
3504}
3505
3506/*
William Lallemand96a9c972019-10-17 11:56:17 +02003507 * Try to load in a ckch every files related to a ckch.
3508 * (PEM, sctl, ocsp, issuer etc.)
3509 *
3510 * This function is only used to load files during the configuration parsing,
3511 * it is not used with the CLI.
3512 *
3513 * This allows us to carry the contents of the file without having to read the
3514 * file multiple times. The caller must call
3515 * ssl_sock_free_cert_key_and_chain_contents.
3516 *
3517 * returns:
3518 * 0 on Success
3519 * 1 on SSL Failure
3520 */
3521static int ssl_sock_load_files_into_ckch(const char *path, struct cert_key_and_chain *ckch, char **err)
3522{
3523 int ret = 1;
3524
3525 /* try to load the PEM */
3526 if (ssl_sock_load_pem_into_ckch(path, NULL, ckch , err) != 0) {
3527 goto end;
3528 }
3529
William Lallemand4c5adbf2020-02-24 14:23:22 +01003530 /* try to load an external private key if it wasn't in the PEM */
3531 if ((ckch->key == NULL) && (global_ssl.extra_files & SSL_GF_KEY)) {
3532 char fp[MAXPATHLEN+1];
3533 struct stat st;
3534
3535 snprintf(fp, MAXPATHLEN+1, "%s.key", path);
3536 if (stat(fp, &st) == 0) {
3537 if (ssl_sock_load_key_into_ckch(fp, NULL, ckch, err)) {
3538 memprintf(err, "%s '%s' is present but cannot be read or parsed'.\n",
3539 err && *err ? *err : "", fp);
3540 goto end;
3541 }
3542 }
3543 }
3544
3545 if (ckch->key == NULL) {
3546 memprintf(err, "%sNo Private Key found in '%s' or '%s.key'.\n", err && *err ? *err : "", path, path);
3547 goto end;
3548 }
3549
3550 if (!X509_check_private_key(ckch->cert, ckch->key)) {
3551 memprintf(err, "%sinconsistencies between private key and certificate loaded '%s'.\n",
3552 err && *err ? *err : "", path);
3553 goto end;
3554 }
3555
William Lallemanda17f4112019-10-10 15:16:44 +02003556#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
3557 /* try to load the sctl file */
William Lallemand3af48e72020-02-03 17:15:52 +01003558 if (global_ssl.extra_files & SSL_GF_SCTL) {
William Lallemanda17f4112019-10-10 15:16:44 +02003559 char fp[MAXPATHLEN+1];
3560 struct stat st;
3561
3562 snprintf(fp, MAXPATHLEN+1, "%s.sctl", path);
3563 if (stat(fp, &st) == 0) {
William Lallemand0dfae6c2019-10-16 18:06:58 +02003564 if (ssl_sock_load_sctl_from_file(fp, NULL, ckch, err)) {
William Lallemanda17f4112019-10-10 15:16:44 +02003565 memprintf(err, "%s '%s.sctl' is present but cannot be read or parsed'.\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01003566 err && *err ? *err : "", fp);
William Lallemanda17f4112019-10-10 15:16:44 +02003567 ret = 1;
3568 goto end;
3569 }
3570 }
3571 }
3572#endif
yanbzhu488a4d22015-12-01 15:16:07 -05003573
William Lallemand246c0242019-10-11 08:59:13 +02003574 /* try to load an ocsp response file */
William Lallemand3af48e72020-02-03 17:15:52 +01003575 if (global_ssl.extra_files & SSL_GF_OCSP) {
William Lallemand246c0242019-10-11 08:59:13 +02003576 char fp[MAXPATHLEN+1];
3577 struct stat st;
3578
3579 snprintf(fp, MAXPATHLEN+1, "%s.ocsp", path);
3580 if (stat(fp, &st) == 0) {
William Lallemand3b5f3602019-10-16 18:05:05 +02003581 if (ssl_sock_load_ocsp_response_from_file(fp, NULL, ckch, err)) {
William Lallemand246c0242019-10-11 08:59:13 +02003582 ret = 1;
3583 goto end;
3584 }
3585 }
3586 }
3587
Emmanuel Hocdeteaad5cc2019-10-25 12:19:00 +02003588#ifndef OPENSSL_IS_BORINGSSL /* Useless for BoringSSL */
William Lallemand3af48e72020-02-03 17:15:52 +01003589 if (ckch->ocsp_response && (global_ssl.extra_files & SSL_GF_OCSP_ISSUER)) {
William Lallemand246c0242019-10-11 08:59:13 +02003590 /* if no issuer was found, try to load an issuer from the .issuer */
Emmanuel Hocdet078156d2020-01-22 17:02:53 +01003591 if (!ckch->ocsp_issuer) {
William Lallemand246c0242019-10-11 08:59:13 +02003592 struct stat st;
3593 char fp[MAXPATHLEN+1];
3594
3595 snprintf(fp, MAXPATHLEN+1, "%s.issuer", path);
3596 if (stat(fp, &st) == 0) {
William Lallemandf9568fc2019-10-16 18:27:58 +02003597 if (ssl_sock_load_issuer_file_into_ckch(fp, NULL, ckch, err)) {
William Lallemand246c0242019-10-11 08:59:13 +02003598 ret = 1;
3599 goto end;
3600 }
3601
3602 if (X509_check_issued(ckch->ocsp_issuer, ckch->cert) != X509_V_OK) {
William Lallemand786188f2019-10-15 10:05:37 +02003603 memprintf(err, "%s '%s' is not an issuer'.\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01003604 err && *err ? *err : "", fp);
William Lallemand246c0242019-10-11 08:59:13 +02003605 ret = 1;
3606 goto end;
3607 }
3608 } else {
3609 memprintf(err, "%sNo issuer found, cannot use the OCSP response'.\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01003610 err && *err ? *err : "");
William Lallemand246c0242019-10-11 08:59:13 +02003611 ret = 1;
3612 goto end;
3613 }
3614 }
3615 }
Emmanuel Hocdeteaad5cc2019-10-25 12:19:00 +02003616#endif
William Lallemand246c0242019-10-11 08:59:13 +02003617
yanbzhu488a4d22015-12-01 15:16:07 -05003618 ret = 0;
3619
3620end:
3621
3622 ERR_clear_error();
yanbzhu488a4d22015-12-01 15:16:07 -05003623
3624 /* Something went wrong in one of the reads */
3625 if (ret != 0)
3626 ssl_sock_free_cert_key_and_chain_contents(ckch);
3627
3628 return ret;
3629}
3630
3631/* Loads the info in ckch into ctx
Emeric Bruna96b5822019-10-17 13:25:14 +02003632 * Returns a bitfield containing the flags:
3633 * ERR_FATAL in any fatal error case
3634 * ERR_ALERT if the reason of the error is available in err
3635 * ERR_WARN if a warning is available into err
3636 * The value 0 means there is no error nor warning and
3637 * the operation succeed.
yanbzhu488a4d22015-12-01 15:16:07 -05003638 */
3639static int ssl_sock_put_ckch_into_ctx(const char *path, const struct cert_key_and_chain *ckch, SSL_CTX *ctx, char **err)
3640{
Emeric Bruna96b5822019-10-17 13:25:14 +02003641 int errcode = 0;
3642
yanbzhu488a4d22015-12-01 15:16:07 -05003643 if (SSL_CTX_use_PrivateKey(ctx, ckch->key) <= 0) {
3644 memprintf(err, "%sunable to load SSL private key into SSL Context '%s'.\n",
3645 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003646 errcode |= ERR_ALERT | ERR_FATAL;
3647 return errcode;
yanbzhu488a4d22015-12-01 15:16:07 -05003648 }
3649
3650 if (!SSL_CTX_use_certificate(ctx, ckch->cert)) {
3651 memprintf(err, "%sunable to load SSL certificate into SSL Context '%s'.\n",
3652 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003653 errcode |= ERR_ALERT | ERR_FATAL;
3654 goto end;
yanbzhu488a4d22015-12-01 15:16:07 -05003655 }
3656
yanbzhu488a4d22015-12-01 15:16:07 -05003657 /* Load all certs in the ckch into the ctx_chain for the ssl_ctx */
Emmanuel Hocdet1c65fdd2018-12-03 18:07:44 +01003658#ifdef SSL_CTX_set1_chain
Emmanuel Hocdet9246f8b2018-11-30 16:00:21 +01003659 if (!SSL_CTX_set1_chain(ctx, ckch->chain)) {
3660 memprintf(err, "%sunable to load chain certificate into SSL Context '%s'. Make sure you are linking against Openssl >= 1.0.2.\n",
3661 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003662 errcode |= ERR_ALERT | ERR_FATAL;
3663 goto end;
yanbzhu488a4d22015-12-01 15:16:07 -05003664 }
Emmanuel Hocdet1c65fdd2018-12-03 18:07:44 +01003665#else
3666 { /* legacy compat (< openssl 1.0.2) */
3667 X509 *ca;
Emmanuel Hocdet140b64f2019-10-24 18:33:10 +02003668 STACK_OF(X509) *chain;
3669 chain = X509_chain_up_ref(ckch->chain);
3670 while ((ca = sk_X509_shift(chain)))
Emmanuel Hocdet1c65fdd2018-12-03 18:07:44 +01003671 if (!SSL_CTX_add_extra_chain_cert(ctx, ca)) {
3672 memprintf(err, "%sunable to load chain certificate into SSL Context '%s'.\n",
3673 err && *err ? *err : "", path);
3674 X509_free(ca);
Emmanuel Hocdet140b64f2019-10-24 18:33:10 +02003675 sk_X509_pop_free(chain, X509_free);
Emeric Bruna96b5822019-10-17 13:25:14 +02003676 errcode |= ERR_ALERT | ERR_FATAL;
3677 goto end;
Emmanuel Hocdet1c65fdd2018-12-03 18:07:44 +01003678 }
3679 }
3680#endif
yanbzhu488a4d22015-12-01 15:16:07 -05003681
William Lallemandfa892222019-07-23 16:06:08 +02003682#ifndef OPENSSL_NO_DH
3683 /* store a NULL pointer to indicate we have not yet loaded
3684 a custom DH param file */
3685 if (ssl_dh_ptr_index >= 0) {
3686 SSL_CTX_set_ex_data(ctx, ssl_dh_ptr_index, NULL);
3687 }
3688
Emeric Brun7a883362019-10-17 13:27:40 +02003689 errcode |= ssl_sock_load_dh_params(ctx, ckch, path, err);
3690 if (errcode & ERR_CODE) {
William Lallemandfa892222019-07-23 16:06:08 +02003691 memprintf(err, "%sunable to load DH parameters from file '%s'.\n",
3692 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003693 goto end;
William Lallemandfa892222019-07-23 16:06:08 +02003694 }
3695#endif
3696
William Lallemanda17f4112019-10-10 15:16:44 +02003697#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
3698 if (sctl_ex_index >= 0 && ckch->sctl) {
3699 if (ssl_sock_load_sctl(ctx, ckch->sctl) < 0) {
3700 memprintf(err, "%s '%s.sctl' is present but cannot be read or parsed'.\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01003701 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003702 errcode |= ERR_ALERT | ERR_FATAL;
3703 goto end;
William Lallemanda17f4112019-10-10 15:16:44 +02003704 }
3705 }
3706#endif
3707
William Lallemand4a660132019-10-14 14:51:41 +02003708#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
William Lallemand246c0242019-10-11 08:59:13 +02003709 /* Load OCSP Info into context */
3710 if (ckch->ocsp_response) {
3711 if (ssl_sock_load_ocsp(ctx, ckch) < 0) {
Tim Duesterhus93128532019-11-23 23:45:10 +01003712 memprintf(err, "%s '%s.ocsp' is present and activates OCSP but it is impossible to compute the OCSP certificate ID (maybe the issuer could not be found)'.\n",
3713 err && *err ? *err : "", path);
Emeric Bruna96b5822019-10-17 13:25:14 +02003714 errcode |= ERR_ALERT | ERR_FATAL;
3715 goto end;
William Lallemand246c0242019-10-11 08:59:13 +02003716 }
3717 }
William Lallemand246c0242019-10-11 08:59:13 +02003718#endif
3719
Emeric Bruna96b5822019-10-17 13:25:14 +02003720 end:
3721 return errcode;
yanbzhu488a4d22015-12-01 15:16:07 -05003722}
3723
William Lallemandc4ecddf2019-07-31 16:50:08 +02003724#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhu08ce6ab2015-12-02 13:01:29 -05003725
William Lallemand28a8fce2019-10-04 17:36:55 +02003726static int ssl_sock_populate_sni_keytypes_hplr(const char *str, struct eb_root *sni_keytypes, int key_index)
yanbzhu08ce6ab2015-12-02 13:01:29 -05003727{
3728 struct sni_keytype *s_kt = NULL;
3729 struct ebmb_node *node;
3730 int i;
3731
3732 for (i = 0; i < trash.size; i++) {
3733 if (!str[i])
3734 break;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02003735 trash.area[i] = tolower(str[i]);
yanbzhu08ce6ab2015-12-02 13:01:29 -05003736 }
Willy Tarreau843b7cb2018-07-13 10:54:26 +02003737 trash.area[i] = 0;
3738 node = ebst_lookup(sni_keytypes, trash.area);
yanbzhu08ce6ab2015-12-02 13:01:29 -05003739 if (!node) {
3740 /* CN not found in tree */
3741 s_kt = malloc(sizeof(struct sni_keytype) + i + 1);
3742 /* Using memcpy here instead of strncpy.
3743 * strncpy will cause sig_abrt errors under certain versions of gcc with -O2
3744 * See: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=60792
3745 */
William Lallemand28a8fce2019-10-04 17:36:55 +02003746 if (!s_kt)
3747 return -1;
3748
Willy Tarreau843b7cb2018-07-13 10:54:26 +02003749 memcpy(s_kt->name.key, trash.area, i+1);
yanbzhu08ce6ab2015-12-02 13:01:29 -05003750 s_kt->keytypes = 0;
3751 ebst_insert(sni_keytypes, &s_kt->name);
3752 } else {
3753 /* CN found in tree */
3754 s_kt = container_of(node, struct sni_keytype, name);
3755 }
3756
3757 /* Mark that this CN has the keytype of key_index via keytypes mask */
3758 s_kt->keytypes |= 1<<key_index;
3759
William Lallemand28a8fce2019-10-04 17:36:55 +02003760 return 0;
3761
yanbzhu08ce6ab2015-12-02 13:01:29 -05003762}
3763
William Lallemandc4ecddf2019-07-31 16:50:08 +02003764#endif
William Lallemand8c1cdde2019-10-18 10:58:14 +02003765/*
3766 * Free a ckch_store and its ckch(s)
3767 * The linked ckch_inst are not free'd
3768 */
3769void ckchs_free(struct ckch_store *ckchs)
3770{
3771 if (!ckchs)
3772 return;
3773
3774#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
3775 if (ckchs->multi) {
3776 int n;
3777
3778 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++)
3779 ssl_sock_free_cert_key_and_chain_contents(&ckchs->ckch[n]);
3780 } else
3781#endif
3782 {
3783 ssl_sock_free_cert_key_and_chain_contents(ckchs->ckch);
3784 ckchs->ckch = NULL;
3785 }
3786
3787 free(ckchs);
3788}
3789
3790/* allocate and duplicate a ckch_store
3791 * Return a new ckch_store or NULL */
3792static struct ckch_store *ckchs_dup(const struct ckch_store *src)
3793{
3794 struct ckch_store *dst;
3795 int pathlen;
3796
3797 pathlen = strlen(src->path);
3798 dst = calloc(1, sizeof(*dst) + pathlen + 1);
3799 if (!dst)
3800 return NULL;
3801 /* copy previous key */
3802 memcpy(dst->path, src->path, pathlen + 1);
3803 dst->multi = src->multi;
3804 LIST_INIT(&dst->ckch_inst);
3805
3806 dst->ckch = calloc((src->multi ? SSL_SOCK_NUM_KEYTYPES : 1), sizeof(*dst->ckch));
3807 if (!dst->ckch)
3808 goto error;
3809
3810#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
3811 if (src->multi) {
3812 int n;
3813
3814 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
3815 if (&src->ckch[n]) {
3816 if (!ssl_sock_copy_cert_key_and_chain(&src->ckch[n], &dst->ckch[n]))
3817 goto error;
3818 }
3819 }
3820 } else
3821#endif
3822 {
3823 if (!ssl_sock_copy_cert_key_and_chain(src->ckch, dst->ckch))
3824 goto error;
3825 }
3826
3827 return dst;
3828
3829error:
3830 ckchs_free(dst);
3831
3832 return NULL;
3833}
William Lallemandc4ecddf2019-07-31 16:50:08 +02003834
William Lallemand36b84632019-07-18 19:28:17 +02003835/*
William Lallemande3af8fb2019-10-08 11:36:53 +02003836 * lookup a path into the ckchs tree.
William Lallemand6af03992019-07-23 15:00:54 +02003837 */
William Lallemande3af8fb2019-10-08 11:36:53 +02003838static inline struct ckch_store *ckchs_lookup(char *path)
William Lallemand6af03992019-07-23 15:00:54 +02003839{
3840 struct ebmb_node *eb;
3841
William Lallemande3af8fb2019-10-08 11:36:53 +02003842 eb = ebst_lookup(&ckchs_tree, path);
William Lallemand6af03992019-07-23 15:00:54 +02003843 if (!eb)
3844 return NULL;
3845
William Lallemande3af8fb2019-10-08 11:36:53 +02003846 return ebmb_entry(eb, struct ckch_store, node);
William Lallemand6af03992019-07-23 15:00:54 +02003847}
3848
3849/*
William Lallemande3af8fb2019-10-08 11:36:53 +02003850 * This function allocate a ckch_store and populate it with certificates from files.
William Lallemand36b84632019-07-18 19:28:17 +02003851 */
William Lallemande3af8fb2019-10-08 11:36:53 +02003852static struct ckch_store *ckchs_load_cert_file(char *path, int multi, char **err)
William Lallemand36b84632019-07-18 19:28:17 +02003853{
William Lallemande3af8fb2019-10-08 11:36:53 +02003854 struct ckch_store *ckchs;
William Lallemand36b84632019-07-18 19:28:17 +02003855
William Lallemande3af8fb2019-10-08 11:36:53 +02003856 ckchs = calloc(1, sizeof(*ckchs) + strlen(path) + 1);
3857 if (!ckchs) {
William Lallemand36b84632019-07-18 19:28:17 +02003858 memprintf(err, "%sunable to allocate memory.\n", err && *err ? *err : "");
3859 goto end;
3860 }
William Lallemande3af8fb2019-10-08 11:36:53 +02003861 ckchs->ckch = calloc(1, sizeof(*ckchs->ckch) * (multi ? SSL_SOCK_NUM_KEYTYPES : 1));
William Lallemand36b84632019-07-18 19:28:17 +02003862
William Lallemande3af8fb2019-10-08 11:36:53 +02003863 if (!ckchs->ckch) {
William Lallemand36b84632019-07-18 19:28:17 +02003864 memprintf(err, "%sunable to allocate memory.\n", err && *err ? *err : "");
3865 goto end;
3866 }
3867
William Lallemand9117de92019-10-04 00:29:42 +02003868 LIST_INIT(&ckchs->ckch_inst);
3869
William Lallemand36b84632019-07-18 19:28:17 +02003870 if (!multi) {
3871
William Lallemand96a9c972019-10-17 11:56:17 +02003872 if (ssl_sock_load_files_into_ckch(path, ckchs->ckch, err) == 1)
William Lallemand36b84632019-07-18 19:28:17 +02003873 goto end;
3874
William Lallemande3af8fb2019-10-08 11:36:53 +02003875 /* insert into the ckchs tree */
3876 memcpy(ckchs->path, path, strlen(path) + 1);
3877 ebst_insert(&ckchs_tree, &ckchs->node);
William Lallemand36b84632019-07-18 19:28:17 +02003878 } else {
3879 int found = 0;
William Lallemandc4ecddf2019-07-31 16:50:08 +02003880#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
3881 char fp[MAXPATHLEN+1] = {0};
3882 int n = 0;
William Lallemand36b84632019-07-18 19:28:17 +02003883
3884 /* Load all possible certs and keys */
3885 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
3886 struct stat buf;
3887 snprintf(fp, sizeof(fp), "%s.%s", path, SSL_SOCK_KEYTYPE_NAMES[n]);
3888 if (stat(fp, &buf) == 0) {
William Lallemand96a9c972019-10-17 11:56:17 +02003889 if (ssl_sock_load_files_into_ckch(fp, &ckchs->ckch[n], err) == 1)
William Lallemand36b84632019-07-18 19:28:17 +02003890 goto end;
3891 found = 1;
William Lallemande3af8fb2019-10-08 11:36:53 +02003892 ckchs->multi = 1;
William Lallemand36b84632019-07-18 19:28:17 +02003893 }
3894 }
William Lallemandc4ecddf2019-07-31 16:50:08 +02003895#endif
William Lallemand36b84632019-07-18 19:28:17 +02003896
3897 if (!found) {
William Lallemand6e5f2ce2019-08-01 14:43:20 +02003898 memprintf(err, "%sDidn't find any certificate for bundle '%s'.\n", err && *err ? *err : "", path);
William Lallemand36b84632019-07-18 19:28:17 +02003899 goto end;
3900 }
William Lallemande3af8fb2019-10-08 11:36:53 +02003901 /* insert into the ckchs tree */
3902 memcpy(ckchs->path, path, strlen(path) + 1);
3903 ebst_insert(&ckchs_tree, &ckchs->node);
William Lallemand36b84632019-07-18 19:28:17 +02003904 }
William Lallemande3af8fb2019-10-08 11:36:53 +02003905 return ckchs;
yanbzhu08ce6ab2015-12-02 13:01:29 -05003906
William Lallemand36b84632019-07-18 19:28:17 +02003907end:
William Lallemande3af8fb2019-10-08 11:36:53 +02003908 if (ckchs) {
3909 free(ckchs->ckch);
3910 ebmb_delete(&ckchs->node);
William Lallemand6af03992019-07-23 15:00:54 +02003911 }
3912
William Lallemande3af8fb2019-10-08 11:36:53 +02003913 free(ckchs);
William Lallemand36b84632019-07-18 19:28:17 +02003914
3915 return NULL;
3916}
3917
William Lallemandc4ecddf2019-07-31 16:50:08 +02003918#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
3919
William Lallemand36b84632019-07-18 19:28:17 +02003920/*
William Lallemande3af8fb2019-10-08 11:36:53 +02003921 * Take a ckch_store which contains a multi-certificate bundle.
William Lallemand36b84632019-07-18 19:28:17 +02003922 * Group these certificates into a set of SSL_CTX*
yanbzhu08ce6ab2015-12-02 13:01:29 -05003923 * based on shared and unique CN and SAN entries. Add these SSL_CTX* to the SNI tree.
3924 *
Joseph Herlant017b3da2018-11-15 09:07:59 -08003925 * This will allow the user to explicitly group multiple cert/keys for a single purpose
yanbzhu08ce6ab2015-12-02 13:01:29 -05003926 *
Emeric Brun054563d2019-10-17 13:16:58 +02003927 * Returns a bitfield containing the flags:
3928 * ERR_FATAL in any fatal error case
3929 * ERR_ALERT if the reason of the error is available in err
3930 * ERR_WARN if a warning is available into err
William Lallemand36b84632019-07-18 19:28:17 +02003931 *
yanbzhu08ce6ab2015-12-02 13:01:29 -05003932 */
Emeric Brun054563d2019-10-17 13:16:58 +02003933static int ckch_inst_new_load_multi_store(const char *path, struct ckch_store *ckchs,
3934 struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf,
3935 char **sni_filter, int fcount, struct ckch_inst **ckchi, char **err)
yanbzhu08ce6ab2015-12-02 13:01:29 -05003936{
William Lallemand36b84632019-07-18 19:28:17 +02003937 int i = 0, n = 0;
3938 struct cert_key_and_chain *certs_and_keys;
William Lallemand4b989f22019-10-04 18:36:55 +02003939 struct eb_root sni_keytypes_map = EB_ROOT;
yanbzhu08ce6ab2015-12-02 13:01:29 -05003940 struct ebmb_node *node;
3941 struct ebmb_node *next;
3942 /* Array of SSL_CTX pointers corresponding to each possible combo
3943 * of keytypes
3944 */
3945 struct key_combo_ctx key_combos[SSL_SOCK_POSSIBLE_KT_COMBOS] = { {0} };
Emeric Brun054563d2019-10-17 13:16:58 +02003946 int errcode = 0;
yanbzhu08ce6ab2015-12-02 13:01:29 -05003947 X509_NAME *xname = NULL;
3948 char *str = NULL;
3949#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
3950 STACK_OF(GENERAL_NAME) *names = NULL;
3951#endif
William Lallemand614ca0d2019-10-07 13:52:11 +02003952 struct ckch_inst *ckch_inst;
yanbzhu08ce6ab2015-12-02 13:01:29 -05003953
Emeric Brun054563d2019-10-17 13:16:58 +02003954 *ckchi = NULL;
3955
William Lallemande3af8fb2019-10-08 11:36:53 +02003956 if (!ckchs || !ckchs->ckch || !ckchs->multi) {
William Lallemand36b84632019-07-18 19:28:17 +02003957 memprintf(err, "%sunable to load SSL certificate file '%s' file does not exist.\n",
3958 err && *err ? *err : "", path);
Emeric Brun054563d2019-10-17 13:16:58 +02003959 return ERR_ALERT | ERR_FATAL;
William Lallemand614ca0d2019-10-07 13:52:11 +02003960 }
3961
3962 ckch_inst = ckch_inst_new();
3963 if (!ckch_inst) {
3964 memprintf(err, "%sunable to allocate SSL context for cert '%s'.\n",
3965 err && *err ? *err : "", path);
Emeric Brun054563d2019-10-17 13:16:58 +02003966 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemand614ca0d2019-10-07 13:52:11 +02003967 goto end;
yanbzhu08ce6ab2015-12-02 13:01:29 -05003968 }
3969
William Lallemande3af8fb2019-10-08 11:36:53 +02003970 certs_and_keys = ckchs->ckch;
William Lallemand36b84632019-07-18 19:28:17 +02003971
William Lallemand150bfa82019-09-19 17:12:49 +02003972 /* at least one of the instances is using filters during the config
3973 * parsing, that's ok to inherit this during loading on CLI */
William Lallemand920b0352019-12-04 15:33:01 +01003974 ckchs->filters |= !!fcount;
William Lallemand150bfa82019-09-19 17:12:49 +02003975
yanbzhu08ce6ab2015-12-02 13:01:29 -05003976 /* Process each ckch and update keytypes for each CN/SAN
3977 * for example, if CN/SAN www.a.com is associated with
3978 * certs with keytype 0 and 2, then at the end of the loop,
3979 * www.a.com will have:
3980 * keyindex = 0 | 1 | 4 = 5
3981 */
3982 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
William Lallemand28a8fce2019-10-04 17:36:55 +02003983 int ret;
yanbzhu08ce6ab2015-12-02 13:01:29 -05003984
3985 if (!ssl_sock_is_ckch_valid(&certs_and_keys[n]))
3986 continue;
3987
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02003988 if (fcount) {
William Lallemand28a8fce2019-10-04 17:36:55 +02003989 for (i = 0; i < fcount; i++) {
3990 ret = ssl_sock_populate_sni_keytypes_hplr(sni_filter[i], &sni_keytypes_map, n);
3991 if (ret < 0) {
3992 memprintf(err, "%sunable to allocate SSL context.\n",
3993 err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02003994 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemand28a8fce2019-10-04 17:36:55 +02003995 goto end;
3996 }
3997 }
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02003998 } else {
3999 /* A lot of the following code is OpenSSL boilerplate for processing CN's and SAN's,
4000 * so the line that contains logic is marked via comments
4001 */
4002 xname = X509_get_subject_name(certs_and_keys[n].cert);
4003 i = -1;
4004 while ((i = X509_NAME_get_index_by_NID(xname, NID_commonName, i)) != -1) {
4005 X509_NAME_ENTRY *entry = X509_NAME_get_entry(xname, i);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02004006 ASN1_STRING *value;
4007 value = X509_NAME_ENTRY_get_data(entry);
4008 if (ASN1_STRING_to_UTF8((unsigned char **)&str, value) >= 0) {
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004009 /* Important line is here */
William Lallemand28a8fce2019-10-04 17:36:55 +02004010 ret = ssl_sock_populate_sni_keytypes_hplr(str, &sni_keytypes_map, n);
yanbzhu08ce6ab2015-12-02 13:01:29 -05004011
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004012 OPENSSL_free(str);
4013 str = NULL;
William Lallemand28a8fce2019-10-04 17:36:55 +02004014 if (ret < 0) {
4015 memprintf(err, "%sunable to allocate SSL context.\n",
4016 err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004017 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemand28a8fce2019-10-04 17:36:55 +02004018 goto end;
4019 }
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004020 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004021 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004022
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004023 /* Do the above logic for each SAN */
yanbzhu08ce6ab2015-12-02 13:01:29 -05004024#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004025 names = X509_get_ext_d2i(certs_and_keys[n].cert, NID_subject_alt_name, NULL, NULL);
4026 if (names) {
4027 for (i = 0; i < sk_GENERAL_NAME_num(names); i++) {
4028 GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
yanbzhu08ce6ab2015-12-02 13:01:29 -05004029
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004030 if (name->type == GEN_DNS) {
4031 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
4032 /* Important line is here */
William Lallemand28a8fce2019-10-04 17:36:55 +02004033 ret = ssl_sock_populate_sni_keytypes_hplr(str, &sni_keytypes_map, n);
yanbzhu08ce6ab2015-12-02 13:01:29 -05004034
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004035 OPENSSL_free(str);
4036 str = NULL;
William Lallemand28a8fce2019-10-04 17:36:55 +02004037 if (ret < 0) {
4038 memprintf(err, "%sunable to allocate SSL context.\n",
4039 err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004040 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemand28a8fce2019-10-04 17:36:55 +02004041 goto end;
4042 }
Emmanuel Hocdetd294aea2016-05-13 11:14:06 +02004043 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004044 }
4045 }
4046 }
4047 }
4048#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
4049 }
4050
4051 /* If no files found, return error */
4052 if (eb_is_empty(&sni_keytypes_map)) {
4053 memprintf(err, "%sunable to load SSL certificate file '%s' file does not exist.\n",
4054 err && *err ? *err : "", path);
Emeric Brun054563d2019-10-17 13:16:58 +02004055 errcode |= ERR_ALERT | ERR_FATAL;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004056 goto end;
4057 }
4058
4059 /* We now have a map of CN/SAN to keytypes that are loaded in
4060 * Iterate through the map to create the SSL_CTX's (if needed)
4061 * and add each CTX to the SNI tree
4062 *
4063 * Some math here:
Joseph Herlant017b3da2018-11-15 09:07:59 -08004064 * There are 2^n - 1 possible combinations, each unique
yanbzhu08ce6ab2015-12-02 13:01:29 -05004065 * combination is denoted by the key in the map. Each key
4066 * has a value between 1 and 2^n - 1. Conveniently, the array
4067 * of SSL_CTX* is sized 2^n. So, we can simply use the i'th
4068 * entry in the array to correspond to the unique combo (key)
4069 * associated with i. This unique key combo (i) will be associated
4070 * with combos[i-1]
4071 */
4072
4073 node = ebmb_first(&sni_keytypes_map);
4074 while (node) {
4075 SSL_CTX *cur_ctx;
Bertrand Jacquin33423092016-11-13 16:37:13 +00004076 char cur_file[MAXPATHLEN+1];
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02004077 const struct pkey_info kinfo = { .sig = TLSEXT_signature_anonymous, .bits = 0 };
yanbzhu08ce6ab2015-12-02 13:01:29 -05004078
4079 str = (char *)container_of(node, struct sni_keytype, name)->name.key;
4080 i = container_of(node, struct sni_keytype, name)->keytypes;
4081 cur_ctx = key_combos[i-1].ctx;
4082
4083 if (cur_ctx == NULL) {
4084 /* need to create SSL_CTX */
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01004085 cur_ctx = SSL_CTX_new(SSLv23_server_method());
yanbzhu08ce6ab2015-12-02 13:01:29 -05004086 if (cur_ctx == NULL) {
4087 memprintf(err, "%sunable to allocate SSL context.\n",
4088 err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004089 errcode |= ERR_ALERT | ERR_FATAL;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004090 goto end;
4091 }
4092
yanbzhube2774d2015-12-10 15:07:30 -05004093 /* Load all required certs/keys/chains/OCSPs info into SSL_CTX */
yanbzhu08ce6ab2015-12-02 13:01:29 -05004094 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
4095 if (i & (1<<n)) {
4096 /* Key combo contains ckch[n] */
Bertrand Jacquin33423092016-11-13 16:37:13 +00004097 snprintf(cur_file, MAXPATHLEN+1, "%s.%s", path, SSL_SOCK_KEYTYPE_NAMES[n]);
Emeric Bruna96b5822019-10-17 13:25:14 +02004098 errcode |= ssl_sock_put_ckch_into_ctx(cur_file, &certs_and_keys[n], cur_ctx, err);
4099 if (errcode & ERR_CODE)
yanbzhu08ce6ab2015-12-02 13:01:29 -05004100 goto end;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004101 }
4102 }
4103
yanbzhu08ce6ab2015-12-02 13:01:29 -05004104 /* Update key_combos */
4105 key_combos[i-1].ctx = cur_ctx;
4106 }
4107
4108 /* Update SNI Tree */
William Lallemand9117de92019-10-04 00:29:42 +02004109
William Lallemand1d29c742019-10-04 00:53:29 +02004110 key_combos[i-1].order = ckch_inst_add_cert_sni(cur_ctx, ckch_inst, bind_conf, ssl_conf,
William Lallemandfe49bb32019-10-03 23:46:33 +02004111 kinfo, str, key_combos[i-1].order);
4112 if (key_combos[i-1].order < 0) {
4113 memprintf(err, "%sunable to create a sni context.\n", err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004114 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandfe49bb32019-10-03 23:46:33 +02004115 goto end;
4116 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004117 node = ebmb_next(node);
4118 }
4119
4120
4121 /* Mark a default context if none exists, using the ctx that has the most shared keys */
4122 if (!bind_conf->default_ctx) {
4123 for (i = SSL_SOCK_POSSIBLE_KT_COMBOS - 1; i >= 0; i--) {
4124 if (key_combos[i].ctx) {
4125 bind_conf->default_ctx = key_combos[i].ctx;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004126 bind_conf->default_ssl_conf = ssl_conf;
William Lallemand21724f02019-11-04 17:56:13 +01004127 ckch_inst->is_default = 1;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004128 break;
4129 }
4130 }
4131 }
4132
William Lallemand614ca0d2019-10-07 13:52:11 +02004133 ckch_inst->bind_conf = bind_conf;
William Lallemand150bfa82019-09-19 17:12:49 +02004134 ckch_inst->ssl_conf = ssl_conf;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004135end:
4136
4137 if (names)
4138 sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
4139
yanbzhu08ce6ab2015-12-02 13:01:29 -05004140 node = ebmb_first(&sni_keytypes_map);
4141 while (node) {
4142 next = ebmb_next(node);
4143 ebmb_delete(node);
William Lallemand8ed5b962019-10-04 17:24:39 +02004144 free(ebmb_entry(node, struct sni_keytype, name));
yanbzhu08ce6ab2015-12-02 13:01:29 -05004145 node = next;
4146 }
4147
Emeric Brun054563d2019-10-17 13:16:58 +02004148 if (errcode & ERR_CODE && ckch_inst) {
William Lallemand0c6d12f2019-10-04 18:38:51 +02004149 struct sni_ctx *sc0, *sc0b;
4150
4151 /* free the SSL_CTX in case of error */
4152 for (i = 0; i < SSL_SOCK_POSSIBLE_KT_COMBOS; i++) {
4153 if (key_combos[i].ctx)
4154 SSL_CTX_free(key_combos[i].ctx);
4155 }
4156
4157 /* free the sni_ctx in case of error */
4158 list_for_each_entry_safe(sc0, sc0b, &ckch_inst->sni_ctx, by_ckch_inst) {
4159
4160 ebmb_delete(&sc0->name);
4161 LIST_DEL(&sc0->by_ckch_inst);
4162 free(sc0);
4163 }
William Lallemand614ca0d2019-10-07 13:52:11 +02004164 free(ckch_inst);
4165 ckch_inst = NULL;
William Lallemand0c6d12f2019-10-04 18:38:51 +02004166 }
4167
Emeric Brun054563d2019-10-17 13:16:58 +02004168 *ckchi = ckch_inst;
4169 return errcode;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004170}
4171#else
4172/* This is a dummy, that just logs an error and returns error */
Emeric Brun054563d2019-10-17 13:16:58 +02004173static int ckch_inst_new_load_multi_store(const char *path, struct ckch_store *ckchs,
4174 struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf,
4175 char **sni_filter, int fcount, struct ckch_inst **ckchi, char **err)
yanbzhu08ce6ab2015-12-02 13:01:29 -05004176{
4177 memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
4178 err && *err ? *err : "", path, strerror(errno));
Emeric Brun054563d2019-10-17 13:16:58 +02004179 return ERR_ALERT | ERR_FATAL;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004180}
4181
Willy Tarreau9a1ab082019-05-09 13:26:41 +02004182#endif /* #if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL: Support for loading multiple certs into a single SSL_CTX */
yanbzhu488a4d22015-12-01 15:16:07 -05004183
William Lallemand614ca0d2019-10-07 13:52:11 +02004184/*
4185 * This function allocate a ckch_inst and create its snis
Emeric Brun054563d2019-10-17 13:16:58 +02004186 *
4187 * Returns a bitfield containing the flags:
4188 * ERR_FATAL in any fatal error case
4189 * ERR_ALERT if the reason of the error is available in err
4190 * ERR_WARN if a warning is available into err
William Lallemand614ca0d2019-10-07 13:52:11 +02004191 */
Emeric Brun054563d2019-10-17 13:16:58 +02004192static int ckch_inst_new_load_store(const char *path, struct ckch_store *ckchs, struct bind_conf *bind_conf,
4193 struct ssl_bind_conf *ssl_conf, char **sni_filter, int fcount, struct ckch_inst **ckchi, char **err)
Emeric Brunfc0421f2012-09-07 17:30:07 +02004194{
William Lallemandc9402072019-05-15 15:33:54 +02004195 SSL_CTX *ctx;
William Lallemandc9402072019-05-15 15:33:54 +02004196 int i;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004197 int order = 0;
4198 X509_NAME *xname;
4199 char *str;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01004200 EVP_PKEY *pkey;
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02004201 struct pkey_info kinfo = { .sig = TLSEXT_signature_anonymous, .bits = 0 };
Emeric Brunfc0421f2012-09-07 17:30:07 +02004202#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
4203 STACK_OF(GENERAL_NAME) *names;
4204#endif
William Lallemand36b84632019-07-18 19:28:17 +02004205 struct cert_key_and_chain *ckch;
William Lallemand614ca0d2019-10-07 13:52:11 +02004206 struct ckch_inst *ckch_inst = NULL;
Emeric Brun054563d2019-10-17 13:16:58 +02004207 int errcode = 0;
4208
4209 *ckchi = NULL;
William Lallemanda59191b2019-05-15 16:08:56 +02004210
William Lallemande3af8fb2019-10-08 11:36:53 +02004211 if (!ckchs || !ckchs->ckch)
Emeric Brun054563d2019-10-17 13:16:58 +02004212 return ERR_FATAL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004213
William Lallemande3af8fb2019-10-08 11:36:53 +02004214 ckch = ckchs->ckch;
William Lallemand36b84632019-07-18 19:28:17 +02004215
William Lallemand150bfa82019-09-19 17:12:49 +02004216 /* at least one of the instances is using filters during the config
4217 * parsing, that's ok to inherit this during loading on CLI */
William Lallemand920b0352019-12-04 15:33:01 +01004218 ckchs->filters |= !!fcount;
William Lallemand150bfa82019-09-19 17:12:49 +02004219
William Lallemandc9402072019-05-15 15:33:54 +02004220 ctx = SSL_CTX_new(SSLv23_server_method());
4221 if (!ctx) {
4222 memprintf(err, "%sunable to allocate SSL context for cert '%s'.\n",
4223 err && *err ? *err : "", path);
Emeric Brun054563d2019-10-17 13:16:58 +02004224 errcode |= ERR_ALERT | ERR_FATAL;
4225 goto error;
William Lallemandc9402072019-05-15 15:33:54 +02004226 }
4227
Emeric Bruna96b5822019-10-17 13:25:14 +02004228 errcode |= ssl_sock_put_ckch_into_ctx(path, ckch, ctx, err);
4229 if (errcode & ERR_CODE)
William Lallemand614ca0d2019-10-07 13:52:11 +02004230 goto error;
William Lallemand614ca0d2019-10-07 13:52:11 +02004231
4232 ckch_inst = ckch_inst_new();
4233 if (!ckch_inst) {
4234 memprintf(err, "%sunable to allocate SSL context for cert '%s'.\n",
4235 err && *err ? *err : "", path);
Emeric Brun054563d2019-10-17 13:16:58 +02004236 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandd9199372019-10-04 15:37:05 +02004237 goto error;
William Lallemandc9402072019-05-15 15:33:54 +02004238 }
4239
William Lallemand36b84632019-07-18 19:28:17 +02004240 pkey = X509_get_pubkey(ckch->cert);
Emmanuel Hocdet05942112017-02-20 16:11:50 +01004241 if (pkey) {
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02004242 kinfo.bits = EVP_PKEY_bits(pkey);
Emmanuel Hocdet05942112017-02-20 16:11:50 +01004243 switch(EVP_PKEY_base_id(pkey)) {
4244 case EVP_PKEY_RSA:
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02004245 kinfo.sig = TLSEXT_signature_rsa;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01004246 break;
4247 case EVP_PKEY_EC:
Emmanuel Hocdetddc090b2017-10-27 18:43:29 +02004248 kinfo.sig = TLSEXT_signature_ecdsa;
4249 break;
4250 case EVP_PKEY_DSA:
4251 kinfo.sig = TLSEXT_signature_dsa;
Emmanuel Hocdet05942112017-02-20 16:11:50 +01004252 break;
4253 }
4254 EVP_PKEY_free(pkey);
4255 }
4256
Emeric Brun50bcecc2013-04-22 13:05:23 +02004257 if (fcount) {
William Lallemandfe49bb32019-10-03 23:46:33 +02004258 while (fcount--) {
William Lallemand1d29c742019-10-04 00:53:29 +02004259 order = ckch_inst_add_cert_sni(ctx, ckch_inst, bind_conf, ssl_conf, kinfo, sni_filter[fcount], order);
William Lallemandfe49bb32019-10-03 23:46:33 +02004260 if (order < 0) {
4261 memprintf(err, "%sunable to create a sni context.\n", err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004262 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandd9199372019-10-04 15:37:05 +02004263 goto error;
William Lallemandfe49bb32019-10-03 23:46:33 +02004264 }
4265 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004266 }
4267 else {
Emeric Brunfc0421f2012-09-07 17:30:07 +02004268#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
William Lallemand36b84632019-07-18 19:28:17 +02004269 names = X509_get_ext_d2i(ckch->cert, NID_subject_alt_name, NULL, NULL);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004270 if (names) {
4271 for (i = 0; i < sk_GENERAL_NAME_num(names); i++) {
4272 GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
4273 if (name->type == GEN_DNS) {
4274 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
William Lallemand1d29c742019-10-04 00:53:29 +02004275 order = ckch_inst_add_cert_sni(ctx, ckch_inst, bind_conf, ssl_conf, kinfo, str, order);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004276 OPENSSL_free(str);
William Lallemandfe49bb32019-10-03 23:46:33 +02004277 if (order < 0) {
4278 memprintf(err, "%sunable to create a sni context.\n", err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004279 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandd9199372019-10-04 15:37:05 +02004280 goto error;
William Lallemandfe49bb32019-10-03 23:46:33 +02004281 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004282 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004283 }
4284 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004285 sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
Emeric Brunfc0421f2012-09-07 17:30:07 +02004286 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004287#endif /* SSL_CTRL_SET_TLSEXT_HOSTNAME */
William Lallemand36b84632019-07-18 19:28:17 +02004288 xname = X509_get_subject_name(ckch->cert);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004289 i = -1;
4290 while ((i = X509_NAME_get_index_by_NID(xname, NID_commonName, i)) != -1) {
4291 X509_NAME_ENTRY *entry = X509_NAME_get_entry(xname, i);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02004292 ASN1_STRING *value;
4293
4294 value = X509_NAME_ENTRY_get_data(entry);
4295 if (ASN1_STRING_to_UTF8((unsigned char **)&str, value) >= 0) {
William Lallemand1d29c742019-10-04 00:53:29 +02004296 order = ckch_inst_add_cert_sni(ctx, ckch_inst, bind_conf, ssl_conf, kinfo, str, order);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004297 OPENSSL_free(str);
William Lallemandfe49bb32019-10-03 23:46:33 +02004298 if (order < 0) {
4299 memprintf(err, "%sunable to create a sni context.\n", err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004300 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandd9199372019-10-04 15:37:05 +02004301 goto error;
William Lallemandfe49bb32019-10-03 23:46:33 +02004302 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004303 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004304 }
4305 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004306 /* we must not free the SSL_CTX anymore below, since it's already in
4307 * the tree, so it will be discovered and cleaned in time.
4308 */
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02004309
Emeric Brunfc0421f2012-09-07 17:30:07 +02004310#ifndef SSL_CTRL_SET_TLSEXT_HOSTNAME
Willy Tarreau2a65ff02012-09-13 17:54:29 +02004311 if (bind_conf->default_ctx) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +02004312 memprintf(err, "%sthis version of openssl cannot load multiple SSL certificates.\n",
4313 err && *err ? *err : "");
Emeric Brun054563d2019-10-17 13:16:58 +02004314 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemandd9199372019-10-04 15:37:05 +02004315 goto error;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004316 }
4317#endif
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004318 if (!bind_conf->default_ctx) {
Willy Tarreau2a65ff02012-09-13 17:54:29 +02004319 bind_conf->default_ctx = ctx;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004320 bind_conf->default_ssl_conf = ssl_conf;
William Lallemand21724f02019-11-04 17:56:13 +01004321 ckch_inst->is_default = 1;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004322 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004323
William Lallemand9117de92019-10-04 00:29:42 +02004324 /* everything succeed, the ckch instance can be used */
4325 ckch_inst->bind_conf = bind_conf;
William Lallemand150bfa82019-09-19 17:12:49 +02004326 ckch_inst->ssl_conf = ssl_conf;
William Lallemand9117de92019-10-04 00:29:42 +02004327
Emeric Brun054563d2019-10-17 13:16:58 +02004328 *ckchi = ckch_inst;
4329 return errcode;
William Lallemandd9199372019-10-04 15:37:05 +02004330
4331error:
4332 /* free the allocated sni_ctxs */
William Lallemand614ca0d2019-10-07 13:52:11 +02004333 if (ckch_inst) {
William Lallemandd9199372019-10-04 15:37:05 +02004334 struct sni_ctx *sc0, *sc0b;
4335
4336 list_for_each_entry_safe(sc0, sc0b, &ckch_inst->sni_ctx, by_ckch_inst) {
4337
4338 ebmb_delete(&sc0->name);
4339 LIST_DEL(&sc0->by_ckch_inst);
4340 free(sc0);
4341 }
William Lallemand614ca0d2019-10-07 13:52:11 +02004342 free(ckch_inst);
4343 ckch_inst = NULL;
William Lallemandd9199372019-10-04 15:37:05 +02004344 }
4345 /* We only created 1 SSL_CTX so we can free it there */
4346 SSL_CTX_free(ctx);
4347
Emeric Brun054563d2019-10-17 13:16:58 +02004348 return errcode;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004349}
4350
Willy Tarreau8c5414a2019-10-16 17:06:25 +02004351/* Returns a set of ERR_* flags possibly with an error in <err>. */
William Lallemand614ca0d2019-10-07 13:52:11 +02004352static int ssl_sock_load_ckchs(const char *path, struct ckch_store *ckchs,
4353 struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf,
4354 char **sni_filter, int fcount, char **err)
4355{
4356 struct ckch_inst *ckch_inst = NULL;
Emeric Brun054563d2019-10-17 13:16:58 +02004357 int errcode = 0;
William Lallemand614ca0d2019-10-07 13:52:11 +02004358
4359 /* we found the ckchs in the tree, we can use it directly */
4360 if (ckchs->multi)
Emeric Brun054563d2019-10-17 13:16:58 +02004361 errcode |= ckch_inst_new_load_multi_store(path, ckchs, bind_conf, ssl_conf, sni_filter, fcount, &ckch_inst, err);
William Lallemand614ca0d2019-10-07 13:52:11 +02004362 else
Emeric Brun054563d2019-10-17 13:16:58 +02004363 errcode |= ckch_inst_new_load_store(path, ckchs, bind_conf, ssl_conf, sni_filter, fcount, &ckch_inst, err);
William Lallemand614ca0d2019-10-07 13:52:11 +02004364
Emeric Brun054563d2019-10-17 13:16:58 +02004365 if (errcode & ERR_CODE)
4366 return errcode;
William Lallemand614ca0d2019-10-07 13:52:11 +02004367
4368 ssl_sock_load_cert_sni(ckch_inst, bind_conf);
4369
4370 /* succeed, add the instance to the ckch_store's list of instance */
4371 LIST_ADDQ(&ckchs->ckch_inst, &ckch_inst->by_ckchs);
Emeric Brun054563d2019-10-17 13:16:58 +02004372 return errcode;
William Lallemand614ca0d2019-10-07 13:52:11 +02004373}
4374
4375
Willy Tarreaubbc91962019-10-16 16:42:19 +02004376/* Returns a set of ERR_* flags possibly with an error in <err>. */
Willy Tarreau03209342016-12-22 17:08:28 +01004377int ssl_sock_load_cert(char *path, struct bind_conf *bind_conf, char **err)
Emeric Brunfc0421f2012-09-07 17:30:07 +02004378{
Cyril Bonté3180f7b2015-01-25 00:16:08 +01004379 struct dirent **de_list;
4380 int i, n;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004381 struct stat buf;
Willy Tarreauee2663b2012-12-06 11:36:59 +01004382 char *end;
4383 char fp[MAXPATHLEN+1];
Emeric Brunfc0421f2012-09-07 17:30:07 +02004384 int cfgerr = 0;
William Lallemande3af8fb2019-10-08 11:36:53 +02004385 struct ckch_store *ckchs;
Willy Tarreau9a1ab082019-05-09 13:26:41 +02004386#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhu63ea8462015-12-09 13:35:14 -05004387 int is_bundle;
4388 int j;
4389#endif
William Lallemande3af8fb2019-10-08 11:36:53 +02004390 if ((ckchs = ckchs_lookup(path))) {
William Lallemande3af8fb2019-10-08 11:36:53 +02004391 /* we found the ckchs in the tree, we can use it directly */
Willy Tarreau8c5414a2019-10-16 17:06:25 +02004392 return ssl_sock_load_ckchs(path, ckchs, bind_conf, NULL, NULL, 0, err);
William Lallemand6af03992019-07-23 15:00:54 +02004393 }
4394
yanbzhu08ce6ab2015-12-02 13:01:29 -05004395 if (stat(path, &buf) == 0) {
William Dauchy9a8ef7f2020-01-13 17:52:49 +01004396 if (S_ISDIR(buf.st_mode) == 0) {
William Lallemande3af8fb2019-10-08 11:36:53 +02004397 ckchs = ckchs_load_cert_file(path, 0, err);
4398 if (!ckchs)
Willy Tarreaubbc91962019-10-16 16:42:19 +02004399 return ERR_ALERT | ERR_FATAL;
4400
Willy Tarreau8c5414a2019-10-16 17:06:25 +02004401 return ssl_sock_load_ckchs(path, ckchs, bind_conf, NULL, NULL, 0, err);
William Lallemand36b84632019-07-18 19:28:17 +02004402 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02004403
yanbzhu08ce6ab2015-12-02 13:01:29 -05004404 /* strip trailing slashes, including first one */
4405 for (end = path + strlen(path) - 1; end >= path && *end == '/'; end--)
4406 *end = 0;
Emeric Brunfc0421f2012-09-07 17:30:07 +02004407
yanbzhu08ce6ab2015-12-02 13:01:29 -05004408 n = scandir(path, &de_list, 0, alphasort);
4409 if (n < 0) {
4410 memprintf(err, "%sunable to scan directory '%s' : %s.\n",
4411 err && *err ? *err : "", path, strerror(errno));
Willy Tarreaubbc91962019-10-16 16:42:19 +02004412 cfgerr |= ERR_ALERT | ERR_FATAL;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004413 }
4414 else {
4415 for (i = 0; i < n; i++) {
4416 struct dirent *de = de_list[i];
Emeric Brun2aab7222014-06-18 18:15:09 +02004417
yanbzhu08ce6ab2015-12-02 13:01:29 -05004418 end = strrchr(de->d_name, '.');
William Lallemand3f25ae32020-02-24 16:30:12 +01004419 if (end && (!strcmp(end, ".issuer") || !strcmp(end, ".ocsp") || !strcmp(end, ".sctl") || !strcmp(end, ".key")))
yanbzhu08ce6ab2015-12-02 13:01:29 -05004420 goto ignore_entry;
Cyril Bonté3180f7b2015-01-25 00:16:08 +01004421
yanbzhu08ce6ab2015-12-02 13:01:29 -05004422 snprintf(fp, sizeof(fp), "%s/%s", path, de->d_name);
4423 if (stat(fp, &buf) != 0) {
4424 memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
4425 err && *err ? *err : "", fp, strerror(errno));
Willy Tarreaubbc91962019-10-16 16:42:19 +02004426 cfgerr |= ERR_ALERT | ERR_FATAL;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004427 goto ignore_entry;
4428 }
4429 if (!S_ISREG(buf.st_mode))
4430 goto ignore_entry;
yanbzhu63ea8462015-12-09 13:35:14 -05004431
Willy Tarreau9a1ab082019-05-09 13:26:41 +02004432#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
yanbzhu63ea8462015-12-09 13:35:14 -05004433 is_bundle = 0;
4434 /* Check if current entry in directory is part of a multi-cert bundle */
4435
William Lallemand3af48e72020-02-03 17:15:52 +01004436 if ((global_ssl.extra_files & SSL_GF_BUNDLE) && end) {
yanbzhu63ea8462015-12-09 13:35:14 -05004437 for (j = 0; j < SSL_SOCK_NUM_KEYTYPES; j++) {
4438 if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) {
4439 is_bundle = 1;
4440 break;
4441 }
4442 }
4443
4444 if (is_bundle) {
yanbzhu63ea8462015-12-09 13:35:14 -05004445 int dp_len;
4446
4447 dp_len = end - de->d_name;
yanbzhu63ea8462015-12-09 13:35:14 -05004448
4449 /* increment i and free de until we get to a non-bundle cert
4450 * Note here that we look at de_list[i + 1] before freeing de
Willy Tarreau05800522019-10-29 10:48:50 +01004451 * this is important since ignore_entry will free de. This also
4452 * guarantees that de->d_name continues to hold the same prefix.
yanbzhu63ea8462015-12-09 13:35:14 -05004453 */
Willy Tarreau05800522019-10-29 10:48:50 +01004454 while (i + 1 < n && !strncmp(de_list[i + 1]->d_name, de->d_name, dp_len)) {
yanbzhu63ea8462015-12-09 13:35:14 -05004455 free(de);
4456 i++;
4457 de = de_list[i];
4458 }
4459
Willy Tarreau05800522019-10-29 10:48:50 +01004460 snprintf(fp, sizeof(fp), "%s/%.*s", path, dp_len, de->d_name);
William Lallemande3af8fb2019-10-08 11:36:53 +02004461 if ((ckchs = ckchs_lookup(fp)) == NULL)
4462 ckchs = ckchs_load_cert_file(fp, 1, err);
4463 if (!ckchs)
Willy Tarreaubbc91962019-10-16 16:42:19 +02004464 cfgerr |= ERR_ALERT | ERR_FATAL;
Willy Tarreau8c5414a2019-10-16 17:06:25 +02004465 else
4466 cfgerr |= ssl_sock_load_ckchs(path, ckchs, bind_conf, NULL, NULL, 0, err);
yanbzhu63ea8462015-12-09 13:35:14 -05004467 /* Successfully processed the bundle */
4468 goto ignore_entry;
4469 }
4470 }
4471
4472#endif
William Lallemande3af8fb2019-10-08 11:36:53 +02004473 if ((ckchs = ckchs_lookup(fp)) == NULL)
4474 ckchs = ckchs_load_cert_file(fp, 0, err);
4475 if (!ckchs)
Willy Tarreaubbc91962019-10-16 16:42:19 +02004476 cfgerr |= ERR_ALERT | ERR_FATAL;
William Lallemand614ca0d2019-10-07 13:52:11 +02004477 else
Willy Tarreau8c5414a2019-10-16 17:06:25 +02004478 cfgerr |= ssl_sock_load_ckchs(path, ckchs, bind_conf, NULL, NULL, 0, err);
William Lallemand36b84632019-07-18 19:28:17 +02004479
yanbzhu08ce6ab2015-12-02 13:01:29 -05004480ignore_entry:
4481 free(de);
Cyril Bonté3180f7b2015-01-25 00:16:08 +01004482 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004483 free(de_list);
Emeric Brunfc0421f2012-09-07 17:30:07 +02004484 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004485 return cfgerr;
yanbzhu08ce6ab2015-12-02 13:01:29 -05004486
William Lallemand3af48e72020-02-03 17:15:52 +01004487 } else {
4488 /* stat failed */
Willy Tarreaubbc91962019-10-16 16:42:19 +02004489
William Lallemand3af48e72020-02-03 17:15:52 +01004490 if (global_ssl.extra_files & SSL_GF_BUNDLE) {
4491 /* try to load a bundle if it is permitted */
4492 ckchs = ckchs_load_cert_file(path, 1, err);
4493 if (!ckchs)
4494 return ERR_ALERT | ERR_FATAL;
4495 cfgerr |= ssl_sock_load_ckchs(path, ckchs, bind_conf, NULL, NULL, 0, err);
4496 } else {
4497 memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
4498 err && *err ? *err : "", fp, strerror(errno));
4499 cfgerr |= ERR_ALERT | ERR_FATAL;
4500 }
4501 }
yanbzhu08ce6ab2015-12-02 13:01:29 -05004502
Emeric Brunfc0421f2012-09-07 17:30:07 +02004503 return cfgerr;
4504}
4505
Thierry Fournier383085f2013-01-24 14:15:43 +01004506/* Make sure openssl opens /dev/urandom before the chroot. The work is only
4507 * done once. Zero is returned if the operation fails. No error is returned
4508 * if the random is said as not implemented, because we expect that openssl
4509 * will use another method once needed.
4510 */
4511static int ssl_initialize_random()
4512{
4513 unsigned char random;
4514 static int random_initialized = 0;
4515
4516 if (!random_initialized && RAND_bytes(&random, 1) != 0)
4517 random_initialized = 1;
4518
4519 return random_initialized;
4520}
4521
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004522/* release ssl bind conf */
4523void ssl_sock_free_ssl_conf(struct ssl_bind_conf *conf)
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004524{
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004525 if (conf) {
Bernard Spil13c53f82018-02-15 13:34:58 +01004526#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004527 free(conf->npn_str);
4528 conf->npn_str = NULL;
4529#endif
4530#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
4531 free(conf->alpn_str);
4532 conf->alpn_str = NULL;
4533#endif
4534 free(conf->ca_file);
4535 conf->ca_file = NULL;
4536 free(conf->crl_file);
4537 conf->crl_file = NULL;
4538 free(conf->ciphers);
4539 conf->ciphers = NULL;
Emmanuel Hocdet839af572019-05-14 16:27:35 +02004540#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02004541 free(conf->ciphersuites);
4542 conf->ciphersuites = NULL;
4543#endif
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01004544 free(conf->curves);
4545 conf->curves = NULL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004546 free(conf->ecdhe);
4547 conf->ecdhe = NULL;
4548 }
4549}
4550
Willy Tarreaubbc91962019-10-16 16:42:19 +02004551/* Returns a set of ERR_* flags possibly with an error in <err>. */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004552int ssl_sock_load_cert_list_file(char *file, struct bind_conf *bind_conf, struct proxy *curproxy, char **err)
4553{
4554 char thisline[CRT_LINESIZE];
4555 char path[MAXPATHLEN+1];
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004556 FILE *f;
yanbzhu1b04e5b2015-12-02 13:54:14 -05004557 struct stat buf;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004558 int linenum = 0;
4559 int cfgerr = 0;
William Lallemande3af8fb2019-10-08 11:36:53 +02004560 struct ckch_store *ckchs;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004561
Willy Tarreauad1731d2013-04-02 17:35:58 +02004562 if ((f = fopen(file, "r")) == NULL) {
4563 memprintf(err, "cannot open file '%s' : %s", file, strerror(errno));
Willy Tarreaubbc91962019-10-16 16:42:19 +02004564 return ERR_ALERT | ERR_FATAL;
Willy Tarreauad1731d2013-04-02 17:35:58 +02004565 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004566
4567 while (fgets(thisline, sizeof(thisline), f) != NULL) {
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004568 int arg, newarg, cur_arg, i, ssl_b = 0, ssl_e = 0;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004569 char *end;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004570 char *args[MAX_CRT_ARGS + 1];
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004571 char *line = thisline;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004572 char *crt_path;
4573 struct ssl_bind_conf *ssl_conf = NULL;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004574
4575 linenum++;
4576 end = line + strlen(line);
4577 if (end-line == sizeof(thisline)-1 && *(end-1) != '\n') {
4578 /* Check if we reached the limit and the last char is not \n.
4579 * Watch out for the last line without the terminating '\n'!
4580 */
Willy Tarreauad1731d2013-04-02 17:35:58 +02004581 memprintf(err, "line %d too long in file '%s', limit is %d characters",
4582 linenum, file, (int)sizeof(thisline)-1);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004583 cfgerr |= ERR_ALERT | ERR_FATAL;
Willy Tarreauad1731d2013-04-02 17:35:58 +02004584 break;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004585 }
4586
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004587 arg = 0;
Emeric Brun50bcecc2013-04-22 13:05:23 +02004588 newarg = 1;
4589 while (*line) {
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004590 if (*line == '#' || *line == '\n' || *line == '\r') {
4591 /* end of string, end of loop */
4592 *line = 0;
4593 break;
Willy Tarreauded15b72020-02-25 07:51:59 +01004594 } else if (isspace((unsigned char)*line)) {
Emeric Brun50bcecc2013-04-22 13:05:23 +02004595 newarg = 1;
4596 *line = 0;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004597 } else if (*line == '[') {
4598 if (ssl_b) {
4599 memprintf(err, "too many '[' on line %d in file '%s'.", linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004600 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004601 break;
4602 }
4603 if (!arg) {
4604 memprintf(err, "file must start with a cert on line %d in file '%s'", linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004605 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004606 break;
4607 }
4608 ssl_b = arg;
4609 newarg = 1;
4610 *line = 0;
4611 } else if (*line == ']') {
4612 if (ssl_e) {
4613 memprintf(err, "too many ']' on line %d in file '%s'.", linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004614 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brun50bcecc2013-04-22 13:05:23 +02004615 break;
4616 }
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004617 if (!ssl_b) {
4618 memprintf(err, "missing '[' in line %d in file '%s'.", linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004619 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004620 break;
4621 }
4622 ssl_e = arg;
4623 newarg = 1;
4624 *line = 0;
4625 } else if (newarg) {
4626 if (arg == MAX_CRT_ARGS) {
4627 memprintf(err, "too many args on line %d in file '%s'.", linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004628 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004629 break;
4630 }
Emeric Brun50bcecc2013-04-22 13:05:23 +02004631 newarg = 0;
4632 args[arg++] = line;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004633 }
Emeric Brun50bcecc2013-04-22 13:05:23 +02004634 line++;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004635 }
Emmanuel Hocdet7c41a1b2013-05-07 20:20:06 +02004636 if (cfgerr)
4637 break;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004638 args[arg++] = line;
Willy Tarreauad1731d2013-04-02 17:35:58 +02004639
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004640 /* empty line */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004641 if (!*args[0])
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004642 continue;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004643
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004644 crt_path = args[0];
4645 if (*crt_path != '/' && global_ssl.crt_base) {
4646 if ((strlen(global_ssl.crt_base) + 1 + strlen(crt_path)) > MAXPATHLEN) {
4647 memprintf(err, "'%s' : path too long on line %d in file '%s'",
4648 crt_path, linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004649 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004650 break;
4651 }
4652 snprintf(path, sizeof(path), "%s/%s", global_ssl.crt_base, crt_path);
4653 crt_path = path;
4654 }
4655
4656 ssl_conf = calloc(1, sizeof *ssl_conf);
4657 cur_arg = ssl_b ? ssl_b : 1;
4658 while (cur_arg < ssl_e) {
4659 newarg = 0;
4660 for (i = 0; ssl_bind_kws[i].kw != NULL; i++) {
4661 if (strcmp(ssl_bind_kws[i].kw, args[cur_arg]) == 0) {
4662 newarg = 1;
Willy Tarreaubbc91962019-10-16 16:42:19 +02004663 cfgerr |= ssl_bind_kws[i].parse(args, cur_arg, curproxy, ssl_conf, err);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004664 if (cur_arg + 1 + ssl_bind_kws[i].skip > ssl_e) {
4665 memprintf(err, "ssl args out of '[]' for %s on line %d in file '%s'",
4666 args[cur_arg], linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004667 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004668 }
4669 cur_arg += 1 + ssl_bind_kws[i].skip;
4670 break;
4671 }
4672 }
4673 if (!cfgerr && !newarg) {
4674 memprintf(err, "unknown ssl keyword %s on line %d in file '%s'.",
4675 args[cur_arg], linenum, file);
Willy Tarreaubbc91962019-10-16 16:42:19 +02004676 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004677 break;
4678 }
4679 }
Willy Tarreaubbc91962019-10-16 16:42:19 +02004680
Emmanuel Hocdet98263292016-12-29 18:26:15 +01004681 if (cfgerr) {
4682 ssl_sock_free_ssl_conf(ssl_conf);
4683 free(ssl_conf);
4684 ssl_conf = NULL;
4685 break;
4686 }
4687
William Lallemande3af8fb2019-10-08 11:36:53 +02004688 if ((ckchs = ckchs_lookup(crt_path)) == NULL) {
William Lallemandeed4bf22019-10-10 11:38:13 +02004689 if (stat(crt_path, &buf) == 0)
William Lallemande3af8fb2019-10-08 11:36:53 +02004690 ckchs = ckchs_load_cert_file(crt_path, 0, err);
Emmanuel Hocdet1503e052019-07-31 18:30:33 +02004691 else
William Lallemande3af8fb2019-10-08 11:36:53 +02004692 ckchs = ckchs_load_cert_file(crt_path, 1, err);
yanbzhu1b04e5b2015-12-02 13:54:14 -05004693 }
4694
Willy Tarreau8c5414a2019-10-16 17:06:25 +02004695 if (!ckchs)
Willy Tarreaubbc91962019-10-16 16:42:19 +02004696 cfgerr |= ERR_ALERT | ERR_FATAL;
Willy Tarreau8c5414a2019-10-16 17:06:25 +02004697 else
4698 cfgerr |= ssl_sock_load_ckchs(crt_path, ckchs, bind_conf, ssl_conf, &args[cur_arg], arg - cur_arg - 1, err);
William Lallemandeed4bf22019-10-10 11:38:13 +02004699
Willy Tarreauad1731d2013-04-02 17:35:58 +02004700 if (cfgerr) {
4701 memprintf(err, "error processing line %d in file '%s' : %s", linenum, file, *err);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004702 break;
Willy Tarreauad1731d2013-04-02 17:35:58 +02004703 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004704 }
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01004705 fclose(f);
4706 return cfgerr;
4707}
4708
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01004709/* Create an initial CTX used to start the SSL connection before switchctx */
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004710static int
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01004711ssl_sock_initial_ctx(struct bind_conf *bind_conf)
Emeric Brunfc0421f2012-09-07 17:30:07 +02004712{
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01004713 SSL_CTX *ctx = NULL;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004714 long options =
Emeric Brunfc0421f2012-09-07 17:30:07 +02004715 SSL_OP_ALL | /* all known workarounds for bugs */
4716 SSL_OP_NO_SSLv2 |
4717 SSL_OP_NO_COMPRESSION |
Emeric Bruna4bcd9a2012-09-20 16:19:02 +02004718 SSL_OP_SINGLE_DH_USE |
Emeric Brun2b58d042012-09-20 17:10:03 +02004719 SSL_OP_SINGLE_ECDH_USE |
Emeric Brun3c4bc6e2012-10-04 18:44:19 +02004720 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION |
Lukas Tribus926594f2018-05-18 17:55:57 +02004721 SSL_OP_PRIORITIZE_CHACHA |
Emeric Brun3c4bc6e2012-10-04 18:44:19 +02004722 SSL_OP_CIPHER_SERVER_PREFERENCE;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004723 long mode =
Emeric Brunfc0421f2012-09-07 17:30:07 +02004724 SSL_MODE_ENABLE_PARTIAL_WRITE |
4725 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
Willy Tarreau396a1862014-11-13 14:06:52 +01004726 SSL_MODE_RELEASE_BUFFERS |
4727 SSL_MODE_SMALL_BUFFERS;
Emmanuel Hocdet43664762017-08-09 18:26:20 +02004728 struct tls_version_filter *conf_ssl_methods = &bind_conf->ssl_conf.ssl_methods;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02004729 int i, min, max, hole;
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004730 int flags = MC_SSL_O_ALL;
4731 int cfgerr = 0;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01004732
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004733 ctx = SSL_CTX_new(SSLv23_server_method());
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004734 bind_conf->initial_ctx = ctx;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004735
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004736 if (conf_ssl_methods->flags && (conf_ssl_methods->min || conf_ssl_methods->max))
Christopher Faulet767a84b2017-11-24 16:50:31 +01004737 ha_warning("Proxy '%s': no-sslv3/no-tlsv1x are ignored for bind '%s' at [%s:%d]. "
4738 "Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
4739 bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004740 else
4741 flags = conf_ssl_methods->flags;
4742
Emmanuel Hocdetbd695fe2017-05-15 15:53:41 +02004743 min = conf_ssl_methods->min;
4744 max = conf_ssl_methods->max;
4745 /* start with TLSv10 to remove SSLv3 per default */
4746 if (!min && (!max || max >= CONF_TLSV10))
4747 min = CONF_TLSV10;
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02004748 /* Real min and max should be determinate with configuration and openssl's capabilities */
Emmanuel Hocdetbd695fe2017-05-15 15:53:41 +02004749 if (min)
4750 flags |= (methodVersions[min].flag - 1);
4751 if (max)
4752 flags |= ~((methodVersions[max].flag << 1) - 1);
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02004753 /* find min, max and holes */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02004754 min = max = CONF_TLSV_NONE;
4755 hole = 0;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004756 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02004757 /* version is in openssl && version not disable in configuration */
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004758 if (methodVersions[i].option && !(flags & methodVersions[i].flag)) {
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02004759 if (min) {
4760 if (hole) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01004761 ha_warning("Proxy '%s': SSL/TLS versions range not contiguous for bind '%s' at [%s:%d]. "
4762 "Hole find for %s. Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
4763 bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line,
4764 methodVersions[hole].name);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02004765 hole = 0;
4766 }
4767 max = i;
4768 }
4769 else {
4770 min = max = i;
4771 }
4772 }
4773 else {
4774 if (min)
4775 hole = i;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02004776 }
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004777 if (!min) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01004778 ha_alert("Proxy '%s': all SSL/TLS versions are disabled for bind '%s' at [%s:%d].\n",
4779 bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004780 cfgerr += 1;
4781 }
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02004782 /* save real min/max in bind_conf */
4783 conf_ssl_methods->min = min;
4784 conf_ssl_methods->max = max;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004785
Willy Tarreau9a1ab082019-05-09 13:26:41 +02004786#if (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004787 /* Keep force-xxx implementation as it is in older haproxy. It's a
Joseph Herlant017b3da2018-11-15 09:07:59 -08004788 precautionary measure to avoid any surprise with older openssl version. */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004789 if (min == max)
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02004790 methodVersions[min].ctx_set_version(ctx, SET_SERVER);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004791 else
4792 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
4793 if (flags & methodVersions[i].flag)
4794 options |= methodVersions[i].option;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004795#else /* openssl >= 1.1.0 */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02004796 /* set the max_version is required to cap TLS version or activate new TLS (v1.3) */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02004797 methodVersions[min].ctx_set_version(ctx, SET_MIN);
4798 methodVersions[max].ctx_set_version(ctx, SET_MAX);
Emeric Brunfa5c5c82017-04-28 16:19:51 +02004799#endif
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004800
4801 if (bind_conf->ssl_options & BC_SSL_O_NO_TLS_TICKETS)
4802 options |= SSL_OP_NO_TICKET;
4803 if (bind_conf->ssl_options & BC_SSL_O_PREF_CLIE_CIPH)
4804 options &= ~SSL_OP_CIPHER_SERVER_PREFERENCE;
Dirkjan Bussink526894f2019-01-21 09:35:03 -08004805
4806#ifdef SSL_OP_NO_RENEGOTIATION
4807 options |= SSL_OP_NO_RENEGOTIATION;
4808#endif
4809
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004810 SSL_CTX_set_options(ctx, options);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00004811
Willy Tarreau5db847a2019-05-09 14:13:35 +02004812#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00004813 if (global_ssl.async)
4814 mode |= SSL_MODE_ASYNC;
4815#endif
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02004816 SSL_CTX_set_mode(ctx, mode);
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01004817 if (global_ssl.life_time)
4818 SSL_CTX_set_timeout(ctx, global_ssl.life_time);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01004819
4820#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
4821#ifdef OPENSSL_IS_BORINGSSL
4822 SSL_CTX_set_select_certificate_cb(ctx, ssl_sock_switchctx_cbk);
4823 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
Ilya Shipitsine9ff8992020-01-19 12:20:14 +05004824#elif defined(SSL_OP_NO_ANTI_REPLAY)
Olivier Houchard545989f2019-12-17 15:39:54 +01004825 if (bind_conf->ssl_conf.early_data)
Olivier Houchard51088ce2019-01-02 18:46:41 +01004826 SSL_CTX_set_options(ctx, SSL_OP_NO_ANTI_REPLAY);
Emmanuel Hocdet84e417d2017-08-16 11:33:17 +02004827 SSL_CTX_set_client_hello_cb(ctx, ssl_sock_switchctx_cbk, NULL);
4828 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01004829#else
4830 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_cbk);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01004831#endif
Emmanuel Hocdet253c62b2017-08-14 11:01:25 +02004832 SSL_CTX_set_tlsext_servername_arg(ctx, bind_conf);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01004833#endif
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02004834 return cfgerr;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01004835}
4836
William Lallemand4f45bb92017-10-30 20:08:51 +01004837
4838static inline void sh_ssl_sess_free_blocks(struct shared_block *first, struct shared_block *block)
4839{
4840 if (first == block) {
4841 struct sh_ssl_sess_hdr *sh_ssl_sess = (struct sh_ssl_sess_hdr *)first->data;
4842 if (first->len > 0)
4843 sh_ssl_sess_tree_delete(sh_ssl_sess);
4844 }
4845}
4846
4847/* return first block from sh_ssl_sess */
4848static inline struct shared_block *sh_ssl_sess_first_block(struct sh_ssl_sess_hdr *sh_ssl_sess)
4849{
4850 return (struct shared_block *)((unsigned char *)sh_ssl_sess - ((struct shared_block *)NULL)->data);
4851
4852}
4853
4854/* store a session into the cache
4855 * s_id : session id padded with zero to SSL_MAX_SSL_SESSION_ID_LENGTH
4856 * data: asn1 encoded session
4857 * data_len: asn1 encoded session length
4858 * Returns 1 id session was stored (else 0)
4859 */
4860static int sh_ssl_sess_store(unsigned char *s_id, unsigned char *data, int data_len)
4861{
4862 struct shared_block *first;
4863 struct sh_ssl_sess_hdr *sh_ssl_sess, *oldsh_ssl_sess;
4864
Frédéric Lécaille0bec8072018-10-22 17:55:57 +02004865 first = shctx_row_reserve_hot(ssl_shctx, NULL, data_len + sizeof(struct sh_ssl_sess_hdr));
William Lallemand4f45bb92017-10-30 20:08:51 +01004866 if (!first) {
4867 /* Could not retrieve enough free blocks to store that session */
4868 return 0;
4869 }
4870
4871 /* STORE the key in the first elem */
4872 sh_ssl_sess = (struct sh_ssl_sess_hdr *)first->data;
4873 memcpy(sh_ssl_sess->key_data, s_id, SSL_MAX_SSL_SESSION_ID_LENGTH);
4874 first->len = sizeof(struct sh_ssl_sess_hdr);
4875
4876 /* it returns the already existing node
4877 or current node if none, never returns null */
4878 oldsh_ssl_sess = sh_ssl_sess_tree_insert(sh_ssl_sess);
4879 if (oldsh_ssl_sess != sh_ssl_sess) {
4880 /* NOTE: Row couldn't be in use because we lock read & write function */
4881 /* release the reserved row */
4882 shctx_row_dec_hot(ssl_shctx, first);
4883 /* replace the previous session already in the tree */
4884 sh_ssl_sess = oldsh_ssl_sess;
4885 /* ignore the previous session data, only use the header */
4886 first = sh_ssl_sess_first_block(sh_ssl_sess);
4887 shctx_row_inc_hot(ssl_shctx, first);
4888 first->len = sizeof(struct sh_ssl_sess_hdr);
4889 }
4890
Frédéric Lécaille0bec8072018-10-22 17:55:57 +02004891 if (shctx_row_data_append(ssl_shctx, first, NULL, data, data_len) < 0) {
William Lallemand99b90af2018-01-03 19:15:51 +01004892 shctx_row_dec_hot(ssl_shctx, first);
William Lallemand4f45bb92017-10-30 20:08:51 +01004893 return 0;
William Lallemand99b90af2018-01-03 19:15:51 +01004894 }
4895
4896 shctx_row_dec_hot(ssl_shctx, first);
William Lallemand4f45bb92017-10-30 20:08:51 +01004897
4898 return 1;
4899}
William Lallemanded0b5ad2017-10-30 19:36:36 +01004900
Olivier Houchardbd84ac82017-11-03 13:43:35 +01004901/* SSL callback used when a new session is created while connecting to a server */
4902static int ssl_sess_new_srv_cb(SSL *ssl, SSL_SESSION *sess)
4903{
Thierry FOURNIER28962c92018-06-17 21:37:05 +02004904 struct connection *conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Olivier Houcharde6060c52017-11-16 17:42:52 +01004905 struct server *s;
Olivier Houchardbd84ac82017-11-03 13:43:35 +01004906
Willy Tarreau07d94e42018-09-20 10:57:52 +02004907 s = __objt_server(conn->target);
Olivier Houchardbd84ac82017-11-03 13:43:35 +01004908
Olivier Houcharde6060c52017-11-16 17:42:52 +01004909 if (!(s->ssl_ctx.options & SRV_SSL_O_NO_REUSE)) {
4910 int len;
4911 unsigned char *ptr;
Olivier Houchardbd84ac82017-11-03 13:43:35 +01004912
Olivier Houcharde6060c52017-11-16 17:42:52 +01004913 len = i2d_SSL_SESSION(sess, NULL);
4914 if (s->ssl_ctx.reused_sess[tid].ptr && s->ssl_ctx.reused_sess[tid].allocated_size >= len) {
4915 ptr = s->ssl_ctx.reused_sess[tid].ptr;
4916 } else {
4917 free(s->ssl_ctx.reused_sess[tid].ptr);
4918 ptr = s->ssl_ctx.reused_sess[tid].ptr = malloc(len);
4919 s->ssl_ctx.reused_sess[tid].allocated_size = len;
4920 }
4921 if (s->ssl_ctx.reused_sess[tid].ptr) {
4922 s->ssl_ctx.reused_sess[tid].size = i2d_SSL_SESSION(sess,
4923 &ptr);
4924 }
4925 } else {
4926 free(s->ssl_ctx.reused_sess[tid].ptr);
4927 s->ssl_ctx.reused_sess[tid].ptr = NULL;
4928 }
4929
4930 return 0;
Olivier Houchardbd84ac82017-11-03 13:43:35 +01004931}
4932
Olivier Houcharde6060c52017-11-16 17:42:52 +01004933
William Lallemanded0b5ad2017-10-30 19:36:36 +01004934/* SSL callback used on new session creation */
William Lallemand4f45bb92017-10-30 20:08:51 +01004935int sh_ssl_sess_new_cb(SSL *ssl, SSL_SESSION *sess)
William Lallemanded0b5ad2017-10-30 19:36:36 +01004936{
4937 unsigned char encsess[SHSESS_MAX_DATA_LEN]; /* encoded session */
4938 unsigned char encid[SSL_MAX_SSL_SESSION_ID_LENGTH]; /* encoded id */
4939 unsigned char *p;
4940 int data_len;
Emeric Bruneb469652019-10-08 18:27:37 +02004941 unsigned int sid_length;
William Lallemanded0b5ad2017-10-30 19:36:36 +01004942 const unsigned char *sid_data;
William Lallemanded0b5ad2017-10-30 19:36:36 +01004943
4944 /* Session id is already stored in to key and session id is known
4945 * so we dont store it to keep size.
Emeric Bruneb469652019-10-08 18:27:37 +02004946 * note: SSL_SESSION_set1_id is using
4947 * a memcpy so we need to use a different pointer
4948 * than sid_data or sid_ctx_data to avoid valgrind
4949 * complaining.
William Lallemanded0b5ad2017-10-30 19:36:36 +01004950 */
4951
4952 sid_data = SSL_SESSION_get_id(sess, &sid_length);
Emeric Bruneb469652019-10-08 18:27:37 +02004953
4954 /* copy value in an other buffer */
4955 memcpy(encid, sid_data, sid_length);
4956
4957 /* pad with 0 */
4958 if (sid_length < SSL_MAX_SSL_SESSION_ID_LENGTH)
4959 memset(encid + sid_length, 0, SSL_MAX_SSL_SESSION_ID_LENGTH-sid_length);
4960
4961 /* force length to zero to avoid ASN1 encoding */
4962 SSL_SESSION_set1_id(sess, encid, 0);
4963
4964 /* force length to zero to avoid ASN1 encoding */
4965 SSL_SESSION_set1_id_context(sess, (const unsigned char *)SHCTX_APPNAME, 0);
William Lallemanded0b5ad2017-10-30 19:36:36 +01004966
4967 /* check if buffer is large enough for the ASN1 encoded session */
4968 data_len = i2d_SSL_SESSION(sess, NULL);
4969 if (data_len > SHSESS_MAX_DATA_LEN)
4970 goto err;
4971
4972 p = encsess;
4973
4974 /* process ASN1 session encoding before the lock */
4975 i2d_SSL_SESSION(sess, &p);
4976
William Lallemanded0b5ad2017-10-30 19:36:36 +01004977
William Lallemanda3c77cf2017-10-30 23:44:40 +01004978 shctx_lock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01004979 /* store to cache */
William Lallemand4f45bb92017-10-30 20:08:51 +01004980 sh_ssl_sess_store(encid, encsess, data_len);
William Lallemanda3c77cf2017-10-30 23:44:40 +01004981 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01004982err:
4983 /* reset original length values */
Emeric Bruneb469652019-10-08 18:27:37 +02004984 SSL_SESSION_set1_id(sess, encid, sid_length);
4985 SSL_SESSION_set1_id_context(sess, (const unsigned char *)SHCTX_APPNAME, strlen(SHCTX_APPNAME));
William Lallemanded0b5ad2017-10-30 19:36:36 +01004986
4987 return 0; /* do not increment session reference count */
4988}
4989
4990/* SSL callback used on lookup an existing session cause none found in internal cache */
William Lallemand4f45bb92017-10-30 20:08:51 +01004991SSL_SESSION *sh_ssl_sess_get_cb(SSL *ssl, __OPENSSL_110_CONST__ unsigned char *key, int key_len, int *do_copy)
William Lallemanded0b5ad2017-10-30 19:36:36 +01004992{
William Lallemand4f45bb92017-10-30 20:08:51 +01004993 struct sh_ssl_sess_hdr *sh_ssl_sess;
William Lallemanded0b5ad2017-10-30 19:36:36 +01004994 unsigned char data[SHSESS_MAX_DATA_LEN], *p;
4995 unsigned char tmpkey[SSL_MAX_SSL_SESSION_ID_LENGTH];
William Lallemanded0b5ad2017-10-30 19:36:36 +01004996 SSL_SESSION *sess;
William Lallemand4f45bb92017-10-30 20:08:51 +01004997 struct shared_block *first;
William Lallemanded0b5ad2017-10-30 19:36:36 +01004998
4999 global.shctx_lookups++;
5000
5001 /* allow the session to be freed automatically by openssl */
5002 *do_copy = 0;
5003
5004 /* tree key is zeros padded sessionid */
5005 if (key_len < SSL_MAX_SSL_SESSION_ID_LENGTH) {
5006 memcpy(tmpkey, key, key_len);
5007 memset(tmpkey + key_len, 0, SSL_MAX_SSL_SESSION_ID_LENGTH - key_len);
5008 key = tmpkey;
5009 }
5010
5011 /* lock cache */
William Lallemanda3c77cf2017-10-30 23:44:40 +01005012 shctx_lock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005013
5014 /* lookup for session */
William Lallemand4f45bb92017-10-30 20:08:51 +01005015 sh_ssl_sess = sh_ssl_sess_tree_lookup(key);
5016 if (!sh_ssl_sess) {
William Lallemanded0b5ad2017-10-30 19:36:36 +01005017 /* no session found: unlock cache and exit */
William Lallemanda3c77cf2017-10-30 23:44:40 +01005018 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005019 global.shctx_misses++;
5020 return NULL;
5021 }
5022
William Lallemand4f45bb92017-10-30 20:08:51 +01005023 /* sh_ssl_sess (shared_block->data) is at the end of shared_block */
5024 first = sh_ssl_sess_first_block(sh_ssl_sess);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005025
William Lallemand4f45bb92017-10-30 20:08:51 +01005026 shctx_row_data_get(ssl_shctx, first, data, sizeof(struct sh_ssl_sess_hdr), first->len-sizeof(struct sh_ssl_sess_hdr));
William Lallemanded0b5ad2017-10-30 19:36:36 +01005027
William Lallemanda3c77cf2017-10-30 23:44:40 +01005028 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005029
5030 /* decode ASN1 session */
5031 p = data;
William Lallemand4f45bb92017-10-30 20:08:51 +01005032 sess = d2i_SSL_SESSION(NULL, (const unsigned char **)&p, first->len-sizeof(struct sh_ssl_sess_hdr));
William Lallemanded0b5ad2017-10-30 19:36:36 +01005033 /* Reset session id and session id contenxt */
5034 if (sess) {
5035 SSL_SESSION_set1_id(sess, key, key_len);
5036 SSL_SESSION_set1_id_context(sess, (const unsigned char *)SHCTX_APPNAME, strlen(SHCTX_APPNAME));
5037 }
5038
5039 return sess;
5040}
5041
William Lallemand4f45bb92017-10-30 20:08:51 +01005042
William Lallemanded0b5ad2017-10-30 19:36:36 +01005043/* SSL callback used to signal session is no more used in internal cache */
William Lallemand4f45bb92017-10-30 20:08:51 +01005044void sh_ssl_sess_remove_cb(SSL_CTX *ctx, SSL_SESSION *sess)
William Lallemanded0b5ad2017-10-30 19:36:36 +01005045{
William Lallemand4f45bb92017-10-30 20:08:51 +01005046 struct sh_ssl_sess_hdr *sh_ssl_sess;
William Lallemanded0b5ad2017-10-30 19:36:36 +01005047 unsigned char tmpkey[SSL_MAX_SSL_SESSION_ID_LENGTH];
5048 unsigned int sid_length;
5049 const unsigned char *sid_data;
5050 (void)ctx;
5051
5052 sid_data = SSL_SESSION_get_id(sess, &sid_length);
5053 /* tree key is zeros padded sessionid */
5054 if (sid_length < SSL_MAX_SSL_SESSION_ID_LENGTH) {
5055 memcpy(tmpkey, sid_data, sid_length);
5056 memset(tmpkey+sid_length, 0, SSL_MAX_SSL_SESSION_ID_LENGTH - sid_length);
5057 sid_data = tmpkey;
5058 }
5059
William Lallemanda3c77cf2017-10-30 23:44:40 +01005060 shctx_lock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005061
5062 /* lookup for session */
William Lallemand4f45bb92017-10-30 20:08:51 +01005063 sh_ssl_sess = sh_ssl_sess_tree_lookup(sid_data);
5064 if (sh_ssl_sess) {
William Lallemanded0b5ad2017-10-30 19:36:36 +01005065 /* free session */
William Lallemand4f45bb92017-10-30 20:08:51 +01005066 sh_ssl_sess_tree_delete(sh_ssl_sess);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005067 }
5068
5069 /* unlock cache */
William Lallemanda3c77cf2017-10-30 23:44:40 +01005070 shctx_unlock(ssl_shctx);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005071}
5072
5073/* Set session cache mode to server and disable openssl internal cache.
5074 * Set shared cache callbacks on an ssl context.
5075 * Shared context MUST be firstly initialized */
William Lallemand4f45bb92017-10-30 20:08:51 +01005076void ssl_set_shctx(SSL_CTX *ctx)
William Lallemanded0b5ad2017-10-30 19:36:36 +01005077{
5078 SSL_CTX_set_session_id_context(ctx, (const unsigned char *)SHCTX_APPNAME, strlen(SHCTX_APPNAME));
5079
5080 if (!ssl_shctx) {
5081 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
5082 return;
5083 }
5084
5085 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER |
5086 SSL_SESS_CACHE_NO_INTERNAL |
5087 SSL_SESS_CACHE_NO_AUTO_CLEAR);
5088
5089 /* Set callbacks */
William Lallemand4f45bb92017-10-30 20:08:51 +01005090 SSL_CTX_sess_set_new_cb(ctx, sh_ssl_sess_new_cb);
5091 SSL_CTX_sess_set_get_cb(ctx, sh_ssl_sess_get_cb);
5092 SSL_CTX_sess_set_remove_cb(ctx, sh_ssl_sess_remove_cb);
William Lallemanded0b5ad2017-10-30 19:36:36 +01005093}
5094
William Lallemand8b453912019-11-21 15:48:10 +01005095/*
5096 * This function applies the SSL configuration on a SSL_CTX
5097 * It returns an error code and fills the <err> buffer
5098 */
5099int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_conf, SSL_CTX *ctx, char **err)
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005100{
5101 struct proxy *curproxy = bind_conf->frontend;
5102 int cfgerr = 0;
5103 int verify = SSL_VERIFY_NONE;
Willy Tarreau5d4cafb2018-01-04 18:55:19 +01005104 struct ssl_bind_conf __maybe_unused *ssl_conf_cur;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005105 const char *conf_ciphers;
Emmanuel Hocdet839af572019-05-14 16:27:35 +02005106#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02005107 const char *conf_ciphersuites;
5108#endif
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01005109 const char *conf_curves = NULL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02005110
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02005111 if (ssl_conf) {
5112 struct tls_version_filter *conf_ssl_methods = &ssl_conf->ssl_methods;
5113 int i, min, max;
5114 int flags = MC_SSL_O_ALL;
5115
5116 /* Real min and max should be determinate with configuration and openssl's capabilities */
Emmanuel Hocdet43664762017-08-09 18:26:20 +02005117 min = conf_ssl_methods->min ? conf_ssl_methods->min : bind_conf->ssl_conf.ssl_methods.min;
5118 max = conf_ssl_methods->max ? conf_ssl_methods->max : bind_conf->ssl_conf.ssl_methods.max;
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02005119 if (min)
5120 flags |= (methodVersions[min].flag - 1);
5121 if (max)
5122 flags |= ~((methodVersions[max].flag << 1) - 1);
5123 min = max = CONF_TLSV_NONE;
5124 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
5125 if (methodVersions[i].option && !(flags & methodVersions[i].flag)) {
5126 if (min)
5127 max = i;
5128 else
5129 min = max = i;
5130 }
5131 /* save real min/max */
5132 conf_ssl_methods->min = min;
5133 conf_ssl_methods->max = max;
5134 if (!min) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005135 memprintf(err, "%sProxy '%s': all SSL/TLS versions are disabled for bind '%s' at [%s:%d].\n",
5136 err && *err ? *err : "", bind_conf->frontend->id, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005137 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02005138 }
5139 }
5140
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005141 switch ((ssl_conf && ssl_conf->verify) ? ssl_conf->verify : bind_conf->ssl_conf.verify) {
Emeric Brun850efd52014-01-29 12:24:34 +01005142 case SSL_SOCK_VERIFY_NONE:
5143 verify = SSL_VERIFY_NONE;
5144 break;
5145 case SSL_SOCK_VERIFY_OPTIONAL:
5146 verify = SSL_VERIFY_PEER;
5147 break;
5148 case SSL_SOCK_VERIFY_REQUIRED:
5149 verify = SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
5150 break;
5151 }
5152 SSL_CTX_set_verify(ctx, verify, ssl_sock_bind_verifycbk);
5153 if (verify & SSL_VERIFY_PEER) {
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005154 char *ca_file = (ssl_conf && ssl_conf->ca_file) ? ssl_conf->ca_file : bind_conf->ssl_conf.ca_file;
5155 char *crl_file = (ssl_conf && ssl_conf->crl_file) ? ssl_conf->crl_file : bind_conf->ssl_conf.crl_file;
5156 if (ca_file) {
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +02005157 /* set CAfile to verify */
5158 if (!ssl_set_verify_locations_file(ctx, ca_file)) {
5159 memprintf(err, "%sProxy '%s': unable to set CA file '%s' for bind '%s' at [%s:%d].\n",
Tim Duesterhus93128532019-11-23 23:45:10 +01005160 err && *err ? *err : "", curproxy->id, ca_file, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005161 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brund94b3fe2012-09-20 18:23:56 +02005162 }
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +02005163 if (!((ssl_conf && ssl_conf->no_ca_names) || bind_conf->ssl_conf.no_ca_names)) {
5164 /* set CA names for client cert request, function returns void */
Emmanuel Hocdet129d3282019-10-24 18:08:51 +02005165 SSL_CTX_set_client_CA_list(ctx, SSL_dup_CA_list(ssl_get_client_ca_file(ca_file)));
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +02005166 }
Emeric Brund94b3fe2012-09-20 18:23:56 +02005167 }
Emeric Brun850efd52014-01-29 12:24:34 +01005168 else {
Tim Duesterhus93128532019-11-23 23:45:10 +01005169 memprintf(err, "%sProxy '%s': verify is enabled but no CA file specified for bind '%s' at [%s:%d].\n",
5170 err && *err ? *err : "", curproxy->id, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005171 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brun850efd52014-01-29 12:24:34 +01005172 }
Emeric Brun051cdab2012-10-02 19:25:50 +02005173#ifdef X509_V_FLAG_CRL_CHECK
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005174 if (crl_file) {
Emeric Brund94b3fe2012-09-20 18:23:56 +02005175 X509_STORE *store = SSL_CTX_get_cert_store(ctx);
5176
Emmanuel Hocdetb270e812019-11-21 19:09:31 +01005177 if (!ssl_set_cert_crl_file(store, crl_file)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005178 memprintf(err, "%sProxy '%s': unable to configure CRL file '%s' for bind '%s' at [%s:%d].\n",
5179 err && *err ? *err : "", curproxy->id, crl_file, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005180 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brund94b3fe2012-09-20 18:23:56 +02005181 }
Emeric Brun561e5742012-10-02 15:20:55 +02005182 else {
5183 X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
5184 }
Emeric Brund94b3fe2012-09-20 18:23:56 +02005185 }
Emeric Brun051cdab2012-10-02 19:25:50 +02005186#endif
Emeric Brun644cde02012-12-14 11:21:13 +01005187 ERR_clear_error();
Emeric Brund94b3fe2012-09-20 18:23:56 +02005188 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +01005189#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
Nenad Merdanovic146defa2015-05-09 08:46:00 +02005190 if(bind_conf->keys_ref) {
Nenad Merdanovic05552d42015-02-27 19:56:49 +01005191 if (!SSL_CTX_set_tlsext_ticket_key_cb(ctx, ssl_tlsext_ticket_key_cb)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005192 memprintf(err, "%sProxy '%s': unable to set callback for TLS ticket validation for bind '%s' at [%s:%d].\n",
5193 err && *err ? *err : "", curproxy->id, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005194 cfgerr |= ERR_ALERT | ERR_FATAL;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01005195 }
5196 }
5197#endif
5198
William Lallemand4f45bb92017-10-30 20:08:51 +01005199 ssl_set_shctx(ctx);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005200 conf_ciphers = (ssl_conf && ssl_conf->ciphers) ? ssl_conf->ciphers : bind_conf->ssl_conf.ciphers;
5201 if (conf_ciphers &&
5202 !SSL_CTX_set_cipher_list(ctx, conf_ciphers)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005203 memprintf(err, "%sProxy '%s': unable to set SSL cipher list to '%s' for bind '%s' at [%s:%d].\n",
5204 err && *err ? *err : "", curproxy->id, conf_ciphers, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005205 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02005206 }
5207
Emmanuel Hocdet839af572019-05-14 16:27:35 +02005208#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02005209 conf_ciphersuites = (ssl_conf && ssl_conf->ciphersuites) ? ssl_conf->ciphersuites : bind_conf->ssl_conf.ciphersuites;
5210 if (conf_ciphersuites &&
5211 !SSL_CTX_set_ciphersuites(ctx, conf_ciphersuites)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005212 memprintf(err, "%sProxy '%s': unable to set TLS 1.3 cipher suites to '%s' for bind '%s' at [%s:%d].\n",
5213 err && *err ? *err : "", curproxy->id, conf_ciphersuites, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005214 cfgerr |= ERR_ALERT | ERR_FATAL;
Dirkjan Bussink415150f2018-09-14 11:14:21 +02005215 }
5216#endif
5217
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +01005218#ifndef OPENSSL_NO_DH
Remi Gacogne47783ef2015-05-29 15:53:22 +02005219 /* If tune.ssl.default-dh-param has not been set,
5220 neither has ssl-default-dh-file and no static DH
5221 params were in the certificate file. */
Willy Tarreauef934602016-12-22 23:12:01 +01005222 if (global_ssl.default_dh_param == 0 &&
Remi Gacogne47783ef2015-05-29 15:53:22 +02005223 global_dh == NULL &&
Remi Gacogne4f902b82015-05-28 16:23:00 +02005224 (ssl_dh_ptr_index == -1 ||
5225 SSL_CTX_get_ex_data(ctx, ssl_dh_ptr_index) == NULL)) {
Emmanuel Hocdetcc6c2a22017-03-03 17:04:14 +01005226 STACK_OF(SSL_CIPHER) * ciphers = NULL;
5227 const SSL_CIPHER * cipher = NULL;
5228 char cipher_description[128];
5229 /* The description of ciphers using an Ephemeral Diffie Hellman key exchange
5230 contains " Kx=DH " or " Kx=DH(". Beware of " Kx=DH/",
5231 which is not ephemeral DH. */
5232 const char dhe_description[] = " Kx=DH ";
5233 const char dhe_export_description[] = " Kx=DH(";
5234 int idx = 0;
5235 int dhe_found = 0;
5236 SSL *ssl = NULL;
Lukas Tribus90132722014-08-18 00:56:33 +02005237
Remi Gacogne23d5d372014-10-10 17:04:26 +02005238 ssl = SSL_new(ctx);
Remi Gacognef46cd6e2014-06-12 14:58:40 +02005239
Remi Gacogne23d5d372014-10-10 17:04:26 +02005240 if (ssl) {
5241 ciphers = SSL_get_ciphers(ssl);
5242
5243 if (ciphers) {
5244 for (idx = 0; idx < sk_SSL_CIPHER_num(ciphers); idx++) {
5245 cipher = sk_SSL_CIPHER_value(ciphers, idx);
5246 if (SSL_CIPHER_description(cipher, cipher_description, sizeof (cipher_description)) == cipher_description) {
5247 if (strstr(cipher_description, dhe_description) != NULL ||
5248 strstr(cipher_description, dhe_export_description) != NULL) {
5249 dhe_found = 1;
5250 break;
5251 }
Remi Gacognec1eab8c2014-06-12 18:20:11 +02005252 }
Remi Gacognef46cd6e2014-06-12 14:58:40 +02005253 }
5254 }
Remi Gacogne23d5d372014-10-10 17:04:26 +02005255 SSL_free(ssl);
5256 ssl = NULL;
Lukas Tribus90132722014-08-18 00:56:33 +02005257 }
Remi Gacognef46cd6e2014-06-12 14:58:40 +02005258
Lukas Tribus90132722014-08-18 00:56:33 +02005259 if (dhe_found) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005260 memprintf(err, "%sSetting tune.ssl.default-dh-param to 1024 by default, if your workload permits it you should set it to at least 2048. Please set a value >= 1024 to make this warning disappear.\n",
5261 err && *err ? *err : "");
William Lallemand8b453912019-11-21 15:48:10 +01005262 cfgerr |= ERR_WARN;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02005263 }
5264
Willy Tarreauef934602016-12-22 23:12:01 +01005265 global_ssl.default_dh_param = 1024;
Remi Gacognef46cd6e2014-06-12 14:58:40 +02005266 }
Remi Gacogne8de54152014-07-15 11:36:40 +02005267
Willy Tarreauef934602016-12-22 23:12:01 +01005268 if (global_ssl.default_dh_param >= 1024) {
Remi Gacogne8de54152014-07-15 11:36:40 +02005269 if (local_dh_1024 == NULL) {
5270 local_dh_1024 = ssl_get_dh_1024();
5271 }
Willy Tarreauef934602016-12-22 23:12:01 +01005272 if (global_ssl.default_dh_param >= 2048) {
Remi Gacogne8de54152014-07-15 11:36:40 +02005273 if (local_dh_2048 == NULL) {
5274 local_dh_2048 = ssl_get_dh_2048();
5275 }
Willy Tarreauef934602016-12-22 23:12:01 +01005276 if (global_ssl.default_dh_param >= 4096) {
Remi Gacogne8de54152014-07-15 11:36:40 +02005277 if (local_dh_4096 == NULL) {
5278 local_dh_4096 = ssl_get_dh_4096();
5279 }
Remi Gacogne8de54152014-07-15 11:36:40 +02005280 }
5281 }
5282 }
5283#endif /* OPENSSL_NO_DH */
Remi Gacognef46cd6e2014-06-12 14:58:40 +02005284
Emeric Brunfc0421f2012-09-07 17:30:07 +02005285 SSL_CTX_set_info_callback(ctx, ssl_sock_infocbk);
Willy Tarreau9a1ab082019-05-09 13:26:41 +02005286#if HA_OPENSSL_VERSION_NUMBER >= 0x00907000L
Emeric Brun29f037d2014-04-25 19:05:36 +02005287 SSL_CTX_set_msg_callback(ctx, ssl_sock_msgcbk);
Willy Tarreau5cbe4ef2014-05-08 22:45:11 +02005288#endif
Emeric Brun29f037d2014-04-25 19:05:36 +02005289
Bernard Spil13c53f82018-02-15 13:34:58 +01005290#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005291 ssl_conf_cur = NULL;
5292 if (ssl_conf && ssl_conf->npn_str)
5293 ssl_conf_cur = ssl_conf;
5294 else if (bind_conf->ssl_conf.npn_str)
5295 ssl_conf_cur = &bind_conf->ssl_conf;
5296 if (ssl_conf_cur)
5297 SSL_CTX_set_next_protos_advertised_cb(ctx, ssl_sock_advertise_npn_protos, ssl_conf_cur);
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02005298#endif
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01005299#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005300 ssl_conf_cur = NULL;
5301 if (ssl_conf && ssl_conf->alpn_str)
5302 ssl_conf_cur = ssl_conf;
5303 else if (bind_conf->ssl_conf.alpn_str)
5304 ssl_conf_cur = &bind_conf->ssl_conf;
5305 if (ssl_conf_cur)
5306 SSL_CTX_set_alpn_select_cb(ctx, ssl_sock_advertise_alpn_protos, ssl_conf_cur);
Willy Tarreauab861d32013-04-02 02:30:41 +02005307#endif
Lukas Tribusd14b49c2019-11-24 18:20:40 +01005308#if ((HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL) || defined(LIBRESSL_VERSION_NUMBER))
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01005309 conf_curves = (ssl_conf && ssl_conf->curves) ? ssl_conf->curves : bind_conf->ssl_conf.curves;
5310 if (conf_curves) {
5311 if (!SSL_CTX_set1_curves_list(ctx, conf_curves)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005312 memprintf(err, "%sProxy '%s': unable to set SSL curves list to '%s' for bind '%s' at [%s:%d].\n",
5313 err && *err ? *err : "", curproxy->id, conf_curves, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005314 cfgerr |= ERR_ALERT | ERR_FATAL;
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01005315 }
Emmanuel Hocdeta52bb152017-03-20 11:11:49 +01005316 (void)SSL_CTX_set_ecdh_auto(ctx, 1);
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01005317 }
5318#endif
Emeric Brun2b58d042012-09-20 17:10:03 +02005319#if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01005320 if (!conf_curves) {
Emeric Brun2b58d042012-09-20 17:10:03 +02005321 int i;
5322 EC_KEY *ecdh;
Willy Tarreau9a1ab082019-05-09 13:26:41 +02005323#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005324 const char *ecdhe = (ssl_conf && ssl_conf->ecdhe) ? ssl_conf->ecdhe :
Olivier Houchardc2aae742017-09-22 18:26:28 +02005325 (bind_conf->ssl_conf.ecdhe ? bind_conf->ssl_conf.ecdhe :
5326 NULL);
5327
5328 if (ecdhe == NULL) {
Eric Salama3c8bde82019-11-20 11:33:40 +01005329 (void)SSL_CTX_set_ecdh_auto(ctx, 1);
Olivier Houchardc2aae742017-09-22 18:26:28 +02005330 return cfgerr;
5331 }
5332#else
5333 const char *ecdhe = (ssl_conf && ssl_conf->ecdhe) ? ssl_conf->ecdhe :
5334 (bind_conf->ssl_conf.ecdhe ? bind_conf->ssl_conf.ecdhe :
5335 ECDHE_DEFAULT_CURVE);
5336#endif
Emeric Brun2b58d042012-09-20 17:10:03 +02005337
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005338 i = OBJ_sn2nid(ecdhe);
Emeric Brun2b58d042012-09-20 17:10:03 +02005339 if (!i || ((ecdh = EC_KEY_new_by_curve_name(i)) == NULL)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01005340 memprintf(err, "%sProxy '%s': unable to set elliptic named curve to '%s' for bind '%s' at [%s:%d].\n",
5341 err && *err ? *err : "", curproxy->id, ecdhe, bind_conf->arg, bind_conf->file, bind_conf->line);
William Lallemand8b453912019-11-21 15:48:10 +01005342 cfgerr |= ERR_ALERT | ERR_FATAL;
Emeric Brun2b58d042012-09-20 17:10:03 +02005343 }
5344 else {
5345 SSL_CTX_set_tmp_ecdh(ctx, ecdh);
5346 EC_KEY_free(ecdh);
5347 }
5348 }
5349#endif
5350
Emeric Brunfc0421f2012-09-07 17:30:07 +02005351 return cfgerr;
5352}
5353
Evan Broderbe554312013-06-27 00:05:25 -07005354static int ssl_sock_srv_hostcheck(const char *pattern, const char *hostname)
5355{
5356 const char *pattern_wildcard, *pattern_left_label_end, *hostname_left_label_end;
5357 size_t prefixlen, suffixlen;
5358
5359 /* Trivial case */
5360 if (strcmp(pattern, hostname) == 0)
5361 return 1;
5362
Evan Broderbe554312013-06-27 00:05:25 -07005363 /* The rest of this logic is based on RFC 6125, section 6.4.3
5364 * (http://tools.ietf.org/html/rfc6125#section-6.4.3) */
5365
Emeric Bruna848dae2013-10-08 11:27:28 +02005366 pattern_wildcard = NULL;
5367 pattern_left_label_end = pattern;
5368 while (*pattern_left_label_end != '.') {
5369 switch (*pattern_left_label_end) {
5370 case 0:
5371 /* End of label not found */
5372 return 0;
5373 case '*':
5374 /* If there is more than one wildcards */
5375 if (pattern_wildcard)
5376 return 0;
5377 pattern_wildcard = pattern_left_label_end;
5378 break;
5379 }
5380 pattern_left_label_end++;
5381 }
5382
5383 /* If it's not trivial and there is no wildcard, it can't
5384 * match */
5385 if (!pattern_wildcard)
Evan Broderbe554312013-06-27 00:05:25 -07005386 return 0;
5387
5388 /* Make sure all labels match except the leftmost */
5389 hostname_left_label_end = strchr(hostname, '.');
5390 if (!hostname_left_label_end
5391 || strcmp(pattern_left_label_end, hostname_left_label_end) != 0)
5392 return 0;
5393
5394 /* Make sure the leftmost label of the hostname is long enough
5395 * that the wildcard can match */
Emeric Brun369da852013-10-08 11:39:35 +02005396 if (hostname_left_label_end - hostname < (pattern_left_label_end - pattern) - 1)
Evan Broderbe554312013-06-27 00:05:25 -07005397 return 0;
5398
5399 /* Finally compare the string on either side of the
5400 * wildcard */
5401 prefixlen = pattern_wildcard - pattern;
5402 suffixlen = pattern_left_label_end - (pattern_wildcard + 1);
Emeric Bruna848dae2013-10-08 11:27:28 +02005403 if ((prefixlen && (memcmp(pattern, hostname, prefixlen) != 0))
5404 || (suffixlen && (memcmp(pattern_wildcard + 1, hostname_left_label_end - suffixlen, suffixlen) != 0)))
Evan Broderbe554312013-06-27 00:05:25 -07005405 return 0;
5406
5407 return 1;
5408}
5409
5410static int ssl_sock_srv_verifycbk(int ok, X509_STORE_CTX *ctx)
5411{
5412 SSL *ssl;
5413 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01005414 struct ssl_sock_ctx *ssl_ctx;
Willy Tarreau2ab88672017-07-05 18:23:03 +02005415 const char *servername;
Willy Tarreau71d058c2017-07-26 20:09:56 +02005416 const char *sni;
Evan Broderbe554312013-06-27 00:05:25 -07005417
5418 int depth;
5419 X509 *cert;
5420 STACK_OF(GENERAL_NAME) *alt_names;
5421 int i;
5422 X509_NAME *cert_subject;
5423 char *str;
5424
5425 if (ok == 0)
5426 return ok;
5427
5428 ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
Thierry FOURNIER28962c92018-06-17 21:37:05 +02005429 conn = SSL_get_ex_data(ssl, ssl_app_data_index);
Olivier Houchard66ab4982019-02-26 18:37:15 +01005430 ssl_ctx = conn->xprt_ctx;
Evan Broderbe554312013-06-27 00:05:25 -07005431
Willy Tarreauad92a9a2017-07-28 11:38:41 +02005432 /* We're checking if the provided hostnames match the desired one. The
5433 * desired hostname comes from the SNI we presented if any, or if not
5434 * provided then it may have been explicitly stated using a "verifyhost"
5435 * directive. If neither is set, we don't care about the name so the
5436 * verification is OK.
Willy Tarreau2ab88672017-07-05 18:23:03 +02005437 */
Olivier Houchard66ab4982019-02-26 18:37:15 +01005438 servername = SSL_get_servername(ssl_ctx->ssl, TLSEXT_NAMETYPE_host_name);
Willy Tarreau71d058c2017-07-26 20:09:56 +02005439 sni = servername;
Willy Tarreau2ab88672017-07-05 18:23:03 +02005440 if (!servername) {
Willy Tarreau07d94e42018-09-20 10:57:52 +02005441 servername = __objt_server(conn->target)->ssl_ctx.verify_host;
Willy Tarreau2ab88672017-07-05 18:23:03 +02005442 if (!servername)
5443 return ok;
5444 }
Evan Broderbe554312013-06-27 00:05:25 -07005445
5446 /* We only need to verify the CN on the actual server cert,
5447 * not the indirect CAs */
5448 depth = X509_STORE_CTX_get_error_depth(ctx);
5449 if (depth != 0)
5450 return ok;
5451
5452 /* At this point, the cert is *not* OK unless we can find a
5453 * hostname match */
5454 ok = 0;
5455
5456 cert = X509_STORE_CTX_get_current_cert(ctx);
5457 /* It seems like this might happen if verify peer isn't set */
5458 if (!cert)
5459 return ok;
5460
5461 alt_names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
5462 if (alt_names) {
5463 for (i = 0; !ok && i < sk_GENERAL_NAME_num(alt_names); i++) {
5464 GENERAL_NAME *name = sk_GENERAL_NAME_value(alt_names, i);
5465 if (name->type == GEN_DNS) {
Willy Tarreau9a1ab082019-05-09 13:26:41 +02005466#if HA_OPENSSL_VERSION_NUMBER < 0x00907000L
Emeric Bruna33410c2013-09-17 15:47:48 +02005467 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.ia5) >= 0) {
5468#else
Evan Broderbe554312013-06-27 00:05:25 -07005469 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
Emeric Bruna33410c2013-09-17 15:47:48 +02005470#endif
Evan Broderbe554312013-06-27 00:05:25 -07005471 ok = ssl_sock_srv_hostcheck(str, servername);
5472 OPENSSL_free(str);
5473 }
5474 }
5475 }
Emeric Brun4ad50a42013-09-17 15:19:54 +02005476 sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
Evan Broderbe554312013-06-27 00:05:25 -07005477 }
5478
5479 cert_subject = X509_get_subject_name(cert);
5480 i = -1;
5481 while (!ok && (i = X509_NAME_get_index_by_NID(cert_subject, NID_commonName, i)) != -1) {
5482 X509_NAME_ENTRY *entry = X509_NAME_get_entry(cert_subject, i);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02005483 ASN1_STRING *value;
5484 value = X509_NAME_ENTRY_get_data(entry);
5485 if (ASN1_STRING_to_UTF8((unsigned char **)&str, value) >= 0) {
Evan Broderbe554312013-06-27 00:05:25 -07005486 ok = ssl_sock_srv_hostcheck(str, servername);
5487 OPENSSL_free(str);
5488 }
5489 }
5490
Willy Tarreau71d058c2017-07-26 20:09:56 +02005491 /* report the mismatch and indicate if SNI was used or not */
5492 if (!ok && !conn->err_code)
5493 conn->err_code = sni ? CO_ER_SSL_MISMATCH_SNI : CO_ER_SSL_MISMATCH;
Evan Broderbe554312013-06-27 00:05:25 -07005494 return ok;
5495}
5496
Emeric Brun94324a42012-10-11 14:00:19 +02005497/* prepare ssl context from servers options. Returns an error count */
Willy Tarreau03209342016-12-22 17:08:28 +01005498int ssl_sock_prepare_srv_ctx(struct server *srv)
Emeric Brun94324a42012-10-11 14:00:19 +02005499{
Willy Tarreau03209342016-12-22 17:08:28 +01005500 struct proxy *curproxy = srv->proxy;
Emeric Brun94324a42012-10-11 14:00:19 +02005501 int cfgerr = 0;
Remi Gacogneaf5c3da2014-05-19 10:29:58 +02005502 long options =
Emeric Brun94324a42012-10-11 14:00:19 +02005503 SSL_OP_ALL | /* all known workarounds for bugs */
5504 SSL_OP_NO_SSLv2 |
5505 SSL_OP_NO_COMPRESSION;
Remi Gacogneaf5c3da2014-05-19 10:29:58 +02005506 long mode =
Emeric Brun94324a42012-10-11 14:00:19 +02005507 SSL_MODE_ENABLE_PARTIAL_WRITE |
5508 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
Willy Tarreau396a1862014-11-13 14:06:52 +01005509 SSL_MODE_RELEASE_BUFFERS |
5510 SSL_MODE_SMALL_BUFFERS;
Emeric Brun850efd52014-01-29 12:24:34 +01005511 int verify = SSL_VERIFY_NONE;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005512 SSL_CTX *ctx = NULL;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005513 struct tls_version_filter *conf_ssl_methods = &srv->ssl_ctx.methods;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005514 int i, min, max, hole;
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005515 int flags = MC_SSL_O_ALL;
Emeric Brun94324a42012-10-11 14:00:19 +02005516
Thierry Fournier383085f2013-01-24 14:15:43 +01005517 /* Make sure openssl opens /dev/urandom before the chroot */
5518 if (!ssl_initialize_random()) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005519 ha_alert("OpenSSL random data generator initialization failed.\n");
Thierry Fournier383085f2013-01-24 14:15:43 +01005520 cfgerr++;
5521 }
5522
Willy Tarreaufce03112015-01-15 21:32:40 +01005523 /* Automatic memory computations need to know we use SSL there */
5524 global.ssl_used_backend = 1;
5525
5526 /* Initiate SSL context for current server */
Emeric Brun821bb9b2017-06-15 16:37:39 +02005527 if (!srv->ssl_ctx.reused_sess) {
Olivier Houcharde6060c52017-11-16 17:42:52 +01005528 if ((srv->ssl_ctx.reused_sess = calloc(1, global.nbthread*sizeof(*srv->ssl_ctx.reused_sess))) == NULL) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005529 ha_alert("Proxy '%s', server '%s' [%s:%d] out of memory.\n",
5530 curproxy->id, srv->id,
5531 srv->conf.file, srv->conf.line);
Emeric Brun821bb9b2017-06-15 16:37:39 +02005532 cfgerr++;
5533 return cfgerr;
5534 }
5535 }
Emeric Brun94324a42012-10-11 14:00:19 +02005536 if (srv->use_ssl)
5537 srv->xprt = &ssl_sock;
5538 if (srv->check.use_ssl)
Cyril Bonté9ce13112014-11-15 22:41:27 +01005539 srv->check.xprt = &ssl_sock;
Emeric Brun94324a42012-10-11 14:00:19 +02005540
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005541 ctx = SSL_CTX_new(SSLv23_client_method());
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005542 if (!ctx) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005543 ha_alert("config : %s '%s', server '%s': unable to allocate ssl context.\n",
5544 proxy_type_str(curproxy), curproxy->id,
5545 srv->id);
Emeric Brun94324a42012-10-11 14:00:19 +02005546 cfgerr++;
5547 return cfgerr;
5548 }
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005549
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005550 if (conf_ssl_methods->flags && (conf_ssl_methods->min || conf_ssl_methods->max))
Christopher Faulet767a84b2017-11-24 16:50:31 +01005551 ha_warning("config : %s '%s': no-sslv3/no-tlsv1x are ignored for server '%s'. "
5552 "Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
5553 proxy_type_str(curproxy), curproxy->id, srv->id);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005554 else
5555 flags = conf_ssl_methods->flags;
5556
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005557 /* Real min and max should be determinate with configuration and openssl's capabilities */
5558 if (conf_ssl_methods->min)
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005559 flags |= (methodVersions[conf_ssl_methods->min].flag - 1);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005560 if (conf_ssl_methods->max)
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005561 flags |= ~((methodVersions[conf_ssl_methods->max].flag << 1) - 1);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005562
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02005563 /* find min, max and holes */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005564 min = max = CONF_TLSV_NONE;
5565 hole = 0;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005566 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005567 /* version is in openssl && version not disable in configuration */
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005568 if (methodVersions[i].option && !(flags & methodVersions[i].flag)) {
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005569 if (min) {
5570 if (hole) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005571 ha_warning("config : %s '%s': SSL/TLS versions range not contiguous for server '%s'. "
5572 "Hole find for %s. Use only 'ssl-min-ver' and 'ssl-max-ver' to fix.\n",
5573 proxy_type_str(curproxy), curproxy->id, srv->id,
5574 methodVersions[hole].name);
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005575 hole = 0;
5576 }
5577 max = i;
5578 }
5579 else {
5580 min = max = i;
5581 }
5582 }
5583 else {
5584 if (min)
5585 hole = i;
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005586 }
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005587 if (!min) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005588 ha_alert("config : %s '%s': all SSL/TLS versions are disabled for server '%s'.\n",
5589 proxy_type_str(curproxy), curproxy->id, srv->id);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005590 cfgerr += 1;
5591 }
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005592
Willy Tarreau9a1ab082019-05-09 13:26:41 +02005593#if (HA_OPENSSL_VERSION_NUMBER < 0x1010000fL)
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005594 /* Keep force-xxx implementation as it is in older haproxy. It's a
Joseph Herlant017b3da2018-11-15 09:07:59 -08005595 precautionary measure to avoid any surprise with older openssl version. */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005596 if (min == max)
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02005597 methodVersions[min].ctx_set_version(ctx, SET_CLIENT);
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005598 else
5599 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
5600 if (flags & methodVersions[i].flag)
5601 options |= methodVersions[i].option;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005602#else /* openssl >= 1.1.0 */
Emmanuel Hocdetb4e9ba42017-03-30 19:25:07 +02005603 /* set the max_version is required to cap TLS version or activate new TLS (v1.3) */
Emmanuel Hocdet4aa615f2017-05-18 12:33:19 +02005604 methodVersions[min].ctx_set_version(ctx, SET_MIN);
5605 methodVersions[max].ctx_set_version(ctx, SET_MAX);
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02005606#endif
5607
5608 if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLS_TICKETS)
5609 options |= SSL_OP_NO_TICKET;
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005610 SSL_CTX_set_options(ctx, options);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00005611
Willy Tarreau5db847a2019-05-09 14:13:35 +02005612#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00005613 if (global_ssl.async)
5614 mode |= SSL_MODE_ASYNC;
5615#endif
Emmanuel Hocdet4de1ff12017-03-03 12:21:32 +01005616 SSL_CTX_set_mode(ctx, mode);
5617 srv->ssl_ctx.ctx = ctx;
5618
Emeric Bruna7aa3092012-10-26 12:58:00 +02005619 if (srv->ssl_ctx.client_crt) {
5620 if (SSL_CTX_use_PrivateKey_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt, SSL_FILETYPE_PEM) <= 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005621 ha_alert("config : %s '%s', server '%s': unable to load SSL private key from PEM file '%s'.\n",
5622 proxy_type_str(curproxy), curproxy->id,
5623 srv->id, srv->ssl_ctx.client_crt);
Emeric Bruna7aa3092012-10-26 12:58:00 +02005624 cfgerr++;
5625 }
5626 else if (SSL_CTX_use_certificate_chain_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt) <= 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005627 ha_alert("config : %s '%s', server '%s': unable to load ssl certificate from PEM file '%s'.\n",
5628 proxy_type_str(curproxy), curproxy->id,
5629 srv->id, srv->ssl_ctx.client_crt);
Emeric Bruna7aa3092012-10-26 12:58:00 +02005630 cfgerr++;
5631 }
5632 else if (SSL_CTX_check_private_key(srv->ssl_ctx.ctx) <= 0) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005633 ha_alert("config : %s '%s', server '%s': inconsistencies between private key and certificate loaded from PEM file '%s'.\n",
5634 proxy_type_str(curproxy), curproxy->id,
5635 srv->id, srv->ssl_ctx.client_crt);
Emeric Bruna7aa3092012-10-26 12:58:00 +02005636 cfgerr++;
5637 }
5638 }
Emeric Brun94324a42012-10-11 14:00:19 +02005639
Emeric Brun850efd52014-01-29 12:24:34 +01005640 if (global.ssl_server_verify == SSL_SERVER_VERIFY_REQUIRED)
5641 verify = SSL_VERIFY_PEER;
Emeric Brun850efd52014-01-29 12:24:34 +01005642 switch (srv->ssl_ctx.verify) {
5643 case SSL_SOCK_VERIFY_NONE:
5644 verify = SSL_VERIFY_NONE;
5645 break;
5646 case SSL_SOCK_VERIFY_REQUIRED:
5647 verify = SSL_VERIFY_PEER;
5648 break;
5649 }
Evan Broderbe554312013-06-27 00:05:25 -07005650 SSL_CTX_set_verify(srv->ssl_ctx.ctx,
Emeric Brun850efd52014-01-29 12:24:34 +01005651 verify,
Willy Tarreau2ab88672017-07-05 18:23:03 +02005652 (srv->ssl_ctx.verify_host || (verify & SSL_VERIFY_PEER)) ? ssl_sock_srv_verifycbk : NULL);
Emeric Brun850efd52014-01-29 12:24:34 +01005653 if (verify & SSL_VERIFY_PEER) {
Emeric Brunef42d922012-10-11 16:11:36 +02005654 if (srv->ssl_ctx.ca_file) {
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +02005655 /* set CAfile to verify */
5656 if (!ssl_set_verify_locations_file(srv->ssl_ctx.ctx, srv->ssl_ctx.ca_file)) {
5657 ha_alert("Proxy '%s', server '%s' [%s:%d] unable to set CA file '%s'.\n",
Christopher Faulet767a84b2017-11-24 16:50:31 +01005658 curproxy->id, srv->id,
5659 srv->conf.file, srv->conf.line, srv->ssl_ctx.ca_file);
Emeric Brunef42d922012-10-11 16:11:36 +02005660 cfgerr++;
5661 }
5662 }
Emeric Brun850efd52014-01-29 12:24:34 +01005663 else {
5664 if (global.ssl_server_verify == SSL_SERVER_VERIFY_REQUIRED)
Christopher Faulet767a84b2017-11-24 16:50:31 +01005665 ha_alert("Proxy '%s', server '%s' [%s:%d] verify is enabled by default but no CA file specified. If you're running on a LAN where you're certain to trust the server's certificate, please set an explicit 'verify none' statement on the 'server' line, or use 'ssl-server-verify none' in the global section to disable server-side verifications by default.\n",
5666 curproxy->id, srv->id,
5667 srv->conf.file, srv->conf.line);
Emeric Brun850efd52014-01-29 12:24:34 +01005668 else
Christopher Faulet767a84b2017-11-24 16:50:31 +01005669 ha_alert("Proxy '%s', server '%s' [%s:%d] verify is enabled but no CA file specified.\n",
5670 curproxy->id, srv->id,
5671 srv->conf.file, srv->conf.line);
Emeric Brun850efd52014-01-29 12:24:34 +01005672 cfgerr++;
5673 }
Emeric Brunef42d922012-10-11 16:11:36 +02005674#ifdef X509_V_FLAG_CRL_CHECK
5675 if (srv->ssl_ctx.crl_file) {
5676 X509_STORE *store = SSL_CTX_get_cert_store(srv->ssl_ctx.ctx);
5677
Emmanuel Hocdetb270e812019-11-21 19:09:31 +01005678 if (!ssl_set_cert_crl_file(store, srv->ssl_ctx.crl_file)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005679 ha_alert("Proxy '%s', server '%s' [%s:%d] unable to configure CRL file '%s'.\n",
5680 curproxy->id, srv->id,
5681 srv->conf.file, srv->conf.line, srv->ssl_ctx.crl_file);
Emeric Brunef42d922012-10-11 16:11:36 +02005682 cfgerr++;
5683 }
5684 else {
5685 X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
5686 }
5687 }
5688#endif
5689 }
5690
Olivier Houchardbd84ac82017-11-03 13:43:35 +01005691 SSL_CTX_set_session_cache_mode(srv->ssl_ctx.ctx, SSL_SESS_CACHE_CLIENT |
5692 SSL_SESS_CACHE_NO_INTERNAL_STORE);
5693 SSL_CTX_sess_set_new_cb(srv->ssl_ctx.ctx, ssl_sess_new_srv_cb);
Emeric Brun94324a42012-10-11 14:00:19 +02005694 if (srv->ssl_ctx.ciphers &&
5695 !SSL_CTX_set_cipher_list(srv->ssl_ctx.ctx, srv->ssl_ctx.ciphers)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005696 ha_alert("Proxy '%s', server '%s' [%s:%d] : unable to set SSL cipher list to '%s'.\n",
5697 curproxy->id, srv->id,
5698 srv->conf.file, srv->conf.line, srv->ssl_ctx.ciphers);
Emeric Brun94324a42012-10-11 14:00:19 +02005699 cfgerr++;
5700 }
Dirkjan Bussink415150f2018-09-14 11:14:21 +02005701
Emmanuel Hocdet839af572019-05-14 16:27:35 +02005702#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02005703 if (srv->ssl_ctx.ciphersuites &&
Pierre Cheynierbc34cd12019-03-21 16:15:47 +00005704 !SSL_CTX_set_ciphersuites(srv->ssl_ctx.ctx, srv->ssl_ctx.ciphersuites)) {
Dirkjan Bussink415150f2018-09-14 11:14:21 +02005705 ha_alert("Proxy '%s', server '%s' [%s:%d] : unable to set TLS 1.3 cipher suites to '%s'.\n",
5706 curproxy->id, srv->id,
5707 srv->conf.file, srv->conf.line, srv->ssl_ctx.ciphersuites);
5708 cfgerr++;
5709 }
5710#endif
Olivier Houchardc7566002018-11-20 23:33:50 +01005711#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
5712 if (srv->ssl_ctx.npn_str)
5713 SSL_CTX_set_next_proto_select_cb(ctx, ssl_sock_srv_select_protos, srv);
5714#endif
5715#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
5716 if (srv->ssl_ctx.alpn_str)
5717 SSL_CTX_set_alpn_protos(ctx, (unsigned char *)srv->ssl_ctx.alpn_str, srv->ssl_ctx.alpn_len);
5718#endif
5719
Emeric Brun94324a42012-10-11 14:00:19 +02005720
5721 return cfgerr;
5722}
5723
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005724/* Walks down the two trees in bind_conf and prepares all certs. The pointer may
Emeric Brunfc0421f2012-09-07 17:30:07 +02005725 * be NULL, in which case nothing is done. Returns the number of errors
5726 * encountered.
5727 */
Willy Tarreau03209342016-12-22 17:08:28 +01005728int ssl_sock_prepare_all_ctx(struct bind_conf *bind_conf)
Emeric Brunfc0421f2012-09-07 17:30:07 +02005729{
5730 struct ebmb_node *node;
5731 struct sni_ctx *sni;
5732 int err = 0;
William Lallemand8b453912019-11-21 15:48:10 +01005733 int errcode = 0;
5734 char *errmsg = NULL;
Emeric Brunfc0421f2012-09-07 17:30:07 +02005735
Willy Tarreaufce03112015-01-15 21:32:40 +01005736 /* Automatic memory computations need to know we use SSL there */
5737 global.ssl_used_frontend = 1;
5738
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005739 /* Make sure openssl opens /dev/urandom before the chroot */
5740 if (!ssl_initialize_random()) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005741 ha_alert("OpenSSL random data generator initialization failed.\n");
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005742 err++;
5743 }
5744 /* Create initial_ctx used to start the ssl connection before do switchctx */
5745 if (!bind_conf->initial_ctx) {
Emmanuel Hocdetabd32332017-05-05 18:06:12 +02005746 err += ssl_sock_initial_ctx(bind_conf);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005747 /* It should not be necessary to call this function, but it's
5748 necessary first to check and move all initialisation related
5749 to initial_ctx in ssl_sock_initial_ctx. */
William Lallemand8b453912019-11-21 15:48:10 +01005750 errcode |= ssl_sock_prepare_ctx(bind_conf, NULL, bind_conf->initial_ctx, &errmsg);
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005751 }
Emeric Brun0bed9942014-10-30 19:25:24 +01005752 if (bind_conf->default_ctx)
William Lallemand8b453912019-11-21 15:48:10 +01005753 errcode |= ssl_sock_prepare_ctx(bind_conf, bind_conf->default_ssl_conf, bind_conf->default_ctx, &errmsg);
Emeric Brun0bed9942014-10-30 19:25:24 +01005754
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005755 node = ebmb_first(&bind_conf->sni_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02005756 while (node) {
5757 sni = ebmb_entry(node, struct sni_ctx, name);
Emeric Brun0bed9942014-10-30 19:25:24 +01005758 if (!sni->order && sni->ctx != bind_conf->default_ctx)
5759 /* only initialize the CTX on its first occurrence and
5760 if it is not the default_ctx */
William Lallemand8b453912019-11-21 15:48:10 +01005761 errcode |= ssl_sock_prepare_ctx(bind_conf, sni->conf, sni->ctx, &errmsg);
Emeric Brunfc0421f2012-09-07 17:30:07 +02005762 node = ebmb_next(node);
5763 }
5764
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005765 node = ebmb_first(&bind_conf->sni_w_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02005766 while (node) {
5767 sni = ebmb_entry(node, struct sni_ctx, name);
William Lallemand8b453912019-11-21 15:48:10 +01005768 if (!sni->order && sni->ctx != bind_conf->default_ctx) {
Emeric Brun0bed9942014-10-30 19:25:24 +01005769 /* only initialize the CTX on its first occurrence and
5770 if it is not the default_ctx */
William Lallemand8b453912019-11-21 15:48:10 +01005771 errcode |= ssl_sock_prepare_ctx(bind_conf, sni->conf, sni->ctx, &errmsg);
5772 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02005773 node = ebmb_next(node);
5774 }
William Lallemand8b453912019-11-21 15:48:10 +01005775
5776 if (errcode & ERR_WARN) {
Tim Duesterhusc0e820c2019-11-23 23:52:30 +01005777 ha_warning("%s", errmsg);
William Lallemand8b453912019-11-21 15:48:10 +01005778 } else if (errcode & ERR_CODE) {
Tim Duesterhusc0e820c2019-11-23 23:52:30 +01005779 ha_alert("%s", errmsg);
William Lallemand8b453912019-11-21 15:48:10 +01005780 err++;
5781 }
5782
5783 free(errmsg);
Emeric Brunfc0421f2012-09-07 17:30:07 +02005784 return err;
5785}
5786
Willy Tarreau55d37912016-12-21 23:38:39 +01005787/* Prepares all the contexts for a bind_conf and allocates the shared SSL
5788 * context if needed. Returns < 0 on error, 0 on success. The warnings and
5789 * alerts are directly emitted since the rest of the stack does it below.
5790 */
5791int ssl_sock_prepare_bind_conf(struct bind_conf *bind_conf)
5792{
5793 struct proxy *px = bind_conf->frontend;
5794 int alloc_ctx;
5795 int err;
5796
5797 if (!bind_conf->is_ssl) {
5798 if (bind_conf->default_ctx) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005799 ha_warning("Proxy '%s': A certificate was specified but SSL was not enabled on bind '%s' at [%s:%d] (use 'ssl').\n",
5800 px->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Willy Tarreau55d37912016-12-21 23:38:39 +01005801 }
5802 return 0;
5803 }
5804 if (!bind_conf->default_ctx) {
Emmanuel Hocdetaa0d6372017-08-09 11:24:25 +02005805 if (bind_conf->strict_sni && !bind_conf->generate_certs) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005806 ha_warning("Proxy '%s': no SSL certificate specified for bind '%s' at [%s:%d], ssl connections will fail (use 'crt').\n",
5807 px->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetaa0d6372017-08-09 11:24:25 +02005808 }
5809 else {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005810 ha_alert("Proxy '%s': no SSL certificate specified for bind '%s' at [%s:%d] (use 'crt').\n",
5811 px->id, bind_conf->arg, bind_conf->file, bind_conf->line);
Emmanuel Hocdetaa0d6372017-08-09 11:24:25 +02005812 return -1;
5813 }
Willy Tarreau55d37912016-12-21 23:38:39 +01005814 }
William Lallemandc61c0b32017-12-04 18:46:39 +01005815 if (!ssl_shctx && global.tune.sslcachesize) {
William Lallemandc3cd35f2017-11-28 11:04:43 +01005816 alloc_ctx = shctx_init(&ssl_shctx, global.tune.sslcachesize,
Frédéric Lécailleb7838af2018-10-22 16:21:39 +02005817 sizeof(struct sh_ssl_sess_hdr) + SHSESS_BLOCK_MIN_SIZE, -1,
William Lallemandc3cd35f2017-11-28 11:04:43 +01005818 sizeof(*sh_ssl_sess_tree),
5819 ((global.nbthread > 1) || (!global_ssl.private_cache && (global.nbproc > 1))) ? 1 : 0);
Frédéric Lécaille4c8aa112018-10-25 20:22:46 +02005820 if (alloc_ctx <= 0) {
William Lallemandc3cd35f2017-11-28 11:04:43 +01005821 if (alloc_ctx == SHCTX_E_INIT_LOCK)
5822 ha_alert("Unable to initialize the lock for the shared SSL session cache. You can retry using the global statement 'tune.ssl.force-private-cache' but it could increase CPU usage due to renegotiations if nbproc > 1.\n");
5823 else
5824 ha_alert("Unable to allocate SSL session cache.\n");
5825 return -1;
5826 }
5827 /* free block callback */
5828 ssl_shctx->free_block = sh_ssl_sess_free_blocks;
5829 /* init the root tree within the extra space */
5830 sh_ssl_sess_tree = (void *)ssl_shctx + sizeof(struct shared_context);
5831 *sh_ssl_sess_tree = EB_ROOT_UNIQUE;
Willy Tarreau55d37912016-12-21 23:38:39 +01005832 }
Willy Tarreau55d37912016-12-21 23:38:39 +01005833 err = 0;
5834 /* initialize all certificate contexts */
5835 err += ssl_sock_prepare_all_ctx(bind_conf);
5836
5837 /* initialize CA variables if the certificates generation is enabled */
5838 err += ssl_sock_load_ca(bind_conf);
5839
5840 return -err;
5841}
Christopher Faulet77fe80c2015-07-29 13:02:40 +02005842
5843/* release ssl context allocated for servers. */
5844void ssl_sock_free_srv_ctx(struct server *srv)
5845{
Olivier Houchardc7566002018-11-20 23:33:50 +01005846#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
5847 if (srv->ssl_ctx.alpn_str)
5848 free(srv->ssl_ctx.alpn_str);
5849#endif
Lukas Tribusda95fd92018-11-25 13:21:27 +01005850#ifdef OPENSSL_NPN_NEGOTIATED
Olivier Houchardc7566002018-11-20 23:33:50 +01005851 if (srv->ssl_ctx.npn_str)
5852 free(srv->ssl_ctx.npn_str);
Lukas Tribus7706b852018-11-26 22:57:17 +01005853#endif
Christopher Faulet77fe80c2015-07-29 13:02:40 +02005854 if (srv->ssl_ctx.ctx)
5855 SSL_CTX_free(srv->ssl_ctx.ctx);
5856}
5857
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005858/* Walks down the two trees in bind_conf and frees all the certs. The pointer may
Emeric Brunfc0421f2012-09-07 17:30:07 +02005859 * be NULL, in which case nothing is done. The default_ctx is nullified too.
5860 */
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005861void ssl_sock_free_all_ctx(struct bind_conf *bind_conf)
Emeric Brunfc0421f2012-09-07 17:30:07 +02005862{
5863 struct ebmb_node *node, *back;
5864 struct sni_ctx *sni;
5865
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005866 node = ebmb_first(&bind_conf->sni_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02005867 while (node) {
5868 sni = ebmb_entry(node, struct sni_ctx, name);
5869 back = ebmb_next(node);
5870 ebmb_delete(node);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005871 if (!sni->order) { /* only free the CTX on its first occurrence */
Emeric Brunfc0421f2012-09-07 17:30:07 +02005872 SSL_CTX_free(sni->ctx);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005873 ssl_sock_free_ssl_conf(sni->conf);
5874 free(sni->conf);
5875 sni->conf = NULL;
5876 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02005877 free(sni);
5878 node = back;
5879 }
5880
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005881 node = ebmb_first(&bind_conf->sni_w_ctx);
Emeric Brunfc0421f2012-09-07 17:30:07 +02005882 while (node) {
5883 sni = ebmb_entry(node, struct sni_ctx, name);
5884 back = ebmb_next(node);
5885 ebmb_delete(node);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005886 if (!sni->order) { /* only free the CTX on its first occurrence */
Emeric Brunfc0421f2012-09-07 17:30:07 +02005887 SSL_CTX_free(sni->ctx);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005888 ssl_sock_free_ssl_conf(sni->conf);
5889 free(sni->conf);
5890 sni->conf = NULL;
5891 }
Emeric Brunfc0421f2012-09-07 17:30:07 +02005892 free(sni);
5893 node = back;
5894 }
Emmanuel Hocdetf6b37c62017-03-06 15:34:44 +01005895 SSL_CTX_free(bind_conf->initial_ctx);
5896 bind_conf->initial_ctx = NULL;
Willy Tarreau2a65ff02012-09-13 17:54:29 +02005897 bind_conf->default_ctx = NULL;
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005898 bind_conf->default_ssl_conf = NULL;
Emeric Brune1f38db2012-09-03 20:36:47 +02005899}
5900
Willy Tarreau795cdab2016-12-22 17:30:54 +01005901/* Destroys all the contexts for a bind_conf. This is used during deinit(). */
5902void ssl_sock_destroy_bind_conf(struct bind_conf *bind_conf)
5903{
5904 ssl_sock_free_ca(bind_conf);
5905 ssl_sock_free_all_ctx(bind_conf);
Emmanuel Hocdet98263292016-12-29 18:26:15 +01005906 ssl_sock_free_ssl_conf(&bind_conf->ssl_conf);
Willy Tarreau795cdab2016-12-22 17:30:54 +01005907 free(bind_conf->ca_sign_file);
5908 free(bind_conf->ca_sign_pass);
Willy Tarreau17b4aa12018-07-17 10:05:32 +02005909 if (bind_conf->keys_ref && !--bind_conf->keys_ref->refcount) {
Willy Tarreau795cdab2016-12-22 17:30:54 +01005910 free(bind_conf->keys_ref->filename);
5911 free(bind_conf->keys_ref->tlskeys);
5912 LIST_DEL(&bind_conf->keys_ref->list);
5913 free(bind_conf->keys_ref);
5914 }
5915 bind_conf->keys_ref = NULL;
Willy Tarreau795cdab2016-12-22 17:30:54 +01005916 bind_conf->ca_sign_pass = NULL;
5917 bind_conf->ca_sign_file = NULL;
Willy Tarreau795cdab2016-12-22 17:30:54 +01005918}
5919
Christopher Faulet31af49d2015-06-09 17:29:50 +02005920/* Load CA cert file and private key used to generate certificates */
5921int
Willy Tarreau03209342016-12-22 17:08:28 +01005922ssl_sock_load_ca(struct bind_conf *bind_conf)
Christopher Faulet31af49d2015-06-09 17:29:50 +02005923{
Willy Tarreau03209342016-12-22 17:08:28 +01005924 struct proxy *px = bind_conf->frontend;
Christopher Faulet31af49d2015-06-09 17:29:50 +02005925 FILE *fp;
5926 X509 *cacert = NULL;
5927 EVP_PKEY *capkey = NULL;
5928 int err = 0;
5929
Christopher Fauletf8bb0ce2017-09-15 09:52:49 +02005930 if (!bind_conf->generate_certs)
Christopher Faulet31af49d2015-06-09 17:29:50 +02005931 return err;
5932
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01005933#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Emeric Brun821bb9b2017-06-15 16:37:39 +02005934 if (global_ssl.ctx_cache) {
Willy Tarreauef934602016-12-22 23:12:01 +01005935 ssl_ctx_lru_tree = lru64_new(global_ssl.ctx_cache);
Emeric Brun821bb9b2017-06-15 16:37:39 +02005936 }
Christopher Fauletd2cab922015-07-28 16:03:47 +02005937 ssl_ctx_lru_seed = (unsigned int)time(NULL);
Emeric Brun821bb9b2017-06-15 16:37:39 +02005938 ssl_ctx_serial = now_ms;
Willy Tarreaua84c2672015-10-09 12:10:13 +02005939#endif
Christopher Fauletd2cab922015-07-28 16:03:47 +02005940
Christopher Faulet31af49d2015-06-09 17:29:50 +02005941 if (!bind_conf->ca_sign_file) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005942 ha_alert("Proxy '%s': cannot enable certificate generation, "
5943 "no CA certificate File configured at [%s:%d].\n",
5944 px->id, bind_conf->file, bind_conf->line);
Christopher Faulet31af49d2015-06-09 17:29:50 +02005945 goto load_error;
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02005946 }
Christopher Faulet31af49d2015-06-09 17:29:50 +02005947
5948 /* read in the CA certificate */
5949 if (!(fp = fopen(bind_conf->ca_sign_file, "r"))) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005950 ha_alert("Proxy '%s': Failed to read CA certificate file '%s' at [%s:%d].\n",
5951 px->id, bind_conf->ca_sign_file, bind_conf->file, bind_conf->line);
Christopher Faulet31af49d2015-06-09 17:29:50 +02005952 goto load_error;
5953 }
5954 if (!(cacert = PEM_read_X509(fp, NULL, NULL, NULL))) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005955 ha_alert("Proxy '%s': Failed to read CA certificate file '%s' at [%s:%d].\n",
5956 px->id, bind_conf->ca_sign_file, bind_conf->file, bind_conf->line);
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02005957 goto read_error;
Christopher Faulet31af49d2015-06-09 17:29:50 +02005958 }
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02005959 rewind(fp);
Christopher Faulet31af49d2015-06-09 17:29:50 +02005960 if (!(capkey = PEM_read_PrivateKey(fp, NULL, NULL, bind_conf->ca_sign_pass))) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01005961 ha_alert("Proxy '%s': Failed to read CA private key file '%s' at [%s:%d].\n",
5962 px->id, bind_conf->ca_sign_file, bind_conf->file, bind_conf->line);
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02005963 goto read_error;
Christopher Faulet31af49d2015-06-09 17:29:50 +02005964 }
Christopher Faulet31af49d2015-06-09 17:29:50 +02005965
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02005966 fclose (fp);
Christopher Faulet31af49d2015-06-09 17:29:50 +02005967 bind_conf->ca_sign_cert = cacert;
5968 bind_conf->ca_sign_pkey = capkey;
5969 return err;
5970
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02005971 read_error:
5972 fclose (fp);
Christopher Faulet31af49d2015-06-09 17:29:50 +02005973 if (capkey) EVP_PKEY_free(capkey);
5974 if (cacert) X509_free(cacert);
Christopher Fauletc6f02fb2015-10-09 10:53:31 +02005975 load_error:
5976 bind_conf->generate_certs = 0;
5977 err++;
Christopher Faulet31af49d2015-06-09 17:29:50 +02005978 return err;
5979}
5980
5981/* Release CA cert and private key used to generate certificated */
5982void
5983ssl_sock_free_ca(struct bind_conf *bind_conf)
5984{
Christopher Faulet31af49d2015-06-09 17:29:50 +02005985 if (bind_conf->ca_sign_pkey)
5986 EVP_PKEY_free(bind_conf->ca_sign_pkey);
5987 if (bind_conf->ca_sign_cert)
5988 X509_free(bind_conf->ca_sign_cert);
Willy Tarreau94ff03a2016-12-22 17:57:46 +01005989 bind_conf->ca_sign_pkey = NULL;
5990 bind_conf->ca_sign_cert = NULL;
Christopher Faulet31af49d2015-06-09 17:29:50 +02005991}
5992
Emeric Brun46591952012-05-18 15:47:34 +02005993/*
5994 * This function is called if SSL * context is not yet allocated. The function
5995 * is designed to be called before any other data-layer operation and sets the
5996 * handshake flag on the connection. It is safe to call it multiple times.
5997 * It returns 0 on success and -1 in error case.
5998 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01005999static int ssl_sock_init(struct connection *conn, void **xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +02006000{
Olivier Houchard66ab4982019-02-26 18:37:15 +01006001 struct ssl_sock_ctx *ctx;
Emeric Brun46591952012-05-18 15:47:34 +02006002 /* already initialized */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006003 if (*xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +02006004 return 0;
6005
Willy Tarreau3c728722014-01-23 13:50:42 +01006006 if (!conn_ctrl_ready(conn))
Willy Tarreauf79c8172013-10-21 16:30:56 +02006007 return 0;
6008
Olivier Houchard66ab4982019-02-26 18:37:15 +01006009 ctx = pool_alloc(ssl_sock_ctx_pool);
6010 if (!ctx) {
6011 conn->err_code = CO_ER_SSL_NO_MEM;
6012 return -1;
6013 }
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006014 ctx->wait_event.tasklet = tasklet_new();
6015 if (!ctx->wait_event.tasklet) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006016 conn->err_code = CO_ER_SSL_NO_MEM;
6017 pool_free(ssl_sock_ctx_pool, ctx);
6018 return -1;
6019 }
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006020 ctx->wait_event.tasklet->process = ssl_sock_io_cb;
6021 ctx->wait_event.tasklet->context = ctx;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006022 ctx->wait_event.events = 0;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006023 ctx->sent_early_data = 0;
Olivier Houchard54907bb2019-12-19 15:02:39 +01006024 ctx->early_buf = BUF_NULL;
Olivier Houcharda8955d52019-04-07 22:00:38 +02006025 ctx->conn = conn;
Willy Tarreau113d52b2020-01-10 09:20:26 +01006026 ctx->subs = NULL;
Emeric Brun5762a0d2019-09-06 15:36:02 +02006027 ctx->xprt_st = 0;
6028 ctx->xprt_ctx = NULL;
Olivier Houcharda8955d52019-04-07 22:00:38 +02006029
6030 /* Only work with sockets for now, this should be adapted when we'll
6031 * add QUIC support.
6032 */
6033 ctx->xprt = xprt_get(XPRT_RAW);
Olivier Houchard19afb272019-05-23 18:24:07 +02006034 if (ctx->xprt->init) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006035 if (ctx->xprt->init(conn, &ctx->xprt_ctx) != 0)
6036 goto err;
Olivier Houchard19afb272019-05-23 18:24:07 +02006037 }
Olivier Houchard66ab4982019-02-26 18:37:15 +01006038
Willy Tarreau20879a02012-12-03 16:32:10 +01006039 if (global.maxsslconn && sslconns >= global.maxsslconn) {
6040 conn->err_code = CO_ER_SSL_TOO_MANY;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006041 goto err;
Willy Tarreau20879a02012-12-03 16:32:10 +01006042 }
Willy Tarreau403edff2012-09-06 11:58:37 +02006043
Emeric Brun46591952012-05-18 15:47:34 +02006044 /* If it is in client mode initiate SSL session
6045 in connect state otherwise accept state */
Willy Tarreau3fdb3662012-11-12 00:42:33 +01006046 if (objt_server(conn->target)) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006047 int may_retry = 1;
6048
6049 retry_connect:
Emeric Brun46591952012-05-18 15:47:34 +02006050 /* Alloc a new SSL session ctx */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006051 ctx->ssl = SSL_new(__objt_server(conn->target)->ssl_ctx.ctx);
6052 if (!ctx->ssl) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006053 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006054 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006055 goto retry_connect;
6056 }
Willy Tarreau20879a02012-12-03 16:32:10 +01006057 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006058 goto err;
Willy Tarreau20879a02012-12-03 16:32:10 +01006059 }
Olivier Houcharda8955d52019-04-07 22:00:38 +02006060 ctx->bio = BIO_new(ha_meth);
6061 if (!ctx->bio) {
Olivier Houchardefe5e8e2020-01-24 15:17:38 +01006062 SSL_free(ctx->ssl);
6063 ctx->ssl = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006064 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006065 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006066 goto retry_connect;
6067 }
Emeric Brun55476152014-11-12 17:35:37 +01006068 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006069 goto err;
Emeric Brun55476152014-11-12 17:35:37 +01006070 }
Olivier Houcharda8955d52019-04-07 22:00:38 +02006071 BIO_set_data(ctx->bio, ctx);
Olivier Houcharda8955d52019-04-07 22:00:38 +02006072 SSL_set_bio(ctx->ssl, ctx->bio, ctx->bio);
Emeric Brun46591952012-05-18 15:47:34 +02006073
Evan Broderbe554312013-06-27 00:05:25 -07006074 /* set connection pointer */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006075 if (!SSL_set_ex_data(ctx->ssl, ssl_app_data_index, conn)) {
6076 SSL_free(ctx->ssl);
6077 ctx->ssl = NULL;
Emeric Brun55476152014-11-12 17:35:37 +01006078 conn->xprt_ctx = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006079 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006080 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006081 goto retry_connect;
6082 }
Emeric Brun55476152014-11-12 17:35:37 +01006083 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006084 goto err;
Emeric Brun55476152014-11-12 17:35:37 +01006085 }
6086
Olivier Houchard66ab4982019-02-26 18:37:15 +01006087 SSL_set_connect_state(ctx->ssl);
Willy Tarreau07d94e42018-09-20 10:57:52 +02006088 if (__objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr) {
6089 const unsigned char *ptr = __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr;
6090 SSL_SESSION *sess = d2i_SSL_SESSION(NULL, &ptr, __objt_server(conn->target)->ssl_ctx.reused_sess[tid].size);
Olivier Houchard66ab4982019-02-26 18:37:15 +01006091 if (sess && !SSL_set_session(ctx->ssl, sess)) {
Olivier Houcharde6060c52017-11-16 17:42:52 +01006092 SSL_SESSION_free(sess);
Willy Tarreau07d94e42018-09-20 10:57:52 +02006093 free(__objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr);
6094 __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr = NULL;
Olivier Houcharde6060c52017-11-16 17:42:52 +01006095 } else if (sess) {
6096 SSL_SESSION_free(sess);
Emeric Brun55476152014-11-12 17:35:37 +01006097 }
6098 }
Evan Broderbe554312013-06-27 00:05:25 -07006099
Emeric Brun46591952012-05-18 15:47:34 +02006100 /* leave init state and start handshake */
Willy Tarreau05737472012-09-04 08:03:39 +02006101 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Willy Tarreau403edff2012-09-06 11:58:37 +02006102
Olivier Houchard2be5a4c2019-03-08 18:54:43 +01006103 _HA_ATOMIC_ADD(&sslconns, 1);
6104 _HA_ATOMIC_ADD(&totalsslconns, 1);
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006105 *xprt_ctx = ctx;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006106 /* Start the handshake */
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006107 tasklet_wakeup(ctx->wait_event.tasklet);
Emeric Brun46591952012-05-18 15:47:34 +02006108 return 0;
6109 }
Willy Tarreau3fdb3662012-11-12 00:42:33 +01006110 else if (objt_listener(conn->target)) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006111 int may_retry = 1;
6112
6113 retry_accept:
Emeric Brun46591952012-05-18 15:47:34 +02006114 /* Alloc a new SSL session ctx */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006115 ctx->ssl = SSL_new(__objt_listener(conn->target)->bind_conf->initial_ctx);
6116 if (!ctx->ssl) {
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006117 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006118 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006119 goto retry_accept;
6120 }
Willy Tarreau20879a02012-12-03 16:32:10 +01006121 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006122 goto err;
Willy Tarreau20879a02012-12-03 16:32:10 +01006123 }
Olivier Houcharda8955d52019-04-07 22:00:38 +02006124 ctx->bio = BIO_new(ha_meth);
6125 if (!ctx->bio) {
Olivier Houchardefe5e8e2020-01-24 15:17:38 +01006126 SSL_free(ctx->ssl);
6127 ctx->ssl = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006128 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006129 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006130 goto retry_accept;
6131 }
Emeric Brun55476152014-11-12 17:35:37 +01006132 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006133 goto err;
Emeric Brun55476152014-11-12 17:35:37 +01006134 }
Olivier Houcharda8955d52019-04-07 22:00:38 +02006135 BIO_set_data(ctx->bio, ctx);
Olivier Houcharda8955d52019-04-07 22:00:38 +02006136 SSL_set_bio(ctx->ssl, ctx->bio, ctx->bio);
Emeric Brun46591952012-05-18 15:47:34 +02006137
Emeric Brune1f38db2012-09-03 20:36:47 +02006138 /* set connection pointer */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006139 if (!SSL_set_ex_data(ctx->ssl, ssl_app_data_index, conn)) {
6140 SSL_free(ctx->ssl);
6141 ctx->ssl = NULL;
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006142 if (may_retry--) {
Willy Tarreaubafbe012017-11-24 17:34:44 +01006143 pool_gc(NULL);
Willy Tarreaufba03cd2014-11-13 13:48:58 +01006144 goto retry_accept;
6145 }
Emeric Brun55476152014-11-12 17:35:37 +01006146 conn->err_code = CO_ER_SSL_NO_MEM;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006147 goto err;
Emeric Brun55476152014-11-12 17:35:37 +01006148 }
6149
Frédéric Lécaille3139c1b2020-01-24 14:56:18 +01006150#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
6151 if (__objt_listener(conn->target)->bind_conf->ssl_conf.early_data) {
6152 b_alloc(&ctx->early_buf);
6153 SSL_set_max_early_data(ctx->ssl,
6154 /* Only allow early data if we managed to allocate
6155 * a buffer.
6156 */
6157 (!b_is_null(&ctx->early_buf)) ?
6158 global.tune.bufsize - global.tune.maxrewrite : 0);
6159 }
6160#endif
6161
Olivier Houchard66ab4982019-02-26 18:37:15 +01006162 SSL_set_accept_state(ctx->ssl);
Emeric Brune1f38db2012-09-03 20:36:47 +02006163
Emeric Brun46591952012-05-18 15:47:34 +02006164 /* leave init state and start handshake */
Willy Tarreau05737472012-09-04 08:03:39 +02006165 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Emmanuel Hocdetf967c312019-08-05 18:04:16 +02006166#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchardc2aae742017-09-22 18:26:28 +02006167 conn->flags |= CO_FL_EARLY_SSL_HS;
6168#endif
Willy Tarreau403edff2012-09-06 11:58:37 +02006169
Olivier Houchard2be5a4c2019-03-08 18:54:43 +01006170 _HA_ATOMIC_ADD(&sslconns, 1);
6171 _HA_ATOMIC_ADD(&totalsslconns, 1);
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006172 *xprt_ctx = ctx;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006173 /* Start the handshake */
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006174 tasklet_wakeup(ctx->wait_event.tasklet);
Emeric Brun46591952012-05-18 15:47:34 +02006175 return 0;
6176 }
6177 /* don't know how to handle such a target */
Willy Tarreau20879a02012-12-03 16:32:10 +01006178 conn->err_code = CO_ER_SSL_NO_TARGET;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006179err:
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006180 if (ctx && ctx->wait_event.tasklet)
6181 tasklet_free(ctx->wait_event.tasklet);
Olivier Houchard66ab4982019-02-26 18:37:15 +01006182 pool_free(ssl_sock_ctx_pool, ctx);
Emeric Brun46591952012-05-18 15:47:34 +02006183 return -1;
6184}
6185
6186
6187/* This is the callback which is used when an SSL handshake is pending. It
6188 * updates the FD status if it wants some polling before being called again.
6189 * It returns 0 if it fails in a fatal way or needs to poll to go further,
6190 * otherwise it returns non-zero and removes itself from the connection's
6191 * flags (the bit is provided in <flag> by the caller).
6192 */
Olivier Houchard000694c2019-05-23 14:45:12 +02006193static int ssl_sock_handshake(struct connection *conn, unsigned int flag)
Emeric Brun46591952012-05-18 15:47:34 +02006194{
Olivier Houchard66ab4982019-02-26 18:37:15 +01006195 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
Emeric Brun46591952012-05-18 15:47:34 +02006196 int ret;
6197
Willy Tarreau3c728722014-01-23 13:50:42 +01006198 if (!conn_ctrl_ready(conn))
Willy Tarreauf79c8172013-10-21 16:30:56 +02006199 return 0;
6200
Willy Tarreauf7bc57c2012-10-03 00:19:48 +02006201 if (!conn->xprt_ctx)
Emeric Brun46591952012-05-18 15:47:34 +02006202 goto out_error;
6203
Willy Tarreau5db847a2019-05-09 14:13:35 +02006204#if HA_OPENSSL_VERSION_NUMBER >= 0x10101000L
Olivier Houchardc2aae742017-09-22 18:26:28 +02006205 /*
6206 * Check if we have early data. If we do, we have to read them
6207 * before SSL_do_handshake() is called, And there's no way to
6208 * detect early data, except to try to read them
6209 */
6210 if (conn->flags & CO_FL_EARLY_SSL_HS) {
Olivier Houchard54907bb2019-12-19 15:02:39 +01006211 size_t read_data = 0;
Olivier Houchardc2aae742017-09-22 18:26:28 +02006212
Olivier Houchard54907bb2019-12-19 15:02:39 +01006213 while (1) {
6214 ret = SSL_read_early_data(ctx->ssl,
6215 b_tail(&ctx->early_buf), b_room(&ctx->early_buf),
6216 &read_data);
6217 if (ret == SSL_READ_EARLY_DATA_ERROR)
6218 goto check_error;
6219 if (read_data > 0) {
6220 conn->flags |= CO_FL_EARLY_DATA;
6221 b_add(&ctx->early_buf, read_data);
6222 }
6223 if (ret == SSL_READ_EARLY_DATA_FINISH) {
6224 conn->flags &= ~CO_FL_EARLY_SSL_HS;
6225 if (!b_data(&ctx->early_buf))
6226 b_free(&ctx->early_buf);
6227 break;
6228 }
6229 }
Olivier Houchardc2aae742017-09-22 18:26:28 +02006230 }
6231#endif
Emeric Brun674b7432012-11-08 19:21:55 +01006232 /* If we use SSL_do_handshake to process a reneg initiated by
6233 * the remote peer, it sometimes returns SSL_ERROR_SSL.
6234 * Usually SSL_write and SSL_read are used and process implicitly
6235 * the reneg handshake.
6236 * Here we use SSL_peek as a workaround for reneg.
6237 */
Willy Tarreauc192b0a2020-01-23 09:11:58 +01006238 if (!(conn->flags & CO_FL_WAIT_L6_CONN) && SSL_renegotiate_pending(ctx->ssl)) {
Emeric Brun674b7432012-11-08 19:21:55 +01006239 char c;
6240
Olivier Houchard66ab4982019-02-26 18:37:15 +01006241 ret = SSL_peek(ctx->ssl, &c, 1);
Emeric Brun674b7432012-11-08 19:21:55 +01006242 if (ret <= 0) {
6243 /* handshake may have not been completed, let's find why */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006244 ret = SSL_get_error(ctx->ssl, ret);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006245
Emeric Brun674b7432012-11-08 19:21:55 +01006246 if (ret == SSL_ERROR_WANT_WRITE) {
6247 /* SSL handshake needs to write, L4 connection may not be ready */
Olivier Houchard03abf2d2019-05-28 10:12:02 +02006248 if (!(ctx->wait_event.events & SUB_RETRY_SEND))
Olivier Houchardea8dd942019-05-20 14:02:16 +02006249 ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_SEND, &ctx->wait_event);
Emeric Brun674b7432012-11-08 19:21:55 +01006250 return 0;
6251 }
6252 else if (ret == SSL_ERROR_WANT_READ) {
6253 /* handshake may have been completed but we have
6254 * no more data to read.
6255 */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006256 if (!SSL_renegotiate_pending(ctx->ssl)) {
Emeric Brun674b7432012-11-08 19:21:55 +01006257 ret = 1;
6258 goto reneg_ok;
6259 }
6260 /* SSL handshake needs to read, L4 connection is ready */
Olivier Houchard03abf2d2019-05-28 10:12:02 +02006261 if (!(ctx->wait_event.events & SUB_RETRY_RECV))
Olivier Houchardea8dd942019-05-20 14:02:16 +02006262 ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_RECV, &ctx->wait_event);
Emeric Brun674b7432012-11-08 19:21:55 +01006263 return 0;
6264 }
Willy Tarreau5db847a2019-05-09 14:13:35 +02006265#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006266 else if (ret == SSL_ERROR_WANT_ASYNC) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006267 ssl_async_process_fds(ctx);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006268 return 0;
6269 }
6270#endif
Emeric Brun674b7432012-11-08 19:21:55 +01006271 else if (ret == SSL_ERROR_SYSCALL) {
6272 /* if errno is null, then connection was successfully established */
6273 if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
6274 conn->flags &= ~CO_FL_WAIT_L4_CONN;
Willy Tarreau20879a02012-12-03 16:32:10 +01006275 if (!conn->err_code) {
Lukas Tribus49799162019-07-08 14:29:15 +02006276#if defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER)
6277 /* do not handle empty handshakes in BoringSSL or LibreSSL */
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006278 conn->err_code = CO_ER_SSL_HANDSHAKE;
6279#else
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006280 int empty_handshake;
Willy Tarreau5db847a2019-05-09 14:13:35 +02006281#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL)
Lukas Tribus49799162019-07-08 14:29:15 +02006282 /* use SSL_get_state() in OpenSSL >= 1.1.0; SSL_state() is broken */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006283 OSSL_HANDSHAKE_STATE state = SSL_get_state((SSL *)ctx->ssl);
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006284 empty_handshake = state == TLS_ST_BEFORE;
6285#else
Lukas Tribus49799162019-07-08 14:29:15 +02006286 /* access packet_length directly in OpenSSL <= 1.0.2; SSL_state() is broken */
6287 empty_handshake = !ctx->ssl->packet_length;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006288#endif
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006289 if (empty_handshake) {
Emeric Brun29f037d2014-04-25 19:05:36 +02006290 if (!errno) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006291 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +02006292 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
6293 else
6294 conn->err_code = CO_ER_SSL_EMPTY;
6295 }
6296 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006297 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +02006298 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
6299 else
6300 conn->err_code = CO_ER_SSL_ABORT;
6301 }
6302 }
6303 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006304 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +02006305 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
Willy Tarreau20879a02012-12-03 16:32:10 +01006306 else
Emeric Brun29f037d2014-04-25 19:05:36 +02006307 conn->err_code = CO_ER_SSL_HANDSHAKE;
6308 }
Lukas Tribus49799162019-07-08 14:29:15 +02006309#endif /* BoringSSL or LibreSSL */
Willy Tarreau20879a02012-12-03 16:32:10 +01006310 }
Emeric Brun674b7432012-11-08 19:21:55 +01006311 goto out_error;
6312 }
6313 else {
6314 /* Fail on all other handshake errors */
6315 /* Note: OpenSSL may leave unread bytes in the socket's
6316 * buffer, causing an RST to be emitted upon close() on
6317 * TCP sockets. We first try to drain possibly pending
6318 * data to avoid this as much as possible.
6319 */
Willy Tarreaud85c4852015-03-13 00:40:28 +01006320 conn_sock_drain(conn);
Willy Tarreau20879a02012-12-03 16:32:10 +01006321 if (!conn->err_code)
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006322 conn->err_code = (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT) ?
Willy Tarreauf51c6982014-04-25 20:02:39 +02006323 CO_ER_SSL_KILLED_HB : CO_ER_SSL_HANDSHAKE;
Emeric Brun674b7432012-11-08 19:21:55 +01006324 goto out_error;
6325 }
6326 }
6327 /* read some data: consider handshake completed */
6328 goto reneg_ok;
6329 }
Olivier Houchard66ab4982019-02-26 18:37:15 +01006330 ret = SSL_do_handshake(ctx->ssl);
Olivier Houchardc2aae742017-09-22 18:26:28 +02006331check_error:
Emeric Brun46591952012-05-18 15:47:34 +02006332 if (ret != 1) {
6333 /* handshake did not complete, let's find why */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006334 ret = SSL_get_error(ctx->ssl, ret);
Emeric Brun46591952012-05-18 15:47:34 +02006335
6336 if (ret == SSL_ERROR_WANT_WRITE) {
6337 /* SSL handshake needs to write, L4 connection may not be ready */
Olivier Houchard03abf2d2019-05-28 10:12:02 +02006338 if (!(ctx->wait_event.events & SUB_RETRY_SEND))
Olivier Houchardea8dd942019-05-20 14:02:16 +02006339 ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_SEND, &ctx->wait_event);
Emeric Brun46591952012-05-18 15:47:34 +02006340 return 0;
6341 }
6342 else if (ret == SSL_ERROR_WANT_READ) {
6343 /* SSL handshake needs to read, L4 connection is ready */
Olivier Houchardea8dd942019-05-20 14:02:16 +02006344 if (!(ctx->wait_event.events & SUB_RETRY_RECV))
Olivier Houchardea8dd942019-05-20 14:02:16 +02006345 ctx->xprt->subscribe(conn, ctx->xprt_ctx,
6346 SUB_RETRY_RECV, &ctx->wait_event);
Emeric Brun46591952012-05-18 15:47:34 +02006347 return 0;
6348 }
Willy Tarreau5db847a2019-05-09 14:13:35 +02006349#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006350 else if (ret == SSL_ERROR_WANT_ASYNC) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006351 ssl_async_process_fds(ctx);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006352 return 0;
6353 }
6354#endif
Willy Tarreau89230192012-09-28 20:22:13 +02006355 else if (ret == SSL_ERROR_SYSCALL) {
6356 /* if errno is null, then connection was successfully established */
6357 if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
6358 conn->flags &= ~CO_FL_WAIT_L4_CONN;
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006359 if (!conn->err_code) {
Lukas Tribus49799162019-07-08 14:29:15 +02006360#if defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER)
6361 /* do not handle empty handshakes in BoringSSL or LibreSSL */
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006362 conn->err_code = CO_ER_SSL_HANDSHAKE;
6363#else
6364 int empty_handshake;
Willy Tarreau5db847a2019-05-09 14:13:35 +02006365#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL)
Lukas Tribus49799162019-07-08 14:29:15 +02006366 /* use SSL_get_state() in OpenSSL >= 1.1.0; SSL_state() is broken */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006367 OSSL_HANDSHAKE_STATE state = SSL_get_state(ctx->ssl);
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006368 empty_handshake = state == TLS_ST_BEFORE;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006369#else
Lukas Tribus49799162019-07-08 14:29:15 +02006370 /* access packet_length directly in OpenSSL <= 1.0.2; SSL_state() is broken */
6371 empty_handshake = !ctx->ssl->packet_length;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02006372#endif
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006373 if (empty_handshake) {
6374 if (!errno) {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006375 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006376 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
6377 else
6378 conn->err_code = CO_ER_SSL_EMPTY;
6379 }
6380 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006381 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006382 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
6383 else
6384 conn->err_code = CO_ER_SSL_ABORT;
6385 }
Emeric Brun29f037d2014-04-25 19:05:36 +02006386 }
6387 else {
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006388 if (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT)
Emeric Brun29f037d2014-04-25 19:05:36 +02006389 conn->err_code = CO_ER_SSL_HANDSHAKE_HB;
6390 else
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01006391 conn->err_code = CO_ER_SSL_HANDSHAKE;
Emeric Brun29f037d2014-04-25 19:05:36 +02006392 }
Lukas Tribus49799162019-07-08 14:29:15 +02006393#endif /* BoringSSL or LibreSSL */
Emeric Brun29f037d2014-04-25 19:05:36 +02006394 }
Willy Tarreau89230192012-09-28 20:22:13 +02006395 goto out_error;
6396 }
Emeric Brun46591952012-05-18 15:47:34 +02006397 else {
6398 /* Fail on all other handshake errors */
Willy Tarreau566dc552012-10-19 20:52:18 +02006399 /* Note: OpenSSL may leave unread bytes in the socket's
6400 * buffer, causing an RST to be emitted upon close() on
6401 * TCP sockets. We first try to drain possibly pending
6402 * data to avoid this as much as possible.
6403 */
Willy Tarreaud85c4852015-03-13 00:40:28 +01006404 conn_sock_drain(conn);
Willy Tarreau20879a02012-12-03 16:32:10 +01006405 if (!conn->err_code)
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006406 conn->err_code = (ctx->xprt_st & SSL_SOCK_RECV_HEARTBEAT) ?
Willy Tarreauf51c6982014-04-25 20:02:39 +02006407 CO_ER_SSL_KILLED_HB : CO_ER_SSL_HANDSHAKE;
Emeric Brun46591952012-05-18 15:47:34 +02006408 goto out_error;
6409 }
6410 }
Willy Tarreau5db847a2019-05-09 14:13:35 +02006411#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchard522eea72017-11-03 16:27:47 +01006412 else {
6413 /*
6414 * If the server refused the early data, we have to send a
6415 * 425 to the client, as we no longer have the data to sent
6416 * them again.
6417 */
6418 if ((conn->flags & CO_FL_EARLY_DATA) && (objt_server(conn->target))) {
Olivier Houchard66ab4982019-02-26 18:37:15 +01006419 if (SSL_get_early_data_status(ctx->ssl) == SSL_EARLY_DATA_REJECTED) {
Olivier Houchard522eea72017-11-03 16:27:47 +01006420 conn->err_code = CO_ER_SSL_EARLY_FAILED;
6421 goto out_error;
6422 }
6423 }
6424 }
6425#endif
6426
Emeric Brun46591952012-05-18 15:47:34 +02006427
Emeric Brun674b7432012-11-08 19:21:55 +01006428reneg_ok:
Emeric Brunb5e42a82017-06-06 12:35:14 +00006429
Willy Tarreau5db847a2019-05-09 14:13:35 +02006430#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +00006431 /* ASYNC engine API doesn't support moving read/write
6432 * buffers. So we disable ASYNC mode right after
6433 * the handshake to avoid buffer oveflows.
6434 */
6435 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +01006436 SSL_clear_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +00006437#endif
Emeric Brun46591952012-05-18 15:47:34 +02006438 /* Handshake succeeded */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006439 if (!SSL_session_reused(ctx->ssl)) {
Willy Tarreau0c9c2722014-05-28 12:28:58 +02006440 if (objt_server(conn->target)) {
6441 update_freq_ctr(&global.ssl_be_keys_per_sec, 1);
6442 if (global.ssl_be_keys_per_sec.curr_ctr > global.ssl_be_keys_max)
6443 global.ssl_be_keys_max = global.ssl_be_keys_per_sec.curr_ctr;
Emeric Brun46591952012-05-18 15:47:34 +02006444 }
Willy Tarreau0c9c2722014-05-28 12:28:58 +02006445 else {
6446 update_freq_ctr(&global.ssl_fe_keys_per_sec, 1);
6447 if (global.ssl_fe_keys_per_sec.curr_ctr > global.ssl_fe_keys_max)
6448 global.ssl_fe_keys_max = global.ssl_fe_keys_per_sec.curr_ctr;
6449 }
Emeric Brun46591952012-05-18 15:47:34 +02006450 }
6451
6452 /* The connection is now established at both layers, it's time to leave */
6453 conn->flags &= ~(flag | CO_FL_WAIT_L4_CONN | CO_FL_WAIT_L6_CONN);
6454 return 1;
6455
6456 out_error:
Emeric Brun644cde02012-12-14 11:21:13 +01006457 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02006458 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +01006459 ERR_clear_error();
6460
Emeric Brun9fa89732012-10-04 17:09:56 +02006461 /* free resumed session if exists */
Willy Tarreau07d94e42018-09-20 10:57:52 +02006462 if (objt_server(conn->target) && __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr) {
6463 free(__objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr);
6464 __objt_server(conn->target)->ssl_ctx.reused_sess[tid].ptr = NULL;
Emeric Brun9fa89732012-10-04 17:09:56 +02006465 }
6466
Emeric Brun46591952012-05-18 15:47:34 +02006467 /* Fail on all other handshake errors */
6468 conn->flags |= CO_FL_ERROR;
Willy Tarreau20879a02012-12-03 16:32:10 +01006469 if (!conn->err_code)
6470 conn->err_code = CO_ER_SSL_HANDSHAKE;
Emeric Brun46591952012-05-18 15:47:34 +02006471 return 0;
6472}
6473
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006474/* Called from the upper layer, to subscribe <es> to events <event_type>. The
6475 * event subscriber <es> is not allowed to change from a previous call as long
6476 * as at least one event is still subscribed. The <event_type> must only be a
6477 * combination of SUB_RETRY_RECV and SUB_RETRY_SEND. It always returns 0,
6478 * unless the transport layer was already released.
6479 */
6480static int ssl_subscribe(struct connection *conn, void *xprt_ctx, int event_type, struct wait_event *es)
Olivier Houcharddf357842019-03-21 16:30:07 +01006481{
Olivier Houchardea8dd942019-05-20 14:02:16 +02006482 struct ssl_sock_ctx *ctx = xprt_ctx;
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006483
Olivier Houchard0ff28652019-06-24 18:57:39 +02006484 if (!ctx)
6485 return -1;
6486
Willy Tarreau113d52b2020-01-10 09:20:26 +01006487 BUG_ON(event_type & ~(SUB_RETRY_SEND|SUB_RETRY_RECV));
6488 BUG_ON(ctx->subs && ctx->subs->events & event_type);
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006489 BUG_ON(ctx->subs && ctx->subs != es);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006490
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006491 ctx->subs = es;
6492 es->events |= event_type;
Willy Tarreau113d52b2020-01-10 09:20:26 +01006493
6494 /* we may have to subscribe to lower layers for new events */
6495 event_type &= ~ctx->wait_event.events;
6496 if (event_type && !(conn->flags & CO_FL_SSL_WAIT_HS))
6497 ctx->xprt->subscribe(conn, ctx->xprt_ctx, event_type, &ctx->wait_event);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006498 return 0;
Olivier Houcharddf357842019-03-21 16:30:07 +01006499}
6500
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006501/* Called from the upper layer, to unsubscribe <es> from events <event_type>.
6502 * The <es> pointer is not allowed to differ from the one passed to the
6503 * subscribe() call. It always returns zero.
6504 */
6505static int ssl_unsubscribe(struct connection *conn, void *xprt_ctx, int event_type, struct wait_event *es)
Olivier Houcharddf357842019-03-21 16:30:07 +01006506{
Olivier Houchardea8dd942019-05-20 14:02:16 +02006507 struct ssl_sock_ctx *ctx = xprt_ctx;
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006508
Willy Tarreau113d52b2020-01-10 09:20:26 +01006509 BUG_ON(event_type & ~(SUB_RETRY_SEND|SUB_RETRY_RECV));
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006510 BUG_ON(ctx->subs && ctx->subs != es);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006511
Willy Tarreauee1a6fc2020-01-17 07:52:13 +01006512 es->events &= ~event_type;
6513 if (!es->events)
Willy Tarreau113d52b2020-01-10 09:20:26 +01006514 ctx->subs = NULL;
6515
6516 /* If we subscribed, and we're not doing the handshake,
6517 * then we subscribed because the upper layer asked for it,
6518 * as the upper layer is no longer interested, we can
6519 * unsubscribe too.
6520 */
6521 event_type &= ctx->wait_event.events;
6522 if (event_type && !(ctx->conn->flags & CO_FL_SSL_WAIT_HS))
6523 conn_unsubscribe(conn, ctx->xprt_ctx, event_type, &ctx->wait_event);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006524
6525 return 0;
Olivier Houcharddf357842019-03-21 16:30:07 +01006526}
6527
Olivier Houchard2e055482019-05-27 19:50:12 +02006528/* Use the provided XPRT as an underlying XPRT, and provide the old one.
6529 * Returns 0 on success, and non-zero on failure.
6530 */
6531static int ssl_add_xprt(struct connection *conn, void *xprt_ctx, void *toadd_ctx, const struct xprt_ops *toadd_ops, void **oldxprt_ctx, const struct xprt_ops **oldxprt_ops)
6532{
6533 struct ssl_sock_ctx *ctx = xprt_ctx;
6534
6535 if (oldxprt_ops != NULL)
6536 *oldxprt_ops = ctx->xprt;
6537 if (oldxprt_ctx != NULL)
6538 *oldxprt_ctx = ctx->xprt_ctx;
6539 ctx->xprt = toadd_ops;
6540 ctx->xprt_ctx = toadd_ctx;
6541 return 0;
6542}
6543
Olivier Houchard5149b592019-05-23 17:47:36 +02006544/* Remove the specified xprt. If if it our underlying XPRT, remove it and
6545 * return 0, otherwise just call the remove_xprt method from the underlying
6546 * XPRT.
6547 */
6548static int ssl_remove_xprt(struct connection *conn, void *xprt_ctx, void *toremove_ctx, const struct xprt_ops *newops, void *newctx)
6549{
6550 struct ssl_sock_ctx *ctx = xprt_ctx;
6551
6552 if (ctx->xprt_ctx == toremove_ctx) {
6553 ctx->xprt_ctx = newctx;
6554 ctx->xprt = newops;
6555 return 0;
6556 }
6557 return (ctx->xprt->remove_xprt(conn, ctx->xprt_ctx, toremove_ctx, newops, newctx));
6558}
6559
Olivier Houchardea8dd942019-05-20 14:02:16 +02006560static struct task *ssl_sock_io_cb(struct task *t, void *context, unsigned short state)
6561{
6562 struct ssl_sock_ctx *ctx = context;
6563
6564 /* First if we're doing an handshake, try that */
6565 if (ctx->conn->flags & CO_FL_SSL_WAIT_HS)
6566 ssl_sock_handshake(ctx->conn, CO_FL_SSL_WAIT_HS);
6567 /* If we had an error, or the handshake is done and I/O is available,
6568 * let the upper layer know.
Olivier Houchard477902b2020-01-22 18:08:48 +01006569 * If no mux was set up yet, then call conn_create_mux()
Olivier Houchardea8dd942019-05-20 14:02:16 +02006570 * we can't be sure conn_fd_handler() will be called again.
6571 */
6572 if ((ctx->conn->flags & CO_FL_ERROR) ||
6573 !(ctx->conn->flags & CO_FL_SSL_WAIT_HS)) {
6574 int ret = 0;
6575 int woke = 0;
6576
6577 /* On error, wake any waiter */
Willy Tarreau113d52b2020-01-10 09:20:26 +01006578 if (ctx->subs) {
6579 tasklet_wakeup(ctx->subs->tasklet);
6580 ctx->subs->events = 0;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006581 woke = 1;
Willy Tarreau113d52b2020-01-10 09:20:26 +01006582 ctx->subs = NULL;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006583 }
Willy Tarreau113d52b2020-01-10 09:20:26 +01006584
Olivier Houchardea8dd942019-05-20 14:02:16 +02006585 /* If we're the first xprt for the connection, let the
Olivier Houchard477902b2020-01-22 18:08:48 +01006586 * upper layers know. If we have no mux, create it,
6587 * and once we have a mux, call its wake method if we didn't
6588 * woke a tasklet already.
Olivier Houchardea8dd942019-05-20 14:02:16 +02006589 */
6590 if (ctx->conn->xprt_ctx == ctx) {
Olivier Houchard477902b2020-01-22 18:08:48 +01006591 if (!ctx->conn->mux)
6592 ret = conn_create_mux(ctx->conn);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006593 if (ret >= 0 && !woke && ctx->conn->mux && ctx->conn->mux->wake)
6594 ctx->conn->mux->wake(ctx->conn);
6595 return NULL;
6596 }
6597 }
Olivier Houchard54907bb2019-12-19 15:02:39 +01006598#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
6599 /* If we have early data and somebody wants to receive, let them */
Willy Tarreau113d52b2020-01-10 09:20:26 +01006600 else if (b_data(&ctx->early_buf) && ctx->subs &&
6601 ctx->subs->events & SUB_RETRY_RECV) {
6602 tasklet_wakeup(ctx->subs->tasklet);
6603 ctx->subs->events &= ~SUB_RETRY_RECV;
6604 if (!ctx->subs->events)
6605 ctx->subs = NULL;
Olivier Houchard54907bb2019-12-19 15:02:39 +01006606 }
6607#endif
Olivier Houchardea8dd942019-05-20 14:02:16 +02006608 return NULL;
6609}
6610
Emeric Brun46591952012-05-18 15:47:34 +02006611/* Receive up to <count> bytes from connection <conn>'s socket and store them
Willy Tarreauabf08d92014-01-14 11:31:27 +01006612 * into buffer <buf>. Only one call to recv() is performed, unless the
Emeric Brun46591952012-05-18 15:47:34 +02006613 * buffer wraps, in which case a second call may be performed. The connection's
6614 * flags are updated with whatever special event is detected (error, read0,
6615 * empty). The caller is responsible for taking care of those events and
6616 * avoiding the call if inappropriate. The function does not call the
6617 * connection's polling update function, so the caller is responsible for this.
6618 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006619static size_t ssl_sock_to_buf(struct connection *conn, void *xprt_ctx, struct buffer *buf, size_t count, int flags)
Emeric Brun46591952012-05-18 15:47:34 +02006620{
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006621 struct ssl_sock_ctx *ctx = xprt_ctx;
Willy Tarreaubfc4d772018-07-18 11:22:03 +02006622 ssize_t ret;
6623 size_t try, done = 0;
Emeric Brun46591952012-05-18 15:47:34 +02006624
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006625 if (!ctx)
Emeric Brun46591952012-05-18 15:47:34 +02006626 goto out_error;
6627
Olivier Houchard54907bb2019-12-19 15:02:39 +01006628#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
6629 if (b_data(&ctx->early_buf)) {
6630 try = b_contig_space(buf);
6631 if (try > b_data(&ctx->early_buf))
6632 try = b_data(&ctx->early_buf);
6633 memcpy(b_tail(buf), b_head(&ctx->early_buf), try);
6634 b_add(buf, try);
6635 b_del(&ctx->early_buf, try);
6636 if (b_data(&ctx->early_buf) == 0)
6637 b_free(&ctx->early_buf);
6638 return try;
6639 }
6640#endif
6641
Willy Tarreau911db9b2020-01-23 16:27:54 +01006642 if (conn->flags & (CO_FL_WAIT_XPRT | CO_FL_SSL_WAIT_HS))
Emeric Brun46591952012-05-18 15:47:34 +02006643 /* a handshake was requested */
6644 return 0;
6645
Emeric Brun46591952012-05-18 15:47:34 +02006646 /* read the largest possible block. For this, we perform only one call
6647 * to recv() unless the buffer wraps and we exactly fill the first hunk,
6648 * in which case we accept to do it once again. A new attempt is made on
6649 * EINTR too.
6650 */
Willy Tarreau00b0fb92014-01-17 11:09:40 +01006651 while (count > 0) {
Olivier Houchardc2aae742017-09-22 18:26:28 +02006652
Willy Tarreau591d4452018-06-15 17:21:00 +02006653 try = b_contig_space(buf);
6654 if (!try)
6655 break;
6656
Willy Tarreauabf08d92014-01-14 11:31:27 +01006657 if (try > count)
6658 try = count;
Willy Tarreau591d4452018-06-15 17:21:00 +02006659
Olivier Houchard66ab4982019-02-26 18:37:15 +01006660 ret = SSL_read(ctx->ssl, b_tail(buf), try);
Emmanuel Hocdetf967c312019-08-05 18:04:16 +02006661
Emeric Brune1f38db2012-09-03 20:36:47 +02006662 if (conn->flags & CO_FL_ERROR) {
6663 /* CO_FL_ERROR may be set by ssl_sock_infocbk */
Emeric Brun644cde02012-12-14 11:21:13 +01006664 goto out_error;
Emeric Brune1f38db2012-09-03 20:36:47 +02006665 }
Emeric Brun46591952012-05-18 15:47:34 +02006666 if (ret > 0) {
Olivier Houchardacd14032018-06-28 18:17:23 +02006667 b_add(buf, ret);
Emeric Brun46591952012-05-18 15:47:34 +02006668 done += ret;
Emeric Brun46591952012-05-18 15:47:34 +02006669 count -= ret;
Emeric Brun46591952012-05-18 15:47:34 +02006670 }
Emeric Brun46591952012-05-18 15:47:34 +02006671 else {
Olivier Houchard66ab4982019-02-26 18:37:15 +01006672 ret = SSL_get_error(ctx->ssl, ret);
Emeric Brun46591952012-05-18 15:47:34 +02006673 if (ret == SSL_ERROR_WANT_WRITE) {
Emeric Brun8af8dd12012-11-08 17:56:20 +01006674 /* handshake is running, and it needs to enable write */
Emeric Brun46591952012-05-18 15:47:34 +02006675 conn->flags |= CO_FL_SSL_WAIT_HS;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006676 ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_SEND, &ctx->wait_event);
Willy Tarreau5db847a2019-05-09 14:13:35 +02006677#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +00006678 /* Async mode can be re-enabled, because we're leaving data state.*/
6679 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +01006680 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +00006681#endif
Emeric Brun46591952012-05-18 15:47:34 +02006682 break;
6683 }
6684 else if (ret == SSL_ERROR_WANT_READ) {
Olivier Houchard66ab4982019-02-26 18:37:15 +01006685 if (SSL_renegotiate_pending(ctx->ssl)) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006686 ctx->xprt->subscribe(conn, ctx->xprt_ctx,
6687 SUB_RETRY_RECV,
6688 &ctx->wait_event);
Emeric Brun282a76a2012-11-08 18:02:56 +01006689 /* handshake is running, and it may need to re-enable read */
6690 conn->flags |= CO_FL_SSL_WAIT_HS;
Willy Tarreau5db847a2019-05-09 14:13:35 +02006691#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +00006692 /* Async mode can be re-enabled, because we're leaving data state.*/
6693 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +01006694 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +00006695#endif
Emeric Brun282a76a2012-11-08 18:02:56 +01006696 break;
6697 }
Emeric Brun46591952012-05-18 15:47:34 +02006698 break;
Olivier Houchardc2aae742017-09-22 18:26:28 +02006699 } else if (ret == SSL_ERROR_ZERO_RETURN)
6700 goto read0;
Christopher Faulet4ac77a92018-02-19 14:25:15 +01006701 /* For SSL_ERROR_SYSCALL, make sure to clear the error
6702 * stack before shutting down the connection for
6703 * reading. */
Olivier Houchard7e2e5052018-02-13 15:17:23 +01006704 if (ret == SSL_ERROR_SYSCALL && (!errno || errno == EAGAIN))
6705 goto clear_ssl_error;
Emeric Brun46591952012-05-18 15:47:34 +02006706 /* otherwise it's a real error */
6707 goto out_error;
6708 }
6709 }
Willy Tarreau31d4dbe2017-10-25 09:32:15 +02006710 leave:
Emeric Brun46591952012-05-18 15:47:34 +02006711 return done;
6712
Christopher Faulet4ac77a92018-02-19 14:25:15 +01006713 clear_ssl_error:
6714 /* Clear openssl global errors stack */
6715 ssl_sock_dump_errors(conn);
6716 ERR_clear_error();
Emeric Brun46591952012-05-18 15:47:34 +02006717 read0:
6718 conn_sock_read0(conn);
Willy Tarreau31d4dbe2017-10-25 09:32:15 +02006719 goto leave;
Christopher Faulet4ac77a92018-02-19 14:25:15 +01006720
Emeric Brun46591952012-05-18 15:47:34 +02006721 out_error:
Olivier Houchard7e2e5052018-02-13 15:17:23 +01006722 conn->flags |= CO_FL_ERROR;
Emeric Brun644cde02012-12-14 11:21:13 +01006723 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02006724 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +01006725 ERR_clear_error();
Willy Tarreau31d4dbe2017-10-25 09:32:15 +02006726 goto leave;
Emeric Brun46591952012-05-18 15:47:34 +02006727}
6728
6729
Willy Tarreau787db9a2018-06-14 18:31:46 +02006730/* Send up to <count> pending bytes from buffer <buf> to connection <conn>'s
6731 * socket. <flags> may contain some CO_SFL_* flags to hint the system about
6732 * other pending data for example, but this flag is ignored at the moment.
Emeric Brun46591952012-05-18 15:47:34 +02006733 * Only one call to send() is performed, unless the buffer wraps, in which case
6734 * a second call may be performed. The connection's flags are updated with
6735 * whatever special event is detected (error, empty). The caller is responsible
6736 * for taking care of those events and avoiding the call if inappropriate. The
6737 * function does not call the connection's polling update function, so the caller
Willy Tarreau787db9a2018-06-14 18:31:46 +02006738 * is responsible for this. The buffer's output is not adjusted, it's up to the
6739 * caller to take care of this. It's up to the caller to update the buffer's
6740 * contents based on the return value.
Emeric Brun46591952012-05-18 15:47:34 +02006741 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006742static size_t ssl_sock_from_buf(struct connection *conn, void *xprt_ctx, const struct buffer *buf, size_t count, int flags)
Emeric Brun46591952012-05-18 15:47:34 +02006743{
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006744 struct ssl_sock_ctx *ctx = xprt_ctx;
Willy Tarreau787db9a2018-06-14 18:31:46 +02006745 ssize_t ret;
6746 size_t try, done;
Emeric Brun46591952012-05-18 15:47:34 +02006747
6748 done = 0;
6749
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006750 if (!ctx)
Emeric Brun46591952012-05-18 15:47:34 +02006751 goto out_error;
6752
Willy Tarreau911db9b2020-01-23 16:27:54 +01006753 if (conn->flags & (CO_FL_WAIT_XPRT | CO_FL_SSL_WAIT_HS | CO_FL_EARLY_SSL_HS))
Emeric Brun46591952012-05-18 15:47:34 +02006754 /* a handshake was requested */
6755 return 0;
6756
6757 /* send the largest possible block. For this we perform only one call
6758 * to send() unless the buffer wraps and we exactly fill the first hunk,
6759 * in which case we accept to do it once again.
6760 */
Willy Tarreau787db9a2018-06-14 18:31:46 +02006761 while (count) {
Willy Tarreau5db847a2019-05-09 14:13:35 +02006762#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchardc2aae742017-09-22 18:26:28 +02006763 size_t written_data;
6764#endif
6765
Willy Tarreau787db9a2018-06-14 18:31:46 +02006766 try = b_contig_data(buf, done);
6767 if (try > count)
6768 try = count;
Willy Tarreaubfd59462013-02-21 07:46:09 +01006769
Willy Tarreau7bed9452014-02-02 02:00:24 +01006770 if (!(flags & CO_SFL_STREAMER) &&
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006771 !(ctx->xprt_st & SSL_SOCK_SEND_UNLIMITED) &&
Willy Tarreauef934602016-12-22 23:12:01 +01006772 global_ssl.max_record && try > global_ssl.max_record) {
6773 try = global_ssl.max_record;
Willy Tarreau518cedd2014-02-17 15:43:01 +01006774 }
6775 else {
6776 /* we need to keep the information about the fact that
6777 * we're not limiting the upcoming send(), because if it
6778 * fails, we'll have to retry with at least as many data.
6779 */
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006780 ctx->xprt_st |= SSL_SOCK_SEND_UNLIMITED;
Willy Tarreau518cedd2014-02-17 15:43:01 +01006781 }
Willy Tarreaubfd59462013-02-21 07:46:09 +01006782
Willy Tarreau5db847a2019-05-09 14:13:35 +02006783#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Olivier Houchard010941f2019-05-03 20:56:19 +02006784 if (!SSL_is_init_finished(ctx->ssl) && conn_is_back(conn)) {
Olivier Houchardc2aae742017-09-22 18:26:28 +02006785 unsigned int max_early;
6786
Olivier Houchard522eea72017-11-03 16:27:47 +01006787 if (objt_listener(conn->target))
Olivier Houchard66ab4982019-02-26 18:37:15 +01006788 max_early = SSL_get_max_early_data(ctx->ssl);
Olivier Houchard522eea72017-11-03 16:27:47 +01006789 else {
Olivier Houchard66ab4982019-02-26 18:37:15 +01006790 if (SSL_get0_session(ctx->ssl))
6791 max_early = SSL_SESSION_get_max_early_data(SSL_get0_session(ctx->ssl));
Olivier Houchard522eea72017-11-03 16:27:47 +01006792 else
6793 max_early = 0;
6794 }
6795
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006796 if (try + ctx->sent_early_data > max_early) {
6797 try -= (try + ctx->sent_early_data) - max_early;
Olivier Houchard522eea72017-11-03 16:27:47 +01006798 if (try <= 0) {
Olivier Houchard010941f2019-05-03 20:56:19 +02006799 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN;
Olivier Houchard965e84e2019-06-15 20:59:30 +02006800 tasklet_wakeup(ctx->wait_event.tasklet);
Olivier Houchardc2aae742017-09-22 18:26:28 +02006801 break;
Olivier Houchard522eea72017-11-03 16:27:47 +01006802 }
Olivier Houchardc2aae742017-09-22 18:26:28 +02006803 }
Olivier Houchard66ab4982019-02-26 18:37:15 +01006804 ret = SSL_write_early_data(ctx->ssl, b_peek(buf, done), try, &written_data);
Olivier Houchardc2aae742017-09-22 18:26:28 +02006805 if (ret == 1) {
6806 ret = written_data;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006807 ctx->sent_early_data += ret;
Olivier Houchard965e84e2019-06-15 20:59:30 +02006808 if (objt_server(conn->target)) {
Olivier Houchard522eea72017-11-03 16:27:47 +01006809 conn->flags |= CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN | CO_FL_EARLY_DATA;
Olivier Houchard965e84e2019-06-15 20:59:30 +02006810 /* Initiate the handshake, now */
6811 tasklet_wakeup(ctx->wait_event.tasklet);
6812 }
Olivier Houchard522eea72017-11-03 16:27:47 +01006813
Olivier Houchardc2aae742017-09-22 18:26:28 +02006814 }
6815
6816 } else
6817#endif
Olivier Houchard66ab4982019-02-26 18:37:15 +01006818 ret = SSL_write(ctx->ssl, b_peek(buf, done), try);
Willy Tarreau518cedd2014-02-17 15:43:01 +01006819
Emeric Brune1f38db2012-09-03 20:36:47 +02006820 if (conn->flags & CO_FL_ERROR) {
6821 /* CO_FL_ERROR may be set by ssl_sock_infocbk */
Emeric Brun644cde02012-12-14 11:21:13 +01006822 goto out_error;
Emeric Brune1f38db2012-09-03 20:36:47 +02006823 }
Emeric Brun46591952012-05-18 15:47:34 +02006824 if (ret > 0) {
Willy Tarreauc192b0a2020-01-23 09:11:58 +01006825 /* A send succeeded, so we can consider ourself connected */
6826 conn->flags &= ~CO_FL_WAIT_L4L6;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01006827 ctx->xprt_st &= ~SSL_SOCK_SEND_UNLIMITED;
Willy Tarreau787db9a2018-06-14 18:31:46 +02006828 count -= ret;
Emeric Brun46591952012-05-18 15:47:34 +02006829 done += ret;
Emeric Brun46591952012-05-18 15:47:34 +02006830 }
6831 else {
Olivier Houchard66ab4982019-02-26 18:37:15 +01006832 ret = SSL_get_error(ctx->ssl, ret);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006833
Emeric Brun46591952012-05-18 15:47:34 +02006834 if (ret == SSL_ERROR_WANT_WRITE) {
Olivier Houchard66ab4982019-02-26 18:37:15 +01006835 if (SSL_renegotiate_pending(ctx->ssl)) {
Emeric Brun282a76a2012-11-08 18:02:56 +01006836 /* handshake is running, and it may need to re-enable write */
6837 conn->flags |= CO_FL_SSL_WAIT_HS;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006838 ctx->xprt->subscribe(conn, ctx->xprt_ctx, SUB_RETRY_SEND, &ctx->wait_event);
Willy Tarreau5db847a2019-05-09 14:13:35 +02006839#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +00006840 /* Async mode can be re-enabled, because we're leaving data state.*/
6841 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +01006842 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +00006843#endif
Emeric Brun282a76a2012-11-08 18:02:56 +01006844 break;
6845 }
Olivier Houchardea8dd942019-05-20 14:02:16 +02006846
Emeric Brun46591952012-05-18 15:47:34 +02006847 break;
6848 }
6849 else if (ret == SSL_ERROR_WANT_READ) {
Emeric Brun8af8dd12012-11-08 17:56:20 +01006850 /* handshake is running, and it needs to enable read */
Emeric Brun46591952012-05-18 15:47:34 +02006851 conn->flags |= CO_FL_SSL_WAIT_HS;
Olivier Houchardea8dd942019-05-20 14:02:16 +02006852 ctx->xprt->subscribe(conn, ctx->xprt_ctx,
6853 SUB_RETRY_RECV,
6854 &ctx->wait_event);
Willy Tarreau5db847a2019-05-09 14:13:35 +02006855#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brunb5e42a82017-06-06 12:35:14 +00006856 /* Async mode can be re-enabled, because we're leaving data state.*/
6857 if (global_ssl.async)
Olivier Houchard66ab4982019-02-26 18:37:15 +01006858 SSL_set_mode(ctx->ssl, SSL_MODE_ASYNC);
Emeric Brunb5e42a82017-06-06 12:35:14 +00006859#endif
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006860 break;
6861 }
Emeric Brun46591952012-05-18 15:47:34 +02006862 goto out_error;
6863 }
6864 }
Willy Tarreau31d4dbe2017-10-25 09:32:15 +02006865 leave:
Emeric Brun46591952012-05-18 15:47:34 +02006866 return done;
6867
6868 out_error:
Emeric Brun644cde02012-12-14 11:21:13 +01006869 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02006870 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +01006871 ERR_clear_error();
6872
Emeric Brun46591952012-05-18 15:47:34 +02006873 conn->flags |= CO_FL_ERROR;
Willy Tarreau31d4dbe2017-10-25 09:32:15 +02006874 goto leave;
Emeric Brun46591952012-05-18 15:47:34 +02006875}
6876
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006877static void ssl_sock_close(struct connection *conn, void *xprt_ctx) {
Emeric Brun46591952012-05-18 15:47:34 +02006878
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006879 struct ssl_sock_ctx *ctx = xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006880
Olivier Houchardea8dd942019-05-20 14:02:16 +02006881
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006882 if (ctx) {
Olivier Houchardea8dd942019-05-20 14:02:16 +02006883 if (ctx->wait_event.events != 0)
6884 ctx->xprt->unsubscribe(ctx->conn, ctx->xprt_ctx,
6885 ctx->wait_event.events,
6886 &ctx->wait_event);
Willy Tarreau113d52b2020-01-10 09:20:26 +01006887 if (ctx->subs) {
6888 ctx->subs->events = 0;
6889 tasklet_wakeup(ctx->subs->tasklet);
Olivier Houchardea8dd942019-05-20 14:02:16 +02006890 }
Willy Tarreau113d52b2020-01-10 09:20:26 +01006891
Olivier Houchard692c1d02019-05-23 18:41:47 +02006892 if (ctx->xprt->close)
6893 ctx->xprt->close(conn, ctx->xprt_ctx);
Willy Tarreau5db847a2019-05-09 14:13:35 +02006894#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Emeric Brun3854e012017-05-17 20:42:48 +02006895 if (global_ssl.async) {
6896 OSSL_ASYNC_FD all_fd[32], afd;
6897 size_t num_all_fds = 0;
6898 int i;
6899
Olivier Houchard66ab4982019-02-26 18:37:15 +01006900 SSL_get_all_async_fds(ctx->ssl, NULL, &num_all_fds);
Emeric Brun3854e012017-05-17 20:42:48 +02006901 if (num_all_fds > 32) {
6902 send_log(NULL, LOG_EMERG, "haproxy: openssl returns too many async fds. It seems a bug. Process may crash\n");
6903 return;
6904 }
6905
Olivier Houchard66ab4982019-02-26 18:37:15 +01006906 SSL_get_all_async_fds(ctx->ssl, all_fd, &num_all_fds);
Emeric Brun3854e012017-05-17 20:42:48 +02006907
6908 /* If an async job is pending, we must try to
6909 to catch the end using polling before calling
6910 SSL_free */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006911 if (num_all_fds && SSL_waiting_for_async(ctx->ssl)) {
Emeric Brun3854e012017-05-17 20:42:48 +02006912 for (i=0 ; i < num_all_fds ; i++) {
6913 /* switch on an handler designed to
6914 * handle the SSL_free
6915 */
6916 afd = all_fd[i];
6917 fdtab[afd].iocb = ssl_async_fd_free;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006918 fdtab[afd].owner = ctx->ssl;
Emeric Brun3854e012017-05-17 20:42:48 +02006919 fd_want_recv(afd);
Emeric Brunce9e01c2017-05-31 10:02:53 +00006920 /* To ensure that the fd cache won't be used
6921 * and we'll catch a real RD event.
6922 */
6923 fd_cant_recv(afd);
Emeric Brun3854e012017-05-17 20:42:48 +02006924 }
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006925 tasklet_free(ctx->wait_event.tasklet);
Olivier Houchard66ab4982019-02-26 18:37:15 +01006926 pool_free(ssl_sock_ctx_pool, ctx);
Olivier Houchard2be5a4c2019-03-08 18:54:43 +01006927 _HA_ATOMIC_ADD(&jobs, 1);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006928 return;
6929 }
Emeric Brun3854e012017-05-17 20:42:48 +02006930 /* Else we can remove the fds from the fdtab
6931 * and call SSL_free.
6932 * note: we do a fd_remove and not a delete
6933 * because the fd is owned by the engine.
6934 * the engine is responsible to close
6935 */
6936 for (i=0 ; i < num_all_fds ; i++)
6937 fd_remove(all_fd[i]);
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00006938 }
6939#endif
Olivier Houchard66ab4982019-02-26 18:37:15 +01006940 SSL_free(ctx->ssl);
Olivier Houchard54907bb2019-12-19 15:02:39 +01006941 b_free(&ctx->early_buf);
Willy Tarreau3c39a7d2019-06-14 14:42:29 +02006942 tasklet_free(ctx->wait_event.tasklet);
Olivier Houchard66ab4982019-02-26 18:37:15 +01006943 pool_free(ssl_sock_ctx_pool, ctx);
Olivier Houchard2be5a4c2019-03-08 18:54:43 +01006944 _HA_ATOMIC_SUB(&sslconns, 1);
Emeric Brun46591952012-05-18 15:47:34 +02006945 }
Emeric Brun46591952012-05-18 15:47:34 +02006946}
6947
6948/* This function tries to perform a clean shutdown on an SSL connection, and in
6949 * any case, flags the connection as reusable if no handshake was in progress.
6950 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006951static void ssl_sock_shutw(struct connection *conn, void *xprt_ctx, int clean)
Emeric Brun46591952012-05-18 15:47:34 +02006952{
Olivier Houcharde179d0e2019-03-21 18:27:17 +01006953 struct ssl_sock_ctx *ctx = xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01006954
Willy Tarreau911db9b2020-01-23 16:27:54 +01006955 if (conn->flags & (CO_FL_WAIT_XPRT | CO_FL_SSL_WAIT_HS))
Emeric Brun46591952012-05-18 15:47:34 +02006956 return;
Emmanuel Hocdet405ff312017-01-08 14:07:39 +01006957 if (!clean)
6958 /* don't sent notify on SSL_shutdown */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006959 SSL_set_quiet_shutdown(ctx->ssl, 1);
Emeric Brun46591952012-05-18 15:47:34 +02006960 /* no handshake was in progress, try a clean ssl shutdown */
Olivier Houchard66ab4982019-02-26 18:37:15 +01006961 if (SSL_shutdown(ctx->ssl) <= 0) {
Emeric Brun644cde02012-12-14 11:21:13 +01006962 /* Clear openssl global errors stack */
Thierry FOURNIER / OZON.IO8b068c22016-10-10 11:59:50 +02006963 ssl_sock_dump_errors(conn);
Emeric Brun644cde02012-12-14 11:21:13 +01006964 ERR_clear_error();
6965 }
Emeric Brun46591952012-05-18 15:47:34 +02006966}
6967
William Lallemandd4f946c2019-12-05 10:26:40 +01006968/* fill a buffer with the algorithm and size of a public key */
6969static int cert_get_pkey_algo(X509 *crt, struct buffer *out)
Emmanuel Hocdet96b78342017-10-31 15:46:07 +01006970{
Emmanuel Hocdet96b78342017-10-31 15:46:07 +01006971 int bits = 0;
6972 int sig = TLSEXT_signature_anonymous;
6973 int len = -1;
Emmanuel Hocdetc3775d22019-11-04 18:19:32 +01006974 EVP_PKEY *pkey;
Emmanuel Hocdet96b78342017-10-31 15:46:07 +01006975
Emmanuel Hocdetc3775d22019-11-04 18:19:32 +01006976 pkey = X509_get_pubkey(crt);
6977 if (pkey) {
6978 bits = EVP_PKEY_bits(pkey);
6979 switch(EVP_PKEY_base_id(pkey)) {
6980 case EVP_PKEY_RSA:
6981 sig = TLSEXT_signature_rsa;
6982 break;
6983 case EVP_PKEY_EC:
6984 sig = TLSEXT_signature_ecdsa;
6985 break;
6986 case EVP_PKEY_DSA:
6987 sig = TLSEXT_signature_dsa;
6988 break;
Emmanuel Hocdet96b78342017-10-31 15:46:07 +01006989 }
Emmanuel Hocdetc3775d22019-11-04 18:19:32 +01006990 EVP_PKEY_free(pkey);
Emmanuel Hocdet96b78342017-10-31 15:46:07 +01006991 }
6992
6993 switch(sig) {
6994 case TLSEXT_signature_rsa:
6995 len = chunk_printf(out, "RSA%d", bits);
6996 break;
6997 case TLSEXT_signature_ecdsa:
6998 len = chunk_printf(out, "EC%d", bits);
6999 break;
7000 case TLSEXT_signature_dsa:
7001 len = chunk_printf(out, "DSA%d", bits);
7002 break;
7003 default:
7004 return 0;
7005 }
7006 if (len < 0)
7007 return 0;
7008 return 1;
7009}
7010
William Lallemandd4f946c2019-12-05 10:26:40 +01007011/* used for ppv2 pkey alog (can be used for logging) */
7012int ssl_sock_get_pkey_algo(struct connection *conn, struct buffer *out)
7013{
7014 struct ssl_sock_ctx *ctx;
7015 X509 *crt;
7016
7017 if (!ssl_sock_is_ssl(conn))
7018 return 0;
7019
7020 ctx = conn->xprt_ctx;
7021
7022 crt = SSL_get_certificate(ctx->ssl);
7023 if (!crt)
7024 return 0;
7025
7026 return cert_get_pkey_algo(crt, out);
7027}
7028
Emmanuel Hocdet283e0042017-11-02 14:05:23 +01007029/* used for ppv2 cert signature (can be used for logging) */
7030const char *ssl_sock_get_cert_sig(struct connection *conn)
7031{
Christopher Faulet82004142019-09-10 10:12:03 +02007032 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007033
Emmanuel Hocdet283e0042017-11-02 14:05:23 +01007034 __OPENSSL_110_CONST__ ASN1_OBJECT *algorithm;
7035 X509 *crt;
7036
7037 if (!ssl_sock_is_ssl(conn))
7038 return NULL;
Christopher Faulet82004142019-09-10 10:12:03 +02007039 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007040 crt = SSL_get_certificate(ctx->ssl);
Emmanuel Hocdet283e0042017-11-02 14:05:23 +01007041 if (!crt)
7042 return NULL;
7043 X509_ALGOR_get0(&algorithm, NULL, NULL, X509_get0_tbs_sigalg(crt));
7044 return OBJ_nid2sn(OBJ_obj2nid(algorithm));
7045}
7046
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +01007047/* used for ppv2 authority */
7048const char *ssl_sock_get_sni(struct connection *conn)
7049{
7050#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Christopher Faulet82004142019-09-10 10:12:03 +02007051 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007052
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +01007053 if (!ssl_sock_is_ssl(conn))
7054 return NULL;
Christopher Faulet82004142019-09-10 10:12:03 +02007055 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007056 return SSL_get_servername(ctx->ssl, TLSEXT_NAMETYPE_host_name);
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +01007057#else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007058 return NULL;
Emmanuel Hocdet253c3b72018-02-01 18:29:59 +01007059#endif
7060}
7061
Emmanuel Hocdet01da5712017-10-13 16:59:49 +02007062/* used for logging/ppv2, may be changed for a sample fetch later */
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007063const char *ssl_sock_get_cipher_name(struct connection *conn)
7064{
Christopher Faulet82004142019-09-10 10:12:03 +02007065 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007066
Emmanuel Hocdet01da5712017-10-13 16:59:49 +02007067 if (!ssl_sock_is_ssl(conn))
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007068 return NULL;
Christopher Faulet82004142019-09-10 10:12:03 +02007069 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007070 return SSL_get_cipher_name(ctx->ssl);
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007071}
7072
Emmanuel Hocdet01da5712017-10-13 16:59:49 +02007073/* used for logging/ppv2, may be changed for a sample fetch later */
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007074const char *ssl_sock_get_proto_version(struct connection *conn)
7075{
Christopher Faulet82004142019-09-10 10:12:03 +02007076 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007077
Emmanuel Hocdet01da5712017-10-13 16:59:49 +02007078 if (!ssl_sock_is_ssl(conn))
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007079 return NULL;
Christopher Faulet82004142019-09-10 10:12:03 +02007080 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007081 return SSL_get_version(ctx->ssl);
Willy Tarreauffc3fcd2012-10-12 20:17:54 +02007082}
7083
Willy Tarreau8d598402012-10-22 17:58:39 +02007084/* Extract a serial from a cert, and copy it to a chunk.
7085 * Returns 1 if serial is found and copied, 0 if no serial found and
7086 * -1 if output is not large enough.
7087 */
7088static int
Willy Tarreau83061a82018-07-13 11:56:34 +02007089ssl_sock_get_serial(X509 *crt, struct buffer *out)
Willy Tarreau8d598402012-10-22 17:58:39 +02007090{
7091 ASN1_INTEGER *serial;
7092
7093 serial = X509_get_serialNumber(crt);
7094 if (!serial)
7095 return 0;
7096
7097 if (out->size < serial->length)
7098 return -1;
7099
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007100 memcpy(out->area, serial->data, serial->length);
7101 out->data = serial->length;
Willy Tarreau8d598402012-10-22 17:58:39 +02007102 return 1;
7103}
7104
Emeric Brun43e79582014-10-29 19:03:26 +01007105/* Extract a cert to der, and copy it to a chunk.
Joseph Herlant017b3da2018-11-15 09:07:59 -08007106 * Returns 1 if the cert is found and copied, 0 on der conversion failure
7107 * and -1 if the output is not large enough.
Emeric Brun43e79582014-10-29 19:03:26 +01007108 */
7109static int
Willy Tarreau83061a82018-07-13 11:56:34 +02007110ssl_sock_crt2der(X509 *crt, struct buffer *out)
Emeric Brun43e79582014-10-29 19:03:26 +01007111{
7112 int len;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007113 unsigned char *p = (unsigned char *) out->area;;
Emeric Brun43e79582014-10-29 19:03:26 +01007114
7115 len =i2d_X509(crt, NULL);
7116 if (len <= 0)
7117 return 1;
7118
7119 if (out->size < len)
7120 return -1;
7121
7122 i2d_X509(crt,&p);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007123 out->data = len;
Emeric Brun43e79582014-10-29 19:03:26 +01007124 return 1;
7125}
7126
Emeric Brunce5ad802012-10-22 14:11:22 +02007127
Willy Tarreau83061a82018-07-13 11:56:34 +02007128/* Copy Date in ASN1_UTCTIME format in struct buffer out.
Emeric Brunce5ad802012-10-22 14:11:22 +02007129 * Returns 1 if serial is found and copied, 0 if no valid time found
7130 * and -1 if output is not large enough.
7131 */
7132static int
Willy Tarreau83061a82018-07-13 11:56:34 +02007133ssl_sock_get_time(ASN1_TIME *tm, struct buffer *out)
Emeric Brunce5ad802012-10-22 14:11:22 +02007134{
7135 if (tm->type == V_ASN1_GENERALIZEDTIME) {
7136 ASN1_GENERALIZEDTIME *gentm = (ASN1_GENERALIZEDTIME *)tm;
7137
7138 if (gentm->length < 12)
7139 return 0;
7140 if (gentm->data[0] != 0x32 || gentm->data[1] != 0x30)
7141 return 0;
7142 if (out->size < gentm->length-2)
7143 return -1;
7144
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007145 memcpy(out->area, gentm->data+2, gentm->length-2);
7146 out->data = gentm->length-2;
Emeric Brunce5ad802012-10-22 14:11:22 +02007147 return 1;
7148 }
7149 else if (tm->type == V_ASN1_UTCTIME) {
7150 ASN1_UTCTIME *utctm = (ASN1_UTCTIME *)tm;
7151
7152 if (utctm->length < 10)
7153 return 0;
7154 if (utctm->data[0] >= 0x35)
7155 return 0;
7156 if (out->size < utctm->length)
7157 return -1;
7158
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007159 memcpy(out->area, utctm->data, utctm->length);
7160 out->data = utctm->length;
Emeric Brunce5ad802012-10-22 14:11:22 +02007161 return 1;
7162 }
7163
7164 return 0;
7165}
7166
Emeric Brun87855892012-10-17 17:39:35 +02007167/* Extract an entry from a X509_NAME and copy its value to an output chunk.
7168 * Returns 1 if entry found, 0 if entry not found, or -1 if output not large enough.
7169 */
7170static int
Willy Tarreau83061a82018-07-13 11:56:34 +02007171ssl_sock_get_dn_entry(X509_NAME *a, const struct buffer *entry, int pos,
7172 struct buffer *out)
Emeric Brun87855892012-10-17 17:39:35 +02007173{
7174 X509_NAME_ENTRY *ne;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007175 ASN1_OBJECT *obj;
7176 ASN1_STRING *data;
7177 const unsigned char *data_ptr;
7178 int data_len;
Emeric Brun87855892012-10-17 17:39:35 +02007179 int i, j, n;
7180 int cur = 0;
7181 const char *s;
7182 char tmp[128];
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007183 int name_count;
7184
7185 name_count = X509_NAME_entry_count(a);
Emeric Brun87855892012-10-17 17:39:35 +02007186
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007187 out->data = 0;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007188 for (i = 0; i < name_count; i++) {
Emeric Brun87855892012-10-17 17:39:35 +02007189 if (pos < 0)
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007190 j = (name_count-1) - i;
Emeric Brun87855892012-10-17 17:39:35 +02007191 else
7192 j = i;
7193
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007194 ne = X509_NAME_get_entry(a, j);
7195 obj = X509_NAME_ENTRY_get_object(ne);
7196 data = X509_NAME_ENTRY_get_data(ne);
7197 data_ptr = ASN1_STRING_get0_data(data);
7198 data_len = ASN1_STRING_length(data);
7199 n = OBJ_obj2nid(obj);
Emeric Brun87855892012-10-17 17:39:35 +02007200 if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007201 i2t_ASN1_OBJECT(tmp, sizeof(tmp), obj);
Emeric Brun87855892012-10-17 17:39:35 +02007202 s = tmp;
7203 }
7204
7205 if (chunk_strcasecmp(entry, s) != 0)
7206 continue;
7207
7208 if (pos < 0)
7209 cur--;
7210 else
7211 cur++;
7212
7213 if (cur != pos)
7214 continue;
7215
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007216 if (data_len > out->size)
Emeric Brun87855892012-10-17 17:39:35 +02007217 return -1;
7218
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007219 memcpy(out->area, data_ptr, data_len);
7220 out->data = data_len;
Emeric Brun87855892012-10-17 17:39:35 +02007221 return 1;
7222 }
7223
7224 return 0;
7225
William Lallemandd4f946c2019-12-05 10:26:40 +01007226}
7227
7228/*
7229 * Extract and format the DNS SAN extensions and copy result into a chuink
7230 * Return 0;
7231 */
7232#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
7233static int ssl_sock_get_san_oneline(X509 *cert, struct buffer *out)
7234{
7235 int i;
7236 char *str;
7237 STACK_OF(GENERAL_NAME) *names = NULL;
7238
7239 names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
7240 if (names) {
7241 for (i = 0; i < sk_GENERAL_NAME_num(names); i++) {
7242 GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
7243 if (i > 0)
7244 chunk_appendf(out, ", ");
7245 if (name->type == GEN_DNS) {
7246 if (ASN1_STRING_to_UTF8((unsigned char **)&str, name->d.dNSName) >= 0) {
7247 chunk_appendf(out, "DNS:%s", str);
7248 OPENSSL_free(str);
7249 }
7250 }
7251 }
7252 sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
7253 }
7254 return 0;
Emeric Brun87855892012-10-17 17:39:35 +02007255}
William Lallemandd4f946c2019-12-05 10:26:40 +01007256#endif
Emeric Brun87855892012-10-17 17:39:35 +02007257
Elliot Otchet71f82972020-01-15 08:12:14 -05007258/*
7259 * Extract the DN in the specified format from the X509_NAME and copy result to a chunk.
7260 * Currently supports rfc2253 for returning LDAP V3 DNs.
7261 * Returns 1 if dn entries exist, 0 if no dn entry was found.
7262 */
7263static int
7264ssl_sock_get_dn_formatted(X509_NAME *a, const struct buffer *format, struct buffer *out)
7265{
7266 BIO *bio = NULL;
7267 int ret = 0;
7268 int data_len = 0;
7269
7270 if (chunk_strcmp(format, "rfc2253") == 0) {
7271 bio = BIO_new(BIO_s_mem());
7272 if (bio == NULL)
7273 goto out;
7274
7275 if (X509_NAME_print_ex(bio, a, 0, XN_FLAG_RFC2253) < 0)
7276 goto out;
7277
7278 if ((data_len = BIO_read(bio, out->area, out->size)) <= 0)
7279 goto out;
7280
7281 out->data = data_len;
7282
7283 ret = 1;
7284 }
7285out:
7286 if (bio)
7287 BIO_free(bio);
7288 return ret;
7289}
7290
Emeric Brun87855892012-10-17 17:39:35 +02007291/* Extract and format full DN from a X509_NAME and copy result into a chunk
7292 * Returns 1 if dn entries exits, 0 if no dn entry found or -1 if output is not large enough.
7293 */
7294static int
Willy Tarreau83061a82018-07-13 11:56:34 +02007295ssl_sock_get_dn_oneline(X509_NAME *a, struct buffer *out)
Emeric Brun87855892012-10-17 17:39:35 +02007296{
7297 X509_NAME_ENTRY *ne;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007298 ASN1_OBJECT *obj;
7299 ASN1_STRING *data;
7300 const unsigned char *data_ptr;
7301 int data_len;
Emeric Brun87855892012-10-17 17:39:35 +02007302 int i, n, ln;
7303 int l = 0;
7304 const char *s;
7305 char *p;
7306 char tmp[128];
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007307 int name_count;
7308
7309
7310 name_count = X509_NAME_entry_count(a);
Emeric Brun87855892012-10-17 17:39:35 +02007311
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007312 out->data = 0;
7313 p = out->area;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007314 for (i = 0; i < name_count; i++) {
7315 ne = X509_NAME_get_entry(a, i);
7316 obj = X509_NAME_ENTRY_get_object(ne);
7317 data = X509_NAME_ENTRY_get_data(ne);
7318 data_ptr = ASN1_STRING_get0_data(data);
7319 data_len = ASN1_STRING_length(data);
7320 n = OBJ_obj2nid(obj);
Emeric Brun87855892012-10-17 17:39:35 +02007321 if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007322 i2t_ASN1_OBJECT(tmp, sizeof(tmp), obj);
Emeric Brun87855892012-10-17 17:39:35 +02007323 s = tmp;
7324 }
7325 ln = strlen(s);
7326
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007327 l += 1 + ln + 1 + data_len;
Emeric Brun87855892012-10-17 17:39:35 +02007328 if (l > out->size)
7329 return -1;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007330 out->data = l;
Emeric Brun87855892012-10-17 17:39:35 +02007331
7332 *(p++)='/';
7333 memcpy(p, s, ln);
7334 p += ln;
7335 *(p++)='=';
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007336 memcpy(p, data_ptr, data_len);
7337 p += data_len;
Emeric Brun87855892012-10-17 17:39:35 +02007338 }
7339
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007340 if (!out->data)
Emeric Brun87855892012-10-17 17:39:35 +02007341 return 0;
7342
7343 return 1;
7344}
7345
Olivier Houchardab28a322018-12-21 19:45:40 +01007346void ssl_sock_set_alpn(struct connection *conn, const unsigned char *alpn, int len)
7347{
7348#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Christopher Faulet82004142019-09-10 10:12:03 +02007349 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007350
Olivier Houcharde488ea82019-06-28 14:10:33 +02007351 if (!ssl_sock_is_ssl(conn))
7352 return;
Christopher Faulet82004142019-09-10 10:12:03 +02007353 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007354 SSL_set_alpn_protos(ctx->ssl, alpn, len);
Olivier Houchardab28a322018-12-21 19:45:40 +01007355#endif
7356}
7357
Willy Tarreau119a4082016-12-22 21:58:38 +01007358/* Sets advertised SNI for outgoing connections. Please set <hostname> to NULL
7359 * to disable SNI.
7360 */
Willy Tarreau63076412015-07-10 11:33:32 +02007361void ssl_sock_set_servername(struct connection *conn, const char *hostname)
7362{
7363#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Christopher Faulet82004142019-09-10 10:12:03 +02007364 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007365
Willy Tarreau119a4082016-12-22 21:58:38 +01007366 char *prev_name;
7367
Willy Tarreau63076412015-07-10 11:33:32 +02007368 if (!ssl_sock_is_ssl(conn))
7369 return;
Christopher Faulet82004142019-09-10 10:12:03 +02007370 ctx = conn->xprt_ctx;
Willy Tarreau63076412015-07-10 11:33:32 +02007371
Willy Tarreau119a4082016-12-22 21:58:38 +01007372 /* if the SNI changes, we must destroy the reusable context so that a
7373 * new connection will present a new SNI. As an optimization we could
7374 * later imagine having a small cache of ssl_ctx to hold a few SNI per
7375 * server.
7376 */
Olivier Houchard66ab4982019-02-26 18:37:15 +01007377 prev_name = (char *)SSL_get_servername(ctx->ssl, TLSEXT_NAMETYPE_host_name);
Willy Tarreau119a4082016-12-22 21:58:38 +01007378 if ((!prev_name && hostname) ||
7379 (prev_name && (!hostname || strcmp(hostname, prev_name) != 0)))
Olivier Houchard66ab4982019-02-26 18:37:15 +01007380 SSL_set_session(ctx->ssl, NULL);
Willy Tarreau119a4082016-12-22 21:58:38 +01007381
Olivier Houchard66ab4982019-02-26 18:37:15 +01007382 SSL_set_tlsext_host_name(ctx->ssl, hostname);
Willy Tarreau63076412015-07-10 11:33:32 +02007383#endif
7384}
7385
Emeric Brun0abf8362014-06-24 18:26:41 +02007386/* Extract peer certificate's common name into the chunk dest
7387 * Returns
7388 * the len of the extracted common name
7389 * or 0 if no CN found in DN
7390 * or -1 on error case (i.e. no peer certificate)
7391 */
Willy Tarreau83061a82018-07-13 11:56:34 +02007392int ssl_sock_get_remote_common_name(struct connection *conn,
7393 struct buffer *dest)
David Safb76832014-05-08 23:42:08 -04007394{
Christopher Faulet82004142019-09-10 10:12:03 +02007395 struct ssl_sock_ctx *ctx;
David Safb76832014-05-08 23:42:08 -04007396 X509 *crt = NULL;
7397 X509_NAME *name;
David Safb76832014-05-08 23:42:08 -04007398 const char find_cn[] = "CN";
Willy Tarreau83061a82018-07-13 11:56:34 +02007399 const struct buffer find_cn_chunk = {
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007400 .area = (char *)&find_cn,
7401 .data = sizeof(find_cn)-1
David Safb76832014-05-08 23:42:08 -04007402 };
Emeric Brun0abf8362014-06-24 18:26:41 +02007403 int result = -1;
David Safb76832014-05-08 23:42:08 -04007404
7405 if (!ssl_sock_is_ssl(conn))
Emeric Brun0abf8362014-06-24 18:26:41 +02007406 goto out;
Christopher Faulet82004142019-09-10 10:12:03 +02007407 ctx = conn->xprt_ctx;
David Safb76832014-05-08 23:42:08 -04007408
7409 /* SSL_get_peer_certificate, it increase X509 * ref count */
Olivier Houchard66ab4982019-02-26 18:37:15 +01007410 crt = SSL_get_peer_certificate(ctx->ssl);
David Safb76832014-05-08 23:42:08 -04007411 if (!crt)
7412 goto out;
7413
7414 name = X509_get_subject_name(crt);
7415 if (!name)
7416 goto out;
David Safb76832014-05-08 23:42:08 -04007417
Emeric Brun0abf8362014-06-24 18:26:41 +02007418 result = ssl_sock_get_dn_entry(name, &find_cn_chunk, 1, dest);
7419out:
David Safb76832014-05-08 23:42:08 -04007420 if (crt)
7421 X509_free(crt);
7422
7423 return result;
7424}
7425
Dave McCowan328fb582014-07-30 10:39:13 -04007426/* returns 1 if client passed a certificate for this session, 0 if not */
7427int ssl_sock_get_cert_used_sess(struct connection *conn)
7428{
Christopher Faulet82004142019-09-10 10:12:03 +02007429 struct ssl_sock_ctx *ctx;
Dave McCowan328fb582014-07-30 10:39:13 -04007430 X509 *crt = NULL;
7431
7432 if (!ssl_sock_is_ssl(conn))
7433 return 0;
Christopher Faulet82004142019-09-10 10:12:03 +02007434 ctx = conn->xprt_ctx;
Dave McCowan328fb582014-07-30 10:39:13 -04007435
7436 /* SSL_get_peer_certificate, it increase X509 * ref count */
Olivier Houchard66ab4982019-02-26 18:37:15 +01007437 crt = SSL_get_peer_certificate(ctx->ssl);
Dave McCowan328fb582014-07-30 10:39:13 -04007438 if (!crt)
7439 return 0;
7440
7441 X509_free(crt);
7442 return 1;
7443}
7444
7445/* returns 1 if client passed a certificate for this connection, 0 if not */
7446int ssl_sock_get_cert_used_conn(struct connection *conn)
David Safb76832014-05-08 23:42:08 -04007447{
Christopher Faulet82004142019-09-10 10:12:03 +02007448 struct ssl_sock_ctx *ctx;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007449
David Safb76832014-05-08 23:42:08 -04007450 if (!ssl_sock_is_ssl(conn))
7451 return 0;
Christopher Faulet82004142019-09-10 10:12:03 +02007452 ctx = conn->xprt_ctx;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007453 return SSL_SOCK_ST_FL_VERIFY_DONE & ctx->xprt_st ? 1 : 0;
David Safb76832014-05-08 23:42:08 -04007454}
7455
7456/* returns result from SSL verify */
7457unsigned int ssl_sock_get_verify_result(struct connection *conn)
7458{
Christopher Faulet82004142019-09-10 10:12:03 +02007459 struct ssl_sock_ctx *ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007460
David Safb76832014-05-08 23:42:08 -04007461 if (!ssl_sock_is_ssl(conn))
7462 return (unsigned int)X509_V_ERR_APPLICATION_VERIFICATION;
Christopher Faulet82004142019-09-10 10:12:03 +02007463 ctx = conn->xprt_ctx;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007464 return (unsigned int)SSL_get_verify_result(ctx->ssl);
David Safb76832014-05-08 23:42:08 -04007465}
7466
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007467/* Returns the application layer protocol name in <str> and <len> when known.
7468 * Zero is returned if the protocol name was not found, otherwise non-zero is
7469 * returned. The string is allocated in the SSL context and doesn't have to be
7470 * freed by the caller. NPN is also checked if available since older versions
7471 * of openssl (1.0.1) which are more common in field only support this one.
7472 */
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007473static int ssl_sock_get_alpn(const struct connection *conn, void *xprt_ctx, const char **str, int *len)
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007474{
Olivier Houchard66ab4982019-02-26 18:37:15 +01007475#if defined(TLSEXT_TYPE_application_layer_protocol_negotiation) || \
7476 defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007477 struct ssl_sock_ctx *ctx = xprt_ctx;
7478 if (!ctx)
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007479 return 0;
7480
7481 *str = NULL;
7482
7483#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Olivier Houchard66ab4982019-02-26 18:37:15 +01007484 SSL_get0_alpn_selected(ctx->ssl, (const unsigned char **)str, (unsigned *)len);
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007485 if (*str)
7486 return 1;
7487#endif
Bernard Spil13c53f82018-02-15 13:34:58 +01007488#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007489 SSL_get0_next_proto_negotiated(ctx->ssl, (const unsigned char **)str, (unsigned *)len);
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007490 if (*str)
7491 return 1;
7492#endif
Olivier Houcharde179d0e2019-03-21 18:27:17 +01007493#endif
Willy Tarreau8743f7e2016-12-04 18:44:29 +01007494 return 0;
7495}
7496
Willy Tarreau7875d092012-09-10 08:20:03 +02007497/***** Below are some sample fetching functions for ACL/patterns *****/
7498
Olivier Houchardccaa7de2017-10-02 11:51:03 +02007499static int
7500smp_fetch_ssl_fc_has_early(const struct arg *args, struct sample *smp, const char *kw, void *private)
7501{
7502 struct connection *conn;
7503
7504 conn = objt_conn(smp->sess->origin);
7505 if (!conn || conn->xprt != &ssl_sock)
7506 return 0;
7507
7508 smp->flags = 0;
7509 smp->data.type = SMP_T_BOOL;
Emmanuel Hocdetc9858012019-08-07 14:44:49 +02007510#ifdef OPENSSL_IS_BORINGSSL
7511 {
7512 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
7513 smp->data.u.sint = (SSL_in_early_data(ctx->ssl) &&
7514 SSL_early_data_accepted(ctx->ssl));
7515 }
7516#else
Olivier Houchard25ae45a2017-11-29 19:51:19 +01007517 smp->data.u.sint = ((conn->flags & CO_FL_EARLY_DATA) &&
Olivier Houchard220a26c2020-01-23 14:57:36 +01007518 (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_SSL_WAIT_HS))) ? 1 : 0;
Emmanuel Hocdetc9858012019-08-07 14:44:49 +02007519#endif
Olivier Houchardccaa7de2017-10-02 11:51:03 +02007520 return 1;
7521}
7522
Emeric Brune64aef12012-09-21 13:15:06 +02007523/* boolean, returns true if client cert was present */
7524static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007525smp_fetch_ssl_fc_has_crt(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brune64aef12012-09-21 13:15:06 +02007526{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007527 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007528 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007529
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007530 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007531 if (!conn || conn->xprt != &ssl_sock)
Emeric Brune64aef12012-09-21 13:15:06 +02007532 return 0;
7533
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007534 ctx = conn->xprt_ctx;
7535
Willy Tarreau911db9b2020-01-23 16:27:54 +01007536 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brune64aef12012-09-21 13:15:06 +02007537 smp->flags |= SMP_F_MAY_CHANGE;
7538 return 0;
7539 }
7540
7541 smp->flags = 0;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007542 smp->data.type = SMP_T_BOOL;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01007543 smp->data.u.sint = SSL_SOCK_ST_FL_VERIFY_DONE & ctx->xprt_st ? 1 : 0;
Emeric Brune64aef12012-09-21 13:15:06 +02007544
7545 return 1;
7546}
7547
Emeric Brun43e79582014-10-29 19:03:26 +01007548/* binary, returns a certificate in a binary chunk (der/raw).
7549 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7550 * should be use.
7551 */
7552static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007553smp_fetch_ssl_x_der(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun43e79582014-10-29 19:03:26 +01007554{
7555 int cert_peer = (kw[4] == 'c') ? 1 : 0;
7556 X509 *crt = NULL;
7557 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007558 struct buffer *smp_trash;
Emeric Brun43e79582014-10-29 19:03:26 +01007559 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007560 struct ssl_sock_ctx *ctx;
Emeric Brun43e79582014-10-29 19:03:26 +01007561
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007562 conn = objt_conn(smp->sess->origin);
Emeric Brun43e79582014-10-29 19:03:26 +01007563 if (!conn || conn->xprt != &ssl_sock)
7564 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007565 ctx = conn->xprt_ctx;
Emeric Brun43e79582014-10-29 19:03:26 +01007566
Willy Tarreau911db9b2020-01-23 16:27:54 +01007567 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun43e79582014-10-29 19:03:26 +01007568 smp->flags |= SMP_F_MAY_CHANGE;
7569 return 0;
7570 }
7571
7572 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007573 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brun43e79582014-10-29 19:03:26 +01007574 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007575 crt = SSL_get_certificate(ctx->ssl);
Emeric Brun43e79582014-10-29 19:03:26 +01007576
7577 if (!crt)
7578 goto out;
7579
7580 smp_trash = get_trash_chunk();
7581 if (ssl_sock_crt2der(crt, smp_trash) <= 0)
7582 goto out;
7583
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007584 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007585 smp->data.type = SMP_T_BIN;
Emeric Brun43e79582014-10-29 19:03:26 +01007586 ret = 1;
7587out:
7588 /* SSL_get_peer_certificate, it increase X509 * ref count */
7589 if (cert_peer && crt)
7590 X509_free(crt);
7591 return ret;
7592}
7593
Emeric Brunba841a12014-04-30 17:05:08 +02007594/* binary, returns serial of certificate in a binary chunk.
7595 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7596 * should be use.
7597 */
Willy Tarreau8d598402012-10-22 17:58:39 +02007598static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007599smp_fetch_ssl_x_serial(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau8d598402012-10-22 17:58:39 +02007600{
Emeric Brunba841a12014-04-30 17:05:08 +02007601 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Willy Tarreau8d598402012-10-22 17:58:39 +02007602 X509 *crt = NULL;
7603 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007604 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007605 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007606 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007607
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007608 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007609 if (!conn || conn->xprt != &ssl_sock)
Willy Tarreau8d598402012-10-22 17:58:39 +02007610 return 0;
7611
Olivier Houchard66ab4982019-02-26 18:37:15 +01007612 ctx = conn->xprt_ctx;
7613
Willy Tarreau911db9b2020-01-23 16:27:54 +01007614 if (conn->flags & CO_FL_WAIT_XPRT) {
Willy Tarreau8d598402012-10-22 17:58:39 +02007615 smp->flags |= SMP_F_MAY_CHANGE;
7616 return 0;
7617 }
7618
Emeric Brunba841a12014-04-30 17:05:08 +02007619 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007620 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007621 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007622 crt = SSL_get_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007623
Willy Tarreau8d598402012-10-22 17:58:39 +02007624 if (!crt)
7625 goto out;
7626
Willy Tarreau47ca5452012-12-23 20:22:19 +01007627 smp_trash = get_trash_chunk();
Willy Tarreau8d598402012-10-22 17:58:39 +02007628 if (ssl_sock_get_serial(crt, smp_trash) <= 0)
7629 goto out;
7630
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007631 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007632 smp->data.type = SMP_T_BIN;
Willy Tarreau8d598402012-10-22 17:58:39 +02007633 ret = 1;
7634out:
Emeric Brunba841a12014-04-30 17:05:08 +02007635 /* SSL_get_peer_certificate, it increase X509 * ref count */
7636 if (cert_peer && crt)
Willy Tarreau8d598402012-10-22 17:58:39 +02007637 X509_free(crt);
7638 return ret;
7639}
Emeric Brune64aef12012-09-21 13:15:06 +02007640
Emeric Brunba841a12014-04-30 17:05:08 +02007641/* binary, returns the client certificate's SHA-1 fingerprint (SHA-1 hash of DER-encoded certificate) in a binary chunk.
7642 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7643 * should be use.
7644 */
James Votha051b4a2013-05-14 20:37:59 +02007645static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007646smp_fetch_ssl_x_sha1(const struct arg *args, struct sample *smp, const char *kw, void *private)
James Votha051b4a2013-05-14 20:37:59 +02007647{
Emeric Brunba841a12014-04-30 17:05:08 +02007648 int cert_peer = (kw[4] == 'c') ? 1 : 0;
James Votha051b4a2013-05-14 20:37:59 +02007649 X509 *crt = NULL;
7650 const EVP_MD *digest;
7651 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007652 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007653 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007654 struct ssl_sock_ctx *ctx;
James Votha051b4a2013-05-14 20:37:59 +02007655
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007656 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007657 if (!conn || conn->xprt != &ssl_sock)
7658 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007659 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007660
Willy Tarreau911db9b2020-01-23 16:27:54 +01007661 if (conn->flags & CO_FL_WAIT_XPRT) {
James Votha051b4a2013-05-14 20:37:59 +02007662 smp->flags |= SMP_F_MAY_CHANGE;
7663 return 0;
7664 }
7665
Emeric Brunba841a12014-04-30 17:05:08 +02007666 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007667 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007668 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007669 crt = SSL_get_certificate(ctx->ssl);
James Votha051b4a2013-05-14 20:37:59 +02007670 if (!crt)
7671 goto out;
7672
7673 smp_trash = get_trash_chunk();
7674 digest = EVP_sha1();
Willy Tarreau843b7cb2018-07-13 10:54:26 +02007675 X509_digest(crt, digest, (unsigned char *) smp_trash->area,
7676 (unsigned int *)&smp_trash->data);
James Votha051b4a2013-05-14 20:37:59 +02007677
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007678 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007679 smp->data.type = SMP_T_BIN;
James Votha051b4a2013-05-14 20:37:59 +02007680 ret = 1;
7681out:
Emeric Brunba841a12014-04-30 17:05:08 +02007682 /* SSL_get_peer_certificate, it increase X509 * ref count */
7683 if (cert_peer && crt)
James Votha051b4a2013-05-14 20:37:59 +02007684 X509_free(crt);
7685 return ret;
7686}
7687
Emeric Brunba841a12014-04-30 17:05:08 +02007688/* string, returns certificate's notafter date in ASN1_UTCTIME format.
7689 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7690 * should be use.
7691 */
Emeric Brunce5ad802012-10-22 14:11:22 +02007692static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007693smp_fetch_ssl_x_notafter(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunce5ad802012-10-22 14:11:22 +02007694{
Emeric Brunba841a12014-04-30 17:05:08 +02007695 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brunce5ad802012-10-22 14:11:22 +02007696 X509 *crt = NULL;
7697 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007698 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007699 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007700 struct ssl_sock_ctx *ctx;
Emeric Brunce5ad802012-10-22 14:11:22 +02007701
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007702 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007703 if (!conn || conn->xprt != &ssl_sock)
7704 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007705 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007706
Willy Tarreau911db9b2020-01-23 16:27:54 +01007707 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunce5ad802012-10-22 14:11:22 +02007708 smp->flags |= SMP_F_MAY_CHANGE;
7709 return 0;
7710 }
7711
Emeric Brunba841a12014-04-30 17:05:08 +02007712 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007713 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007714 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007715 crt = SSL_get_certificate(ctx->ssl);
Emeric Brunce5ad802012-10-22 14:11:22 +02007716 if (!crt)
7717 goto out;
7718
Willy Tarreau47ca5452012-12-23 20:22:19 +01007719 smp_trash = get_trash_chunk();
Rosen Penev68185952018-12-14 08:47:02 -08007720 if (ssl_sock_get_time(X509_getm_notAfter(crt), smp_trash) <= 0)
Emeric Brunce5ad802012-10-22 14:11:22 +02007721 goto out;
7722
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007723 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007724 smp->data.type = SMP_T_STR;
Emeric Brunce5ad802012-10-22 14:11:22 +02007725 ret = 1;
7726out:
Emeric Brunba841a12014-04-30 17:05:08 +02007727 /* SSL_get_peer_certificate, it increase X509 * ref count */
7728 if (cert_peer && crt)
Emeric Brunce5ad802012-10-22 14:11:22 +02007729 X509_free(crt);
7730 return ret;
7731}
7732
Emeric Brunba841a12014-04-30 17:05:08 +02007733/* string, returns a string of a formatted full dn \C=..\O=..\OU=.. \CN=.. of certificate's issuer
7734 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7735 * should be use.
7736 */
Emeric Brun87855892012-10-17 17:39:35 +02007737static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007738smp_fetch_ssl_x_i_dn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun87855892012-10-17 17:39:35 +02007739{
Emeric Brunba841a12014-04-30 17:05:08 +02007740 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun87855892012-10-17 17:39:35 +02007741 X509 *crt = NULL;
7742 X509_NAME *name;
7743 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007744 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007745 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007746 struct ssl_sock_ctx *ctx;
Emeric Brun87855892012-10-17 17:39:35 +02007747
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007748 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007749 if (!conn || conn->xprt != &ssl_sock)
7750 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007751 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007752
Willy Tarreau911db9b2020-01-23 16:27:54 +01007753 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun87855892012-10-17 17:39:35 +02007754 smp->flags |= SMP_F_MAY_CHANGE;
7755 return 0;
7756 }
7757
Emeric Brunba841a12014-04-30 17:05:08 +02007758 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007759 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007760 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007761 crt = SSL_get_certificate(ctx->ssl);
Emeric Brun87855892012-10-17 17:39:35 +02007762 if (!crt)
7763 goto out;
7764
7765 name = X509_get_issuer_name(crt);
7766 if (!name)
7767 goto out;
7768
Willy Tarreau47ca5452012-12-23 20:22:19 +01007769 smp_trash = get_trash_chunk();
Elliot Otchet71f82972020-01-15 08:12:14 -05007770 if (args && args[0].type == ARGT_STR && args[0].data.str.data > 0) {
Emeric Brun87855892012-10-17 17:39:35 +02007771 int pos = 1;
7772
7773 if (args[1].type == ARGT_SINT)
7774 pos = args[1].data.sint;
Emeric Brun87855892012-10-17 17:39:35 +02007775
7776 if (ssl_sock_get_dn_entry(name, &args[0].data.str, pos, smp_trash) <= 0)
7777 goto out;
7778 }
Elliot Otchet71f82972020-01-15 08:12:14 -05007779 else if (args && args[2].type == ARGT_STR && args[2].data.str.data > 0) {
7780 if (ssl_sock_get_dn_formatted(name, &args[2].data.str, smp_trash) <= 0)
7781 goto out;
7782 }
Emeric Brun87855892012-10-17 17:39:35 +02007783 else if (ssl_sock_get_dn_oneline(name, smp_trash) <= 0)
7784 goto out;
7785
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007786 smp->data.type = SMP_T_STR;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007787 smp->data.u.str = *smp_trash;
Emeric Brun87855892012-10-17 17:39:35 +02007788 ret = 1;
7789out:
Emeric Brunba841a12014-04-30 17:05:08 +02007790 /* SSL_get_peer_certificate, it increase X509 * ref count */
7791 if (cert_peer && crt)
Emeric Brun87855892012-10-17 17:39:35 +02007792 X509_free(crt);
7793 return ret;
7794}
7795
Emeric Brunba841a12014-04-30 17:05:08 +02007796/* string, returns notbefore date in ASN1_UTCTIME format.
7797 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7798 * should be use.
7799 */
Emeric Brunce5ad802012-10-22 14:11:22 +02007800static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007801smp_fetch_ssl_x_notbefore(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunce5ad802012-10-22 14:11:22 +02007802{
Emeric Brunba841a12014-04-30 17:05:08 +02007803 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brunce5ad802012-10-22 14:11:22 +02007804 X509 *crt = NULL;
7805 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007806 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007807 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007808 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007809
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007810 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007811 if (!conn || conn->xprt != &ssl_sock)
Emeric Brunce5ad802012-10-22 14:11:22 +02007812 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007813 ctx = conn->xprt_ctx;
Emeric Brunce5ad802012-10-22 14:11:22 +02007814
Willy Tarreau911db9b2020-01-23 16:27:54 +01007815 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunce5ad802012-10-22 14:11:22 +02007816 smp->flags |= SMP_F_MAY_CHANGE;
7817 return 0;
7818 }
7819
Emeric Brunba841a12014-04-30 17:05:08 +02007820 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007821 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007822 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007823 crt = SSL_get_certificate(ctx->ssl);
Emeric Brunce5ad802012-10-22 14:11:22 +02007824 if (!crt)
7825 goto out;
7826
Willy Tarreau47ca5452012-12-23 20:22:19 +01007827 smp_trash = get_trash_chunk();
Rosen Penev68185952018-12-14 08:47:02 -08007828 if (ssl_sock_get_time(X509_getm_notBefore(crt), smp_trash) <= 0)
Emeric Brunce5ad802012-10-22 14:11:22 +02007829 goto out;
7830
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007831 smp->data.u.str = *smp_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007832 smp->data.type = SMP_T_STR;
Emeric Brunce5ad802012-10-22 14:11:22 +02007833 ret = 1;
7834out:
Emeric Brunba841a12014-04-30 17:05:08 +02007835 /* SSL_get_peer_certificate, it increase X509 * ref count */
7836 if (cert_peer && crt)
Emeric Brunce5ad802012-10-22 14:11:22 +02007837 X509_free(crt);
7838 return ret;
7839}
7840
Emeric Brunba841a12014-04-30 17:05:08 +02007841/* string, returns a string of a formatted full dn \C=..\O=..\OU=.. \CN=.. of certificate's subject
7842 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7843 * should be use.
7844 */
Emeric Brun87855892012-10-17 17:39:35 +02007845static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007846smp_fetch_ssl_x_s_dn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun87855892012-10-17 17:39:35 +02007847{
Emeric Brunba841a12014-04-30 17:05:08 +02007848 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun87855892012-10-17 17:39:35 +02007849 X509 *crt = NULL;
7850 X509_NAME *name;
7851 int ret = 0;
Willy Tarreau83061a82018-07-13 11:56:34 +02007852 struct buffer *smp_trash;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007853 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007854 struct ssl_sock_ctx *ctx;
Emeric Brun87855892012-10-17 17:39:35 +02007855
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007856 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007857 if (!conn || conn->xprt != &ssl_sock)
7858 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007859 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007860
Willy Tarreau911db9b2020-01-23 16:27:54 +01007861 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun87855892012-10-17 17:39:35 +02007862 smp->flags |= SMP_F_MAY_CHANGE;
7863 return 0;
7864 }
7865
Emeric Brunba841a12014-04-30 17:05:08 +02007866 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007867 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007868 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007869 crt = SSL_get_certificate(ctx->ssl);
Emeric Brun87855892012-10-17 17:39:35 +02007870 if (!crt)
7871 goto out;
7872
7873 name = X509_get_subject_name(crt);
7874 if (!name)
7875 goto out;
7876
Willy Tarreau47ca5452012-12-23 20:22:19 +01007877 smp_trash = get_trash_chunk();
Elliot Otchet71f82972020-01-15 08:12:14 -05007878 if (args && args[0].type == ARGT_STR && args[0].data.str.data > 0) {
Emeric Brun87855892012-10-17 17:39:35 +02007879 int pos = 1;
7880
7881 if (args[1].type == ARGT_SINT)
7882 pos = args[1].data.sint;
Emeric Brun87855892012-10-17 17:39:35 +02007883
7884 if (ssl_sock_get_dn_entry(name, &args[0].data.str, pos, smp_trash) <= 0)
7885 goto out;
7886 }
Elliot Otchet71f82972020-01-15 08:12:14 -05007887 else if (args && args[2].type == ARGT_STR && args[2].data.str.data > 0) {
7888 if (ssl_sock_get_dn_formatted(name, &args[2].data.str, smp_trash) <= 0)
7889 goto out;
7890 }
Emeric Brun87855892012-10-17 17:39:35 +02007891 else if (ssl_sock_get_dn_oneline(name, smp_trash) <= 0)
7892 goto out;
7893
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007894 smp->data.type = SMP_T_STR;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007895 smp->data.u.str = *smp_trash;
Emeric Brun87855892012-10-17 17:39:35 +02007896 ret = 1;
7897out:
Emeric Brunba841a12014-04-30 17:05:08 +02007898 /* SSL_get_peer_certificate, it increase X509 * ref count */
7899 if (cert_peer && crt)
Emeric Brun87855892012-10-17 17:39:35 +02007900 X509_free(crt);
7901 return ret;
7902}
Emeric Brun9143d372012-12-20 15:44:16 +01007903
7904/* integer, returns true if current session use a client certificate */
7905static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007906smp_fetch_ssl_c_used(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun9143d372012-12-20 15:44:16 +01007907{
7908 X509 *crt;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007909 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007910 struct ssl_sock_ctx *ctx;
Emeric Brun9143d372012-12-20 15:44:16 +01007911
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007912 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007913 if (!conn || conn->xprt != &ssl_sock)
7914 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007915 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007916
Willy Tarreau911db9b2020-01-23 16:27:54 +01007917 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun9143d372012-12-20 15:44:16 +01007918 smp->flags |= SMP_F_MAY_CHANGE;
7919 return 0;
7920 }
7921
7922 /* SSL_get_peer_certificate returns a ptr on allocated X509 struct */
Olivier Houchard66ab4982019-02-26 18:37:15 +01007923 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brun9143d372012-12-20 15:44:16 +01007924 if (crt) {
7925 X509_free(crt);
7926 }
7927
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007928 smp->data.type = SMP_T_BOOL;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007929 smp->data.u.sint = (crt != NULL);
Emeric Brun9143d372012-12-20 15:44:16 +01007930 return 1;
7931}
7932
Emeric Brunba841a12014-04-30 17:05:08 +02007933/* integer, returns the certificate version
7934 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7935 * should be use.
7936 */
Emeric Bruna7359fd2012-10-17 15:03:11 +02007937static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007938smp_fetch_ssl_x_version(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Bruna7359fd2012-10-17 15:03:11 +02007939{
Emeric Brunba841a12014-04-30 17:05:08 +02007940 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Bruna7359fd2012-10-17 15:03:11 +02007941 X509 *crt;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007942 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007943 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007944
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007945 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007946 if (!conn || conn->xprt != &ssl_sock)
Emeric Bruna7359fd2012-10-17 15:03:11 +02007947 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007948 ctx = conn->xprt_ctx;
Emeric Bruna7359fd2012-10-17 15:03:11 +02007949
Willy Tarreau911db9b2020-01-23 16:27:54 +01007950 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Bruna7359fd2012-10-17 15:03:11 +02007951 smp->flags |= SMP_F_MAY_CHANGE;
7952 return 0;
7953 }
7954
Emeric Brunba841a12014-04-30 17:05:08 +02007955 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007956 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007957 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007958 crt = SSL_get_certificate(ctx->ssl);
Emeric Bruna7359fd2012-10-17 15:03:11 +02007959 if (!crt)
7960 return 0;
7961
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02007962 smp->data.u.sint = (unsigned int)(1 + X509_get_version(crt));
Emeric Brunba841a12014-04-30 17:05:08 +02007963 /* SSL_get_peer_certificate increase X509 * ref count */
7964 if (cert_peer)
7965 X509_free(crt);
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02007966 smp->data.type = SMP_T_SINT;
Emeric Bruna7359fd2012-10-17 15:03:11 +02007967
7968 return 1;
7969}
7970
Emeric Brunba841a12014-04-30 17:05:08 +02007971/* string, returns the certificate's signature algorithm.
7972 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
7973 * should be use.
7974 */
Emeric Brun7f56e742012-10-19 18:15:40 +02007975static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02007976smp_fetch_ssl_x_sig_alg(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun7f56e742012-10-19 18:15:40 +02007977{
Emeric Brunba841a12014-04-30 17:05:08 +02007978 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun7f56e742012-10-19 18:15:40 +02007979 X509 *crt;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02007980 __OPENSSL_110_CONST__ ASN1_OBJECT *algorithm;
Emeric Brun7f56e742012-10-19 18:15:40 +02007981 int nid;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007982 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007983 struct ssl_sock_ctx *ctx;
Emeric Brun7f56e742012-10-19 18:15:40 +02007984
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02007985 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007986 if (!conn || conn->xprt != &ssl_sock)
7987 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01007988 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02007989
Willy Tarreau911db9b2020-01-23 16:27:54 +01007990 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun7f56e742012-10-19 18:15:40 +02007991 smp->flags |= SMP_F_MAY_CHANGE;
7992 return 0;
7993 }
7994
Emeric Brunba841a12014-04-30 17:05:08 +02007995 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01007996 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02007997 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01007998 crt = SSL_get_certificate(ctx->ssl);
Emeric Brun7f56e742012-10-19 18:15:40 +02007999 if (!crt)
8000 return 0;
8001
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02008002 X509_ALGOR_get0(&algorithm, NULL, NULL, X509_get0_tbs_sigalg(crt));
8003 nid = OBJ_obj2nid(algorithm);
Emeric Brun7f56e742012-10-19 18:15:40 +02008004
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008005 smp->data.u.str.area = (char *)OBJ_nid2sn(nid);
8006 if (!smp->data.u.str.area) {
Emeric Brunba841a12014-04-30 17:05:08 +02008007 /* SSL_get_peer_certificate increase X509 * ref count */
8008 if (cert_peer)
8009 X509_free(crt);
Emeric Brun7f56e742012-10-19 18:15:40 +02008010 return 0;
Emeric Brun9bf3ba22013-10-07 14:31:44 +02008011 }
Emeric Brun7f56e742012-10-19 18:15:40 +02008012
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008013 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008014 smp->flags |= SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008015 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brunba841a12014-04-30 17:05:08 +02008016 /* SSL_get_peer_certificate increase X509 * ref count */
8017 if (cert_peer)
8018 X509_free(crt);
Emeric Brun7f56e742012-10-19 18:15:40 +02008019
8020 return 1;
8021}
8022
Emeric Brunba841a12014-04-30 17:05:08 +02008023/* string, returns the certificate's key algorithm.
8024 * The 5th keyword char is used to know if SSL_get_certificate or SSL_get_peer_certificate
8025 * should be use.
8026 */
Emeric Brun521a0112012-10-22 12:22:55 +02008027static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008028smp_fetch_ssl_x_key_alg(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun521a0112012-10-22 12:22:55 +02008029{
Emeric Brunba841a12014-04-30 17:05:08 +02008030 int cert_peer = (kw[4] == 'c') ? 1 : 0;
Emeric Brun521a0112012-10-22 12:22:55 +02008031 X509 *crt;
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02008032 ASN1_OBJECT *algorithm;
Emeric Brun521a0112012-10-22 12:22:55 +02008033 int nid;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008034 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008035 struct ssl_sock_ctx *ctx;
Emeric Brun521a0112012-10-22 12:22:55 +02008036
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008037 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008038 if (!conn || conn->xprt != &ssl_sock)
8039 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008040 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008041
Willy Tarreau911db9b2020-01-23 16:27:54 +01008042 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brun521a0112012-10-22 12:22:55 +02008043 smp->flags |= SMP_F_MAY_CHANGE;
8044 return 0;
8045 }
8046
Emeric Brunba841a12014-04-30 17:05:08 +02008047 if (cert_peer)
Olivier Houchard66ab4982019-02-26 18:37:15 +01008048 crt = SSL_get_peer_certificate(ctx->ssl);
Emeric Brunba841a12014-04-30 17:05:08 +02008049 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01008050 crt = SSL_get_certificate(ctx->ssl);
Emeric Brun521a0112012-10-22 12:22:55 +02008051 if (!crt)
8052 return 0;
8053
Dirkjan Bussink1866d6d2016-08-29 13:26:37 +02008054 X509_PUBKEY_get0_param(&algorithm, NULL, NULL, NULL, X509_get_X509_PUBKEY(crt));
8055 nid = OBJ_obj2nid(algorithm);
Emeric Brun521a0112012-10-22 12:22:55 +02008056
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008057 smp->data.u.str.area = (char *)OBJ_nid2sn(nid);
8058 if (!smp->data.u.str.area) {
Emeric Brunba841a12014-04-30 17:05:08 +02008059 /* SSL_get_peer_certificate increase X509 * ref count */
8060 if (cert_peer)
8061 X509_free(crt);
Emeric Brun521a0112012-10-22 12:22:55 +02008062 return 0;
Emeric Brun9bf3ba22013-10-07 14:31:44 +02008063 }
Emeric Brun521a0112012-10-22 12:22:55 +02008064
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008065 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008066 smp->flags |= SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008067 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brunba841a12014-04-30 17:05:08 +02008068 if (cert_peer)
8069 X509_free(crt);
Emeric Brun521a0112012-10-22 12:22:55 +02008070
8071 return 1;
8072}
8073
Emeric Brun645ae792014-04-30 14:21:06 +02008074/* boolean, returns true if front conn. transport layer is SSL.
8075 * This function is also usable on backend conn if the fetch keyword 5th
8076 * char is 'b'.
8077 */
Willy Tarreau7875d092012-09-10 08:20:03 +02008078static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008079smp_fetch_ssl_fc(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau7875d092012-09-10 08:20:03 +02008080{
Emeric Bruneb8def92018-02-19 15:59:48 +01008081 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8082 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008083
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008084 smp->data.type = SMP_T_BOOL;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008085 smp->data.u.sint = (conn && conn->xprt == &ssl_sock);
Willy Tarreau7875d092012-09-10 08:20:03 +02008086 return 1;
8087}
8088
Emeric Brun2525b6b2012-10-18 15:59:43 +02008089/* boolean, returns true if client present a SNI */
Willy Tarreau7875d092012-09-10 08:20:03 +02008090static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008091smp_fetch_ssl_fc_has_sni(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau7875d092012-09-10 08:20:03 +02008092{
8093#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008094 struct connection *conn = objt_conn(smp->sess->origin);
Olivier Houchard66ab4982019-02-26 18:37:15 +01008095 struct ssl_sock_ctx *ctx = conn ? conn->xprt_ctx : NULL;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008096
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008097 smp->data.type = SMP_T_BOOL;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008098 smp->data.u.sint = (conn && conn->xprt == &ssl_sock) &&
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008099 conn->xprt_ctx &&
Olivier Houchard66ab4982019-02-26 18:37:15 +01008100 SSL_get_servername(ctx->ssl, TLSEXT_NAMETYPE_host_name) != NULL;
Willy Tarreau7875d092012-09-10 08:20:03 +02008101 return 1;
8102#else
8103 return 0;
8104#endif
8105}
8106
Emeric Brun74f7ffa2018-02-19 16:14:12 +01008107/* boolean, returns true if client session has been resumed.
8108 * This function is also usable on backend conn if the fetch keyword 5th
8109 * char is 'b'.
8110 */
Nenad Merdanovic26ea8222015-05-18 02:28:57 +02008111static int
8112smp_fetch_ssl_fc_is_resumed(const struct arg *args, struct sample *smp, const char *kw, void *private)
8113{
Emeric Brun74f7ffa2018-02-19 16:14:12 +01008114 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8115 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008116 struct ssl_sock_ctx *ctx = conn ? conn->xprt_ctx : NULL;
Emeric Brun74f7ffa2018-02-19 16:14:12 +01008117
Nenad Merdanovic26ea8222015-05-18 02:28:57 +02008118
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008119 smp->data.type = SMP_T_BOOL;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008120 smp->data.u.sint = (conn && conn->xprt == &ssl_sock) &&
Nenad Merdanovic26ea8222015-05-18 02:28:57 +02008121 conn->xprt_ctx &&
Olivier Houchard66ab4982019-02-26 18:37:15 +01008122 SSL_session_reused(ctx->ssl);
Nenad Merdanovic26ea8222015-05-18 02:28:57 +02008123 return 1;
8124}
8125
Emeric Brun645ae792014-04-30 14:21:06 +02008126/* string, returns the used cipher if front conn. transport layer is SSL.
8127 * This function is also usable on backend conn if the fetch keyword 5th
8128 * char is 'b'.
8129 */
Emeric Brun589fcad2012-10-16 14:13:26 +02008130static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008131smp_fetch_ssl_fc_cipher(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02008132{
Emeric Bruneb8def92018-02-19 15:59:48 +01008133 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8134 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008135 struct ssl_sock_ctx *ctx;
Emeric Brun589fcad2012-10-16 14:13:26 +02008136
Willy Tarreaube508f12016-03-10 11:47:01 +01008137 smp->flags = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008138 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
Emeric Brun589fcad2012-10-16 14:13:26 +02008139 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008140 ctx = conn->xprt_ctx;
Emeric Brun589fcad2012-10-16 14:13:26 +02008141
Olivier Houchard66ab4982019-02-26 18:37:15 +01008142 smp->data.u.str.area = (char *)SSL_get_cipher_name(ctx->ssl);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008143 if (!smp->data.u.str.area)
Emeric Brun589fcad2012-10-16 14:13:26 +02008144 return 0;
8145
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008146 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008147 smp->flags |= SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008148 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brun589fcad2012-10-16 14:13:26 +02008149
8150 return 1;
8151}
8152
Emeric Brun645ae792014-04-30 14:21:06 +02008153/* integer, returns the algoritm's keysize if front conn. transport layer
8154 * is SSL.
8155 * This function is also usable on backend conn if the fetch keyword 5th
8156 * char is 'b'.
8157 */
Emeric Brun589fcad2012-10-16 14:13:26 +02008158static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008159smp_fetch_ssl_fc_alg_keysize(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02008160{
Emeric Bruneb8def92018-02-19 15:59:48 +01008161 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8162 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008163 struct ssl_sock_ctx *ctx;
Willy Tarreaue237fe12016-03-10 17:05:28 +01008164 int sint;
Willy Tarreaube508f12016-03-10 11:47:01 +01008165
Emeric Brun589fcad2012-10-16 14:13:26 +02008166 smp->flags = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008167 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
Emeric Brun589fcad2012-10-16 14:13:26 +02008168 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008169 ctx = conn->xprt_ctx;
Emeric Brun589fcad2012-10-16 14:13:26 +02008170
Olivier Houchard66ab4982019-02-26 18:37:15 +01008171 if (!SSL_get_cipher_bits(ctx->ssl, &sint))
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008172 return 0;
8173
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008174 smp->data.u.sint = sint;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008175 smp->data.type = SMP_T_SINT;
Emeric Brun589fcad2012-10-16 14:13:26 +02008176
8177 return 1;
8178}
8179
Emeric Brun645ae792014-04-30 14:21:06 +02008180/* integer, returns the used keysize if front conn. transport layer is SSL.
8181 * This function is also usable on backend conn if the fetch keyword 5th
8182 * char is 'b'.
8183 */
Emeric Brun589fcad2012-10-16 14:13:26 +02008184static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008185smp_fetch_ssl_fc_use_keysize(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02008186{
Emeric Bruneb8def92018-02-19 15:59:48 +01008187 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8188 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008189 struct ssl_sock_ctx *ctx;
Willy Tarreaube508f12016-03-10 11:47:01 +01008190
Emeric Brun589fcad2012-10-16 14:13:26 +02008191 smp->flags = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008192 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8193 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008194 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008195
Olivier Houchard66ab4982019-02-26 18:37:15 +01008196 smp->data.u.sint = (unsigned int)SSL_get_cipher_bits(ctx->ssl, NULL);
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008197 if (!smp->data.u.sint)
Emeric Brun589fcad2012-10-16 14:13:26 +02008198 return 0;
8199
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008200 smp->data.type = SMP_T_SINT;
Emeric Brun589fcad2012-10-16 14:13:26 +02008201
8202 return 1;
8203}
8204
Bernard Spil13c53f82018-02-15 13:34:58 +01008205#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Willy Tarreau7875d092012-09-10 08:20:03 +02008206static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008207smp_fetch_ssl_fc_npn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreaua33c6542012-10-15 13:19:06 +02008208{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008209 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008210 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008211
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008212 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008213 smp->data.type = SMP_T_STR;
Willy Tarreaua33c6542012-10-15 13:19:06 +02008214
Olivier Houchard6b77f492018-11-22 18:18:29 +01008215 conn = (kw[4] != 'b' ) ? objt_conn(smp->sess->origin) :
8216 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008217 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8218 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008219 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008220
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008221 smp->data.u.str.area = NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008222 SSL_get0_next_proto_negotiated(ctx->ssl,
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008223 (const unsigned char **)&smp->data.u.str.area,
8224 (unsigned *)&smp->data.u.str.data);
Willy Tarreaua33c6542012-10-15 13:19:06 +02008225
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008226 if (!smp->data.u.str.area)
Willy Tarreaua33c6542012-10-15 13:19:06 +02008227 return 0;
8228
8229 return 1;
Willy Tarreaua33c6542012-10-15 13:19:06 +02008230}
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02008231#endif
Willy Tarreaua33c6542012-10-15 13:19:06 +02008232
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01008233#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Willy Tarreauab861d32013-04-02 02:30:41 +02008234static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008235smp_fetch_ssl_fc_alpn(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreauab861d32013-04-02 02:30:41 +02008236{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008237 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008238 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008239
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008240 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008241 smp->data.type = SMP_T_STR;
Willy Tarreauab861d32013-04-02 02:30:41 +02008242
Olivier Houchard6b77f492018-11-22 18:18:29 +01008243 conn = (kw[4] != 'b' ) ? objt_conn(smp->sess->origin) :
8244 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
8245
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008246 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
Willy Tarreauab861d32013-04-02 02:30:41 +02008247 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008248 ctx = conn->xprt_ctx;
Willy Tarreauab861d32013-04-02 02:30:41 +02008249
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008250 smp->data.u.str.area = NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008251 SSL_get0_alpn_selected(ctx->ssl,
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008252 (const unsigned char **)&smp->data.u.str.area,
8253 (unsigned *)&smp->data.u.str.data);
Willy Tarreauab861d32013-04-02 02:30:41 +02008254
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008255 if (!smp->data.u.str.area)
Willy Tarreauab861d32013-04-02 02:30:41 +02008256 return 0;
8257
8258 return 1;
8259}
8260#endif
8261
Emeric Brun645ae792014-04-30 14:21:06 +02008262/* string, returns the used protocol if front conn. transport layer is SSL.
8263 * This function is also usable on backend conn if the fetch keyword 5th
8264 * char is 'b'.
8265 */
Willy Tarreaua33c6542012-10-15 13:19:06 +02008266static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008267smp_fetch_ssl_fc_protocol(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brun589fcad2012-10-16 14:13:26 +02008268{
Emeric Bruneb8def92018-02-19 15:59:48 +01008269 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8270 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008271 struct ssl_sock_ctx *ctx;
Willy Tarreaube508f12016-03-10 11:47:01 +01008272
Emeric Brun589fcad2012-10-16 14:13:26 +02008273 smp->flags = 0;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008274 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8275 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008276 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008277
Olivier Houchard66ab4982019-02-26 18:37:15 +01008278 smp->data.u.str.area = (char *)SSL_get_version(ctx->ssl);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008279 if (!smp->data.u.str.area)
Emeric Brun589fcad2012-10-16 14:13:26 +02008280 return 0;
8281
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008282 smp->data.type = SMP_T_STR;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008283 smp->flags = SMP_F_CONST;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008284 smp->data.u.str.data = strlen(smp->data.u.str.area);
Emeric Brun589fcad2012-10-16 14:13:26 +02008285
8286 return 1;
8287}
8288
Willy Tarreau87b09662015-04-03 00:22:06 +02008289/* binary, returns the SSL stream id if front conn. transport layer is SSL.
Emeric Brun645ae792014-04-30 14:21:06 +02008290 * This function is also usable on backend conn if the fetch keyword 5th
8291 * char is 'b'.
8292 */
Willy Tarreau9a1ab082019-05-09 13:26:41 +02008293#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Emeric Brun589fcad2012-10-16 14:13:26 +02008294static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008295smp_fetch_ssl_fc_session_id(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunfe68f682012-10-16 14:59:28 +02008296{
Emeric Bruneb8def92018-02-19 15:59:48 +01008297 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8298 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Willy Tarreaue237fe12016-03-10 17:05:28 +01008299 SSL_SESSION *ssl_sess;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008300 struct ssl_sock_ctx *ctx;
Willy Tarreaube508f12016-03-10 11:47:01 +01008301
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008302 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008303 smp->data.type = SMP_T_BIN;
Emeric Brunfe68f682012-10-16 14:59:28 +02008304
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008305 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8306 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008307 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008308
Olivier Houchard66ab4982019-02-26 18:37:15 +01008309 ssl_sess = SSL_get_session(ctx->ssl);
Willy Tarreau192252e2015-04-04 01:47:55 +02008310 if (!ssl_sess)
Emeric Brunfe68f682012-10-16 14:59:28 +02008311 return 0;
8312
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008313 smp->data.u.str.area = (char *)SSL_SESSION_get_id(ssl_sess,
8314 (unsigned int *)&smp->data.u.str.data);
8315 if (!smp->data.u.str.area || !smp->data.u.str.data)
Emeric Brunfe68f682012-10-16 14:59:28 +02008316 return 0;
8317
8318 return 1;
Emeric Brunfe68f682012-10-16 14:59:28 +02008319}
Patrick Hemmer41966772018-04-28 19:15:48 -04008320#endif
8321
Emeric Brunfe68f682012-10-16 14:59:28 +02008322
Emmanuel Hocdet839af572019-05-14 16:27:35 +02008323#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
Patrick Hemmere0275472018-04-28 19:15:51 -04008324static int
Patrick Hemmer65674662019-06-04 08:13:03 -04008325smp_fetch_ssl_fc_random(const struct arg *args, struct sample *smp, const char *kw, void *private)
8326{
8327 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8328 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
8329 struct buffer *data;
8330 struct ssl_sock_ctx *ctx;
8331
8332 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8333 return 0;
8334 ctx = conn->xprt_ctx;
8335
8336 data = get_trash_chunk();
8337 if (kw[7] == 'c')
8338 data->data = SSL_get_client_random(ctx->ssl,
8339 (unsigned char *) data->area,
8340 data->size);
8341 else
8342 data->data = SSL_get_server_random(ctx->ssl,
8343 (unsigned char *) data->area,
8344 data->size);
8345 if (!data->data)
8346 return 0;
8347
8348 smp->flags = 0;
8349 smp->data.type = SMP_T_BIN;
8350 smp->data.u.str = *data;
8351
8352 return 1;
8353}
8354
8355static int
Patrick Hemmere0275472018-04-28 19:15:51 -04008356smp_fetch_ssl_fc_session_key(const struct arg *args, struct sample *smp, const char *kw, void *private)
8357{
8358 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8359 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
8360 SSL_SESSION *ssl_sess;
Willy Tarreau83061a82018-07-13 11:56:34 +02008361 struct buffer *data;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008362 struct ssl_sock_ctx *ctx;
Patrick Hemmere0275472018-04-28 19:15:51 -04008363
8364 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8365 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008366 ctx = conn->xprt_ctx;
Patrick Hemmere0275472018-04-28 19:15:51 -04008367
Olivier Houchard66ab4982019-02-26 18:37:15 +01008368 ssl_sess = SSL_get_session(ctx->ssl);
Patrick Hemmere0275472018-04-28 19:15:51 -04008369 if (!ssl_sess)
8370 return 0;
8371
8372 data = get_trash_chunk();
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008373 data->data = SSL_SESSION_get_master_key(ssl_sess,
8374 (unsigned char *) data->area,
8375 data->size);
8376 if (!data->data)
Patrick Hemmere0275472018-04-28 19:15:51 -04008377 return 0;
8378
8379 smp->flags = 0;
8380 smp->data.type = SMP_T_BIN;
8381 smp->data.u.str = *data;
8382
8383 return 1;
8384}
8385#endif
8386
Patrick Hemmer41966772018-04-28 19:15:48 -04008387#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Emeric Brunfe68f682012-10-16 14:59:28 +02008388static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008389smp_fetch_ssl_fc_sni(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau7875d092012-09-10 08:20:03 +02008390{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008391 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008392 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008393
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +01008394 smp->flags = SMP_F_CONST;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008395 smp->data.type = SMP_T_STR;
Willy Tarreau7875d092012-09-10 08:20:03 +02008396
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008397 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008398 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8399 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008400 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008401
Olivier Houchard66ab4982019-02-26 18:37:15 +01008402 smp->data.u.str.area = (char *)SSL_get_servername(ctx->ssl, TLSEXT_NAMETYPE_host_name);
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008403 if (!smp->data.u.str.area)
Willy Tarreau3e394c92012-09-14 23:56:58 +02008404 return 0;
8405
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008406 smp->data.u.str.data = strlen(smp->data.u.str.area);
Willy Tarreau7875d092012-09-10 08:20:03 +02008407 return 1;
Willy Tarreau7875d092012-09-10 08:20:03 +02008408}
Patrick Hemmer41966772018-04-28 19:15:48 -04008409#endif
Willy Tarreau7875d092012-09-10 08:20:03 +02008410
David Sc1ad52e2014-04-08 18:48:47 -04008411static int
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008412smp_fetch_ssl_fc_cl_bin(const struct arg *args, struct sample *smp, const char *kw, void *private)
8413{
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008414 struct connection *conn;
8415 struct ssl_capture *capture;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008416 struct ssl_sock_ctx *ctx;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008417
8418 conn = objt_conn(smp->sess->origin);
8419 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8420 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008421 ctx = conn->xprt_ctx;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008422
Olivier Houchard66ab4982019-02-26 18:37:15 +01008423 capture = SSL_get_ex_data(ctx->ssl, ssl_capture_ptr_index);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008424 if (!capture)
8425 return 0;
8426
8427 smp->flags = SMP_F_CONST;
8428 smp->data.type = SMP_T_BIN;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008429 smp->data.u.str.area = capture->ciphersuite;
8430 smp->data.u.str.data = capture->ciphersuite_len;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008431 return 1;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008432}
8433
8434static int
8435smp_fetch_ssl_fc_cl_hex(const struct arg *args, struct sample *smp, const char *kw, void *private)
8436{
Willy Tarreau83061a82018-07-13 11:56:34 +02008437 struct buffer *data;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008438
8439 if (!smp_fetch_ssl_fc_cl_bin(args, smp, kw, private))
8440 return 0;
8441
8442 data = get_trash_chunk();
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008443 dump_binary(data, smp->data.u.str.area, smp->data.u.str.data);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008444 smp->data.type = SMP_T_BIN;
8445 smp->data.u.str = *data;
8446 return 1;
8447}
8448
8449static int
8450smp_fetch_ssl_fc_cl_xxh64(const struct arg *args, struct sample *smp, const char *kw, void *private)
8451{
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008452 struct connection *conn;
8453 struct ssl_capture *capture;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008454 struct ssl_sock_ctx *ctx;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008455
8456 conn = objt_conn(smp->sess->origin);
8457 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8458 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008459 ctx = conn->xprt_ctx;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008460
Olivier Houchard66ab4982019-02-26 18:37:15 +01008461 capture = SSL_get_ex_data(ctx->ssl, ssl_capture_ptr_index);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008462 if (!capture)
8463 return 0;
8464
8465 smp->data.type = SMP_T_SINT;
8466 smp->data.u.sint = capture->xxh64;
8467 return 1;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008468}
8469
8470static int
8471smp_fetch_ssl_fc_cl_str(const struct arg *args, struct sample *smp, const char *kw, void *private)
8472{
Willy Tarreau5db847a2019-05-09 14:13:35 +02008473#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL)
Willy Tarreau83061a82018-07-13 11:56:34 +02008474 struct buffer *data;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008475 int i;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008476
8477 if (!smp_fetch_ssl_fc_cl_bin(args, smp, kw, private))
8478 return 0;
8479
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008480 data = get_trash_chunk();
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008481 for (i = 0; i + 1 < smp->data.u.str.data; i += 2) {
Emmanuel Hocdetddcde192017-09-01 17:32:08 +02008482 const char *str;
8483 const SSL_CIPHER *cipher;
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008484 const unsigned char *bin = (const unsigned char *) smp->data.u.str.area + i;
Emmanuel Hocdetddcde192017-09-01 17:32:08 +02008485 uint16_t id = (bin[0] << 8) | bin[1];
8486#if defined(OPENSSL_IS_BORINGSSL)
8487 cipher = SSL_get_cipher_by_value(id);
8488#else
Willy Tarreaub7290772018-10-15 11:01:59 +02008489 struct connection *conn = __objt_conn(smp->sess->origin);
Olivier Houchard66ab4982019-02-26 18:37:15 +01008490 struct ssl_sock_ctx *ctx = conn->xprt_ctx;
8491 cipher = SSL_CIPHER_find(ctx->ssl, bin);
Emmanuel Hocdetddcde192017-09-01 17:32:08 +02008492#endif
8493 str = SSL_CIPHER_get_name(cipher);
8494 if (!str || strcmp(str, "(NONE)") == 0)
8495 chunk_appendf(data, "%sUNKNOWN(%04x)", i == 0 ? "" : ",", id);
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008496 else
8497 chunk_appendf(data, "%s%s", i == 0 ? "" : ",", str);
8498 }
8499 smp->data.type = SMP_T_STR;
8500 smp->data.u.str = *data;
8501 return 1;
8502#else
8503 return smp_fetch_ssl_fc_cl_xxh64(args, smp, kw, private);
8504#endif
8505}
8506
Willy Tarreau9a1ab082019-05-09 13:26:41 +02008507#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Thierry FOURNIER5bf77322017-02-25 12:45:22 +01008508static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008509smp_fetch_ssl_fc_unique_id(const struct arg *args, struct sample *smp, const char *kw, void *private)
David Sc1ad52e2014-04-08 18:48:47 -04008510{
Emeric Bruneb8def92018-02-19 15:59:48 +01008511 struct connection *conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
8512 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
David Sc1ad52e2014-04-08 18:48:47 -04008513 int finished_len;
Willy Tarreau83061a82018-07-13 11:56:34 +02008514 struct buffer *finished_trash;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008515 struct ssl_sock_ctx *ctx;
David Sc1ad52e2014-04-08 18:48:47 -04008516
8517 smp->flags = 0;
David Sc1ad52e2014-04-08 18:48:47 -04008518 if (!conn || !conn->xprt_ctx || conn->xprt != &ssl_sock)
8519 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008520 ctx = conn->xprt_ctx;
David Sc1ad52e2014-04-08 18:48:47 -04008521
Willy Tarreau911db9b2020-01-23 16:27:54 +01008522 if (conn->flags & CO_FL_WAIT_XPRT) {
David Sc1ad52e2014-04-08 18:48:47 -04008523 smp->flags |= SMP_F_MAY_CHANGE;
8524 return 0;
8525 }
8526
8527 finished_trash = get_trash_chunk();
Olivier Houchard66ab4982019-02-26 18:37:15 +01008528 if (!SSL_session_reused(ctx->ssl))
8529 finished_len = SSL_get_peer_finished(ctx->ssl,
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008530 finished_trash->area,
8531 finished_trash->size);
David Sc1ad52e2014-04-08 18:48:47 -04008532 else
Olivier Houchard66ab4982019-02-26 18:37:15 +01008533 finished_len = SSL_get_finished(ctx->ssl,
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008534 finished_trash->area,
8535 finished_trash->size);
David Sc1ad52e2014-04-08 18:48:47 -04008536
8537 if (!finished_len)
8538 return 0;
8539
Willy Tarreau843b7cb2018-07-13 10:54:26 +02008540 finished_trash->data = finished_len;
Thierry FOURNIER136f9d32015-08-19 09:07:19 +02008541 smp->data.u.str = *finished_trash;
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008542 smp->data.type = SMP_T_BIN;
David Sc1ad52e2014-04-08 18:48:47 -04008543
8544 return 1;
David Sc1ad52e2014-04-08 18:48:47 -04008545}
Patrick Hemmer41966772018-04-28 19:15:48 -04008546#endif
David Sc1ad52e2014-04-08 18:48:47 -04008547
Emeric Brun2525b6b2012-10-18 15:59:43 +02008548/* integer, returns the first verify error in CA chain of client certificate chain. */
Emeric Brunf282a812012-09-21 15:27:54 +02008549static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008550smp_fetch_ssl_c_ca_err(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunf282a812012-09-21 15:27:54 +02008551{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008552 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008553 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008554
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008555 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008556 if (!conn || conn->xprt != &ssl_sock)
8557 return 0;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008558 ctx = conn->xprt_ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008559
Willy Tarreau911db9b2020-01-23 16:27:54 +01008560 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunf282a812012-09-21 15:27:54 +02008561 smp->flags = SMP_F_MAY_CHANGE;
8562 return 0;
8563 }
8564
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008565 smp->data.type = SMP_T_SINT;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008566 smp->data.u.sint = (unsigned long long int)SSL_SOCK_ST_TO_CA_ERROR(ctx->xprt_st);
Emeric Brunf282a812012-09-21 15:27:54 +02008567 smp->flags = 0;
8568
8569 return 1;
8570}
8571
Emeric Brun2525b6b2012-10-18 15:59:43 +02008572/* integer, returns the depth of the first verify error in CA chain of client certificate chain. */
Emeric Brunf282a812012-09-21 15:27:54 +02008573static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008574smp_fetch_ssl_c_ca_err_depth(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunf282a812012-09-21 15:27:54 +02008575{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008576 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008577 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008578
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008579 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008580 if (!conn || conn->xprt != &ssl_sock)
Emeric Brunf282a812012-09-21 15:27:54 +02008581 return 0;
8582
Willy Tarreau911db9b2020-01-23 16:27:54 +01008583 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunf282a812012-09-21 15:27:54 +02008584 smp->flags = SMP_F_MAY_CHANGE;
8585 return 0;
8586 }
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008587 ctx = conn->xprt_ctx;
Emeric Brunf282a812012-09-21 15:27:54 +02008588
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008589 smp->data.type = SMP_T_SINT;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008590 smp->data.u.sint = (long long int)SSL_SOCK_ST_TO_CAEDEPTH(ctx->xprt_st);
Emeric Brunf282a812012-09-21 15:27:54 +02008591 smp->flags = 0;
8592
8593 return 1;
8594}
8595
Emeric Brun2525b6b2012-10-18 15:59:43 +02008596/* integer, returns the first verify error on client certificate */
Emeric Brunf282a812012-09-21 15:27:54 +02008597static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008598smp_fetch_ssl_c_err(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunf282a812012-09-21 15:27:54 +02008599{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008600 struct connection *conn;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008601 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008602
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008603 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008604 if (!conn || conn->xprt != &ssl_sock)
8605 return 0;
8606
Willy Tarreau911db9b2020-01-23 16:27:54 +01008607 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunf282a812012-09-21 15:27:54 +02008608 smp->flags = SMP_F_MAY_CHANGE;
8609 return 0;
8610 }
8611
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008612 ctx = conn->xprt_ctx;
8613
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008614 smp->data.type = SMP_T_SINT;
Olivier Houchard7b5fd1e2019-02-28 18:10:45 +01008615 smp->data.u.sint = (long long int)SSL_SOCK_ST_TO_CRTERROR(ctx->xprt_st);
Emeric Brunf282a812012-09-21 15:27:54 +02008616 smp->flags = 0;
8617
8618 return 1;
8619}
8620
Emeric Brun2525b6b2012-10-18 15:59:43 +02008621/* integer, returns the verify result on client cert */
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02008622static int
Thierry FOURNIER0786d052015-05-11 15:42:45 +02008623smp_fetch_ssl_c_verify(const struct arg *args, struct sample *smp, const char *kw, void *private)
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02008624{
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008625 struct connection *conn;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008626 struct ssl_sock_ctx *ctx;
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008627
Thierry FOURNIER0a9a2b82015-05-11 15:20:49 +02008628 conn = objt_conn(smp->sess->origin);
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008629 if (!conn || conn->xprt != &ssl_sock)
8630 return 0;
8631
Willy Tarreau911db9b2020-01-23 16:27:54 +01008632 if (conn->flags & CO_FL_WAIT_XPRT) {
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02008633 smp->flags = SMP_F_MAY_CHANGE;
8634 return 0;
8635 }
8636
Willy Tarreaub363a1f2013-10-01 10:45:07 +02008637 if (!conn->xprt_ctx)
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02008638 return 0;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008639 ctx = conn->xprt_ctx;
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02008640
Thierry FOURNIER8c542ca2015-08-19 09:00:18 +02008641 smp->data.type = SMP_T_SINT;
Olivier Houchard66ab4982019-02-26 18:37:15 +01008642 smp->data.u.sint = (long long int)SSL_get_verify_result(ctx->ssl);
Emeric Brunbaf8ffb2012-09-21 15:27:20 +02008643 smp->flags = 0;
8644
8645 return 1;
8646}
8647
Emeric Brunfb510ea2012-10-05 12:00:26 +02008648/* parse the "ca-file" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008649static int ssl_bind_parse_ca_file(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Emeric Brund94b3fe2012-09-20 18:23:56 +02008650{
8651 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008652 memprintf(err, "'%s' : missing CAfile path", args[cur_arg]);
Emeric Brund94b3fe2012-09-20 18:23:56 +02008653 return ERR_ALERT | ERR_FATAL;
8654 }
8655
Willy Tarreauef934602016-12-22 23:12:01 +01008656 if ((*args[cur_arg + 1] != '/') && global_ssl.ca_base)
8657 memprintf(&conf->ca_file, "%s/%s", global_ssl.ca_base, args[cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +02008658 else
8659 memprintf(&conf->ca_file, "%s", args[cur_arg + 1]);
Emeric Brunc8e8d122012-10-02 18:42:10 +02008660
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +02008661 if (!ssl_store_load_locations_file(conf->ca_file)) {
8662 memprintf(err, "'%s' : unable to load %s", args[cur_arg], conf->ca_file);
8663 return ERR_ALERT | ERR_FATAL;
8664 }
Emeric Brund94b3fe2012-09-20 18:23:56 +02008665 return 0;
8666}
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008667static int bind_parse_ca_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8668{
8669 return ssl_bind_parse_ca_file(args, cur_arg, px, &conf->ssl_conf, err);
8670}
Emeric Brund94b3fe2012-09-20 18:23:56 +02008671
Christopher Faulet31af49d2015-06-09 17:29:50 +02008672/* parse the "ca-sign-file" bind keyword */
8673static int bind_parse_ca_sign_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8674{
8675 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008676 memprintf(err, "'%s' : missing CAfile path", args[cur_arg]);
Christopher Faulet31af49d2015-06-09 17:29:50 +02008677 return ERR_ALERT | ERR_FATAL;
8678 }
8679
Willy Tarreauef934602016-12-22 23:12:01 +01008680 if ((*args[cur_arg + 1] != '/') && global_ssl.ca_base)
8681 memprintf(&conf->ca_sign_file, "%s/%s", global_ssl.ca_base, args[cur_arg + 1]);
Christopher Faulet31af49d2015-06-09 17:29:50 +02008682 else
8683 memprintf(&conf->ca_sign_file, "%s", args[cur_arg + 1]);
8684
8685 return 0;
8686}
8687
Bertrand Jacquinff13c062016-11-13 16:37:11 +00008688/* parse the "ca-sign-pass" bind keyword */
Christopher Faulet31af49d2015-06-09 17:29:50 +02008689static int bind_parse_ca_sign_pass(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8690{
8691 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008692 memprintf(err, "'%s' : missing CAkey password", args[cur_arg]);
Christopher Faulet31af49d2015-06-09 17:29:50 +02008693 return ERR_ALERT | ERR_FATAL;
8694 }
8695 memprintf(&conf->ca_sign_pass, "%s", args[cur_arg + 1]);
8696 return 0;
8697}
8698
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008699/* parse the "ciphers" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008700static int ssl_bind_parse_ciphers(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008701{
8702 if (!*args[cur_arg + 1]) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +02008703 memprintf(err, "'%s' : missing cipher suite", args[cur_arg]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008704 return ERR_ALERT | ERR_FATAL;
8705 }
8706
Emeric Brun76d88952012-10-05 15:47:31 +02008707 free(conf->ciphers);
Willy Tarreau4348fad2012-09-20 16:48:07 +02008708 conf->ciphers = strdup(args[cur_arg + 1]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008709 return 0;
8710}
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008711static int bind_parse_ciphers(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8712{
8713 return ssl_bind_parse_ciphers(args, cur_arg, px, &conf->ssl_conf, err);
8714}
Dirkjan Bussink415150f2018-09-14 11:14:21 +02008715
Emmanuel Hocdet839af572019-05-14 16:27:35 +02008716#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02008717/* parse the "ciphersuites" bind keyword */
8718static int ssl_bind_parse_ciphersuites(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
8719{
8720 if (!*args[cur_arg + 1]) {
8721 memprintf(err, "'%s' : missing cipher suite", args[cur_arg]);
8722 return ERR_ALERT | ERR_FATAL;
8723 }
8724
8725 free(conf->ciphersuites);
8726 conf->ciphersuites = strdup(args[cur_arg + 1]);
8727 return 0;
8728}
8729static int bind_parse_ciphersuites(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8730{
8731 return ssl_bind_parse_ciphersuites(args, cur_arg, px, &conf->ssl_conf, err);
8732}
8733#endif
8734
Willy Tarreaubbc91962019-10-16 16:42:19 +02008735/* parse the "crt" bind keyword. Returns a set of ERR_* flags possibly with an error in <err>. */
Willy Tarreau4348fad2012-09-20 16:48:07 +02008736static int bind_parse_crt(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008737{
Willy Tarreau38011032013-08-13 16:59:39 +02008738 char path[MAXPATHLEN];
Willy Tarreaub75d6922014-04-14 18:05:41 +02008739
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008740 if (!*args[cur_arg + 1]) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +02008741 memprintf(err, "'%s' : missing certificate location", args[cur_arg]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008742 return ERR_ALERT | ERR_FATAL;
8743 }
8744
Willy Tarreauef934602016-12-22 23:12:01 +01008745 if ((*args[cur_arg + 1] != '/' ) && global_ssl.crt_base) {
8746 if ((strlen(global_ssl.crt_base) + 1 + strlen(args[cur_arg + 1]) + 1) > MAXPATHLEN) {
Emeric Brunc8e8d122012-10-02 18:42:10 +02008747 memprintf(err, "'%s' : path too long", args[cur_arg]);
8748 return ERR_ALERT | ERR_FATAL;
8749 }
Willy Tarreauef934602016-12-22 23:12:01 +01008750 snprintf(path, sizeof(path), "%s/%s", global_ssl.crt_base, args[cur_arg + 1]);
Willy Tarreaubbc91962019-10-16 16:42:19 +02008751 return ssl_sock_load_cert(path, conf, err);
Emeric Brunc8e8d122012-10-02 18:42:10 +02008752 }
8753
Willy Tarreaubbc91962019-10-16 16:42:19 +02008754 return ssl_sock_load_cert(args[cur_arg + 1], conf, err);
Emeric Brund94b3fe2012-09-20 18:23:56 +02008755}
8756
Willy Tarreaubbc91962019-10-16 16:42:19 +02008757/* parse the "crt-list" bind keyword. Returns a set of ERR_* flags possibly with an error in <err>. */
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01008758static int bind_parse_crt_list(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8759{
Willy Tarreaubbc91962019-10-16 16:42:19 +02008760 int err_code;
8761
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01008762 if (!*args[cur_arg + 1]) {
8763 memprintf(err, "'%s' : missing certificate location", args[cur_arg]);
8764 return ERR_ALERT | ERR_FATAL;
8765 }
8766
Willy Tarreaubbc91962019-10-16 16:42:19 +02008767 err_code = ssl_sock_load_cert_list_file(args[cur_arg + 1], conf, px, err);
8768 if (err_code)
Willy Tarreauad1731d2013-04-02 17:35:58 +02008769 memprintf(err, "'%s' : %s", args[cur_arg], *err);
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01008770
Willy Tarreaubbc91962019-10-16 16:42:19 +02008771 return err_code;
Emmanuel Hocdetfe616562013-01-22 15:31:15 +01008772}
8773
Emeric Brunfb510ea2012-10-05 12:00:26 +02008774/* parse the "crl-file" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008775static int ssl_bind_parse_crl_file(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Emeric Brund94b3fe2012-09-20 18:23:56 +02008776{
Emeric Brun051cdab2012-10-02 19:25:50 +02008777#ifndef X509_V_FLAG_CRL_CHECK
Tim Duesterhus93128532019-11-23 23:45:10 +01008778 memprintf(err, "'%s' : library does not support CRL verify", args[cur_arg]);
Emeric Brun051cdab2012-10-02 19:25:50 +02008779 return ERR_ALERT | ERR_FATAL;
8780#else
Emeric Brund94b3fe2012-09-20 18:23:56 +02008781 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008782 memprintf(err, "'%s' : missing CRLfile path", args[cur_arg]);
Emeric Brund94b3fe2012-09-20 18:23:56 +02008783 return ERR_ALERT | ERR_FATAL;
8784 }
Emeric Brun2b58d042012-09-20 17:10:03 +02008785
Willy Tarreauef934602016-12-22 23:12:01 +01008786 if ((*args[cur_arg + 1] != '/') && global_ssl.ca_base)
8787 memprintf(&conf->crl_file, "%s/%s", global_ssl.ca_base, args[cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +02008788 else
8789 memprintf(&conf->crl_file, "%s", args[cur_arg + 1]);
Emeric Brunc8e8d122012-10-02 18:42:10 +02008790
Emmanuel Hocdetb270e812019-11-21 19:09:31 +01008791 if (!ssl_store_load_locations_file(conf->crl_file)) {
8792 memprintf(err, "'%s' : unable to load %s", args[cur_arg], conf->crl_file);
8793 return ERR_ALERT | ERR_FATAL;
8794 }
Emeric Brun2b58d042012-09-20 17:10:03 +02008795 return 0;
Emeric Brun051cdab2012-10-02 19:25:50 +02008796#endif
Emeric Brun2b58d042012-09-20 17:10:03 +02008797}
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008798static int bind_parse_crl_file(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8799{
8800 return ssl_bind_parse_crl_file(args, cur_arg, px, &conf->ssl_conf, err);
8801}
Emeric Brun2b58d042012-09-20 17:10:03 +02008802
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01008803/* parse the "curves" bind keyword keyword */
8804static int ssl_bind_parse_curves(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
8805{
Lukas Tribusd14b49c2019-11-24 18:20:40 +01008806#if ((HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL) || defined(LIBRESSL_VERSION_NUMBER))
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01008807 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008808 memprintf(err, "'%s' : missing curve suite", args[cur_arg]);
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01008809 return ERR_ALERT | ERR_FATAL;
8810 }
8811 conf->curves = strdup(args[cur_arg + 1]);
8812 return 0;
8813#else
Tim Duesterhus93128532019-11-23 23:45:10 +01008814 memprintf(err, "'%s' : library does not support curve suite", args[cur_arg]);
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +01008815 return ERR_ALERT | ERR_FATAL;
8816#endif
8817}
8818static int bind_parse_curves(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8819{
8820 return ssl_bind_parse_curves(args, cur_arg, px, &conf->ssl_conf, err);
8821}
8822
Bertrand Jacquinff13c062016-11-13 16:37:11 +00008823/* parse the "ecdhe" bind keyword keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008824static int ssl_bind_parse_ecdhe(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Emeric Brun2b58d042012-09-20 17:10:03 +02008825{
Willy Tarreau9a1ab082019-05-09 13:26:41 +02008826#if HA_OPENSSL_VERSION_NUMBER < 0x0090800fL
Tim Duesterhus93128532019-11-23 23:45:10 +01008827 memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (too old)", args[cur_arg]);
Emeric Brun2b58d042012-09-20 17:10:03 +02008828 return ERR_ALERT | ERR_FATAL;
8829#elif defined(OPENSSL_NO_ECDH)
Tim Duesterhus93128532019-11-23 23:45:10 +01008830 memprintf(err, "'%s' : library does not support elliptic curve Diffie-Hellman (disabled via OPENSSL_NO_ECDH)", args[cur_arg]);
Emeric Brun2b58d042012-09-20 17:10:03 +02008831 return ERR_ALERT | ERR_FATAL;
8832#else
8833 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008834 memprintf(err, "'%s' : missing named curve", args[cur_arg]);
Emeric Brun2b58d042012-09-20 17:10:03 +02008835 return ERR_ALERT | ERR_FATAL;
8836 }
8837
8838 conf->ecdhe = strdup(args[cur_arg + 1]);
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008839
8840 return 0;
Emeric Brun2b58d042012-09-20 17:10:03 +02008841#endif
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008842}
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008843static int bind_parse_ecdhe(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8844{
8845 return ssl_bind_parse_ecdhe(args, cur_arg, px, &conf->ssl_conf, err);
8846}
Willy Tarreau79eeafa2012-09-14 07:53:05 +02008847
Bertrand Jacquinff13c062016-11-13 16:37:11 +00008848/* parse the "crt-ignore-err" and "ca-ignore-err" bind keywords */
Emeric Brun81c00f02012-09-21 14:31:21 +02008849static int bind_parse_ignore_err(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8850{
8851 int code;
8852 char *p = args[cur_arg + 1];
8853 unsigned long long *ignerr = &conf->crt_ignerr;
8854
8855 if (!*p) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008856 memprintf(err, "'%s' : missing error IDs list", args[cur_arg]);
Emeric Brun81c00f02012-09-21 14:31:21 +02008857 return ERR_ALERT | ERR_FATAL;
8858 }
8859
8860 if (strcmp(args[cur_arg], "ca-ignore-err") == 0)
8861 ignerr = &conf->ca_ignerr;
8862
8863 if (strcmp(p, "all") == 0) {
8864 *ignerr = ~0ULL;
8865 return 0;
8866 }
8867
8868 while (p) {
8869 code = atoi(p);
8870 if ((code <= 0) || (code > 63)) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008871 memprintf(err, "'%s' : ID '%d' out of range (1..63) in error IDs list '%s'",
8872 args[cur_arg], code, args[cur_arg + 1]);
Emeric Brun81c00f02012-09-21 14:31:21 +02008873 return ERR_ALERT | ERR_FATAL;
8874 }
8875 *ignerr |= 1ULL << code;
8876 p = strchr(p, ',');
8877 if (p)
8878 p++;
8879 }
8880
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008881 return 0;
8882}
8883
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008884/* parse tls_method_options "no-xxx" and "force-xxx" */
8885static int parse_tls_method_options(char *arg, struct tls_version_filter *methods, char **err)
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008886{
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008887 uint16_t v;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008888 char *p;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008889 p = strchr(arg, '-');
8890 if (!p)
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008891 goto fail;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008892 p++;
8893 if (!strcmp(p, "sslv3"))
8894 v = CONF_SSLV3;
8895 else if (!strcmp(p, "tlsv10"))
8896 v = CONF_TLSV10;
8897 else if (!strcmp(p, "tlsv11"))
8898 v = CONF_TLSV11;
8899 else if (!strcmp(p, "tlsv12"))
8900 v = CONF_TLSV12;
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +02008901 else if (!strcmp(p, "tlsv13"))
8902 v = CONF_TLSV13;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008903 else
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008904 goto fail;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008905 if (!strncmp(arg, "no-", 3))
8906 methods->flags |= methodVersions[v].flag;
8907 else if (!strncmp(arg, "force-", 6))
8908 methods->min = methods->max = v;
8909 else
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008910 goto fail;
Emeric Brun2d0c4822012-10-02 13:45:20 +02008911 return 0;
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008912 fail:
Tim Duesterhus93128532019-11-23 23:45:10 +01008913 memprintf(err, "'%s' : option not implemented", arg);
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008914 return ERR_ALERT | ERR_FATAL;
Emeric Brun2d0c4822012-10-02 13:45:20 +02008915}
8916
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008917static int bind_parse_tls_method_options(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008918{
Emmanuel Hocdet43664762017-08-09 18:26:20 +02008919 return parse_tls_method_options(args[cur_arg], &conf->ssl_conf.ssl_methods, err);
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008920}
8921
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008922static int srv_parse_tls_method_options(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008923{
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008924 return parse_tls_method_options(args[*cur_arg], &newsrv->ssl_ctx.methods, err);
8925}
8926
8927/* parse tls_method min/max: "ssl-min-ver" and "ssl-max-ver" */
8928static int parse_tls_method_minmax(char **args, int cur_arg, struct tls_version_filter *methods, char **err)
8929{
8930 uint16_t i, v = 0;
8931 char *argv = args[cur_arg + 1];
8932 if (!*argv) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008933 memprintf(err, "'%s' : missing the ssl/tls version", args[cur_arg]);
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008934 return ERR_ALERT | ERR_FATAL;
8935 }
8936 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
8937 if (!strcmp(argv, methodVersions[i].name))
8938 v = i;
8939 if (!v) {
Tim Duesterhus93128532019-11-23 23:45:10 +01008940 memprintf(err, "'%s' : unknown ssl/tls version", args[cur_arg + 1]);
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02008941 return ERR_ALERT | ERR_FATAL;
8942 }
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008943 if (!strcmp("ssl-min-ver", args[cur_arg]))
8944 methods->min = v;
8945 else if (!strcmp("ssl-max-ver", args[cur_arg]))
8946 methods->max = v;
8947 else {
Tim Duesterhus93128532019-11-23 23:45:10 +01008948 memprintf(err, "'%s' : option not implemented", args[cur_arg]);
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008949 return ERR_ALERT | ERR_FATAL;
8950 }
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008951 return 0;
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008952}
Emeric Brun2cb7ae52012-10-05 14:14:21 +02008953
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02008954static int ssl_bind_parse_tls_method_minmax(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
8955{
Willy Tarreau9a1ab082019-05-09 13:26:41 +02008956#if (HA_OPENSSL_VERSION_NUMBER < 0x10101000L) && !defined(OPENSSL_IS_BORINGSSL)
Christopher Faulet767a84b2017-11-24 16:50:31 +01008957 ha_warning("crt-list: ssl-min-ver and ssl-max-ver are not supported with this Openssl version (skipped).\n");
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +02008958#endif
8959 return parse_tls_method_minmax(args, cur_arg, &conf->ssl_methods, err);
8960}
8961
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008962static int bind_parse_tls_method_minmax(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8963{
Emmanuel Hocdet43664762017-08-09 18:26:20 +02008964 return parse_tls_method_minmax(args, cur_arg, &conf->ssl_conf.ssl_methods, err);
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02008965}
8966
8967static int srv_parse_tls_method_minmax(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
8968{
8969 return parse_tls_method_minmax(args, *cur_arg, &newsrv->ssl_ctx.methods, err);
8970}
8971
Emeric Brun2d0c4822012-10-02 13:45:20 +02008972/* parse the "no-tls-tickets" bind keyword */
Emmanuel Hocdet4608ed92017-01-20 13:06:27 +01008973static int bind_parse_no_tls_tickets(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Emeric Brun2d0c4822012-10-02 13:45:20 +02008974{
Emeric Brun89675492012-10-05 13:48:26 +02008975 conf->ssl_options |= BC_SSL_O_NO_TLS_TICKETS;
Emeric Brun81c00f02012-09-21 14:31:21 +02008976 return 0;
8977}
Emeric Brun2d0c4822012-10-02 13:45:20 +02008978
Olivier Houchardc2aae742017-09-22 18:26:28 +02008979/* parse the "allow-0rtt" bind keyword */
8980static int ssl_bind_parse_allow_0rtt(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
8981{
8982 conf->early_data = 1;
8983 return 0;
8984}
8985
8986static int bind_parse_allow_0rtt(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
8987{
Olivier Houchard9679ac92017-10-27 14:58:08 +02008988 conf->ssl_conf.early_data = 1;
Olivier Houchardc2aae742017-09-22 18:26:28 +02008989 return 0;
8990}
8991
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02008992/* parse the "npn" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01008993static int ssl_bind_parse_npn(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02008994{
Bernard Spil13c53f82018-02-15 13:34:58 +01008995#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02008996 char *p1, *p2;
8997
8998 if (!*args[cur_arg + 1]) {
8999 memprintf(err, "'%s' : missing the comma-delimited NPN protocol suite", args[cur_arg]);
9000 return ERR_ALERT | ERR_FATAL;
9001 }
9002
9003 free(conf->npn_str);
9004
Willy Tarreau3724da12016-02-12 17:11:12 +01009005 /* the NPN string is built as a suite of (<len> <name>)*,
9006 * so we reuse each comma to store the next <len> and need
9007 * one more for the end of the string.
9008 */
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02009009 conf->npn_len = strlen(args[cur_arg + 1]) + 1;
Willy Tarreau3724da12016-02-12 17:11:12 +01009010 conf->npn_str = calloc(1, conf->npn_len + 1);
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02009011 memcpy(conf->npn_str + 1, args[cur_arg + 1], conf->npn_len);
9012
9013 /* replace commas with the name length */
9014 p1 = conf->npn_str;
9015 p2 = p1 + 1;
9016 while (1) {
9017 p2 = memchr(p1 + 1, ',', conf->npn_str + conf->npn_len - (p1 + 1));
9018 if (!p2)
9019 p2 = p1 + 1 + strlen(p1 + 1);
9020
9021 if (p2 - (p1 + 1) > 255) {
9022 *p2 = '\0';
9023 memprintf(err, "'%s' : NPN protocol name too long : '%s'", args[cur_arg], p1 + 1);
9024 return ERR_ALERT | ERR_FATAL;
9025 }
9026
9027 *p1 = p2 - (p1 + 1);
9028 p1 = p2;
9029
9030 if (!*p2)
9031 break;
9032
9033 *(p2++) = '\0';
9034 }
9035 return 0;
9036#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009037 memprintf(err, "'%s' : library does not support TLS NPN extension", args[cur_arg]);
Willy Tarreau6c9a3d52012-10-18 18:57:14 +02009038 return ERR_ALERT | ERR_FATAL;
9039#endif
9040}
9041
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009042static int bind_parse_npn(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9043{
9044 return ssl_bind_parse_npn(args, cur_arg, px, &conf->ssl_conf, err);
9045}
9046
Willy Tarreauab861d32013-04-02 02:30:41 +02009047/* parse the "alpn" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009048static int ssl_bind_parse_alpn(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Willy Tarreauab861d32013-04-02 02:30:41 +02009049{
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +01009050#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Willy Tarreauab861d32013-04-02 02:30:41 +02009051 char *p1, *p2;
9052
9053 if (!*args[cur_arg + 1]) {
9054 memprintf(err, "'%s' : missing the comma-delimited ALPN protocol suite", args[cur_arg]);
9055 return ERR_ALERT | ERR_FATAL;
9056 }
9057
9058 free(conf->alpn_str);
9059
Marcoen Hirschbergbef60912016-02-12 17:05:24 +01009060 /* the ALPN string is built as a suite of (<len> <name>)*,
9061 * so we reuse each comma to store the next <len> and need
9062 * one more for the end of the string.
9063 */
Willy Tarreauab861d32013-04-02 02:30:41 +02009064 conf->alpn_len = strlen(args[cur_arg + 1]) + 1;
Marcoen Hirschbergbef60912016-02-12 17:05:24 +01009065 conf->alpn_str = calloc(1, conf->alpn_len + 1);
Willy Tarreauab861d32013-04-02 02:30:41 +02009066 memcpy(conf->alpn_str + 1, args[cur_arg + 1], conf->alpn_len);
9067
9068 /* replace commas with the name length */
9069 p1 = conf->alpn_str;
9070 p2 = p1 + 1;
9071 while (1) {
9072 p2 = memchr(p1 + 1, ',', conf->alpn_str + conf->alpn_len - (p1 + 1));
9073 if (!p2)
9074 p2 = p1 + 1 + strlen(p1 + 1);
9075
9076 if (p2 - (p1 + 1) > 255) {
9077 *p2 = '\0';
9078 memprintf(err, "'%s' : ALPN protocol name too long : '%s'", args[cur_arg], p1 + 1);
9079 return ERR_ALERT | ERR_FATAL;
9080 }
9081
9082 *p1 = p2 - (p1 + 1);
9083 p1 = p2;
9084
9085 if (!*p2)
9086 break;
9087
9088 *(p2++) = '\0';
9089 }
9090 return 0;
9091#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009092 memprintf(err, "'%s' : library does not support TLS ALPN extension", args[cur_arg]);
Willy Tarreauab861d32013-04-02 02:30:41 +02009093 return ERR_ALERT | ERR_FATAL;
9094#endif
9095}
9096
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009097static int bind_parse_alpn(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9098{
9099 return ssl_bind_parse_alpn(args, cur_arg, px, &conf->ssl_conf, err);
9100}
9101
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009102/* parse the "ssl" bind keyword */
Willy Tarreau4348fad2012-09-20 16:48:07 +02009103static int bind_parse_ssl(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009104{
Willy Tarreau71a8c7c2016-12-21 22:04:54 +01009105 conf->xprt = &ssl_sock;
Willy Tarreau4348fad2012-09-20 16:48:07 +02009106 conf->is_ssl = 1;
Emeric Brun76d88952012-10-05 15:47:31 +02009107
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009108 if (global_ssl.listen_default_ciphers && !conf->ssl_conf.ciphers)
9109 conf->ssl_conf.ciphers = strdup(global_ssl.listen_default_ciphers);
Emmanuel Hocdet839af572019-05-14 16:27:35 +02009110#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009111 if (global_ssl.listen_default_ciphersuites && !conf->ssl_conf.ciphersuites)
9112 conf->ssl_conf.ciphersuites = strdup(global_ssl.listen_default_ciphersuites);
9113#endif
Emmanuel Hocdet4608ed92017-01-20 13:06:27 +01009114 conf->ssl_options |= global_ssl.listen_default_ssloptions;
Emmanuel Hocdet43664762017-08-09 18:26:20 +02009115 conf->ssl_conf.ssl_methods.flags |= global_ssl.listen_default_sslmethods.flags;
9116 if (!conf->ssl_conf.ssl_methods.min)
9117 conf->ssl_conf.ssl_methods.min = global_ssl.listen_default_sslmethods.min;
9118 if (!conf->ssl_conf.ssl_methods.max)
9119 conf->ssl_conf.ssl_methods.max = global_ssl.listen_default_sslmethods.max;
Emeric Brun76d88952012-10-05 15:47:31 +02009120
Willy Tarreau79eeafa2012-09-14 07:53:05 +02009121 return 0;
9122}
9123
Lukas Tribus53ae85c2017-05-04 15:45:40 +00009124/* parse the "prefer-client-ciphers" bind keyword */
9125static int bind_parse_pcc(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9126{
9127 conf->ssl_options |= BC_SSL_O_PREF_CLIE_CIPH;
9128 return 0;
9129}
9130
Christopher Faulet31af49d2015-06-09 17:29:50 +02009131/* parse the "generate-certificates" bind keyword */
9132static int bind_parse_generate_certs(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9133{
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +01009134#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Christopher Faulet31af49d2015-06-09 17:29:50 +02009135 conf->generate_certs = 1;
9136#else
9137 memprintf(err, "%sthis version of openssl cannot generate SSL certificates.\n",
9138 err && *err ? *err : "");
9139#endif
9140 return 0;
9141}
9142
Emmanuel Hocdet65623372013-01-24 17:17:15 +01009143/* parse the "strict-sni" bind keyword */
9144static int bind_parse_strict_sni(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9145{
9146 conf->strict_sni = 1;
9147 return 0;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009148}
9149
9150/* parse the "tls-ticket-keys" bind keyword */
9151static int bind_parse_tls_ticket_keys(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9152{
9153#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
Christopher Faulete566f3d2019-10-21 09:55:49 +02009154 FILE *f = NULL;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009155 int i = 0;
9156 char thisline[LINESIZE];
Christopher Faulete566f3d2019-10-21 09:55:49 +02009157 struct tls_keys_ref *keys_ref = NULL;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009158
9159 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009160 memprintf(err, "'%s' : missing TLS ticket keys file path", args[cur_arg]);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009161 goto fail;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009162 }
9163
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02009164 keys_ref = tlskeys_ref_lookup(args[cur_arg + 1]);
Willy Tarreau17b4aa12018-07-17 10:05:32 +02009165 if (keys_ref) {
9166 keys_ref->refcount++;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02009167 conf->keys_ref = keys_ref;
9168 return 0;
9169 }
9170
Christopher Faulete566f3d2019-10-21 09:55:49 +02009171 keys_ref = calloc(1, sizeof(*keys_ref));
Emeric Brun09852f72019-01-10 10:51:13 +01009172 if (!keys_ref) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009173 memprintf(err, "'%s' : allocation error", args[cur_arg+1]);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009174 goto fail;
Emeric Brun09852f72019-01-10 10:51:13 +01009175 }
9176
Emeric Brun9e754772019-01-10 17:51:55 +01009177 keys_ref->tlskeys = malloc(TLS_TICKETS_NO * sizeof(union tls_sess_key));
Emeric Brun09852f72019-01-10 10:51:13 +01009178 if (!keys_ref->tlskeys) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009179 memprintf(err, "'%s' : allocation error", args[cur_arg+1]);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009180 goto fail;
Emeric Brun09852f72019-01-10 10:51:13 +01009181 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009182
9183 if ((f = fopen(args[cur_arg + 1], "r")) == NULL) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009184 memprintf(err, "'%s' : unable to load ssl tickets keys file", args[cur_arg+1]);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009185 goto fail;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009186 }
9187
Nenad Merdanovic146defa2015-05-09 08:46:00 +02009188 keys_ref->filename = strdup(args[cur_arg + 1]);
Emeric Brun09852f72019-01-10 10:51:13 +01009189 if (!keys_ref->filename) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009190 memprintf(err, "'%s' : allocation error", args[cur_arg+1]);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009191 goto fail;
Emeric Brun09852f72019-01-10 10:51:13 +01009192 }
Nenad Merdanovic146defa2015-05-09 08:46:00 +02009193
Emeric Brun9e754772019-01-10 17:51:55 +01009194 keys_ref->key_size_bits = 0;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009195 while (fgets(thisline, sizeof(thisline), f) != NULL) {
9196 int len = strlen(thisline);
Emeric Brun9e754772019-01-10 17:51:55 +01009197 int dec_size;
9198
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009199 /* Strip newline characters from the end */
9200 if(thisline[len - 1] == '\n')
9201 thisline[--len] = 0;
9202
9203 if(thisline[len - 1] == '\r')
9204 thisline[--len] = 0;
9205
Emeric Brun9e754772019-01-10 17:51:55 +01009206 dec_size = base64dec(thisline, len, (char *) (keys_ref->tlskeys + i % TLS_TICKETS_NO), sizeof(union tls_sess_key));
9207 if (dec_size < 0) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009208 memprintf(err, "'%s' : unable to decode base64 key on line %d", args[cur_arg+1], i + 1);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009209 goto fail;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009210 }
Emeric Brun9e754772019-01-10 17:51:55 +01009211 else if (!keys_ref->key_size_bits && (dec_size == sizeof(struct tls_sess_key_128))) {
9212 keys_ref->key_size_bits = 128;
9213 }
9214 else if (!keys_ref->key_size_bits && (dec_size == sizeof(struct tls_sess_key_256))) {
9215 keys_ref->key_size_bits = 256;
9216 }
9217 else if (((dec_size != sizeof(struct tls_sess_key_128)) && (dec_size != sizeof(struct tls_sess_key_256)))
9218 || ((dec_size == sizeof(struct tls_sess_key_128) && (keys_ref->key_size_bits != 128)))
9219 || ((dec_size == sizeof(struct tls_sess_key_256) && (keys_ref->key_size_bits != 256)))) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009220 memprintf(err, "'%s' : wrong sized key on line %d", args[cur_arg+1], i + 1);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009221 goto fail;
Emeric Brun9e754772019-01-10 17:51:55 +01009222 }
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009223 i++;
9224 }
9225
9226 if (i < TLS_TICKETS_NO) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009227 memprintf(err, "'%s' : please supply at least %d keys in the tls-tickets-file", args[cur_arg+1], TLS_TICKETS_NO);
Christopher Faulete566f3d2019-10-21 09:55:49 +02009228 goto fail;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009229 }
9230
9231 fclose(f);
9232
9233 /* Use penultimate key for encryption, handle when TLS_TICKETS_NO = 1 */
Nenad Merdanovic17891152016-03-25 22:16:57 +01009234 i -= 2;
9235 keys_ref->tls_ticket_enc_index = i < 0 ? 0 : i % TLS_TICKETS_NO;
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02009236 keys_ref->unique_id = -1;
Willy Tarreau17b4aa12018-07-17 10:05:32 +02009237 keys_ref->refcount = 1;
Christopher Faulet16f45c82018-02-16 11:23:49 +01009238 HA_RWLOCK_INIT(&keys_ref->lock);
Nenad Merdanovic146defa2015-05-09 08:46:00 +02009239 conf->keys_ref = keys_ref;
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009240
Nenad Merdanovic200b0fa2015-05-09 08:46:01 +02009241 LIST_ADD(&tlskeys_reference, &keys_ref->list);
9242
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009243 return 0;
Christopher Faulete566f3d2019-10-21 09:55:49 +02009244
9245 fail:
9246 if (f)
9247 fclose(f);
9248 if (keys_ref) {
9249 free(keys_ref->filename);
9250 free(keys_ref->tlskeys);
9251 free(keys_ref);
9252 }
9253 return ERR_ALERT | ERR_FATAL;
9254
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009255#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009256 memprintf(err, "'%s' : TLS ticket callback extension not supported", args[cur_arg]);
Nenad Merdanovic05552d42015-02-27 19:56:49 +01009257 return ERR_ALERT | ERR_FATAL;
9258#endif /* SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB */
Emmanuel Hocdet65623372013-01-24 17:17:15 +01009259}
9260
Emeric Brund94b3fe2012-09-20 18:23:56 +02009261/* parse the "verify" bind keyword */
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009262static int ssl_bind_parse_verify(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
Emeric Brund94b3fe2012-09-20 18:23:56 +02009263{
9264 if (!*args[cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009265 memprintf(err, "'%s' : missing verify method", args[cur_arg]);
Emeric Brund94b3fe2012-09-20 18:23:56 +02009266 return ERR_ALERT | ERR_FATAL;
9267 }
9268
9269 if (strcmp(args[cur_arg + 1], "none") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01009270 conf->verify = SSL_SOCK_VERIFY_NONE;
Emeric Brund94b3fe2012-09-20 18:23:56 +02009271 else if (strcmp(args[cur_arg + 1], "optional") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01009272 conf->verify = SSL_SOCK_VERIFY_OPTIONAL;
Emeric Brund94b3fe2012-09-20 18:23:56 +02009273 else if (strcmp(args[cur_arg + 1], "required") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01009274 conf->verify = SSL_SOCK_VERIFY_REQUIRED;
Emeric Brund94b3fe2012-09-20 18:23:56 +02009275 else {
Tim Duesterhus93128532019-11-23 23:45:10 +01009276 memprintf(err, "'%s' : unknown verify method '%s', only 'none', 'optional', and 'required' are supported\n",
9277 args[cur_arg], args[cur_arg + 1]);
Emeric Brund94b3fe2012-09-20 18:23:56 +02009278 return ERR_ALERT | ERR_FATAL;
9279 }
9280
9281 return 0;
9282}
Emmanuel Hocdet98263292016-12-29 18:26:15 +01009283static int bind_parse_verify(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9284{
9285 return ssl_bind_parse_verify(args, cur_arg, px, &conf->ssl_conf, err);
9286}
Emeric Brund94b3fe2012-09-20 18:23:56 +02009287
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +02009288/* parse the "no-ca-names" bind keyword */
9289static int ssl_bind_parse_no_ca_names(char **args, int cur_arg, struct proxy *px, struct ssl_bind_conf *conf, char **err)
9290{
9291 conf->no_ca_names = 1;
9292 return 0;
9293}
9294static int bind_parse_no_ca_names(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
9295{
9296 return ssl_bind_parse_no_ca_names(args, cur_arg, px, &conf->ssl_conf, err);
9297}
9298
Willy Tarreau92faadf2012-10-10 23:04:25 +02009299/************** "server" keywords ****************/
9300
Olivier Houchardc7566002018-11-20 23:33:50 +01009301/* parse the "npn" bind keyword */
9302static int srv_parse_npn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9303{
9304#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
9305 char *p1, *p2;
9306
9307 if (!*args[*cur_arg + 1]) {
9308 memprintf(err, "'%s' : missing the comma-delimited NPN protocol suite", args[*cur_arg]);
9309 return ERR_ALERT | ERR_FATAL;
9310 }
9311
9312 free(newsrv->ssl_ctx.npn_str);
9313
9314 /* the NPN string is built as a suite of (<len> <name>)*,
9315 * so we reuse each comma to store the next <len> and need
9316 * one more for the end of the string.
9317 */
9318 newsrv->ssl_ctx.npn_len = strlen(args[*cur_arg + 1]) + 1;
9319 newsrv->ssl_ctx.npn_str = calloc(1, newsrv->ssl_ctx.npn_len + 1);
9320 memcpy(newsrv->ssl_ctx.npn_str + 1, args[*cur_arg + 1],
9321 newsrv->ssl_ctx.npn_len);
9322
9323 /* replace commas with the name length */
9324 p1 = newsrv->ssl_ctx.npn_str;
9325 p2 = p1 + 1;
9326 while (1) {
9327 p2 = memchr(p1 + 1, ',', newsrv->ssl_ctx.npn_str +
9328 newsrv->ssl_ctx.npn_len - (p1 + 1));
9329 if (!p2)
9330 p2 = p1 + 1 + strlen(p1 + 1);
9331
9332 if (p2 - (p1 + 1) > 255) {
9333 *p2 = '\0';
9334 memprintf(err, "'%s' : NPN protocol name too long : '%s'", args[*cur_arg], p1 + 1);
9335 return ERR_ALERT | ERR_FATAL;
9336 }
9337
9338 *p1 = p2 - (p1 + 1);
9339 p1 = p2;
9340
9341 if (!*p2)
9342 break;
9343
9344 *(p2++) = '\0';
9345 }
9346 return 0;
9347#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009348 memprintf(err, "'%s' : library does not support TLS NPN extension", args[*cur_arg]);
Olivier Houchardc7566002018-11-20 23:33:50 +01009349 return ERR_ALERT | ERR_FATAL;
9350#endif
9351}
9352
Olivier Houchard92150142018-12-21 19:47:01 +01009353/* parse the "alpn" or the "check-alpn" server keyword */
Olivier Houchardc7566002018-11-20 23:33:50 +01009354static int srv_parse_alpn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9355{
9356#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
9357 char *p1, *p2;
Olivier Houchard92150142018-12-21 19:47:01 +01009358 char **alpn_str;
9359 int *alpn_len;
Olivier Houchardc7566002018-11-20 23:33:50 +01009360
Olivier Houchard92150142018-12-21 19:47:01 +01009361 if (*args[*cur_arg] == 'c') {
9362 alpn_str = &newsrv->check.alpn_str;
9363 alpn_len = &newsrv->check.alpn_len;
9364 } else {
9365 alpn_str = &newsrv->ssl_ctx.alpn_str;
9366 alpn_len = &newsrv->ssl_ctx.alpn_len;
9367
9368 }
Olivier Houchardc7566002018-11-20 23:33:50 +01009369 if (!*args[*cur_arg + 1]) {
9370 memprintf(err, "'%s' : missing the comma-delimited ALPN protocol suite", args[*cur_arg]);
9371 return ERR_ALERT | ERR_FATAL;
9372 }
9373
Olivier Houchard92150142018-12-21 19:47:01 +01009374 free(*alpn_str);
Olivier Houchardc7566002018-11-20 23:33:50 +01009375
9376 /* the ALPN string is built as a suite of (<len> <name>)*,
9377 * so we reuse each comma to store the next <len> and need
9378 * one more for the end of the string.
9379 */
Olivier Houchard92150142018-12-21 19:47:01 +01009380 *alpn_len = strlen(args[*cur_arg + 1]) + 1;
9381 *alpn_str = calloc(1, *alpn_len + 1);
9382 memcpy(*alpn_str + 1, args[*cur_arg + 1], *alpn_len);
Olivier Houchardc7566002018-11-20 23:33:50 +01009383
9384 /* replace commas with the name length */
Olivier Houchard92150142018-12-21 19:47:01 +01009385 p1 = *alpn_str;
Olivier Houchardc7566002018-11-20 23:33:50 +01009386 p2 = p1 + 1;
9387 while (1) {
Olivier Houchard92150142018-12-21 19:47:01 +01009388 p2 = memchr(p1 + 1, ',', *alpn_str + *alpn_len - (p1 + 1));
Olivier Houchardc7566002018-11-20 23:33:50 +01009389 if (!p2)
9390 p2 = p1 + 1 + strlen(p1 + 1);
9391
9392 if (p2 - (p1 + 1) > 255) {
9393 *p2 = '\0';
9394 memprintf(err, "'%s' : ALPN protocol name too long : '%s'", args[*cur_arg], p1 + 1);
9395 return ERR_ALERT | ERR_FATAL;
9396 }
9397
9398 *p1 = p2 - (p1 + 1);
9399 p1 = p2;
9400
9401 if (!*p2)
9402 break;
9403
9404 *(p2++) = '\0';
9405 }
9406 return 0;
9407#else
Tim Duesterhus93128532019-11-23 23:45:10 +01009408 memprintf(err, "'%s' : library does not support TLS ALPN extension", args[*cur_arg]);
Olivier Houchardc7566002018-11-20 23:33:50 +01009409 return ERR_ALERT | ERR_FATAL;
9410#endif
9411}
9412
Emeric Brunef42d922012-10-11 16:11:36 +02009413/* parse the "ca-file" server keyword */
9414static int srv_parse_ca_file(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9415{
9416 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009417 memprintf(err, "'%s' : missing CAfile path", args[*cur_arg]);
Emeric Brunef42d922012-10-11 16:11:36 +02009418 return ERR_ALERT | ERR_FATAL;
9419 }
9420
Willy Tarreauef934602016-12-22 23:12:01 +01009421 if ((*args[*cur_arg + 1] != '/') && global_ssl.ca_base)
9422 memprintf(&newsrv->ssl_ctx.ca_file, "%s/%s", global_ssl.ca_base, args[*cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +02009423 else
9424 memprintf(&newsrv->ssl_ctx.ca_file, "%s", args[*cur_arg + 1]);
9425
Emmanuel Hocdetd4f9a602019-10-24 11:32:47 +02009426 if (!ssl_store_load_locations_file(newsrv->ssl_ctx.ca_file)) {
9427 memprintf(err, "'%s' : unable to load %s", args[*cur_arg], newsrv->ssl_ctx.ca_file);
9428 return ERR_ALERT | ERR_FATAL;
9429 }
Emeric Brunef42d922012-10-11 16:11:36 +02009430 return 0;
9431}
9432
Olivier Houchard9130a962017-10-17 17:33:43 +02009433/* parse the "check-sni" server keyword */
9434static int srv_parse_check_sni(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9435{
9436 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009437 memprintf(err, "'%s' : missing SNI", args[*cur_arg]);
Olivier Houchard9130a962017-10-17 17:33:43 +02009438 return ERR_ALERT | ERR_FATAL;
9439 }
9440
9441 newsrv->check.sni = strdup(args[*cur_arg + 1]);
9442 if (!newsrv->check.sni) {
9443 memprintf(err, "'%s' : failed to allocate memory", args[*cur_arg]);
9444 return ERR_ALERT | ERR_FATAL;
9445 }
9446 return 0;
9447
9448}
9449
Willy Tarreau92faadf2012-10-10 23:04:25 +02009450/* parse the "check-ssl" server keyword */
9451static int srv_parse_check_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9452{
9453 newsrv->check.use_ssl = 1;
Willy Tarreauef934602016-12-22 23:12:01 +01009454 if (global_ssl.connect_default_ciphers && !newsrv->ssl_ctx.ciphers)
9455 newsrv->ssl_ctx.ciphers = strdup(global_ssl.connect_default_ciphers);
Emmanuel Hocdet839af572019-05-14 16:27:35 +02009456#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009457 if (global_ssl.connect_default_ciphersuites && !newsrv->ssl_ctx.ciphersuites)
9458 newsrv->ssl_ctx.ciphersuites = strdup(global_ssl.connect_default_ciphersuites);
9459#endif
Willy Tarreauef934602016-12-22 23:12:01 +01009460 newsrv->ssl_ctx.options |= global_ssl.connect_default_ssloptions;
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02009461 newsrv->ssl_ctx.methods.flags |= global_ssl.connect_default_sslmethods.flags;
9462 if (!newsrv->ssl_ctx.methods.min)
9463 newsrv->ssl_ctx.methods.min = global_ssl.connect_default_sslmethods.min;
9464 if (!newsrv->ssl_ctx.methods.max)
9465 newsrv->ssl_ctx.methods.max = global_ssl.connect_default_sslmethods.max;
9466
Willy Tarreau92faadf2012-10-10 23:04:25 +02009467 return 0;
9468}
9469
9470/* parse the "ciphers" server keyword */
9471static int srv_parse_ciphers(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9472{
9473 if (!*args[*cur_arg + 1]) {
9474 memprintf(err, "'%s' : missing cipher suite", args[*cur_arg]);
9475 return ERR_ALERT | ERR_FATAL;
9476 }
9477
9478 free(newsrv->ssl_ctx.ciphers);
9479 newsrv->ssl_ctx.ciphers = strdup(args[*cur_arg + 1]);
9480 return 0;
9481}
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009482
Emmanuel Hocdet839af572019-05-14 16:27:35 +02009483#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009484/* parse the "ciphersuites" server keyword */
9485static int srv_parse_ciphersuites(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9486{
9487 if (!*args[*cur_arg + 1]) {
9488 memprintf(err, "'%s' : missing cipher suite", args[*cur_arg]);
9489 return ERR_ALERT | ERR_FATAL;
9490 }
9491
9492 free(newsrv->ssl_ctx.ciphersuites);
9493 newsrv->ssl_ctx.ciphersuites = strdup(args[*cur_arg + 1]);
9494 return 0;
9495}
9496#endif
Willy Tarreau92faadf2012-10-10 23:04:25 +02009497
Emeric Brunef42d922012-10-11 16:11:36 +02009498/* parse the "crl-file" server keyword */
9499static int srv_parse_crl_file(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9500{
9501#ifndef X509_V_FLAG_CRL_CHECK
Tim Duesterhus93128532019-11-23 23:45:10 +01009502 memprintf(err, "'%s' : library does not support CRL verify", args[*cur_arg]);
Emeric Brunef42d922012-10-11 16:11:36 +02009503 return ERR_ALERT | ERR_FATAL;
9504#else
9505 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009506 memprintf(err, "'%s' : missing CRLfile path", args[*cur_arg]);
Emeric Brunef42d922012-10-11 16:11:36 +02009507 return ERR_ALERT | ERR_FATAL;
9508 }
9509
Willy Tarreauef934602016-12-22 23:12:01 +01009510 if ((*args[*cur_arg + 1] != '/') && global_ssl.ca_base)
9511 memprintf(&newsrv->ssl_ctx.crl_file, "%s/%s", global_ssl.ca_base, args[*cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +02009512 else
9513 memprintf(&newsrv->ssl_ctx.crl_file, "%s", args[*cur_arg + 1]);
9514
Emmanuel Hocdetb270e812019-11-21 19:09:31 +01009515 if (!ssl_store_load_locations_file(newsrv->ssl_ctx.crl_file)) {
9516 memprintf(err, "'%s' : unable to load %s", args[*cur_arg], newsrv->ssl_ctx.crl_file);
9517 return ERR_ALERT | ERR_FATAL;
9518 }
Emeric Brunef42d922012-10-11 16:11:36 +02009519 return 0;
9520#endif
9521}
9522
Emeric Bruna7aa3092012-10-26 12:58:00 +02009523/* parse the "crt" server keyword */
9524static int srv_parse_crt(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9525{
9526 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009527 memprintf(err, "'%s' : missing certificate file path", args[*cur_arg]);
Emeric Bruna7aa3092012-10-26 12:58:00 +02009528 return ERR_ALERT | ERR_FATAL;
9529 }
9530
Willy Tarreauef934602016-12-22 23:12:01 +01009531 if ((*args[*cur_arg + 1] != '/') && global_ssl.crt_base)
Christopher Fauletff3a41e2017-11-23 09:13:32 +01009532 memprintf(&newsrv->ssl_ctx.client_crt, "%s/%s", global_ssl.crt_base, args[*cur_arg + 1]);
Emeric Bruna7aa3092012-10-26 12:58:00 +02009533 else
9534 memprintf(&newsrv->ssl_ctx.client_crt, "%s", args[*cur_arg + 1]);
9535
9536 return 0;
9537}
Emeric Brunef42d922012-10-11 16:11:36 +02009538
Frédéric Lécaille340ae602017-03-13 10:38:04 +01009539/* parse the "no-check-ssl" server keyword */
9540static int srv_parse_no_check_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9541{
9542 newsrv->check.use_ssl = 0;
9543 free(newsrv->ssl_ctx.ciphers);
9544 newsrv->ssl_ctx.ciphers = NULL;
9545 newsrv->ssl_ctx.options &= ~global_ssl.connect_default_ssloptions;
9546 return 0;
9547}
9548
Frédéric Lécaillee892c4c2017-03-13 12:08:01 +01009549/* parse the "no-send-proxy-v2-ssl" server keyword */
9550static int srv_parse_no_send_proxy_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9551{
9552 newsrv->pp_opts &= ~SRV_PP_V2;
9553 newsrv->pp_opts &= ~SRV_PP_V2_SSL;
9554 return 0;
9555}
9556
9557/* parse the "no-send-proxy-v2-ssl-cn" server keyword */
9558static int srv_parse_no_send_proxy_cn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9559{
9560 newsrv->pp_opts &= ~SRV_PP_V2;
9561 newsrv->pp_opts &= ~SRV_PP_V2_SSL;
9562 newsrv->pp_opts &= ~SRV_PP_V2_SSL_CN;
9563 return 0;
9564}
9565
Frédéric Lécaillee381d762017-03-13 11:54:17 +01009566/* parse the "no-ssl" server keyword */
9567static int srv_parse_no_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9568{
9569 newsrv->use_ssl = 0;
9570 free(newsrv->ssl_ctx.ciphers);
9571 newsrv->ssl_ctx.ciphers = NULL;
9572 return 0;
9573}
9574
Olivier Houchard522eea72017-11-03 16:27:47 +01009575/* parse the "allow-0rtt" server keyword */
9576static int srv_parse_allow_0rtt(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9577{
9578 newsrv->ssl_ctx.options |= SRV_SSL_O_EARLY_DATA;
9579 return 0;
9580}
9581
Willy Tarreau2a3fb1c2015-02-05 16:47:07 +01009582/* parse the "no-ssl-reuse" server keyword */
9583static int srv_parse_no_ssl_reuse(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9584{
9585 newsrv->ssl_ctx.options |= SRV_SSL_O_NO_REUSE;
9586 return 0;
9587}
9588
Emeric Brunf9c5c472012-10-11 15:28:34 +02009589/* parse the "no-tls-tickets" server keyword */
9590static int srv_parse_no_tls_tickets(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9591{
9592 newsrv->ssl_ctx.options |= SRV_SSL_O_NO_TLS_TICKETS;
9593 return 0;
9594}
David Safb76832014-05-08 23:42:08 -04009595/* parse the "send-proxy-v2-ssl" server keyword */
9596static int srv_parse_send_proxy_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9597{
9598 newsrv->pp_opts |= SRV_PP_V2;
9599 newsrv->pp_opts |= SRV_PP_V2_SSL;
9600 return 0;
9601}
9602
9603/* parse the "send-proxy-v2-ssl-cn" server keyword */
9604static int srv_parse_send_proxy_cn(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9605{
9606 newsrv->pp_opts |= SRV_PP_V2;
9607 newsrv->pp_opts |= SRV_PP_V2_SSL;
9608 newsrv->pp_opts |= SRV_PP_V2_SSL_CN;
9609 return 0;
9610}
Emeric Brunf9c5c472012-10-11 15:28:34 +02009611
Willy Tarreau732eac42015-07-09 11:40:25 +02009612/* parse the "sni" server keyword */
9613static int srv_parse_sni(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9614{
9615#ifndef SSL_CTRL_SET_TLSEXT_HOSTNAME
9616 memprintf(err, "'%s' : the current SSL library doesn't support the SNI TLS extension", args[*cur_arg]);
9617 return ERR_ALERT | ERR_FATAL;
9618#else
Frédéric Lécaille9a146de2017-03-20 14:54:41 +01009619 char *arg;
Willy Tarreau732eac42015-07-09 11:40:25 +02009620
Frédéric Lécaille9a146de2017-03-20 14:54:41 +01009621 arg = args[*cur_arg + 1];
9622 if (!*arg) {
Willy Tarreau732eac42015-07-09 11:40:25 +02009623 memprintf(err, "'%s' : missing sni expression", args[*cur_arg]);
9624 return ERR_ALERT | ERR_FATAL;
9625 }
9626
Frédéric Lécaille9a146de2017-03-20 14:54:41 +01009627 free(newsrv->sni_expr);
9628 newsrv->sni_expr = strdup(arg);
Willy Tarreau732eac42015-07-09 11:40:25 +02009629
Willy Tarreau732eac42015-07-09 11:40:25 +02009630 return 0;
9631#endif
9632}
9633
Willy Tarreau92faadf2012-10-10 23:04:25 +02009634/* parse the "ssl" server keyword */
9635static int srv_parse_ssl(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9636{
9637 newsrv->use_ssl = 1;
Willy Tarreauef934602016-12-22 23:12:01 +01009638 if (global_ssl.connect_default_ciphers && !newsrv->ssl_ctx.ciphers)
9639 newsrv->ssl_ctx.ciphers = strdup(global_ssl.connect_default_ciphers);
Emmanuel Hocdet839af572019-05-14 16:27:35 +02009640#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +02009641 if (global_ssl.connect_default_ciphersuites && !newsrv->ssl_ctx.ciphersuites)
9642 newsrv->ssl_ctx.ciphersuites = strdup(global_ssl.connect_default_ciphersuites);
9643#endif
Willy Tarreau92faadf2012-10-10 23:04:25 +02009644 return 0;
9645}
9646
Frédéric Lécaille2cfcdbe2017-03-13 11:32:20 +01009647/* parse the "ssl-reuse" server keyword */
9648static int srv_parse_ssl_reuse(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9649{
9650 newsrv->ssl_ctx.options &= ~SRV_SSL_O_NO_REUSE;
9651 return 0;
9652}
9653
Frédéric Lécaille2cfcdbe2017-03-13 11:32:20 +01009654/* parse the "tls-tickets" server keyword */
9655static int srv_parse_tls_tickets(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9656{
9657 newsrv->ssl_ctx.options &= ~SRV_SSL_O_NO_TLS_TICKETS;
9658 return 0;
9659}
9660
Emeric Brunef42d922012-10-11 16:11:36 +02009661/* parse the "verify" server keyword */
9662static int srv_parse_verify(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9663{
9664 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009665 memprintf(err, "'%s' : missing verify method", args[*cur_arg]);
Emeric Brunef42d922012-10-11 16:11:36 +02009666 return ERR_ALERT | ERR_FATAL;
9667 }
9668
9669 if (strcmp(args[*cur_arg + 1], "none") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01009670 newsrv->ssl_ctx.verify = SSL_SOCK_VERIFY_NONE;
Emeric Brunef42d922012-10-11 16:11:36 +02009671 else if (strcmp(args[*cur_arg + 1], "required") == 0)
Emeric Brun850efd52014-01-29 12:24:34 +01009672 newsrv->ssl_ctx.verify = SSL_SOCK_VERIFY_REQUIRED;
Emeric Brunef42d922012-10-11 16:11:36 +02009673 else {
Tim Duesterhus93128532019-11-23 23:45:10 +01009674 memprintf(err, "'%s' : unknown verify method '%s', only 'none' and 'required' are supported\n",
9675 args[*cur_arg], args[*cur_arg + 1]);
Emeric Brunef42d922012-10-11 16:11:36 +02009676 return ERR_ALERT | ERR_FATAL;
9677 }
9678
Evan Broderbe554312013-06-27 00:05:25 -07009679 return 0;
9680}
9681
9682/* parse the "verifyhost" server keyword */
9683static int srv_parse_verifyhost(char **args, int *cur_arg, struct proxy *px, struct server *newsrv, char **err)
9684{
9685 if (!*args[*cur_arg + 1]) {
Tim Duesterhus93128532019-11-23 23:45:10 +01009686 memprintf(err, "'%s' : missing hostname to verify against", args[*cur_arg]);
Evan Broderbe554312013-06-27 00:05:25 -07009687 return ERR_ALERT | ERR_FATAL;
9688 }
9689
Frédéric Lécaille273f3212017-03-13 15:52:01 +01009690 free(newsrv->ssl_ctx.verify_host);
Evan Broderbe554312013-06-27 00:05:25 -07009691 newsrv->ssl_ctx.verify_host = strdup(args[*cur_arg + 1]);
9692
Emeric Brunef42d922012-10-11 16:11:36 +02009693 return 0;
9694}
9695
Emeric Brun2c86cbf2014-10-30 15:56:50 +01009696/* parse the "ssl-default-bind-options" keyword in global section */
9697static int ssl_parse_default_bind_options(char **args, int section_type, struct proxy *curpx,
9698 struct proxy *defpx, const char *file, int line,
9699 char **err) {
9700 int i = 1;
9701
9702 if (*(args[i]) == 0) {
9703 memprintf(err, "global statement '%s' expects an option as an argument.", args[0]);
9704 return -1;
9705 }
9706 while (*(args[i])) {
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02009707 if (!strcmp(args[i], "no-tls-tickets"))
Willy Tarreauef934602016-12-22 23:12:01 +01009708 global_ssl.listen_default_ssloptions |= BC_SSL_O_NO_TLS_TICKETS;
Lukas Tribus53ae85c2017-05-04 15:45:40 +00009709 else if (!strcmp(args[i], "prefer-client-ciphers"))
9710 global_ssl.listen_default_ssloptions |= BC_SSL_O_PREF_CLIE_CIPH;
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009711 else if (!strcmp(args[i], "ssl-min-ver") || !strcmp(args[i], "ssl-max-ver")) {
9712 if (!parse_tls_method_minmax(args, i, &global_ssl.listen_default_sslmethods, err))
9713 i++;
9714 else {
9715 memprintf(err, "%s on global statement '%s'.", *err, args[0]);
9716 return -1;
9717 }
9718 }
9719 else if (parse_tls_method_options(args[i], &global_ssl.listen_default_sslmethods, err)) {
Emeric Brun2c86cbf2014-10-30 15:56:50 +01009720 memprintf(err, "unknown option '%s' on global statement '%s'.", args[i], args[0]);
9721 return -1;
9722 }
9723 i++;
9724 }
9725 return 0;
9726}
9727
9728/* parse the "ssl-default-server-options" keyword in global section */
9729static int ssl_parse_default_server_options(char **args, int section_type, struct proxy *curpx,
9730 struct proxy *defpx, const char *file, int line,
9731 char **err) {
9732 int i = 1;
9733
9734 if (*(args[i]) == 0) {
9735 memprintf(err, "global statement '%s' expects an option as an argument.", args[0]);
9736 return -1;
9737 }
9738 while (*(args[i])) {
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +02009739 if (!strcmp(args[i], "no-tls-tickets"))
Willy Tarreauef934602016-12-22 23:12:01 +01009740 global_ssl.connect_default_ssloptions |= SRV_SSL_O_NO_TLS_TICKETS;
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +02009741 else if (!strcmp(args[i], "ssl-min-ver") || !strcmp(args[i], "ssl-max-ver")) {
9742 if (!parse_tls_method_minmax(args, i, &global_ssl.connect_default_sslmethods, err))
9743 i++;
9744 else {
9745 memprintf(err, "%s on global statement '%s'.", *err, args[0]);
9746 return -1;
9747 }
9748 }
9749 else if (parse_tls_method_options(args[i], &global_ssl.connect_default_sslmethods, err)) {
Emeric Brun2c86cbf2014-10-30 15:56:50 +01009750 memprintf(err, "unknown option '%s' on global statement '%s'.", args[i], args[0]);
9751 return -1;
9752 }
9753 i++;
9754 }
9755 return 0;
9756}
9757
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +01009758/* parse the "ca-base" / "crt-base" keywords in global section.
9759 * Returns <0 on alert, >0 on warning, 0 on success.
9760 */
9761static int ssl_parse_global_ca_crt_base(char **args, int section_type, struct proxy *curpx,
9762 struct proxy *defpx, const char *file, int line,
9763 char **err)
9764{
9765 char **target;
9766
Willy Tarreauef934602016-12-22 23:12:01 +01009767 target = (args[0][1] == 'a') ? &global_ssl.ca_base : &global_ssl.crt_base;
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +01009768
9769 if (too_many_args(1, args, err, NULL))
9770 return -1;
9771
9772 if (*target) {
9773 memprintf(err, "'%s' already specified.", args[0]);
9774 return -1;
9775 }
9776
9777 if (*(args[1]) == 0) {
9778 memprintf(err, "global statement '%s' expects a directory path as an argument.", args[0]);
9779 return -1;
9780 }
9781 *target = strdup(args[1]);
9782 return 0;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00009783}
9784
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +01009785/* "issuers-chain-path" load chain certificate in global */
9786static int ssl_load_global_issuer_from_BIO(BIO *in, char *fp, char **err)
9787{
9788 X509 *ca;
9789 X509_NAME *name = NULL;
9790 ASN1_OCTET_STRING *skid = NULL;
9791 STACK_OF(X509) *chain = NULL;
9792 struct issuer_chain *issuer;
9793 struct eb64_node *node;
9794 char *path;
9795 u64 key;
9796 int ret = 0;
9797
9798 while ((ca = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
9799 if (chain == NULL) {
9800 chain = sk_X509_new_null();
9801 skid = X509_get_ext_d2i(ca, NID_subject_key_identifier, NULL, NULL);
9802 name = X509_get_subject_name(ca);
9803 }
9804 if (!sk_X509_push(chain, ca)) {
9805 X509_free(ca);
9806 goto end;
9807 }
9808 }
9809 if (!chain) {
9810 memprintf(err, "unable to load issuers-chain %s : pem certificate not found.\n", fp);
9811 goto end;
9812 }
9813 if (!skid) {
9814 memprintf(err, "unable to load issuers-chain %s : SubjectKeyIdentifier not found.\n", fp);
9815 goto end;
9816 }
9817 if (!name) {
9818 memprintf(err, "unable to load issuers-chain %s : SubjectName not found.\n", fp);
9819 goto end;
9820 }
9821 key = XXH64(ASN1_STRING_get0_data(skid), ASN1_STRING_length(skid), 0);
9822 for (node = eb64_lookup(&global_ssl.cert_issuer_tree, key); node; node = eb64_next(node)) {
9823 issuer = container_of(node, typeof(*issuer), node);
9824 if (!X509_NAME_cmp(name, X509_get_subject_name(sk_X509_value(issuer->chain, 0)))) {
9825 memprintf(err, "duplicate issuers-chain %s: %s already in store\n", fp, issuer->path);
9826 goto end;
9827 }
9828 }
9829 issuer = calloc(1, sizeof *issuer);
9830 path = strdup(fp);
9831 if (!issuer || !path) {
9832 free(issuer);
9833 free(path);
9834 goto end;
9835 }
9836 issuer->node.key = key;
9837 issuer->path = path;
9838 issuer->chain = chain;
9839 chain = NULL;
9840 eb64_insert(&global_ssl.cert_issuer_tree, &issuer->node);
9841 ret = 1;
9842 end:
9843 if (skid)
9844 ASN1_OCTET_STRING_free(skid);
9845 if (chain)
9846 sk_X509_pop_free(chain, X509_free);
9847 return ret;
9848}
9849
9850static void ssl_free_global_issuers(void)
9851{
9852 struct eb64_node *node, *back;
9853 struct issuer_chain *issuer;
9854
9855 node = eb64_first(&global_ssl.cert_issuer_tree);
9856 while (node) {
9857 issuer = container_of(node, typeof(*issuer), node);
9858 back = eb64_next(node);
9859 eb64_delete(node);
9860 free(issuer->path);
9861 sk_X509_pop_free(issuer->chain, X509_free);
9862 free(issuer);
9863 node = back;
9864 }
9865}
9866
9867static int ssl_load_global_issuers_from_path(char **args, int section_type, struct proxy *curpx,
9868 struct proxy *defpx, const char *file, int line,
9869 char **err)
9870{
9871 char *path;
9872 struct dirent **de_list;
9873 int i, n;
9874 struct stat buf;
9875 char *end;
9876 char fp[MAXPATHLEN+1];
9877
9878 if (too_many_args(1, args, err, NULL))
9879 return -1;
9880
9881 path = args[1];
9882 if (*path == 0 || stat(path, &buf)) {
9883 memprintf(err, "%sglobal statement '%s' expects a directory path as an argument.\n",
9884 err && *err ? *err : "", args[0]);
9885 return -1;
9886 }
9887 if (S_ISDIR(buf.st_mode) == 0) {
9888 memprintf(err, "%sglobal statement '%s': %s is not a directory.\n",
9889 err && *err ? *err : "", args[0], path);
9890 return -1;
9891 }
9892
9893 /* strip trailing slashes, including first one */
9894 for (end = path + strlen(path) - 1; end >= path && *end == '/'; end--)
9895 *end = 0;
9896 /* path already parsed? */
9897 if (global_ssl.issuers_chain_path && strcmp(global_ssl.issuers_chain_path, path) == 0)
9898 return 0;
9899 /* overwrite old issuers_chain_path */
9900 free(global_ssl.issuers_chain_path);
9901 global_ssl.issuers_chain_path = strdup(path);
9902 ssl_free_global_issuers();
9903
9904 n = scandir(path, &de_list, 0, alphasort);
9905 if (n < 0) {
9906 memprintf(err, "%sglobal statement '%s': unable to scan directory '%s' : %s.\n",
9907 err && *err ? *err : "", args[0], path, strerror(errno));
9908 return -1;
9909 }
9910 for (i = 0; i < n; i++) {
9911 struct dirent *de = de_list[i];
9912 BIO *in = NULL;
9913 char *warn = NULL;
9914
9915 snprintf(fp, sizeof(fp), "%s/%s", path, de->d_name);
9916 free(de);
9917 if (stat(fp, &buf) != 0) {
9918 ha_warning("unable to stat certificate from file '%s' : %s.\n", fp, strerror(errno));
9919 goto next;
9920 }
9921 if (!S_ISREG(buf.st_mode))
9922 goto next;
9923
9924 in = BIO_new(BIO_s_file());
9925 if (in == NULL)
9926 goto next;
9927 if (BIO_read_filename(in, fp) <= 0)
9928 goto next;
9929 ssl_load_global_issuer_from_BIO(in, fp, &warn);
9930 if (warn) {
Tim Duesterhuse8aa5f22020-02-19 11:41:13 +01009931 ha_warning("%s", warn);
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +01009932 free(warn);
9933 warn = NULL;
9934 }
9935 next:
9936 if (in)
9937 BIO_free(in);
9938 }
9939 free(de_list);
9940
9941 return 0;
9942}
9943
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00009944/* parse the "ssl-mode-async" keyword in global section.
9945 * Returns <0 on alert, >0 on warning, 0 on success.
9946 */
9947static int ssl_parse_global_ssl_async(char **args, int section_type, struct proxy *curpx,
9948 struct proxy *defpx, const char *file, int line,
9949 char **err)
9950{
Willy Tarreau5db847a2019-05-09 14:13:35 +02009951#if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(OPENSSL_NO_ASYNC)
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00009952 global_ssl.async = 1;
Emeric Brunece0c332017-12-06 13:51:49 +01009953 global.ssl_used_async_engines = nb_engines;
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00009954 return 0;
9955#else
9956 memprintf(err, "'%s': openssl library does not support async mode", args[0]);
9957 return -1;
9958#endif
9959}
9960
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +02009961#ifndef OPENSSL_NO_ENGINE
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00009962static int ssl_check_async_engine_count(void) {
9963 int err_code = 0;
9964
Emeric Brun3854e012017-05-17 20:42:48 +02009965 if (global_ssl.async && (openssl_engines_initialized > 32)) {
Christopher Faulet767a84b2017-11-24 16:50:31 +01009966 ha_alert("ssl-mode-async only supports a maximum of 32 engines.\n");
Grant Zhangfa6c7ee2017-01-14 01:42:15 +00009967 err_code = ERR_ABORT;
9968 }
9969 return err_code;
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +01009970}
9971
Grant Zhang872f9c22017-01-21 01:10:18 +00009972/* parse the "ssl-engine" keyword in global section.
9973 * Returns <0 on alert, >0 on warning, 0 on success.
9974 */
9975static int ssl_parse_global_ssl_engine(char **args, int section_type, struct proxy *curpx,
9976 struct proxy *defpx, const char *file, int line,
9977 char **err)
9978{
9979 char *algo;
9980 int ret = -1;
9981
9982 if (*(args[1]) == 0) {
9983 memprintf(err, "global statement '%s' expects a valid engine name as an argument.", args[0]);
9984 return ret;
9985 }
9986
9987 if (*(args[2]) == 0) {
9988 /* if no list of algorithms is given, it defaults to ALL */
9989 algo = strdup("ALL");
9990 goto add_engine;
9991 }
9992
9993 /* otherwise the expected format is ssl-engine <engine_name> algo <list of algo> */
9994 if (strcmp(args[2], "algo") != 0) {
9995 memprintf(err, "global statement '%s' expects to have algo keyword.", args[0]);
9996 return ret;
9997 }
9998
9999 if (*(args[3]) == 0) {
10000 memprintf(err, "global statement '%s' expects algorithm names as an argument.", args[0]);
10001 return ret;
10002 }
10003 algo = strdup(args[3]);
10004
10005add_engine:
10006 if (ssl_init_single_engine(args[1], algo)==0) {
10007 openssl_engines_initialized++;
10008 ret = 0;
10009 }
10010 free(algo);
10011 return ret;
10012}
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020010013#endif
Grant Zhang872f9c22017-01-21 01:10:18 +000010014
Willy Tarreauf22e9682016-12-21 23:23:19 +010010015/* parse the "ssl-default-bind-ciphers" / "ssl-default-server-ciphers" keywords
10016 * in global section. Returns <0 on alert, >0 on warning, 0 on success.
10017 */
10018static int ssl_parse_global_ciphers(char **args, int section_type, struct proxy *curpx,
10019 struct proxy *defpx, const char *file, int line,
10020 char **err)
10021{
10022 char **target;
10023
Willy Tarreauef934602016-12-22 23:12:01 +010010024 target = (args[0][12] == 'b') ? &global_ssl.listen_default_ciphers : &global_ssl.connect_default_ciphers;
Willy Tarreauf22e9682016-12-21 23:23:19 +010010025
10026 if (too_many_args(1, args, err, NULL))
10027 return -1;
10028
10029 if (*(args[1]) == 0) {
10030 memprintf(err, "global statement '%s' expects a cipher suite as an argument.", args[0]);
10031 return -1;
10032 }
10033
10034 free(*target);
10035 *target = strdup(args[1]);
10036 return 0;
10037}
Dirkjan Bussink415150f2018-09-14 11:14:21 +020010038
Emmanuel Hocdet839af572019-05-14 16:27:35 +020010039#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020010040/* parse the "ssl-default-bind-ciphersuites" / "ssl-default-server-ciphersuites" keywords
10041 * in global section. Returns <0 on alert, >0 on warning, 0 on success.
10042 */
10043static int ssl_parse_global_ciphersuites(char **args, int section_type, struct proxy *curpx,
10044 struct proxy *defpx, const char *file, int line,
10045 char **err)
10046{
10047 char **target;
10048
10049 target = (args[0][12] == 'b') ? &global_ssl.listen_default_ciphersuites : &global_ssl.connect_default_ciphersuites;
10050
10051 if (too_many_args(1, args, err, NULL))
10052 return -1;
10053
10054 if (*(args[1]) == 0) {
10055 memprintf(err, "global statement '%s' expects a cipher suite as an argument.", args[0]);
10056 return -1;
10057 }
10058
10059 free(*target);
10060 *target = strdup(args[1]);
10061 return 0;
10062}
10063#endif
Willy Tarreauf22e9682016-12-21 23:23:19 +010010064
Willy Tarreau9ceda382016-12-21 23:13:03 +010010065/* parse various global tune.ssl settings consisting in positive integers.
10066 * Returns <0 on alert, >0 on warning, 0 on success.
10067 */
10068static int ssl_parse_global_int(char **args, int section_type, struct proxy *curpx,
10069 struct proxy *defpx, const char *file, int line,
10070 char **err)
10071{
10072 int *target;
10073
10074 if (strcmp(args[0], "tune.ssl.cachesize") == 0)
10075 target = &global.tune.sslcachesize;
10076 else if (strcmp(args[0], "tune.ssl.maxrecord") == 0)
Willy Tarreauef934602016-12-22 23:12:01 +010010077 target = (int *)&global_ssl.max_record;
Willy Tarreau9ceda382016-12-21 23:13:03 +010010078 else if (strcmp(args[0], "tune.ssl.ssl-ctx-cache-size") == 0)
Willy Tarreauef934602016-12-22 23:12:01 +010010079 target = &global_ssl.ctx_cache;
Willy Tarreau0bea58d2016-12-21 23:17:25 +010010080 else if (strcmp(args[0], "maxsslconn") == 0)
10081 target = &global.maxsslconn;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010010082 else if (strcmp(args[0], "tune.ssl.capture-cipherlist-size") == 0)
10083 target = &global_ssl.capture_cipherlist;
Willy Tarreau9ceda382016-12-21 23:13:03 +010010084 else {
10085 memprintf(err, "'%s' keyword not unhandled (please report this bug).", args[0]);
10086 return -1;
10087 }
10088
10089 if (too_many_args(1, args, err, NULL))
10090 return -1;
10091
10092 if (*(args[1]) == 0) {
10093 memprintf(err, "'%s' expects an integer argument.", args[0]);
10094 return -1;
10095 }
10096
10097 *target = atoi(args[1]);
10098 if (*target < 0) {
10099 memprintf(err, "'%s' expects a positive numeric value.", args[0]);
10100 return -1;
10101 }
10102 return 0;
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010010103}
10104
10105static int ssl_parse_global_capture_cipherlist(char **args, int section_type, struct proxy *curpx,
10106 struct proxy *defpx, const char *file, int line,
10107 char **err)
10108{
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010010109 int ret;
10110
10111 ret = ssl_parse_global_int(args, section_type, curpx, defpx, file, line, err);
10112 if (ret != 0)
10113 return ret;
10114
Willy Tarreaubafbe012017-11-24 17:34:44 +010010115 if (pool_head_ssl_capture) {
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010010116 memprintf(err, "'%s' is already configured.", args[0]);
10117 return -1;
10118 }
10119
Willy Tarreaubafbe012017-11-24 17:34:44 +010010120 pool_head_ssl_capture = create_pool("ssl-capture", sizeof(struct ssl_capture) + global_ssl.capture_cipherlist, MEM_F_SHARED);
10121 if (!pool_head_ssl_capture) {
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010010122 memprintf(err, "Out of memory error.");
10123 return -1;
10124 }
10125 return 0;
Willy Tarreau9ceda382016-12-21 23:13:03 +010010126}
10127
10128/* parse "ssl.force-private-cache".
10129 * Returns <0 on alert, >0 on warning, 0 on success.
10130 */
10131static int ssl_parse_global_private_cache(char **args, int section_type, struct proxy *curpx,
10132 struct proxy *defpx, const char *file, int line,
10133 char **err)
10134{
10135 if (too_many_args(0, args, err, NULL))
10136 return -1;
10137
Willy Tarreauef934602016-12-22 23:12:01 +010010138 global_ssl.private_cache = 1;
Willy Tarreau9ceda382016-12-21 23:13:03 +010010139 return 0;
10140}
10141
10142/* parse "ssl.lifetime".
10143 * Returns <0 on alert, >0 on warning, 0 on success.
10144 */
10145static int ssl_parse_global_lifetime(char **args, int section_type, struct proxy *curpx,
10146 struct proxy *defpx, const char *file, int line,
10147 char **err)
10148{
10149 const char *res;
10150
10151 if (too_many_args(1, args, err, NULL))
10152 return -1;
10153
10154 if (*(args[1]) == 0) {
10155 memprintf(err, "'%s' expects ssl sessions <lifetime> in seconds as argument.", args[0]);
10156 return -1;
10157 }
10158
Willy Tarreauef934602016-12-22 23:12:01 +010010159 res = parse_time_err(args[1], &global_ssl.life_time, TIME_UNIT_S);
Willy Tarreau9faebe32019-06-07 19:00:37 +020010160 if (res == PARSE_TIME_OVER) {
10161 memprintf(err, "timer overflow in argument '%s' to <%s> (maximum value is 2147483647 s or ~68 years).",
10162 args[1], args[0]);
10163 return -1;
10164 }
10165 else if (res == PARSE_TIME_UNDER) {
10166 memprintf(err, "timer underflow in argument '%s' to <%s> (minimum non-null value is 1 s).",
10167 args[1], args[0]);
10168 return -1;
10169 }
10170 else if (res) {
Willy Tarreau9ceda382016-12-21 23:13:03 +010010171 memprintf(err, "unexpected character '%c' in argument to <%s>.", *res, args[0]);
10172 return -1;
10173 }
10174 return 0;
10175}
10176
10177#ifndef OPENSSL_NO_DH
Willy Tarreau14e36a12016-12-21 23:28:13 +010010178/* parse "ssl-dh-param-file".
10179 * Returns <0 on alert, >0 on warning, 0 on success.
10180 */
10181static int ssl_parse_global_dh_param_file(char **args, int section_type, struct proxy *curpx,
10182 struct proxy *defpx, const char *file, int line,
10183 char **err)
10184{
10185 if (too_many_args(1, args, err, NULL))
10186 return -1;
10187
10188 if (*(args[1]) == 0) {
10189 memprintf(err, "'%s' expects a file path as an argument.", args[0]);
10190 return -1;
10191 }
10192
10193 if (ssl_sock_load_global_dh_param_from_file(args[1])) {
10194 memprintf(err, "'%s': unable to load DH parameters from file <%s>.", args[0], args[1]);
10195 return -1;
10196 }
10197 return 0;
10198}
10199
Willy Tarreau9ceda382016-12-21 23:13:03 +010010200/* parse "ssl.default-dh-param".
10201 * Returns <0 on alert, >0 on warning, 0 on success.
10202 */
10203static int ssl_parse_global_default_dh(char **args, int section_type, struct proxy *curpx,
10204 struct proxy *defpx, const char *file, int line,
10205 char **err)
10206{
10207 if (too_many_args(1, args, err, NULL))
10208 return -1;
10209
10210 if (*(args[1]) == 0) {
10211 memprintf(err, "'%s' expects an integer argument.", args[0]);
10212 return -1;
10213 }
10214
Willy Tarreauef934602016-12-22 23:12:01 +010010215 global_ssl.default_dh_param = atoi(args[1]);
10216 if (global_ssl.default_dh_param < 1024) {
Willy Tarreau9ceda382016-12-21 23:13:03 +010010217 memprintf(err, "'%s' expects a value >= 1024.", args[0]);
10218 return -1;
10219 }
10220 return 0;
10221}
10222#endif
10223
William Lallemand3af48e72020-02-03 17:15:52 +010010224
10225/*
10226 * parse "ssl-load-extra-files".
10227 * multiple arguments are allowed: "bundle", "sctl", "ocsp", "issuer", "all", "none"
10228 */
10229static int ssl_parse_global_extra_files(char **args, int section_type, struct proxy *curpx,
10230 struct proxy *defpx, const char *file, int line,
10231 char **err)
10232{
10233 int i;
10234 int gf = SSL_GF_NONE;
10235
10236 if (*(args[1]) == 0)
10237 goto err_arg;
10238
10239 for (i = 1; *args[i]; i++) {
10240
10241 if (!strcmp("bundle", args[i])) {
10242 gf |= SSL_GF_BUNDLE;
10243
10244 } else if (!strcmp("sctl", args[i])) {
10245 gf |= SSL_GF_SCTL;
10246
10247 } else if (!strcmp("ocsp", args[i])){
10248 gf |= SSL_GF_OCSP;
10249
10250 } else if (!strcmp("issuer", args[i])){
10251 gf |= SSL_GF_OCSP_ISSUER;
10252
William Lallemand4c5adbf2020-02-24 14:23:22 +010010253 } else if (!strcmp("key", args[i])) {
10254 gf |= SSL_GF_KEY;
10255
William Lallemand3af48e72020-02-03 17:15:52 +010010256 } else if (!strcmp("none", args[i])) {
10257 if (gf != SSL_GF_NONE)
10258 goto err_alone;
10259 gf = SSL_GF_NONE;
10260 i++;
10261 break;
10262
10263 } else if (!strcmp("all", args[i])) {
10264 if (gf != SSL_GF_NONE)
10265 goto err_alone;
10266 gf = SSL_GF_ALL;
10267 i++;
10268 break;
10269 } else {
10270 goto err_arg;
10271 }
10272 }
10273 /* break from loop but there are still arguments */
10274 if (*args[i])
10275 goto err_alone;
10276
10277 global_ssl.extra_files = gf;
10278
10279 return 0;
10280
10281err_alone:
10282 memprintf(err, "'%s' 'none' and 'all' can be only used alone", args[0]);
10283 return -1;
10284
10285err_arg:
10286 memprintf(err, "'%s' expects one or multiple arguments (none, all, bundle, sctl, ocsp, issuer).", args[0]);
10287 return -1;
10288}
10289
Willy Tarreau9ceda382016-12-21 23:13:03 +010010290
William Lallemand32af2032016-10-29 18:09:35 +020010291/* This function is used with TLS ticket keys management. It permits to browse
10292 * each reference. The variable <getnext> must contain the current node,
10293 * <end> point to the root node.
10294 */
10295#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
10296static inline
10297struct tls_keys_ref *tlskeys_list_get_next(struct tls_keys_ref *getnext, struct list *end)
10298{
10299 struct tls_keys_ref *ref = getnext;
10300
10301 while (1) {
10302
10303 /* Get next list entry. */
10304 ref = LIST_NEXT(&ref->list, struct tls_keys_ref *, list);
10305
10306 /* If the entry is the last of the list, return NULL. */
10307 if (&ref->list == end)
10308 return NULL;
10309
10310 return ref;
10311 }
10312}
10313
10314static inline
10315struct tls_keys_ref *tlskeys_ref_lookup_ref(const char *reference)
10316{
10317 int id;
10318 char *error;
10319
10320 /* If the reference starts by a '#', this is numeric id. */
10321 if (reference[0] == '#') {
10322 /* Try to convert the numeric id. If the conversion fails, the lookup fails. */
10323 id = strtol(reference + 1, &error, 10);
10324 if (*error != '\0')
10325 return NULL;
10326
10327 /* Perform the unique id lookup. */
10328 return tlskeys_ref_lookupid(id);
10329 }
10330
10331 /* Perform the string lookup. */
10332 return tlskeys_ref_lookup(reference);
10333}
10334#endif
10335
10336
10337#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
10338
10339static int cli_io_handler_tlskeys_files(struct appctx *appctx);
10340
10341static inline int cli_io_handler_tlskeys_entries(struct appctx *appctx) {
10342 return cli_io_handler_tlskeys_files(appctx);
10343}
10344
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010345/* dumps all tls keys. Relies on cli.i0 (non-null = only list file names), cli.i1
10346 * (next index to be dumped), and cli.p0 (next key reference).
10347 */
William Lallemand32af2032016-10-29 18:09:35 +020010348static int cli_io_handler_tlskeys_files(struct appctx *appctx) {
10349
10350 struct stream_interface *si = appctx->owner;
10351
10352 switch (appctx->st2) {
10353 case STAT_ST_INIT:
10354 /* Display the column headers. If the message cannot be sent,
Joseph Herlant017b3da2018-11-15 09:07:59 -080010355 * quit the function with returning 0. The function is called
William Lallemand32af2032016-10-29 18:09:35 +020010356 * later and restart at the state "STAT_ST_INIT".
10357 */
10358 chunk_reset(&trash);
10359
10360 if (appctx->io_handler == cli_io_handler_tlskeys_entries)
10361 chunk_appendf(&trash, "# id secret\n");
10362 else
10363 chunk_appendf(&trash, "# id (file)\n");
10364
Willy Tarreau06d80a92017-10-19 14:32:15 +020010365 if (ci_putchk(si_ic(si), &trash) == -1) {
Willy Tarreaudb398432018-11-15 11:08:52 +010010366 si_rx_room_blk(si);
William Lallemand32af2032016-10-29 18:09:35 +020010367 return 0;
10368 }
10369
William Lallemand32af2032016-10-29 18:09:35 +020010370 /* Now, we start the browsing of the references lists.
10371 * Note that the following call to LIST_ELEM return bad pointer. The only
10372 * available field of this pointer is <list>. It is used with the function
10373 * tlskeys_list_get_next() for retruning the first available entry
10374 */
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010375 if (appctx->ctx.cli.p0 == NULL) {
10376 appctx->ctx.cli.p0 = LIST_ELEM(&tlskeys_reference, struct tls_keys_ref *, list);
10377 appctx->ctx.cli.p0 = tlskeys_list_get_next(appctx->ctx.cli.p0, &tlskeys_reference);
William Lallemand32af2032016-10-29 18:09:35 +020010378 }
10379
10380 appctx->st2 = STAT_ST_LIST;
10381 /* fall through */
10382
10383 case STAT_ST_LIST:
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010384 while (appctx->ctx.cli.p0) {
10385 struct tls_keys_ref *ref = appctx->ctx.cli.p0;
William Lallemand32af2032016-10-29 18:09:35 +020010386
10387 chunk_reset(&trash);
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010388 if (appctx->io_handler == cli_io_handler_tlskeys_entries && appctx->ctx.cli.i1 == 0)
William Lallemand32af2032016-10-29 18:09:35 +020010389 chunk_appendf(&trash, "# ");
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010390
10391 if (appctx->ctx.cli.i1 == 0)
10392 chunk_appendf(&trash, "%d (%s)\n", ref->unique_id, ref->filename);
10393
William Lallemand32af2032016-10-29 18:09:35 +020010394 if (appctx->io_handler == cli_io_handler_tlskeys_entries) {
Christopher Faulet16f45c82018-02-16 11:23:49 +010010395 int head;
10396
10397 HA_RWLOCK_RDLOCK(TLSKEYS_REF_LOCK, &ref->lock);
10398 head = ref->tls_ticket_enc_index;
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010399 while (appctx->ctx.cli.i1 < TLS_TICKETS_NO) {
Willy Tarreau83061a82018-07-13 11:56:34 +020010400 struct buffer *t2 = get_trash_chunk();
William Lallemand32af2032016-10-29 18:09:35 +020010401
10402 chunk_reset(t2);
10403 /* should never fail here because we dump only a key in the t2 buffer */
Emeric Brun9e754772019-01-10 17:51:55 +010010404 if (ref->key_size_bits == 128) {
10405 t2->data = a2base64((char *)(ref->tlskeys + (head + 2 + appctx->ctx.cli.i1) % TLS_TICKETS_NO),
10406 sizeof(struct tls_sess_key_128),
10407 t2->area, t2->size);
10408 chunk_appendf(&trash, "%d.%d %s\n", ref->unique_id, appctx->ctx.cli.i1,
10409 t2->area);
10410 }
10411 else if (ref->key_size_bits == 256) {
10412 t2->data = a2base64((char *)(ref->tlskeys + (head + 2 + appctx->ctx.cli.i1) % TLS_TICKETS_NO),
10413 sizeof(struct tls_sess_key_256),
10414 t2->area, t2->size);
10415 chunk_appendf(&trash, "%d.%d %s\n", ref->unique_id, appctx->ctx.cli.i1,
10416 t2->area);
10417 }
10418 else {
10419 /* This case should never happen */
10420 chunk_appendf(&trash, "%d.%d <unknown>\n", ref->unique_id, appctx->ctx.cli.i1);
10421 }
William Lallemand32af2032016-10-29 18:09:35 +020010422
Willy Tarreau06d80a92017-10-19 14:32:15 +020010423 if (ci_putchk(si_ic(si), &trash) == -1) {
William Lallemand32af2032016-10-29 18:09:35 +020010424 /* let's try again later from this stream. We add ourselves into
10425 * this stream's users so that it can remove us upon termination.
10426 */
Christopher Faulet16f45c82018-02-16 11:23:49 +010010427 HA_RWLOCK_RDUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Willy Tarreaudb398432018-11-15 11:08:52 +010010428 si_rx_room_blk(si);
William Lallemand32af2032016-10-29 18:09:35 +020010429 return 0;
10430 }
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010431 appctx->ctx.cli.i1++;
William Lallemand32af2032016-10-29 18:09:35 +020010432 }
Christopher Faulet16f45c82018-02-16 11:23:49 +010010433 HA_RWLOCK_RDUNLOCK(TLSKEYS_REF_LOCK, &ref->lock);
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010434 appctx->ctx.cli.i1 = 0;
William Lallemand32af2032016-10-29 18:09:35 +020010435 }
Willy Tarreau06d80a92017-10-19 14:32:15 +020010436 if (ci_putchk(si_ic(si), &trash) == -1) {
William Lallemand32af2032016-10-29 18:09:35 +020010437 /* let's try again later from this stream. We add ourselves into
10438 * this stream's users so that it can remove us upon termination.
10439 */
Willy Tarreaudb398432018-11-15 11:08:52 +010010440 si_rx_room_blk(si);
William Lallemand32af2032016-10-29 18:09:35 +020010441 return 0;
10442 }
10443
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010444 if (appctx->ctx.cli.i0 == 0) /* don't display everything if not necessary */
William Lallemand32af2032016-10-29 18:09:35 +020010445 break;
10446
10447 /* get next list entry and check the end of the list */
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010448 appctx->ctx.cli.p0 = tlskeys_list_get_next(appctx->ctx.cli.p0, &tlskeys_reference);
William Lallemand32af2032016-10-29 18:09:35 +020010449 }
10450
10451 appctx->st2 = STAT_ST_FIN;
10452 /* fall through */
10453
10454 default:
10455 appctx->st2 = STAT_ST_FIN;
10456 return 1;
10457 }
10458 return 0;
10459}
10460
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010461/* sets cli.i0 to non-zero if only file lists should be dumped */
Aurélien Nephtaliabbf6072018-04-18 13:26:46 +020010462static int cli_parse_show_tlskeys(char **args, char *payload, struct appctx *appctx, void *private)
William Lallemand32af2032016-10-29 18:09:35 +020010463{
William Lallemand32af2032016-10-29 18:09:35 +020010464 /* no parameter, shows only file list */
10465 if (!*args[2]) {
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010466 appctx->ctx.cli.i0 = 1;
William Lallemand32af2032016-10-29 18:09:35 +020010467 appctx->io_handler = cli_io_handler_tlskeys_files;
Willy Tarreau3067bfa2016-12-05 14:50:15 +010010468 return 0;
William Lallemand32af2032016-10-29 18:09:35 +020010469 }
10470
10471 if (args[2][0] == '*') {
10472 /* list every TLS ticket keys */
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010473 appctx->ctx.cli.i0 = 1;
William Lallemand32af2032016-10-29 18:09:35 +020010474 } else {
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010475 appctx->ctx.cli.p0 = tlskeys_ref_lookup_ref(args[2]);
Willy Tarreau9d008692019-08-09 11:21:01 +020010476 if (!appctx->ctx.cli.p0)
10477 return cli_err(appctx, "'show tls-keys' unable to locate referenced filename\n");
William Lallemand32af2032016-10-29 18:09:35 +020010478 }
William Lallemand32af2032016-10-29 18:09:35 +020010479 appctx->io_handler = cli_io_handler_tlskeys_entries;
Willy Tarreau3067bfa2016-12-05 14:50:15 +010010480 return 0;
William Lallemand32af2032016-10-29 18:09:35 +020010481}
10482
Aurélien Nephtaliabbf6072018-04-18 13:26:46 +020010483static int cli_parse_set_tlskeys(char **args, char *payload, struct appctx *appctx, void *private)
William Lallemand32af2032016-10-29 18:09:35 +020010484{
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010485 struct tls_keys_ref *ref;
Willy Tarreau1c913e42018-08-22 05:26:57 +020010486 int ret;
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010487
William Lallemand32af2032016-10-29 18:09:35 +020010488 /* Expect two parameters: the filename and the new new TLS key in encoding */
Willy Tarreau9d008692019-08-09 11:21:01 +020010489 if (!*args[3] || !*args[4])
10490 return cli_err(appctx, "'set ssl tls-key' expects a filename and the new TLS key in base64 encoding.\n");
William Lallemand32af2032016-10-29 18:09:35 +020010491
Willy Tarreauf5f26e82016-12-16 18:47:27 +010010492 ref = tlskeys_ref_lookup_ref(args[3]);
Willy Tarreau9d008692019-08-09 11:21:01 +020010493 if (!ref)
10494 return cli_err(appctx, "'set ssl tls-key' unable to locate referenced filename\n");
William Lallemand32af2032016-10-29 18:09:35 +020010495
Willy Tarreau1c913e42018-08-22 05:26:57 +020010496 ret = base64dec(args[4], strlen(args[4]), trash.area, trash.size);
Willy Tarreau9d008692019-08-09 11:21:01 +020010497 if (ret < 0)
10498 return cli_err(appctx, "'set ssl tls-key' received invalid base64 encoded TLS key.\n");
Emeric Brun9e754772019-01-10 17:51:55 +010010499
Willy Tarreau1c913e42018-08-22 05:26:57 +020010500 trash.data = ret;
Willy Tarreau9d008692019-08-09 11:21:01 +020010501 if (ssl_sock_update_tlskey_ref(ref, &trash) < 0)
10502 return cli_err(appctx, "'set ssl tls-key' received a key of wrong size.\n");
William Lallemand32af2032016-10-29 18:09:35 +020010503
Willy Tarreau9d008692019-08-09 11:21:01 +020010504 return cli_msg(appctx, LOG_INFO, "TLS ticket key updated!\n");
William Lallemand32af2032016-10-29 18:09:35 +020010505}
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +010010506#endif
William Lallemand32af2032016-10-29 18:09:35 +020010507
William Lallemand44b35322019-10-17 16:28:40 +020010508
10509/* Type of SSL payloads that can be updated over the CLI */
10510
10511enum {
10512 CERT_TYPE_PEM = 0,
William Lallemand4c5adbf2020-02-24 14:23:22 +010010513 CERT_TYPE_KEY,
Emmanuel Hocdetf6ac4fa2019-10-30 17:41:27 +010010514#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
William Lallemand44b35322019-10-17 16:28:40 +020010515 CERT_TYPE_OCSP,
Emmanuel Hocdetf6ac4fa2019-10-30 17:41:27 +010010516#endif
William Lallemand44b35322019-10-17 16:28:40 +020010517 CERT_TYPE_ISSUER,
Emmanuel Hocdetf6ac4fa2019-10-30 17:41:27 +010010518#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
William Lallemand44b35322019-10-17 16:28:40 +020010519 CERT_TYPE_SCTL,
Emmanuel Hocdetf6ac4fa2019-10-30 17:41:27 +010010520#endif
William Lallemand44b35322019-10-17 16:28:40 +020010521 CERT_TYPE_MAX,
10522};
10523
10524struct {
10525 const char *ext;
10526 int type;
10527 int (*load)(const char *path, char *payload, struct cert_key_and_chain *ckch, char **err);
10528 /* add a parsing callback */
William Lallemandf29cdef2019-10-23 15:00:52 +020010529} cert_exts[CERT_TYPE_MAX+1] = {
William Lallemand44b35322019-10-17 16:28:40 +020010530 [CERT_TYPE_PEM] = { "", CERT_TYPE_PEM, &ssl_sock_load_pem_into_ckch }, /* default mode, no extensions */
William Lallemand4c5adbf2020-02-24 14:23:22 +010010531 [CERT_TYPE_KEY] = { "key", CERT_TYPE_KEY, &ssl_sock_load_key_into_ckch },
William Lallemand541a5342019-10-23 14:11:54 +020010532#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
William Lallemand44b35322019-10-17 16:28:40 +020010533 [CERT_TYPE_OCSP] = { "ocsp", CERT_TYPE_OCSP, &ssl_sock_load_ocsp_response_from_file },
William Lallemand541a5342019-10-23 14:11:54 +020010534#endif
10535#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
William Lallemand44b35322019-10-17 16:28:40 +020010536 [CERT_TYPE_SCTL] = { "sctl", CERT_TYPE_SCTL, &ssl_sock_load_sctl_from_file },
William Lallemand541a5342019-10-23 14:11:54 +020010537#endif
William Lallemand44b35322019-10-17 16:28:40 +020010538 [CERT_TYPE_ISSUER] = { "issuer", CERT_TYPE_ISSUER, &ssl_sock_load_issuer_file_into_ckch },
William Lallemandf29cdef2019-10-23 15:00:52 +020010539 [CERT_TYPE_MAX] = { NULL, CERT_TYPE_MAX, NULL },
William Lallemand44b35322019-10-17 16:28:40 +020010540};
10541
William Lallemand430413e2019-10-28 14:30:47 +010010542/* states of the CLI IO handler for 'set ssl cert' */
10543enum {
10544 SETCERT_ST_INIT = 0,
10545 SETCERT_ST_GEN,
10546 SETCERT_ST_INSERT,
10547 SETCERT_ST_FIN,
10548};
William Lallemand8f840d72019-10-23 10:53:05 +020010549
William Lallemandd4f946c2019-12-05 10:26:40 +010010550/* release function of the `show ssl cert' command */
10551static void cli_release_show_cert(struct appctx *appctx)
10552{
10553 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
10554}
10555
10556/* IO handler of "show ssl cert <filename>" */
10557static int cli_io_handler_show_cert(struct appctx *appctx)
10558{
10559 struct buffer *trash = alloc_trash_chunk();
10560 struct ebmb_node *node;
10561 struct stream_interface *si = appctx->owner;
10562 struct ckch_store *ckchs;
William Lallemandd4f946c2019-12-05 10:26:40 +010010563
10564 if (trash == NULL)
10565 return 1;
10566
10567 if (!appctx->ctx.ssl.old_ckchs) {
10568 if (ckchs_transaction.old_ckchs) {
10569 ckchs = ckchs_transaction.old_ckchs;
10570 chunk_appendf(trash, "# transaction\n");
10571 if (!ckchs->multi) {
10572 chunk_appendf(trash, "*%s\n", ckchs->path);
William Lallemandba22e902019-12-18 20:36:01 +010010573#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
William Lallemandd4f946c2019-12-05 10:26:40 +010010574 } else {
William Lallemanda25a19f2020-01-29 00:04:24 +010010575 int n;
10576
William Lallemandd4f946c2019-12-05 10:26:40 +010010577 chunk_appendf(trash, "*%s:", ckchs->path);
10578 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
10579 if (ckchs->ckch[n].cert)
10580 chunk_appendf(trash, " %s.%s\n", ckchs->path, SSL_SOCK_KEYTYPE_NAMES[n]);
10581 }
10582 chunk_appendf(trash, "\n");
William Lallemandba22e902019-12-18 20:36:01 +010010583#endif
William Lallemandd4f946c2019-12-05 10:26:40 +010010584 }
10585 }
10586 }
10587
10588 if (!appctx->ctx.cli.p0) {
10589 chunk_appendf(trash, "# filename\n");
10590 node = ebmb_first(&ckchs_tree);
10591 } else {
10592 node = &((struct ckch_store *)appctx->ctx.cli.p0)->node;
10593 }
10594 while (node) {
10595 ckchs = ebmb_entry(node, struct ckch_store, node);
10596 if (!ckchs->multi) {
10597 chunk_appendf(trash, "%s\n", ckchs->path);
William Lallemandba22e902019-12-18 20:36:01 +010010598#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
William Lallemandd4f946c2019-12-05 10:26:40 +010010599 } else {
William Lallemanda25a19f2020-01-29 00:04:24 +010010600 int n;
10601
William Lallemandd4f946c2019-12-05 10:26:40 +010010602 chunk_appendf(trash, "%s:", ckchs->path);
10603 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
10604 if (ckchs->ckch[n].cert)
10605 chunk_appendf(trash, " %s.%s", ckchs->path, SSL_SOCK_KEYTYPE_NAMES[n]);
10606 }
10607 chunk_appendf(trash, "\n");
William Lallemandba22e902019-12-18 20:36:01 +010010608#endif
William Lallemandd4f946c2019-12-05 10:26:40 +010010609 }
10610
10611 node = ebmb_next(node);
10612 if (ci_putchk(si_ic(si), trash) == -1) {
10613 si_rx_room_blk(si);
10614 goto yield;
10615 }
10616 }
10617
10618 appctx->ctx.cli.p0 = NULL;
10619 free_trash_chunk(trash);
10620 return 1;
10621yield:
10622
10623 free_trash_chunk(trash);
10624 appctx->ctx.cli.p0 = ckchs;
10625 return 0; /* should come back */
10626}
10627
10628/* IO handler of the details "show ssl cert <filename>" */
10629static int cli_io_handler_show_cert_detail(struct appctx *appctx)
10630{
10631 struct stream_interface *si = appctx->owner;
10632 struct ckch_store *ckchs = appctx->ctx.cli.p0;
10633 struct buffer *out = alloc_trash_chunk();
10634 struct buffer *tmp = alloc_trash_chunk();
10635 X509_NAME *name = NULL;
10636 int write = -1;
10637 BIO *bio = NULL;
10638
10639 if (!tmp || !out)
10640 goto end;
10641
10642 if (!ckchs->multi) {
10643 chunk_appendf(out, "Filename: ");
10644 if (ckchs == ckchs_transaction.new_ckchs)
10645 chunk_appendf(out, "*");
10646 chunk_appendf(out, "%s\n", ckchs->path);
10647 chunk_appendf(out, "Serial: ");
10648 if (ssl_sock_get_serial(ckchs->ckch->cert, tmp) == -1)
10649 goto end;
10650 dump_binary(out, tmp->area, tmp->data);
10651 chunk_appendf(out, "\n");
10652
10653 chunk_appendf(out, "notBefore: ");
10654 chunk_reset(tmp);
10655 if ((bio = BIO_new(BIO_s_mem())) == NULL)
10656 goto end;
10657 if (ASN1_TIME_print(bio, X509_getm_notBefore(ckchs->ckch->cert)) == 0)
10658 goto end;
10659 write = BIO_read(bio, tmp->area, tmp->size-1);
10660 tmp->area[write] = '\0';
10661 BIO_free(bio);
10662 chunk_appendf(out, "%s\n", tmp->area);
10663
10664 chunk_appendf(out, "notAfter: ");
10665 chunk_reset(tmp);
10666 if ((bio = BIO_new(BIO_s_mem())) == NULL)
10667 goto end;
10668 if (ASN1_TIME_print(bio, X509_getm_notAfter(ckchs->ckch->cert)) == 0)
10669 goto end;
10670 if ((write = BIO_read(bio, tmp->area, tmp->size-1)) <= 0)
10671 goto end;
10672 tmp->area[write] = '\0';
10673 BIO_free(bio);
10674 chunk_appendf(out, "%s\n", tmp->area);
10675
10676
10677 chunk_appendf(out, "Issuer: ");
10678 if ((name = X509_get_issuer_name(ckchs->ckch->cert)) == NULL)
10679 goto end;
10680 if ((ssl_sock_get_dn_oneline(name, tmp)) == -1)
10681 goto end;
10682 *(tmp->area + tmp->data) = '\0';
10683 chunk_appendf(out, "%s\n", tmp->area);
10684
10685 chunk_appendf(out, "Subject: ");
10686 if ((name = X509_get_subject_name(ckchs->ckch->cert)) == NULL)
10687 goto end;
10688 if ((ssl_sock_get_dn_oneline(name, tmp)) == -1)
10689 goto end;
10690 *(tmp->area + tmp->data) = '\0';
10691 chunk_appendf(out, "%s\n", tmp->area);
10692
10693
10694#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
10695 chunk_appendf(out, "Subject Alternative Name: ");
10696 if (ssl_sock_get_san_oneline(ckchs->ckch->cert, out) == -1)
10697 goto end;
10698 *(out->area + out->data) = '\0';
10699 chunk_appendf(out, "\n");
10700#endif
10701 chunk_reset(tmp);
10702 chunk_appendf(out, "Algorithm: ");
10703 if (cert_get_pkey_algo(ckchs->ckch->cert, tmp) == 0)
10704 goto end;
10705 chunk_appendf(out, "%s\n", tmp->area);
10706
10707 chunk_reset(tmp);
10708 chunk_appendf(out, "SHA1 FingerPrint: ");
10709 if (X509_digest(ckchs->ckch->cert, EVP_sha1(), (unsigned char *) tmp->area,
10710 (unsigned int *)&tmp->data) == 0)
10711 goto end;
10712 dump_binary(out, tmp->area, tmp->data);
10713 chunk_appendf(out, "\n");
10714 }
10715
10716 if (ci_putchk(si_ic(si), out) == -1) {
10717 si_rx_room_blk(si);
10718 goto yield;
10719 }
10720
10721end:
10722 free_trash_chunk(tmp);
10723 free_trash_chunk(out);
10724 return 1;
10725yield:
10726 free_trash_chunk(tmp);
10727 free_trash_chunk(out);
10728 return 0; /* should come back */
10729}
10730
10731/* parsing function for 'show ssl cert [certfile]' */
10732static int cli_parse_show_cert(char **args, char *payload, struct appctx *appctx, void *private)
10733{
10734 struct ckch_store *ckchs;
10735
10736 if (!cli_has_level(appctx, ACCESS_LVL_OPER))
10737 return cli_err(appctx, "Can't allocate memory!\n");
10738
10739 /* The operations on the CKCH architecture are locked so we can
10740 * manipulate ckch_store and ckch_inst */
10741 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
10742 return cli_err(appctx, "Can't show!\nOperations on certificates are currently locked!\n");
10743
10744 /* check if there is a certificate to lookup */
10745 if (*args[3]) {
10746 if (*args[3] == '*') {
10747 if (!ckchs_transaction.new_ckchs)
10748 goto error;
10749
10750 ckchs = ckchs_transaction.new_ckchs;
10751
10752 if (strcmp(args[3] + 1, ckchs->path))
10753 goto error;
10754
10755 } else {
10756 if ((ckchs = ckchs_lookup(args[3])) == NULL)
10757 goto error;
10758
10759 }
10760
10761 if (ckchs->multi)
10762 goto error;
10763
10764 appctx->ctx.cli.p0 = ckchs;
10765 /* use the IO handler that shows details */
10766 appctx->io_handler = cli_io_handler_show_cert_detail;
10767 }
10768
10769 return 0;
10770
10771error:
10772 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
10773 return cli_err(appctx, "Can't display the certificate: Not found or the certificate is a bundle!\n");
10774}
10775
William Lallemand430413e2019-10-28 14:30:47 +010010776/* release function of the `set ssl cert' command, free things and unlock the spinlock */
William Lallemandbc6ca7c2019-10-29 23:48:19 +010010777static void cli_release_commit_cert(struct appctx *appctx)
William Lallemand8f840d72019-10-23 10:53:05 +020010778{
10779 struct ckch_store *new_ckchs;
10780 struct ckch_inst *ckchi, *ckchis;
William Lallemand8f840d72019-10-23 10:53:05 +020010781
William Lallemand430413e2019-10-28 14:30:47 +010010782 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
William Lallemand8f840d72019-10-23 10:53:05 +020010783
William Lallemand430413e2019-10-28 14:30:47 +010010784 if (appctx->st2 != SETCERT_ST_FIN) {
William Lallemand8f840d72019-10-23 10:53:05 +020010785 /* free every new sni_ctx and the new store, which are not in the trees so no spinlock there */
William Lallemandbeea2a42019-10-30 17:45:33 +010010786 new_ckchs = appctx->ctx.ssl.new_ckchs;
William Lallemand8f840d72019-10-23 10:53:05 +020010787
William Lallemandbeea2a42019-10-30 17:45:33 +010010788 if (!new_ckchs)
10789 return;
William Lallemand8f840d72019-10-23 10:53:05 +020010790
William Lallemandbeea2a42019-10-30 17:45:33 +010010791 /* if the allocation failed, we need to free everything from the temporary list */
10792 list_for_each_entry_safe(ckchi, ckchis, &new_ckchs->ckch_inst, by_ckchs) {
10793 struct sni_ctx *sc0, *sc0s;
William Lallemand8f840d72019-10-23 10:53:05 +020010794
William Lallemandbeea2a42019-10-30 17:45:33 +010010795 list_for_each_entry_safe(sc0, sc0s, &ckchi->sni_ctx, by_ckch_inst) {
10796 if (sc0->order == 0) /* we only free if it's the first inserted */
10797 SSL_CTX_free(sc0->ctx);
10798 LIST_DEL(&sc0->by_ckch_inst);
10799 free(sc0);
William Lallemand8f840d72019-10-23 10:53:05 +020010800 }
William Lallemandbeea2a42019-10-30 17:45:33 +010010801 LIST_DEL(&ckchi->by_ckchs);
10802 free(ckchi);
William Lallemand8f840d72019-10-23 10:53:05 +020010803 }
William Lallemandbeea2a42019-10-30 17:45:33 +010010804 ckchs_free(new_ckchs);
William Lallemand8f840d72019-10-23 10:53:05 +020010805 }
10806}
10807
10808
10809/*
10810 * This function tries to create the new ckch_inst and their SNIs
10811 */
William Lallemandbc6ca7c2019-10-29 23:48:19 +010010812static int cli_io_handler_commit_cert(struct appctx *appctx)
William Lallemand8f840d72019-10-23 10:53:05 +020010813{
10814 struct stream_interface *si = appctx->owner;
10815 int y = 0;
10816 char *err = NULL;
10817 int errcode = 0;
10818 struct ckch_store *old_ckchs, *new_ckchs = NULL;
10819 struct ckch_inst *ckchi, *ckchis;
William Lallemand8f840d72019-10-23 10:53:05 +020010820 struct buffer *trash = alloc_trash_chunk();
William Lallemand8ef0c2a2019-11-21 16:30:34 +010010821 struct sni_ctx *sc0, *sc0s;
William Lallemand8f840d72019-10-23 10:53:05 +020010822
William Lallemand33cc76f2019-10-31 11:43:45 +010010823 if (trash == NULL)
10824 goto error;
10825
William Lallemand8f840d72019-10-23 10:53:05 +020010826 if (unlikely(si_ic(si)->flags & (CF_WRITE_ERROR|CF_SHUTW)))
10827 goto error;
10828
William Lallemand430413e2019-10-28 14:30:47 +010010829 while (1) {
10830 switch (appctx->st2) {
10831 case SETCERT_ST_INIT:
10832 /* This state just print the update message */
William Lallemandbc6ca7c2019-10-29 23:48:19 +010010833 chunk_printf(trash, "Committing %s", ckchs_transaction.path);
William Lallemand430413e2019-10-28 14:30:47 +010010834 if (ci_putchk(si_ic(si), trash) == -1) {
10835 si_rx_room_blk(si);
William Lallemand8f840d72019-10-23 10:53:05 +020010836 goto yield;
William Lallemand430413e2019-10-28 14:30:47 +010010837 }
10838 appctx->st2 = SETCERT_ST_GEN;
10839 /* fallthrough */
10840 case SETCERT_ST_GEN:
10841 /*
10842 * This state generates the ckch instances with their
10843 * sni_ctxs and SSL_CTX.
10844 *
William Lallemand430413e2019-10-28 14:30:47 +010010845 * Since the SSL_CTX generation can be CPU consumer, we
10846 * yield every 10 instances.
10847 */
William Lallemand8f840d72019-10-23 10:53:05 +020010848
William Lallemandbeea2a42019-10-30 17:45:33 +010010849 old_ckchs = appctx->ctx.ssl.old_ckchs;
10850 new_ckchs = appctx->ctx.ssl.new_ckchs;
William Lallemand8f840d72019-10-23 10:53:05 +020010851
William Lallemandbeea2a42019-10-30 17:45:33 +010010852 if (!new_ckchs)
10853 continue;
William Lallemand8f840d72019-10-23 10:53:05 +020010854
William Lallemandbeea2a42019-10-30 17:45:33 +010010855 /* get the next ckchi to regenerate */
10856 ckchi = appctx->ctx.ssl.next_ckchi;
10857 /* we didn't start yet, set it to the first elem */
10858 if (ckchi == NULL)
10859 ckchi = LIST_ELEM(old_ckchs->ckch_inst.n, typeof(ckchi), by_ckchs);
William Lallemand8f840d72019-10-23 10:53:05 +020010860
William Lallemandbeea2a42019-10-30 17:45:33 +010010861 /* walk through the old ckch_inst and creates new ckch_inst using the updated ckchs */
10862 list_for_each_entry_from(ckchi, &old_ckchs->ckch_inst, by_ckchs) {
10863 struct ckch_inst *new_inst;
William Lallemand8f840d72019-10-23 10:53:05 +020010864
William Lallemandbeea2a42019-10-30 17:45:33 +010010865 /* it takes a lot of CPU to creates SSL_CTXs, so we yield every 10 CKCH instances */
10866 if (y >= 10) {
10867 /* save the next ckchi to compute */
10868 appctx->ctx.ssl.next_ckchi = ckchi;
10869 goto yield;
10870 }
William Lallemand8f840d72019-10-23 10:53:05 +020010871
William Lallemandbeea2a42019-10-30 17:45:33 +010010872 if (new_ckchs->multi)
10873 errcode |= ckch_inst_new_load_multi_store(new_ckchs->path, new_ckchs, ckchi->bind_conf, ckchi->ssl_conf, NULL, 0, &new_inst, &err);
10874 else
10875 errcode |= ckch_inst_new_load_store(new_ckchs->path, new_ckchs, ckchi->bind_conf, ckchi->ssl_conf, NULL, 0, &new_inst, &err);
William Lallemand8f840d72019-10-23 10:53:05 +020010876
William Lallemandbeea2a42019-10-30 17:45:33 +010010877 if (errcode & ERR_CODE)
10878 goto error;
William Lallemand8f840d72019-10-23 10:53:05 +020010879
William Lallemand21724f02019-11-04 17:56:13 +010010880 /* if the previous ckchi was used as the default */
10881 if (ckchi->is_default)
10882 new_inst->is_default = 1;
10883
William Lallemand8ef0c2a2019-11-21 16:30:34 +010010884 /* we need to initialize the SSL_CTX generated */
William Lallemand696f3172020-02-07 20:45:24 +010010885 /* this iterate on the newly generated SNIs in the new instance to prepare their SSL_CTX */
10886 list_for_each_entry_safe(sc0, sc0s, &new_inst->sni_ctx, by_ckch_inst) {
William Lallemand8ef0c2a2019-11-21 16:30:34 +010010887 if (!sc0->order) { /* we initiliazed only the first SSL_CTX because it's the same in the other sni_ctx's */
10888 errcode |= ssl_sock_prepare_ctx(ckchi->bind_conf, ckchi->ssl_conf, sc0->ctx, &err);
10889 if (errcode & ERR_CODE)
10890 goto error;
10891 }
10892 }
10893
10894
William Lallemandbeea2a42019-10-30 17:45:33 +010010895 /* display one dot per new instance */
10896 chunk_appendf(trash, ".");
10897 /* link the new ckch_inst to the duplicate */
10898 LIST_ADDQ(&new_ckchs->ckch_inst, &new_inst->by_ckchs);
10899 y++;
10900 }
William Lallemand430413e2019-10-28 14:30:47 +010010901 appctx->st2 = SETCERT_ST_INSERT;
10902 /* fallthrough */
10903 case SETCERT_ST_INSERT:
10904 /* The generation is finished, we can insert everything */
William Lallemand8f840d72019-10-23 10:53:05 +020010905
William Lallemandbeea2a42019-10-30 17:45:33 +010010906 old_ckchs = appctx->ctx.ssl.old_ckchs;
10907 new_ckchs = appctx->ctx.ssl.new_ckchs;
William Lallemand8f840d72019-10-23 10:53:05 +020010908
William Lallemandbeea2a42019-10-30 17:45:33 +010010909 if (!new_ckchs)
10910 continue;
William Lallemand430413e2019-10-28 14:30:47 +010010911
William Lallemand21724f02019-11-04 17:56:13 +010010912 /* First, we insert every new SNIs in the trees, also replace the default_ctx */
William Lallemandbeea2a42019-10-30 17:45:33 +010010913 list_for_each_entry_safe(ckchi, ckchis, &new_ckchs->ckch_inst, by_ckchs) {
10914 HA_RWLOCK_WRLOCK(SNI_LOCK, &ckchi->bind_conf->sni_lock);
10915 ssl_sock_load_cert_sni(ckchi, ckchi->bind_conf);
10916 HA_RWLOCK_WRUNLOCK(SNI_LOCK, &ckchi->bind_conf->sni_lock);
10917 }
William Lallemand8f840d72019-10-23 10:53:05 +020010918
William Lallemandbeea2a42019-10-30 17:45:33 +010010919 /* delete the old sni_ctx, the old ckch_insts and the ckch_store */
10920 list_for_each_entry_safe(ckchi, ckchis, &old_ckchs->ckch_inst, by_ckchs) {
William Lallemand430413e2019-10-28 14:30:47 +010010921
William Lallemandbeea2a42019-10-30 17:45:33 +010010922 HA_RWLOCK_WRLOCK(SNI_LOCK, &ckchi->bind_conf->sni_lock);
10923 list_for_each_entry_safe(sc0, sc0s, &ckchi->sni_ctx, by_ckch_inst) {
10924 ebmb_delete(&sc0->name);
10925 LIST_DEL(&sc0->by_ckch_inst);
10926 free(sc0);
William Lallemand430413e2019-10-28 14:30:47 +010010927 }
William Lallemandbeea2a42019-10-30 17:45:33 +010010928 HA_RWLOCK_WRUNLOCK(SNI_LOCK, &ckchi->bind_conf->sni_lock);
10929 LIST_DEL(&ckchi->by_ckchs);
10930 free(ckchi);
10931 }
William Lallemand8f840d72019-10-23 10:53:05 +020010932
William Lallemandbeea2a42019-10-30 17:45:33 +010010933 /* Replace the old ckchs by the new one */
10934 ebmb_delete(&old_ckchs->node);
10935 ckchs_free(old_ckchs);
10936 ebst_insert(&ckchs_tree, &new_ckchs->node);
William Lallemand430413e2019-10-28 14:30:47 +010010937 appctx->st2 = SETCERT_ST_FIN;
10938 /* fallthrough */
10939 case SETCERT_ST_FIN:
William Lallemandbc6ca7c2019-10-29 23:48:19 +010010940 /* we achieved the transaction, we can set everything to NULL */
10941 free(ckchs_transaction.path);
10942 ckchs_transaction.path = NULL;
10943 ckchs_transaction.new_ckchs = NULL;
10944 ckchs_transaction.old_ckchs = NULL;
William Lallemand430413e2019-10-28 14:30:47 +010010945 goto end;
10946 }
William Lallemand8f840d72019-10-23 10:53:05 +020010947 }
William Lallemand430413e2019-10-28 14:30:47 +010010948end:
William Lallemand8f840d72019-10-23 10:53:05 +020010949
William Lallemanded442432019-11-21 16:41:07 +010010950 chunk_appendf(trash, "\n");
10951 if (errcode & ERR_WARN)
Tim Duesterhusc0e820c2019-11-23 23:52:30 +010010952 chunk_appendf(trash, "%s", err);
William Lallemanded442432019-11-21 16:41:07 +010010953 chunk_appendf(trash, "Success!\n");
William Lallemand430413e2019-10-28 14:30:47 +010010954 if (ci_putchk(si_ic(si), trash) == -1)
10955 si_rx_room_blk(si);
10956 free_trash_chunk(trash);
10957 /* success: call the release function and don't come back */
10958 return 1;
William Lallemand8f840d72019-10-23 10:53:05 +020010959yield:
10960 /* store the state */
10961 if (ci_putchk(si_ic(si), trash) == -1)
10962 si_rx_room_blk(si);
10963 free_trash_chunk(trash);
10964 si_rx_endp_more(si); /* let's come back later */
William Lallemand8f840d72019-10-23 10:53:05 +020010965 return 0; /* should come back */
10966
10967error:
10968 /* spin unlock and free are done in the release function */
William Lallemand33cc76f2019-10-31 11:43:45 +010010969 if (trash) {
10970 chunk_appendf(trash, "\n%sFailed!\n", err);
10971 if (ci_putchk(si_ic(si), trash) == -1)
10972 si_rx_room_blk(si);
10973 free_trash_chunk(trash);
10974 }
William Lallemand430413e2019-10-28 14:30:47 +010010975 /* error: call the release function and don't come back */
10976 return 1;
William Lallemand8f840d72019-10-23 10:53:05 +020010977}
William Lallemandbc6ca7c2019-10-29 23:48:19 +010010978
10979/*
10980 * Parsing function of 'commit ssl cert'
10981 */
10982static int cli_parse_commit_cert(char **args, char *payload, struct appctx *appctx, void *private)
10983{
10984 char *err = NULL;
10985
William Lallemand230662a2019-12-03 13:32:54 +010010986 if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
10987 return 1;
10988
William Lallemandbc6ca7c2019-10-29 23:48:19 +010010989 if (!*args[3])
10990 return cli_err(appctx, "'commit ssl cert expects a filename\n");
10991
10992 /* The operations on the CKCH architecture are locked so we can
10993 * manipulate ckch_store and ckch_inst */
10994 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
10995 return cli_err(appctx, "Can't commit the certificate!\nOperations on certificates are currently locked!\n");
10996
10997 if (!ckchs_transaction.path) {
10998 memprintf(&err, "No ongoing transaction! !\n");
10999 goto error;
11000 }
11001
11002 if (strcmp(ckchs_transaction.path, args[3]) != 0) {
11003 memprintf(&err, "The ongoing transaction is about '%s' but you are trying to set '%s'\n", ckchs_transaction.path, args[3]);
11004 goto error;
11005 }
11006
William Lallemand4c5adbf2020-02-24 14:23:22 +010011007#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
11008 if (ckchs_transaction.new_ckchs->multi) {
11009 int n;
11010
11011 for (n = 0; n < SSL_SOCK_NUM_KEYTYPES; n++) {
11012 if (ckchs_transaction.new_ckchs->ckch[n].cert && !X509_check_private_key(ckchs_transaction.new_ckchs->ckch[n].cert, ckchs_transaction.new_ckchs->ckch[n].key)) {
11013 memprintf(&err, "inconsistencies between private key and certificate loaded '%s'.\n", ckchs_transaction.path);
11014 goto error;
11015 }
11016 }
11017 } else
11018#endif
11019 {
11020 if (!X509_check_private_key(ckchs_transaction.new_ckchs->ckch->cert, ckchs_transaction.new_ckchs->ckch->key)) {
11021 memprintf(&err, "inconsistencies between private key and certificate loaded '%s'.\n", ckchs_transaction.path);
11022 goto error;
11023 }
11024 }
11025
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011026 /* init the appctx structure */
11027 appctx->st2 = SETCERT_ST_INIT;
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011028 appctx->ctx.ssl.next_ckchi = NULL;
11029 appctx->ctx.ssl.new_ckchs = ckchs_transaction.new_ckchs;
11030 appctx->ctx.ssl.old_ckchs = ckchs_transaction.old_ckchs;
11031
11032 /* we don't unlock there, it will be unlock after the IO handler, in the release handler */
11033 return 0;
11034
11035error:
11036
11037 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
11038 err = memprintf(&err, "%sCan't commit %s!\n", err ? err : "", args[3]);
11039
11040 return cli_dynerr(appctx, err);
11041}
11042
11043
William Lallemand8f840d72019-10-23 10:53:05 +020011044/*
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011045 * Parsing function of `set ssl cert`, it updates or creates a temporary ckch.
William Lallemand8f840d72019-10-23 10:53:05 +020011046 */
William Lallemand150bfa82019-09-19 17:12:49 +020011047static int cli_parse_set_cert(char **args, char *payload, struct appctx *appctx, void *private)
11048{
William Lallemand0c3b7d92019-10-18 11:27:07 +020011049 struct ckch_store *new_ckchs = NULL;
William Lallemand8f840d72019-10-23 10:53:05 +020011050 struct ckch_store *old_ckchs = NULL;
William Lallemand150bfa82019-09-19 17:12:49 +020011051 char *err = NULL;
William Lallemand963b2e72019-10-14 11:38:36 +020011052 int i;
William Lallemand849eed62019-10-17 16:23:50 +020011053 int bundle = -1; /* TRUE if >= 0 (ckch index) */
Emeric Brunf69ed1d2019-10-17 11:56:56 +020011054 int errcode = 0;
William Lallemand44b35322019-10-17 16:28:40 +020011055 char *end;
11056 int type = CERT_TYPE_PEM;
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011057 struct cert_key_and_chain *ckch;
11058 struct buffer *buf;
William Lallemand8f840d72019-10-23 10:53:05 +020011059
William Lallemand230662a2019-12-03 13:32:54 +010011060 if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
11061 return 1;
11062
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011063 if ((buf = alloc_trash_chunk()) == NULL)
11064 return cli_err(appctx, "Can't allocate memory\n");
William Lallemand150bfa82019-09-19 17:12:49 +020011065
11066 if (!*args[3] || !payload)
11067 return cli_err(appctx, "'set ssl cert expects a filename and a certificat as a payload\n");
11068
11069 /* The operations on the CKCH architecture are locked so we can
11070 * manipulate ckch_store and ckch_inst */
11071 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
11072 return cli_err(appctx, "Can't update the certificate!\nOperations on certificates are currently locked!\n");
11073
William Lallemand8f840d72019-10-23 10:53:05 +020011074 if (!chunk_strcpy(buf, args[3])) {
11075 memprintf(&err, "%sCan't allocate memory\n", err ? err : "");
11076 errcode |= ERR_ALERT | ERR_FATAL;
11077 goto end;
11078 }
11079
William Lallemand44b35322019-10-17 16:28:40 +020011080 /* check which type of file we want to update */
William Lallemandf29cdef2019-10-23 15:00:52 +020011081 for (i = 0; cert_exts[i].type < CERT_TYPE_MAX; i++) {
William Lallemand8f840d72019-10-23 10:53:05 +020011082 end = strrchr(buf->area, '.');
William Lallemand44b35322019-10-17 16:28:40 +020011083 if (end && *cert_exts[i].ext && (!strcmp(end + 1, cert_exts[i].ext))) {
11084 *end = '\0';
11085 type = cert_exts[i].type;
11086 break;
11087 }
11088 }
11089
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011090 appctx->ctx.ssl.old_ckchs = NULL;
11091 appctx->ctx.ssl.new_ckchs = NULL;
William Lallemand849eed62019-10-17 16:23:50 +020011092
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011093 /* if there is an ongoing transaction */
11094 if (ckchs_transaction.path) {
11095 /* if the ongoing transaction is a bundle, we need to find which part of the bundle need to be updated */
William Lallemand963b2e72019-10-14 11:38:36 +020011096#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011097 if (ckchs_transaction.new_ckchs->multi) {
Emmanuel Hocdet40f2f1e2019-10-30 17:31:28 +010011098 char *end;
William Lallemand963b2e72019-10-14 11:38:36 +020011099 int j;
William Lallemand150bfa82019-09-19 17:12:49 +020011100
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011101 /* check if it was used in a bundle by removing the
William Lallemand963b2e72019-10-14 11:38:36 +020011102 * .dsa/.rsa/.ecdsa at the end of the filename */
William Lallemand8f840d72019-10-23 10:53:05 +020011103 end = strrchr(buf->area, '.');
Emmanuel Hocdet40f2f1e2019-10-30 17:31:28 +010011104 for (j = 0; end && j < SSL_SOCK_NUM_KEYTYPES; j++) {
William Lallemand963b2e72019-10-14 11:38:36 +020011105 if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) {
11106 bundle = j; /* keep the type of certificate so we insert it at the right place */
11107 *end = '\0'; /* it's a bundle let's end the string*/
11108 break;
11109 }
William Lallemand150bfa82019-09-19 17:12:49 +020011110 }
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011111 if (bundle < 0) {
11112 memprintf(&err, "The ongoing transaction is the '%s' bundle. You need to specify which part of the bundle you want to update ('%s.{rsa,ecdsa,dsa}')\n", ckchs_transaction.path, buf->area);
11113 errcode |= ERR_ALERT | ERR_FATAL;
11114 goto end;
11115 }
11116 }
11117#endif
11118
11119 /* if there is an ongoing transaction, check if this is the same file */
11120 if (strcmp(ckchs_transaction.path, buf->area) != 0) {
11121 memprintf(&err, "The ongoing transaction is about '%s' but you are trying to set '%s'\n", ckchs_transaction.path, buf->area);
11122 errcode |= ERR_ALERT | ERR_FATAL;
11123 goto end;
William Lallemand150bfa82019-09-19 17:12:49 +020011124 }
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011125
11126 appctx->ctx.ssl.old_ckchs = ckchs_transaction.new_ckchs;
11127
11128 } else {
11129 struct ckch_store *find_ckchs[2] = { NULL, NULL };
11130
11131 /* lookup for the certificate in the tree:
11132 * check if this is used as a bundle AND as a unique certificate */
11133 for (i = 0; i < 2; i++) {
11134
11135 if ((find_ckchs[i] = ckchs_lookup(buf->area)) != NULL) {
11136 /* only the bundle name is in the tree and you should
11137 * never update a bundle name, only a filename */
11138 if (bundle < 0 && find_ckchs[i]->multi) {
11139 /* we tried to look for a non-bundle and we found a bundle */
11140 memprintf(&err, "%s%s is a multi-cert bundle. Try updating %s.{dsa,rsa,ecdsa}\n",
11141 err ? err : "", args[3], args[3]);
11142 errcode |= ERR_ALERT | ERR_FATAL;
11143 goto end;
11144 }
William Lallemand3246d942019-11-04 14:02:11 +010011145 /* If we want a bundle but this is not a bundle
11146 * example: When you try to update <file>.rsa, but
11147 * <file> is a regular file */
11148 if (bundle >= 0 && find_ckchs[i]->multi == 0) {
11149 find_ckchs[i] = NULL;
11150 break;
11151 }
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011152 }
11153#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
11154 {
Emmanuel Hocdet40f2f1e2019-10-30 17:31:28 +010011155 char *end;
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011156 int j;
11157
11158 /* check if it was used in a bundle by removing the
11159 * .dsa/.rsa/.ecdsa at the end of the filename */
11160 end = strrchr(buf->area, '.');
Emmanuel Hocdet40f2f1e2019-10-30 17:31:28 +010011161 for (j = 0; end && j < SSL_SOCK_NUM_KEYTYPES; j++) {
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011162 if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) {
11163 bundle = j; /* keep the type of certificate so we insert it at the right place */
11164 *end = '\0'; /* it's a bundle let's end the string*/
11165 break;
11166 }
11167 }
William Lallemand37031b82019-11-04 13:38:53 +010011168 if (bundle < 0) /* we didn't find a bundle extension */
11169 break;
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011170 }
William Lallemand963b2e72019-10-14 11:38:36 +020011171#else
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011172 /* bundles are not supported here, so we don't need to lookup again */
11173 break;
William Lallemand963b2e72019-10-14 11:38:36 +020011174#endif
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011175 }
11176
11177 if (find_ckchs[0] && find_ckchs[1]) {
11178 memprintf(&err, "%sUpdating a certificate which is used in the HAProxy configuration as a bundle and as a unique certificate is not supported. ('%s' and '%s')\n",
11179 err ? err : "", find_ckchs[0]->path, find_ckchs[1]->path);
11180 errcode |= ERR_ALERT | ERR_FATAL;
11181 goto end;
11182 }
11183
11184 appctx->ctx.ssl.old_ckchs = find_ckchs[0] ? find_ckchs[0] : find_ckchs[1];
William Lallemand150bfa82019-09-19 17:12:49 +020011185 }
11186
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011187 if (!appctx->ctx.ssl.old_ckchs) {
11188 memprintf(&err, "%sCan't replace a certificate which is not referenced by the configuration!\n",
William Lallemand150bfa82019-09-19 17:12:49 +020011189 err ? err : "");
Emeric Brunf69ed1d2019-10-17 11:56:56 +020011190 errcode |= ERR_ALERT | ERR_FATAL;
William Lallemand8f840d72019-10-23 10:53:05 +020011191 goto end;
William Lallemand150bfa82019-09-19 17:12:49 +020011192 }
11193
William Lallemand8a7fdf02019-11-04 10:59:32 +010011194 if (!appctx->ctx.ssl.path) {
11195 /* this is a new transaction, set the path of the transaction */
11196 appctx->ctx.ssl.path = strdup(appctx->ctx.ssl.old_ckchs->path);
11197 if (!appctx->ctx.ssl.path) {
11198 memprintf(&err, "%sCan't allocate memory\n", err ? err : "");
11199 errcode |= ERR_ALERT | ERR_FATAL;
11200 goto end;
11201 }
11202 }
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011203
11204 old_ckchs = appctx->ctx.ssl.old_ckchs;
11205
11206 /* TODO: handle filters */
11207 if (old_ckchs->filters) {
11208 memprintf(&err, "%sCertificates used in crt-list with filters are not supported!\n",
11209 err ? err : "");
11210 errcode |= ERR_ALERT | ERR_FATAL;
11211 goto end;
11212 }
11213
11214 /* duplicate the ckch store */
11215 new_ckchs = ckchs_dup(old_ckchs);
11216 if (!new_ckchs) {
11217 memprintf(&err, "%sCannot allocate memory!\n",
11218 err ? err : "");
11219 errcode |= ERR_ALERT | ERR_FATAL;
11220 goto end;
11221 }
11222
11223 if (!new_ckchs->multi)
11224 ckch = new_ckchs->ckch;
11225 else
11226 ckch = &new_ckchs->ckch[bundle];
11227
11228 /* appply the change on the duplicate */
11229 if (cert_exts[type].load(buf->area, payload, ckch, &err) != 0) {
11230 memprintf(&err, "%sCan't load the payload\n", err ? err : "");
11231 errcode |= ERR_ALERT | ERR_FATAL;
11232 goto end;
11233 }
11234
11235 appctx->ctx.ssl.new_ckchs = new_ckchs;
11236
11237 /* we succeed, we can save the ckchs in the transaction */
11238
11239 /* if there wasn't a transaction, update the old ckchs */
William Dauchyc8bb1532019-11-24 15:04:20 +010011240 if (!ckchs_transaction.old_ckchs) {
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011241 ckchs_transaction.old_ckchs = appctx->ctx.ssl.old_ckchs;
11242 ckchs_transaction.path = appctx->ctx.ssl.path;
11243 err = memprintf(&err, "Transaction created for certificate %s!\n", ckchs_transaction.path);
11244 } else {
11245 err = memprintf(&err, "Transaction updated for certificate %s!\n", ckchs_transaction.path);
11246
11247 }
11248
11249 /* free the previous ckchs if there was a transaction */
11250 ckchs_free(ckchs_transaction.new_ckchs);
11251
11252 ckchs_transaction.new_ckchs = appctx->ctx.ssl.new_ckchs;
11253
11254
William Lallemand8f840d72019-10-23 10:53:05 +020011255 /* creates the SNI ctxs later in the IO handler */
William Lallemand150bfa82019-09-19 17:12:49 +020011256
William Lallemand8f840d72019-10-23 10:53:05 +020011257end:
11258 free_trash_chunk(buf);
William Lallemand150bfa82019-09-19 17:12:49 +020011259
Emeric Brunf69ed1d2019-10-17 11:56:56 +020011260 if (errcode & ERR_CODE) {
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011261
11262 ckchs_free(appctx->ctx.ssl.new_ckchs);
11263 appctx->ctx.ssl.new_ckchs = NULL;
11264
11265 appctx->ctx.ssl.old_ckchs = NULL;
11266
11267 free(appctx->ctx.ssl.path);
11268 appctx->ctx.ssl.path = NULL;
11269
11270 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
William Lallemand44b35322019-10-17 16:28:40 +020011271 return cli_dynerr(appctx, memprintf(&err, "%sCan't update %s!\n", err ? err : "", args[3]));
William Lallemand430413e2019-10-28 14:30:47 +010011272 } else {
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011273
11274 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
11275 return cli_dynmsg(appctx, LOG_NOTICE, err);
William Lallemand430413e2019-10-28 14:30:47 +010011276 }
William Lallemand8f840d72019-10-23 10:53:05 +020011277 /* TODO: handle the ERR_WARN which are not handled because of the io_handler */
William Lallemand150bfa82019-09-19 17:12:49 +020011278}
11279
William Lallemand0bc9c8a2019-11-19 15:51:51 +010011280/* parsing function of 'abort ssl cert' */
11281static int cli_parse_abort_cert(char **args, char *payload, struct appctx *appctx, void *private)
11282{
11283 char *err = NULL;
11284
William Lallemand230662a2019-12-03 13:32:54 +010011285 if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
11286 return 1;
11287
William Lallemand0bc9c8a2019-11-19 15:51:51 +010011288 if (!*args[3])
11289 return cli_err(appctx, "'abort ssl cert' expects a filename\n");
11290
11291 /* The operations on the CKCH architecture are locked so we can
11292 * manipulate ckch_store and ckch_inst */
11293 if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
11294 return cli_err(appctx, "Can't abort!\nOperations on certificates are currently locked!\n");
11295
11296 if (!ckchs_transaction.path) {
11297 memprintf(&err, "No ongoing transaction!\n");
11298 goto error;
11299 }
11300
11301 if (strcmp(ckchs_transaction.path, args[3]) != 0) {
11302 memprintf(&err, "The ongoing transaction is about '%s' but you are trying to abort a transaction for '%s'\n", ckchs_transaction.path, args[3]);
11303 goto error;
11304 }
11305
11306 /* Only free the ckchs there, because the SNI and instances were not generated yet */
11307 ckchs_free(ckchs_transaction.new_ckchs);
11308 ckchs_transaction.new_ckchs = NULL;
11309 ckchs_free(ckchs_transaction.old_ckchs);
11310 ckchs_transaction.old_ckchs = NULL;
11311 free(ckchs_transaction.path);
11312 ckchs_transaction.path = NULL;
11313
11314 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
11315
11316 err = memprintf(&err, "Transaction aborted for certificate '%s'!\n", args[3]);
11317 return cli_dynmsg(appctx, LOG_NOTICE, err);
11318
11319error:
11320 HA_SPIN_UNLOCK(CKCH_LOCK, &ckch_lock);
11321
11322 return cli_dynerr(appctx, err);
11323}
11324
Aurélien Nephtaliabbf6072018-04-18 13:26:46 +020011325static int cli_parse_set_ocspresponse(char **args, char *payload, struct appctx *appctx, void *private)
William Lallemand32af2032016-10-29 18:09:35 +020011326{
11327#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
11328 char *err = NULL;
Willy Tarreau1c913e42018-08-22 05:26:57 +020011329 int i, j, ret;
Aurélien Nephtali1e0867c2018-04-18 14:04:58 +020011330
11331 if (!payload)
11332 payload = args[3];
William Lallemand32af2032016-10-29 18:09:35 +020011333
11334 /* Expect one parameter: the new response in base64 encoding */
Willy Tarreau9d008692019-08-09 11:21:01 +020011335 if (!*payload)
11336 return cli_err(appctx, "'set ssl ocsp-response' expects response in base64 encoding.\n");
Aurélien Nephtali1e0867c2018-04-18 14:04:58 +020011337
11338 /* remove \r and \n from the payload */
11339 for (i = 0, j = 0; payload[i]; i++) {
11340 if (payload[i] == '\r' || payload[i] == '\n')
11341 continue;
11342 payload[j++] = payload[i];
11343 }
11344 payload[j] = 0;
William Lallemand32af2032016-10-29 18:09:35 +020011345
Willy Tarreau1c913e42018-08-22 05:26:57 +020011346 ret = base64dec(payload, j, trash.area, trash.size);
Willy Tarreau9d008692019-08-09 11:21:01 +020011347 if (ret < 0)
11348 return cli_err(appctx, "'set ssl ocsp-response' received invalid base64 encoded response.\n");
William Lallemand32af2032016-10-29 18:09:35 +020011349
Willy Tarreau1c913e42018-08-22 05:26:57 +020011350 trash.data = ret;
William Lallemand32af2032016-10-29 18:09:35 +020011351 if (ssl_sock_update_ocsp_response(&trash, &err)) {
Willy Tarreau9d008692019-08-09 11:21:01 +020011352 if (err)
11353 return cli_dynerr(appctx, memprintf(&err, "%s.\n", err));
11354 else
11355 return cli_err(appctx, "Failed to update OCSP response.\n");
William Lallemand32af2032016-10-29 18:09:35 +020011356 }
Willy Tarreau9d008692019-08-09 11:21:01 +020011357
11358 return cli_msg(appctx, LOG_INFO, "OCSP Response updated!\n");
William Lallemand32af2032016-10-29 18:09:35 +020011359#else
Willy Tarreau9d008692019-08-09 11:21:01 +020011360 return cli_err(appctx, "HAProxy was compiled against a version of OpenSSL that doesn't support OCSP stapling.\n");
William Lallemand32af2032016-10-29 18:09:35 +020011361#endif
11362
Nenad Merdanovicc31499d2019-03-23 11:00:32 +010011363}
11364
Willy Tarreau86a394e2019-05-09 14:15:32 +020011365#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000100fL)
Nenad Merdanovicc31499d2019-03-23 11:00:32 +010011366static inline int sample_conv_var2smp_str(const struct arg *arg, struct sample *smp)
11367{
11368 switch (arg->type) {
11369 case ARGT_STR:
11370 smp->data.type = SMP_T_STR;
11371 smp->data.u.str = arg->data.str;
11372 return 1;
11373 case ARGT_VAR:
11374 if (!vars_get_by_desc(&arg->data.var, smp))
11375 return 0;
11376 if (!sample_casts[smp->data.type][SMP_T_STR])
11377 return 0;
11378 if (!sample_casts[smp->data.type][SMP_T_STR](smp))
11379 return 0;
11380 return 1;
11381 default:
11382 return 0;
11383 }
11384}
11385
11386static int check_aes_gcm(struct arg *args, struct sample_conv *conv,
11387 const char *file, int line, char **err)
11388{
11389 switch(args[0].data.sint) {
11390 case 128:
11391 case 192:
11392 case 256:
11393 break;
11394 default:
11395 memprintf(err, "key size must be 128, 192 or 256 (bits).");
11396 return 0;
11397 }
11398 /* Try to decode a variable. */
11399 vars_check_arg(&args[1], NULL);
11400 vars_check_arg(&args[2], NULL);
11401 vars_check_arg(&args[3], NULL);
11402 return 1;
11403}
11404
11405/* Arguements: AES size in bits, nonce, key, tag. The last three arguments are base64 encoded */
11406static int sample_conv_aes_gcm_dec(const struct arg *arg_p, struct sample *smp, void *private)
11407{
11408 struct sample nonce, key, aead_tag;
11409 struct buffer *smp_trash, *smp_trash_alloc;
11410 EVP_CIPHER_CTX *ctx;
11411 int dec_size, ret;
11412
11413 smp_set_owner(&nonce, smp->px, smp->sess, smp->strm, smp->opt);
11414 if (!sample_conv_var2smp_str(&arg_p[1], &nonce))
11415 return 0;
11416
11417 smp_set_owner(&key, smp->px, smp->sess, smp->strm, smp->opt);
11418 if (!sample_conv_var2smp_str(&arg_p[2], &key))
11419 return 0;
11420
11421 smp_set_owner(&aead_tag, smp->px, smp->sess, smp->strm, smp->opt);
11422 if (!sample_conv_var2smp_str(&arg_p[3], &aead_tag))
11423 return 0;
11424
11425 smp_trash = get_trash_chunk();
11426 smp_trash_alloc = alloc_trash_chunk();
11427 if (!smp_trash_alloc)
11428 return 0;
11429
11430 ctx = EVP_CIPHER_CTX_new();
11431
11432 if (!ctx)
11433 goto err;
11434
11435 dec_size = base64dec(nonce.data.u.str.area, nonce.data.u.str.data, smp_trash->area, smp_trash->size);
11436 if (dec_size < 0)
11437 goto err;
11438 smp_trash->data = dec_size;
11439
11440 /* Set cipher type and mode */
11441 switch(arg_p[0].data.sint) {
11442 case 128:
11443 EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL);
11444 break;
11445 case 192:
11446 EVP_DecryptInit_ex(ctx, EVP_aes_192_gcm(), NULL, NULL, NULL);
11447 break;
11448 case 256:
11449 EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL);
11450 break;
11451 }
11452
11453 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, smp_trash->data, NULL);
11454
11455 /* Initialise IV */
11456 if(!EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, (unsigned char *) smp_trash->area))
11457 goto err;
11458
11459 dec_size = base64dec(key.data.u.str.area, key.data.u.str.data, smp_trash->area, smp_trash->size);
11460 if (dec_size < 0)
11461 goto err;
11462 smp_trash->data = dec_size;
11463
11464 /* Initialise key */
11465 if (!EVP_DecryptInit_ex(ctx, NULL, NULL, (unsigned char *) smp_trash->area, NULL))
11466 goto err;
11467
11468 if (!EVP_DecryptUpdate(ctx, (unsigned char *) smp_trash->area, (int *) &smp_trash->data,
11469 (unsigned char *) smp->data.u.str.area, (int) smp->data.u.str.data))
11470 goto err;
11471
11472 dec_size = base64dec(aead_tag.data.u.str.area, aead_tag.data.u.str.data, smp_trash_alloc->area, smp_trash_alloc->size);
11473 if (dec_size < 0)
11474 goto err;
11475 smp_trash_alloc->data = dec_size;
11476 dec_size = smp_trash->data;
11477
11478 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, smp_trash_alloc->data, (void *) smp_trash_alloc->area);
11479 ret = EVP_DecryptFinal_ex(ctx, (unsigned char *) smp_trash->area + smp_trash->data, (int *) &smp_trash->data);
11480
11481 if (ret <= 0)
11482 goto err;
11483
11484 smp->data.u.str.data = dec_size + smp_trash->data;
11485 smp->data.u.str.area = smp_trash->area;
11486 smp->data.type = SMP_T_BIN;
11487 smp->flags &= ~SMP_F_CONST;
11488 free_trash_chunk(smp_trash_alloc);
11489 return 1;
11490
11491err:
11492 free_trash_chunk(smp_trash_alloc);
11493 return 0;
William Lallemand32af2032016-10-29 18:09:35 +020011494}
Nenad Merdanovicc31499d2019-03-23 11:00:32 +010011495# endif
William Lallemand32af2032016-10-29 18:09:35 +020011496
Elliot Otchet71f82972020-01-15 08:12:14 -050011497/* Argument validation functions */
11498
11499/* This function is used to validate the arguments passed to any "x_dn" ssl
11500 * keywords. These keywords support specifying a third parameter that must be
11501 * either empty or the value "rfc2253". Returns 0 on error, non-zero if OK.
11502 */
11503int val_dnfmt(struct arg *arg, char **err_msg)
11504{
11505 if (arg && arg[2].type == ARGT_STR && arg[2].data.str.data > 0 && (strcmp(arg[2].data.str.area, "rfc2253") != 0)) {
11506 memprintf(err_msg, "only rfc2253 or a blank value are currently supported as the format argument.");
11507 return 0;
11508 }
11509 return 1;
11510}
11511
William Lallemand32af2032016-10-29 18:09:35 +020011512/* register cli keywords */
11513static struct cli_kw_list cli_kws = {{ },{
11514#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
11515 { { "show", "tls-keys", NULL }, "show tls-keys [id|*]: show tls keys references or dump tls ticket keys when id specified", cli_parse_show_tlskeys, NULL },
Lukas Tribusf4bbc432017-10-24 12:26:31 +020011516 { { "set", "ssl", "tls-key", NULL }, "set ssl tls-key [id|keyfile] <tlskey>: set the next TLS key for the <id> or <keyfile> listener to <tlskey>", cli_parse_set_tlskeys, NULL },
William Lallemand32af2032016-10-29 18:09:35 +020011517#endif
Emmanuel Hocdetfdec7892017-01-13 17:48:18 +010011518 { { "set", "ssl", "ocsp-response", NULL }, NULL, cli_parse_set_ocspresponse, NULL },
William Lallemandbc6ca7c2019-10-29 23:48:19 +010011519 { { "set", "ssl", "cert", NULL }, "set ssl cert <certfile> <payload> : replace a certificate file", cli_parse_set_cert, NULL, NULL },
11520 { { "commit", "ssl", "cert", NULL }, "commit ssl cert <certfile> : commit a certificate file", cli_parse_commit_cert, cli_io_handler_commit_cert, cli_release_commit_cert },
William Lallemand0bc9c8a2019-11-19 15:51:51 +010011521 { { "abort", "ssl", "cert", NULL }, "abort ssl cert <certfile> : abort a transaction for a certificate file", cli_parse_abort_cert, NULL, NULL },
William Lallemandd4f946c2019-12-05 10:26:40 +010011522 { { "show", "ssl", "cert", NULL }, "show ssl cert [<certfile>] : display the SSL certificates used in memory, or the details of a <certfile>", cli_parse_show_cert, cli_io_handler_show_cert, cli_release_show_cert },
William Lallemand32af2032016-10-29 18:09:35 +020011523 { { NULL }, NULL, NULL, NULL }
11524}};
11525
Willy Tarreau0108d902018-11-25 19:14:37 +010011526INITCALL1(STG_REGISTER, cli_register_kw, &cli_kws);
William Lallemand32af2032016-10-29 18:09:35 +020011527
Willy Tarreau7875d092012-09-10 08:20:03 +020011528/* Note: must not be declared <const> as its list will be overwritten.
11529 * Please take care of keeping this list alphabetically sorted.
11530 */
Willy Tarreaudc13c112013-06-21 23:16:39 +020011531static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
Emeric Brun645ae792014-04-30 14:21:06 +020011532 { "ssl_bc", smp_fetch_ssl_fc, 0, NULL, SMP_T_BOOL, SMP_USE_L5SRV },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011533 { "ssl_bc_alg_keysize", smp_fetch_ssl_fc_alg_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5SRV },
Olivier Houchard6b77f492018-11-22 18:18:29 +010011534#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Jérôme Magnine064a802018-12-03 22:21:04 +010011535 { "ssl_bc_alpn", smp_fetch_ssl_fc_alpn, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
Olivier Houchard6b77f492018-11-22 18:18:29 +010011536#endif
Emeric Brun645ae792014-04-30 14:21:06 +020011537 { "ssl_bc_cipher", smp_fetch_ssl_fc_cipher, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
Olivier Houchard6b77f492018-11-22 18:18:29 +010011538#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
11539 { "ssl_bc_npn", smp_fetch_ssl_fc_npn, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
11540#endif
Emeric Brun74f7ffa2018-02-19 16:14:12 +010011541 { "ssl_bc_is_resumed", smp_fetch_ssl_fc_is_resumed, 0, NULL, SMP_T_BOOL, SMP_USE_L5SRV },
Emeric Brun645ae792014-04-30 14:21:06 +020011542 { "ssl_bc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5SRV },
Emeric Brunb73a9b02014-04-30 18:49:19 +020011543 { "ssl_bc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011544 { "ssl_bc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5SRV },
Willy Tarreau9a1ab082019-05-09 13:26:41 +020011545#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Emeric Brun645ae792014-04-30 14:21:06 +020011546 { "ssl_bc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
Patrick Hemmer41966772018-04-28 19:15:48 -040011547#endif
Emmanuel Hocdet839af572019-05-14 16:27:35 +020011548#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
Patrick Hemmer65674662019-06-04 08:13:03 -040011549 { "ssl_bc_client_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
11550 { "ssl_bc_server_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
Patrick Hemmere0275472018-04-28 19:15:51 -040011551 { "ssl_bc_session_key", smp_fetch_ssl_fc_session_key, 0, NULL, SMP_T_BIN, SMP_USE_L5SRV },
11552#endif
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011553 { "ssl_c_ca_err", smp_fetch_ssl_c_ca_err, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
11554 { "ssl_c_ca_err_depth", smp_fetch_ssl_c_ca_err_depth, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Emeric Brun43e79582014-10-29 19:03:26 +010011555 { "ssl_c_der", smp_fetch_ssl_x_der, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011556 { "ssl_c_err", smp_fetch_ssl_c_err, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Elliot Otchet71f82972020-01-15 08:12:14 -050011557 { "ssl_c_i_dn", smp_fetch_ssl_x_i_dn, ARG3(0,STR,SINT,STR),val_dnfmt, SMP_T_STR, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +020011558 { "ssl_c_key_alg", smp_fetch_ssl_x_key_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11559 { "ssl_c_notafter", smp_fetch_ssl_x_notafter, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11560 { "ssl_c_notbefore", smp_fetch_ssl_x_notbefore, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11561 { "ssl_c_sig_alg", smp_fetch_ssl_x_sig_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Elliot Otchet71f82972020-01-15 08:12:14 -050011562 { "ssl_c_s_dn", smp_fetch_ssl_x_s_dn, ARG3(0,STR,SINT,STR),val_dnfmt, SMP_T_STR, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +020011563 { "ssl_c_serial", smp_fetch_ssl_x_serial, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
11564 { "ssl_c_sha1", smp_fetch_ssl_x_sha1, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +010011565 { "ssl_c_used", smp_fetch_ssl_c_used, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011566 { "ssl_c_verify", smp_fetch_ssl_c_verify, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
11567 { "ssl_c_version", smp_fetch_ssl_x_version, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Emeric Brun43e79582014-10-29 19:03:26 +010011568 { "ssl_f_der", smp_fetch_ssl_x_der, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Elliot Otchet71f82972020-01-15 08:12:14 -050011569 { "ssl_f_i_dn", smp_fetch_ssl_x_i_dn, ARG3(0,STR,SINT,STR),val_dnfmt, SMP_T_STR, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +020011570 { "ssl_f_key_alg", smp_fetch_ssl_x_key_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11571 { "ssl_f_notafter", smp_fetch_ssl_x_notafter, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11572 { "ssl_f_notbefore", smp_fetch_ssl_x_notbefore, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11573 { "ssl_f_sig_alg", smp_fetch_ssl_x_sig_alg, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Elliot Otchet71f82972020-01-15 08:12:14 -050011574 { "ssl_f_s_dn", smp_fetch_ssl_x_s_dn, ARG3(0,STR,SINT,STR),val_dnfmt, SMP_T_STR, SMP_USE_L5CLI },
Emeric Brunba841a12014-04-30 17:05:08 +020011575 { "ssl_f_serial", smp_fetch_ssl_x_serial, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Emeric Brun55f4fa82014-04-30 17:11:25 +020011576 { "ssl_f_sha1", smp_fetch_ssl_x_sha1, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011577 { "ssl_f_version", smp_fetch_ssl_x_version, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +010011578 { "ssl_fc", smp_fetch_ssl_fc, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011579 { "ssl_fc_alg_keysize", smp_fetch_ssl_fc_alg_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010011580 { "ssl_fc_cipher", smp_fetch_ssl_fc_cipher, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +010011581 { "ssl_fc_has_crt", smp_fetch_ssl_fc_has_crt, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Olivier Houchardccaa7de2017-10-02 11:51:03 +020011582 { "ssl_fc_has_early", smp_fetch_ssl_fc_has_early, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Willy Tarreau80aca902013-01-07 15:42:20 +010011583 { "ssl_fc_has_sni", smp_fetch_ssl_fc_has_sni, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Nenad Merdanovic26ea8222015-05-18 02:28:57 +020011584 { "ssl_fc_is_resumed", smp_fetch_ssl_fc_is_resumed, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI },
Bernard Spil13c53f82018-02-15 13:34:58 +010011585#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010011586 { "ssl_fc_npn", smp_fetch_ssl_fc_npn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreaua33c6542012-10-15 13:19:06 +020011587#endif
Dirkjan Bussink48f1c4e2014-02-13 12:29:42 +010011588#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010011589 { "ssl_fc_alpn", smp_fetch_ssl_fc_alpn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreauab861d32013-04-02 02:30:41 +020011590#endif
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010011591 { "ssl_fc_protocol", smp_fetch_ssl_fc_protocol, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Willy Tarreau9a1ab082019-05-09 13:26:41 +020011592#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Emeric Brunb73a9b02014-04-30 18:49:19 +020011593 { "ssl_fc_unique_id", smp_fetch_ssl_fc_unique_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Patrick Hemmer41966772018-04-28 19:15:48 -040011594#endif
Thierry FOURNIER07ee64e2015-07-06 23:43:03 +020011595 { "ssl_fc_use_keysize", smp_fetch_ssl_fc_use_keysize, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Willy Tarreau9a1ab082019-05-09 13:26:41 +020011596#if HA_OPENSSL_VERSION_NUMBER > 0x0090800fL
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010011597 { "ssl_fc_session_id", smp_fetch_ssl_fc_session_id, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Patrick Hemmer41966772018-04-28 19:15:48 -040011598#endif
Emmanuel Hocdet839af572019-05-14 16:27:35 +020011599#if HA_OPENSSL_VERSION_NUMBER >= 0x10100000L
Patrick Hemmer65674662019-06-04 08:13:03 -040011600 { "ssl_fc_client_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
11601 { "ssl_fc_server_random", smp_fetch_ssl_fc_random, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
Patrick Hemmere0275472018-04-28 19:15:51 -040011602 { "ssl_fc_session_key", smp_fetch_ssl_fc_session_key, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
11603#endif
Patrick Hemmer41966772018-04-28 19:15:48 -040011604#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +010011605 { "ssl_fc_sni", smp_fetch_ssl_fc_sni, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
Patrick Hemmer41966772018-04-28 19:15:48 -040011606#endif
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010011607 { "ssl_fc_cipherlist_bin", smp_fetch_ssl_fc_cl_bin, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11608 { "ssl_fc_cipherlist_hex", smp_fetch_ssl_fc_cl_hex, 0, NULL, SMP_T_BIN, SMP_USE_L5CLI },
11609 { "ssl_fc_cipherlist_str", smp_fetch_ssl_fc_cl_str, 0, NULL, SMP_T_STR, SMP_USE_L5CLI },
11610 { "ssl_fc_cipherlist_xxh", smp_fetch_ssl_fc_cl_xxh64, 0, NULL, SMP_T_SINT, SMP_USE_L5CLI },
Willy Tarreau7875d092012-09-10 08:20:03 +020011611 { NULL, NULL, 0, 0, 0 },
11612}};
11613
Willy Tarreau0108d902018-11-25 19:14:37 +010011614INITCALL1(STG_REGISTER, sample_register_fetches, &sample_fetch_keywords);
11615
Willy Tarreau7875d092012-09-10 08:20:03 +020011616/* Note: must not be declared <const> as its list will be overwritten.
11617 * Please take care of keeping this list alphabetically sorted.
11618 */
Willy Tarreaudc13c112013-06-21 23:16:39 +020011619static struct acl_kw_list acl_kws = {ILH, {
Thierry FOURNIERc5a4e982014-03-05 16:07:08 +010011620 { "ssl_fc_sni_end", "ssl_fc_sni", PAT_MATCH_END },
11621 { "ssl_fc_sni_reg", "ssl_fc_sni", PAT_MATCH_REG },
Willy Tarreau8ed669b2013-01-11 15:49:37 +010011622 { /* END */ },
Willy Tarreau7875d092012-09-10 08:20:03 +020011623}};
11624
Willy Tarreau0108d902018-11-25 19:14:37 +010011625INITCALL1(STG_REGISTER, acl_register_keywords, &acl_kws);
11626
Willy Tarreau79eeafa2012-09-14 07:53:05 +020011627/* Note: must not be declared <const> as its list will be overwritten.
11628 * Please take care of keeping this list alphabetically sorted, doing so helps
11629 * all code contributors.
11630 * Optional keywords are also declared with a NULL ->parse() function so that
11631 * the config parser can report an appropriate error when a known keyword was
11632 * not enabled.
11633 */
Emmanuel Hocdet98263292016-12-29 18:26:15 +010011634static struct ssl_bind_kw ssl_bind_kws[] = {
Olivier Houchardc2aae742017-09-22 18:26:28 +020011635 { "allow-0rtt", ssl_bind_parse_allow_0rtt, 0 }, /* allow 0-RTT */
Emmanuel Hocdet98263292016-12-29 18:26:15 +010011636 { "alpn", ssl_bind_parse_alpn, 1 }, /* set ALPN supported protocols */
11637 { "ca-file", ssl_bind_parse_ca_file, 1 }, /* set CAfile to process verify on client cert */
11638 { "ciphers", ssl_bind_parse_ciphers, 1 }, /* set SSL cipher suite */
Emmanuel Hocdet839af572019-05-14 16:27:35 +020011639#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020011640 { "ciphersuites", ssl_bind_parse_ciphersuites, 1 }, /* set TLS 1.3 cipher suite */
11641#endif
Emmanuel Hocdet98263292016-12-29 18:26:15 +010011642 { "crl-file", ssl_bind_parse_crl_file, 1 }, /* set certificat revocation list file use on client cert verify */
Emmanuel Hocdete7f2b732017-01-09 16:15:54 +010011643 { "curves", ssl_bind_parse_curves, 1 }, /* set SSL curve suite */
Emmanuel Hocdet98263292016-12-29 18:26:15 +010011644 { "ecdhe", ssl_bind_parse_ecdhe, 1 }, /* defines named curve for elliptic curve Diffie-Hellman */
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +020011645 { "no-ca-names", ssl_bind_parse_no_ca_names, 0 }, /* do not send ca names to clients (ca_file related) */
Emmanuel Hocdet98263292016-12-29 18:26:15 +010011646 { "npn", ssl_bind_parse_npn, 1 }, /* set NPN supported protocols */
Emmanuel Hocdetdf701a22017-05-18 12:46:50 +020011647 { "ssl-min-ver", ssl_bind_parse_tls_method_minmax,1 }, /* minimum version */
11648 { "ssl-max-ver", ssl_bind_parse_tls_method_minmax,1 }, /* maximum version */
Emmanuel Hocdet98263292016-12-29 18:26:15 +010011649 { "verify", ssl_bind_parse_verify, 1 }, /* set SSL verify method */
11650 { NULL, NULL, 0 },
11651};
11652
Willy Tarreau0108d902018-11-25 19:14:37 +010011653/* no initcall for ssl_bind_kws, these ones are parsed in the parser loop */
11654
Willy Tarreau51fb7652012-09-18 18:24:39 +020011655static struct bind_kw_list bind_kws = { "SSL", { }, {
Olivier Houchardc2aae742017-09-22 18:26:28 +020011656 { "allow-0rtt", bind_parse_allow_0rtt, 0 }, /* Allow 0RTT */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020011657 { "alpn", bind_parse_alpn, 1 }, /* set ALPN supported protocols */
11658 { "ca-file", bind_parse_ca_file, 1 }, /* set CAfile to process verify on client cert */
11659 { "ca-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ignore on verify depth > 0 */
11660 { "ca-sign-file", bind_parse_ca_sign_file, 1 }, /* set CAFile used to generate and sign server certs */
11661 { "ca-sign-pass", bind_parse_ca_sign_pass, 1 }, /* set CAKey passphrase */
11662 { "ciphers", bind_parse_ciphers, 1 }, /* set SSL cipher suite */
Emmanuel Hocdet839af572019-05-14 16:27:35 +020011663#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020011664 { "ciphersuites", bind_parse_ciphersuites, 1 }, /* set TLS 1.3 cipher suite */
11665#endif
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020011666 { "crl-file", bind_parse_crl_file, 1 }, /* set certificat revocation list file use on client cert verify */
11667 { "crt", bind_parse_crt, 1 }, /* load SSL certificates from this location */
11668 { "crt-ignore-err", bind_parse_ignore_err, 1 }, /* set error IDs to ingore on verify depth == 0 */
11669 { "crt-list", bind_parse_crt_list, 1 }, /* load a list of crt from this location */
11670 { "curves", bind_parse_curves, 1 }, /* set SSL curve suite */
11671 { "ecdhe", bind_parse_ecdhe, 1 }, /* defines named curve for elliptic curve Diffie-Hellman */
11672 { "force-sslv3", bind_parse_tls_method_options, 0 }, /* force SSLv3 */
11673 { "force-tlsv10", bind_parse_tls_method_options, 0 }, /* force TLSv10 */
11674 { "force-tlsv11", bind_parse_tls_method_options, 0 }, /* force TLSv11 */
11675 { "force-tlsv12", bind_parse_tls_method_options, 0 }, /* force TLSv12 */
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +020011676 { "force-tlsv13", bind_parse_tls_method_options, 0 }, /* force TLSv13 */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020011677 { "generate-certificates", bind_parse_generate_certs, 0 }, /* enable the server certificates generation */
Emmanuel Hocdet174dfe52017-07-28 15:01:05 +020011678 { "no-ca-names", bind_parse_no_ca_names, 0 }, /* do not send ca names to clients (ca_file related) */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020011679 { "no-sslv3", bind_parse_tls_method_options, 0 }, /* disable SSLv3 */
11680 { "no-tlsv10", bind_parse_tls_method_options, 0 }, /* disable TLSv10 */
11681 { "no-tlsv11", bind_parse_tls_method_options, 0 }, /* disable TLSv11 */
11682 { "no-tlsv12", bind_parse_tls_method_options, 0 }, /* disable TLSv12 */
Emmanuel Hocdet42fb9802017-03-30 19:29:39 +020011683 { "no-tlsv13", bind_parse_tls_method_options, 0 }, /* disable TLSv13 */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020011684 { "no-tls-tickets", bind_parse_no_tls_tickets, 0 }, /* disable session resumption tickets */
11685 { "ssl", bind_parse_ssl, 0 }, /* enable SSL processing */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020011686 { "ssl-min-ver", bind_parse_tls_method_minmax, 1 }, /* minimum version */
11687 { "ssl-max-ver", bind_parse_tls_method_minmax, 1 }, /* maximum version */
Emmanuel Hocdet5db33cb2017-03-30 19:19:37 +020011688 { "strict-sni", bind_parse_strict_sni, 0 }, /* refuse negotiation if sni doesn't match a certificate */
11689 { "tls-ticket-keys", bind_parse_tls_ticket_keys, 1 }, /* set file to load TLS ticket keys from */
11690 { "verify", bind_parse_verify, 1 }, /* set SSL verify method */
11691 { "npn", bind_parse_npn, 1 }, /* set NPN supported protocols */
11692 { "prefer-client-ciphers", bind_parse_pcc, 0 }, /* prefer client ciphers */
Willy Tarreau79eeafa2012-09-14 07:53:05 +020011693 { NULL, NULL, 0 },
11694}};
Emeric Brun46591952012-05-18 15:47:34 +020011695
Willy Tarreau0108d902018-11-25 19:14:37 +010011696INITCALL1(STG_REGISTER, bind_register_keywords, &bind_kws);
11697
Willy Tarreau92faadf2012-10-10 23:04:25 +020011698/* Note: must not be declared <const> as its list will be overwritten.
11699 * Please take care of keeping this list alphabetically sorted, doing so helps
11700 * all code contributors.
11701 * Optional keywords are also declared with a NULL ->parse() function so that
11702 * the config parser can report an appropriate error when a known keyword was
11703 * not enabled.
11704 */
11705static struct srv_kw_list srv_kws = { "SSL", { }, {
Olivier Houchard522eea72017-11-03 16:27:47 +010011706 { "allow-0rtt", srv_parse_allow_0rtt, 0, 1 }, /* Allow using early data on this server */
Olivier Houchardc7566002018-11-20 23:33:50 +010011707 { "alpn", srv_parse_alpn, 1, 1 }, /* Set ALPN supported protocols */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020011708 { "ca-file", srv_parse_ca_file, 1, 1 }, /* set CAfile to process verify server cert */
Olivier Houchard92150142018-12-21 19:47:01 +010011709 { "check-alpn", srv_parse_alpn, 1, 1 }, /* Set ALPN used for checks */
Olivier Houchard9130a962017-10-17 17:33:43 +020011710 { "check-sni", srv_parse_check_sni, 1, 1 }, /* set SNI */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020011711 { "check-ssl", srv_parse_check_ssl, 0, 1 }, /* enable SSL for health checks */
11712 { "ciphers", srv_parse_ciphers, 1, 1 }, /* select the cipher suite */
Emmanuel Hocdet839af572019-05-14 16:27:35 +020011713#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020011714 { "ciphersuites", srv_parse_ciphersuites, 1, 1 }, /* select the cipher suite */
11715#endif
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020011716 { "crl-file", srv_parse_crl_file, 1, 1 }, /* set certificate revocation list file use on server cert verify */
11717 { "crt", srv_parse_crt, 1, 1 }, /* set client certificate */
11718 { "force-sslv3", srv_parse_tls_method_options, 0, 1 }, /* force SSLv3 */
11719 { "force-tlsv10", srv_parse_tls_method_options, 0, 1 }, /* force TLSv10 */
11720 { "force-tlsv11", srv_parse_tls_method_options, 0, 1 }, /* force TLSv11 */
11721 { "force-tlsv12", srv_parse_tls_method_options, 0, 1 }, /* force TLSv12 */
11722 { "force-tlsv13", srv_parse_tls_method_options, 0, 1 }, /* force TLSv13 */
11723 { "no-check-ssl", srv_parse_no_check_ssl, 0, 1 }, /* disable SSL for health checks */
11724 { "no-send-proxy-v2-ssl", srv_parse_no_send_proxy_ssl, 0, 1 }, /* do not send PROXY protocol header v2 with SSL info */
11725 { "no-send-proxy-v2-ssl-cn", srv_parse_no_send_proxy_cn, 0, 1 }, /* do not send PROXY protocol header v2 with CN */
11726 { "no-ssl", srv_parse_no_ssl, 0, 1 }, /* disable SSL processing */
11727 { "no-ssl-reuse", srv_parse_no_ssl_reuse, 0, 1 }, /* disable session reuse */
11728 { "no-sslv3", srv_parse_tls_method_options, 0, 0 }, /* disable SSLv3 */
11729 { "no-tlsv10", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv10 */
11730 { "no-tlsv11", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv11 */
11731 { "no-tlsv12", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv12 */
11732 { "no-tlsv13", srv_parse_tls_method_options, 0, 0 }, /* disable TLSv13 */
11733 { "no-tls-tickets", srv_parse_no_tls_tickets, 0, 1 }, /* disable session resumption tickets */
Olivier Houchardc7566002018-11-20 23:33:50 +010011734 { "npn", srv_parse_npn, 1, 1 }, /* Set NPN supported protocols */
Emmanuel Hocdete1c722b2017-03-31 15:02:54 +020011735 { "send-proxy-v2-ssl", srv_parse_send_proxy_ssl, 0, 1 }, /* send PROXY protocol header v2 with SSL info */
11736 { "send-proxy-v2-ssl-cn", srv_parse_send_proxy_cn, 0, 1 }, /* send PROXY protocol header v2 with CN */
11737 { "sni", srv_parse_sni, 1, 1 }, /* send SNI extension */
11738 { "ssl", srv_parse_ssl, 0, 1 }, /* enable SSL processing */
11739 { "ssl-min-ver", srv_parse_tls_method_minmax, 1, 1 }, /* minimum version */
11740 { "ssl-max-ver", srv_parse_tls_method_minmax, 1, 1 }, /* maximum version */
11741 { "ssl-reuse", srv_parse_ssl_reuse, 0, 1 }, /* enable session reuse */
11742 { "tls-tickets", srv_parse_tls_tickets, 0, 1 }, /* enable session resumption tickets */
11743 { "verify", srv_parse_verify, 1, 1 }, /* set SSL verify method */
11744 { "verifyhost", srv_parse_verifyhost, 1, 1 }, /* require that SSL cert verifies for hostname */
Willy Tarreau92faadf2012-10-10 23:04:25 +020011745 { NULL, NULL, 0, 0 },
11746}};
11747
Willy Tarreau0108d902018-11-25 19:14:37 +010011748INITCALL1(STG_REGISTER, srv_register_keywords, &srv_kws);
11749
Emeric Brun2c86cbf2014-10-30 15:56:50 +010011750static struct cfg_kw_list cfg_kws = {ILH, {
Willy Tarreau8c3b0fd2016-12-21 22:44:46 +010011751 { CFG_GLOBAL, "ca-base", ssl_parse_global_ca_crt_base },
11752 { CFG_GLOBAL, "crt-base", ssl_parse_global_ca_crt_base },
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +010011753 { CFG_GLOBAL, "issuers-chain-path", ssl_load_global_issuers_from_path },
Willy Tarreau0bea58d2016-12-21 23:17:25 +010011754 { CFG_GLOBAL, "maxsslconn", ssl_parse_global_int },
Emeric Brun2c86cbf2014-10-30 15:56:50 +010011755 { CFG_GLOBAL, "ssl-default-bind-options", ssl_parse_default_bind_options },
11756 { CFG_GLOBAL, "ssl-default-server-options", ssl_parse_default_server_options },
Willy Tarreau14e36a12016-12-21 23:28:13 +010011757#ifndef OPENSSL_NO_DH
11758 { CFG_GLOBAL, "ssl-dh-param-file", ssl_parse_global_dh_param_file },
11759#endif
Grant Zhangfa6c7ee2017-01-14 01:42:15 +000011760 { CFG_GLOBAL, "ssl-mode-async", ssl_parse_global_ssl_async },
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020011761#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +000011762 { CFG_GLOBAL, "ssl-engine", ssl_parse_global_ssl_engine },
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020011763#endif
Willy Tarreau9ceda382016-12-21 23:13:03 +010011764 { CFG_GLOBAL, "tune.ssl.cachesize", ssl_parse_global_int },
11765#ifndef OPENSSL_NO_DH
11766 { CFG_GLOBAL, "tune.ssl.default-dh-param", ssl_parse_global_default_dh },
11767#endif
11768 { CFG_GLOBAL, "tune.ssl.force-private-cache", ssl_parse_global_private_cache },
11769 { CFG_GLOBAL, "tune.ssl.lifetime", ssl_parse_global_lifetime },
11770 { CFG_GLOBAL, "tune.ssl.maxrecord", ssl_parse_global_int },
11771 { CFG_GLOBAL, "tune.ssl.ssl-ctx-cache-size", ssl_parse_global_int },
Thierry FOURNIER5bf77322017-02-25 12:45:22 +010011772 { CFG_GLOBAL, "tune.ssl.capture-cipherlist-size", ssl_parse_global_capture_cipherlist },
Willy Tarreauf22e9682016-12-21 23:23:19 +010011773 { CFG_GLOBAL, "ssl-default-bind-ciphers", ssl_parse_global_ciphers },
11774 { CFG_GLOBAL, "ssl-default-server-ciphers", ssl_parse_global_ciphers },
Emmanuel Hocdet839af572019-05-14 16:27:35 +020011775#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020011776 { CFG_GLOBAL, "ssl-default-bind-ciphersuites", ssl_parse_global_ciphersuites },
11777 { CFG_GLOBAL, "ssl-default-server-ciphersuites", ssl_parse_global_ciphersuites },
11778#endif
William Lallemand3af48e72020-02-03 17:15:52 +010011779 { CFG_GLOBAL, "ssl-load-extra-files", ssl_parse_global_extra_files },
Emeric Brun2c86cbf2014-10-30 15:56:50 +010011780 { 0, NULL, NULL },
11781}};
11782
Willy Tarreau0108d902018-11-25 19:14:37 +010011783INITCALL1(STG_REGISTER, cfg_register_keywords, &cfg_kws);
11784
Nenad Merdanovicc31499d2019-03-23 11:00:32 +010011785/* Note: must not be declared <const> as its list will be overwritten */
11786static struct sample_conv_kw_list conv_kws = {ILH, {
Willy Tarreau86a394e2019-05-09 14:15:32 +020011787#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000100fL)
Nenad Merdanovicc31499d2019-03-23 11:00:32 +010011788 { "aes_gcm_dec", sample_conv_aes_gcm_dec, ARG4(4,SINT,STR,STR,STR), check_aes_gcm, SMP_T_BIN, SMP_T_BIN },
11789#endif
11790 { NULL, NULL, 0, 0, 0 },
11791}};
11792
11793INITCALL1(STG_REGISTER, sample_register_convs, &conv_kws);
11794
Willy Tarreauf7bc57c2012-10-03 00:19:48 +020011795/* transport-layer operations for SSL sockets */
Willy Tarreaud9f5cca2016-12-22 21:08:52 +010011796static struct xprt_ops ssl_sock = {
Emeric Brun46591952012-05-18 15:47:34 +020011797 .snd_buf = ssl_sock_from_buf,
11798 .rcv_buf = ssl_sock_to_buf,
Olivier Houcharddf357842019-03-21 16:30:07 +010011799 .subscribe = ssl_subscribe,
11800 .unsubscribe = ssl_unsubscribe,
Olivier Houchard5149b592019-05-23 17:47:36 +020011801 .remove_xprt = ssl_remove_xprt,
Olivier Houchard2e055482019-05-27 19:50:12 +020011802 .add_xprt = ssl_add_xprt,
Emeric Brun46591952012-05-18 15:47:34 +020011803 .rcv_pipe = NULL,
11804 .snd_pipe = NULL,
11805 .shutr = NULL,
11806 .shutw = ssl_sock_shutw,
11807 .close = ssl_sock_close,
11808 .init = ssl_sock_init,
Willy Tarreau55d37912016-12-21 23:38:39 +010011809 .prepare_bind_conf = ssl_sock_prepare_bind_conf,
Willy Tarreau795cdab2016-12-22 17:30:54 +010011810 .destroy_bind_conf = ssl_sock_destroy_bind_conf,
Willy Tarreau17d45382016-12-22 21:16:08 +010011811 .prepare_srv = ssl_sock_prepare_srv_ctx,
11812 .destroy_srv = ssl_sock_free_srv_ctx,
Willy Tarreau8743f7e2016-12-04 18:44:29 +010011813 .get_alpn = ssl_sock_get_alpn,
Willy Tarreau8e0bb0a2016-11-24 16:58:12 +010011814 .name = "SSL",
Emeric Brun46591952012-05-18 15:47:34 +020011815};
11816
Olivier Houchardccaa7de2017-10-02 11:51:03 +020011817enum act_return ssl_action_wait_for_hs(struct act_rule *rule, struct proxy *px,
11818 struct session *sess, struct stream *s, int flags)
11819{
11820 struct connection *conn;
Olivier Houchard6fa63d92017-11-27 18:41:32 +010011821 struct conn_stream *cs;
Olivier Houchardccaa7de2017-10-02 11:51:03 +020011822
11823 conn = objt_conn(sess->origin);
Olivier Houchard6fa63d92017-11-27 18:41:32 +010011824 cs = objt_cs(s->si[0].end);
Olivier Houchardccaa7de2017-10-02 11:51:03 +020011825
Olivier Houchard6fa63d92017-11-27 18:41:32 +010011826 if (conn && cs) {
Olivier Houchardccaa7de2017-10-02 11:51:03 +020011827 if (conn->flags & (CO_FL_EARLY_SSL_HS | CO_FL_SSL_WAIT_HS)) {
Olivier Houchard6fa63d92017-11-27 18:41:32 +010011828 cs->flags |= CS_FL_WAIT_FOR_HS;
Olivier Houchardccaa7de2017-10-02 11:51:03 +020011829 s->req.flags |= CF_READ_NULL;
11830 return ACT_RET_YIELD;
11831 }
11832 }
11833 return (ACT_RET_CONT);
11834}
11835
11836static enum act_parse_ret ssl_parse_wait_for_hs(const char **args, int *orig_arg, struct proxy *px, struct act_rule *rule, char **err)
11837{
11838 rule->action_ptr = ssl_action_wait_for_hs;
11839
11840 return ACT_RET_PRS_OK;
11841}
11842
11843static struct action_kw_list http_req_actions = {ILH, {
11844 { "wait-for-handshake", ssl_parse_wait_for_hs },
11845 { /* END */ }
11846}};
11847
Willy Tarreau0108d902018-11-25 19:14:37 +010011848INITCALL1(STG_REGISTER, http_req_keywords_register, &http_req_actions);
11849
Willy Tarreau5db847a2019-05-09 14:13:35 +020011850#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +010011851
11852static void ssl_sock_sctl_free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp)
11853{
11854 if (ptr) {
11855 chunk_destroy(ptr);
11856 free(ptr);
11857 }
11858}
11859
11860#endif
Emmanuel Hocdetaaee7502017-03-07 18:34:58 +010011861static void ssl_sock_capture_free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp)
11862{
Willy Tarreaubafbe012017-11-24 17:34:44 +010011863 pool_free(pool_head_ssl_capture, ptr);
Emmanuel Hocdetaaee7502017-03-07 18:34:58 +010011864}
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +010011865
Emeric Brun46591952012-05-18 15:47:34 +020011866__attribute__((constructor))
Willy Tarreau92faadf2012-10-10 23:04:25 +020011867static void __ssl_sock_init(void)
11868{
Ilya Shipitsin0590f442019-05-25 19:30:50 +050011869#if (!defined(OPENSSL_NO_COMP) && !defined(SSL_OP_NO_COMPRESSION))
Emeric Brun46591952012-05-18 15:47:34 +020011870 STACK_OF(SSL_COMP)* cm;
Ilya Shipitsine242f3d2019-05-25 03:38:14 +050011871 int n;
Ilya Shipitsin0590f442019-05-25 19:30:50 +050011872#endif
Emeric Brun46591952012-05-18 15:47:34 +020011873
Willy Tarreauef934602016-12-22 23:12:01 +010011874 if (global_ssl.listen_default_ciphers)
11875 global_ssl.listen_default_ciphers = strdup(global_ssl.listen_default_ciphers);
11876 if (global_ssl.connect_default_ciphers)
11877 global_ssl.connect_default_ciphers = strdup(global_ssl.connect_default_ciphers);
Emmanuel Hocdet839af572019-05-14 16:27:35 +020011878#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
Dirkjan Bussink415150f2018-09-14 11:14:21 +020011879 if (global_ssl.listen_default_ciphersuites)
11880 global_ssl.listen_default_ciphersuites = strdup(global_ssl.listen_default_ciphersuites);
11881 if (global_ssl.connect_default_ciphersuites)
11882 global_ssl.connect_default_ciphersuites = strdup(global_ssl.connect_default_ciphersuites);
11883#endif
Willy Tarreau610f04b2014-02-13 11:36:41 +010011884
Willy Tarreau13e14102016-12-22 20:25:26 +010011885 xprt_register(XPRT_SSL, &ssl_sock);
Willy Tarreau9a1ab082019-05-09 13:26:41 +020011886#if HA_OPENSSL_VERSION_NUMBER < 0x10100000L
Emeric Brun46591952012-05-18 15:47:34 +020011887 SSL_library_init();
Rosen Penev68185952018-12-14 08:47:02 -080011888#endif
Ilya Shipitsin0590f442019-05-25 19:30:50 +050011889#if (!defined(OPENSSL_NO_COMP) && !defined(SSL_OP_NO_COMPRESSION))
Emeric Brun46591952012-05-18 15:47:34 +020011890 cm = SSL_COMP_get_compression_methods();
Ilya Shipitsine242f3d2019-05-25 03:38:14 +050011891 n = sk_SSL_COMP_num(cm);
11892 while (n--) {
11893 (void) sk_SSL_COMP_pop(cm);
11894 }
Ilya Shipitsin0590f442019-05-25 19:30:50 +050011895#endif
Ilya Shipitsine242f3d2019-05-25 03:38:14 +050011896
Willy Tarreau5db847a2019-05-09 14:13:35 +020011897#if defined(USE_THREAD) && (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Emeric Brun821bb9b2017-06-15 16:37:39 +020011898 ssl_locking_init();
11899#endif
Willy Tarreau5db847a2019-05-09 14:13:35 +020011900#if (HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL)
Janusz Dziemidowicz2c701b52015-03-07 23:03:59 +010011901 sctl_ex_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, ssl_sock_sctl_free_func);
11902#endif
Thierry FOURNIER28962c92018-06-17 21:37:05 +020011903 ssl_app_data_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL);
Thierry FOURNIER16ff0502018-06-17 21:33:01 +020011904 ssl_capture_ptr_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, ssl_sock_capture_free_func);
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020011905#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +000011906 ENGINE_load_builtin_engines();
Grant Zhangfa6c7ee2017-01-14 01:42:15 +000011907 hap_register_post_check(ssl_check_async_engine_count);
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020011908#endif
Willy Tarreaud1c57502016-12-22 22:46:15 +010011909#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
11910 hap_register_post_check(tlskeys_finalize_config);
11911#endif
Willy Tarreau80713382018-11-26 10:19:54 +010011912
11913 global.ssl_session_max_cost = SSL_SESSION_MAX_COST;
11914 global.ssl_handshake_max_cost = SSL_HANDSHAKE_MAX_COST;
11915
Emmanuel Hocdet70df7bf2019-01-04 11:08:20 +010011916 hap_register_post_deinit(ssl_free_global_issuers);
11917
Willy Tarreau80713382018-11-26 10:19:54 +010011918#ifndef OPENSSL_NO_DH
11919 ssl_dh_ptr_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL);
11920 hap_register_post_deinit(ssl_free_dh);
11921#endif
11922#ifndef OPENSSL_NO_ENGINE
11923 hap_register_post_deinit(ssl_free_engines);
11924#endif
11925 /* Load SSL string for the verbose & debug mode. */
11926 ERR_load_SSL_strings();
Olivier Houcharda8955d52019-04-07 22:00:38 +020011927 ha_meth = BIO_meth_new(0x666, "ha methods");
11928 BIO_meth_set_write(ha_meth, ha_ssl_write);
11929 BIO_meth_set_read(ha_meth, ha_ssl_read);
11930 BIO_meth_set_ctrl(ha_meth, ha_ssl_ctrl);
11931 BIO_meth_set_create(ha_meth, ha_ssl_new);
11932 BIO_meth_set_destroy(ha_meth, ha_ssl_free);
11933 BIO_meth_set_puts(ha_meth, ha_ssl_puts);
11934 BIO_meth_set_gets(ha_meth, ha_ssl_gets);
William Lallemand150bfa82019-09-19 17:12:49 +020011935
11936 HA_SPIN_INIT(&ckch_lock);
Willy Tarreau80713382018-11-26 10:19:54 +010011937}
Willy Tarreaud92aa5c2015-01-15 21:34:39 +010011938
Willy Tarreau80713382018-11-26 10:19:54 +010011939/* Compute and register the version string */
11940static void ssl_register_build_options()
11941{
11942 char *ptr = NULL;
11943 int i;
11944
Willy Tarreauc2c0b612016-12-21 19:23:20 +010011945 memprintf(&ptr, "Built with OpenSSL version : "
11946#ifdef OPENSSL_IS_BORINGSSL
Emmanuel Hocdet50e25e12017-03-24 15:20:03 +010011947 "BoringSSL");
Willy Tarreauc2c0b612016-12-21 19:23:20 +010011948#else /* OPENSSL_IS_BORINGSSL */
11949 OPENSSL_VERSION_TEXT
11950 "\nRunning on OpenSSL version : %s%s",
Rosen Penev68185952018-12-14 08:47:02 -080011951 OpenSSL_version(OPENSSL_VERSION),
Willy Tarreau1d158ab2019-05-09 13:41:45 +020011952 ((OPENSSL_VERSION_NUMBER ^ OpenSSL_version_num()) >> 8) ? " (VERSIONS DIFFER!)" : "");
Willy Tarreauc2c0b612016-12-21 19:23:20 +010011953#endif
11954 memprintf(&ptr, "%s\nOpenSSL library supports TLS extensions : "
Willy Tarreau9a1ab082019-05-09 13:26:41 +020011955#if HA_OPENSSL_VERSION_NUMBER < 0x00907000L
Willy Tarreauc2c0b612016-12-21 19:23:20 +010011956 "no (library version too old)"
11957#elif defined(OPENSSL_NO_TLSEXT)
11958 "no (disabled via OPENSSL_NO_TLSEXT)"
11959#else
11960 "yes"
11961#endif
11962 "", ptr);
11963
11964 memprintf(&ptr, "%s\nOpenSSL library supports SNI : "
11965#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
11966 "yes"
11967#else
11968#ifdef OPENSSL_NO_TLSEXT
11969 "no (because of OPENSSL_NO_TLSEXT)"
11970#else
11971 "no (version might be too old, 0.9.8f min needed)"
11972#endif
11973#endif
11974 "", ptr);
11975
Emmanuel Hocdetf80bc242017-07-12 14:25:38 +020011976 memprintf(&ptr, "%s\nOpenSSL library supports :", ptr);
11977 for (i = CONF_TLSV_MIN; i <= CONF_TLSV_MAX; i++)
11978 if (methodVersions[i].option)
11979 memprintf(&ptr, "%s %s", ptr, methodVersions[i].name);
Emmanuel Hocdet50e25e12017-03-24 15:20:03 +010011980
Willy Tarreauc2c0b612016-12-21 19:23:20 +010011981 hap_register_build_opts(ptr, 1);
Willy Tarreau80713382018-11-26 10:19:54 +010011982}
Willy Tarreauc2c0b612016-12-21 19:23:20 +010011983
Willy Tarreau80713382018-11-26 10:19:54 +010011984INITCALL0(STG_REGISTER, ssl_register_build_options);
Remi Gacogne4f902b82015-05-28 16:23:00 +020011985
Emeric Brun46591952012-05-18 15:47:34 +020011986
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020011987#ifndef OPENSSL_NO_ENGINE
Grant Zhang872f9c22017-01-21 01:10:18 +000011988void ssl_free_engines(void) {
11989 struct ssl_engine_list *wl, *wlb;
11990 /* free up engine list */
11991 list_for_each_entry_safe(wl, wlb, &openssl_engines, list) {
11992 ENGINE_finish(wl->e);
11993 ENGINE_free(wl->e);
11994 LIST_DEL(&wl->list);
11995 free(wl);
11996 }
11997}
Emmanuel Hocdet9ac143b2017-05-29 14:36:20 +020011998#endif
Christopher Faulet31af49d2015-06-09 17:29:50 +020011999
Remi Gacogned3a23c32015-05-28 16:39:47 +020012000#ifndef OPENSSL_NO_DH
Grant Zhang872f9c22017-01-21 01:10:18 +000012001void ssl_free_dh(void) {
12002 if (local_dh_1024) {
12003 DH_free(local_dh_1024);
12004 local_dh_1024 = NULL;
12005 }
12006 if (local_dh_2048) {
12007 DH_free(local_dh_2048);
12008 local_dh_2048 = NULL;
12009 }
12010 if (local_dh_4096) {
12011 DH_free(local_dh_4096);
12012 local_dh_4096 = NULL;
12013 }
Remi Gacogne47783ef2015-05-29 15:53:22 +020012014 if (global_dh) {
12015 DH_free(global_dh);
12016 global_dh = NULL;
12017 }
Grant Zhang872f9c22017-01-21 01:10:18 +000012018}
12019#endif
12020
12021__attribute__((destructor))
12022static void __ssl_sock_deinit(void)
12023{
12024#if (defined SSL_CTRL_SET_TLSEXT_HOSTNAME && !defined SSL_NO_GENERATE_CERTIFICATES)
Emeric Brun821bb9b2017-06-15 16:37:39 +020012025 if (ssl_ctx_lru_tree) {
12026 lru64_destroy(ssl_ctx_lru_tree);
Christopher Faulet2a944ee2017-11-07 10:42:54 +010012027 HA_RWLOCK_DESTROY(&ssl_ctx_lru_rwlock);
Emeric Brun821bb9b2017-06-15 16:37:39 +020012028 }
Remi Gacogned3a23c32015-05-28 16:39:47 +020012029#endif
12030
Willy Tarreau5db847a2019-05-09 14:13:35 +020012031#if (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Remi Gacogned3a23c32015-05-28 16:39:47 +020012032 ERR_remove_state(0);
12033 ERR_free_strings();
12034
12035 EVP_cleanup();
Rosen Penev68185952018-12-14 08:47:02 -080012036#endif
Remi Gacogned3a23c32015-05-28 16:39:47 +020012037
Willy Tarreau5db847a2019-05-09 14:13:35 +020012038#if (HA_OPENSSL_VERSION_NUMBER >= 0x00907000L) && (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
Remi Gacogned3a23c32015-05-28 16:39:47 +020012039 CRYPTO_cleanup_all_ex_data();
12040#endif
Olivier Houcharda8955d52019-04-07 22:00:38 +020012041 BIO_meth_free(ha_meth);
Remi Gacogned3a23c32015-05-28 16:39:47 +020012042}
12043
12044
Emeric Brun46591952012-05-18 15:47:34 +020012045/*
12046 * Local variables:
12047 * c-indent-level: 8
12048 * c-basic-offset: 8
12049 * End:
12050 */