blob: 5f5c6ea5dd05595ccd206fe525efa91d041dc8ec [file] [log] [blame]
Radek Krejci5da708a2015-09-01 17:33:23 +02001/**
Michal Vasko95ea9ff2021-11-09 12:29:14 +01002 * @file session_server_tls.c
3 * @author Michal Vasko <mvasko@cesnet.cz>
roman3f9b65c2023-06-05 14:26:58 +02004 * @author Roman Janota <janota@cesnet.cz>
Michal Vasko95ea9ff2021-11-09 12:29:14 +01005 * @brief libnetconf2 TLS server session manipulation functions
Radek Krejci5da708a2015-09-01 17:33:23 +02006 *
Michal Vasko95ea9ff2021-11-09 12:29:14 +01007 * @copyright
roman3f9b65c2023-06-05 14:26:58 +02008 * Copyright (c) 2015 - 2023 CESNET, z.s.p.o.
Radek Krejci5da708a2015-09-01 17:33:23 +02009 *
Radek Krejci9b81f5b2016-02-24 13:14:49 +010010 * This source code is licensed under BSD 3-Clause License (the "License").
11 * You may not use this file except in compliance with the License.
12 * You may obtain a copy of the License at
Michal Vaskoafd416b2016-02-25 14:51:46 +010013 *
Radek Krejci9b81f5b2016-02-24 13:14:49 +010014 * https://opensource.org/licenses/BSD-3-Clause
Radek Krejci5da708a2015-09-01 17:33:23 +020015 */
16
Michal Vaskoc14e3c82016-01-11 16:14:30 +010017#define _GNU_SOURCE
18
Michal Vaskoc14e3c82016-01-11 16:14:30 +010019#include <poll.h>
roman3f9b65c2023-06-05 14:26:58 +020020#include <stdint.h>
21#include <stdio.h>
22#include <stdlib.h>
Michal Vaskob83a3fa2021-05-26 09:53:42 +020023#include <string.h>
Michal Vaskof0537d82016-01-29 14:42:38 +010024#include <unistd.h>
Michal Vaskoc14e3c82016-01-11 16:14:30 +010025
roman3f9b65c2023-06-05 14:26:58 +020026#include <curl/curl.h>
27#include <openssl/bio.h>
Michal Vaskoc14e3c82016-01-11 16:14:30 +010028#include <openssl/err.h>
Michal Vaskob83a3fa2021-05-26 09:53:42 +020029#include <openssl/evp.h>
30#include <openssl/ssl.h>
Michal Vaskoe2713da2016-08-22 16:06:40 +020031#include <openssl/x509.h>
Michal Vaskob83a3fa2021-05-26 09:53:42 +020032#include <openssl/x509v3.h>
Michal Vaskoc14e3c82016-01-11 16:14:30 +010033
Michal Vasko316c9632020-04-15 11:06:57 +020034#include "compat.h"
roman3f9b65c2023-06-05 14:26:58 +020035#include "config.h"
36#include "log_p.h"
37#include "session.h"
38#include "session_p.h"
Rosen Penev4f552d62019-06-26 16:10:43 -070039
Michal Vasko3031aae2016-01-27 16:07:18 +010040struct nc_server_tls_opts tls_ch_opts;
Michal Vaskoc6b9c7b2016-01-28 11:10:08 +010041pthread_mutex_t tls_ch_opts_lock = PTHREAD_MUTEX_INITIALIZER;
Michal Vaskoc14e3c82016-01-11 16:14:30 +010042extern struct nc_server_opts server_opts;
Michal Vaskoc61c4492016-01-25 11:13:34 +010043
Michal Vasko5c2f7952016-01-22 13:16:31 +010044static pthread_key_t verify_key;
45static pthread_once_t verify_once = PTHREAD_ONCE_INIT;
46
Michal Vaskoc14e3c82016-01-11 16:14:30 +010047static char *
Michal Vasko18aeb5d2017-02-17 09:23:56 +010048asn1time_to_str(const ASN1_TIME *t)
Michal Vasko086311b2016-01-08 09:53:11 +010049{
Michal Vaskoc14e3c82016-01-11 16:14:30 +010050 char *cp;
51 BIO *bio;
52 int n;
Radek Krejci5da708a2015-09-01 17:33:23 +020053
Michal Vaskoc14e3c82016-01-11 16:14:30 +010054 if (!t) {
55 return NULL;
56 }
roman3f9b65c2023-06-05 14:26:58 +020057
Michal Vaskoc14e3c82016-01-11 16:14:30 +010058 bio = BIO_new(BIO_s_mem());
59 if (!bio) {
60 return NULL;
61 }
roman3f9b65c2023-06-05 14:26:58 +020062
Michal Vaskoc14e3c82016-01-11 16:14:30 +010063 ASN1_TIME_print(bio, t);
64 n = BIO_pending(bio);
65 cp = malloc(n + 1);
Michal Vasko4eb3c312016-03-01 14:09:37 +010066 if (!cp) {
67 ERRMEM;
68 BIO_free(bio);
69 return NULL;
70 }
roman3f9b65c2023-06-05 14:26:58 +020071
Michal Vaskoc14e3c82016-01-11 16:14:30 +010072 n = BIO_read(bio, cp, n);
73 if (n < 0) {
74 BIO_free(bio);
75 free(cp);
76 return NULL;
77 }
roman3f9b65c2023-06-05 14:26:58 +020078
Michal Vaskoc14e3c82016-01-11 16:14:30 +010079 cp[n] = '\0';
80 BIO_free(bio);
81 return cp;
82}
83
84static void
85digest_to_str(const unsigned char *digest, unsigned int dig_len, char **str)
86{
87 unsigned int i;
88
89 *str = malloc(dig_len * 3);
Michal Vasko4eb3c312016-03-01 14:09:37 +010090 if (!*str) {
91 ERRMEM;
92 return;
93 }
Michal Vaskoc14e3c82016-01-11 16:14:30 +010094 for (i = 0; i < dig_len - 1; ++i) {
95 sprintf((*str) + (i * 3), "%02x:", digest[i]);
96 }
97 sprintf((*str) + (i * 3), "%02x", digest[i]);
98}
99
100/* return NULL - SSL error can be retrieved */
101static X509 *
102base64der_to_cert(const char *in)
103{
104 X509 *out;
105 char *buf;
106 BIO *bio;
107
108 if (in == NULL) {
109 return NULL;
110 }
111
112 if (asprintf(&buf, "%s%s%s", "-----BEGIN CERTIFICATE-----\n", in, "\n-----END CERTIFICATE-----") == -1) {
113 return NULL;
114 }
115 bio = BIO_new_mem_buf(buf, strlen(buf));
116 if (!bio) {
117 free(buf);
118 return NULL;
119 }
120
121 out = PEM_read_bio_X509(bio, NULL, NULL, NULL);
122 if (!out) {
123 free(buf);
124 BIO_free(bio);
125 return NULL;
126 }
127
128 free(buf);
129 BIO_free(bio);
130 return out;
131}
132
Michal Vasko6e08cb72017-02-02 11:15:29 +0100133static EVP_PKEY *
Michal Vaskoddce1212019-05-24 09:58:49 +0200134base64der_to_privatekey(const char *in, const char *key_str)
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100135{
136 EVP_PKEY *out;
137 char *buf;
138 BIO *bio;
139
140 if (in == NULL) {
141 return NULL;
142 }
143
Michal Vaskoddce1212019-05-24 09:58:49 +0200144 if (asprintf(&buf, "%s%s%s%s%s%s%s", "-----BEGIN ", key_str, " PRIVATE KEY-----\n", in, "\n-----END ",
Michal Vaskob83a3fa2021-05-26 09:53:42 +0200145 key_str, " PRIVATE KEY-----") == -1) {
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100146 return NULL;
147 }
148 bio = BIO_new_mem_buf(buf, strlen(buf));
149 if (!bio) {
150 free(buf);
151 return NULL;
152 }
153
154 out = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
155 if (!out) {
156 free(buf);
157 BIO_free(bio);
158 return NULL;
159 }
160
161 free(buf);
162 BIO_free(bio);
163 return out;
Michal Vasko6e08cb72017-02-02 11:15:29 +0100164}
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100165
166static int
167cert_pubkey_match(X509 *cert1, X509 *cert2)
168{
169 ASN1_BIT_STRING *bitstr1, *bitstr2;
170
171 bitstr1 = X509_get0_pubkey_bitstr(cert1);
172 bitstr2 = X509_get0_pubkey_bitstr(cert2);
173
174 if (!bitstr1 || !bitstr2 || (bitstr1->length != bitstr2->length) ||
175 memcmp(bitstr1->data, bitstr2->data, bitstr1->length)) {
176 return 0;
177 }
178
179 return 1;
180}
181
182static int
183nc_tls_ctn_get_username_from_cert(X509 *client_cert, NC_TLS_CTN_MAPTYPE map_type, char **username)
184{
Michal Vaskob83a3fa2021-05-26 09:53:42 +0200185 STACK_OF(GENERAL_NAME) * san_names;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100186 GENERAL_NAME *san_name;
187 ASN1_OCTET_STRING *ip;
188 int i, san_count;
189 char *subject, *common_name;
190
Michal Vaskod9a78642022-02-24 16:25:21 +0100191 *username = NULL;
192
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100193 if (map_type == NC_TLS_CTN_COMMON_NAME) {
194 subject = X509_NAME_oneline(X509_get_subject_name(client_cert), NULL, 0);
195 common_name = strstr(subject, "CN=");
196 if (!common_name) {
Michal Vasko05532772021-06-03 12:12:38 +0200197 WRN(NULL, "Certificate does not include the commonName field.");
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100198 free(subject);
199 return 1;
200 }
201 common_name += 3;
202 if (strchr(common_name, '/')) {
203 *strchr(common_name, '/') = '\0';
204 }
205 *username = strdup(common_name);
Michal Vasko4eb3c312016-03-01 14:09:37 +0100206 if (!*username) {
207 ERRMEM;
roman3f9b65c2023-06-05 14:26:58 +0200208 return 1;
Michal Vasko4eb3c312016-03-01 14:09:37 +0100209 }
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100210 free(subject);
211 } else {
212 /* retrieve subjectAltName's rfc822Name (email), dNSName and iPAddress values */
213 san_names = X509_get_ext_d2i(client_cert, NID_subject_alt_name, NULL, NULL);
214 if (!san_names) {
Michal Vasko05532772021-06-03 12:12:38 +0200215 WRN(NULL, "Certificate has no SANs or failed to retrieve them.");
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100216 return 1;
217 }
218
219 san_count = sk_GENERAL_NAME_num(san_names);
220 for (i = 0; i < san_count; ++i) {
221 san_name = sk_GENERAL_NAME_value(san_names, i);
222
223 /* rfc822Name (email) */
Michal Vaskob83a3fa2021-05-26 09:53:42 +0200224 if (((map_type == NC_TLS_CTN_SAN_ANY) || (map_type == NC_TLS_CTN_SAN_RFC822_NAME)) &&
225 (san_name->type == GEN_EMAIL)) {
Michal Vasko18aeb5d2017-02-17 09:23:56 +0100226 *username = strdup((char *)ASN1_STRING_get0_data(san_name->d.rfc822Name));
Michal Vasko4eb3c312016-03-01 14:09:37 +0100227 if (!*username) {
228 ERRMEM;
roman3f9b65c2023-06-05 14:26:58 +0200229 return 1;
Michal Vasko4eb3c312016-03-01 14:09:37 +0100230 }
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100231 break;
232 }
233
234 /* dNSName */
Michal Vaskob83a3fa2021-05-26 09:53:42 +0200235 if (((map_type == NC_TLS_CTN_SAN_ANY) || (map_type == NC_TLS_CTN_SAN_DNS_NAME)) &&
236 (san_name->type == GEN_DNS)) {
Michal Vasko18aeb5d2017-02-17 09:23:56 +0100237 *username = strdup((char *)ASN1_STRING_get0_data(san_name->d.dNSName));
Michal Vasko4eb3c312016-03-01 14:09:37 +0100238 if (!*username) {
239 ERRMEM;
roman3f9b65c2023-06-05 14:26:58 +0200240 return 1;
Michal Vasko4eb3c312016-03-01 14:09:37 +0100241 }
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100242 break;
243 }
244
245 /* iPAddress */
Michal Vaskob83a3fa2021-05-26 09:53:42 +0200246 if (((map_type == NC_TLS_CTN_SAN_ANY) || (map_type == NC_TLS_CTN_SAN_IP_ADDRESS)) &&
247 (san_name->type == GEN_IPADD)) {
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100248 ip = san_name->d.iPAddress;
249 if (ip->length == 4) {
250 if (asprintf(username, "%d.%d.%d.%d", ip->data[0], ip->data[1], ip->data[2], ip->data[3]) == -1) {
Michal Vaskod083db62016-01-19 10:31:29 +0100251 ERRMEM;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100252 sk_GENERAL_NAME_pop_free(san_names, GENERAL_NAME_free);
253 return -1;
254 }
255 break;
256 } else if (ip->length == 16) {
257 if (asprintf(username, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
258 ip->data[0], ip->data[1], ip->data[2], ip->data[3], ip->data[4], ip->data[5],
259 ip->data[6], ip->data[7], ip->data[8], ip->data[9], ip->data[10], ip->data[11],
260 ip->data[12], ip->data[13], ip->data[14], ip->data[15]) == -1) {
Michal Vaskod083db62016-01-19 10:31:29 +0100261 ERRMEM;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100262 sk_GENERAL_NAME_pop_free(san_names, GENERAL_NAME_free);
263 return -1;
264 }
265 break;
266 } else {
Michal Vasko05532772021-06-03 12:12:38 +0200267 WRN(NULL, "SAN IP address in an unknown format (length is %d).", ip->length);
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100268 }
269 }
270 }
271 sk_GENERAL_NAME_pop_free(san_names, GENERAL_NAME_free);
272
Vitaly Kuzina3b66322021-08-26 12:33:43 +0300273 if (i == san_count) {
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100274 switch (map_type) {
275 case NC_TLS_CTN_SAN_RFC822_NAME:
Michal Vasko05532772021-06-03 12:12:38 +0200276 WRN(NULL, "Certificate does not include the SAN rfc822Name field.");
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100277 break;
278 case NC_TLS_CTN_SAN_DNS_NAME:
Michal Vasko05532772021-06-03 12:12:38 +0200279 WRN(NULL, "Certificate does not include the SAN dNSName field.");
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100280 break;
281 case NC_TLS_CTN_SAN_IP_ADDRESS:
Michal Vasko05532772021-06-03 12:12:38 +0200282 WRN(NULL, "Certificate does not include the SAN iPAddress field.");
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100283 break;
284 case NC_TLS_CTN_SAN_ANY:
Michal Vasko05532772021-06-03 12:12:38 +0200285 WRN(NULL, "Certificate does not include any relevant SAN fields.");
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100286 break;
287 default:
288 break;
289 }
290 return 1;
291 }
292 }
293
294 return 0;
295}
296
297/* return: 0 - OK, 1 - no match, -1 - error */
298static int
Roytakbe391922023-07-27 19:59:24 +0200299nc_tls_cert_to_name(struct nc_session *session, struct nc_ctn *ctn_first, X509 *cert)
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100300{
301 char *digest_md5 = NULL, *digest_sha1 = NULL, *digest_sha224 = NULL;
302 char *digest_sha256 = NULL, *digest_sha384 = NULL, *digest_sha512 = NULL;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100303 unsigned char *buf = malloc(64);
304 unsigned int buf_len = 64;
305 int ret = 0;
Michal Vasko5e3f3392016-01-20 11:13:01 +0100306 struct nc_ctn *ctn;
Roytakbe391922023-07-27 19:59:24 +0200307 NC_TLS_CTN_MAPTYPE map_type;
308 char *username = NULL;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100309
Michal Vasko4eb3c312016-03-01 14:09:37 +0100310 if (!buf) {
311 ERRMEM;
312 return -1;
313 }
314
Roytakbe391922023-07-27 19:59:24 +0200315 if (!session || !ctn_first || !cert) {
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100316 free(buf);
317 return -1;
318 }
319
Michal Vaskoc61c4492016-01-25 11:13:34 +0100320 for (ctn = ctn_first; ctn; ctn = ctn->next) {
Roytakbe391922023-07-27 19:59:24 +0200321 /* reset map_type */
322 map_type = NC_TLS_CTN_UNKNOWN;
323
Michal Vasko3cf4aaa2017-02-01 15:03:36 +0100324 /* first make sure the entry is valid */
roman3f9b65c2023-06-05 14:26:58 +0200325 if (!ctn->map_type || ((ctn->map_type == NC_TLS_CTN_SPECIFIED) && !ctn->name)) {
Michal Vasko05532772021-06-03 12:12:38 +0200326 VRB(NULL, "Cert verify CTN: entry with id %u not valid, skipping.", ctn->id);
Michal Vasko3cf4aaa2017-02-01 15:03:36 +0100327 continue;
328 }
329
roman3f9b65c2023-06-05 14:26:58 +0200330 /* if ctn has no fingerprint, it will match any certificate */
331 if (!ctn->fingerprint) {
332 map_type = ctn->map_type;
333
334 /* MD5 */
335 } else if (!strncmp(ctn->fingerprint, "01", 2)) {
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100336 if (!digest_md5) {
337 if (X509_digest(cert, EVP_md5(), buf, &buf_len) != 1) {
Michal Vasko05532772021-06-03 12:12:38 +0200338 ERR(NULL, "Calculating MD5 digest failed (%s).", ERR_reason_error_string(ERR_get_error()));
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100339 ret = -1;
340 goto cleanup;
341 }
342 digest_to_str(buf, buf_len, &digest_md5);
343 }
344
Michal Vasko5e3f3392016-01-20 11:13:01 +0100345 if (!strcasecmp(ctn->fingerprint + 3, digest_md5)) {
Roytakbe391922023-07-27 19:59:24 +0200346 /* we got ourselves a potential winner! */
Michal Vasko05532772021-06-03 12:12:38 +0200347 VRB(NULL, "Cert verify CTN: entry with a matching fingerprint found.");
Roytakbe391922023-07-27 19:59:24 +0200348 map_type = ctn->map_type;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100349 }
roman3f9b65c2023-06-05 14:26:58 +0200350 free(digest_md5);
351 digest_md5 = NULL;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100352
Michal Vaskob83a3fa2021-05-26 09:53:42 +0200353 /* SHA-1 */
Michal Vasko5e3f3392016-01-20 11:13:01 +0100354 } else if (!strncmp(ctn->fingerprint, "02", 2)) {
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100355 if (!digest_sha1) {
356 if (X509_digest(cert, EVP_sha1(), buf, &buf_len) != 1) {
Michal Vasko05532772021-06-03 12:12:38 +0200357 ERR(NULL, "Calculating SHA-1 digest failed (%s).", ERR_reason_error_string(ERR_get_error()));
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100358 ret = -1;
359 goto cleanup;
360 }
361 digest_to_str(buf, buf_len, &digest_sha1);
362 }
363
Michal Vasko5e3f3392016-01-20 11:13:01 +0100364 if (!strcasecmp(ctn->fingerprint + 3, digest_sha1)) {
Roytakbe391922023-07-27 19:59:24 +0200365 /* we got ourselves a potential winner! */
Michal Vasko05532772021-06-03 12:12:38 +0200366 VRB(NULL, "Cert verify CTN: entry with a matching fingerprint found.");
Roytakbe391922023-07-27 19:59:24 +0200367 map_type = ctn->map_type;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100368 }
roman3f9b65c2023-06-05 14:26:58 +0200369 free(digest_sha1);
370 digest_sha1 = NULL;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100371
Michal Vaskob83a3fa2021-05-26 09:53:42 +0200372 /* SHA-224 */
Michal Vasko5e3f3392016-01-20 11:13:01 +0100373 } else if (!strncmp(ctn->fingerprint, "03", 2)) {
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100374 if (!digest_sha224) {
375 if (X509_digest(cert, EVP_sha224(), buf, &buf_len) != 1) {
Michal Vasko05532772021-06-03 12:12:38 +0200376 ERR(NULL, "Calculating SHA-224 digest failed (%s).", ERR_reason_error_string(ERR_get_error()));
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100377 ret = -1;
378 goto cleanup;
379 }
380 digest_to_str(buf, buf_len, &digest_sha224);
381 }
382
Michal Vasko5e3f3392016-01-20 11:13:01 +0100383 if (!strcasecmp(ctn->fingerprint + 3, digest_sha224)) {
Roytakbe391922023-07-27 19:59:24 +0200384 /* we got ourselves a potential winner! */
Michal Vasko05532772021-06-03 12:12:38 +0200385 VRB(NULL, "Cert verify CTN: entry with a matching fingerprint found.");
Roytakbe391922023-07-27 19:59:24 +0200386 map_type = ctn->map_type;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100387 }
roman3f9b65c2023-06-05 14:26:58 +0200388 free(digest_sha224);
389 digest_sha224 = NULL;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100390
Michal Vaskob83a3fa2021-05-26 09:53:42 +0200391 /* SHA-256 */
Michal Vasko5e3f3392016-01-20 11:13:01 +0100392 } else if (!strncmp(ctn->fingerprint, "04", 2)) {
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100393 if (!digest_sha256) {
394 if (X509_digest(cert, EVP_sha256(), buf, &buf_len) != 1) {
Michal Vasko05532772021-06-03 12:12:38 +0200395 ERR(NULL, "Calculating SHA-256 digest failed (%s).", ERR_reason_error_string(ERR_get_error()));
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100396 ret = -1;
397 goto cleanup;
398 }
399 digest_to_str(buf, buf_len, &digest_sha256);
400 }
401
Michal Vasko5e3f3392016-01-20 11:13:01 +0100402 if (!strcasecmp(ctn->fingerprint + 3, digest_sha256)) {
Roytakbe391922023-07-27 19:59:24 +0200403 /* we got ourselves a potential winner! */
Michal Vasko05532772021-06-03 12:12:38 +0200404 VRB(NULL, "Cert verify CTN: entry with a matching fingerprint found.");
Roytakbe391922023-07-27 19:59:24 +0200405 map_type = ctn->map_type;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100406 }
roman3f9b65c2023-06-05 14:26:58 +0200407 free(digest_sha256);
408 digest_sha256 = NULL;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100409
Michal Vaskob83a3fa2021-05-26 09:53:42 +0200410 /* SHA-384 */
Michal Vasko5e3f3392016-01-20 11:13:01 +0100411 } else if (!strncmp(ctn->fingerprint, "05", 2)) {
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100412 if (!digest_sha384) {
413 if (X509_digest(cert, EVP_sha384(), buf, &buf_len) != 1) {
Michal Vasko05532772021-06-03 12:12:38 +0200414 ERR(NULL, "Calculating SHA-384 digest failed (%s).", ERR_reason_error_string(ERR_get_error()));
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100415 ret = -1;
416 goto cleanup;
417 }
418 digest_to_str(buf, buf_len, &digest_sha384);
419 }
420
Michal Vasko5e3f3392016-01-20 11:13:01 +0100421 if (!strcasecmp(ctn->fingerprint + 3, digest_sha384)) {
Roytakbe391922023-07-27 19:59:24 +0200422 /* we got ourselves a potential winner! */
Michal Vasko05532772021-06-03 12:12:38 +0200423 VRB(NULL, "Cert verify CTN: entry with a matching fingerprint found.");
Roytakbe391922023-07-27 19:59:24 +0200424 map_type = ctn->map_type;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100425 }
roman3f9b65c2023-06-05 14:26:58 +0200426 free(digest_sha384);
427 digest_sha384 = NULL;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100428
Michal Vaskob83a3fa2021-05-26 09:53:42 +0200429 /* SHA-512 */
Michal Vasko5e3f3392016-01-20 11:13:01 +0100430 } else if (!strncmp(ctn->fingerprint, "06", 2)) {
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100431 if (!digest_sha512) {
432 if (X509_digest(cert, EVP_sha512(), buf, &buf_len) != 1) {
Michal Vasko05532772021-06-03 12:12:38 +0200433 ERR(NULL, "Calculating SHA-512 digest failed (%s).", ERR_reason_error_string(ERR_get_error()));
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100434 ret = -1;
435 goto cleanup;
436 }
437 digest_to_str(buf, buf_len, &digest_sha512);
438 }
439
Michal Vasko5e3f3392016-01-20 11:13:01 +0100440 if (!strcasecmp(ctn->fingerprint + 3, digest_sha512)) {
Roytakbe391922023-07-27 19:59:24 +0200441 /* we got ourselves a potential winner! */
Michal Vasko05532772021-06-03 12:12:38 +0200442 VRB(NULL, "Cert verify CTN: entry with a matching fingerprint found.");
Roytakbe391922023-07-27 19:59:24 +0200443 map_type = ctn->map_type;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100444 }
roman3f9b65c2023-06-05 14:26:58 +0200445 free(digest_sha512);
446 digest_sha512 = NULL;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100447
Michal Vaskob83a3fa2021-05-26 09:53:42 +0200448 /* unknown */
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100449 } else {
Michal Vasko05532772021-06-03 12:12:38 +0200450 WRN(NULL, "Unknown fingerprint algorithm used (%s), skipping.", ctn->fingerprint);
Roytakbe391922023-07-27 19:59:24 +0200451 continue;
452 }
453
454 if (map_type != NC_TLS_CTN_UNKNOWN) {
455 /* found a fingerprint match */
456 if (map_type == NC_TLS_CTN_SPECIFIED) {
457 /* specified -> get username from the ctn entry */
458 session->username = strdup(ctn->name);
459 if (!session->username) {
460 ERRMEM;
461 ret = -1;
462 goto cleanup;
463 }
464 } else {
465 /* try to get the username from the cert with this ctn's map type */
466 ret = nc_tls_ctn_get_username_from_cert(session->opts.server.client_cert, map_type, &username);
467 if (ret == -1) {
468 /* fatal error */
469 goto cleanup;
470 } else if (ret) {
471 /* didn't get username, try next ctn entry */
472 continue;
473 }
474
475 /* success */
476 session->username = username;
477 }
478
479 /* matching fingerprint found and username obtained, success */
480 ret = 0;
481 goto cleanup;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100482 }
483 }
484
Michal Vasko5e3f3392016-01-20 11:13:01 +0100485 if (!ctn) {
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100486 ret = 1;
487 }
488
489cleanup:
490 free(digest_md5);
491 free(digest_sha1);
492 free(digest_sha224);
493 free(digest_sha256);
494 free(digest_sha384);
495 free(digest_sha512);
496 free(buf);
497 return ret;
498}
499
roman3f9b65c2023-06-05 14:26:58 +0200500static int
501nc_server_tls_check_crl(X509_STORE *crl_store, X509_STORE_CTX *x509_ctx, X509 *cert,
502 const X509_NAME *subject, const X509_NAME *issuer)
503{
504 int n, i, ret = 0;
505 X509_STORE_CTX *store_ctx = NULL;
506 X509_OBJECT *obj = NULL;
507 X509_CRL *crl;
508 X509_REVOKED *revoked;
509 EVP_PKEY *pubkey;
510 const ASN1_INTEGER *serial;
511 const ASN1_TIME *last_update = NULL, *next_update = NULL;
512 char *cp;
513
514 store_ctx = X509_STORE_CTX_new();
515 if (!store_ctx) {
516 ERRMEM;
517 ret = -1;
518 goto cleanup;
519 }
520
521 /* init store context */
522 ret = X509_STORE_CTX_init(store_ctx, crl_store, NULL, NULL);
523 if (!ret) {
524 ERR(NULL, "Initializing x509 store ctx failed (%s).", ERR_reason_error_string(ERR_get_error()));
525 ret = -1;
526 goto cleanup;
527 }
528 ret = 0;
529
530 /* try to find a CRL entry that corresponds to the current certificate in question */
531 obj = X509_STORE_CTX_get_obj_by_subject(store_ctx, X509_LU_CRL, subject);
532 crl = X509_OBJECT_get0_X509_CRL(obj);
533 X509_OBJECT_free(obj);
534 if (crl) {
535 /* found it */
536 cp = X509_NAME_oneline(subject, NULL, 0);
537 VRB(NULL, "Cert verify CRL: issuer: %s.", cp);
538 OPENSSL_free(cp);
539
540 last_update = X509_CRL_get0_lastUpdate(crl);
541 next_update = X509_CRL_get0_nextUpdate(crl);
542 cp = asn1time_to_str(last_update);
543 VRB(NULL, "Cert verify CRL: last update: %s.", cp);
544 free(cp);
545 cp = asn1time_to_str(next_update);
546 VRB(NULL, "Cert verify CRL: next update: %s.", cp);
547 free(cp);
548
549 /* verify the signature on this CRL */
550 pubkey = X509_get0_pubkey(cert);
551 if (X509_CRL_verify(crl, pubkey) <= 0) {
552 ERR(NULL, "Cert verify CRL: invalid signature.");
553 X509_STORE_CTX_set_error(x509_ctx, X509_V_ERR_CRL_SIGNATURE_FAILURE);
554 ret = -1;
555 goto cleanup;
556 }
557
558 /* check date of CRL to make sure it's not expired */
559 if (!next_update) {
560 ERR(NULL, "Cert verify CRL: invalid nextUpdate field.");
561 X509_STORE_CTX_set_error(x509_ctx, X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD);
562 ret = -1;
563 goto cleanup;
564 }
565
566 if (X509_cmp_current_time(next_update) < 0) {
567 ERR(NULL, "Cert verify CRL: expired - revoking all certificates.");
568 X509_STORE_CTX_set_error(x509_ctx, X509_V_ERR_CRL_HAS_EXPIRED);
569 ret = -1;
570 goto cleanup;
571 }
572 }
573
574 /* try to retrieve a CRL corresponding to the _issuer_ of
575 * the current certificate in order to check for revocation */
576 obj = X509_STORE_CTX_get_obj_by_subject(store_ctx, X509_LU_CRL, issuer);
577 crl = X509_OBJECT_get0_X509_CRL(obj);
578 if (crl) {
579 n = sk_X509_REVOKED_num(X509_CRL_get_REVOKED(crl));
580 for (i = 0; i < n; i++) {
581 revoked = sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), i);
582 serial = X509_REVOKED_get0_serialNumber(revoked);
583 if (ASN1_INTEGER_cmp(serial, X509_get_serialNumber(cert)) == 0) {
584 cp = X509_NAME_oneline(issuer, NULL, 0);
585 ERR(NULL, "Cert verify CRL: certificate with serial %ld (0x%lX) revoked per CRL from issuer %s.",
586 serial, serial, cp);
587 OPENSSL_free(cp);
588 X509_STORE_CTX_set_error(x509_ctx, X509_V_ERR_CERT_REVOKED);
589 ret = -1;
590 goto cleanup;
591 }
592 }
593 }
594
595cleanup:
596 X509_STORE_CTX_free(store_ctx);
597 X509_OBJECT_free(obj);
598 return ret;
599}
600
601static int
602nc_server_tls_ts_ref_get_certs(const char *referenced_name, struct nc_certificate **certs, uint16_t *cert_count)
603{
604 uint16_t i;
605 struct nc_truststore *ts = &server_opts.truststore;
606
607 *certs = NULL;
608 *cert_count = 0;
609
610 /* lookup name */
611 for (i = 0; i < ts->cert_bag_count; i++) {
612 if (!strcmp(referenced_name, ts->cert_bags[i].name)) {
613 break;
614 }
615 }
616
617 if (i == ts->cert_bag_count) {
618 ERR(NULL, "Truststore entry \"%s\" not found.", referenced_name);
619 return -1;
620 }
621
622 *certs = ts->cert_bags[i].certs;
623 *cert_count = ts->cert_bags[i].cert_count;
624 return 0;
625}
626
627/* In case a CA chain verification failed an end-entity certificate must match.
628 * The meaning of local_or_referenced is that it states, which end-entity certificates to check
629 * (1 = current endpoint's, 2 = referenced endpoint's).
630 */
631static int
632nc_server_tls_do_preverify(struct nc_session *session, X509_STORE_CTX *x509_ctx, int local_or_referenced)
633{
634 X509_STORE *store;
635 struct nc_cert_grouping *ee_certs;
636 int i, ret;
637 X509 *cert;
638 struct nc_certificate *certs;
639 uint16_t cert_count;
640
641 store = X509_STORE_CTX_get0_store(x509_ctx);
642 if (!store) {
643 ERR(session, "Error getting store from context (%s).", ERR_reason_error_string(ERR_get_error()));
644 return -1;
645 }
646
647 /* get the data from the store */
648 ee_certs = X509_STORE_get_ex_data(store, local_or_referenced);
649 if (!ee_certs) {
650 ERR(session, "Error getting data from store (%s).", ERR_reason_error_string(ERR_get_error()));
651 return -1;
652 }
653
654 if (ee_certs->store == NC_STORE_LOCAL) {
655 /* local definition */
656 certs = ee_certs->certs;
657 cert_count = ee_certs->cert_count;
658 } else {
659 /* truststore reference */
660 if (nc_server_tls_ts_ref_get_certs(ee_certs->ts_ref, &certs, &cert_count)) {
661 ERR(NULL, "Error getting end-entity certificates from the truststore reference \"%s\".", ee_certs->ts_ref);
662 return -1;
663 }
664 }
665
666 for (i = 0; i < cert_count; i++) {
667 cert = base64der_to_cert(certs[i].data);
668 ret = cert_pubkey_match(session->opts.server.client_cert, cert);
669 X509_free(cert);
670 if (ret) {
671 /* we are just overriding the failed standard certificate verification (preverify_ok == 0),
672 * this callback will be called again with the same current certificate and preverify_ok == 1 */
673 VRB(session, "Cert verify: fail (%s), but the end-entity certificate is trusted, continuing.",
674 X509_verify_cert_error_string(X509_STORE_CTX_get_error(x509_ctx)));
675 X509_STORE_CTX_set_error(x509_ctx, X509_V_OK);
676 return 1;
677 }
678 }
679
680 return 0;
681}
Michal Vasko18aeb5d2017-02-17 09:23:56 +0100682
683static int
684nc_tlsclb_verify(int preverify_ok, X509_STORE_CTX *x509_ctx)
685{
Michal Vasko18aeb5d2017-02-17 09:23:56 +0100686 X509_NAME *subject;
687 X509_NAME *issuer;
688 X509 *cert;
roman3f9b65c2023-06-05 14:26:58 +0200689 char *cp;
Michal Vaskob83a3fa2021-05-26 09:53:42 +0200690
691 STACK_OF(X509) * cert_stack;
Michal Vaskob83a3fa2021-05-26 09:53:42 +0200692 struct nc_session *session;
Michal Vasko18aeb5d2017-02-17 09:23:56 +0100693 struct nc_server_tls_opts *opts;
roman3f9b65c2023-06-05 14:26:58 +0200694 int rc, depth;
Michal Vasko18aeb5d2017-02-17 09:23:56 +0100695
696 /* get the thread session */
697 session = pthread_getspecific(verify_key);
698 if (!session) {
699 ERRINT;
700 return 0;
701 }
702
703 opts = session->data;
704
705 /* get the last certificate, that is the peer (client) certificate */
706 if (!session->opts.server.client_cert) {
707 cert_stack = X509_STORE_CTX_get1_chain(x509_ctx);
Andrew Langefeld62bc6712018-08-28 16:17:16 -0500708 session->opts.server.client_cert = sk_X509_value(cert_stack, 0);
Michal Vasko18aeb5d2017-02-17 09:23:56 +0100709 X509_up_ref(session->opts.server.client_cert);
710 sk_X509_pop_free(cert_stack, X509_free);
711 }
712
roman3f9b65c2023-06-05 14:26:58 +0200713 /* standard certificate verification failed, so an end-entity client cert must match to continue */
Michal Vasko18aeb5d2017-02-17 09:23:56 +0100714 if (!preverify_ok) {
roman3f9b65c2023-06-05 14:26:58 +0200715 /* check current endpoint's end-entity certs */
716 rc = nc_server_tls_do_preverify(session, x509_ctx, 1);
Michal Vasko18aeb5d2017-02-17 09:23:56 +0100717 if (rc == -1) {
roman3f9b65c2023-06-05 14:26:58 +0200718 return 0;
719 } else if (rc == 1) {
720 return 1;
Michal Vasko18aeb5d2017-02-17 09:23:56 +0100721 }
Michal Vasko18aeb5d2017-02-17 09:23:56 +0100722
roman3f9b65c2023-06-05 14:26:58 +0200723 /* no match, continue */
724 if (opts->endpt_client_ref) {
725 /* check referenced endpoint's end-entity certs */
726 rc = nc_server_tls_do_preverify(session, x509_ctx, 2);
727 if (rc == -1) {
728 return 0;
729 } else if (rc == 1) {
730 return 1;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100731 }
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100732 }
733
roman3f9b65c2023-06-05 14:26:58 +0200734 /* no match, fail */
Michal Vasko05532772021-06-03 12:12:38 +0200735 ERR(session, "Cert verify: fail (%s).", X509_verify_cert_error_string(X509_STORE_CTX_get_error(x509_ctx)));
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100736 return 0;
737 }
738
739 /* print cert verify info */
740 depth = X509_STORE_CTX_get_error_depth(x509_ctx);
Michal Vasko05532772021-06-03 12:12:38 +0200741 VRB(session, "Cert verify: depth %d.", depth);
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100742
743 cert = X509_STORE_CTX_get_current_cert(x509_ctx);
744 subject = X509_get_subject_name(cert);
745 issuer = X509_get_issuer_name(cert);
746
747 cp = X509_NAME_oneline(subject, NULL, 0);
Michal Vasko05532772021-06-03 12:12:38 +0200748 VRB(session, "Cert verify: subject: %s.", cp);
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100749 OPENSSL_free(cp);
750 cp = X509_NAME_oneline(issuer, NULL, 0);
Michal Vasko05532772021-06-03 12:12:38 +0200751 VRB(session, "Cert verify: issuer: %s.", cp);
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100752 OPENSSL_free(cp);
753
roman3f9b65c2023-06-05 14:26:58 +0200754 /* check if the current certificate is revoked if CRL is set */
Michal Vaskoc61c4492016-01-25 11:13:34 +0100755 if (opts->crl_store) {
roman3f9b65c2023-06-05 14:26:58 +0200756 rc = nc_server_tls_check_crl(opts->crl_store, x509_ctx, cert, subject, issuer);
757 if (rc) {
758 return 0;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100759 }
760 }
761
762 /* cert-to-name already successful */
763 if (session->username) {
764 return 1;
765 }
766
767 /* cert-to-name */
Roytakbe391922023-07-27 19:59:24 +0200768 rc = nc_tls_cert_to_name(session, opts->ctn, cert);
roman3f9b65c2023-06-05 14:26:58 +0200769 if (rc == -1) {
770 /* fatal error */
771 depth = 0;
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100772 goto fail;
roman3f9b65c2023-06-05 14:26:58 +0200773 } else if ((rc == 1) && !opts->endpt_client_ref) {
774 /* no match found and no referenced endpoint */
775 goto fail;
776 } else if ((rc == 1) && opts->endpt_client_ref) {
777 /* no match found, but has a referenced endpoint so try it */
778 rc = nc_tls_cert_to_name(session, opts->endpt_client_ref->opts.tls->ctn, cert);
779 if (rc) {
780 if (rc == -1) {
781 /* fatal error */
782 depth = 0;
783 }
784 /* rc == 1 is a normal CTN fail (no match found) */
785 goto fail;
786 }
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100787 }
788
Michal Vasko05532772021-06-03 12:12:38 +0200789 VRB(session, "Cert verify CTN: new client username recognized as \"%s\".", session->username);
Michal Vasko7060bcf2016-11-28 14:48:11 +0100790
791 if (server_opts.user_verify_clb && !server_opts.user_verify_clb(session)) {
Michal Vasko05532772021-06-03 12:12:38 +0200792 VRB(session, "Cert verify: user verify callback revoked authorization.");
Michal Vasko7060bcf2016-11-28 14:48:11 +0100793 X509_STORE_CTX_set_error(x509_ctx, X509_V_ERR_APPLICATION_VERIFICATION);
794 return 0;
795 }
796
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100797 return 1;
798
799fail:
800 if (depth > 0) {
Michal Vasko05532772021-06-03 12:12:38 +0200801 VRB(session, "Cert verify CTN: cert fail, cert-to-name will continue on the next cert in chain.");
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100802 return 1;
803 }
804
Michal Vasko05532772021-06-03 12:12:38 +0200805 VRB(session, "Cert-to-name unsuccessful, dropping the new client.");
Michal Vaskoc14e3c82016-01-11 16:14:30 +0100806 X509_STORE_CTX_set_error(x509_ctx, X509_V_ERR_APPLICATION_VERIFICATION);
807 return 0;
808}
809
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100810static int
Michal Vaskof585ac72016-11-25 15:16:38 +0100811nc_server_tls_get_ctn(uint32_t *id, char **fingerprint, NC_TLS_CTN_MAPTYPE *map_type, char **name,
Michal Vaskob83a3fa2021-05-26 09:53:42 +0200812 struct nc_server_tls_opts *opts)
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100813{
814 struct nc_ctn *ctn;
815 int ret = -1;
816
817 for (ctn = opts->ctn; ctn; ctn = ctn->next) {
818 if (id && *id && (*id != ctn->id)) {
819 continue;
820 }
Michal Vasko3cf4aaa2017-02-01 15:03:36 +0100821 if (fingerprint && *fingerprint && (!ctn->fingerprint || strcmp(*fingerprint, ctn->fingerprint))) {
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100822 continue;
823 }
Michal Vasko3cf4aaa2017-02-01 15:03:36 +0100824 if (map_type && *map_type && (!ctn->map_type || (*map_type != ctn->map_type))) {
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100825 continue;
826 }
Michal Vasko3cf4aaa2017-02-01 15:03:36 +0100827 if (name && *name && (!ctn->name || strcmp(*name, ctn->name))) {
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100828 continue;
829 }
830
831 /* first match, good enough */
832 if (id && !(*id)) {
833 *id = ctn->id;
834 }
Michal Vasko3cf4aaa2017-02-01 15:03:36 +0100835 if (fingerprint && !(*fingerprint) && ctn->fingerprint) {
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100836 *fingerprint = strdup(ctn->fingerprint);
837 }
Michal Vasko3cf4aaa2017-02-01 15:03:36 +0100838 if (map_type && !(*map_type) && ctn->map_type) {
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100839 *map_type = ctn->map_type;
840 }
Adam Richterd44680e2019-06-15 13:16:16 -0700841 if (name && !(*name) && ctn->name) {
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100842 *name = strdup(ctn->name);
843 }
844
845 ret = 0;
846 break;
847 }
848
849 return ret;
850}
851
852API int
Michal Vaskof585ac72016-11-25 15:16:38 +0100853nc_server_tls_endpt_get_ctn(const char *endpt_name, uint32_t *id, char **fingerprint, NC_TLS_CTN_MAPTYPE *map_type,
Michal Vaskoadf30f02019-06-24 09:34:47 +0200854 char **name)
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100855{
856 int ret;
857 struct nc_endpt *endpt;
858
roman40672412023-05-04 11:10:22 +0200859 NC_CHECK_ARG_RET(NULL, endpt_name, -1);
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100860
861 /* LOCK */
Michal Vaskoade892d2017-02-22 13:40:35 +0100862 endpt = nc_server_endpt_lock_get(endpt_name, NC_TI_OPENSSL, NULL);
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100863 if (!endpt) {
864 return -1;
865 }
866 ret = nc_server_tls_get_ctn(id, fingerprint, map_type, name, endpt->opts.tls);
867 /* UNLOCK */
romanc1d2b092023-02-02 08:58:27 +0100868 pthread_rwlock_unlock(&server_opts.config_lock);
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100869
870 return ret;
871}
872
873API int
Michal Vaskoadf30f02019-06-24 09:34:47 +0200874nc_server_tls_ch_client_endpt_get_ctn(const char *client_name, const char *endpt_name, uint32_t *id, char **fingerprint,
875 NC_TLS_CTN_MAPTYPE *map_type, char **name)
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100876{
877 int ret;
878 struct nc_ch_client *client;
Michal Vaskoadf30f02019-06-24 09:34:47 +0200879 struct nc_ch_endpt *endpt;
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100880
881 /* LOCK */
Michal Vaskoadf30f02019-06-24 09:34:47 +0200882 endpt = nc_server_ch_client_lock(client_name, endpt_name, NC_TI_OPENSSL, &client);
883 if (!endpt) {
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100884 return -1;
885 }
886
Michal Vaskoadf30f02019-06-24 09:34:47 +0200887 ret = nc_server_tls_get_ctn(id, fingerprint, map_type, name, endpt->opts.tls);
Michal Vaskodf5e6af2016-11-23 13:50:56 +0100888
889 /* UNLOCK */
890 nc_server_ch_client_unlock(client);
891
892 return ret;
893}
894
Michal Vasko709598e2016-11-28 14:48:32 +0100895API const X509 *
896nc_session_get_client_cert(const struct nc_session *session)
897{
898 if (!session || (session->side != NC_SERVER)) {
roman40672412023-05-04 11:10:22 +0200899 ERRARG(session, "session");
Michal Vasko709598e2016-11-28 14:48:32 +0100900 return NULL;
901 }
902
903 return session->opts.server.client_cert;
904}
905
Michal Vasko7060bcf2016-11-28 14:48:11 +0100906API void
907nc_server_tls_set_verify_clb(int (*verify_clb)(const struct nc_session *session))
908{
909 server_opts.user_verify_clb = verify_clb;
910}
911
Michal Vasko6d292992016-01-18 09:42:38 +0100912static void
913nc_tls_make_verify_key(void)
914{
Michal Vasko5c2f7952016-01-22 13:16:31 +0100915 pthread_key_create(&verify_key, NULL);
Michal Vasko6d292992016-01-18 09:42:38 +0100916}
917
roman3f9b65c2023-06-05 14:26:58 +0200918static int
919nc_server_tls_ks_ref_get_cert_key(const char *referenced_key_name, const char *referenced_cert_name,
920 char **privkey_data, NC_PRIVKEY_FORMAT *privkey_type, char **cert_data)
Andrew Langefeld440b6c72018-08-27 16:26:20 -0500921{
roman3f9b65c2023-06-05 14:26:58 +0200922 uint16_t i, j;
923 struct nc_keystore *ks = &server_opts.keystore;
Andrew Langefeld440b6c72018-08-27 16:26:20 -0500924
roman3f9b65c2023-06-05 14:26:58 +0200925 *privkey_data = NULL;
926 *cert_data = NULL;
Andrew Langefeld440b6c72018-08-27 16:26:20 -0500927
roman3f9b65c2023-06-05 14:26:58 +0200928 /* lookup name */
929 for (i = 0; i < ks->asym_key_count; i++) {
930 if (!strcmp(referenced_key_name, ks->asym_keys[i].name)) {
931 break;
Andrew Langefeld440b6c72018-08-27 16:26:20 -0500932 }
933 }
roman3f9b65c2023-06-05 14:26:58 +0200934 if (i == ks->asym_key_count) {
935 ERR(NULL, "Keystore entry \"%s\" not found.", referenced_key_name);
Andrew Langefeld440b6c72018-08-27 16:26:20 -0500936 return -1;
937 }
938
roman3f9b65c2023-06-05 14:26:58 +0200939 for (j = 0; j < ks->asym_keys[i].cert_count; j++) {
940 if (!strcmp(referenced_cert_name, ks->asym_keys[i].certs[i].name)) {
941 break;
Andrew Langefeld440b6c72018-08-27 16:26:20 -0500942 }
943 }
roman3f9b65c2023-06-05 14:26:58 +0200944 if (j == ks->asym_keys[i].cert_count) {
945 ERR(NULL, "Keystore certificate entry \"%s\" associated with the key \"%s\" not found.",
946 referenced_cert_name, referenced_key_name);
947 return -1;
948 }
Andrew Langefeld440b6c72018-08-27 16:26:20 -0500949
roman3f9b65c2023-06-05 14:26:58 +0200950 *privkey_data = ks->asym_keys[i].privkey_data;
951 *privkey_type = ks->asym_keys[i].privkey_type;
952 *cert_data = ks->asym_keys[i].certs[j].data;
953 return 0;
Andrew Langefeld440b6c72018-08-27 16:26:20 -0500954}
955
Michal Vasko4c1fb492017-01-30 14:31:07 +0100956static int
roman3f9b65c2023-06-05 14:26:58 +0200957nc_tls_ctx_set_server_cert_key(SSL_CTX *tls_ctx, struct nc_server_tls_opts *opts)
Michal Vasko4c1fb492017-01-30 14:31:07 +0100958{
roman3f9b65c2023-06-05 14:26:58 +0200959 char *privkey_data = NULL, *cert_data = NULL;
Michal Vaskoddce1212019-05-24 09:58:49 +0200960 int ret = 0;
roman3f9b65c2023-06-05 14:26:58 +0200961 NC_PRIVKEY_FORMAT privkey_type;
Michal Vasko6e08cb72017-02-02 11:15:29 +0100962 X509 *cert = NULL;
963 EVP_PKEY *pkey = NULL;
Michal Vasko4c1fb492017-01-30 14:31:07 +0100964
roman3f9b65c2023-06-05 14:26:58 +0200965 NC_CHECK_ARG_RET(NULL, tls_ctx, opts, -1);
Michal Vasko4c1fb492017-01-30 14:31:07 +0100966
roman3f9b65c2023-06-05 14:26:58 +0200967 /* get data needed for setting the server cert */
968 if (opts->store == NC_STORE_LOCAL) {
969 /* local definition */
970 cert_data = opts->cert_data;
971 privkey_data = opts->privkey_data;
972 privkey_type = opts->privkey_type;
Michal Vasko4c1fb492017-01-30 14:31:07 +0100973 } else {
roman3f9b65c2023-06-05 14:26:58 +0200974 /* keystore */
975 ret = nc_server_tls_ks_ref_get_cert_key(opts->key_ref, opts->cert_ref, &privkey_data, &privkey_type, &cert_data);
976 if (ret) {
977 ERR(NULL, "Getting server certificate from the keystore reference \"%s\" failed.", opts->key_ref);
978 return -1;
Michal Vasko4c1fb492017-01-30 14:31:07 +0100979 }
980 }
981
roman3f9b65c2023-06-05 14:26:58 +0200982 /* load the cert */
983 cert = base64der_to_cert(cert_data);
984 if (!cert) {
985 ERR(NULL, "Converting certificate data to certificate format failed.");
986 ret = -1;
987 goto cleanup;
988 }
989
990 /* set server cert */
991 ret = SSL_CTX_use_certificate(tls_ctx, cert);
992 if (ret != 1) {
993 ERR(NULL, "Loading the server certificate failed (%s).", ERR_reason_error_string(ERR_get_error()));
994 ret = -1;
995 goto cleanup;
996 }
997
Michal Vasko4c1fb492017-01-30 14:31:07 +0100998 /* load the private key */
roman3f9b65c2023-06-05 14:26:58 +0200999 pkey = base64der_to_privatekey(privkey_data, nc_privkey_format_to_str(privkey_type));
1000 if (!pkey) {
1001 ERR(NULL, "Converting private key data to private key format failed.");
1002 ret = -1;
1003 goto cleanup;
Michal Vasko4c1fb492017-01-30 14:31:07 +01001004 }
1005
roman3f9b65c2023-06-05 14:26:58 +02001006 /* set server key */
1007 ret = SSL_CTX_use_PrivateKey(tls_ctx, pkey);
1008 if (ret != 1) {
1009 ERR(NULL, "Loading the server private key failed (%s).", ERR_reason_error_string(ERR_get_error()));
1010 ret = -1;
1011 goto cleanup;
1012 }
1013
1014 ret = 0;
Andrew Langefeld440b6c72018-08-27 16:26:20 -05001015
Michal Vasko4c1fb492017-01-30 14:31:07 +01001016cleanup:
Michal Vasko6e08cb72017-02-02 11:15:29 +01001017 X509_free(cert);
1018 EVP_PKEY_free(pkey);
Michal Vasko4c1fb492017-01-30 14:31:07 +01001019 return ret;
1020}
1021
roman3f9b65c2023-06-05 14:26:58 +02001022static int
1023tls_store_add_trusted_cert(X509_STORE *cert_store, const char *cert_data)
Michal Vasko4c1fb492017-01-30 14:31:07 +01001024{
roman3f9b65c2023-06-05 14:26:58 +02001025 X509 *cert;
1026
1027 cert = base64der_to_cert(cert_data);
Michal Vaskob83a3fa2021-05-26 09:53:42 +02001028
Michal Vasko4c1fb492017-01-30 14:31:07 +01001029 if (!cert) {
roman3f9b65c2023-06-05 14:26:58 +02001030 ERR(NULL, "Loading a trusted certificate (data \"%s\") failed (%s).", cert_data,
1031 ERR_reason_error_string(ERR_get_error()));
1032 return -1;
Michal Vasko4c1fb492017-01-30 14:31:07 +01001033 }
1034
1035 /* add the trusted certificate */
1036 if (X509_STORE_add_cert(cert_store, cert) != 1) {
Michal Vasko05532772021-06-03 12:12:38 +02001037 ERR(NULL, "Adding a trusted certificate failed (%s).", ERR_reason_error_string(ERR_get_error()));
Michal Vasko4c1fb492017-01-30 14:31:07 +01001038 X509_free(cert);
roman3f9b65c2023-06-05 14:26:58 +02001039 return -1;
Michal Vasko4c1fb492017-01-30 14:31:07 +01001040 }
1041 X509_free(cert);
roman3f9b65c2023-06-05 14:26:58 +02001042
1043 return 0;
Michal Vasko4c1fb492017-01-30 14:31:07 +01001044}
1045
1046static int
roman3f9b65c2023-06-05 14:26:58 +02001047nc_tls_store_set_trusted_certs(X509_STORE *cert_store, struct nc_cert_grouping *ca_certs)
Michal Vasko4c1fb492017-01-30 14:31:07 +01001048{
1049 uint16_t i;
roman3f9b65c2023-06-05 14:26:58 +02001050 struct nc_certificate *certs;
1051 uint16_t cert_count;
Michal Vasko4c1fb492017-01-30 14:31:07 +01001052
roman3f9b65c2023-06-05 14:26:58 +02001053 if (ca_certs->store == NC_STORE_LOCAL) {
1054 /* local definition */
1055 certs = ca_certs->certs;
1056 cert_count = ca_certs->cert_count;
1057 } else {
1058 /* truststore */
1059 if (nc_server_tls_ts_ref_get_certs(ca_certs->ts_ref, &certs, &cert_count)) {
1060 ERR(NULL, "Error getting certificate-authority certificates from the truststore reference \"%s\".", ca_certs->ts_ref);
Michal Vasko4c1fb492017-01-30 14:31:07 +01001061 return -1;
1062 }
roman3f9b65c2023-06-05 14:26:58 +02001063 }
Michal Vasko4c1fb492017-01-30 14:31:07 +01001064
roman3f9b65c2023-06-05 14:26:58 +02001065 for (i = 0; i < cert_count; i++) {
1066 if (tls_store_add_trusted_cert(cert_store, certs[i].data)) {
1067 return -1;
Michal Vasko4c1fb492017-01-30 14:31:07 +01001068 }
Michal Vasko4c1fb492017-01-30 14:31:07 +01001069 }
1070
1071 return 0;
1072}
1073
Michal Vasko9af52322022-07-25 14:39:30 +02001074static int
roman3f9b65c2023-06-05 14:26:58 +02001075nc_server_tls_crl_path(struct nc_session *session, const char *crl_path, X509_STORE *store)
1076{
1077 int ret = 0;
1078 X509_CRL *crl = NULL;
1079 FILE *f;
1080
1081 f = fopen(crl_path, "r");
1082 if (!f) {
1083 ERR(session, "Unable to open CRL file \"%s\".", crl_path);
1084 return -1;
1085 }
1086
1087 /* try DER first */
1088 crl = d2i_X509_CRL_fp(f, NULL);
1089 if (crl) {
1090 /* success */
1091 goto ok;
1092 }
1093
1094 /* DER failed, try PEM */
1095 rewind(f);
1096 crl = PEM_read_X509_CRL(f, NULL, NULL, NULL);
1097 if (!crl) {
1098 ERR(session, "Reading CRL from file \"%s\" failed.", crl_path);
1099 ret = -1;
1100 goto cleanup;
1101 }
1102
1103ok:
1104 ret = X509_STORE_add_crl(store, crl);
1105 if (!ret) {
1106 ERR(session, "Error adding CRL to store (%s).", ERR_reason_error_string(ERR_get_error()));
1107 ret = -1;
1108 goto cleanup;
1109 }
1110 /* ok */
1111 ret = 0;
1112
1113cleanup:
1114 fclose(f);
1115 X509_CRL_free(crl);
1116 return ret;
1117}
1118
1119static size_t
1120nc_server_tls_curl_cb(char *ptr, size_t size, size_t nmemb, void *userdata)
1121{
1122 struct nc_curl_data *data;
1123
1124 size = nmemb;
1125
1126 data = (struct nc_curl_data *)userdata;
1127
1128 data->data = nc_realloc(data->data, data->size + size);
1129 if (!data->data) {
1130 ERRMEM;
1131 return 0;
1132 }
1133
1134 memcpy(&data->data[data->size], ptr, size);
1135 data->size += size;
1136
1137 return size;
1138}
1139
1140static int
1141nc_server_tls_curl_init(struct nc_session *session, CURL **handle, struct nc_curl_data *data)
1142{
1143 NC_CHECK_ARG_RET(session, handle, data, -1);
1144
1145 *handle = NULL;
1146
1147 *handle = curl_easy_init();
1148 if (!*handle) {
1149 ERR(session, "Initializing CURL failed.");
1150 return -1;
1151 }
1152
1153 if (curl_easy_setopt(*handle, CURLOPT_WRITEFUNCTION, nc_server_tls_curl_cb)) {
1154 ERR(session, "Setting curl callback failed.");
1155 return -1;
1156 }
1157
1158 if (curl_easy_setopt(*handle, CURLOPT_WRITEDATA, data)) {
1159 ERR(session, "Setting curl callback data failed.");
1160 return -1;
1161 }
1162
1163 return 0;
1164}
1165
1166static int
1167nc_server_tls_curl_fetch(struct nc_session *session, CURL *handle, const char *url)
1168{
1169 char err_buf[CURL_ERROR_SIZE];
1170
1171 /* set uri */
1172 if (curl_easy_setopt(handle, CURLOPT_URL, url)) {
1173 ERR(session, "Setting URI \"%s\" to download CRL from failed.", url);
1174 return -1;
1175 }
1176
1177 /* set err buf */
1178 curl_easy_setopt(handle, CURLOPT_ERRORBUFFER, err_buf);
1179
1180 /* download */
1181 if (curl_easy_perform(handle)) {
1182 ERR(session, "Downloading CRL from \"%s\" failed (%s).", url, err_buf);
1183 return -1;
1184 }
1185
1186 return 0;
1187}
1188
1189static int
1190nc_server_tls_add_crl_to_store(struct nc_session *session, struct nc_curl_data *downloaded, X509_STORE *store)
1191{
1192 int ret = 0;
1193 X509_CRL *crl = NULL;
1194 BIO *bio = NULL;
1195
1196 /* try DER first */
1197 crl = d2i_X509_CRL(NULL, (const unsigned char **) &downloaded->data, downloaded->size);
1198 if (crl) {
1199 /* it was DER */
1200 goto ok;
1201 }
1202
1203 /* DER failed, try PEM next */
1204 bio = BIO_new_mem_buf(downloaded->data, downloaded->size);
1205 if (!bio) {
1206 ERR(session, "Creating new bio failed (%s).", ERR_reason_error_string(ERR_get_error()));
1207 ret = -1;
1208 goto cleanup;
1209 }
1210
1211 /* try to parse PEM from the downloaded data */
1212 crl = PEM_read_bio_X509_CRL(bio, NULL, NULL, NULL);
1213 if (!crl) {
1214 ERR(session, "Reading downloaded CRL failed (%s).", ERR_reason_error_string(ERR_get_error()));
1215 ret = -1;
1216 goto cleanup;
1217 }
1218
1219ok:
1220 /* we obtained the CRL, now add it to the CRL store */
1221 ret = X509_STORE_add_crl(store, crl);
1222 if (!ret) {
1223 ERR(session, "Error adding CRL to store (%s).", ERR_reason_error_string(ERR_get_error()));
1224 ret = -1;
1225 goto cleanup;
1226 }
1227 /* ok */
1228 ret = 0;
1229
1230cleanup:
1231 X509_CRL_free(crl);
1232 BIO_free(bio);
1233 return ret;
1234}
1235
1236static int
1237nc_server_tls_crl_url(struct nc_session *session, const char *url, X509_STORE *store)
1238{
1239 int ret = 0;
1240 CURL *handle = NULL;
1241 struct nc_curl_data downloaded = {0};
1242
1243 /* init curl */
1244 ret = nc_server_tls_curl_init(session, &handle, &downloaded);
1245 if (ret) {
1246 goto cleanup;
1247 }
1248
1249 VRB(session, "Downloading CRL from \"%s\".", url);
1250
1251 /* download the CRL */
1252 ret = nc_server_tls_curl_fetch(session, handle, url);
1253 if (ret) {
1254 goto cleanup;
1255 }
1256
1257 /* convert the downloaded data to CRL and add it to the store */
1258 ret = nc_server_tls_add_crl_to_store(session, &downloaded, store);
1259 if (ret) {
1260 goto cleanup;
1261 }
1262
1263cleanup:
1264 curl_easy_cleanup(handle);
1265 return ret;
1266}
1267
1268static int
1269nc_server_tls_crl_cert_ext(struct nc_session *session, X509_STORE *cert_store, X509_STORE *crl_store)
1270{
1271 int ret = 0, i, j, k, gtype;
1272 CURL *handle = NULL;
1273 struct nc_curl_data downloaded = {0};
1274
1275 STACK_OF(X509_OBJECT) * objs;
1276 X509_OBJECT *obj;
1277 X509 *cert;
1278
1279 STACK_OF(DIST_POINT) * dist_points;
1280 DIST_POINT *dist_point;
1281 GENERAL_NAMES *general_names;
1282 GENERAL_NAME *general_name;
1283 ASN1_STRING *asn_string_uri;
1284 const char *crl_distpoint_uri;
1285
1286 /* init curl */
1287 ret = nc_server_tls_curl_init(session, &handle, &downloaded);
1288 if (ret) {
1289 goto cleanup;
1290 }
1291
1292 /* treat all entries in the cert_store as X509_OBJECTs */
1293 objs = X509_STORE_get0_objects(cert_store);
1294 if (!objs) {
1295 ERR(session, "Getting certificates from store failed (%s).", ERR_reason_error_string(ERR_get_error()));
1296 ret = -1;
1297 goto cleanup;
1298 }
1299
1300 /* iterate over all the CAs */
1301 for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
1302 obj = sk_X509_OBJECT_value(objs, i);
1303 cert = X509_OBJECT_get0_X509(obj);
1304 if (!cert) {
1305 /* the object on this index was not a certificate */
1306 continue;
1307 }
1308
1309 /* get all the distribution points for this CA */
1310 dist_points = X509_get_ext_d2i(cert, NID_crl_distribution_points, NULL, NULL);
1311
1312 /* iterate over all the dist points (there can be multiple for a single cert) */
1313 for (j = 0; j < sk_DIST_POINT_num(dist_points); j++) {
1314 dist_point = sk_DIST_POINT_value(dist_points, j);
1315 if (!dist_point) {
1316 continue;
1317 }
1318 general_names = dist_point->distpoint->name.fullname;
1319
1320 /* iterate over all the GeneralesNames in the distribution point */
1321 for (k = 0; k < sk_GENERAL_NAME_num(general_names); k++) {
1322 general_name = sk_GENERAL_NAME_value(general_names, k);
1323 asn_string_uri = GENERAL_NAME_get0_value(general_name, &gtype);
1324
1325 /* check if the general name is a URI and has a valid length */
1326 if ((gtype != GEN_URI) || (ASN1_STRING_length(asn_string_uri) <= 6)) {
1327 continue;
1328 }
1329
1330 crl_distpoint_uri = (const char *) ASN1_STRING_get0_data(asn_string_uri);
1331
1332 VRB(session, "Downloading CRL from \"%s\".", crl_distpoint_uri);
1333
1334 /* download the CRL */
1335 ret = nc_server_tls_curl_fetch(session, handle, crl_distpoint_uri);
1336 if (ret) {
1337 /* failed to download the CRL from this entry, try th next */
1338 continue;
1339 }
1340
1341 /* convert the downloaded data to CRL and add it to the store */
1342 ret = nc_server_tls_add_crl_to_store(session, &downloaded, crl_store);
1343 if (ret) {
1344 goto cleanup;
1345 }
1346
1347 /* the CRL was downloaded, no need to download it again using different protocol */
1348 break;
1349 }
1350 }
1351 }
1352
1353cleanup:
1354 curl_easy_cleanup(handle);
1355 return ret;
1356}
1357
1358static int
1359nc_tls_store_set_crl(struct nc_session *session, struct nc_server_tls_opts *opts, X509_STORE *store)
1360{
1361 if (!opts->crl_store) {
1362 /* first call on this endpoint */
1363 opts->crl_store = X509_STORE_new();
1364 if (!opts->crl_store) {
1365 ERRMEM;
1366 goto fail;
1367 }
1368 }
1369
1370 if (opts->crl_path) {
1371 if (nc_server_tls_crl_path(session, opts->crl_path, opts->crl_store)) {
1372 goto fail;
1373 }
1374 } else if (opts->crl_url) {
1375 if (nc_server_tls_crl_url(session, opts->crl_url, opts->crl_store)) {
1376 goto fail;
1377 }
1378 } else {
1379 if (nc_server_tls_crl_cert_ext(session, store, opts->crl_store)) {
1380 goto fail;
1381 }
1382 }
1383
1384 return 0;
1385
1386fail:
1387 return -1;
1388}
1389
1390static int
Michal Vasko9af52322022-07-25 14:39:30 +02001391nc_server_tls_accept_check(int accept_ret, struct nc_session *session)
1392{
1393 int verify;
1394
1395 /* check certificate verification result */
1396 verify = SSL_get_verify_result(session->ti.tls);
1397 switch (verify) {
1398 case X509_V_OK:
1399 if (accept_ret == 1) {
1400 VRB(session, "Client certificate verified.");
1401 }
1402 break;
1403 default:
1404 ERR(session, "Client certificate error (%s).", X509_verify_cert_error_string(verify));
1405 }
1406
1407 if (accept_ret != 1) {
1408 switch (SSL_get_error(session->ti.tls, accept_ret)) {
1409 case SSL_ERROR_SYSCALL:
Michal Vasko7ffcd142022-09-07 09:24:22 +02001410 ERR(session, "SSL accept failed (%s).", strerror(errno));
Michal Vasko9af52322022-07-25 14:39:30 +02001411 break;
1412 case SSL_ERROR_SSL:
Michal Vasko7ffcd142022-09-07 09:24:22 +02001413 ERR(session, "SSL accept failed (%s).", ERR_reason_error_string(ERR_get_error()));
Michal Vasko9af52322022-07-25 14:39:30 +02001414 break;
1415 default:
Michal Vasko7ffcd142022-09-07 09:24:22 +02001416 ERR(session, "SSL accept failed.");
Michal Vasko9af52322022-07-25 14:39:30 +02001417 break;
1418 }
1419 }
1420
1421 return accept_ret;
1422}
1423
Michal Vasko3031aae2016-01-27 16:07:18 +01001424int
roman3f9b65c2023-06-05 14:26:58 +02001425nc_accept_tls_session(struct nc_session *session, struct nc_server_tls_opts *opts, int sock, int timeout)
Michal Vasko3031aae2016-01-27 16:07:18 +01001426{
Michal Vaskoe2713da2016-08-22 16:06:40 +02001427 X509_STORE *cert_store;
1428 SSL_CTX *tls_ctx;
Michal Vasko36c7be82017-02-22 13:37:59 +01001429 int ret;
roman6ece9c52022-06-22 09:29:17 +02001430 struct timespec ts_timeout;
Michal Vaskoc61c4492016-01-25 11:13:34 +01001431
Michal Vaskoe2713da2016-08-22 16:06:40 +02001432 /* SSL_CTX */
Michal Vasko18aeb5d2017-02-17 09:23:56 +01001433 tls_ctx = SSL_CTX_new(TLS_server_method());
roman3f9b65c2023-06-05 14:26:58 +02001434
Michal Vaskoe2713da2016-08-22 16:06:40 +02001435 if (!tls_ctx) {
Michal Vasko05532772021-06-03 12:12:38 +02001436 ERR(session, "Failed to create TLS context.");
Michal Vaskoe2713da2016-08-22 16:06:40 +02001437 goto error;
1438 }
roman3f9b65c2023-06-05 14:26:58 +02001439
Michal Vaskoe2713da2016-08-22 16:06:40 +02001440 SSL_CTX_set_verify(tls_ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, nc_tlsclb_verify);
roman3f9b65c2023-06-05 14:26:58 +02001441 if (nc_tls_ctx_set_server_cert_key(tls_ctx, opts)) {
Michal Vaskoe2713da2016-08-22 16:06:40 +02001442 goto error;
1443 }
1444
1445 /* X509_STORE, managed (freed) with the context */
1446 cert_store = X509_STORE_new();
roman3f9b65c2023-06-05 14:26:58 +02001447 if (!cert_store) {
1448 ERR(session, "Creating certificate store failed (%s).", ERR_reason_error_string(ERR_get_error()));
Michal Vasko4c1fb492017-01-30 14:31:07 +01001449 goto error;
Michal Vaskoe2713da2016-08-22 16:06:40 +02001450 }
1451
roman3f9b65c2023-06-05 14:26:58 +02001452 /* set end-entity certs as cert store data, retrieve them if verification fails later */
1453 ret = X509_STORE_set_ex_data(cert_store, 1, &opts->ee_certs);
1454 if (!ret) {
1455 ERR(session, "Setting certificate store data failed (%s).", ERR_reason_error_string(ERR_get_error()));
1456 goto error;
1457 }
Michal Vaskoe2713da2016-08-22 16:06:40 +02001458
roman3f9b65c2023-06-05 14:26:58 +02001459 /* do the same for referenced endpoint's end entity certs */
1460 if (opts->endpt_client_ref) {
1461 ret = X509_STORE_set_ex_data(cert_store, 2, &opts->endpt_client_ref->opts.tls->ee_certs);
1462 if (!ret) {
1463 ERR(session, "Setting certificate store data failed (%s).", ERR_reason_error_string(ERR_get_error()));
Michal Vaskoe2713da2016-08-22 16:06:40 +02001464 goto error;
1465 }
1466 }
1467
roman3f9b65c2023-06-05 14:26:58 +02001468 /* set store to the context */
1469 SSL_CTX_set_cert_store(tls_ctx, cert_store);
1470
1471 /* set certificate authority certs */
1472 if (nc_tls_store_set_trusted_certs(cert_store, &opts->ca_certs)) {
1473 goto error;
1474 }
1475
1476 /* set referenced endpoint's CA certs if set */
1477 if (opts->endpt_client_ref) {
1478 if (nc_tls_store_set_trusted_certs(cert_store, &opts->endpt_client_ref->opts.tls->ca_certs)) {
Michal Vaskoe2713da2016-08-22 16:06:40 +02001479 goto error;
1480 }
roman3f9b65c2023-06-05 14:26:58 +02001481 }
Michal Vaskoe2713da2016-08-22 16:06:40 +02001482
roman3f9b65c2023-06-05 14:26:58 +02001483 /* set Certificate Revocation List if configured */
1484 if (opts->crl_path || opts->crl_url || opts->crl_cert_ext) {
1485 if (nc_tls_store_set_crl(session, opts, cert_store)) {
Michal Vaskoe2713da2016-08-22 16:06:40 +02001486 goto error;
1487 }
1488 }
1489
Michal Vaskoc14e3c82016-01-11 16:14:30 +01001490 session->ti_type = NC_TI_OPENSSL;
Michal Vaskoe2713da2016-08-22 16:06:40 +02001491 session->ti.tls = SSL_new(tls_ctx);
1492
Michal Vasko4c1fb492017-01-30 14:31:07 +01001493 /* context can be freed already, trusted certs must be freed manually */
Michal Vaskoe2713da2016-08-22 16:06:40 +02001494 SSL_CTX_free(tls_ctx);
1495 tls_ctx = NULL;
Michal Vasko7f1c78b2016-01-19 09:52:14 +01001496
Michal Vaskoc14e3c82016-01-11 16:14:30 +01001497 if (!session->ti.tls) {
Michal Vasko05532772021-06-03 12:12:38 +02001498 ERR(session, "Failed to create TLS structure from context.");
Michal Vaskoe2713da2016-08-22 16:06:40 +02001499 goto error;
Michal Vaskoc14e3c82016-01-11 16:14:30 +01001500 }
1501
roman3f9b65c2023-06-05 14:26:58 +02001502 /* set TLS versions for the current SSL session */
1503 if (opts->tls_versions) {
1504 if (!(opts->tls_versions & NC_TLS_VERSION_10)) {
1505 SSL_set_options(session->ti.tls, SSL_OP_NO_TLSv1);
1506 }
1507 if (!(opts->tls_versions & NC_TLS_VERSION_11)) {
1508 SSL_set_options(session->ti.tls, SSL_OP_NO_TLSv1_1);
1509 }
1510 if (!(opts->tls_versions & NC_TLS_VERSION_12)) {
1511 SSL_set_options(session->ti.tls, SSL_OP_NO_TLSv1_2);
1512 }
1513 if (!(opts->tls_versions & NC_TLS_VERSION_13)) {
1514 SSL_set_options(session->ti.tls, SSL_OP_NO_TLSv1_3);
1515 }
1516 }
1517
1518 /* set TLS cipher suites */
1519 if (opts->ciphers) {
1520 /* set for TLS1.2 and lower */
1521 SSL_set_cipher_list(session->ti.tls, opts->ciphers);
1522 /* set for TLS1.3 */
1523 SSL_set_ciphersuites(session->ti.tls, opts->ciphers);
1524 }
1525
Michal Vaskoc14e3c82016-01-11 16:14:30 +01001526 SSL_set_fd(session->ti.tls, sock);
Michal Vaskoe2713da2016-08-22 16:06:40 +02001527 sock = -1;
Michal Vaskoc14e3c82016-01-11 16:14:30 +01001528 SSL_set_mode(session->ti.tls, SSL_MODE_AUTO_RETRY);
1529
Michal Vasko6d292992016-01-18 09:42:38 +01001530 /* store session on per-thread basis */
Michal Vasko5c2f7952016-01-22 13:16:31 +01001531 pthread_once(&verify_once, nc_tls_make_verify_key);
1532 pthread_setspecific(verify_key, session);
Michal Vaskoc14e3c82016-01-11 16:14:30 +01001533
Michal Vasko36c7be82017-02-22 13:37:59 +01001534 if (timeout > -1) {
Michal Vaskod8a74192023-02-06 15:51:50 +01001535 nc_timeouttime_get(&ts_timeout, timeout);
Michal Vasko36c7be82017-02-22 13:37:59 +01001536 }
Michal Vasko0190bc32016-03-02 15:47:49 +01001537 while (((ret = SSL_accept(session->ti.tls)) == -1) && (SSL_get_error(session->ti.tls, ret) == SSL_ERROR_WANT_READ)) {
1538 usleep(NC_TIMEOUT_STEP);
Michal Vaskod8a74192023-02-06 15:51:50 +01001539 if ((timeout > -1) && (nc_timeouttime_cur_diff(&ts_timeout) < 1)) {
Michal Vasko7ffcd142022-09-07 09:24:22 +02001540 ERR(session, "SSL accept timeout.");
roman6ece9c52022-06-22 09:29:17 +02001541 return 0;
Michal Vasko0190bc32016-03-02 15:47:49 +01001542 }
1543 }
Michal Vasko9af52322022-07-25 14:39:30 +02001544 if (nc_server_tls_accept_check(ret, session) != 1) {
Michal Vaskoc14e3c82016-01-11 16:14:30 +01001545 return -1;
1546 }
1547
Michal Vasko1a38c862016-01-15 15:50:07 +01001548 return 1;
Michal Vaskoe2713da2016-08-22 16:06:40 +02001549
1550error:
1551 if (sock > -1) {
1552 close(sock);
1553 }
1554 SSL_CTX_free(tls_ctx);
1555 return -1;
Michal Vasko9e036d52016-01-08 10:49:26 +01001556}