diff options
| -rw-r--r-- | LIBTLS_VERSION | 2 | ||||
| -rw-r--r-- | VERSION | 2 | ||||
| -rw-r--r-- | configure.ac | 16 | ||||
| -rwxr-xr-x | include/compat/pthread.h | 8 | ||||
| -rw-r--r-- | m4/check-os-options.m4 | 15 | ||||
| -rw-r--r-- | man/Makefile.am | 20 | ||||
| -rw-r--r-- | man/tls_config_set_protocols.3 | 76 | ||||
| -rw-r--r-- | tls.c | 139 | ||||
| -rw-r--r-- | tls.sym | 1 | ||||
| -rw-r--r-- | tls_config.c | 17 | ||||
| -rw-r--r-- | tls_conninfo.c | 5 | ||||
| -rw-r--r-- | tls_internal.h | 4 | ||||
| -rw-r--r-- | tls_keypair.c | 6 | ||||
| -rw-r--r-- | tls_ocsp.c | 4 | 
14 files changed, 234 insertions, 81 deletions
| diff --git a/LIBTLS_VERSION b/LIBTLS_VERSION index 77c98b5..2a9f52a 100644 --- a/LIBTLS_VERSION +++ b/LIBTLS_VERSION @@ -1 +1 @@ -20:1:0 +20:3:0 diff --git a/VERSION b/VERSION index acb9a46..1582f86 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ -3.3.1p1 +3.3.2 diff --git a/configure.ac b/configure.ac index f2a27a9..150a6d6 100644 --- a/configure.ac +++ b/configure.ac @@ -54,9 +54,6 @@ int main() {return 0;} AC_MSG_RESULT(no) ]) -# Check if time_t is sized correctly -AC_CHECK_SIZEOF([time_t], [time.h]) - AX_CHECK_OPENSSL([], [AC_MSG_ERROR([unable to find OpenSSL])]) AC_CONFIG_FILES([ @@ -66,17 +63,4 @@ AC_CONFIG_FILES([ libtls.pc ]) -AM_CONDITIONAL([SMALL_TIME_T], [test "$ac_cv_sizeof_time_t" = "4"]) -if test "$ac_cv_sizeof_time_t" = "4"; then - AC_DEFINE([SMALL_TIME_T]) - echo " ** Warning, this system is unable to represent times past 2038" - echo " ** It will behave incorrectly when handling valid RFC5280 dates" - - if test "$host_os" = "mingw32" ; then - echo " **" - echo " ** You can solve this by adjusting the build flags in your" - echo " ** mingw-w64 toolchain. Refer to README.windows for details." - fi -fi - AC_OUTPUT diff --git a/include/compat/pthread.h b/include/compat/pthread.h index 1527d3c..1ab011c 100755 --- a/include/compat/pthread.h +++ b/include/compat/pthread.h @@ -102,6 +102,14 @@ pthread_mutex_unlock(pthread_mutex_t *mutex) return 0; } +static inline int +pthread_mutex_destroy(pthread_mutex_t *mutex) +{ + DeleteCriticalSection(mutex->lock); + free(mutex->lock); + return 0; +} + #else #include_next <pthread.h> #endif diff --git a/m4/check-os-options.m4 b/m4/check-os-options.m4 index a4f1faa..644bf71 100644 --- a/m4/check-os-options.m4 +++ b/m4/check-os-options.m4 @@ -123,6 +123,21 @@ char buf[1]; getentropy(buf, 1); *) ;; esac +# Check if time_t is sized correctly +AC_CHECK_SIZEOF([time_t], [time.h]) +AM_CONDITIONAL([SMALL_TIME_T], [test "$ac_cv_sizeof_time_t" = "4"]) +if test "$ac_cv_sizeof_time_t" = "4"; then + AC_DEFINE([SMALL_TIME_T]) + echo " ** Warning, this system is unable to represent times past 2038" + echo " ** It will behave incorrectly when handling valid RFC5280 dates" + + if test "$host_os" = "mingw32" ; then + echo " **" + echo " ** You can solve this by adjusting the build flags in your" + echo " ** mingw-w64 toolchain. Refer to README.windows for details." + fi +fi + AM_CONDITIONAL([HOST_AIX], [test x$HOST_OS = xaix]) AM_CONDITIONAL([HOST_CYGWIN], [test x$HOST_OS = xcygwin]) AM_CONDITIONAL([HOST_DARWIN], [test x$HOST_OS = xdarwin]) diff --git a/man/Makefile.am b/man/Makefile.am index b6d3b54..5b39dc7 100644 --- a/man/Makefile.am +++ b/man/Makefile.am @@ -89,6 +89,16 @@ install-data-hook: ln -sf "tls_read.3" "$(DESTDIR)$(mandir)/man3/tls_handshake.3" ln -sf "tls_read.3" "$(DESTDIR)$(mandir)/man3/tls_reset.3" ln -sf "tls_read.3" "$(DESTDIR)$(mandir)/man3/tls_write.3" + ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_chain.3" + ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_depth.3" + ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_string.3" + ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_free.3" + ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_new.3" + ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_intermediates.3" + ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_chains.3" + ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_depth.3" + ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_signatures.3" + ln -sf "x509_verify.3" "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_purpose.3" uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/tls_accept_cbs.3" @@ -168,3 +178,13 @@ uninstall-local: -rm -f "$(DESTDIR)$(mandir)/man3/tls_handshake.3" -rm -f "$(DESTDIR)$(mandir)/man3/tls_reset.3" -rm -f "$(DESTDIR)$(mandir)/man3/tls_write.3" + -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_chain.3" + -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_depth.3" + -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_error_string.3" + -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_free.3" + -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_new.3" + -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_intermediates.3" + -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_chains.3" + -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_depth.3" + -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_max_signatures.3" + -rm -f "$(DESTDIR)$(mandir)/man3/x509_verify_ctx_set_purpose.3" diff --git a/man/tls_config_set_protocols.3 b/man/tls_config_set_protocols.3 index 0aed5b9..7c62493 100644 --- a/man/tls_config_set_protocols.3 +++ b/man/tls_config_set_protocols.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: tls_config_set_protocols.3,v 1.8 2020/01/22 06:46:34 beck Exp $ +.\" $OpenBSD: tls_config_set_protocols.3,v 1.11 2021/01/02 19:58:44 schwarze Exp $ .\" .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> .\" Copyright (c) 2015, 2016 Joel Sing <jsing@openbsd.org> @@ -16,7 +16,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: January 22 2020 $ +.Dd $Mdocdate: January 2 2021 $ .Dt TLS_CONFIG_SET_PROTOCOLS 3 .Os .Sh NAME @@ -74,11 +74,15 @@ otherwise. specifies which versions of the TLS protocol may be used. Possible values are the bitwise OR of: .Pp -.Bl -tag -width "TLS_PROTOCOL_TLSv1_2" -offset indent -compact -.It Dv TLS_PROTOCOL_TLSv1_0 -.It Dv TLS_PROTOCOL_TLSv1_1 -.It Dv TLS_PROTOCOL_TLSv1_2 -.It Dv TLS_PROTOCOL_TLSv1_3 +.Bl -item -offset indent -compact +.It +.Dv TLS_PROTOCOL_TLSv1_0 +.It +.Dv TLS_PROTOCOL_TLSv1_1 +.It +.Dv TLS_PROTOCOL_TLSv1_2 +.It +.Dv TLS_PROTOCOL_TLSv1_3 .El .Pp Additionally, the values @@ -99,9 +103,23 @@ This value can then be passed to the .Fn tls_config_set_protocols function. The protocol string is a comma or colon separated list of keywords. -Valid keywords are tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3, all (all supported -protocols), default (an alias for secure), legacy (an alias for all) and -secure (currently TLSv1.2 and TLSv1.3). +Valid keywords are: +.Pp +.Bl -tag -width "tlsv1.3" -offset indent -compact +.It Dv tlsv1.0 +.It Dv tlsv1.1 +.It Dv tlsv1.2 +.It Dv tlsv1.3 +.It Dv all +.Pq all supported protocols +.It Dv default +.Pq an alias for Dv secure +.It Dv legacy +.Pq an alias for Dv all +.It Dv secure +.Pq currently TLSv1.2 and TLSv1.3 +.El +.Pp If a value has a negative prefix (in the form of a leading exclamation mark) then it is removed from the list of available protocols, rather than being added to it. @@ -115,11 +133,15 @@ sets the list of ciphers that may be used. Lists of ciphers are specified by name, and the permitted names are: .Pp -.Bl -tag -width "insecure" -offset indent -compact -.It Dv "secure" (or alias "default") -.It Dv "compat" -.It Dv "legacy" -.It Dv "insecure" (or alias "all") +.Bl -item -offset indent -compact +.It +.Dv secure Pq or alias Dv default +.It +.Dv compat +.It +.Dv legacy +.It +.Dv insecure Pq or alias Dv all .El .Pp Alternatively, libssl cipher strings can be specified. @@ -130,11 +152,27 @@ for further information. .Fn tls_config_set_dheparams specifies the parameters that will be used during Diffie-Hellman Ephemeral (DHE) key exchange. -Possible values are "none", "auto" and "legacy". -In "auto" mode, the key size for the ephemeral key is automatically selected +Possible values are: +.Pp +.Bl -item -offset indent -compact +.It +.Dv none +.It +.Dv auto +.It +.Dv legacy +.El +.Pp +In +.Dv auto +mode, the key size for the ephemeral key is automatically selected based on the size of the private key being used for signing. -In "legacy" mode, 1024 bit ephemeral keys are used. -The default value is "none", which disables DHE key exchange. +In +.Dv legacy +mode, 1024 bit ephemeral keys are used. +The default value is +.Dv none , +which disables DHE key exchange. .Pp .Fn tls_config_set_ecdhecurves specifies the names of the elliptic curves that may be used during Elliptic diff --git a/tls.c b/tls.c index 26adb2b..91f20cf 100644 --- a/tls.c +++ b/tls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls.c,v 1.85 2020/05/24 15:12:54 jsing Exp $ */ +/* $OpenBSD: tls.c,v 1.89 2021/02/01 15:35:41 tb Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -387,12 +387,113 @@ use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len) return (ret); } +static int +tls_keypair_to_pkey(struct tls *ctx, struct tls_keypair *keypair, EVP_PKEY **pkey) +{ + BIO *bio = NULL; + X509 *x509 = NULL; + char *mem; + size_t len; + int ret = -1; + + *pkey = NULL; + + if (ctx->config->use_fake_private_key) { + mem = keypair->cert_mem; + len = keypair->cert_len; + } else { + mem = keypair->key_mem; + len = keypair->key_len; + } + + if (mem == NULL) + return (0); + + if (len > INT_MAX) { + tls_set_errorx(ctx, ctx->config->use_fake_private_key ? + "cert too long" : "key too long"); + goto err; + } + + if ((bio = BIO_new_mem_buf(mem, len)) == NULL) { + tls_set_errorx(ctx, "failed to create buffer"); + goto err; + } + + if (ctx->config->use_fake_private_key) { + if ((x509 = PEM_read_bio_X509(bio, NULL, tls_password_cb, + NULL)) == NULL) { + tls_set_errorx(ctx, "failed to read X509 certificate"); + goto err; + } + if ((*pkey = X509_get_pubkey(x509)) == NULL) { + tls_set_errorx(ctx, "failed to retrieve pubkey"); + goto err; + } + } else { + if ((*pkey = PEM_read_bio_PrivateKey(bio, NULL, tls_password_cb, + NULL)) == NULL) { + tls_set_errorx(ctx, "failed to read private key"); + goto err; + } + } + + ret = 0; + err: + BIO_free(bio); + X509_free(x509); + return (ret); +} + +static int +tls_keypair_setup_pkey(struct tls *ctx, struct tls_keypair *keypair, EVP_PKEY *pkey) +{ + RSA *rsa = NULL; + EC_KEY *eckey = NULL; + int ret = -1; + + /* Only install the pubkey hash if fake private keys are used. */ + if (!ctx->config->skip_private_key_check) + return (0); + + if (keypair->pubkey_hash == NULL) { + tls_set_errorx(ctx, "public key hash not set"); + goto err; + } + + switch (EVP_PKEY_id(pkey)) { + case EVP_PKEY_RSA: + if ((rsa = EVP_PKEY_get1_RSA(pkey)) == NULL || + RSA_set_ex_data(rsa, 0, keypair->pubkey_hash) == 0) { + tls_set_errorx(ctx, "RSA key setup failure"); + goto err; + } + break; + case EVP_PKEY_EC: + if ((eckey = EVP_PKEY_get1_EC_KEY(pkey)) == NULL || + ECDSA_set_ex_data(eckey, 0, keypair->pubkey_hash) == 0) { + tls_set_errorx(ctx, "EC key setup failure"); + goto err; + } + break; + default: + tls_set_errorx(ctx, "incorrect key type"); + goto err; + } + + ret = 0; + + err: + RSA_free(rsa); + EC_KEY_free(eckey); + return (ret); +} + int tls_configure_ssl_keypair(struct tls *ctx, SSL_CTX *ssl_ctx, struct tls_keypair *keypair, int required) { EVP_PKEY *pkey = NULL; - BIO *bio = NULL; if (!required && keypair->cert_mem == NULL && @@ -412,38 +513,15 @@ tls_configure_ssl_keypair(struct tls *ctx, SSL_CTX *ssl_ctx, } } - if (keypair->key_mem != NULL) { - if (keypair->key_len > INT_MAX) { - tls_set_errorx(ctx, "key too long"); - goto err; - } - - if ((bio = BIO_new_mem_buf(keypair->key_mem, - keypair->key_len)) == NULL) { - tls_set_errorx(ctx, "failed to create buffer"); - goto err; - } - if ((pkey = PEM_read_bio_PrivateKey(bio, NULL, tls_password_cb, - NULL)) == NULL) { - tls_set_errorx(ctx, "failed to read private key"); + if (tls_keypair_to_pkey(ctx, keypair, &pkey) == -1) + goto err; + if (pkey != NULL) { + if (tls_keypair_setup_pkey(ctx, keypair, pkey) == -1) goto err; - } - - if (keypair->pubkey_hash != NULL) { - RSA *rsa; - /* XXX only RSA for now for relayd privsep */ - if ((rsa = EVP_PKEY_get1_RSA(pkey)) != NULL) { - RSA_set_ex_data(rsa, 0, keypair->pubkey_hash); - RSA_free(rsa); - } - } - if (SSL_CTX_use_PrivateKey(ssl_ctx, pkey) != 1) { tls_set_errorx(ctx, "failed to load private key"); goto err; } - BIO_free(bio); - bio = NULL; EVP_PKEY_free(pkey); pkey = NULL; } @@ -458,9 +536,8 @@ tls_configure_ssl_keypair(struct tls *ctx, SSL_CTX *ssl_ctx, err: EVP_PKEY_free(pkey); - BIO_free(bio); - return (1); + return (-1); } int diff --git a/tls.sym b/tls.sym index e3fcb67..42c039d 100644 --- a/tls.sym +++ b/tls.sym @@ -45,6 +45,7 @@ tls_config_set_session_lifetime tls_config_set_session_fd tls_config_set_verify_depth tls_config_skip_private_key_check +tls_config_use_fake_private_key tls_config_verify tls_config_verify_client tls_config_verify_client_optional diff --git a/tls_config.c b/tls_config.c index 6c3404c..3b1f4ff 100644 --- a/tls_config.c +++ b/tls_config.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_config.c,v 1.58 2020/01/20 08:39:21 jsing Exp $ */ +/* $OpenBSD: tls_config.c,v 1.63 2021/01/21 22:03:25 eric Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -180,6 +180,8 @@ tls_config_free(struct tls_config *config) free((char *)config->crl_mem); free(config->ecdhecurves); + pthread_mutex_destroy(&config->mutex); + free(config); } @@ -352,7 +354,8 @@ tls_config_add_keypair_file_internal(struct tls_config *config, return (-1); if (tls_keypair_set_cert_file(keypair, &config->error, cert_file) != 0) goto err; - if (tls_keypair_set_key_file(keypair, &config->error, key_file) != 0) + if (key_file != NULL && + tls_keypair_set_key_file(keypair, &config->error, key_file) != 0) goto err; if (ocsp_file != NULL && tls_keypair_set_ocsp_staple_file(keypair, &config->error, @@ -379,7 +382,8 @@ tls_config_add_keypair_mem_internal(struct tls_config *config, const uint8_t *ce return (-1); if (tls_keypair_set_cert_mem(keypair, &config->error, cert, cert_len) != 0) goto err; - if (tls_keypair_set_key_mem(keypair, &config->error, key, key_len) != 0) + if (key != NULL && + tls_keypair_set_key_mem(keypair, &config->error, key, key_len) != 0) goto err; if (staple != NULL && tls_keypair_set_ocsp_staple_mem(keypair, &config->error, staple, @@ -804,6 +808,13 @@ tls_config_skip_private_key_check(struct tls_config *config) config->skip_private_key_check = 1; } +void +tls_config_use_fake_private_key(struct tls_config *config) +{ + config->use_fake_private_key = 1; + config->skip_private_key_check = 1; +} + int tls_config_set_ocsp_staple_file(struct tls_config *config, const char *staple_file) { diff --git a/tls_conninfo.c b/tls_conninfo.c index 7805719..72d60c2 100644 --- a/tls_conninfo.c +++ b/tls_conninfo.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_conninfo.c,v 1.21 2019/11/02 13:37:59 jsing Exp $ */ +/* $OpenBSD: tls_conninfo.c,v 1.22 2021/01/05 15:57:38 tb Exp $ */ /* * Copyright (c) 2015 Joel Sing <jsing@openbsd.org> * Copyright (c) 2015 Bob Beck <beck@openbsd.org> @@ -159,9 +159,6 @@ tls_get_peer_cert_times(struct tls *ctx, time_t *notbefore, if (ctx->ssl_peer_cert == NULL) return (-1); - memset(&before_tm, 0, sizeof(before_tm)); - memset(&after_tm, 0, sizeof(after_tm)); - if ((before = X509_get_notBefore(ctx->ssl_peer_cert)) == NULL) goto err; if ((after = X509_get_notAfter(ctx->ssl_peer_cert)) == NULL) diff --git a/tls_internal.h b/tls_internal.h index adc6252..72b08f4 100644 --- a/tls_internal.h +++ b/tls_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_internal.h,v 1.77 2019/11/16 21:39:52 beck Exp $ */ +/* $OpenBSD: tls_internal.h,v 1.78 2021/01/21 19:09:10 eric Exp $ */ /* * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org> * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> @@ -107,6 +107,7 @@ struct tls_config { int verify_name; int verify_time; int skip_private_key_check; + int use_fake_private_key; }; struct tls_conninfo { @@ -290,5 +291,6 @@ __END_HIDDEN_DECLS /* XXX this function is not fully hidden so relayd can use it */ void tls_config_skip_private_key_check(struct tls_config *config); +void tls_config_use_fake_private_key(struct tls_config *config); #endif /* HEADER_TLS_INTERNAL_H */ diff --git a/tls_keypair.c b/tls_keypair.c index a98e5c2..a12d21d 100644 --- a/tls_keypair.c +++ b/tls_keypair.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_keypair.c,v 1.6 2018/04/07 16:35:34 jsing Exp $ */ +/* $OpenBSD: tls_keypair.c,v 1.8 2021/01/05 17:37:12 jsing Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -137,7 +137,7 @@ tls_keypair_load_cert(struct tls_keypair *keypair, struct tls_error *error, { char *errstr = "unknown"; BIO *cert_bio = NULL; - int ssl_err; + unsigned long ssl_err; int rv = -1; X509_free(*cert); @@ -155,7 +155,7 @@ tls_keypair_load_cert(struct tls_keypair *keypair, struct tls_error *error, if ((*cert = PEM_read_bio_X509(cert_bio, NULL, tls_password_cb, NULL)) == NULL) { if ((ssl_err = ERR_peek_error()) != 0) - errstr = ERR_error_string(ssl_err, NULL); + errstr = ERR_error_string(ssl_err, NULL); tls_error_set(error, "failed to load certificate: %s", errstr); goto err; } diff --git a/tls_ocsp.c b/tls_ocsp.c index 3ba45fc..2a322c1 100644 --- a/tls_ocsp.c +++ b/tls_ocsp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_ocsp.c,v 1.19 2019/12/03 14:56:42 tb Exp $ */ +/* $OpenBSD: tls_ocsp.c,v 1.20 2021/03/23 20:04:29 tb Exp $ */ /* * Copyright (c) 2015 Marko Kreen <markokr@gmail.com> * Copyright (c) 2016 Bob Beck <beck@openbsd.org> @@ -229,7 +229,7 @@ tls_ocsp_verify_response(struct tls *ctx, OCSP_RESPONSE *resp) /* now verify */ if (OCSP_basic_verify(br, ctx->ocsp->extra_certs, SSL_CTX_get_cert_store(ctx->ssl_ctx), flags) != 1) { - tls_set_error(ctx, "ocsp verify failed"); + tls_set_errorx(ctx, "ocsp verify failed"); goto err; } |