xref: /freebsd/contrib/unbound/util/net_help.c (revision eb24e1491f9900e922c78e53af588f22a3e9535f)
1 /*
2  * util/net_help.c - implementation of the network helper code
3  *
4  * Copyright (c) 2007, NLnet Labs. All rights reserved.
5  *
6  * This software is open source.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * Redistributions of source code must retain the above copyright notice,
13  * this list of conditions and the following disclaimer.
14  *
15  * Redistributions in binary form must reproduce the above copyright notice,
16  * this list of conditions and the following disclaimer in the documentation
17  * and/or other materials provided with the distribution.
18  *
19  * Neither the name of the NLNET LABS nor the names of its contributors may
20  * be used to endorse or promote products derived from this software without
21  * specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
26  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
27  * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
29  * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
30  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
31  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
32  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34  */
35 /**
36  * \file
37  * Implementation of net_help.h.
38  */
39 
40 #include "config.h"
41 #include "util/net_help.h"
42 #include "util/log.h"
43 #include "util/data/dname.h"
44 #include "util/module.h"
45 #include "util/regional.h"
46 #include "util/config_file.h"
47 #include "sldns/parseutil.h"
48 #include "sldns/wire2str.h"
49 #include <fcntl.h>
50 #ifdef HAVE_OPENSSL_SSL_H
51 #include <openssl/ssl.h>
52 #include <openssl/evp.h>
53 #include <openssl/rand.h>
54 #endif
55 #ifdef HAVE_OPENSSL_ERR_H
56 #include <openssl/err.h>
57 #endif
58 #ifdef USE_WINSOCK
59 #include <wincrypt.h>
60 #endif
61 
62 /** max length of an IP address (the address portion) that we allow */
63 #define MAX_ADDR_STRLEN 128 /* characters */
64 /** default value for EDNS ADVERTISED size */
65 uint16_t EDNS_ADVERTISED_SIZE = 4096;
66 
67 /** minimal responses when positive answer: default is no */
68 int MINIMAL_RESPONSES = 0;
69 
70 /** rrset order roundrobin: default is no */
71 int RRSET_ROUNDROBIN = 0;
72 
73 /** log tag queries with name instead of 'info' for filtering */
74 int LOG_TAG_QUERYREPLY = 0;
75 
76 static struct tls_session_ticket_key {
77 	unsigned char *key_name;
78 	unsigned char *aes_key;
79 	unsigned char *hmac_key;
80 } *ticket_keys;
81 
82 /* returns true is string addr is an ip6 specced address */
83 int
84 str_is_ip6(const char* str)
85 {
86 	if(strchr(str, ':'))
87 		return 1;
88 	else    return 0;
89 }
90 
91 int
92 fd_set_nonblock(int s)
93 {
94 #ifdef HAVE_FCNTL
95 	int flag;
96 	if((flag = fcntl(s, F_GETFL)) == -1) {
97 		log_err("can't fcntl F_GETFL: %s", strerror(errno));
98 		flag = 0;
99 	}
100 	flag |= O_NONBLOCK;
101 	if(fcntl(s, F_SETFL, flag) == -1) {
102 		log_err("can't fcntl F_SETFL: %s", strerror(errno));
103 		return 0;
104 	}
105 #elif defined(HAVE_IOCTLSOCKET)
106 	unsigned long on = 1;
107 	if(ioctlsocket(s, FIONBIO, &on) != 0) {
108 		log_err("can't ioctlsocket FIONBIO on: %s",
109 			wsa_strerror(WSAGetLastError()));
110 	}
111 #endif
112 	return 1;
113 }
114 
115 int
116 fd_set_block(int s)
117 {
118 #ifdef HAVE_FCNTL
119 	int flag;
120 	if((flag = fcntl(s, F_GETFL)) == -1) {
121 		log_err("cannot fcntl F_GETFL: %s", strerror(errno));
122 		flag = 0;
123 	}
124 	flag &= ~O_NONBLOCK;
125 	if(fcntl(s, F_SETFL, flag) == -1) {
126 		log_err("cannot fcntl F_SETFL: %s", strerror(errno));
127 		return 0;
128 	}
129 #elif defined(HAVE_IOCTLSOCKET)
130 	unsigned long off = 0;
131 	if(ioctlsocket(s, FIONBIO, &off) != 0) {
132 		if(WSAGetLastError() != WSAEINVAL || verbosity >= 4)
133 			log_err("can't ioctlsocket FIONBIO off: %s",
134 				wsa_strerror(WSAGetLastError()));
135 	}
136 #endif
137 	return 1;
138 }
139 
140 int
141 is_pow2(size_t num)
142 {
143 	if(num == 0) return 1;
144 	return (num & (num-1)) == 0;
145 }
146 
147 void*
148 memdup(void* data, size_t len)
149 {
150 	void* d;
151 	if(!data) return NULL;
152 	if(len == 0) return NULL;
153 	d = malloc(len);
154 	if(!d) return NULL;
155 	memcpy(d, data, len);
156 	return d;
157 }
158 
159 void
160 log_addr(enum verbosity_value v, const char* str,
161 	struct sockaddr_storage* addr, socklen_t addrlen)
162 {
163 	uint16_t port;
164 	const char* family = "unknown";
165 	char dest[100];
166 	int af = (int)((struct sockaddr_in*)addr)->sin_family;
167 	void* sinaddr = &((struct sockaddr_in*)addr)->sin_addr;
168 	if(verbosity < v)
169 		return;
170 	switch(af) {
171 		case AF_INET: family="ip4"; break;
172 		case AF_INET6: family="ip6";
173 			sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr;
174 			break;
175 		case AF_LOCAL:
176 			dest[0]=0;
177 			(void)inet_ntop(af, sinaddr, dest,
178 				(socklen_t)sizeof(dest));
179 			verbose(v, "%s local %s", str, dest);
180 			return; /* do not continue and try to get port */
181 		default: break;
182 	}
183 	if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) {
184 		(void)strlcpy(dest, "(inet_ntop error)", sizeof(dest));
185 	}
186 	dest[sizeof(dest)-1] = 0;
187 	port = ntohs(((struct sockaddr_in*)addr)->sin_port);
188 	if(verbosity >= 4)
189 		verbose(v, "%s %s %s port %d (len %d)", str, family, dest,
190 			(int)port, (int)addrlen);
191 	else	verbose(v, "%s %s port %d", str, dest, (int)port);
192 }
193 
194 int
195 extstrtoaddr(const char* str, struct sockaddr_storage* addr,
196 	socklen_t* addrlen)
197 {
198 	char* s;
199 	int port = UNBOUND_DNS_PORT;
200 	if((s=strchr(str, '@'))) {
201 		char buf[MAX_ADDR_STRLEN];
202 		if(s-str >= MAX_ADDR_STRLEN) {
203 			return 0;
204 		}
205 		(void)strlcpy(buf, str, sizeof(buf));
206 		buf[s-str] = 0;
207 		port = atoi(s+1);
208 		if(port == 0 && strcmp(s+1,"0")!=0) {
209 			return 0;
210 		}
211 		return ipstrtoaddr(buf, port, addr, addrlen);
212 	}
213 	return ipstrtoaddr(str, port, addr, addrlen);
214 }
215 
216 
217 int
218 ipstrtoaddr(const char* ip, int port, struct sockaddr_storage* addr,
219 	socklen_t* addrlen)
220 {
221 	uint16_t p;
222 	if(!ip) return 0;
223 	p = (uint16_t) port;
224 	if(str_is_ip6(ip)) {
225 		char buf[MAX_ADDR_STRLEN];
226 		char* s;
227 		struct sockaddr_in6* sa = (struct sockaddr_in6*)addr;
228 		*addrlen = (socklen_t)sizeof(struct sockaddr_in6);
229 		memset(sa, 0, *addrlen);
230 		sa->sin6_family = AF_INET6;
231 		sa->sin6_port = (in_port_t)htons(p);
232 		if((s=strchr(ip, '%'))) { /* ip6%interface, rfc 4007 */
233 			if(s-ip >= MAX_ADDR_STRLEN)
234 				return 0;
235 			(void)strlcpy(buf, ip, sizeof(buf));
236 			buf[s-ip]=0;
237 			sa->sin6_scope_id = (uint32_t)atoi(s+1);
238 			ip = buf;
239 		}
240 		if(inet_pton((int)sa->sin6_family, ip, &sa->sin6_addr) <= 0) {
241 			return 0;
242 		}
243 	} else { /* ip4 */
244 		struct sockaddr_in* sa = (struct sockaddr_in*)addr;
245 		*addrlen = (socklen_t)sizeof(struct sockaddr_in);
246 		memset(sa, 0, *addrlen);
247 		sa->sin_family = AF_INET;
248 		sa->sin_port = (in_port_t)htons(p);
249 		if(inet_pton((int)sa->sin_family, ip, &sa->sin_addr) <= 0) {
250 			return 0;
251 		}
252 	}
253 	return 1;
254 }
255 
256 int netblockstrtoaddr(const char* str, int port, struct sockaddr_storage* addr,
257         socklen_t* addrlen, int* net)
258 {
259 	char buf[64];
260 	char* s;
261 	*net = (str_is_ip6(str)?128:32);
262 	if((s=strchr(str, '/'))) {
263 		if(atoi(s+1) > *net) {
264 			log_err("netblock too large: %s", str);
265 			return 0;
266 		}
267 		*net = atoi(s+1);
268 		if(*net == 0 && strcmp(s+1, "0") != 0) {
269 			log_err("cannot parse netblock: '%s'", str);
270 			return 0;
271 		}
272 		strlcpy(buf, str, sizeof(buf));
273 		s = strchr(buf, '/');
274 		if(s) *s = 0;
275 		s = buf;
276 	}
277 	if(!ipstrtoaddr(s?s:str, port, addr, addrlen)) {
278 		log_err("cannot parse ip address: '%s'", str);
279 		return 0;
280 	}
281 	if(s) {
282 		addr_mask(addr, *addrlen, *net);
283 	}
284 	return 1;
285 }
286 
287 int authextstrtoaddr(char* str, struct sockaddr_storage* addr,
288 	socklen_t* addrlen, char** auth_name)
289 {
290 	char* s;
291 	int port = UNBOUND_DNS_PORT;
292 	if((s=strchr(str, '@'))) {
293 		char buf[MAX_ADDR_STRLEN];
294 		size_t len = (size_t)(s-str);
295 		char* hash = strchr(s+1, '#');
296 		if(hash) {
297 			*auth_name = hash+1;
298 		} else {
299 			*auth_name = NULL;
300 		}
301 		if(len >= MAX_ADDR_STRLEN) {
302 			return 0;
303 		}
304 		(void)strlcpy(buf, str, sizeof(buf));
305 		buf[len] = 0;
306 		port = atoi(s+1);
307 		if(port == 0) {
308 			if(!hash && strcmp(s+1,"0")!=0)
309 				return 0;
310 			if(hash && strncmp(s+1,"0#",2)!=0)
311 				return 0;
312 		}
313 		return ipstrtoaddr(buf, port, addr, addrlen);
314 	}
315 	if((s=strchr(str, '#'))) {
316 		char buf[MAX_ADDR_STRLEN];
317 		size_t len = (size_t)(s-str);
318 		if(len >= MAX_ADDR_STRLEN) {
319 			return 0;
320 		}
321 		(void)strlcpy(buf, str, sizeof(buf));
322 		buf[len] = 0;
323 		port = UNBOUND_DNS_OVER_TLS_PORT;
324 		*auth_name = s+1;
325 		return ipstrtoaddr(buf, port, addr, addrlen);
326 	}
327 	*auth_name = NULL;
328 	return ipstrtoaddr(str, port, addr, addrlen);
329 }
330 
331 /** store port number into sockaddr structure */
332 void
333 sockaddr_store_port(struct sockaddr_storage* addr, socklen_t addrlen, int port)
334 {
335 	if(addr_is_ip6(addr, addrlen)) {
336 		struct sockaddr_in6* sa = (struct sockaddr_in6*)addr;
337 		sa->sin6_port = (in_port_t)htons((uint16_t)port);
338 	} else {
339 		struct sockaddr_in* sa = (struct sockaddr_in*)addr;
340 		sa->sin_port = (in_port_t)htons((uint16_t)port);
341 	}
342 }
343 
344 void
345 log_nametypeclass(enum verbosity_value v, const char* str, uint8_t* name,
346 	uint16_t type, uint16_t dclass)
347 {
348 	char buf[LDNS_MAX_DOMAINLEN+1];
349 	char t[12], c[12];
350 	const char *ts, *cs;
351 	if(verbosity < v)
352 		return;
353 	dname_str(name, buf);
354 	if(type == LDNS_RR_TYPE_TSIG) ts = "TSIG";
355 	else if(type == LDNS_RR_TYPE_IXFR) ts = "IXFR";
356 	else if(type == LDNS_RR_TYPE_AXFR) ts = "AXFR";
357 	else if(type == LDNS_RR_TYPE_MAILB) ts = "MAILB";
358 	else if(type == LDNS_RR_TYPE_MAILA) ts = "MAILA";
359 	else if(type == LDNS_RR_TYPE_ANY) ts = "ANY";
360 	else if(sldns_rr_descript(type) && sldns_rr_descript(type)->_name)
361 		ts = sldns_rr_descript(type)->_name;
362 	else {
363 		snprintf(t, sizeof(t), "TYPE%d", (int)type);
364 		ts = t;
365 	}
366 	if(sldns_lookup_by_id(sldns_rr_classes, (int)dclass) &&
367 		sldns_lookup_by_id(sldns_rr_classes, (int)dclass)->name)
368 		cs = sldns_lookup_by_id(sldns_rr_classes, (int)dclass)->name;
369 	else {
370 		snprintf(c, sizeof(c), "CLASS%d", (int)dclass);
371 		cs = c;
372 	}
373 	log_info("%s %s %s %s", str, buf, ts, cs);
374 }
375 
376 void
377 log_query_in(const char* str, uint8_t* name, uint16_t type, uint16_t dclass)
378 {
379 	char buf[LDNS_MAX_DOMAINLEN+1];
380 	char t[12], c[12];
381 	const char *ts, *cs;
382 	dname_str(name, buf);
383 	if(type == LDNS_RR_TYPE_TSIG) ts = "TSIG";
384 	else if(type == LDNS_RR_TYPE_IXFR) ts = "IXFR";
385 	else if(type == LDNS_RR_TYPE_AXFR) ts = "AXFR";
386 	else if(type == LDNS_RR_TYPE_MAILB) ts = "MAILB";
387 	else if(type == LDNS_RR_TYPE_MAILA) ts = "MAILA";
388 	else if(type == LDNS_RR_TYPE_ANY) ts = "ANY";
389 	else if(sldns_rr_descript(type) && sldns_rr_descript(type)->_name)
390 		ts = sldns_rr_descript(type)->_name;
391 	else {
392 		snprintf(t, sizeof(t), "TYPE%d", (int)type);
393 		ts = t;
394 	}
395 	if(sldns_lookup_by_id(sldns_rr_classes, (int)dclass) &&
396 		sldns_lookup_by_id(sldns_rr_classes, (int)dclass)->name)
397 		cs = sldns_lookup_by_id(sldns_rr_classes, (int)dclass)->name;
398 	else {
399 		snprintf(c, sizeof(c), "CLASS%d", (int)dclass);
400 		cs = c;
401 	}
402 	if(LOG_TAG_QUERYREPLY)
403 		log_query("%s %s %s %s", str, buf, ts, cs);
404 	else	log_info("%s %s %s %s", str, buf, ts, cs);
405 }
406 
407 void log_name_addr(enum verbosity_value v, const char* str, uint8_t* zone,
408 	struct sockaddr_storage* addr, socklen_t addrlen)
409 {
410 	uint16_t port;
411 	const char* family = "unknown_family ";
412 	char namebuf[LDNS_MAX_DOMAINLEN+1];
413 	char dest[100];
414 	int af = (int)((struct sockaddr_in*)addr)->sin_family;
415 	void* sinaddr = &((struct sockaddr_in*)addr)->sin_addr;
416 	if(verbosity < v)
417 		return;
418 	switch(af) {
419 		case AF_INET: family=""; break;
420 		case AF_INET6: family="";
421 			sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr;
422 			break;
423 		case AF_LOCAL: family="local "; break;
424 		default: break;
425 	}
426 	if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) {
427 		(void)strlcpy(dest, "(inet_ntop error)", sizeof(dest));
428 	}
429 	dest[sizeof(dest)-1] = 0;
430 	port = ntohs(((struct sockaddr_in*)addr)->sin_port);
431 	dname_str(zone, namebuf);
432 	if(af != AF_INET && af != AF_INET6)
433 		verbose(v, "%s <%s> %s%s#%d (addrlen %d)",
434 			str, namebuf, family, dest, (int)port, (int)addrlen);
435 	else	verbose(v, "%s <%s> %s%s#%d",
436 			str, namebuf, family, dest, (int)port);
437 }
438 
439 void log_err_addr(const char* str, const char* err,
440 	struct sockaddr_storage* addr, socklen_t addrlen)
441 {
442 	uint16_t port;
443 	char dest[100];
444 	int af = (int)((struct sockaddr_in*)addr)->sin_family;
445 	void* sinaddr = &((struct sockaddr_in*)addr)->sin_addr;
446 	if(af == AF_INET6)
447 		sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr;
448 	if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) {
449 		(void)strlcpy(dest, "(inet_ntop error)", sizeof(dest));
450 	}
451 	dest[sizeof(dest)-1] = 0;
452 	port = ntohs(((struct sockaddr_in*)addr)->sin_port);
453 	if(verbosity >= 4)
454 		log_err("%s: %s for %s port %d (len %d)", str, err, dest,
455 			(int)port, (int)addrlen);
456 	else	log_err("%s: %s for %s port %d", str, err, dest, (int)port);
457 }
458 
459 int
460 sockaddr_cmp(struct sockaddr_storage* addr1, socklen_t len1,
461 	struct sockaddr_storage* addr2, socklen_t len2)
462 {
463 	struct sockaddr_in* p1_in = (struct sockaddr_in*)addr1;
464 	struct sockaddr_in* p2_in = (struct sockaddr_in*)addr2;
465 	struct sockaddr_in6* p1_in6 = (struct sockaddr_in6*)addr1;
466 	struct sockaddr_in6* p2_in6 = (struct sockaddr_in6*)addr2;
467 	if(len1 < len2)
468 		return -1;
469 	if(len1 > len2)
470 		return 1;
471 	log_assert(len1 == len2);
472 	if( p1_in->sin_family < p2_in->sin_family)
473 		return -1;
474 	if( p1_in->sin_family > p2_in->sin_family)
475 		return 1;
476 	log_assert( p1_in->sin_family == p2_in->sin_family );
477 	/* compare ip4 */
478 	if( p1_in->sin_family == AF_INET ) {
479 		/* just order it, ntohs not required */
480 		if(p1_in->sin_port < p2_in->sin_port)
481 			return -1;
482 		if(p1_in->sin_port > p2_in->sin_port)
483 			return 1;
484 		log_assert(p1_in->sin_port == p2_in->sin_port);
485 		return memcmp(&p1_in->sin_addr, &p2_in->sin_addr, INET_SIZE);
486 	} else if (p1_in6->sin6_family == AF_INET6) {
487 		/* just order it, ntohs not required */
488 		if(p1_in6->sin6_port < p2_in6->sin6_port)
489 			return -1;
490 		if(p1_in6->sin6_port > p2_in6->sin6_port)
491 			return 1;
492 		log_assert(p1_in6->sin6_port == p2_in6->sin6_port);
493 		return memcmp(&p1_in6->sin6_addr, &p2_in6->sin6_addr,
494 			INET6_SIZE);
495 	} else {
496 		/* eek unknown type, perform this comparison for sanity. */
497 		return memcmp(addr1, addr2, len1);
498 	}
499 }
500 
501 int
502 sockaddr_cmp_addr(struct sockaddr_storage* addr1, socklen_t len1,
503 	struct sockaddr_storage* addr2, socklen_t len2)
504 {
505 	struct sockaddr_in* p1_in = (struct sockaddr_in*)addr1;
506 	struct sockaddr_in* p2_in = (struct sockaddr_in*)addr2;
507 	struct sockaddr_in6* p1_in6 = (struct sockaddr_in6*)addr1;
508 	struct sockaddr_in6* p2_in6 = (struct sockaddr_in6*)addr2;
509 	if(len1 < len2)
510 		return -1;
511 	if(len1 > len2)
512 		return 1;
513 	log_assert(len1 == len2);
514 	if( p1_in->sin_family < p2_in->sin_family)
515 		return -1;
516 	if( p1_in->sin_family > p2_in->sin_family)
517 		return 1;
518 	log_assert( p1_in->sin_family == p2_in->sin_family );
519 	/* compare ip4 */
520 	if( p1_in->sin_family == AF_INET ) {
521 		return memcmp(&p1_in->sin_addr, &p2_in->sin_addr, INET_SIZE);
522 	} else if (p1_in6->sin6_family == AF_INET6) {
523 		return memcmp(&p1_in6->sin6_addr, &p2_in6->sin6_addr,
524 			INET6_SIZE);
525 	} else {
526 		/* eek unknown type, perform this comparison for sanity. */
527 		return memcmp(addr1, addr2, len1);
528 	}
529 }
530 
531 int
532 addr_is_ip6(struct sockaddr_storage* addr, socklen_t len)
533 {
534 	if(len == (socklen_t)sizeof(struct sockaddr_in6) &&
535 		((struct sockaddr_in6*)addr)->sin6_family == AF_INET6)
536 		return 1;
537 	else    return 0;
538 }
539 
540 void
541 addr_mask(struct sockaddr_storage* addr, socklen_t len, int net)
542 {
543 	uint8_t mask[8] = {0x0, 0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe};
544 	int i, max;
545 	uint8_t* s;
546 	if(addr_is_ip6(addr, len)) {
547 		s = (uint8_t*)&((struct sockaddr_in6*)addr)->sin6_addr;
548 		max = 128;
549 	} else {
550 		s = (uint8_t*)&((struct sockaddr_in*)addr)->sin_addr;
551 		max = 32;
552 	}
553 	if(net >= max)
554 		return;
555 	for(i=net/8+1; i<max/8; i++) {
556 		s[i] = 0;
557 	}
558 	s[net/8] &= mask[net&0x7];
559 }
560 
561 int
562 addr_in_common(struct sockaddr_storage* addr1, int net1,
563 	struct sockaddr_storage* addr2, int net2, socklen_t addrlen)
564 {
565 	int min = (net1<net2)?net1:net2;
566 	int i, to;
567 	int match = 0;
568 	uint8_t* s1, *s2;
569 	if(addr_is_ip6(addr1, addrlen)) {
570 		s1 = (uint8_t*)&((struct sockaddr_in6*)addr1)->sin6_addr;
571 		s2 = (uint8_t*)&((struct sockaddr_in6*)addr2)->sin6_addr;
572 		to = 16;
573 	} else {
574 		s1 = (uint8_t*)&((struct sockaddr_in*)addr1)->sin_addr;
575 		s2 = (uint8_t*)&((struct sockaddr_in*)addr2)->sin_addr;
576 		to = 4;
577 	}
578 	/* match = bits_in_common(s1, s2, to); */
579 	for(i=0; i<to; i++) {
580 		if(s1[i] == s2[i]) {
581 			match += 8;
582 		} else {
583 			uint8_t z = s1[i]^s2[i];
584 			log_assert(z);
585 			while(!(z&0x80)) {
586 				match++;
587 				z<<=1;
588 			}
589 			break;
590 		}
591 	}
592 	if(match > min) match = min;
593 	return match;
594 }
595 
596 void
597 addr_to_str(struct sockaddr_storage* addr, socklen_t addrlen,
598 	char* buf, size_t len)
599 {
600 	int af = (int)((struct sockaddr_in*)addr)->sin_family;
601 	void* sinaddr = &((struct sockaddr_in*)addr)->sin_addr;
602 	if(addr_is_ip6(addr, addrlen))
603 		sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr;
604 	if(inet_ntop(af, sinaddr, buf, (socklen_t)len) == 0) {
605 		snprintf(buf, len, "(inet_ntop_error)");
606 	}
607 }
608 
609 int
610 addr_is_ip4mapped(struct sockaddr_storage* addr, socklen_t addrlen)
611 {
612 	/* prefix for ipv4 into ipv6 mapping is ::ffff:x.x.x.x */
613 	const uint8_t map_prefix[16] =
614 		{0,0,0,0,  0,0,0,0, 0,0,0xff,0xff, 0,0,0,0};
615 	uint8_t* s;
616 	if(!addr_is_ip6(addr, addrlen))
617 		return 0;
618 	/* s is 16 octet ipv6 address string */
619 	s = (uint8_t*)&((struct sockaddr_in6*)addr)->sin6_addr;
620 	return (memcmp(s, map_prefix, 12) == 0);
621 }
622 
623 int addr_is_broadcast(struct sockaddr_storage* addr, socklen_t addrlen)
624 {
625 	int af = (int)((struct sockaddr_in*)addr)->sin_family;
626 	void* sinaddr = &((struct sockaddr_in*)addr)->sin_addr;
627 	return af == AF_INET && addrlen>=(socklen_t)sizeof(struct sockaddr_in)
628 		&& memcmp(sinaddr, "\377\377\377\377", 4) == 0;
629 }
630 
631 int addr_is_any(struct sockaddr_storage* addr, socklen_t addrlen)
632 {
633 	int af = (int)((struct sockaddr_in*)addr)->sin_family;
634 	void* sinaddr = &((struct sockaddr_in*)addr)->sin_addr;
635 	void* sin6addr = &((struct sockaddr_in6*)addr)->sin6_addr;
636 	if(af == AF_INET && addrlen>=(socklen_t)sizeof(struct sockaddr_in)
637 		&& memcmp(sinaddr, "\000\000\000\000", 4) == 0)
638 		return 1;
639 	else if(af==AF_INET6 && addrlen>=(socklen_t)sizeof(struct sockaddr_in6)
640 		&& memcmp(sin6addr, "\000\000\000\000\000\000\000\000"
641 		"\000\000\000\000\000\000\000\000", 16) == 0)
642 		return 1;
643 	return 0;
644 }
645 
646 void sock_list_insert(struct sock_list** list, struct sockaddr_storage* addr,
647 	socklen_t len, struct regional* region)
648 {
649 	struct sock_list* add = (struct sock_list*)regional_alloc(region,
650 		sizeof(*add) - sizeof(add->addr) + (size_t)len);
651 	if(!add) {
652 		log_err("out of memory in socketlist insert");
653 		return;
654 	}
655 	log_assert(list);
656 	add->next = *list;
657 	add->len = len;
658 	*list = add;
659 	if(len) memmove(&add->addr, addr, len);
660 }
661 
662 void sock_list_prepend(struct sock_list** list, struct sock_list* add)
663 {
664 	struct sock_list* last = add;
665 	if(!last)
666 		return;
667 	while(last->next)
668 		last = last->next;
669 	last->next = *list;
670 	*list = add;
671 }
672 
673 int sock_list_find(struct sock_list* list, struct sockaddr_storage* addr,
674         socklen_t len)
675 {
676 	while(list) {
677 		if(len == list->len) {
678 			if(len == 0 || sockaddr_cmp_addr(addr, len,
679 				&list->addr, list->len) == 0)
680 				return 1;
681 		}
682 		list = list->next;
683 	}
684 	return 0;
685 }
686 
687 void sock_list_merge(struct sock_list** list, struct regional* region,
688 	struct sock_list* add)
689 {
690 	struct sock_list* p;
691 	for(p=add; p; p=p->next) {
692 		if(!sock_list_find(*list, &p->addr, p->len))
693 			sock_list_insert(list, &p->addr, p->len, region);
694 	}
695 }
696 
697 void
698 log_crypto_err(const char* str)
699 {
700 #ifdef HAVE_SSL
701 	log_crypto_err_code(str, ERR_get_error());
702 #else
703 	(void)str;
704 #endif /* HAVE_SSL */
705 }
706 
707 void log_crypto_err_code(const char* str, unsigned long err)
708 {
709 #ifdef HAVE_SSL
710 	/* error:[error code]:[library name]:[function name]:[reason string] */
711 	char buf[128];
712 	unsigned long e;
713 	ERR_error_string_n(err, buf, sizeof(buf));
714 	log_err("%s crypto %s", str, buf);
715 	while( (e=ERR_get_error()) ) {
716 		ERR_error_string_n(e, buf, sizeof(buf));
717 		log_err("and additionally crypto %s", buf);
718 	}
719 #else
720 	(void)str;
721 	(void)err;
722 #endif /* HAVE_SSL */
723 }
724 
725 int
726 listen_sslctx_setup(void* ctxt)
727 {
728 #ifdef HAVE_SSL
729 	SSL_CTX* ctx = (SSL_CTX*)ctxt;
730 	/* no SSLv2, SSLv3 because has defects */
731 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2)
732 		!= SSL_OP_NO_SSLv2){
733 		log_crypto_err("could not set SSL_OP_NO_SSLv2");
734 		return 0;
735 	}
736 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)
737 		!= SSL_OP_NO_SSLv3){
738 		log_crypto_err("could not set SSL_OP_NO_SSLv3");
739 		return 0;
740 	}
741 #if defined(SSL_OP_NO_TLSv1) && defined(SSL_OP_NO_TLSv1_1)
742 	/* if we have tls 1.1 disable 1.0 */
743 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1) & SSL_OP_NO_TLSv1)
744 		!= SSL_OP_NO_TLSv1){
745 		log_crypto_err("could not set SSL_OP_NO_TLSv1");
746 		return 0;
747 	}
748 #endif
749 #if defined(SSL_OP_NO_TLSv1_1) && defined(SSL_OP_NO_TLSv1_2)
750 	/* if we have tls 1.2 disable 1.1 */
751 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1_1) & SSL_OP_NO_TLSv1_1)
752 		!= SSL_OP_NO_TLSv1_1){
753 		log_crypto_err("could not set SSL_OP_NO_TLSv1_1");
754 		return 0;
755 	}
756 #endif
757 #if defined(SSL_OP_NO_RENEGOTIATION)
758 	/* disable client renegotiation */
759 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_RENEGOTIATION) &
760 		SSL_OP_NO_RENEGOTIATION) != SSL_OP_NO_RENEGOTIATION) {
761 		log_crypto_err("could not set SSL_OP_NO_RENEGOTIATION");
762 		return 0;
763 	}
764 #endif
765 #if defined(SHA256_DIGEST_LENGTH) && defined(USE_ECDSA)
766 	/* if we have sha256, set the cipher list to have no known vulns */
767 	if(!SSL_CTX_set_cipher_list(ctx, "TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256"))
768 		log_crypto_err("could not set cipher list with SSL_CTX_set_cipher_list");
769 #endif
770 
771 	if((SSL_CTX_set_options(ctx, SSL_OP_CIPHER_SERVER_PREFERENCE) &
772 		SSL_OP_CIPHER_SERVER_PREFERENCE) !=
773 		SSL_OP_CIPHER_SERVER_PREFERENCE) {
774 		log_crypto_err("could not set SSL_OP_CIPHER_SERVER_PREFERENCE");
775 		return 0;
776 	}
777 
778 #ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL
779 	SSL_CTX_set_security_level(ctx, 0);
780 #endif
781 #else
782 	(void)ctxt;
783 #endif /* HAVE_SSL */
784 	return 1;
785 }
786 
787 void
788 listen_sslctx_setup_2(void* ctxt)
789 {
790 #ifdef HAVE_SSL
791 	SSL_CTX* ctx = (SSL_CTX*)ctxt;
792 	(void)ctx;
793 #if HAVE_DECL_SSL_CTX_SET_ECDH_AUTO
794 	if(!SSL_CTX_set_ecdh_auto(ctx,1)) {
795 		log_crypto_err("Error in SSL_CTX_ecdh_auto, not enabling ECDHE");
796 	}
797 #elif defined(USE_ECDSA)
798 	if(1) {
799 		EC_KEY *ecdh = EC_KEY_new_by_curve_name (NID_X9_62_prime256v1);
800 		if (!ecdh) {
801 			log_crypto_err("could not find p256, not enabling ECDHE");
802 		} else {
803 			if (1 != SSL_CTX_set_tmp_ecdh (ctx, ecdh)) {
804 				log_crypto_err("Error in SSL_CTX_set_tmp_ecdh, not enabling ECDHE");
805 			}
806 			EC_KEY_free (ecdh);
807 		}
808 	}
809 #endif
810 #else
811 	(void)ctxt;
812 #endif /* HAVE_SSL */
813 }
814 
815 void* listen_sslctx_create(char* key, char* pem, char* verifypem)
816 {
817 #ifdef HAVE_SSL
818 	SSL_CTX* ctx = SSL_CTX_new(SSLv23_server_method());
819 	if(!ctx) {
820 		log_crypto_err("could not SSL_CTX_new");
821 		return NULL;
822 	}
823 	if(!key || key[0] == 0) {
824 		log_err("error: no tls-service-key file specified");
825 		SSL_CTX_free(ctx);
826 		return NULL;
827 	}
828 	if(!pem || pem[0] == 0) {
829 		log_err("error: no tls-service-pem file specified");
830 		SSL_CTX_free(ctx);
831 		return NULL;
832 	}
833 	if(!listen_sslctx_setup(ctx)) {
834 		SSL_CTX_free(ctx);
835 		return NULL;
836 	}
837 	if(!SSL_CTX_use_certificate_chain_file(ctx, pem)) {
838 		log_err("error for cert file: %s", pem);
839 		log_crypto_err("error in SSL_CTX use_certificate_chain_file");
840 		SSL_CTX_free(ctx);
841 		return NULL;
842 	}
843 	if(!SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM)) {
844 		log_err("error for private key file: %s", key);
845 		log_crypto_err("Error in SSL_CTX use_PrivateKey_file");
846 		SSL_CTX_free(ctx);
847 		return NULL;
848 	}
849 	if(!SSL_CTX_check_private_key(ctx)) {
850 		log_err("error for key file: %s", key);
851 		log_crypto_err("Error in SSL_CTX check_private_key");
852 		SSL_CTX_free(ctx);
853 		return NULL;
854 	}
855 	listen_sslctx_setup_2(ctx);
856 	if(verifypem && verifypem[0]) {
857 		if(!SSL_CTX_load_verify_locations(ctx, verifypem, NULL)) {
858 			log_crypto_err("Error in SSL_CTX verify locations");
859 			SSL_CTX_free(ctx);
860 			return NULL;
861 		}
862 		SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(
863 			verifypem));
864 		SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
865 	}
866 	return ctx;
867 #else
868 	(void)key; (void)pem; (void)verifypem;
869 	return NULL;
870 #endif
871 }
872 
873 #ifdef USE_WINSOCK
874 /* For windows, the CA trust store is not read by openssl.
875    Add code to open the trust store using wincrypt API and add
876    the root certs into openssl trust store */
877 static int
878 add_WIN_cacerts_to_openssl_store(SSL_CTX* tls_ctx)
879 {
880 	HCERTSTORE      hSystemStore;
881 	PCCERT_CONTEXT  pTargetCert = NULL;
882 	X509_STORE*	store;
883 
884 	verbose(VERB_ALGO, "Adding Windows certificates from system root store to CA store");
885 
886 	/* load just once per context lifetime for this version
887 	   TODO: dynamically update CA trust changes as they are available */
888 	if (!tls_ctx)
889 		return 0;
890 
891 	/* Call wincrypt's CertOpenStore to open the CA root store. */
892 
893 	if ((hSystemStore = CertOpenStore(
894 		CERT_STORE_PROV_SYSTEM,
895 		0,
896 		0,
897 		/* NOTE: mingw does not have this const: replace with 1 << 16 from code
898 		   CERT_SYSTEM_STORE_CURRENT_USER, */
899 		1 << 16,
900 		L"root")) == 0)
901 	{
902 		return 0;
903 	}
904 
905 	store = SSL_CTX_get_cert_store(tls_ctx);
906 	if (!store)
907 		return 0;
908 
909 	/* failure if the CA store is empty or the call fails */
910 	if ((pTargetCert = CertEnumCertificatesInStore(
911 		hSystemStore, pTargetCert)) == 0) {
912 		verbose(VERB_ALGO, "CA certificate store for Windows is empty.");
913 		return 0;
914 	}
915 	/* iterate over the windows cert store and add to openssl store */
916 	do
917 	{
918 		X509 *cert1 = d2i_X509(NULL,
919 			(const unsigned char **)&pTargetCert->pbCertEncoded,
920 			pTargetCert->cbCertEncoded);
921 		if (!cert1) {
922 			/* return error if a cert fails */
923 			verbose(VERB_ALGO, "%s %d:%s",
924 				"Unable to parse certificate in memory",
925 				(int)ERR_get_error(), ERR_error_string(ERR_get_error(), NULL));
926 			return 0;
927 		}
928 		else {
929 			/* return error if a cert add to store fails */
930 			if (X509_STORE_add_cert(store, cert1) == 0) {
931 				unsigned long error = ERR_peek_last_error();
932 
933 				/* Ignore error X509_R_CERT_ALREADY_IN_HASH_TABLE which means the
934 				* certificate is already in the store.  */
935 				if(ERR_GET_LIB(error) != ERR_LIB_X509 ||
936 				   ERR_GET_REASON(error) != X509_R_CERT_ALREADY_IN_HASH_TABLE) {
937 					verbose(VERB_ALGO, "%s %d:%s\n",
938 					    "Error adding certificate", (int)ERR_get_error(),
939 					     ERR_error_string(ERR_get_error(), NULL));
940 					X509_free(cert1);
941 					return 0;
942 				}
943 			}
944 			X509_free(cert1);
945 		}
946 	} while ((pTargetCert = CertEnumCertificatesInStore(
947 		hSystemStore, pTargetCert)) != 0);
948 
949 	/* Clean up memory and quit. */
950 	if (pTargetCert)
951 		CertFreeCertificateContext(pTargetCert);
952 	if (hSystemStore)
953 	{
954 		if (!CertCloseStore(
955 			hSystemStore, 0))
956 			return 0;
957 	}
958 	verbose(VERB_ALGO, "Completed adding Windows certificates to CA store successfully");
959 	return 1;
960 }
961 #endif /* USE_WINSOCK */
962 
963 void* connect_sslctx_create(char* key, char* pem, char* verifypem, int wincert)
964 {
965 #ifdef HAVE_SSL
966 	SSL_CTX* ctx = SSL_CTX_new(SSLv23_client_method());
967 	if(!ctx) {
968 		log_crypto_err("could not allocate SSL_CTX pointer");
969 		return NULL;
970 	}
971 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) & SSL_OP_NO_SSLv2)
972 		!= SSL_OP_NO_SSLv2) {
973 		log_crypto_err("could not set SSL_OP_NO_SSLv2");
974 		SSL_CTX_free(ctx);
975 		return NULL;
976 	}
977 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)
978 		!= SSL_OP_NO_SSLv3) {
979 		log_crypto_err("could not set SSL_OP_NO_SSLv3");
980 		SSL_CTX_free(ctx);
981 		return NULL;
982 	}
983 #if defined(SSL_OP_NO_RENEGOTIATION)
984 	/* disable client renegotiation */
985 	if((SSL_CTX_set_options(ctx, SSL_OP_NO_RENEGOTIATION) &
986 		SSL_OP_NO_RENEGOTIATION) != SSL_OP_NO_RENEGOTIATION) {
987 		log_crypto_err("could not set SSL_OP_NO_RENEGOTIATION");
988 		return 0;
989 	}
990 #endif
991 	if(key && key[0]) {
992 		if(!SSL_CTX_use_certificate_chain_file(ctx, pem)) {
993 			log_err("error in client certificate %s", pem);
994 			log_crypto_err("error in certificate file");
995 			SSL_CTX_free(ctx);
996 			return NULL;
997 		}
998 		if(!SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM)) {
999 			log_err("error in client private key %s", key);
1000 			log_crypto_err("error in key file");
1001 			SSL_CTX_free(ctx);
1002 			return NULL;
1003 		}
1004 		if(!SSL_CTX_check_private_key(ctx)) {
1005 			log_err("error in client key %s", key);
1006 			log_crypto_err("error in SSL_CTX_check_private_key");
1007 			SSL_CTX_free(ctx);
1008 			return NULL;
1009 		}
1010 	}
1011 	if((verifypem && verifypem[0]) || wincert) {
1012 		if(verifypem && verifypem[0]) {
1013 			if(!SSL_CTX_load_verify_locations(ctx, verifypem, NULL)) {
1014 				log_crypto_err("error in SSL_CTX verify");
1015 				SSL_CTX_free(ctx);
1016 				return NULL;
1017 			}
1018 		}
1019 #ifdef USE_WINSOCK
1020 		if(wincert) {
1021 			if(!add_WIN_cacerts_to_openssl_store(ctx)) {
1022 				log_crypto_err("error in add_WIN_cacerts_to_openssl_store");
1023 				SSL_CTX_free(ctx);
1024 				return NULL;
1025 			}
1026 		}
1027 #else
1028 		(void)wincert;
1029 #endif
1030 		SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
1031 	}
1032 	return ctx;
1033 #else
1034 	(void)key; (void)pem; (void)verifypem; (void)wincert;
1035 	return NULL;
1036 #endif
1037 }
1038 
1039 void* incoming_ssl_fd(void* sslctx, int fd)
1040 {
1041 #ifdef HAVE_SSL
1042 	SSL* ssl = SSL_new((SSL_CTX*)sslctx);
1043 	if(!ssl) {
1044 		log_crypto_err("could not SSL_new");
1045 		return NULL;
1046 	}
1047 	SSL_set_accept_state(ssl);
1048 	(void)SSL_set_mode(ssl, (long)SSL_MODE_AUTO_RETRY);
1049 	if(!SSL_set_fd(ssl, fd)) {
1050 		log_crypto_err("could not SSL_set_fd");
1051 		SSL_free(ssl);
1052 		return NULL;
1053 	}
1054 	return ssl;
1055 #else
1056 	(void)sslctx; (void)fd;
1057 	return NULL;
1058 #endif
1059 }
1060 
1061 void* outgoing_ssl_fd(void* sslctx, int fd)
1062 {
1063 #ifdef HAVE_SSL
1064 	SSL* ssl = SSL_new((SSL_CTX*)sslctx);
1065 	if(!ssl) {
1066 		log_crypto_err("could not SSL_new");
1067 		return NULL;
1068 	}
1069 	SSL_set_connect_state(ssl);
1070 	(void)SSL_set_mode(ssl, (long)SSL_MODE_AUTO_RETRY);
1071 	if(!SSL_set_fd(ssl, fd)) {
1072 		log_crypto_err("could not SSL_set_fd");
1073 		SSL_free(ssl);
1074 		return NULL;
1075 	}
1076 	return ssl;
1077 #else
1078 	(void)sslctx; (void)fd;
1079 	return NULL;
1080 #endif
1081 }
1082 
1083 #if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) && defined(CRYPTO_LOCK) && OPENSSL_VERSION_NUMBER < 0x10100000L
1084 /** global lock list for openssl locks */
1085 static lock_basic_type *ub_openssl_locks = NULL;
1086 
1087 /** callback that gets thread id for openssl */
1088 #ifdef HAVE_CRYPTO_THREADID_SET_CALLBACK
1089 static void
1090 ub_crypto_id_cb(CRYPTO_THREADID *id)
1091 {
1092 	CRYPTO_THREADID_set_numeric(id, (unsigned long)log_thread_get());
1093 }
1094 #else
1095 static unsigned long
1096 ub_crypto_id_cb(void)
1097 {
1098 	return (unsigned long)log_thread_get();
1099 }
1100 #endif
1101 
1102 static void
1103 ub_crypto_lock_cb(int mode, int type, const char *ATTR_UNUSED(file),
1104 	int ATTR_UNUSED(line))
1105 {
1106 	if((mode&CRYPTO_LOCK)) {
1107 		lock_basic_lock(&ub_openssl_locks[type]);
1108 	} else {
1109 		lock_basic_unlock(&ub_openssl_locks[type]);
1110 	}
1111 }
1112 #endif /* OPENSSL_THREADS */
1113 
1114 int ub_openssl_lock_init(void)
1115 {
1116 #if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) && defined(CRYPTO_LOCK) && OPENSSL_VERSION_NUMBER < 0x10100000L
1117 	int i;
1118 	ub_openssl_locks = (lock_basic_type*)reallocarray(
1119 		NULL, (size_t)CRYPTO_num_locks(), sizeof(lock_basic_type));
1120 	if(!ub_openssl_locks)
1121 		return 0;
1122 	for(i=0; i<CRYPTO_num_locks(); i++) {
1123 		lock_basic_init(&ub_openssl_locks[i]);
1124 	}
1125 #  ifdef HAVE_CRYPTO_THREADID_SET_CALLBACK
1126 	CRYPTO_THREADID_set_callback(&ub_crypto_id_cb);
1127 #  else
1128 	CRYPTO_set_id_callback(&ub_crypto_id_cb);
1129 #  endif
1130 	CRYPTO_set_locking_callback(&ub_crypto_lock_cb);
1131 #endif /* OPENSSL_THREADS */
1132 	return 1;
1133 }
1134 
1135 void ub_openssl_lock_delete(void)
1136 {
1137 #if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) && defined(CRYPTO_LOCK) && OPENSSL_VERSION_NUMBER < 0x10100000L
1138 	int i;
1139 	if(!ub_openssl_locks)
1140 		return;
1141 #  ifdef HAVE_CRYPTO_THREADID_SET_CALLBACK
1142 	CRYPTO_THREADID_set_callback(NULL);
1143 #  else
1144 	CRYPTO_set_id_callback(NULL);
1145 #  endif
1146 	CRYPTO_set_locking_callback(NULL);
1147 	for(i=0; i<CRYPTO_num_locks(); i++) {
1148 		lock_basic_destroy(&ub_openssl_locks[i]);
1149 	}
1150 	free(ub_openssl_locks);
1151 #endif /* OPENSSL_THREADS */
1152 }
1153 
1154 int listen_sslctx_setup_ticket_keys(void* sslctx, struct config_strlist* tls_session_ticket_keys) {
1155 #ifdef HAVE_SSL
1156 	size_t s = 1;
1157 	struct config_strlist* p;
1158 	struct tls_session_ticket_key *keys;
1159 	for(p = tls_session_ticket_keys; p; p = p->next) {
1160 		s++;
1161 	}
1162 	keys = calloc(s, sizeof(struct tls_session_ticket_key));
1163 	memset(keys, 0, s*sizeof(*keys));
1164 	ticket_keys = keys;
1165 
1166 	for(p = tls_session_ticket_keys; p; p = p->next) {
1167 		size_t n;
1168 		unsigned char *data = (unsigned char *)malloc(80);
1169 		FILE *f = fopen(p->str, "r");
1170 		if(!f) {
1171 			log_err("could not read tls-session-ticket-key %s: %s", p->str, strerror(errno));
1172 			free(data);
1173 			return 0;
1174 		}
1175 		n = fread(data, 1, 80, f);
1176 		fclose(f);
1177 
1178 		if(n != 80) {
1179 			log_err("tls-session-ticket-key %s is %d bytes, must be 80 bytes", p->str, (int)n);
1180 			free(data);
1181 			return 0;
1182 		}
1183 		verbose(VERB_OPS, "read tls-session-ticket-key: %s", p->str);
1184 
1185 		keys->key_name = data;
1186 		keys->aes_key = data + 16;
1187 		keys->hmac_key = data + 48;
1188 		keys++;
1189 	}
1190 	/* terminate array with NULL key name entry */
1191 	keys->key_name = NULL;
1192 	if(SSL_CTX_set_tlsext_ticket_key_cb(sslctx, tls_session_ticket_key_cb) == 0) {
1193 		log_err("no support for TLS session ticket");
1194 		return 0;
1195 	}
1196 	return 1;
1197 #else
1198 	(void)sslctx;
1199 	(void)tls_session_ticket_keys;
1200 	return 0;
1201 #endif
1202 
1203 }
1204 
1205 int tls_session_ticket_key_cb(void *ATTR_UNUSED(sslctx), unsigned char* key_name, unsigned char* iv, void *evp_sctx, void *hmac_ctx, int enc)
1206 {
1207 #ifdef HAVE_SSL
1208 	const EVP_MD *digest;
1209 	const EVP_CIPHER *cipher;
1210 	int evp_cipher_length;
1211 	digest = EVP_sha256();
1212 	cipher = EVP_aes_256_cbc();
1213 	evp_cipher_length = EVP_CIPHER_iv_length(cipher);
1214 	if( enc == 1 ) {
1215 		/* encrypt */
1216 		verbose(VERB_CLIENT, "start session encrypt");
1217 		memcpy(key_name, ticket_keys->key_name, 16);
1218 		if (RAND_bytes(iv, evp_cipher_length) != 1) {
1219 			verbose(VERB_CLIENT, "RAND_bytes failed");
1220 			return -1;
1221 		}
1222 		if (EVP_EncryptInit_ex(evp_sctx, cipher, NULL, ticket_keys->aes_key, iv) != 1) {
1223 			verbose(VERB_CLIENT, "EVP_EncryptInit_ex failed");
1224 			return -1;
1225 		}
1226 #ifndef HMAC_INIT_EX_RETURNS_VOID
1227 		if (HMAC_Init_ex(hmac_ctx, ticket_keys->hmac_key, 32, digest, NULL) != 1) {
1228 			verbose(VERB_CLIENT, "HMAC_Init_ex failed");
1229 			return -1;
1230 		}
1231 #else
1232 		HMAC_Init_ex(hmac_ctx, ticket_keys->hmac_key, 32, digest, NULL);
1233 #endif
1234 		return 1;
1235 	} else if (enc == 0) {
1236 		/* decrypt */
1237 		struct tls_session_ticket_key *key;
1238 		verbose(VERB_CLIENT, "start session decrypt");
1239 		for(key = ticket_keys; key->key_name != NULL; key++) {
1240 			if (!memcmp(key_name, key->key_name, 16)) {
1241 				verbose(VERB_CLIENT, "Found session_key");
1242 				break;
1243 			}
1244 		}
1245 		if(key->key_name == NULL) {
1246 			verbose(VERB_CLIENT, "Not found session_key");
1247 			return 0;
1248 		}
1249 
1250 #ifndef HMAC_INIT_EX_RETURNS_VOID
1251 		if (HMAC_Init_ex(hmac_ctx, key->hmac_key, 32, digest, NULL) != 1) {
1252 			verbose(VERB_CLIENT, "HMAC_Init_ex failed");
1253 			return -1;
1254 		}
1255 #else
1256 		HMAC_Init_ex(hmac_ctx, key->hmac_key, 32, digest, NULL);
1257 #endif
1258 		if (EVP_DecryptInit_ex(evp_sctx, cipher, NULL, key->aes_key, iv) != 1) {
1259 			log_err("EVP_DecryptInit_ex failed");
1260 			return -1;
1261 		}
1262 
1263 		return (key == ticket_keys) ? 1 : 2;
1264 	}
1265 	return -1;
1266 #else
1267 	(void)key_name;
1268 	(void)iv;
1269 	(void)evp_sctx;
1270 	(void)hmac_ctx;
1271 	(void)enc;
1272 	return 0;
1273 #endif
1274 }
1275 
1276 void
1277 listen_sslctx_delete_ticket_keys(void)
1278 {
1279 	struct tls_session_ticket_key *key;
1280 	if(!ticket_keys) return;
1281 	for(key = ticket_keys; key->key_name != NULL; key++) {
1282 		/* wipe key data from memory*/
1283 #ifdef HAVE_EXPLICIT_BZERO
1284 		explicit_bzero(key->key_name, 80);
1285 #else
1286 		memset(key->key_name, 0xdd, 80);
1287 #endif
1288 		free(key->key_name);
1289 	}
1290 	free(ticket_keys);
1291 	ticket_keys = NULL;
1292 }
1293