xref: /freebsd/contrib/unbound/util/net_help.c (revision d316de24faa7453118a90fb0e9839e8026e36a4e)
1 /*
2  * util/net_help.c - implementation of the network helper code
3  *
4  * Copyright (c) 2007, NLnet Labs. All rights reserved.
5  *
6  * This software is open source.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * Redistributions of source code must retain the above copyright notice,
13  * this list of conditions and the following disclaimer.
14  *
15  * Redistributions in binary form must reproduce the above copyright notice,
16  * this list of conditions and the following disclaimer in the documentation
17  * and/or other materials provided with the distribution.
18  *
19  * Neither the name of the NLNET LABS nor the names of its contributors may
20  * be used to endorse or promote products derived from this software without
21  * specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27  * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29  * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34  */
35 /**
36  * \file
37  * Implementation of net_help.h.
38  */
39 
40 #include "config.h"
41 #ifdef HAVE_SYS_TYPES_H
42 #  include <sys/types.h>
43 #endif
44 #ifdef HAVE_NET_IF_H
45 #include <net/if.h>
46 #endif
47 #ifdef HAVE_NETIOAPI_H
48 #include <netioapi.h>
49 #endif
50 #include "util/net_help.h"
51 #include "util/log.h"
52 #include "util/data/dname.h"
53 #include "util/module.h"
54 #include "util/regional.h"
55 #include "util/config_file.h"
56 #include "sldns/parseutil.h"
57 #include "sldns/wire2str.h"
58 #include "sldns/str2wire.h"
59 #include <fcntl.h>
60 #ifdef HAVE_OPENSSL_SSL_H
61 #include <openssl/ssl.h>
62 #include <openssl/evp.h>
63 #include <openssl/rand.h>
64 #endif
65 #ifdef HAVE_OPENSSL_ERR_H
66 #include <openssl/err.h>
67 #endif
68 #ifdef HAVE_OPENSSL_CORE_NAMES_H
69 #include <openssl/core_names.h>
70 #endif
71 #ifdef USE_WINSOCK
72 #include <wincrypt.h>
73 #endif
74 #ifdef HAVE_NGHTTP2_NGHTTP2_H
75 #include <nghttp2/nghttp2.h>
76 #endif
77 
78 /** max length of an IP address (the address portion) that we allow */
79 #define MAX_ADDR_STRLEN 128 /* characters */
80 /** max length of a hostname (with port and tls name) that we allow */
81 #define MAX_HOST_STRLEN (LDNS_MAX_DOMAINLEN * 3) /* characters */
82 /** default value for EDNS ADVERTISED size */
83 uint16_t EDNS_ADVERTISED_SIZE = 4096;
84 
85 /** minimal responses when positive answer: default is no */
86 int MINIMAL_RESPONSES = 0;
87 
88 /** rrset order roundrobin: default is yes */
89 int RRSET_ROUNDROBIN = 1;
90 
91 /** log tag queries with name instead of 'info' for filtering */
92 int LOG_TAG_QUERYREPLY = 0;
93 
94 static struct tls_session_ticket_key {
95 	unsigned char *key_name;
96 	unsigned char *aes_key;
97 	unsigned char *hmac_key;
98 } *ticket_keys;
99 
100 #ifdef HAVE_SSL
101 /**
102  * callback TLS session ticket encrypt and decrypt
103  * For use with SSL_CTX_set_tlsext_ticket_key_cb or
104  * SSL_CTX_set_tlsext_ticket_key_evp_cb
105  * @param s: the SSL_CTX to use (from connect_sslctx_create())
106  * @param key_name: secret name, 16 bytes
107  * @param iv: up to EVP_MAX_IV_LENGTH.
108  * @param evp_ctx: the evp cipher context, function sets this.
109  * @param hmac_ctx: the hmac context, function sets this.
110  * 	with ..key_cb it is of type HMAC_CTX*
111  * 	with ..key_evp_cb it is of type EVP_MAC_CTX*
112  * @param enc: 1 is encrypt, 0 is decrypt
113  * @return 0 on no ticket, 1 for okay, and 2 for okay but renew the ticket
114  * 	(the ticket is decrypt only). and <0 for failures.
115  */
116 int tls_session_ticket_key_cb(SSL *s, unsigned char* key_name,
117 	unsigned char* iv, EVP_CIPHER_CTX *evp_ctx,
118 #ifdef HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEY_EVP_CB
119 	EVP_MAC_CTX *hmac_ctx,
120 #else
121 	HMAC_CTX* hmac_ctx,
122 #endif
123 	int enc);
124 #endif /* HAVE_SSL */
125 
126 /* returns true is string addr is an ip6 specced address */
127 int
128 str_is_ip6(const char* str)
129 {
130 	if(strchr(str, ':'))
131 		return 1;
132 	else    return 0;
133 }
134 
135 int
136 fd_set_nonblock(int s)
137 {
138 #ifdef HAVE_FCNTL
139 	int flag;
140 	if((flag = fcntl(s, F_GETFL)) == -1) {
141 		log_err("can't fcntl F_GETFL: %s", strerror(errno));
142 		flag = 0;
143 	}
144 	flag |= O_NONBLOCK;
145 	if(fcntl(s, F_SETFL, flag) == -1) {
146 		log_err("can't fcntl F_SETFL: %s", strerror(errno));
147 		return 0;
148 	}
149 #elif defined(HAVE_IOCTLSOCKET)
150 	unsigned long on = 1;
151 	if(ioctlsocket(s, FIONBIO, &on) != 0) {
152 		log_err("can't ioctlsocket FIONBIO on: %s",
153 			wsa_strerror(WSAGetLastError()));
154 	}
155 #endif
156 	return 1;
157 }
158 
159 int
160 fd_set_block(int s)
161 {
162 #ifdef HAVE_FCNTL
163 	int flag;
164 	if((flag = fcntl(s, F_GETFL)) == -1) {
165 		log_err("cannot fcntl F_GETFL: %s", strerror(errno));
166 		flag = 0;
167 	}
168 	flag &= ~O_NONBLOCK;
169 	if(fcntl(s, F_SETFL, flag) == -1) {
170 		log_err("cannot fcntl F_SETFL: %s", strerror(errno));
171 		return 0;
172 	}
173 #elif defined(HAVE_IOCTLSOCKET)
174 	unsigned long off = 0;
175 	if(ioctlsocket(s, FIONBIO, &off) != 0) {
176 		if(WSAGetLastError() != WSAEINVAL || verbosity >= 4)
177 			log_err("can't ioctlsocket FIONBIO off: %s",
178 				wsa_strerror(WSAGetLastError()));
179 	}
180 #endif
181 	return 1;
182 }
183 
184 int
185 is_pow2(size_t num)
186 {
187 	if(num == 0) return 1;
188 	return (num & (num-1)) == 0;
189 }
190 
191 void*
192 memdup(void* data, size_t len)
193 {
194 	void* d;
195 	if(!data) return NULL;
196 	if(len == 0) return NULL;
197 	d = malloc(len);
198 	if(!d) return NULL;
199 	memcpy(d, data, len);
200 	return d;
201 }
202 
203 void
204 log_addr(enum verbosity_value v, const char* str,
205 	struct sockaddr_storage* addr, socklen_t addrlen)
206 {
207 	uint16_t port;
208 	const char* family = "unknown";
209 	char dest[100];
210 	int af = (int)((struct sockaddr_in*)addr)->sin_family;
211 	void* sinaddr = &((struct sockaddr_in*)addr)->sin_addr;
212 	if(verbosity < v)
213 		return;
214 	switch(af) {
215 		case AF_INET: family="ip4"; break;
216 		case AF_INET6: family="ip6";
217 			sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr;
218 			break;
219 		case AF_LOCAL:
220 			dest[0]=0;
221 			(void)inet_ntop(af, sinaddr, dest,
222 				(socklen_t)sizeof(dest));
223 			verbose(v, "%s local %s", str, dest);
224 			return; /* do not continue and try to get port */
225 		default: break;
226 	}
227 	if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) {
228 		(void)strlcpy(dest, "(inet_ntop error)", sizeof(dest));
229 	}
230 	dest[sizeof(dest)-1] = 0;
231 	port = ntohs(((struct sockaddr_in*)addr)->sin_port);
232 	if(verbosity >= 4)
233 		verbose(v, "%s %s %s port %d (len %d)", str, family, dest,
234 			(int)port, (int)addrlen);
235 	else	verbose(v, "%s %s port %d", str, dest, (int)port);
236 }
237 
238 int
239 extstrtoaddr(const char* str, struct sockaddr_storage* addr,
240 	socklen_t* addrlen, int port)
241 {
242 	char* s;
243 	if((s=strchr(str, '@'))) {
244 		char buf[MAX_ADDR_STRLEN];
245 		if(s-str >= MAX_ADDR_STRLEN) {
246 			return 0;
247 		}
248 		(void)strlcpy(buf, str, sizeof(buf));
249 		buf[s-str] = 0;
250 		port = atoi(s+1);
251 		if(port == 0 && strcmp(s+1,"0")!=0) {
252 			return 0;
253 		}
254 		return ipstrtoaddr(buf, port, addr, addrlen);
255 	}
256 	return ipstrtoaddr(str, port, addr, addrlen);
257 }
258 
259 int
260 ipstrtoaddr(const char* ip, int port, struct sockaddr_storage* addr,
261 	socklen_t* addrlen)
262 {
263 	uint16_t p;
264 	if(!ip) return 0;
265 	p = (uint16_t) port;
266 	if(str_is_ip6(ip)) {
267 		char buf[MAX_ADDR_STRLEN];
268 		char* s;
269 		struct sockaddr_in6* sa = (struct sockaddr_in6*)addr;
270 		*addrlen = (socklen_t)sizeof(struct sockaddr_in6);
271 		memset(sa, 0, *addrlen);
272 		sa->sin6_family = AF_INET6;
273 		sa->sin6_port = (in_port_t)htons(p);
274 		if((s=strchr(ip, '%'))) { /* ip6%interface, rfc 4007 */
275 			if(s-ip >= MAX_ADDR_STRLEN)
276 				return 0;
277 			(void)strlcpy(buf, ip, sizeof(buf));
278 			buf[s-ip]=0;
279 #ifdef HAVE_IF_NAMETOINDEX
280 			if (!(sa->sin6_scope_id = if_nametoindex(s+1)))
281 #endif /* HAVE_IF_NAMETOINDEX */
282 				sa->sin6_scope_id = (uint32_t)atoi(s+1);
283 			ip = buf;
284 		}
285 		if(inet_pton((int)sa->sin6_family, ip, &sa->sin6_addr) <= 0) {
286 			return 0;
287 		}
288 	} else { /* ip4 */
289 		struct sockaddr_in* sa = (struct sockaddr_in*)addr;
290 		*addrlen = (socklen_t)sizeof(struct sockaddr_in);
291 		memset(sa, 0, *addrlen);
292 		sa->sin_family = AF_INET;
293 		sa->sin_port = (in_port_t)htons(p);
294 		if(inet_pton((int)sa->sin_family, ip, &sa->sin_addr) <= 0) {
295 			return 0;
296 		}
297 	}
298 	return 1;
299 }
300 
301 int netblockstrtoaddr(const char* str, int port, struct sockaddr_storage* addr,
302         socklen_t* addrlen, int* net)
303 {
304 	char buf[64];
305 	char* s;
306 	*net = (str_is_ip6(str)?128:32);
307 	if((s=strchr(str, '/'))) {
308 		if(atoi(s+1) > *net) {
309 			log_err("netblock too large: %s", str);
310 			return 0;
311 		}
312 		*net = atoi(s+1);
313 		if(*net == 0 && strcmp(s+1, "0") != 0) {
314 			log_err("cannot parse netblock: '%s'", str);
315 			return 0;
316 		}
317 		strlcpy(buf, str, sizeof(buf));
318 		s = strchr(buf, '/');
319 		if(s) *s = 0;
320 		s = buf;
321 	}
322 	if(!ipstrtoaddr(s?s:str, port, addr, addrlen)) {
323 		log_err("cannot parse ip address: '%s'", str);
324 		return 0;
325 	}
326 	if(s) {
327 		addr_mask(addr, *addrlen, *net);
328 	}
329 	return 1;
330 }
331 
332 /* RPZ format address dname to network byte order address */
333 static int ipdnametoaddr(uint8_t* dname, size_t dnamelen,
334 	struct sockaddr_storage* addr, socklen_t* addrlen, int* af)
335 {
336 	uint8_t* ia;
337 	int dnamelabs = dname_count_labels(dname);
338 	uint8_t lablen;
339 	char* e = NULL;
340 	int z = 0;
341 	size_t len = 0;
342 	int i;
343 	*af = AF_INET;
344 
345 	/* need 1 byte for label length */
346 	if(dnamelen < 1)
347 		return 0;
348 
349 	if(dnamelabs > 6 ||
350 		dname_has_label(dname, dnamelen, (uint8_t*)"\002zz")) {
351 		*af = AF_INET6;
352 	}
353 	len = *dname;
354 	lablen = *dname++;
355 	i = (*af == AF_INET) ? 3 : 15;
356 	if(*af == AF_INET6) {
357 		struct sockaddr_in6* sa = (struct sockaddr_in6*)addr;
358 		*addrlen = (socklen_t)sizeof(struct sockaddr_in6);
359 		memset(sa, 0, *addrlen);
360 		sa->sin6_family = AF_INET6;
361 		ia = (uint8_t*)&sa->sin6_addr;
362 	} else { /* ip4 */
363 		struct sockaddr_in* sa = (struct sockaddr_in*)addr;
364 		*addrlen = (socklen_t)sizeof(struct sockaddr_in);
365 		memset(sa, 0, *addrlen);
366 		sa->sin_family = AF_INET;
367 		ia = (uint8_t*)&sa->sin_addr;
368 	}
369 	while(lablen && i >= 0 && len <= dnamelen) {
370 		char buff[LDNS_MAX_LABELLEN+1];
371 		uint16_t chunk; /* big enough to not overflow on IPv6 hextet */
372 		if((*af == AF_INET && (lablen > 3 || dnamelabs > 6)) ||
373 			(*af == AF_INET6 && (lablen > 4 || dnamelabs > 10))) {
374 			return 0;
375 		}
376 		if(memcmp(dname, "zz", 2) == 0 && *af == AF_INET6) {
377 			/* Add one or more 0 labels. Address is initialised at
378 			 * 0, so just skip the zero part. */
379 			int zl = 11 - dnamelabs;
380 			if(z || zl < 0)
381 				return 0;
382 			z = 1;
383 			i -= (zl*2);
384 		} else {
385 			memcpy(buff, dname, lablen);
386 			buff[lablen] = '\0';
387 			chunk = strtol(buff, &e, (*af == AF_INET) ? 10 : 16);
388 			if(!e || *e != '\0' || (*af == AF_INET && chunk > 255))
389 				return 0;
390 			if(*af == AF_INET) {
391 				log_assert(i < 4 && i >= 0);
392 				ia[i] = (uint8_t)chunk;
393 				i--;
394 			} else {
395 				log_assert(i < 16 && i >= 1);
396 				/* ia in network byte order */
397 				ia[i-1] = (uint8_t)(chunk >> 8);
398 				ia[i] = (uint8_t)(chunk & 0x00FF);
399 				i -= 2;
400 			}
401 		}
402 		dname += lablen;
403 		lablen = *dname++;
404 		len += lablen;
405 	}
406 	if(i != -1)
407 		/* input too short */
408 		return 0;
409 	return 1;
410 }
411 
412 int netblockdnametoaddr(uint8_t* dname, size_t dnamelen,
413 	struct sockaddr_storage* addr, socklen_t* addrlen, int* net, int* af)
414 {
415 	char buff[3 /* 3 digit netblock */ + 1];
416 	size_t nlablen;
417 	if(dnamelen < 1 || *dname > 3)
418 		/* netblock invalid */
419 		return 0;
420 	nlablen = *dname;
421 
422 	if(dnamelen < 1 + nlablen)
423 		return 0;
424 
425 	memcpy(buff, dname+1, nlablen);
426 	buff[nlablen] = '\0';
427 	*net = atoi(buff);
428 	if(*net == 0 && strcmp(buff, "0") != 0)
429 		return 0;
430 	dname += nlablen;
431 	dname++;
432 	if(!ipdnametoaddr(dname, dnamelen-1-nlablen, addr, addrlen, af))
433 		return 0;
434 	if((*af == AF_INET6 && *net > 128) || (*af == AF_INET && *net > 32))
435 		return 0;
436 	return 1;
437 }
438 
439 int authextstrtoaddr(char* str, struct sockaddr_storage* addr,
440 	socklen_t* addrlen, char** auth_name)
441 {
442 	char* s;
443 	int port = UNBOUND_DNS_PORT;
444 	if((s=strchr(str, '@'))) {
445 		char buf[MAX_ADDR_STRLEN];
446 		size_t len = (size_t)(s-str);
447 		char* hash = strchr(s+1, '#');
448 		if(hash) {
449 			*auth_name = hash+1;
450 		} else {
451 			*auth_name = NULL;
452 		}
453 		if(len >= MAX_ADDR_STRLEN) {
454 			return 0;
455 		}
456 		(void)strlcpy(buf, str, sizeof(buf));
457 		buf[len] = 0;
458 		port = atoi(s+1);
459 		if(port == 0) {
460 			if(!hash && strcmp(s+1,"0")!=0)
461 				return 0;
462 			if(hash && strncmp(s+1,"0#",2)!=0)
463 				return 0;
464 		}
465 		return ipstrtoaddr(buf, port, addr, addrlen);
466 	}
467 	if((s=strchr(str, '#'))) {
468 		char buf[MAX_ADDR_STRLEN];
469 		size_t len = (size_t)(s-str);
470 		if(len >= MAX_ADDR_STRLEN) {
471 			return 0;
472 		}
473 		(void)strlcpy(buf, str, sizeof(buf));
474 		buf[len] = 0;
475 		port = UNBOUND_DNS_OVER_TLS_PORT;
476 		*auth_name = s+1;
477 		return ipstrtoaddr(buf, port, addr, addrlen);
478 	}
479 	*auth_name = NULL;
480 	return ipstrtoaddr(str, port, addr, addrlen);
481 }
482 
483 uint8_t* authextstrtodname(char* str, int* port, char** auth_name)
484 {
485 	char* s;
486 	uint8_t* dname;
487 	size_t dname_len;
488 	*port = UNBOUND_DNS_PORT;
489 	*auth_name = NULL;
490 	if((s=strchr(str, '@'))) {
491 		char buf[MAX_HOST_STRLEN];
492 		size_t len = (size_t)(s-str);
493 		char* hash = strchr(s+1, '#');
494 		if(hash) {
495 			*auth_name = hash+1;
496 		} else {
497 			*auth_name = NULL;
498 		}
499 		if(len >= MAX_HOST_STRLEN) {
500 			return NULL;
501 		}
502 		(void)strlcpy(buf, str, sizeof(buf));
503 		buf[len] = 0;
504 		*port = atoi(s+1);
505 		if(*port == 0) {
506 			if(!hash && strcmp(s+1,"0")!=0)
507 				return NULL;
508 			if(hash && strncmp(s+1,"0#",2)!=0)
509 				return NULL;
510 		}
511 		dname = sldns_str2wire_dname(buf, &dname_len);
512 	} else if((s=strchr(str, '#'))) {
513 		char buf[MAX_HOST_STRLEN];
514 		size_t len = (size_t)(s-str);
515 		if(len >= MAX_HOST_STRLEN) {
516 			return NULL;
517 		}
518 		(void)strlcpy(buf, str, sizeof(buf));
519 		buf[len] = 0;
520 		*port = UNBOUND_DNS_OVER_TLS_PORT;
521 		*auth_name = s+1;
522 		dname = sldns_str2wire_dname(buf, &dname_len);
523 	} else {
524 		dname = sldns_str2wire_dname(str, &dname_len);
525 	}
526 	return dname;
527 }
528 
529 /** store port number into sockaddr structure */
530 void
531 sockaddr_store_port(struct sockaddr_storage* addr, socklen_t addrlen, int port)
532 {
533 	if(addr_is_ip6(addr, addrlen)) {
534 		struct sockaddr_in6* sa = (struct sockaddr_in6*)addr;
535 		sa->sin6_port = (in_port_t)htons((uint16_t)port);
536 	} else {
537 		struct sockaddr_in* sa = (struct sockaddr_in*)addr;
538 		sa->sin_port = (in_port_t)htons((uint16_t)port);
539 	}
540 }
541 
542 void
543 log_nametypeclass(enum verbosity_value v, const char* str, uint8_t* name,
544 	uint16_t type, uint16_t dclass)
545 {
546 	char buf[LDNS_MAX_DOMAINLEN+1];
547 	char t[12], c[12];
548 	const char *ts, *cs;
549 	if(verbosity < v)
550 		return;
551 	dname_str(name, buf);
552 	if(type == LDNS_RR_TYPE_TSIG) ts = "TSIG";
553 	else if(type == LDNS_RR_TYPE_IXFR) ts = "IXFR";
554 	else if(type == LDNS_RR_TYPE_AXFR) ts = "AXFR";
555 	else if(type == LDNS_RR_TYPE_MAILB) ts = "MAILB";
556 	else if(type == LDNS_RR_TYPE_MAILA) ts = "MAILA";
557 	else if(type == LDNS_RR_TYPE_ANY) ts = "ANY";
558 	else if(sldns_rr_descript(type) && sldns_rr_descript(type)->_name)
559 		ts = sldns_rr_descript(type)->_name;
560 	else {
561 		snprintf(t, sizeof(t), "TYPE%d", (int)type);
562 		ts = t;
563 	}
564 	if(sldns_lookup_by_id(sldns_rr_classes, (int)dclass) &&
565 		sldns_lookup_by_id(sldns_rr_classes, (int)dclass)->name)
566 		cs = sldns_lookup_by_id(sldns_rr_classes, (int)dclass)->name;
567 	else {
568 		snprintf(c, sizeof(c), "CLASS%d", (int)dclass);
569 		cs = c;
570 	}
571 	log_info("%s %s %s %s", str, buf, ts, cs);
572 }
573 
574 void
575 log_query_in(const char* str, uint8_t* name, uint16_t type, uint16_t dclass)
576 {
577 	char buf[LDNS_MAX_DOMAINLEN+1];
578 	char t[12], c[12];
579 	const char *ts, *cs;
580 	dname_str(name, buf);
581 	if(type == LDNS_RR_TYPE_TSIG) ts = "TSIG";
582 	else if(type == LDNS_RR_TYPE_IXFR) ts = "IXFR";
583 	else if(type == LDNS_RR_TYPE_AXFR) ts = "AXFR";
584 	else if(type == LDNS_RR_TYPE_MAILB) ts = "MAILB";
585 	else if(type == LDNS_RR_TYPE_MAILA) ts = "MAILA";
586 	else if(type == LDNS_RR_TYPE_ANY) ts = "ANY";
587 	else if(sldns_rr_descript(type) && sldns_rr_descript(type)->_name)
588 		ts = sldns_rr_descript(type)->_name;
589 	else {
590 		snprintf(t, sizeof(t), "TYPE%d", (int)type);
591 		ts = t;
592 	}
593 	if(sldns_lookup_by_id(sldns_rr_classes, (int)dclass) &&
594 		sldns_lookup_by_id(sldns_rr_classes, (int)dclass)->name)
595 		cs = sldns_lookup_by_id(sldns_rr_classes, (int)dclass)->name;
596 	else {
597 		snprintf(c, sizeof(c), "CLASS%d", (int)dclass);
598 		cs = c;
599 	}
600 	if(LOG_TAG_QUERYREPLY)
601 		log_query("%s %s %s %s", str, buf, ts, cs);
602 	else	log_info("%s %s %s %s", str, buf, ts, cs);
603 }
604 
605 void log_name_addr(enum verbosity_value v, const char* str, uint8_t* zone,
606 	struct sockaddr_storage* addr, socklen_t addrlen)
607 {
608 	uint16_t port;
609 	const char* family = "unknown_family ";
610 	char namebuf[LDNS_MAX_DOMAINLEN+1];
611 	char dest[100];
612 	int af = (int)((struct sockaddr_in*)addr)->sin_family;
613 	void* sinaddr = &((struct sockaddr_in*)addr)->sin_addr;
614 	if(verbosity < v)
615 		return;
616 	switch(af) {
617 		case AF_INET: family=""; break;
618 		case AF_INET6: family="";
619 			sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr;
620 			break;
621 		case AF_LOCAL: family="local "; break;
622 		default: break;
623 	}
624 	if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) {
625 		(void)strlcpy(dest, "(inet_ntop error)", sizeof(dest));
626 	}
627 	dest[sizeof(dest)-1] = 0;
628 	port = ntohs(((struct sockaddr_in*)addr)->sin_port);
629 	dname_str(zone, namebuf);
630 	if(af != AF_INET && af != AF_INET6)
631 		verbose(v, "%s <%s> %s%s#%d (addrlen %d)",
632 			str, namebuf, family, dest, (int)port, (int)addrlen);
633 	else	verbose(v, "%s <%s> %s%s#%d",
634 			str, namebuf, family, dest, (int)port);
635 }
636 
637 void log_err_addr(const char* str, const char* err,
638 	struct sockaddr_storage* addr, socklen_t addrlen)
639 {
640 	uint16_t port;
641 	char dest[100];
642 	int af = (int)((struct sockaddr_in*)addr)->sin_family;
643 	void* sinaddr = &((struct sockaddr_in*)addr)->sin_addr;
644 	if(af == AF_INET6)
645 		sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr;
646 	if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) {
647 		(void)strlcpy(dest, "(inet_ntop error)", sizeof(dest));
648 	}
649 	dest[sizeof(dest)-1] = 0;
650 	port = ntohs(((struct sockaddr_in*)addr)->sin_port);
651 	if(verbosity >= 4)
652 		log_err("%s: %s for %s port %d (len %d)", str, err, dest,
653 			(int)port, (int)addrlen);
654 	else	log_err("%s: %s for %s port %d", str, err, dest, (int)port);
655 }
656 
657 int
658 sockaddr_cmp(struct sockaddr_storage* addr1, socklen_t len1,
659 	struct sockaddr_storage* addr2, socklen_t len2)
660 {
661 	struct sockaddr_in* p1_in = (struct sockaddr_in*)addr1;
662 	struct sockaddr_in* p2_in = (struct sockaddr_in*)addr2;
663 	struct sockaddr_in6* p1_in6 = (struct sockaddr_in6*)addr1;
664 	struct sockaddr_in6* p2_in6 = (struct sockaddr_in6*)addr2;
665 	if(len1 < len2)
666 		return -1;
667 	if(len1 > len2)
668 		return 1;
669 	log_assert(len1 == len2);
670 	if( p1_in->sin_family < p2_in->sin_family)
671 		return -1;
672 	if( p1_in->sin_family > p2_in->sin_family)
673 		return 1;
674 	log_assert( p1_in->sin_family == p2_in->sin_family );
675 	/* compare ip4 */
676 	if( p1_in->sin_family == AF_INET ) {
677 		/* just order it, ntohs not required */
678 		if(p1_in->sin_port < p2_in->sin_port)
679 			return -1;
680 		if(p1_in->sin_port > p2_in->sin_port)
681 			return 1;
682 		log_assert(p1_in->sin_port == p2_in->sin_port);
683 		return memcmp(&p1_in->sin_addr, &p2_in->sin_addr, INET_SIZE);
684 	} else if (p1_in6->sin6_family == AF_INET6) {
685 		/* just order it, ntohs not required */
686 		if(p1_in6->sin6_port < p2_in6->sin6_port)
687 			return -1;
688 		if(p1_in6->sin6_port > p2_in6->sin6_port)
689 			return 1;
690 		log_assert(p1_in6->sin6_port == p2_in6->sin6_port);
691 		return memcmp(&p1_in6->sin6_addr, &p2_in6->sin6_addr,
692 			INET6_SIZE);
693 	} else {
694 		/* eek unknown type, perform this comparison for sanity. */
695 		return memcmp(addr1, addr2, len1);
696 	}
697 }
698 
699 int
700 sockaddr_cmp_addr(struct sockaddr_storage* addr1, socklen_t len1,
701 	struct sockaddr_storage* addr2, socklen_t len2)
702 {
703 	struct sockaddr_in* p1_in = (struct sockaddr_in*)addr1;
704 	struct sockaddr_in* p2_in = (struct sockaddr_in*)addr2;
705 	struct sockaddr_in6* p1_in6 = (struct sockaddr_in6*)addr1;
706 	struct sockaddr_in6* p2_in6 = (struct sockaddr_in6*)addr2;
707 	if(len1 < len2)
708 		return -1;
709 	if(len1 > len2)
710 		return 1;
711 	log_assert(len1 == len2);
712 	if( p1_in->sin_family < p2_in->sin_family)
713 		return -1;
714 	if( p1_in->sin_family > p2_in->sin_family)
715 		return 1;
716 	log_assert( p1_in->sin_family == p2_in->sin_family );
717 	/* compare ip4 */
718 	if( p1_in->sin_family == AF_INET ) {
719 		return memcmp(&p1_in->sin_addr, &p2_in->sin_addr, INET_SIZE);
720 	} else if (p1_in6->sin6_family == AF_INET6) {
721 		return memcmp(&p1_in6->sin6_addr, &p2_in6->sin6_addr,
722 			INET6_SIZE);
723 	} else {
724 		/* eek unknown type, perform this comparison for sanity. */
725 		return memcmp(addr1, addr2, len1);
726 	}
727 }
728 
729 int
730 addr_is_ip6(struct sockaddr_storage* addr, socklen_t len)
731 {
732 	if(len == (socklen_t)sizeof(struct sockaddr_in6) &&
733 		((struct sockaddr_in6*)addr)->sin6_family == AF_INET6)
734 		return 1;
735 	else    return 0;
736 }
737 
738 void
739 addr_mask(struct sockaddr_storage* addr, socklen_t len, int net)
740 {
741 	uint8_t mask[8] = {0x0, 0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe};
742 	int i, max;
743 	uint8_t* s;
744 	if(addr_is_ip6(addr, len)) {
745 		s = (uint8_t*)&((struct sockaddr_in6*)addr)->sin6_addr;
746 		max = 128;
747 	} else {
748 		s = (uint8_t*)&((struct sockaddr_in*)addr)->sin_addr;
749 		max = 32;
750 	}
751 	if(net >= max)
752 		return;
753 	for(i=net/8+1; i<max/8; i++) {
754 		s[i] = 0;
755 	}
756 	s[net/8] &= mask[net&0x7];
757 }
758 
759 int
760 addr_in_common(struct sockaddr_storage* addr1, int net1,
761 	struct sockaddr_storage* addr2, int net2, socklen_t addrlen)
762 {
763 	int min = (net1<net2)?net1:net2;
764 	int i, to;
765 	int match = 0;
766 	uint8_t* s1, *s2;
767 	if(addr_is_ip6(addr1, addrlen)) {
768 		s1 = (uint8_t*)&((struct sockaddr_in6*)addr1)->sin6_addr;
769 		s2 = (uint8_t*)&((struct sockaddr_in6*)addr2)->sin6_addr;
770 		to = 16;
771 	} else {
772 		s1 = (uint8_t*)&((struct sockaddr_in*)addr1)->sin_addr;
773 		s2 = (uint8_t*)&((struct sockaddr_in*)addr2)->sin_addr;
774 		to = 4;
775 	}
776 	/* match = bits_in_common(s1, s2, to); */
777 	for(i=0; i<to; i++) {
778 		if(s1[i] == s2[i]) {
779 			match += 8;
780 		} else {
781 			uint8_t z = s1[i]^s2[i];
782 			log_assert(z);
783 			while(!(z&0x80)) {
784 				match++;
785 				z<<=1;
786 			}
787 			break;
788 		}
789 	}
790 	if(match > min) match = min;
791 	return match;
792 }
793 
794 void
795 addr_to_str(struct sockaddr_storage* addr, socklen_t addrlen,
796 	char* buf, size_t len)
797 {
798 	int af = (int)((struct sockaddr_in*)addr)->sin_family;
799 	void* sinaddr = &((struct sockaddr_in*)addr)->sin_addr;
800 	if(addr_is_ip6(addr, addrlen))
801 		sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr;
802 	if(inet_ntop(af, sinaddr, buf, (socklen_t)len) == 0) {
803 		snprintf(buf, len, "(inet_ntop_error)");
804 	}
805 }
806 
807 int
808 prefixnet_is_nat64(int prefixnet)
809 {
810 	return (prefixnet == 32 || prefixnet == 40 ||
811 		prefixnet == 48 || prefixnet == 56 ||
812 		prefixnet == 64 || prefixnet == 96);
813 }
814 
815 void
816 addr_to_nat64(const struct sockaddr_storage* addr,
817 	const struct sockaddr_storage* nat64_prefix,
818 	socklen_t nat64_prefixlen, int nat64_prefixnet,
819 	struct sockaddr_storage* nat64_addr, socklen_t* nat64_addrlen)
820 {
821 	struct sockaddr_in *sin = (struct sockaddr_in *)addr;
822 	struct sockaddr_in6 *sin6;
823 	uint8_t *v4_byte;
824 	int i;
825 
826 	/* This needs to be checked by the caller */
827 	log_assert(addr->ss_family == AF_INET);
828 	/* Current usage is only from config values; prefix lengths enforced
829 	 * during config validation */
830 	log_assert(prefixnet_is_nat64(nat64_prefixnet));
831 
832 	*nat64_addr = *nat64_prefix;
833 	*nat64_addrlen = nat64_prefixlen;
834 
835 	sin6 = (struct sockaddr_in6 *)nat64_addr;
836 	sin6->sin6_flowinfo = 0;
837 	sin6->sin6_port = sin->sin_port;
838 
839 	nat64_prefixnet = nat64_prefixnet / 8;
840 
841 	v4_byte = (uint8_t *)&sin->sin_addr.s_addr;
842 	for(i = 0; i < 4; i++) {
843 		if(nat64_prefixnet == 8) {
844 			/* bits 64...71 are MBZ */
845 			sin6->sin6_addr.s6_addr[nat64_prefixnet++] = 0;
846 		}
847 		sin6->sin6_addr.s6_addr[nat64_prefixnet++] = *v4_byte++;
848 	}
849 }
850 
851 int
852 addr_is_ip4mapped(struct sockaddr_storage* addr, socklen_t addrlen)
853 {
854 	/* prefix for ipv4 into ipv6 mapping is ::ffff:x.x.x.x */
855 	const uint8_t map_prefix[16] =
856 		{0,0,0,0,  0,0,0,0, 0,0,0xff,0xff, 0,0,0,0};
857 	uint8_t* s;
858 	if(!addr_is_ip6(addr, addrlen))
859 		return 0;
860 	/* s is 16 octet ipv6 address string */
861 	s = (uint8_t*)&((struct sockaddr_in6*)addr)->sin6_addr;
862 	return (memcmp(s, map_prefix, 12) == 0);
863 }
864 
865 int addr_is_broadcast(struct sockaddr_storage* addr, socklen_t addrlen)
866 {
867 	int af = (int)((struct sockaddr_in*)addr)->sin_family;
868 	void* sinaddr = &((struct sockaddr_in*)addr)->sin_addr;
869 	return af == AF_INET && addrlen>=(socklen_t)sizeof(struct sockaddr_in)
870 		&& memcmp(sinaddr, "\377\377\377\377", 4) == 0;
871 }
872 
873 int addr_is_any(struct sockaddr_storage* addr, socklen_t addrlen)
874 {
875 	int af = (int)((struct sockaddr_in*)addr)->sin_family;
876 	void* sinaddr = &((struct sockaddr_in*)addr)->sin_addr;
877 	void* sin6addr = &((struct sockaddr_in6*)addr)->sin6_addr;
878 	if(af == AF_INET && addrlen>=(socklen_t)sizeof(struct sockaddr_in)
879 		&& memcmp(sinaddr, "\000\000\000\000", 4) == 0)
880 		return 1;
881 	else if(af==AF_INET6 && addrlen>=(socklen_t)sizeof(struct sockaddr_in6)
882 		&& memcmp(sin6addr, "\000\000\000\000\000\000\000\000"
883 		"\000\000\000\000\000\000\000\000", 16) == 0)
884 		return 1;
885 	return 0;
886 }
887 
888 void sock_list_insert(struct sock_list** list, struct sockaddr_storage* addr,
889 	socklen_t len, struct regional* region)
890 {
891 	struct sock_list* add = (struct sock_list*)regional_alloc(region,
892 		sizeof(*add) - sizeof(add->addr) + (size_t)len);
893 	if(!add) {
894 		log_err("out of memory in socketlist insert");
895 		return;
896 	}
897 	log_assert(list);
898 	add->next = *list;
899 	add->len = len;
900 	*list = add;
901 	if(len) memmove(&add->addr, addr, len);
902 }
903 
904 void sock_list_prepend(struct sock_list** list, struct sock_list* add)
905 {
906 	struct sock_list* last = add;
907 	if(!last)
908 		return;
909 	while(last->next)
910 		last = last->next;
911 	last->next = *list;
912 	*list = add;
913 }
914 
915 int sock_list_find(struct sock_list* list, struct sockaddr_storage* addr,
916         socklen_t len)
917 {
918 	while(list) {
919 		if(len == list->len) {
920 			if(len == 0 || sockaddr_cmp_addr(addr, len,
921 				&list->addr, list->len) == 0)
922 				return 1;
923 		}
924 		list = list->next;
925 	}
926 	return 0;
927 }
928 
929 void sock_list_merge(struct sock_list** list, struct regional* region,
930 	struct sock_list* add)
931 {
932 	struct sock_list* p;
933 	for(p=add; p; p=p->next) {
934 		if(!sock_list_find(*list, &p->addr, p->len))
935 			sock_list_insert(list, &p->addr, p->len, region);
936 	}
937 }
938 
939 void
940 log_crypto_err(const char* str)
941 {
942 #ifdef HAVE_SSL
943 	log_crypto_err_code(str, ERR_get_error());
944 #else
945 	(void)str;
946 #endif /* HAVE_SSL */
947 }
948 
949 void log_crypto_err_code(const char* str, unsigned long err)
950 {
951 #ifdef HAVE_SSL
952 	/* error:[error code]:[library name]:[function name]:[reason string] */
953 	char buf[128];
954 	unsigned long e;
955 	ERR_error_string_n(err, buf, sizeof(buf));
956 	log_err("%s crypto %s", str, buf);
957 	while( (e=ERR_get_error()) ) {
958 		ERR_error_string_n(e, buf, sizeof(buf));
959 		log_err("and additionally crypto %s", buf);
960 	}
961 #else
962 	(void)str;
963 	(void)err;
964 #endif /* HAVE_SSL */
965 }
966 
967 #ifdef HAVE_SSL
968 /** Print crypt erro with SSL_get_error want code and err_get_error code */
969 static void log_crypto_err_io_code_arg(const char* str, int r,
970 	unsigned long err, int err_present)
971 {
972 	int print_errno = 0, print_crypto_err = 0;
973 	const char* inf = NULL;
974 
975 	switch(r) {
976 	case SSL_ERROR_NONE:
977 		inf = "no error";
978 		break;
979 	case SSL_ERROR_ZERO_RETURN:
980 		inf = "channel closed";
981 		break;
982 	case SSL_ERROR_WANT_READ:
983 		inf = "want read";
984 		break;
985 	case SSL_ERROR_WANT_WRITE:
986 		inf = "want write";
987 		break;
988 	case SSL_ERROR_WANT_CONNECT:
989 		inf = "want connect";
990 		break;
991 	case SSL_ERROR_WANT_ACCEPT:
992 		inf = "want accept";
993 		break;
994 	case SSL_ERROR_WANT_X509_LOOKUP:
995 		inf = "want X509 lookup";
996 		break;
997 #ifdef SSL_ERROR_WANT_ASYNC
998 	case SSL_ERROR_WANT_ASYNC:
999 		inf = "want async";
1000 		break;
1001 #endif
1002 #ifdef SSL_ERROR_WANT_ASYNC_JOB
1003 	case SSL_ERROR_WANT_ASYNC_JOB:
1004 		inf = "want async job";
1005 		break;
1006 #endif
1007 #ifdef SSL_ERROR_WANT_CLIENT_HELLO_CB
1008 	case SSL_ERROR_WANT_CLIENT_HELLO_CB:
1009 		inf = "want client hello cb";
1010 		break;
1011 #endif
1012 	case SSL_ERROR_SYSCALL:
1013 		print_errno = 1;
1014 		inf = "syscall";
1015 		break;
1016 	case SSL_ERROR_SSL:
1017 		print_crypto_err = 1;
1018 		inf = "SSL, usually protocol, error";
1019 		break;
1020 	default:
1021 		inf = "unknown SSL_get_error result code";
1022 		print_errno = 1;
1023 		print_crypto_err = 1;
1024 	}
1025 	if(print_crypto_err) {
1026 		if(print_errno) {
1027 			char buf[1024];
1028 			snprintf(buf, sizeof(buf), "%s with errno %s",
1029 				str, strerror(errno));
1030 			if(err_present)
1031 				log_crypto_err_code(buf, err);
1032 			else	log_crypto_err(buf);
1033 		} else {
1034 			if(err_present)
1035 				log_crypto_err_code(str, err);
1036 			else	log_crypto_err(str);
1037 		}
1038 	} else {
1039 		if(print_errno) {
1040 			if(errno == 0)
1041 				log_err("%s: syscall error with errno %s",
1042 					str, strerror(errno));
1043 			else log_err("%s: %s", str, strerror(errno));
1044 		} else {
1045 			log_err("%s: %s", str, inf);
1046 		}
1047 	}
1048 }
1049 #endif /* HAVE_SSL */
1050 
1051 void log_crypto_err_io(const char* str, int r)
1052 {
1053 #ifdef HAVE_SSL
1054 	log_crypto_err_io_code_arg(str, r, 0, 0);
1055 #else
1056 	(void)str;
1057 	(void)r;
1058 #endif /* HAVE_SSL */
1059 }
1060 
1061 void log_crypto_err_io_code(const char* str, int r, unsigned long err)
1062 {
1063 #ifdef HAVE_SSL
1064 	log_crypto_err_io_code_arg(str, r, err, 1);
1065 #else
1066 	(void)str;
1067 	(void)r;
1068 	(void)err;
1069 #endif /* HAVE_SSL */
1070 }
1071 
1072 #ifdef HAVE_SSL
1073 /** log certificate details */
1074 void
1075 log_cert(unsigned level, const char* str, void* cert)
1076 {
1077 	BIO* bio;
1078 	char nul = 0;
1079 	char* pp = NULL;
1080 	long len;
1081 	if(verbosity < level) return;
1082 	bio = BIO_new(BIO_s_mem());
1083 	if(!bio) return;
1084 	X509_print_ex(bio, (X509*)cert, 0, (unsigned long)-1
1085 		^(X509_FLAG_NO_SUBJECT
1086                         |X509_FLAG_NO_ISSUER|X509_FLAG_NO_VALIDITY
1087 			|X509_FLAG_NO_EXTENSIONS|X509_FLAG_NO_AUX
1088 			|X509_FLAG_NO_ATTRIBUTES));
1089 	BIO_write(bio, &nul, (int)sizeof(nul));
1090 	len = BIO_get_mem_data(bio, &pp);
1091 	if(len != 0 && pp) {
1092 		/* reduce size of cert printout */
1093 		char* s;
1094 		while((s=strstr(pp, "  "))!=NULL)
1095 			memmove(s, s+1, strlen(s+1)+1);
1096 		while((s=strstr(pp, "\t\t"))!=NULL)
1097 			memmove(s, s+1, strlen(s+1)+1);
1098 		verbose(level, "%s: \n%s", str, pp);
1099 	}
1100 	BIO_free(bio);
1101 }
1102 #endif /* HAVE_SSL */
1103 
1104 #if defined(HAVE_SSL) && defined(HAVE_NGHTTP2) && defined(HAVE_SSL_CTX_SET_ALPN_SELECT_CB)
1105 static int alpn_select_cb(SSL* ATTR_UNUSED(ssl), const unsigned char** out,
1106 	unsigned char* outlen, const unsigned char* in, unsigned int inlen,
1107 	void* ATTR_UNUSED(arg))
1108 {
1109 	int rv = nghttp2_select_next_protocol((unsigned char **)out, outlen, in,
1110 		inlen);
1111 	if(rv == -1) {
1112 		return SSL_TLSEXT_ERR_NOACK;
1113 	}
1114 	/* either http/1.1 or h2 selected */
1115 	return SSL_TLSEXT_ERR_OK;
1116 }
1117 #endif
1118 
1119 int
1120 listen_sslctx_setup(void* ctxt)
1121 {
1122 #ifdef HAVE_SSL
1123 	SSL_CTX* ctx = (SSL_CTX*)ctxt;
1124 	/* no SSLv2, SSLv3 because has defects */
1125 #if SSL_OP_NO_SSLv2 != 0
1126 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2)
1127 		!= SSL_OP_NO_SSLv2){
1128 		log_crypto_err("could not set SSL_OP_NO_SSLv2");
1129 		return 0;
1130 	}
1131 #endif
1132 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)
1133 		!= SSL_OP_NO_SSLv3){
1134 		log_crypto_err("could not set SSL_OP_NO_SSLv3");
1135 		return 0;
1136 	}
1137 #if defined(SSL_OP_NO_TLSv1) && defined(SSL_OP_NO_TLSv1_1)
1138 	/* if we have tls 1.1 disable 1.0 */
1139 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1) & SSL_OP_NO_TLSv1)
1140 		!= SSL_OP_NO_TLSv1){
1141 		log_crypto_err("could not set SSL_OP_NO_TLSv1");
1142 		return 0;
1143 	}
1144 #endif
1145 #if defined(SSL_OP_NO_TLSv1_1) && defined(SSL_OP_NO_TLSv1_2)
1146 	/* if we have tls 1.2 disable 1.1 */
1147 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1_1) & SSL_OP_NO_TLSv1_1)
1148 		!= SSL_OP_NO_TLSv1_1){
1149 		log_crypto_err("could not set SSL_OP_NO_TLSv1_1");
1150 		return 0;
1151 	}
1152 #endif
1153 #if defined(SSL_OP_NO_RENEGOTIATION)
1154 	/* disable client renegotiation */
1155 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_RENEGOTIATION) &
1156 		SSL_OP_NO_RENEGOTIATION) != SSL_OP_NO_RENEGOTIATION) {
1157 		log_crypto_err("could not set SSL_OP_NO_RENEGOTIATION");
1158 		return 0;
1159 	}
1160 #endif
1161 #if defined(SHA256_DIGEST_LENGTH) && defined(USE_ECDSA)
1162 	/* if we detect system-wide crypto policies, use those */
1163 	if (access( "/etc/crypto-policies/config", F_OK ) != 0 ) {
1164 	/* if we have sha256, set the cipher list to have no known vulns */
1165 		if(!SSL_CTX_set_cipher_list(ctx, "TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256"))
1166 			log_crypto_err("could not set cipher list with SSL_CTX_set_cipher_list");
1167 	}
1168 #endif
1169 #if defined(SSL_OP_IGNORE_UNEXPECTED_EOF)
1170 	/* ignore errors when peers do not send the mandatory close_notify
1171 	 * alert on shutdown.
1172 	 * Relevant for openssl >= 3 */
1173 	if((SSL_CTX_set_options(ctx, SSL_OP_IGNORE_UNEXPECTED_EOF) &
1174 		SSL_OP_IGNORE_UNEXPECTED_EOF) != SSL_OP_IGNORE_UNEXPECTED_EOF) {
1175 		log_crypto_err("could not set SSL_OP_IGNORE_UNEXPECTED_EOF");
1176 		return 0;
1177 	}
1178 #endif
1179 
1180 	if((SSL_CTX_set_options(ctx, SSL_OP_CIPHER_SERVER_PREFERENCE) &
1181 		SSL_OP_CIPHER_SERVER_PREFERENCE) !=
1182 		SSL_OP_CIPHER_SERVER_PREFERENCE) {
1183 		log_crypto_err("could not set SSL_OP_CIPHER_SERVER_PREFERENCE");
1184 		return 0;
1185 	}
1186 
1187 #ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL
1188 	SSL_CTX_set_security_level(ctx, 0);
1189 #endif
1190 #if defined(HAVE_SSL_CTX_SET_ALPN_SELECT_CB) && defined(HAVE_NGHTTP2)
1191 	SSL_CTX_set_alpn_select_cb(ctx, alpn_select_cb, NULL);
1192 #endif
1193 #else
1194 	(void)ctxt;
1195 #endif /* HAVE_SSL */
1196 	return 1;
1197 }
1198 
1199 void
1200 listen_sslctx_setup_2(void* ctxt)
1201 {
1202 #ifdef HAVE_SSL
1203 	SSL_CTX* ctx = (SSL_CTX*)ctxt;
1204 	(void)ctx;
1205 #if HAVE_DECL_SSL_CTX_SET_ECDH_AUTO
1206 	if(!SSL_CTX_set_ecdh_auto(ctx,1)) {
1207 		log_crypto_err("Error in SSL_CTX_ecdh_auto, not enabling ECDHE");
1208 	}
1209 #elif defined(USE_ECDSA)
1210 	if(1) {
1211 		EC_KEY *ecdh = EC_KEY_new_by_curve_name (NID_X9_62_prime256v1);
1212 		if (!ecdh) {
1213 			log_crypto_err("could not find p256, not enabling ECDHE");
1214 		} else {
1215 			if (1 != SSL_CTX_set_tmp_ecdh (ctx, ecdh)) {
1216 				log_crypto_err("Error in SSL_CTX_set_tmp_ecdh, not enabling ECDHE");
1217 			}
1218 			EC_KEY_free (ecdh);
1219 		}
1220 	}
1221 #endif
1222 #else
1223 	(void)ctxt;
1224 #endif /* HAVE_SSL */
1225 }
1226 
1227 void* listen_sslctx_create(char* key, char* pem, char* verifypem)
1228 {
1229 #ifdef HAVE_SSL
1230 	SSL_CTX* ctx = SSL_CTX_new(SSLv23_server_method());
1231 	if(!ctx) {
1232 		log_crypto_err("could not SSL_CTX_new");
1233 		return NULL;
1234 	}
1235 	if(!key || key[0] == 0) {
1236 		log_err("error: no tls-service-key file specified");
1237 		SSL_CTX_free(ctx);
1238 		return NULL;
1239 	}
1240 	if(!pem || pem[0] == 0) {
1241 		log_err("error: no tls-service-pem file specified");
1242 		SSL_CTX_free(ctx);
1243 		return NULL;
1244 	}
1245 	if(!listen_sslctx_setup(ctx)) {
1246 		SSL_CTX_free(ctx);
1247 		return NULL;
1248 	}
1249 	if(!SSL_CTX_use_certificate_chain_file(ctx, pem)) {
1250 		log_err("error for cert file: %s", pem);
1251 		log_crypto_err("error in SSL_CTX use_certificate_chain_file");
1252 		SSL_CTX_free(ctx);
1253 		return NULL;
1254 	}
1255 	if(!SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM)) {
1256 		log_err("error for private key file: %s", key);
1257 		log_crypto_err("Error in SSL_CTX use_PrivateKey_file");
1258 		SSL_CTX_free(ctx);
1259 		return NULL;
1260 	}
1261 	if(!SSL_CTX_check_private_key(ctx)) {
1262 		log_err("error for key file: %s", key);
1263 		log_crypto_err("Error in SSL_CTX check_private_key");
1264 		SSL_CTX_free(ctx);
1265 		return NULL;
1266 	}
1267 	listen_sslctx_setup_2(ctx);
1268 	if(verifypem && verifypem[0]) {
1269 		if(!SSL_CTX_load_verify_locations(ctx, verifypem, NULL)) {
1270 			log_crypto_err("Error in SSL_CTX verify locations");
1271 			SSL_CTX_free(ctx);
1272 			return NULL;
1273 		}
1274 		SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(
1275 			verifypem));
1276 		SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
1277 	}
1278 	return ctx;
1279 #else
1280 	(void)key; (void)pem; (void)verifypem;
1281 	return NULL;
1282 #endif
1283 }
1284 
1285 #ifdef USE_WINSOCK
1286 /* For windows, the CA trust store is not read by openssl.
1287    Add code to open the trust store using wincrypt API and add
1288    the root certs into openssl trust store */
1289 static int
1290 add_WIN_cacerts_to_openssl_store(SSL_CTX* tls_ctx)
1291 {
1292 	HCERTSTORE      hSystemStore;
1293 	PCCERT_CONTEXT  pTargetCert = NULL;
1294 	X509_STORE*	store;
1295 
1296 	verbose(VERB_ALGO, "Adding Windows certificates from system root store to CA store");
1297 
1298 	/* load just once per context lifetime for this version
1299 	   TODO: dynamically update CA trust changes as they are available */
1300 	if (!tls_ctx)
1301 		return 0;
1302 
1303 	/* Call wincrypt's CertOpenStore to open the CA root store. */
1304 
1305 	if ((hSystemStore = CertOpenStore(
1306 		CERT_STORE_PROV_SYSTEM,
1307 		0,
1308 		0,
1309 		/* NOTE: mingw does not have this const: replace with 1 << 16 from code
1310 		   CERT_SYSTEM_STORE_CURRENT_USER, */
1311 		1 << 16,
1312 		L"root")) == 0)
1313 	{
1314 		return 0;
1315 	}
1316 
1317 	store = SSL_CTX_get_cert_store(tls_ctx);
1318 	if (!store)
1319 		return 0;
1320 
1321 	/* failure if the CA store is empty or the call fails */
1322 	if ((pTargetCert = CertEnumCertificatesInStore(
1323 		hSystemStore, pTargetCert)) == 0) {
1324 		verbose(VERB_ALGO, "CA certificate store for Windows is empty.");
1325 		return 0;
1326 	}
1327 	/* iterate over the windows cert store and add to openssl store */
1328 	do
1329 	{
1330 		X509 *cert1 = d2i_X509(NULL,
1331 			(const unsigned char **)&pTargetCert->pbCertEncoded,
1332 			pTargetCert->cbCertEncoded);
1333 		if (!cert1) {
1334 			unsigned long error = ERR_get_error();
1335 			/* return error if a cert fails */
1336 			verbose(VERB_ALGO, "%s %d:%s",
1337 				"Unable to parse certificate in memory",
1338 				(int)error, ERR_error_string(error, NULL));
1339 			return 0;
1340 		}
1341 		else {
1342 			/* return error if a cert add to store fails */
1343 			if (X509_STORE_add_cert(store, cert1) == 0) {
1344 				unsigned long error = ERR_peek_last_error();
1345 
1346 				/* Ignore error X509_R_CERT_ALREADY_IN_HASH_TABLE which means the
1347 				* certificate is already in the store.  */
1348 				if(ERR_GET_LIB(error) != ERR_LIB_X509 ||
1349 					ERR_GET_REASON(error) != X509_R_CERT_ALREADY_IN_HASH_TABLE) {
1350 					error = ERR_get_error();
1351 					verbose(VERB_ALGO, "%s %d:%s\n",
1352 					    "Error adding certificate", (int)error,
1353 					     ERR_error_string(error, NULL));
1354 					X509_free(cert1);
1355 					return 0;
1356 				}
1357 			}
1358 			X509_free(cert1);
1359 		}
1360 	} while ((pTargetCert = CertEnumCertificatesInStore(
1361 		hSystemStore, pTargetCert)) != 0);
1362 
1363 	/* Clean up memory and quit. */
1364 	if (pTargetCert)
1365 		CertFreeCertificateContext(pTargetCert);
1366 	if (hSystemStore)
1367 	{
1368 		if (!CertCloseStore(
1369 			hSystemStore, 0))
1370 			return 0;
1371 	}
1372 	verbose(VERB_ALGO, "Completed adding Windows certificates to CA store successfully");
1373 	return 1;
1374 }
1375 #endif /* USE_WINSOCK */
1376 
1377 void* connect_sslctx_create(char* key, char* pem, char* verifypem, int wincert)
1378 {
1379 #ifdef HAVE_SSL
1380 	SSL_CTX* ctx = SSL_CTX_new(SSLv23_client_method());
1381 	if(!ctx) {
1382 		log_crypto_err("could not allocate SSL_CTX pointer");
1383 		return NULL;
1384 	}
1385 #if SSL_OP_NO_SSLv2 != 0
1386 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2)
1387 		!= SSL_OP_NO_SSLv2) {
1388 		log_crypto_err("could not set SSL_OP_NO_SSLv2");
1389 		SSL_CTX_free(ctx);
1390 		return NULL;
1391 	}
1392 #endif
1393 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)
1394 		!= SSL_OP_NO_SSLv3) {
1395 		log_crypto_err("could not set SSL_OP_NO_SSLv3");
1396 		SSL_CTX_free(ctx);
1397 		return NULL;
1398 	}
1399 #if defined(SSL_OP_NO_RENEGOTIATION)
1400 	/* disable client renegotiation */
1401 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_RENEGOTIATION) &
1402 		SSL_OP_NO_RENEGOTIATION) != SSL_OP_NO_RENEGOTIATION) {
1403 		log_crypto_err("could not set SSL_OP_NO_RENEGOTIATION");
1404 		SSL_CTX_free(ctx);
1405 		return 0;
1406 	}
1407 #endif
1408 #if defined(SSL_OP_IGNORE_UNEXPECTED_EOF)
1409 	/* ignore errors when peers do not send the mandatory close_notify
1410 	 * alert on shutdown.
1411 	 * Relevant for openssl >= 3 */
1412 	if((SSL_CTX_set_options(ctx, SSL_OP_IGNORE_UNEXPECTED_EOF) &
1413 		SSL_OP_IGNORE_UNEXPECTED_EOF) != SSL_OP_IGNORE_UNEXPECTED_EOF) {
1414 		log_crypto_err("could not set SSL_OP_IGNORE_UNEXPECTED_EOF");
1415 		SSL_CTX_free(ctx);
1416 		return 0;
1417 	}
1418 #endif
1419 	if(key && key[0]) {
1420 		if(!SSL_CTX_use_certificate_chain_file(ctx, pem)) {
1421 			log_err("error in client certificate %s", pem);
1422 			log_crypto_err("error in certificate file");
1423 			SSL_CTX_free(ctx);
1424 			return NULL;
1425 		}
1426 		if(!SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM)) {
1427 			log_err("error in client private key %s", key);
1428 			log_crypto_err("error in key file");
1429 			SSL_CTX_free(ctx);
1430 			return NULL;
1431 		}
1432 		if(!SSL_CTX_check_private_key(ctx)) {
1433 			log_err("error in client key %s", key);
1434 			log_crypto_err("error in SSL_CTX_check_private_key");
1435 			SSL_CTX_free(ctx);
1436 			return NULL;
1437 		}
1438 	}
1439 	if((verifypem && verifypem[0]) || wincert) {
1440 		if(verifypem && verifypem[0]) {
1441 			if(!SSL_CTX_load_verify_locations(ctx, verifypem, NULL)) {
1442 				log_crypto_err("error in SSL_CTX verify");
1443 				SSL_CTX_free(ctx);
1444 				return NULL;
1445 			}
1446 		}
1447 #ifdef USE_WINSOCK
1448 		if(wincert) {
1449 			if(!add_WIN_cacerts_to_openssl_store(ctx)) {
1450 				log_crypto_err("error in add_WIN_cacerts_to_openssl_store");
1451 				SSL_CTX_free(ctx);
1452 				return NULL;
1453 			}
1454 		}
1455 #else
1456 		if(wincert) {
1457 			if(!SSL_CTX_set_default_verify_paths(ctx)) {
1458 				log_crypto_err("error in default_verify_paths");
1459 				SSL_CTX_free(ctx);
1460 				return NULL;
1461 			}
1462 		}
1463 #endif
1464 		SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
1465 	}
1466 	return ctx;
1467 #else
1468 	(void)key; (void)pem; (void)verifypem; (void)wincert;
1469 	return NULL;
1470 #endif
1471 }
1472 
1473 void* incoming_ssl_fd(void* sslctx, int fd)
1474 {
1475 #ifdef HAVE_SSL
1476 	SSL* ssl = SSL_new((SSL_CTX*)sslctx);
1477 	if(!ssl) {
1478 		log_crypto_err("could not SSL_new");
1479 		return NULL;
1480 	}
1481 	SSL_set_accept_state(ssl);
1482 	(void)SSL_set_mode(ssl, (long)SSL_MODE_AUTO_RETRY);
1483 	if(!SSL_set_fd(ssl, fd)) {
1484 		log_crypto_err("could not SSL_set_fd");
1485 		SSL_free(ssl);
1486 		return NULL;
1487 	}
1488 	return ssl;
1489 #else
1490 	(void)sslctx; (void)fd;
1491 	return NULL;
1492 #endif
1493 }
1494 
1495 void* outgoing_ssl_fd(void* sslctx, int fd)
1496 {
1497 #ifdef HAVE_SSL
1498 	SSL* ssl = SSL_new((SSL_CTX*)sslctx);
1499 	if(!ssl) {
1500 		log_crypto_err("could not SSL_new");
1501 		return NULL;
1502 	}
1503 	SSL_set_connect_state(ssl);
1504 	(void)SSL_set_mode(ssl, (long)SSL_MODE_AUTO_RETRY);
1505 	if(!SSL_set_fd(ssl, fd)) {
1506 		log_crypto_err("could not SSL_set_fd");
1507 		SSL_free(ssl);
1508 		return NULL;
1509 	}
1510 	return ssl;
1511 #else
1512 	(void)sslctx; (void)fd;
1513 	return NULL;
1514 #endif
1515 }
1516 
1517 int check_auth_name_for_ssl(char* auth_name)
1518 {
1519 	if(!auth_name) return 1;
1520 #if defined(HAVE_SSL) && !defined(HAVE_SSL_SET1_HOST) && !defined(HAVE_X509_VERIFY_PARAM_SET1_HOST)
1521 	log_err("the query has an auth_name %s, but libssl has no call to "
1522 		"perform TLS authentication.  Remove that name from config "
1523 		"or upgrade the ssl crypto library.", auth_name);
1524 	return 0;
1525 #else
1526 	return 1;
1527 #endif
1528 }
1529 
1530 /** set the authname on an SSL structure, SSL* ssl */
1531 int set_auth_name_on_ssl(void* ssl, char* auth_name, int use_sni)
1532 {
1533 	if(!auth_name) return 1;
1534 #ifdef HAVE_SSL
1535 	if(use_sni) {
1536 		(void)SSL_set_tlsext_host_name(ssl, auth_name);
1537 	}
1538 #else
1539 	(void)ssl;
1540 	(void)use_sni;
1541 #endif
1542 #ifdef HAVE_SSL_SET1_HOST
1543 	SSL_set_verify(ssl, SSL_VERIFY_PEER, NULL);
1544 	/* setting the hostname makes openssl verify the
1545 	 * host name in the x509 certificate in the
1546 	 * SSL connection*/
1547 	if(!SSL_set1_host(ssl, auth_name)) {
1548 		log_err("SSL_set1_host failed");
1549 		return 0;
1550 	}
1551 #elif defined(HAVE_X509_VERIFY_PARAM_SET1_HOST)
1552 	/* openssl 1.0.2 has this function that can be used for
1553 	 * set1_host like verification */
1554 	if(auth_name) {
1555 		X509_VERIFY_PARAM* param = SSL_get0_param(ssl);
1556 #  ifdef X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS
1557 		X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
1558 #  endif
1559 		if(!X509_VERIFY_PARAM_set1_host(param, auth_name, strlen(auth_name))) {
1560 			log_err("X509_VERIFY_PARAM_set1_host failed");
1561 			return 0;
1562 		}
1563 		SSL_set_verify(ssl, SSL_VERIFY_PEER, NULL);
1564 	}
1565 #else
1566 	verbose(VERB_ALGO, "the query has an auth_name, but libssl has no call to perform TLS authentication");
1567 #endif /* HAVE_SSL_SET1_HOST */
1568 	return 1;
1569 }
1570 
1571 #if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) && defined(CRYPTO_LOCK) && OPENSSL_VERSION_NUMBER < 0x10100000L
1572 /** global lock list for openssl locks */
1573 static lock_basic_type *ub_openssl_locks = NULL;
1574 
1575 /** callback that gets thread id for openssl */
1576 #ifdef HAVE_CRYPTO_THREADID_SET_CALLBACK
1577 static void
1578 ub_crypto_id_cb(CRYPTO_THREADID *id)
1579 {
1580 	CRYPTO_THREADID_set_numeric(id, (unsigned long)log_thread_get());
1581 }
1582 #else
1583 static unsigned long
1584 ub_crypto_id_cb(void)
1585 {
1586 	return (unsigned long)log_thread_get();
1587 }
1588 #endif
1589 
1590 static void
1591 ub_crypto_lock_cb(int mode, int type, const char *ATTR_UNUSED(file),
1592 	int ATTR_UNUSED(line))
1593 {
1594 	if((mode&CRYPTO_LOCK)) {
1595 		lock_basic_lock(&ub_openssl_locks[type]);
1596 	} else {
1597 		lock_basic_unlock(&ub_openssl_locks[type]);
1598 	}
1599 }
1600 #endif /* OPENSSL_THREADS */
1601 
1602 int ub_openssl_lock_init(void)
1603 {
1604 #if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) && defined(CRYPTO_LOCK) && OPENSSL_VERSION_NUMBER < 0x10100000L
1605 	int i;
1606 	ub_openssl_locks = (lock_basic_type*)reallocarray(
1607 		NULL, (size_t)CRYPTO_num_locks(), sizeof(lock_basic_type));
1608 	if(!ub_openssl_locks)
1609 		return 0;
1610 	for(i=0; i<CRYPTO_num_locks(); i++) {
1611 		lock_basic_init(&ub_openssl_locks[i]);
1612 	}
1613 #  ifdef HAVE_CRYPTO_THREADID_SET_CALLBACK
1614 	CRYPTO_THREADID_set_callback(&ub_crypto_id_cb);
1615 #  else
1616 	CRYPTO_set_id_callback(&ub_crypto_id_cb);
1617 #  endif
1618 	CRYPTO_set_locking_callback(&ub_crypto_lock_cb);
1619 #endif /* OPENSSL_THREADS */
1620 	return 1;
1621 }
1622 
1623 void ub_openssl_lock_delete(void)
1624 {
1625 #if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) && defined(CRYPTO_LOCK) && OPENSSL_VERSION_NUMBER < 0x10100000L
1626 	int i;
1627 	if(!ub_openssl_locks)
1628 		return;
1629 #  ifdef HAVE_CRYPTO_THREADID_SET_CALLBACK
1630 	CRYPTO_THREADID_set_callback(NULL);
1631 #  else
1632 	CRYPTO_set_id_callback(NULL);
1633 #  endif
1634 	CRYPTO_set_locking_callback(NULL);
1635 	for(i=0; i<CRYPTO_num_locks(); i++) {
1636 		lock_basic_destroy(&ub_openssl_locks[i]);
1637 	}
1638 	free(ub_openssl_locks);
1639 #endif /* OPENSSL_THREADS */
1640 }
1641 
1642 int listen_sslctx_setup_ticket_keys(void* sslctx, struct config_strlist* tls_session_ticket_keys) {
1643 #ifdef HAVE_SSL
1644 	size_t s = 1;
1645 	struct config_strlist* p;
1646 	struct tls_session_ticket_key *keys;
1647 	for(p = tls_session_ticket_keys; p; p = p->next) {
1648 		s++;
1649 	}
1650 	keys = calloc(s, sizeof(struct tls_session_ticket_key));
1651 	if(!keys)
1652 		return 0;
1653 	memset(keys, 0, s*sizeof(*keys));
1654 	ticket_keys = keys;
1655 
1656 	for(p = tls_session_ticket_keys; p; p = p->next) {
1657 		size_t n;
1658 		unsigned char *data;
1659 		FILE *f;
1660 
1661 		data = (unsigned char *)malloc(80);
1662 		if(!data)
1663 			return 0;
1664 
1665 		f = fopen(p->str, "rb");
1666 		if(!f) {
1667 			log_err("could not read tls-session-ticket-key %s: %s", p->str, strerror(errno));
1668 			free(data);
1669 			return 0;
1670 		}
1671 		n = fread(data, 1, 80, f);
1672 		fclose(f);
1673 
1674 		if(n != 80) {
1675 			log_err("tls-session-ticket-key %s is %d bytes, must be 80 bytes", p->str, (int)n);
1676 			free(data);
1677 			return 0;
1678 		}
1679 		verbose(VERB_OPS, "read tls-session-ticket-key: %s", p->str);
1680 
1681 		keys->key_name = data;
1682 		keys->aes_key = data + 16;
1683 		keys->hmac_key = data + 48;
1684 		keys++;
1685 	}
1686 	/* terminate array with NULL key name entry */
1687 	keys->key_name = NULL;
1688 #  ifdef HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEY_EVP_CB
1689 	if(SSL_CTX_set_tlsext_ticket_key_evp_cb(sslctx, tls_session_ticket_key_cb) == 0) {
1690 		log_err("no support for TLS session ticket");
1691 		return 0;
1692 	}
1693 #  else
1694 	if(SSL_CTX_set_tlsext_ticket_key_cb(sslctx, tls_session_ticket_key_cb) == 0) {
1695 		log_err("no support for TLS session ticket");
1696 		return 0;
1697 	}
1698 #  endif
1699 	return 1;
1700 #else
1701 	(void)sslctx;
1702 	(void)tls_session_ticket_keys;
1703 	return 0;
1704 #endif
1705 
1706 }
1707 
1708 #ifdef HAVE_SSL
1709 int tls_session_ticket_key_cb(SSL *ATTR_UNUSED(sslctx), unsigned char* key_name,
1710 	unsigned char* iv, EVP_CIPHER_CTX *evp_sctx,
1711 #ifdef HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEY_EVP_CB
1712 	EVP_MAC_CTX *hmac_ctx,
1713 #else
1714 	HMAC_CTX* hmac_ctx,
1715 #endif
1716 	int enc)
1717 {
1718 #ifdef HAVE_SSL
1719 #  ifdef HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEY_EVP_CB
1720 	OSSL_PARAM params[3];
1721 #  else
1722 	const EVP_MD *digest;
1723 #  endif
1724 	const EVP_CIPHER *cipher;
1725 	int evp_cipher_length;
1726 #  ifndef HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEY_EVP_CB
1727 	digest = EVP_sha256();
1728 #  endif
1729 	cipher = EVP_aes_256_cbc();
1730 	evp_cipher_length = EVP_CIPHER_iv_length(cipher);
1731 	if( enc == 1 ) {
1732 		/* encrypt */
1733 		verbose(VERB_CLIENT, "start session encrypt");
1734 		memcpy(key_name, ticket_keys->key_name, 16);
1735 		if (RAND_bytes(iv, evp_cipher_length) != 1) {
1736 			verbose(VERB_CLIENT, "RAND_bytes failed");
1737 			return -1;
1738 		}
1739 		if (EVP_EncryptInit_ex(evp_sctx, cipher, NULL, ticket_keys->aes_key, iv) != 1) {
1740 			verbose(VERB_CLIENT, "EVP_EncryptInit_ex failed");
1741 			return -1;
1742 		}
1743 #ifdef HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEY_EVP_CB
1744 		params[0] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
1745 			ticket_keys->hmac_key, 32);
1746 		params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
1747 			"sha256", 0);
1748 		params[2] = OSSL_PARAM_construct_end();
1749 #ifdef HAVE_EVP_MAC_CTX_SET_PARAMS
1750 		EVP_MAC_CTX_set_params(hmac_ctx, params);
1751 #else
1752 		EVP_MAC_set_ctx_params(hmac_ctx, params);
1753 #endif
1754 #elif !defined(HMAC_INIT_EX_RETURNS_VOID)
1755 		if (HMAC_Init_ex(hmac_ctx, ticket_keys->hmac_key, 32, digest, NULL) != 1) {
1756 			verbose(VERB_CLIENT, "HMAC_Init_ex failed");
1757 			return -1;
1758 		}
1759 #else
1760 		HMAC_Init_ex(hmac_ctx, ticket_keys->hmac_key, 32, digest, NULL);
1761 #endif
1762 		return 1;
1763 	} else if (enc == 0) {
1764 		/* decrypt */
1765 		struct tls_session_ticket_key *key;
1766 		verbose(VERB_CLIENT, "start session decrypt");
1767 		for(key = ticket_keys; key->key_name != NULL; key++) {
1768 			if (!memcmp(key_name, key->key_name, 16)) {
1769 				verbose(VERB_CLIENT, "Found session_key");
1770 				break;
1771 			}
1772 		}
1773 		if(key->key_name == NULL) {
1774 			verbose(VERB_CLIENT, "Not found session_key");
1775 			return 0;
1776 		}
1777 
1778 #ifdef HAVE_SSL_CTX_SET_TLSEXT_TICKET_KEY_EVP_CB
1779 		params[0] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
1780 			key->hmac_key, 32);
1781 		params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
1782 			"sha256", 0);
1783 		params[2] = OSSL_PARAM_construct_end();
1784 #ifdef HAVE_EVP_MAC_CTX_SET_PARAMS
1785 		EVP_MAC_CTX_set_params(hmac_ctx, params);
1786 #else
1787 		EVP_MAC_set_ctx_params(hmac_ctx, params);
1788 #endif
1789 #elif !defined(HMAC_INIT_EX_RETURNS_VOID)
1790 		if (HMAC_Init_ex(hmac_ctx, key->hmac_key, 32, digest, NULL) != 1) {
1791 			verbose(VERB_CLIENT, "HMAC_Init_ex failed");
1792 			return -1;
1793 		}
1794 #else
1795 		HMAC_Init_ex(hmac_ctx, key->hmac_key, 32, digest, NULL);
1796 #endif
1797 		if (EVP_DecryptInit_ex(evp_sctx, cipher, NULL, key->aes_key, iv) != 1) {
1798 			log_err("EVP_DecryptInit_ex failed");
1799 			return -1;
1800 		}
1801 
1802 		return (key == ticket_keys) ? 1 : 2;
1803 	}
1804 	return -1;
1805 #else
1806 	(void)key_name;
1807 	(void)iv;
1808 	(void)evp_sctx;
1809 	(void)hmac_ctx;
1810 	(void)enc;
1811 	return 0;
1812 #endif
1813 }
1814 #endif /* HAVE_SSL */
1815 
1816 void
1817 listen_sslctx_delete_ticket_keys(void)
1818 {
1819 	struct tls_session_ticket_key *key;
1820 	if(!ticket_keys) return;
1821 	for(key = ticket_keys; key->key_name != NULL; key++) {
1822 		/* wipe key data from memory*/
1823 #ifdef HAVE_EXPLICIT_BZERO
1824 		explicit_bzero(key->key_name, 80);
1825 #else
1826 		memset(key->key_name, 0xdd, 80);
1827 #endif
1828 		free(key->key_name);
1829 	}
1830 	free(ticket_keys);
1831 	ticket_keys = NULL;
1832 }
1833 
1834 #  ifndef USE_WINSOCK
1835 char*
1836 sock_strerror(int errn)
1837 {
1838 	return strerror(errn);
1839 }
1840 
1841 void
1842 sock_close(int socket)
1843 {
1844 	close(socket);
1845 }
1846 
1847 #  else
1848 char*
1849 sock_strerror(int ATTR_UNUSED(errn))
1850 {
1851 	return wsa_strerror(WSAGetLastError());
1852 }
1853 
1854 void
1855 sock_close(int socket)
1856 {
1857 	closesocket(socket);
1858 }
1859 #  endif /* USE_WINSOCK */
1860