1 /* 2 * WPA Supplicant / SSL/TLS interface functions for openssl 3 * Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 */ 14 15 #include "includes.h" 16 17 #ifndef CONFIG_SMARTCARD 18 #ifndef OPENSSL_NO_ENGINE 19 #define OPENSSL_NO_ENGINE 20 #endif 21 #endif 22 23 #include <openssl/ssl.h> 24 #include <openssl/err.h> 25 #include <openssl/pkcs12.h> 26 #include <openssl/x509v3.h> 27 #ifndef OPENSSL_NO_ENGINE 28 #include <openssl/engine.h> 29 #endif /* OPENSSL_NO_ENGINE */ 30 31 #include "common.h" 32 #include "tls.h" 33 34 #if OPENSSL_VERSION_NUMBER >= 0x0090800fL 35 #define OPENSSL_d2i_TYPE const unsigned char ** 36 #else 37 #define OPENSSL_d2i_TYPE unsigned char ** 38 #endif 39 40 #ifdef SSL_F_SSL_SET_SESSION_TICKET_EXT 41 #ifdef SSL_OP_NO_TICKET 42 /* 43 * Session ticket override patch was merged into OpenSSL 0.9.9 tree on 44 * 2008-11-15. This version uses a bit different API compared to the old patch. 45 */ 46 #define CONFIG_OPENSSL_TICKET_OVERRIDE 47 #endif 48 #endif 49 50 static int tls_openssl_ref_count = 0; 51 52 struct tls_connection { 53 SSL *ssl; 54 BIO *ssl_in, *ssl_out; 55 #ifndef OPENSSL_NO_ENGINE 56 ENGINE *engine; /* functional reference to the engine */ 57 EVP_PKEY *private_key; /* the private key if using engine */ 58 #endif /* OPENSSL_NO_ENGINE */ 59 char *subject_match, *altsubject_match; 60 int read_alerts, write_alerts, failed; 61 62 tls_session_ticket_cb session_ticket_cb; 63 void *session_ticket_cb_ctx; 64 65 /* SessionTicket received from OpenSSL hello_extension_cb (server) */ 66 u8 *session_ticket; 67 size_t session_ticket_len; 68 }; 69 70 71 #ifdef CONFIG_NO_STDOUT_DEBUG 72 73 static void _tls_show_errors(void) 74 { 75 unsigned long err; 76 77 while ((err = ERR_get_error())) { 78 /* Just ignore the errors, since stdout is disabled */ 79 } 80 } 81 #define tls_show_errors(l, f, t) _tls_show_errors() 82 83 #else /* CONFIG_NO_STDOUT_DEBUG */ 84 85 static void tls_show_errors(int level, const char *func, const char *txt) 86 { 87 unsigned long err; 88 89 wpa_printf(level, "OpenSSL: %s - %s %s", 90 func, txt, ERR_error_string(ERR_get_error(), NULL)); 91 92 while ((err = ERR_get_error())) { 93 wpa_printf(MSG_INFO, "OpenSSL: pending error: %s", 94 ERR_error_string(err, NULL)); 95 } 96 } 97 98 #endif /* CONFIG_NO_STDOUT_DEBUG */ 99 100 101 #ifdef CONFIG_NATIVE_WINDOWS 102 103 /* Windows CryptoAPI and access to certificate stores */ 104 #include <wincrypt.h> 105 106 #ifdef __MINGW32_VERSION 107 /* 108 * MinGW does not yet include all the needed definitions for CryptoAPI, so 109 * define here whatever extra is needed. 110 */ 111 #define CALG_SSL3_SHAMD5 (ALG_CLASS_HASH | ALG_TYPE_ANY | ALG_SID_SSL3SHAMD5) 112 #define CERT_SYSTEM_STORE_CURRENT_USER (1 << 16) 113 #define CERT_STORE_READONLY_FLAG 0x00008000 114 #define CERT_STORE_OPEN_EXISTING_FLAG 0x00004000 115 #define CRYPT_ACQUIRE_COMPARE_KEY_FLAG 0x00000004 116 117 static BOOL WINAPI 118 (*CryptAcquireCertificatePrivateKey)(PCCERT_CONTEXT pCert, DWORD dwFlags, 119 void *pvReserved, HCRYPTPROV *phCryptProv, 120 DWORD *pdwKeySpec, BOOL *pfCallerFreeProv) 121 = NULL; /* to be loaded from crypt32.dll */ 122 123 #ifdef CONFIG_MINGW32_LOAD_CERTENUM 124 static PCCERT_CONTEXT WINAPI 125 (*CertEnumCertificatesInStore)(HCERTSTORE hCertStore, 126 PCCERT_CONTEXT pPrevCertContext) 127 = NULL; /* to be loaded from crypt32.dll */ 128 #endif /* CONFIG_MINGW32_LOAD_CERTENUM */ 129 130 static int mingw_load_crypto_func(void) 131 { 132 HINSTANCE dll; 133 134 /* MinGW does not yet have full CryptoAPI support, so load the needed 135 * function here. */ 136 137 if (CryptAcquireCertificatePrivateKey) 138 return 0; 139 140 dll = LoadLibrary("crypt32"); 141 if (dll == NULL) { 142 wpa_printf(MSG_DEBUG, "CryptoAPI: Could not load crypt32 " 143 "library"); 144 return -1; 145 } 146 147 CryptAcquireCertificatePrivateKey = GetProcAddress( 148 dll, "CryptAcquireCertificatePrivateKey"); 149 if (CryptAcquireCertificatePrivateKey == NULL) { 150 wpa_printf(MSG_DEBUG, "CryptoAPI: Could not get " 151 "CryptAcquireCertificatePrivateKey() address from " 152 "crypt32 library"); 153 return -1; 154 } 155 156 #ifdef CONFIG_MINGW32_LOAD_CERTENUM 157 CertEnumCertificatesInStore = (void *) GetProcAddress( 158 dll, "CertEnumCertificatesInStore"); 159 if (CertEnumCertificatesInStore == NULL) { 160 wpa_printf(MSG_DEBUG, "CryptoAPI: Could not get " 161 "CertEnumCertificatesInStore() address from " 162 "crypt32 library"); 163 return -1; 164 } 165 #endif /* CONFIG_MINGW32_LOAD_CERTENUM */ 166 167 return 0; 168 } 169 170 #else /* __MINGW32_VERSION */ 171 172 static int mingw_load_crypto_func(void) 173 { 174 return 0; 175 } 176 177 #endif /* __MINGW32_VERSION */ 178 179 180 struct cryptoapi_rsa_data { 181 const CERT_CONTEXT *cert; 182 HCRYPTPROV crypt_prov; 183 DWORD key_spec; 184 BOOL free_crypt_prov; 185 }; 186 187 188 static void cryptoapi_error(const char *msg) 189 { 190 wpa_printf(MSG_INFO, "CryptoAPI: %s; err=%u", 191 msg, (unsigned int) GetLastError()); 192 } 193 194 195 static int cryptoapi_rsa_pub_enc(int flen, const unsigned char *from, 196 unsigned char *to, RSA *rsa, int padding) 197 { 198 wpa_printf(MSG_DEBUG, "%s - not implemented", __func__); 199 return 0; 200 } 201 202 203 static int cryptoapi_rsa_pub_dec(int flen, const unsigned char *from, 204 unsigned char *to, RSA *rsa, int padding) 205 { 206 wpa_printf(MSG_DEBUG, "%s - not implemented", __func__); 207 return 0; 208 } 209 210 211 static int cryptoapi_rsa_priv_enc(int flen, const unsigned char *from, 212 unsigned char *to, RSA *rsa, int padding) 213 { 214 struct cryptoapi_rsa_data *priv = 215 (struct cryptoapi_rsa_data *) rsa->meth->app_data; 216 HCRYPTHASH hash; 217 DWORD hash_size, len, i; 218 unsigned char *buf = NULL; 219 int ret = 0; 220 221 if (priv == NULL) { 222 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, 223 ERR_R_PASSED_NULL_PARAMETER); 224 return 0; 225 } 226 227 if (padding != RSA_PKCS1_PADDING) { 228 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, 229 RSA_R_UNKNOWN_PADDING_TYPE); 230 return 0; 231 } 232 233 if (flen != 16 /* MD5 */ + 20 /* SHA-1 */) { 234 wpa_printf(MSG_INFO, "%s - only MD5-SHA1 hash supported", 235 __func__); 236 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, 237 RSA_R_INVALID_MESSAGE_LENGTH); 238 return 0; 239 } 240 241 if (!CryptCreateHash(priv->crypt_prov, CALG_SSL3_SHAMD5, 0, 0, &hash)) 242 { 243 cryptoapi_error("CryptCreateHash failed"); 244 return 0; 245 } 246 247 len = sizeof(hash_size); 248 if (!CryptGetHashParam(hash, HP_HASHSIZE, (BYTE *) &hash_size, &len, 249 0)) { 250 cryptoapi_error("CryptGetHashParam failed"); 251 goto err; 252 } 253 254 if ((int) hash_size != flen) { 255 wpa_printf(MSG_INFO, "CryptoAPI: Invalid hash size (%u != %d)", 256 (unsigned) hash_size, flen); 257 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, 258 RSA_R_INVALID_MESSAGE_LENGTH); 259 goto err; 260 } 261 if (!CryptSetHashParam(hash, HP_HASHVAL, (BYTE * ) from, 0)) { 262 cryptoapi_error("CryptSetHashParam failed"); 263 goto err; 264 } 265 266 len = RSA_size(rsa); 267 buf = os_malloc(len); 268 if (buf == NULL) { 269 RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE); 270 goto err; 271 } 272 273 if (!CryptSignHash(hash, priv->key_spec, NULL, 0, buf, &len)) { 274 cryptoapi_error("CryptSignHash failed"); 275 goto err; 276 } 277 278 for (i = 0; i < len; i++) 279 to[i] = buf[len - i - 1]; 280 ret = len; 281 282 err: 283 os_free(buf); 284 CryptDestroyHash(hash); 285 286 return ret; 287 } 288 289 290 static int cryptoapi_rsa_priv_dec(int flen, const unsigned char *from, 291 unsigned char *to, RSA *rsa, int padding) 292 { 293 wpa_printf(MSG_DEBUG, "%s - not implemented", __func__); 294 return 0; 295 } 296 297 298 static void cryptoapi_free_data(struct cryptoapi_rsa_data *priv) 299 { 300 if (priv == NULL) 301 return; 302 if (priv->crypt_prov && priv->free_crypt_prov) 303 CryptReleaseContext(priv->crypt_prov, 0); 304 if (priv->cert) 305 CertFreeCertificateContext(priv->cert); 306 os_free(priv); 307 } 308 309 310 static int cryptoapi_finish(RSA *rsa) 311 { 312 cryptoapi_free_data((struct cryptoapi_rsa_data *) rsa->meth->app_data); 313 os_free((void *) rsa->meth); 314 rsa->meth = NULL; 315 return 1; 316 } 317 318 319 static const CERT_CONTEXT * cryptoapi_find_cert(const char *name, DWORD store) 320 { 321 HCERTSTORE cs; 322 const CERT_CONTEXT *ret = NULL; 323 324 cs = CertOpenStore((LPCSTR) CERT_STORE_PROV_SYSTEM, 0, 0, 325 store | CERT_STORE_OPEN_EXISTING_FLAG | 326 CERT_STORE_READONLY_FLAG, L"MY"); 327 if (cs == NULL) { 328 cryptoapi_error("Failed to open 'My system store'"); 329 return NULL; 330 } 331 332 if (strncmp(name, "cert://", 7) == 0) { 333 unsigned short wbuf[255]; 334 MultiByteToWideChar(CP_ACP, 0, name + 7, -1, wbuf, 255); 335 ret = CertFindCertificateInStore(cs, X509_ASN_ENCODING | 336 PKCS_7_ASN_ENCODING, 337 0, CERT_FIND_SUBJECT_STR, 338 wbuf, NULL); 339 } else if (strncmp(name, "hash://", 7) == 0) { 340 CRYPT_HASH_BLOB blob; 341 int len; 342 const char *hash = name + 7; 343 unsigned char *buf; 344 345 len = os_strlen(hash) / 2; 346 buf = os_malloc(len); 347 if (buf && hexstr2bin(hash, buf, len) == 0) { 348 blob.cbData = len; 349 blob.pbData = buf; 350 ret = CertFindCertificateInStore(cs, 351 X509_ASN_ENCODING | 352 PKCS_7_ASN_ENCODING, 353 0, CERT_FIND_HASH, 354 &blob, NULL); 355 } 356 os_free(buf); 357 } 358 359 CertCloseStore(cs, 0); 360 361 return ret; 362 } 363 364 365 static int tls_cryptoapi_cert(SSL *ssl, const char *name) 366 { 367 X509 *cert = NULL; 368 RSA *rsa = NULL, *pub_rsa; 369 struct cryptoapi_rsa_data *priv; 370 RSA_METHOD *rsa_meth; 371 372 if (name == NULL || 373 (strncmp(name, "cert://", 7) != 0 && 374 strncmp(name, "hash://", 7) != 0)) 375 return -1; 376 377 priv = os_zalloc(sizeof(*priv)); 378 rsa_meth = os_zalloc(sizeof(*rsa_meth)); 379 if (priv == NULL || rsa_meth == NULL) { 380 wpa_printf(MSG_WARNING, "CryptoAPI: Failed to allocate memory " 381 "for CryptoAPI RSA method"); 382 os_free(priv); 383 os_free(rsa_meth); 384 return -1; 385 } 386 387 priv->cert = cryptoapi_find_cert(name, CERT_SYSTEM_STORE_CURRENT_USER); 388 if (priv->cert == NULL) { 389 priv->cert = cryptoapi_find_cert( 390 name, CERT_SYSTEM_STORE_LOCAL_MACHINE); 391 } 392 if (priv->cert == NULL) { 393 wpa_printf(MSG_INFO, "CryptoAPI: Could not find certificate " 394 "'%s'", name); 395 goto err; 396 } 397 398 cert = d2i_X509(NULL, (OPENSSL_d2i_TYPE) &priv->cert->pbCertEncoded, 399 priv->cert->cbCertEncoded); 400 if (cert == NULL) { 401 wpa_printf(MSG_INFO, "CryptoAPI: Could not process X509 DER " 402 "encoding"); 403 goto err; 404 } 405 406 if (mingw_load_crypto_func()) 407 goto err; 408 409 if (!CryptAcquireCertificatePrivateKey(priv->cert, 410 CRYPT_ACQUIRE_COMPARE_KEY_FLAG, 411 NULL, &priv->crypt_prov, 412 &priv->key_spec, 413 &priv->free_crypt_prov)) { 414 cryptoapi_error("Failed to acquire a private key for the " 415 "certificate"); 416 goto err; 417 } 418 419 rsa_meth->name = "Microsoft CryptoAPI RSA Method"; 420 rsa_meth->rsa_pub_enc = cryptoapi_rsa_pub_enc; 421 rsa_meth->rsa_pub_dec = cryptoapi_rsa_pub_dec; 422 rsa_meth->rsa_priv_enc = cryptoapi_rsa_priv_enc; 423 rsa_meth->rsa_priv_dec = cryptoapi_rsa_priv_dec; 424 rsa_meth->finish = cryptoapi_finish; 425 rsa_meth->flags = RSA_METHOD_FLAG_NO_CHECK; 426 rsa_meth->app_data = (char *) priv; 427 428 rsa = RSA_new(); 429 if (rsa == NULL) { 430 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, 431 ERR_R_MALLOC_FAILURE); 432 goto err; 433 } 434 435 if (!SSL_use_certificate(ssl, cert)) { 436 RSA_free(rsa); 437 rsa = NULL; 438 goto err; 439 } 440 pub_rsa = cert->cert_info->key->pkey->pkey.rsa; 441 X509_free(cert); 442 cert = NULL; 443 444 rsa->n = BN_dup(pub_rsa->n); 445 rsa->e = BN_dup(pub_rsa->e); 446 if (!RSA_set_method(rsa, rsa_meth)) 447 goto err; 448 449 if (!SSL_use_RSAPrivateKey(ssl, rsa)) 450 goto err; 451 RSA_free(rsa); 452 453 return 0; 454 455 err: 456 if (cert) 457 X509_free(cert); 458 if (rsa) 459 RSA_free(rsa); 460 else { 461 os_free(rsa_meth); 462 cryptoapi_free_data(priv); 463 } 464 return -1; 465 } 466 467 468 static int tls_cryptoapi_ca_cert(SSL_CTX *ssl_ctx, SSL *ssl, const char *name) 469 { 470 HCERTSTORE cs; 471 PCCERT_CONTEXT ctx = NULL; 472 X509 *cert; 473 char buf[128]; 474 const char *store; 475 #ifdef UNICODE 476 WCHAR *wstore; 477 #endif /* UNICODE */ 478 479 if (mingw_load_crypto_func()) 480 return -1; 481 482 if (name == NULL || strncmp(name, "cert_store://", 13) != 0) 483 return -1; 484 485 store = name + 13; 486 #ifdef UNICODE 487 wstore = os_malloc((os_strlen(store) + 1) * sizeof(WCHAR)); 488 if (wstore == NULL) 489 return -1; 490 wsprintf(wstore, L"%S", store); 491 cs = CertOpenSystemStore(0, wstore); 492 os_free(wstore); 493 #else /* UNICODE */ 494 cs = CertOpenSystemStore(0, store); 495 #endif /* UNICODE */ 496 if (cs == NULL) { 497 wpa_printf(MSG_DEBUG, "%s: failed to open system cert store " 498 "'%s': error=%d", __func__, store, 499 (int) GetLastError()); 500 return -1; 501 } 502 503 while ((ctx = CertEnumCertificatesInStore(cs, ctx))) { 504 cert = d2i_X509(NULL, (OPENSSL_d2i_TYPE) &ctx->pbCertEncoded, 505 ctx->cbCertEncoded); 506 if (cert == NULL) { 507 wpa_printf(MSG_INFO, "CryptoAPI: Could not process " 508 "X509 DER encoding for CA cert"); 509 continue; 510 } 511 512 X509_NAME_oneline(X509_get_subject_name(cert), buf, 513 sizeof(buf)); 514 wpa_printf(MSG_DEBUG, "OpenSSL: Loaded CA certificate for " 515 "system certificate store: subject='%s'", buf); 516 517 if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) { 518 tls_show_errors(MSG_WARNING, __func__, 519 "Failed to add ca_cert to OpenSSL " 520 "certificate store"); 521 } 522 523 X509_free(cert); 524 } 525 526 if (!CertCloseStore(cs, 0)) { 527 wpa_printf(MSG_DEBUG, "%s: failed to close system cert store " 528 "'%s': error=%d", __func__, name + 13, 529 (int) GetLastError()); 530 } 531 532 return 0; 533 } 534 535 536 #else /* CONFIG_NATIVE_WINDOWS */ 537 538 static int tls_cryptoapi_cert(SSL *ssl, const char *name) 539 { 540 return -1; 541 } 542 543 #endif /* CONFIG_NATIVE_WINDOWS */ 544 545 546 static void ssl_info_cb(const SSL *ssl, int where, int ret) 547 { 548 const char *str; 549 int w; 550 551 wpa_printf(MSG_DEBUG, "SSL: (where=0x%x ret=0x%x)", where, ret); 552 w = where & ~SSL_ST_MASK; 553 if (w & SSL_ST_CONNECT) 554 str = "SSL_connect"; 555 else if (w & SSL_ST_ACCEPT) 556 str = "SSL_accept"; 557 else 558 str = "undefined"; 559 560 if (where & SSL_CB_LOOP) { 561 wpa_printf(MSG_DEBUG, "SSL: %s:%s", 562 str, SSL_state_string_long(ssl)); 563 } else if (where & SSL_CB_ALERT) { 564 wpa_printf(MSG_INFO, "SSL: SSL3 alert: %s:%s:%s", 565 where & SSL_CB_READ ? 566 "read (remote end reported an error)" : 567 "write (local SSL3 detected an error)", 568 SSL_alert_type_string_long(ret), 569 SSL_alert_desc_string_long(ret)); 570 if ((ret >> 8) == SSL3_AL_FATAL) { 571 struct tls_connection *conn = 572 SSL_get_app_data((SSL *) ssl); 573 if (where & SSL_CB_READ) 574 conn->read_alerts++; 575 else 576 conn->write_alerts++; 577 } 578 } else if (where & SSL_CB_EXIT && ret <= 0) { 579 wpa_printf(MSG_DEBUG, "SSL: %s:%s in %s", 580 str, ret == 0 ? "failed" : "error", 581 SSL_state_string_long(ssl)); 582 } 583 } 584 585 586 #ifndef OPENSSL_NO_ENGINE 587 /** 588 * tls_engine_load_dynamic_generic - load any openssl engine 589 * @pre: an array of commands and values that load an engine initialized 590 * in the engine specific function 591 * @post: an array of commands and values that initialize an already loaded 592 * engine (or %NULL if not required) 593 * @id: the engine id of the engine to load (only required if post is not %NULL 594 * 595 * This function is a generic function that loads any openssl engine. 596 * 597 * Returns: 0 on success, -1 on failure 598 */ 599 static int tls_engine_load_dynamic_generic(const char *pre[], 600 const char *post[], const char *id) 601 { 602 ENGINE *engine; 603 const char *dynamic_id = "dynamic"; 604 605 engine = ENGINE_by_id(id); 606 if (engine) { 607 ENGINE_free(engine); 608 wpa_printf(MSG_DEBUG, "ENGINE: engine '%s' is already " 609 "available", id); 610 return 0; 611 } 612 ERR_clear_error(); 613 614 engine = ENGINE_by_id(dynamic_id); 615 if (engine == NULL) { 616 wpa_printf(MSG_INFO, "ENGINE: Can't find engine %s [%s]", 617 dynamic_id, 618 ERR_error_string(ERR_get_error(), NULL)); 619 return -1; 620 } 621 622 /* Perform the pre commands. This will load the engine. */ 623 while (pre && pre[0]) { 624 wpa_printf(MSG_DEBUG, "ENGINE: '%s' '%s'", pre[0], pre[1]); 625 if (ENGINE_ctrl_cmd_string(engine, pre[0], pre[1], 0) == 0) { 626 wpa_printf(MSG_INFO, "ENGINE: ctrl cmd_string failed: " 627 "%s %s [%s]", pre[0], pre[1], 628 ERR_error_string(ERR_get_error(), NULL)); 629 ENGINE_free(engine); 630 return -1; 631 } 632 pre += 2; 633 } 634 635 /* 636 * Free the reference to the "dynamic" engine. The loaded engine can 637 * now be looked up using ENGINE_by_id(). 638 */ 639 ENGINE_free(engine); 640 641 engine = ENGINE_by_id(id); 642 if (engine == NULL) { 643 wpa_printf(MSG_INFO, "ENGINE: Can't find engine %s [%s]", 644 id, ERR_error_string(ERR_get_error(), NULL)); 645 return -1; 646 } 647 648 while (post && post[0]) { 649 wpa_printf(MSG_DEBUG, "ENGINE: '%s' '%s'", post[0], post[1]); 650 if (ENGINE_ctrl_cmd_string(engine, post[0], post[1], 0) == 0) { 651 wpa_printf(MSG_DEBUG, "ENGINE: ctrl cmd_string failed:" 652 " %s %s [%s]", post[0], post[1], 653 ERR_error_string(ERR_get_error(), NULL)); 654 ENGINE_remove(engine); 655 ENGINE_free(engine); 656 return -1; 657 } 658 post += 2; 659 } 660 ENGINE_free(engine); 661 662 return 0; 663 } 664 665 666 /** 667 * tls_engine_load_dynamic_pkcs11 - load the pkcs11 engine provided by opensc 668 * @pkcs11_so_path: pksc11_so_path from the configuration 669 * @pcks11_module_path: pkcs11_module_path from the configuration 670 */ 671 static int tls_engine_load_dynamic_pkcs11(const char *pkcs11_so_path, 672 const char *pkcs11_module_path) 673 { 674 char *engine_id = "pkcs11"; 675 const char *pre_cmd[] = { 676 "SO_PATH", NULL /* pkcs11_so_path */, 677 "ID", NULL /* engine_id */, 678 "LIST_ADD", "1", 679 /* "NO_VCHECK", "1", */ 680 "LOAD", NULL, 681 NULL, NULL 682 }; 683 const char *post_cmd[] = { 684 "MODULE_PATH", NULL /* pkcs11_module_path */, 685 NULL, NULL 686 }; 687 688 if (!pkcs11_so_path || !pkcs11_module_path) 689 return 0; 690 691 pre_cmd[1] = pkcs11_so_path; 692 pre_cmd[3] = engine_id; 693 post_cmd[1] = pkcs11_module_path; 694 695 wpa_printf(MSG_DEBUG, "ENGINE: Loading pkcs11 Engine from %s", 696 pkcs11_so_path); 697 698 return tls_engine_load_dynamic_generic(pre_cmd, post_cmd, engine_id); 699 } 700 701 702 /** 703 * tls_engine_load_dynamic_opensc - load the opensc engine provided by opensc 704 * @opensc_so_path: opensc_so_path from the configuration 705 */ 706 static int tls_engine_load_dynamic_opensc(const char *opensc_so_path) 707 { 708 char *engine_id = "opensc"; 709 const char *pre_cmd[] = { 710 "SO_PATH", NULL /* opensc_so_path */, 711 "ID", NULL /* engine_id */, 712 "LIST_ADD", "1", 713 "LOAD", NULL, 714 NULL, NULL 715 }; 716 717 if (!opensc_so_path) 718 return 0; 719 720 pre_cmd[1] = opensc_so_path; 721 pre_cmd[3] = engine_id; 722 723 wpa_printf(MSG_DEBUG, "ENGINE: Loading OpenSC Engine from %s", 724 opensc_so_path); 725 726 return tls_engine_load_dynamic_generic(pre_cmd, NULL, engine_id); 727 } 728 #endif /* OPENSSL_NO_ENGINE */ 729 730 731 void * tls_init(const struct tls_config *conf) 732 { 733 SSL_CTX *ssl; 734 735 if (tls_openssl_ref_count == 0) { 736 SSL_load_error_strings(); 737 SSL_library_init(); 738 /* TODO: if /dev/urandom is available, PRNG is seeded 739 * automatically. If this is not the case, random data should 740 * be added here. */ 741 742 #ifdef PKCS12_FUNCS 743 PKCS12_PBE_add(); 744 #endif /* PKCS12_FUNCS */ 745 } 746 tls_openssl_ref_count++; 747 748 ssl = SSL_CTX_new(TLSv1_method()); 749 if (ssl == NULL) 750 return NULL; 751 752 SSL_CTX_set_info_callback(ssl, ssl_info_cb); 753 754 #ifndef OPENSSL_NO_ENGINE 755 if (conf && 756 (conf->opensc_engine_path || conf->pkcs11_engine_path || 757 conf->pkcs11_module_path)) { 758 wpa_printf(MSG_DEBUG, "ENGINE: Loading dynamic engine"); 759 ERR_load_ENGINE_strings(); 760 ENGINE_load_dynamic(); 761 762 if (tls_engine_load_dynamic_opensc(conf->opensc_engine_path) || 763 tls_engine_load_dynamic_pkcs11(conf->pkcs11_engine_path, 764 conf->pkcs11_module_path)) { 765 tls_deinit(ssl); 766 return NULL; 767 } 768 } 769 #endif /* OPENSSL_NO_ENGINE */ 770 771 return ssl; 772 } 773 774 775 void tls_deinit(void *ssl_ctx) 776 { 777 SSL_CTX *ssl = ssl_ctx; 778 SSL_CTX_free(ssl); 779 780 tls_openssl_ref_count--; 781 if (tls_openssl_ref_count == 0) { 782 #ifndef OPENSSL_NO_ENGINE 783 ENGINE_cleanup(); 784 #endif /* OPENSSL_NO_ENGINE */ 785 CRYPTO_cleanup_all_ex_data(); 786 ERR_remove_state(0); 787 ERR_free_strings(); 788 EVP_cleanup(); 789 } 790 } 791 792 793 static int tls_engine_init(struct tls_connection *conn, const char *engine_id, 794 const char *pin, const char *key_id, 795 const char *cert_id, const char *ca_cert_id) 796 { 797 #ifndef OPENSSL_NO_ENGINE 798 int ret = -1; 799 if (engine_id == NULL) { 800 wpa_printf(MSG_ERROR, "ENGINE: Engine ID not set"); 801 return -1; 802 } 803 if (pin == NULL) { 804 wpa_printf(MSG_ERROR, "ENGINE: Smartcard PIN not set"); 805 return -1; 806 } 807 if (key_id == NULL) { 808 wpa_printf(MSG_ERROR, "ENGINE: Key Id not set"); 809 return -1; 810 } 811 812 ERR_clear_error(); 813 conn->engine = ENGINE_by_id(engine_id); 814 if (!conn->engine) { 815 wpa_printf(MSG_ERROR, "ENGINE: engine %s not available [%s]", 816 engine_id, ERR_error_string(ERR_get_error(), NULL)); 817 goto err; 818 } 819 if (ENGINE_init(conn->engine) != 1) { 820 wpa_printf(MSG_ERROR, "ENGINE: engine init failed " 821 "(engine: %s) [%s]", engine_id, 822 ERR_error_string(ERR_get_error(), NULL)); 823 goto err; 824 } 825 wpa_printf(MSG_DEBUG, "ENGINE: engine initialized"); 826 827 if (ENGINE_ctrl_cmd_string(conn->engine, "PIN", pin, 0) == 0) { 828 wpa_printf(MSG_ERROR, "ENGINE: cannot set pin [%s]", 829 ERR_error_string(ERR_get_error(), NULL)); 830 goto err; 831 } 832 /* load private key first in-case PIN is required for cert */ 833 conn->private_key = ENGINE_load_private_key(conn->engine, 834 key_id, NULL, NULL); 835 if (!conn->private_key) { 836 wpa_printf(MSG_ERROR, "ENGINE: cannot load private key with id" 837 " '%s' [%s]", key_id, 838 ERR_error_string(ERR_get_error(), NULL)); 839 ret = TLS_SET_PARAMS_ENGINE_PRV_INIT_FAILED; 840 goto err; 841 } 842 843 /* handle a certificate and/or CA certificate */ 844 if (cert_id || ca_cert_id) { 845 const char *cmd_name = "LOAD_CERT_CTRL"; 846 847 /* test if the engine supports a LOAD_CERT_CTRL */ 848 if (!ENGINE_ctrl(conn->engine, ENGINE_CTRL_GET_CMD_FROM_NAME, 849 0, (void *)cmd_name, NULL)) { 850 wpa_printf(MSG_ERROR, "ENGINE: engine does not support" 851 " loading certificates"); 852 ret = TLS_SET_PARAMS_ENGINE_PRV_INIT_FAILED; 853 goto err; 854 } 855 } 856 857 return 0; 858 859 err: 860 if (conn->engine) { 861 ENGINE_free(conn->engine); 862 conn->engine = NULL; 863 } 864 865 if (conn->private_key) { 866 EVP_PKEY_free(conn->private_key); 867 conn->private_key = NULL; 868 } 869 870 return ret; 871 #else /* OPENSSL_NO_ENGINE */ 872 return 0; 873 #endif /* OPENSSL_NO_ENGINE */ 874 } 875 876 877 static void tls_engine_deinit(struct tls_connection *conn) 878 { 879 #ifndef OPENSSL_NO_ENGINE 880 wpa_printf(MSG_DEBUG, "ENGINE: engine deinit"); 881 if (conn->private_key) { 882 EVP_PKEY_free(conn->private_key); 883 conn->private_key = NULL; 884 } 885 if (conn->engine) { 886 ENGINE_finish(conn->engine); 887 conn->engine = NULL; 888 } 889 #endif /* OPENSSL_NO_ENGINE */ 890 } 891 892 893 int tls_get_errors(void *ssl_ctx) 894 { 895 int count = 0; 896 unsigned long err; 897 898 while ((err = ERR_get_error())) { 899 wpa_printf(MSG_INFO, "TLS - SSL error: %s", 900 ERR_error_string(err, NULL)); 901 count++; 902 } 903 904 return count; 905 } 906 907 struct tls_connection * tls_connection_init(void *ssl_ctx) 908 { 909 SSL_CTX *ssl = ssl_ctx; 910 struct tls_connection *conn; 911 long options; 912 913 conn = os_zalloc(sizeof(*conn)); 914 if (conn == NULL) 915 return NULL; 916 conn->ssl = SSL_new(ssl); 917 if (conn->ssl == NULL) { 918 tls_show_errors(MSG_INFO, __func__, 919 "Failed to initialize new SSL connection"); 920 os_free(conn); 921 return NULL; 922 } 923 924 SSL_set_app_data(conn->ssl, conn); 925 options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | 926 SSL_OP_SINGLE_DH_USE; 927 #ifdef SSL_OP_NO_COMPRESSION 928 options |= SSL_OP_NO_COMPRESSION; 929 #endif /* SSL_OP_NO_COMPRESSION */ 930 SSL_set_options(conn->ssl, options); 931 932 conn->ssl_in = BIO_new(BIO_s_mem()); 933 if (!conn->ssl_in) { 934 tls_show_errors(MSG_INFO, __func__, 935 "Failed to create a new BIO for ssl_in"); 936 SSL_free(conn->ssl); 937 os_free(conn); 938 return NULL; 939 } 940 941 conn->ssl_out = BIO_new(BIO_s_mem()); 942 if (!conn->ssl_out) { 943 tls_show_errors(MSG_INFO, __func__, 944 "Failed to create a new BIO for ssl_out"); 945 SSL_free(conn->ssl); 946 BIO_free(conn->ssl_in); 947 os_free(conn); 948 return NULL; 949 } 950 951 SSL_set_bio(conn->ssl, conn->ssl_in, conn->ssl_out); 952 953 return conn; 954 } 955 956 957 void tls_connection_deinit(void *ssl_ctx, struct tls_connection *conn) 958 { 959 if (conn == NULL) 960 return; 961 SSL_free(conn->ssl); 962 tls_engine_deinit(conn); 963 os_free(conn->subject_match); 964 os_free(conn->altsubject_match); 965 os_free(conn->session_ticket); 966 os_free(conn); 967 } 968 969 970 int tls_connection_established(void *ssl_ctx, struct tls_connection *conn) 971 { 972 return conn ? SSL_is_init_finished(conn->ssl) : 0; 973 } 974 975 976 int tls_connection_shutdown(void *ssl_ctx, struct tls_connection *conn) 977 { 978 if (conn == NULL) 979 return -1; 980 981 /* Shutdown previous TLS connection without notifying the peer 982 * because the connection was already terminated in practice 983 * and "close notify" shutdown alert would confuse AS. */ 984 SSL_set_quiet_shutdown(conn->ssl, 1); 985 SSL_shutdown(conn->ssl); 986 return 0; 987 } 988 989 990 static int tls_match_altsubject_component(X509 *cert, int type, 991 const char *value, size_t len) 992 { 993 GENERAL_NAME *gen; 994 void *ext; 995 int i, found = 0; 996 997 ext = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL); 998 999 for (i = 0; ext && i < sk_GENERAL_NAME_num(ext); i++) { 1000 gen = sk_GENERAL_NAME_value(ext, i); 1001 if (gen->type != type) 1002 continue; 1003 if (os_strlen((char *) gen->d.ia5->data) == len && 1004 os_memcmp(value, gen->d.ia5->data, len) == 0) 1005 found++; 1006 } 1007 1008 return found; 1009 } 1010 1011 1012 static int tls_match_altsubject(X509 *cert, const char *match) 1013 { 1014 int type; 1015 const char *pos, *end; 1016 size_t len; 1017 1018 pos = match; 1019 do { 1020 if (os_strncmp(pos, "EMAIL:", 6) == 0) { 1021 type = GEN_EMAIL; 1022 pos += 6; 1023 } else if (os_strncmp(pos, "DNS:", 4) == 0) { 1024 type = GEN_DNS; 1025 pos += 4; 1026 } else if (os_strncmp(pos, "URI:", 4) == 0) { 1027 type = GEN_URI; 1028 pos += 4; 1029 } else { 1030 wpa_printf(MSG_INFO, "TLS: Invalid altSubjectName " 1031 "match '%s'", pos); 1032 return 0; 1033 } 1034 end = os_strchr(pos, ';'); 1035 while (end) { 1036 if (os_strncmp(end + 1, "EMAIL:", 6) == 0 || 1037 os_strncmp(end + 1, "DNS:", 4) == 0 || 1038 os_strncmp(end + 1, "URI:", 4) == 0) 1039 break; 1040 end = os_strchr(end + 1, ';'); 1041 } 1042 if (end) 1043 len = end - pos; 1044 else 1045 len = os_strlen(pos); 1046 if (tls_match_altsubject_component(cert, type, pos, len) > 0) 1047 return 1; 1048 pos = end + 1; 1049 } while (end); 1050 1051 return 0; 1052 } 1053 1054 1055 static int tls_verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) 1056 { 1057 char buf[256]; 1058 X509 *err_cert; 1059 int err, depth; 1060 SSL *ssl; 1061 struct tls_connection *conn; 1062 char *match, *altmatch; 1063 1064 err_cert = X509_STORE_CTX_get_current_cert(x509_ctx); 1065 err = X509_STORE_CTX_get_error(x509_ctx); 1066 depth = X509_STORE_CTX_get_error_depth(x509_ctx); 1067 ssl = X509_STORE_CTX_get_ex_data(x509_ctx, 1068 SSL_get_ex_data_X509_STORE_CTX_idx()); 1069 X509_NAME_oneline(X509_get_subject_name(err_cert), buf, sizeof(buf)); 1070 1071 conn = SSL_get_app_data(ssl); 1072 match = conn ? conn->subject_match : NULL; 1073 altmatch = conn ? conn->altsubject_match : NULL; 1074 1075 if (!preverify_ok) { 1076 wpa_printf(MSG_WARNING, "TLS: Certificate verification failed," 1077 " error %d (%s) depth %d for '%s'", err, 1078 X509_verify_cert_error_string(err), depth, buf); 1079 } else { 1080 wpa_printf(MSG_DEBUG, "TLS: tls_verify_cb - " 1081 "preverify_ok=%d err=%d (%s) depth=%d buf='%s'", 1082 preverify_ok, err, 1083 X509_verify_cert_error_string(err), depth, buf); 1084 if (depth == 0 && match && os_strstr(buf, match) == NULL) { 1085 wpa_printf(MSG_WARNING, "TLS: Subject '%s' did not " 1086 "match with '%s'", buf, match); 1087 preverify_ok = 0; 1088 } else if (depth == 0 && altmatch && 1089 !tls_match_altsubject(err_cert, altmatch)) { 1090 wpa_printf(MSG_WARNING, "TLS: altSubjectName match " 1091 "'%s' not found", altmatch); 1092 preverify_ok = 0; 1093 } 1094 } 1095 1096 return preverify_ok; 1097 } 1098 1099 1100 #ifndef OPENSSL_NO_STDIO 1101 static int tls_load_ca_der(void *_ssl_ctx, const char *ca_cert) 1102 { 1103 SSL_CTX *ssl_ctx = _ssl_ctx; 1104 X509_LOOKUP *lookup; 1105 int ret = 0; 1106 1107 lookup = X509_STORE_add_lookup(ssl_ctx->cert_store, 1108 X509_LOOKUP_file()); 1109 if (lookup == NULL) { 1110 tls_show_errors(MSG_WARNING, __func__, 1111 "Failed add lookup for X509 store"); 1112 return -1; 1113 } 1114 1115 if (!X509_LOOKUP_load_file(lookup, ca_cert, X509_FILETYPE_ASN1)) { 1116 unsigned long err = ERR_peek_error(); 1117 tls_show_errors(MSG_WARNING, __func__, 1118 "Failed load CA in DER format"); 1119 if (ERR_GET_LIB(err) == ERR_LIB_X509 && 1120 ERR_GET_REASON(err) == X509_R_CERT_ALREADY_IN_HASH_TABLE) { 1121 wpa_printf(MSG_DEBUG, "OpenSSL: %s - ignoring " 1122 "cert already in hash table error", 1123 __func__); 1124 } else 1125 ret = -1; 1126 } 1127 1128 return ret; 1129 } 1130 #endif /* OPENSSL_NO_STDIO */ 1131 1132 1133 static int tls_connection_ca_cert(void *_ssl_ctx, struct tls_connection *conn, 1134 const char *ca_cert, const u8 *ca_cert_blob, 1135 size_t ca_cert_blob_len, const char *ca_path) 1136 { 1137 SSL_CTX *ssl_ctx = _ssl_ctx; 1138 1139 /* 1140 * Remove previously configured trusted CA certificates before adding 1141 * new ones. 1142 */ 1143 X509_STORE_free(ssl_ctx->cert_store); 1144 ssl_ctx->cert_store = X509_STORE_new(); 1145 if (ssl_ctx->cert_store == NULL) { 1146 wpa_printf(MSG_DEBUG, "OpenSSL: %s - failed to allocate new " 1147 "certificate store", __func__); 1148 return -1; 1149 } 1150 1151 if (ca_cert_blob) { 1152 X509 *cert = d2i_X509(NULL, (OPENSSL_d2i_TYPE) &ca_cert_blob, 1153 ca_cert_blob_len); 1154 if (cert == NULL) { 1155 tls_show_errors(MSG_WARNING, __func__, 1156 "Failed to parse ca_cert_blob"); 1157 return -1; 1158 } 1159 1160 if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) { 1161 unsigned long err = ERR_peek_error(); 1162 tls_show_errors(MSG_WARNING, __func__, 1163 "Failed to add ca_cert_blob to " 1164 "certificate store"); 1165 if (ERR_GET_LIB(err) == ERR_LIB_X509 && 1166 ERR_GET_REASON(err) == 1167 X509_R_CERT_ALREADY_IN_HASH_TABLE) { 1168 wpa_printf(MSG_DEBUG, "OpenSSL: %s - ignoring " 1169 "cert already in hash table error", 1170 __func__); 1171 } else { 1172 X509_free(cert); 1173 return -1; 1174 } 1175 } 1176 X509_free(cert); 1177 wpa_printf(MSG_DEBUG, "OpenSSL: %s - added ca_cert_blob " 1178 "to certificate store", __func__); 1179 SSL_set_verify(conn->ssl, SSL_VERIFY_PEER, tls_verify_cb); 1180 return 0; 1181 } 1182 1183 #ifdef CONFIG_NATIVE_WINDOWS 1184 if (ca_cert && tls_cryptoapi_ca_cert(ssl_ctx, conn->ssl, ca_cert) == 1185 0) { 1186 wpa_printf(MSG_DEBUG, "OpenSSL: Added CA certificates from " 1187 "system certificate store"); 1188 SSL_set_verify(conn->ssl, SSL_VERIFY_PEER, tls_verify_cb); 1189 return 0; 1190 } 1191 #endif /* CONFIG_NATIVE_WINDOWS */ 1192 1193 if (ca_cert || ca_path) { 1194 #ifndef OPENSSL_NO_STDIO 1195 if (SSL_CTX_load_verify_locations(ssl_ctx, ca_cert, ca_path) != 1196 1) { 1197 tls_show_errors(MSG_WARNING, __func__, 1198 "Failed to load root certificates"); 1199 if (ca_cert && 1200 tls_load_ca_der(ssl_ctx, ca_cert) == 0) { 1201 wpa_printf(MSG_DEBUG, "OpenSSL: %s - loaded " 1202 "DER format CA certificate", 1203 __func__); 1204 } else 1205 return -1; 1206 } else { 1207 wpa_printf(MSG_DEBUG, "TLS: Trusted root " 1208 "certificate(s) loaded"); 1209 tls_get_errors(ssl_ctx); 1210 } 1211 SSL_set_verify(conn->ssl, SSL_VERIFY_PEER, tls_verify_cb); 1212 #else /* OPENSSL_NO_STDIO */ 1213 wpa_printf(MSG_DEBUG, "OpenSSL: %s - OPENSSL_NO_STDIO", 1214 __func__); 1215 return -1; 1216 #endif /* OPENSSL_NO_STDIO */ 1217 } else { 1218 /* No ca_cert configured - do not try to verify server 1219 * certificate */ 1220 SSL_set_verify(conn->ssl, SSL_VERIFY_NONE, NULL); 1221 } 1222 1223 return 0; 1224 } 1225 1226 1227 static int tls_global_ca_cert(SSL_CTX *ssl_ctx, const char *ca_cert) 1228 { 1229 if (ca_cert) { 1230 if (SSL_CTX_load_verify_locations(ssl_ctx, ca_cert, NULL) != 1) 1231 { 1232 tls_show_errors(MSG_WARNING, __func__, 1233 "Failed to load root certificates"); 1234 return -1; 1235 } 1236 1237 wpa_printf(MSG_DEBUG, "TLS: Trusted root " 1238 "certificate(s) loaded"); 1239 1240 #ifndef OPENSSL_NO_STDIO 1241 /* Add the same CAs to the client certificate requests */ 1242 SSL_CTX_set_client_CA_list(ssl_ctx, 1243 SSL_load_client_CA_file(ca_cert)); 1244 #endif /* OPENSSL_NO_STDIO */ 1245 } 1246 1247 return 0; 1248 } 1249 1250 1251 int tls_global_set_verify(void *ssl_ctx, int check_crl) 1252 { 1253 int flags; 1254 1255 if (check_crl) { 1256 X509_STORE *cs = SSL_CTX_get_cert_store(ssl_ctx); 1257 if (cs == NULL) { 1258 tls_show_errors(MSG_INFO, __func__, "Failed to get " 1259 "certificate store when enabling " 1260 "check_crl"); 1261 return -1; 1262 } 1263 flags = X509_V_FLAG_CRL_CHECK; 1264 if (check_crl == 2) 1265 flags |= X509_V_FLAG_CRL_CHECK_ALL; 1266 X509_STORE_set_flags(cs, flags); 1267 } 1268 return 0; 1269 } 1270 1271 1272 static int tls_connection_set_subject_match(struct tls_connection *conn, 1273 const char *subject_match, 1274 const char *altsubject_match) 1275 { 1276 os_free(conn->subject_match); 1277 conn->subject_match = NULL; 1278 if (subject_match) { 1279 conn->subject_match = os_strdup(subject_match); 1280 if (conn->subject_match == NULL) 1281 return -1; 1282 } 1283 1284 os_free(conn->altsubject_match); 1285 conn->altsubject_match = NULL; 1286 if (altsubject_match) { 1287 conn->altsubject_match = os_strdup(altsubject_match); 1288 if (conn->altsubject_match == NULL) 1289 return -1; 1290 } 1291 1292 return 0; 1293 } 1294 1295 1296 int tls_connection_set_verify(void *ssl_ctx, struct tls_connection *conn, 1297 int verify_peer) 1298 { 1299 static int counter = 0; 1300 1301 if (conn == NULL) 1302 return -1; 1303 1304 if (verify_peer) { 1305 SSL_set_verify(conn->ssl, SSL_VERIFY_PEER | 1306 SSL_VERIFY_FAIL_IF_NO_PEER_CERT | 1307 SSL_VERIFY_CLIENT_ONCE, tls_verify_cb); 1308 } else { 1309 SSL_set_verify(conn->ssl, SSL_VERIFY_NONE, NULL); 1310 } 1311 1312 SSL_set_accept_state(conn->ssl); 1313 1314 /* 1315 * Set session id context in order to avoid fatal errors when client 1316 * tries to resume a session. However, set the context to a unique 1317 * value in order to effectively disable session resumption for now 1318 * since not all areas of the server code are ready for it (e.g., 1319 * EAP-TTLS needs special handling for Phase 2 after abbreviated TLS 1320 * handshake). 1321 */ 1322 counter++; 1323 SSL_set_session_id_context(conn->ssl, 1324 (const unsigned char *) &counter, 1325 sizeof(counter)); 1326 1327 return 0; 1328 } 1329 1330 1331 static int tls_connection_client_cert(struct tls_connection *conn, 1332 const char *client_cert, 1333 const u8 *client_cert_blob, 1334 size_t client_cert_blob_len) 1335 { 1336 if (client_cert == NULL && client_cert_blob == NULL) 1337 return 0; 1338 1339 if (client_cert_blob && 1340 SSL_use_certificate_ASN1(conn->ssl, (u8 *) client_cert_blob, 1341 client_cert_blob_len) == 1) { 1342 wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_certificate_ASN1 --> " 1343 "OK"); 1344 return 0; 1345 } else if (client_cert_blob) { 1346 tls_show_errors(MSG_DEBUG, __func__, 1347 "SSL_use_certificate_ASN1 failed"); 1348 } 1349 1350 if (client_cert == NULL) 1351 return -1; 1352 1353 #ifndef OPENSSL_NO_STDIO 1354 if (SSL_use_certificate_file(conn->ssl, client_cert, 1355 SSL_FILETYPE_ASN1) == 1) { 1356 wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_certificate_file (DER)" 1357 " --> OK"); 1358 return 0; 1359 } else { 1360 tls_show_errors(MSG_DEBUG, __func__, 1361 "SSL_use_certificate_file (DER) failed"); 1362 } 1363 1364 if (SSL_use_certificate_file(conn->ssl, client_cert, 1365 SSL_FILETYPE_PEM) == 1) { 1366 wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_certificate_file (PEM)" 1367 " --> OK"); 1368 return 0; 1369 } else { 1370 tls_show_errors(MSG_DEBUG, __func__, 1371 "SSL_use_certificate_file (PEM) failed"); 1372 } 1373 #else /* OPENSSL_NO_STDIO */ 1374 wpa_printf(MSG_DEBUG, "OpenSSL: %s - OPENSSL_NO_STDIO", __func__); 1375 #endif /* OPENSSL_NO_STDIO */ 1376 1377 return -1; 1378 } 1379 1380 1381 static int tls_global_client_cert(SSL_CTX *ssl_ctx, const char *client_cert) 1382 { 1383 #ifndef OPENSSL_NO_STDIO 1384 if (client_cert == NULL) 1385 return 0; 1386 1387 if (SSL_CTX_use_certificate_file(ssl_ctx, client_cert, 1388 SSL_FILETYPE_ASN1) != 1 && 1389 SSL_CTX_use_certificate_file(ssl_ctx, client_cert, 1390 SSL_FILETYPE_PEM) != 1) { 1391 tls_show_errors(MSG_INFO, __func__, 1392 "Failed to load client certificate"); 1393 return -1; 1394 } 1395 return 0; 1396 #else /* OPENSSL_NO_STDIO */ 1397 if (client_cert == NULL) 1398 return 0; 1399 wpa_printf(MSG_DEBUG, "OpenSSL: %s - OPENSSL_NO_STDIO", __func__); 1400 return -1; 1401 #endif /* OPENSSL_NO_STDIO */ 1402 } 1403 1404 1405 static int tls_passwd_cb(char *buf, int size, int rwflag, void *password) 1406 { 1407 if (password == NULL) { 1408 return 0; 1409 } 1410 os_strlcpy(buf, (char *) password, size); 1411 return os_strlen(buf); 1412 } 1413 1414 1415 #ifdef PKCS12_FUNCS 1416 static int tls_parse_pkcs12(SSL_CTX *ssl_ctx, SSL *ssl, PKCS12 *p12, 1417 const char *passwd) 1418 { 1419 EVP_PKEY *pkey; 1420 X509 *cert; 1421 STACK_OF(X509) *certs; 1422 int res = 0; 1423 char buf[256]; 1424 1425 pkey = NULL; 1426 cert = NULL; 1427 certs = NULL; 1428 if (!PKCS12_parse(p12, passwd, &pkey, &cert, &certs)) { 1429 tls_show_errors(MSG_DEBUG, __func__, 1430 "Failed to parse PKCS12 file"); 1431 PKCS12_free(p12); 1432 return -1; 1433 } 1434 wpa_printf(MSG_DEBUG, "TLS: Successfully parsed PKCS12 data"); 1435 1436 if (cert) { 1437 X509_NAME_oneline(X509_get_subject_name(cert), buf, 1438 sizeof(buf)); 1439 wpa_printf(MSG_DEBUG, "TLS: Got certificate from PKCS12: " 1440 "subject='%s'", buf); 1441 if (ssl) { 1442 if (SSL_use_certificate(ssl, cert) != 1) 1443 res = -1; 1444 } else { 1445 if (SSL_CTX_use_certificate(ssl_ctx, cert) != 1) 1446 res = -1; 1447 } 1448 X509_free(cert); 1449 } 1450 1451 if (pkey) { 1452 wpa_printf(MSG_DEBUG, "TLS: Got private key from PKCS12"); 1453 if (ssl) { 1454 if (SSL_use_PrivateKey(ssl, pkey) != 1) 1455 res = -1; 1456 } else { 1457 if (SSL_CTX_use_PrivateKey(ssl_ctx, pkey) != 1) 1458 res = -1; 1459 } 1460 EVP_PKEY_free(pkey); 1461 } 1462 1463 if (certs) { 1464 while ((cert = sk_X509_pop(certs)) != NULL) { 1465 X509_NAME_oneline(X509_get_subject_name(cert), buf, 1466 sizeof(buf)); 1467 wpa_printf(MSG_DEBUG, "TLS: additional certificate" 1468 " from PKCS12: subject='%s'", buf); 1469 /* 1470 * There is no SSL equivalent for the chain cert - so 1471 * always add it to the context... 1472 */ 1473 if (SSL_CTX_add_extra_chain_cert(ssl_ctx, cert) != 1) { 1474 res = -1; 1475 break; 1476 } 1477 } 1478 sk_X509_free(certs); 1479 } 1480 1481 PKCS12_free(p12); 1482 1483 if (res < 0) 1484 tls_get_errors(ssl_ctx); 1485 1486 return res; 1487 } 1488 #endif /* PKCS12_FUNCS */ 1489 1490 1491 static int tls_read_pkcs12(SSL_CTX *ssl_ctx, SSL *ssl, const char *private_key, 1492 const char *passwd) 1493 { 1494 #ifdef PKCS12_FUNCS 1495 FILE *f; 1496 PKCS12 *p12; 1497 1498 f = fopen(private_key, "rb"); 1499 if (f == NULL) 1500 return -1; 1501 1502 p12 = d2i_PKCS12_fp(f, NULL); 1503 fclose(f); 1504 1505 if (p12 == NULL) { 1506 tls_show_errors(MSG_INFO, __func__, 1507 "Failed to use PKCS#12 file"); 1508 return -1; 1509 } 1510 1511 return tls_parse_pkcs12(ssl_ctx, ssl, p12, passwd); 1512 1513 #else /* PKCS12_FUNCS */ 1514 wpa_printf(MSG_INFO, "TLS: PKCS12 support disabled - cannot read " 1515 "p12/pfx files"); 1516 return -1; 1517 #endif /* PKCS12_FUNCS */ 1518 } 1519 1520 1521 static int tls_read_pkcs12_blob(SSL_CTX *ssl_ctx, SSL *ssl, 1522 const u8 *blob, size_t len, const char *passwd) 1523 { 1524 #ifdef PKCS12_FUNCS 1525 PKCS12 *p12; 1526 1527 p12 = d2i_PKCS12(NULL, (OPENSSL_d2i_TYPE) &blob, len); 1528 if (p12 == NULL) { 1529 tls_show_errors(MSG_INFO, __func__, 1530 "Failed to use PKCS#12 blob"); 1531 return -1; 1532 } 1533 1534 return tls_parse_pkcs12(ssl_ctx, ssl, p12, passwd); 1535 1536 #else /* PKCS12_FUNCS */ 1537 wpa_printf(MSG_INFO, "TLS: PKCS12 support disabled - cannot parse " 1538 "p12/pfx blobs"); 1539 return -1; 1540 #endif /* PKCS12_FUNCS */ 1541 } 1542 1543 1544 #ifndef OPENSSL_NO_ENGINE 1545 static int tls_engine_get_cert(struct tls_connection *conn, 1546 const char *cert_id, 1547 X509 **cert) 1548 { 1549 /* this runs after the private key is loaded so no PIN is required */ 1550 struct { 1551 const char *cert_id; 1552 X509 *cert; 1553 } params; 1554 params.cert_id = cert_id; 1555 params.cert = NULL; 1556 1557 if (!ENGINE_ctrl_cmd(conn->engine, "LOAD_CERT_CTRL", 1558 0, ¶ms, NULL, 1)) { 1559 wpa_printf(MSG_ERROR, "ENGINE: cannot load client cert with id" 1560 " '%s' [%s]", cert_id, 1561 ERR_error_string(ERR_get_error(), NULL)); 1562 return TLS_SET_PARAMS_ENGINE_PRV_INIT_FAILED; 1563 } 1564 if (!params.cert) { 1565 wpa_printf(MSG_ERROR, "ENGINE: did not properly cert with id" 1566 " '%s'", cert_id); 1567 return TLS_SET_PARAMS_ENGINE_PRV_INIT_FAILED; 1568 } 1569 *cert = params.cert; 1570 return 0; 1571 } 1572 #endif /* OPENSSL_NO_ENGINE */ 1573 1574 1575 static int tls_connection_engine_client_cert(struct tls_connection *conn, 1576 const char *cert_id) 1577 { 1578 #ifndef OPENSSL_NO_ENGINE 1579 X509 *cert; 1580 1581 if (tls_engine_get_cert(conn, cert_id, &cert)) 1582 return -1; 1583 1584 if (!SSL_use_certificate(conn->ssl, cert)) { 1585 tls_show_errors(MSG_ERROR, __func__, 1586 "SSL_use_certificate failed"); 1587 X509_free(cert); 1588 return -1; 1589 } 1590 X509_free(cert); 1591 wpa_printf(MSG_DEBUG, "ENGINE: SSL_use_certificate --> " 1592 "OK"); 1593 return 0; 1594 1595 #else /* OPENSSL_NO_ENGINE */ 1596 return -1; 1597 #endif /* OPENSSL_NO_ENGINE */ 1598 } 1599 1600 1601 static int tls_connection_engine_ca_cert(void *_ssl_ctx, 1602 struct tls_connection *conn, 1603 const char *ca_cert_id) 1604 { 1605 #ifndef OPENSSL_NO_ENGINE 1606 X509 *cert; 1607 SSL_CTX *ssl_ctx = _ssl_ctx; 1608 1609 if (tls_engine_get_cert(conn, ca_cert_id, &cert)) 1610 return -1; 1611 1612 /* start off the same as tls_connection_ca_cert */ 1613 X509_STORE_free(ssl_ctx->cert_store); 1614 ssl_ctx->cert_store = X509_STORE_new(); 1615 if (ssl_ctx->cert_store == NULL) { 1616 wpa_printf(MSG_DEBUG, "OpenSSL: %s - failed to allocate new " 1617 "certificate store", __func__); 1618 X509_free(cert); 1619 return -1; 1620 } 1621 if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) { 1622 unsigned long err = ERR_peek_error(); 1623 tls_show_errors(MSG_WARNING, __func__, 1624 "Failed to add CA certificate from engine " 1625 "to certificate store"); 1626 if (ERR_GET_LIB(err) == ERR_LIB_X509 && 1627 ERR_GET_REASON(err) == X509_R_CERT_ALREADY_IN_HASH_TABLE) { 1628 wpa_printf(MSG_DEBUG, "OpenSSL: %s - ignoring cert" 1629 " already in hash table error", 1630 __func__); 1631 } else { 1632 X509_free(cert); 1633 return -1; 1634 } 1635 } 1636 X509_free(cert); 1637 wpa_printf(MSG_DEBUG, "OpenSSL: %s - added CA certificate from engine " 1638 "to certificate store", __func__); 1639 SSL_set_verify(conn->ssl, SSL_VERIFY_PEER, tls_verify_cb); 1640 return 0; 1641 1642 #else /* OPENSSL_NO_ENGINE */ 1643 return -1; 1644 #endif /* OPENSSL_NO_ENGINE */ 1645 } 1646 1647 1648 static int tls_connection_engine_private_key(struct tls_connection *conn) 1649 { 1650 #ifndef OPENSSL_NO_ENGINE 1651 if (SSL_use_PrivateKey(conn->ssl, conn->private_key) != 1) { 1652 tls_show_errors(MSG_ERROR, __func__, 1653 "ENGINE: cannot use private key for TLS"); 1654 return -1; 1655 } 1656 if (!SSL_check_private_key(conn->ssl)) { 1657 tls_show_errors(MSG_INFO, __func__, 1658 "Private key failed verification"); 1659 return -1; 1660 } 1661 return 0; 1662 #else /* OPENSSL_NO_ENGINE */ 1663 wpa_printf(MSG_ERROR, "SSL: Configuration uses engine, but " 1664 "engine support was not compiled in"); 1665 return -1; 1666 #endif /* OPENSSL_NO_ENGINE */ 1667 } 1668 1669 1670 static int tls_connection_private_key(void *_ssl_ctx, 1671 struct tls_connection *conn, 1672 const char *private_key, 1673 const char *private_key_passwd, 1674 const u8 *private_key_blob, 1675 size_t private_key_blob_len) 1676 { 1677 SSL_CTX *ssl_ctx = _ssl_ctx; 1678 char *passwd; 1679 int ok; 1680 1681 if (private_key == NULL && private_key_blob == NULL) 1682 return 0; 1683 1684 if (private_key_passwd) { 1685 passwd = os_strdup(private_key_passwd); 1686 if (passwd == NULL) 1687 return -1; 1688 } else 1689 passwd = NULL; 1690 1691 SSL_CTX_set_default_passwd_cb(ssl_ctx, tls_passwd_cb); 1692 SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, passwd); 1693 1694 ok = 0; 1695 while (private_key_blob) { 1696 if (SSL_use_PrivateKey_ASN1(EVP_PKEY_RSA, conn->ssl, 1697 (u8 *) private_key_blob, 1698 private_key_blob_len) == 1) { 1699 wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_PrivateKey_" 1700 "ASN1(EVP_PKEY_RSA) --> OK"); 1701 ok = 1; 1702 break; 1703 } else { 1704 tls_show_errors(MSG_DEBUG, __func__, 1705 "SSL_use_PrivateKey_ASN1(EVP_PKEY_RSA)" 1706 " failed"); 1707 } 1708 1709 if (SSL_use_PrivateKey_ASN1(EVP_PKEY_DSA, conn->ssl, 1710 (u8 *) private_key_blob, 1711 private_key_blob_len) == 1) { 1712 wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_PrivateKey_" 1713 "ASN1(EVP_PKEY_DSA) --> OK"); 1714 ok = 1; 1715 break; 1716 } else { 1717 tls_show_errors(MSG_DEBUG, __func__, 1718 "SSL_use_PrivateKey_ASN1(EVP_PKEY_DSA)" 1719 " failed"); 1720 } 1721 1722 if (SSL_use_RSAPrivateKey_ASN1(conn->ssl, 1723 (u8 *) private_key_blob, 1724 private_key_blob_len) == 1) { 1725 wpa_printf(MSG_DEBUG, "OpenSSL: " 1726 "SSL_use_RSAPrivateKey_ASN1 --> OK"); 1727 ok = 1; 1728 break; 1729 } else { 1730 tls_show_errors(MSG_DEBUG, __func__, 1731 "SSL_use_RSAPrivateKey_ASN1 failed"); 1732 } 1733 1734 if (tls_read_pkcs12_blob(ssl_ctx, conn->ssl, private_key_blob, 1735 private_key_blob_len, passwd) == 0) { 1736 wpa_printf(MSG_DEBUG, "OpenSSL: PKCS#12 as blob --> " 1737 "OK"); 1738 ok = 1; 1739 break; 1740 } 1741 1742 break; 1743 } 1744 1745 while (!ok && private_key) { 1746 #ifndef OPENSSL_NO_STDIO 1747 if (SSL_use_PrivateKey_file(conn->ssl, private_key, 1748 SSL_FILETYPE_ASN1) == 1) { 1749 wpa_printf(MSG_DEBUG, "OpenSSL: " 1750 "SSL_use_PrivateKey_File (DER) --> OK"); 1751 ok = 1; 1752 break; 1753 } else { 1754 tls_show_errors(MSG_DEBUG, __func__, 1755 "SSL_use_PrivateKey_File (DER) " 1756 "failed"); 1757 } 1758 1759 if (SSL_use_PrivateKey_file(conn->ssl, private_key, 1760 SSL_FILETYPE_PEM) == 1) { 1761 wpa_printf(MSG_DEBUG, "OpenSSL: " 1762 "SSL_use_PrivateKey_File (PEM) --> OK"); 1763 ok = 1; 1764 break; 1765 } else { 1766 tls_show_errors(MSG_DEBUG, __func__, 1767 "SSL_use_PrivateKey_File (PEM) " 1768 "failed"); 1769 } 1770 #else /* OPENSSL_NO_STDIO */ 1771 wpa_printf(MSG_DEBUG, "OpenSSL: %s - OPENSSL_NO_STDIO", 1772 __func__); 1773 #endif /* OPENSSL_NO_STDIO */ 1774 1775 if (tls_read_pkcs12(ssl_ctx, conn->ssl, private_key, passwd) 1776 == 0) { 1777 wpa_printf(MSG_DEBUG, "OpenSSL: Reading PKCS#12 file " 1778 "--> OK"); 1779 ok = 1; 1780 break; 1781 } 1782 1783 if (tls_cryptoapi_cert(conn->ssl, private_key) == 0) { 1784 wpa_printf(MSG_DEBUG, "OpenSSL: Using CryptoAPI to " 1785 "access certificate store --> OK"); 1786 ok = 1; 1787 break; 1788 } 1789 1790 break; 1791 } 1792 1793 if (!ok) { 1794 wpa_printf(MSG_INFO, "OpenSSL: Failed to load private key"); 1795 os_free(passwd); 1796 ERR_clear_error(); 1797 return -1; 1798 } 1799 ERR_clear_error(); 1800 SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL); 1801 os_free(passwd); 1802 1803 if (!SSL_check_private_key(conn->ssl)) { 1804 tls_show_errors(MSG_INFO, __func__, "Private key failed " 1805 "verification"); 1806 return -1; 1807 } 1808 1809 wpa_printf(MSG_DEBUG, "SSL: Private key loaded successfully"); 1810 return 0; 1811 } 1812 1813 1814 static int tls_global_private_key(SSL_CTX *ssl_ctx, const char *private_key, 1815 const char *private_key_passwd) 1816 { 1817 char *passwd; 1818 1819 if (private_key == NULL) 1820 return 0; 1821 1822 if (private_key_passwd) { 1823 passwd = os_strdup(private_key_passwd); 1824 if (passwd == NULL) 1825 return -1; 1826 } else 1827 passwd = NULL; 1828 1829 SSL_CTX_set_default_passwd_cb(ssl_ctx, tls_passwd_cb); 1830 SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, passwd); 1831 if ( 1832 #ifndef OPENSSL_NO_STDIO 1833 SSL_CTX_use_PrivateKey_file(ssl_ctx, private_key, 1834 SSL_FILETYPE_ASN1) != 1 && 1835 SSL_CTX_use_PrivateKey_file(ssl_ctx, private_key, 1836 SSL_FILETYPE_PEM) != 1 && 1837 #endif /* OPENSSL_NO_STDIO */ 1838 tls_read_pkcs12(ssl_ctx, NULL, private_key, passwd)) { 1839 tls_show_errors(MSG_INFO, __func__, 1840 "Failed to load private key"); 1841 os_free(passwd); 1842 ERR_clear_error(); 1843 return -1; 1844 } 1845 os_free(passwd); 1846 ERR_clear_error(); 1847 SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL); 1848 1849 if (!SSL_CTX_check_private_key(ssl_ctx)) { 1850 tls_show_errors(MSG_INFO, __func__, 1851 "Private key failed verification"); 1852 return -1; 1853 } 1854 1855 return 0; 1856 } 1857 1858 1859 static int tls_connection_dh(struct tls_connection *conn, const char *dh_file) 1860 { 1861 #ifdef OPENSSL_NO_DH 1862 if (dh_file == NULL) 1863 return 0; 1864 wpa_printf(MSG_ERROR, "TLS: openssl does not include DH support, but " 1865 "dh_file specified"); 1866 return -1; 1867 #else /* OPENSSL_NO_DH */ 1868 DH *dh; 1869 BIO *bio; 1870 1871 /* TODO: add support for dh_blob */ 1872 if (dh_file == NULL) 1873 return 0; 1874 if (conn == NULL) 1875 return -1; 1876 1877 bio = BIO_new_file(dh_file, "r"); 1878 if (bio == NULL) { 1879 wpa_printf(MSG_INFO, "TLS: Failed to open DH file '%s': %s", 1880 dh_file, ERR_error_string(ERR_get_error(), NULL)); 1881 return -1; 1882 } 1883 dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL); 1884 BIO_free(bio); 1885 #ifndef OPENSSL_NO_DSA 1886 while (dh == NULL) { 1887 DSA *dsa; 1888 wpa_printf(MSG_DEBUG, "TLS: Failed to parse DH file '%s': %s -" 1889 " trying to parse as DSA params", dh_file, 1890 ERR_error_string(ERR_get_error(), NULL)); 1891 bio = BIO_new_file(dh_file, "r"); 1892 if (bio == NULL) 1893 break; 1894 dsa = PEM_read_bio_DSAparams(bio, NULL, NULL, NULL); 1895 BIO_free(bio); 1896 if (!dsa) { 1897 wpa_printf(MSG_DEBUG, "TLS: Failed to parse DSA file " 1898 "'%s': %s", dh_file, 1899 ERR_error_string(ERR_get_error(), NULL)); 1900 break; 1901 } 1902 1903 wpa_printf(MSG_DEBUG, "TLS: DH file in DSA param format"); 1904 dh = DSA_dup_DH(dsa); 1905 DSA_free(dsa); 1906 if (dh == NULL) { 1907 wpa_printf(MSG_INFO, "TLS: Failed to convert DSA " 1908 "params into DH params"); 1909 break; 1910 } 1911 break; 1912 } 1913 #endif /* !OPENSSL_NO_DSA */ 1914 if (dh == NULL) { 1915 wpa_printf(MSG_INFO, "TLS: Failed to read/parse DH/DSA file " 1916 "'%s'", dh_file); 1917 return -1; 1918 } 1919 1920 if (SSL_set_tmp_dh(conn->ssl, dh) != 1) { 1921 wpa_printf(MSG_INFO, "TLS: Failed to set DH params from '%s': " 1922 "%s", dh_file, 1923 ERR_error_string(ERR_get_error(), NULL)); 1924 DH_free(dh); 1925 return -1; 1926 } 1927 DH_free(dh); 1928 return 0; 1929 #endif /* OPENSSL_NO_DH */ 1930 } 1931 1932 1933 static int tls_global_dh(SSL_CTX *ssl_ctx, const char *dh_file) 1934 { 1935 #ifdef OPENSSL_NO_DH 1936 if (dh_file == NULL) 1937 return 0; 1938 wpa_printf(MSG_ERROR, "TLS: openssl does not include DH support, but " 1939 "dh_file specified"); 1940 return -1; 1941 #else /* OPENSSL_NO_DH */ 1942 DH *dh; 1943 BIO *bio; 1944 1945 /* TODO: add support for dh_blob */ 1946 if (dh_file == NULL) 1947 return 0; 1948 if (ssl_ctx == NULL) 1949 return -1; 1950 1951 bio = BIO_new_file(dh_file, "r"); 1952 if (bio == NULL) { 1953 wpa_printf(MSG_INFO, "TLS: Failed to open DH file '%s': %s", 1954 dh_file, ERR_error_string(ERR_get_error(), NULL)); 1955 return -1; 1956 } 1957 dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL); 1958 BIO_free(bio); 1959 #ifndef OPENSSL_NO_DSA 1960 while (dh == NULL) { 1961 DSA *dsa; 1962 wpa_printf(MSG_DEBUG, "TLS: Failed to parse DH file '%s': %s -" 1963 " trying to parse as DSA params", dh_file, 1964 ERR_error_string(ERR_get_error(), NULL)); 1965 bio = BIO_new_file(dh_file, "r"); 1966 if (bio == NULL) 1967 break; 1968 dsa = PEM_read_bio_DSAparams(bio, NULL, NULL, NULL); 1969 BIO_free(bio); 1970 if (!dsa) { 1971 wpa_printf(MSG_DEBUG, "TLS: Failed to parse DSA file " 1972 "'%s': %s", dh_file, 1973 ERR_error_string(ERR_get_error(), NULL)); 1974 break; 1975 } 1976 1977 wpa_printf(MSG_DEBUG, "TLS: DH file in DSA param format"); 1978 dh = DSA_dup_DH(dsa); 1979 DSA_free(dsa); 1980 if (dh == NULL) { 1981 wpa_printf(MSG_INFO, "TLS: Failed to convert DSA " 1982 "params into DH params"); 1983 break; 1984 } 1985 break; 1986 } 1987 #endif /* !OPENSSL_NO_DSA */ 1988 if (dh == NULL) { 1989 wpa_printf(MSG_INFO, "TLS: Failed to read/parse DH/DSA file " 1990 "'%s'", dh_file); 1991 return -1; 1992 } 1993 1994 if (SSL_CTX_set_tmp_dh(ssl_ctx, dh) != 1) { 1995 wpa_printf(MSG_INFO, "TLS: Failed to set DH params from '%s': " 1996 "%s", dh_file, 1997 ERR_error_string(ERR_get_error(), NULL)); 1998 DH_free(dh); 1999 return -1; 2000 } 2001 DH_free(dh); 2002 return 0; 2003 #endif /* OPENSSL_NO_DH */ 2004 } 2005 2006 2007 int tls_connection_get_keys(void *ssl_ctx, struct tls_connection *conn, 2008 struct tls_keys *keys) 2009 { 2010 SSL *ssl; 2011 2012 if (conn == NULL || keys == NULL) 2013 return -1; 2014 ssl = conn->ssl; 2015 if (ssl == NULL || ssl->s3 == NULL || ssl->session == NULL) 2016 return -1; 2017 2018 os_memset(keys, 0, sizeof(*keys)); 2019 keys->master_key = ssl->session->master_key; 2020 keys->master_key_len = ssl->session->master_key_length; 2021 keys->client_random = ssl->s3->client_random; 2022 keys->client_random_len = SSL3_RANDOM_SIZE; 2023 keys->server_random = ssl->s3->server_random; 2024 keys->server_random_len = SSL3_RANDOM_SIZE; 2025 2026 return 0; 2027 } 2028 2029 2030 int tls_connection_prf(void *tls_ctx, struct tls_connection *conn, 2031 const char *label, int server_random_first, 2032 u8 *out, size_t out_len) 2033 { 2034 return -1; 2035 } 2036 2037 2038 u8 * tls_connection_handshake(void *ssl_ctx, struct tls_connection *conn, 2039 const u8 *in_data, size_t in_len, 2040 size_t *out_len, u8 **appl_data, 2041 size_t *appl_data_len) 2042 { 2043 int res; 2044 u8 *out_data; 2045 2046 if (appl_data) 2047 *appl_data = NULL; 2048 2049 /* 2050 * Give TLS handshake data from the server (if available) to OpenSSL 2051 * for processing. 2052 */ 2053 if (in_data && 2054 BIO_write(conn->ssl_in, in_data, in_len) < 0) { 2055 tls_show_errors(MSG_INFO, __func__, 2056 "Handshake failed - BIO_write"); 2057 return NULL; 2058 } 2059 2060 /* Initiate TLS handshake or continue the existing handshake */ 2061 res = SSL_connect(conn->ssl); 2062 if (res != 1) { 2063 int err = SSL_get_error(conn->ssl, res); 2064 if (err == SSL_ERROR_WANT_READ) 2065 wpa_printf(MSG_DEBUG, "SSL: SSL_connect - want " 2066 "more data"); 2067 else if (err == SSL_ERROR_WANT_WRITE) 2068 wpa_printf(MSG_DEBUG, "SSL: SSL_connect - want to " 2069 "write"); 2070 else { 2071 tls_show_errors(MSG_INFO, __func__, "SSL_connect"); 2072 conn->failed++; 2073 } 2074 } 2075 2076 /* Get the TLS handshake data to be sent to the server */ 2077 res = BIO_ctrl_pending(conn->ssl_out); 2078 wpa_printf(MSG_DEBUG, "SSL: %d bytes pending from ssl_out", res); 2079 out_data = os_malloc(res == 0 ? 1 : res); 2080 if (out_data == NULL) { 2081 wpa_printf(MSG_DEBUG, "SSL: Failed to allocate memory for " 2082 "handshake output (%d bytes)", res); 2083 if (BIO_reset(conn->ssl_out) < 0) { 2084 tls_show_errors(MSG_INFO, __func__, 2085 "BIO_reset failed"); 2086 } 2087 *out_len = 0; 2088 return NULL; 2089 } 2090 res = res == 0 ? 0 : BIO_read(conn->ssl_out, out_data, res); 2091 if (res < 0) { 2092 tls_show_errors(MSG_INFO, __func__, 2093 "Handshake failed - BIO_read"); 2094 if (BIO_reset(conn->ssl_out) < 0) { 2095 tls_show_errors(MSG_INFO, __func__, 2096 "BIO_reset failed"); 2097 } 2098 *out_len = 0; 2099 return NULL; 2100 } 2101 *out_len = res; 2102 2103 if (SSL_is_init_finished(conn->ssl) && appl_data) { 2104 *appl_data = os_malloc(in_len); 2105 if (*appl_data) { 2106 res = SSL_read(conn->ssl, *appl_data, in_len); 2107 if (res < 0) { 2108 tls_show_errors(MSG_INFO, __func__, 2109 "Failed to read possible " 2110 "Application Data"); 2111 os_free(*appl_data); 2112 *appl_data = NULL; 2113 } else { 2114 *appl_data_len = res; 2115 wpa_hexdump_key(MSG_MSGDUMP, "SSL: Application" 2116 " Data in Finish message", 2117 *appl_data, *appl_data_len); 2118 } 2119 } 2120 } 2121 2122 return out_data; 2123 } 2124 2125 2126 u8 * tls_connection_server_handshake(void *ssl_ctx, 2127 struct tls_connection *conn, 2128 const u8 *in_data, size_t in_len, 2129 size_t *out_len) 2130 { 2131 int res; 2132 u8 *out_data; 2133 2134 /* 2135 * Give TLS handshake data from the client (if available) to OpenSSL 2136 * for processing. 2137 */ 2138 if (in_data && 2139 BIO_write(conn->ssl_in, in_data, in_len) < 0) { 2140 tls_show_errors(MSG_INFO, __func__, 2141 "Handshake failed - BIO_write"); 2142 return NULL; 2143 } 2144 2145 /* Initiate TLS handshake or continue the existing handshake */ 2146 res = SSL_accept(conn->ssl); 2147 if (res != 1) { 2148 int err = SSL_get_error(conn->ssl, res); 2149 if (err == SSL_ERROR_WANT_READ) 2150 wpa_printf(MSG_DEBUG, "SSL: SSL_accept - want " 2151 "more data"); 2152 else if (err == SSL_ERROR_WANT_WRITE) 2153 wpa_printf(MSG_DEBUG, "SSL: SSL_accept - want to " 2154 "write"); 2155 else { 2156 tls_show_errors(MSG_INFO, __func__, "SSL_accept"); 2157 return NULL; 2158 } 2159 } 2160 2161 /* Get the TLS handshake data to be sent to the client */ 2162 res = BIO_ctrl_pending(conn->ssl_out); 2163 wpa_printf(MSG_DEBUG, "SSL: %d bytes pending from ssl_out", res); 2164 out_data = os_malloc(res == 0 ? 1 : res); 2165 if (out_data == NULL) { 2166 wpa_printf(MSG_DEBUG, "SSL: Failed to allocate memory for " 2167 "handshake output (%d bytes)", res); 2168 if (BIO_reset(conn->ssl_out) < 0) { 2169 tls_show_errors(MSG_INFO, __func__, 2170 "BIO_reset failed"); 2171 } 2172 *out_len = 0; 2173 return NULL; 2174 } 2175 res = res == 0 ? 0 : BIO_read(conn->ssl_out, out_data, res); 2176 if (res < 0) { 2177 tls_show_errors(MSG_INFO, __func__, 2178 "Handshake failed - BIO_read"); 2179 if (BIO_reset(conn->ssl_out) < 0) { 2180 tls_show_errors(MSG_INFO, __func__, 2181 "BIO_reset failed"); 2182 } 2183 *out_len = 0; 2184 return NULL; 2185 } 2186 *out_len = res; 2187 return out_data; 2188 } 2189 2190 2191 int tls_connection_encrypt(void *ssl_ctx, struct tls_connection *conn, 2192 const u8 *in_data, size_t in_len, 2193 u8 *out_data, size_t out_len) 2194 { 2195 int res; 2196 2197 if (conn == NULL) 2198 return -1; 2199 2200 /* Give plaintext data for OpenSSL to encrypt into the TLS tunnel. */ 2201 if ((res = BIO_reset(conn->ssl_in)) < 0 || 2202 (res = BIO_reset(conn->ssl_out)) < 0) { 2203 tls_show_errors(MSG_INFO, __func__, "BIO_reset failed"); 2204 return res; 2205 } 2206 res = SSL_write(conn->ssl, in_data, in_len); 2207 if (res < 0) { 2208 tls_show_errors(MSG_INFO, __func__, 2209 "Encryption failed - SSL_write"); 2210 return res; 2211 } 2212 2213 /* Read encrypted data to be sent to the server */ 2214 res = BIO_read(conn->ssl_out, out_data, out_len); 2215 if (res < 0) { 2216 tls_show_errors(MSG_INFO, __func__, 2217 "Encryption failed - BIO_read"); 2218 return res; 2219 } 2220 2221 return res; 2222 } 2223 2224 2225 int tls_connection_decrypt(void *ssl_ctx, struct tls_connection *conn, 2226 const u8 *in_data, size_t in_len, 2227 u8 *out_data, size_t out_len) 2228 { 2229 int res; 2230 2231 /* Give encrypted data from TLS tunnel for OpenSSL to decrypt. */ 2232 res = BIO_write(conn->ssl_in, in_data, in_len); 2233 if (res < 0) { 2234 tls_show_errors(MSG_INFO, __func__, 2235 "Decryption failed - BIO_write"); 2236 return res; 2237 } 2238 if (BIO_reset(conn->ssl_out) < 0) { 2239 tls_show_errors(MSG_INFO, __func__, "BIO_reset failed"); 2240 return res; 2241 } 2242 2243 /* Read decrypted data for further processing */ 2244 res = SSL_read(conn->ssl, out_data, out_len); 2245 if (res < 0) { 2246 tls_show_errors(MSG_INFO, __func__, 2247 "Decryption failed - SSL_read"); 2248 return res; 2249 } 2250 2251 return res; 2252 } 2253 2254 2255 int tls_connection_resumed(void *ssl_ctx, struct tls_connection *conn) 2256 { 2257 return conn ? conn->ssl->hit : 0; 2258 } 2259 2260 2261 int tls_connection_set_cipher_list(void *tls_ctx, struct tls_connection *conn, 2262 u8 *ciphers) 2263 { 2264 char buf[100], *pos, *end; 2265 u8 *c; 2266 int ret; 2267 2268 if (conn == NULL || conn->ssl == NULL || ciphers == NULL) 2269 return -1; 2270 2271 buf[0] = '\0'; 2272 pos = buf; 2273 end = pos + sizeof(buf); 2274 2275 c = ciphers; 2276 while (*c != TLS_CIPHER_NONE) { 2277 const char *suite; 2278 2279 switch (*c) { 2280 case TLS_CIPHER_RC4_SHA: 2281 suite = "RC4-SHA"; 2282 break; 2283 case TLS_CIPHER_AES128_SHA: 2284 suite = "AES128-SHA"; 2285 break; 2286 case TLS_CIPHER_RSA_DHE_AES128_SHA: 2287 suite = "DHE-RSA-AES128-SHA"; 2288 break; 2289 case TLS_CIPHER_ANON_DH_AES128_SHA: 2290 suite = "ADH-AES128-SHA"; 2291 break; 2292 default: 2293 wpa_printf(MSG_DEBUG, "TLS: Unsupported " 2294 "cipher selection: %d", *c); 2295 return -1; 2296 } 2297 ret = os_snprintf(pos, end - pos, ":%s", suite); 2298 if (ret < 0 || ret >= end - pos) 2299 break; 2300 pos += ret; 2301 2302 c++; 2303 } 2304 2305 wpa_printf(MSG_DEBUG, "OpenSSL: cipher suites: %s", buf + 1); 2306 2307 if (SSL_set_cipher_list(conn->ssl, buf + 1) != 1) { 2308 tls_show_errors(MSG_INFO, __func__, 2309 "Cipher suite configuration failed"); 2310 return -1; 2311 } 2312 2313 return 0; 2314 } 2315 2316 2317 int tls_get_cipher(void *ssl_ctx, struct tls_connection *conn, 2318 char *buf, size_t buflen) 2319 { 2320 const char *name; 2321 if (conn == NULL || conn->ssl == NULL) 2322 return -1; 2323 2324 name = SSL_get_cipher(conn->ssl); 2325 if (name == NULL) 2326 return -1; 2327 2328 os_strlcpy(buf, name, buflen); 2329 return 0; 2330 } 2331 2332 2333 int tls_connection_enable_workaround(void *ssl_ctx, 2334 struct tls_connection *conn) 2335 { 2336 SSL_set_options(conn->ssl, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS); 2337 2338 return 0; 2339 } 2340 2341 2342 #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) 2343 /* ClientHello TLS extensions require a patch to openssl, so this function is 2344 * commented out unless explicitly needed for EAP-FAST in order to be able to 2345 * build this file with unmodified openssl. */ 2346 int tls_connection_client_hello_ext(void *ssl_ctx, struct tls_connection *conn, 2347 int ext_type, const u8 *data, 2348 size_t data_len) 2349 { 2350 if (conn == NULL || conn->ssl == NULL || ext_type != 35) 2351 return -1; 2352 2353 #ifdef CONFIG_OPENSSL_TICKET_OVERRIDE 2354 if (SSL_set_session_ticket_ext(conn->ssl, (void *) data, 2355 data_len) != 1) 2356 return -1; 2357 #else /* CONFIG_OPENSSL_TICKET_OVERRIDE */ 2358 if (SSL_set_hello_extension(conn->ssl, ext_type, (void *) data, 2359 data_len) != 1) 2360 return -1; 2361 #endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */ 2362 2363 return 0; 2364 } 2365 #endif /* EAP_FAST || EAP_FAST_DYNAMIC */ 2366 2367 2368 int tls_connection_get_failed(void *ssl_ctx, struct tls_connection *conn) 2369 { 2370 if (conn == NULL) 2371 return -1; 2372 return conn->failed; 2373 } 2374 2375 2376 int tls_connection_get_read_alerts(void *ssl_ctx, struct tls_connection *conn) 2377 { 2378 if (conn == NULL) 2379 return -1; 2380 return conn->read_alerts; 2381 } 2382 2383 2384 int tls_connection_get_write_alerts(void *ssl_ctx, struct tls_connection *conn) 2385 { 2386 if (conn == NULL) 2387 return -1; 2388 return conn->write_alerts; 2389 } 2390 2391 2392 int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, 2393 const struct tls_connection_params *params) 2394 { 2395 int ret; 2396 unsigned long err; 2397 2398 if (conn == NULL) 2399 return -1; 2400 2401 while ((err = ERR_get_error())) { 2402 wpa_printf(MSG_INFO, "%s: Clearing pending SSL error: %s", 2403 __func__, ERR_error_string(err, NULL)); 2404 } 2405 2406 if (params->engine) { 2407 wpa_printf(MSG_DEBUG, "SSL: Initializing TLS engine"); 2408 ret = tls_engine_init(conn, params->engine_id, params->pin, 2409 params->key_id, params->cert_id, 2410 params->ca_cert_id); 2411 if (ret) 2412 return ret; 2413 } 2414 if (tls_connection_set_subject_match(conn, 2415 params->subject_match, 2416 params->altsubject_match)) 2417 return -1; 2418 2419 if (params->engine && params->ca_cert_id) { 2420 if (tls_connection_engine_ca_cert(tls_ctx, conn, 2421 params->ca_cert_id)) 2422 return TLS_SET_PARAMS_ENGINE_PRV_VERIFY_FAILED; 2423 } else if (tls_connection_ca_cert(tls_ctx, conn, params->ca_cert, 2424 params->ca_cert_blob, 2425 params->ca_cert_blob_len, 2426 params->ca_path)) 2427 return -1; 2428 2429 if (params->engine && params->cert_id) { 2430 if (tls_connection_engine_client_cert(conn, params->cert_id)) 2431 return TLS_SET_PARAMS_ENGINE_PRV_VERIFY_FAILED; 2432 } else if (tls_connection_client_cert(conn, params->client_cert, 2433 params->client_cert_blob, 2434 params->client_cert_blob_len)) 2435 return -1; 2436 2437 if (params->engine && params->key_id) { 2438 wpa_printf(MSG_DEBUG, "TLS: Using private key from engine"); 2439 if (tls_connection_engine_private_key(conn)) 2440 return TLS_SET_PARAMS_ENGINE_PRV_VERIFY_FAILED; 2441 } else if (tls_connection_private_key(tls_ctx, conn, 2442 params->private_key, 2443 params->private_key_passwd, 2444 params->private_key_blob, 2445 params->private_key_blob_len)) { 2446 wpa_printf(MSG_INFO, "TLS: Failed to load private key '%s'", 2447 params->private_key); 2448 return -1; 2449 } 2450 2451 if (tls_connection_dh(conn, params->dh_file)) { 2452 wpa_printf(MSG_INFO, "TLS: Failed to load DH file '%s'", 2453 params->dh_file); 2454 return -1; 2455 } 2456 2457 tls_get_errors(tls_ctx); 2458 2459 return 0; 2460 } 2461 2462 2463 int tls_global_set_params(void *tls_ctx, 2464 const struct tls_connection_params *params) 2465 { 2466 SSL_CTX *ssl_ctx = tls_ctx; 2467 unsigned long err; 2468 2469 while ((err = ERR_get_error())) { 2470 wpa_printf(MSG_INFO, "%s: Clearing pending SSL error: %s", 2471 __func__, ERR_error_string(err, NULL)); 2472 } 2473 2474 if (tls_global_ca_cert(ssl_ctx, params->ca_cert)) 2475 return -1; 2476 2477 if (tls_global_client_cert(ssl_ctx, params->client_cert)) 2478 return -1; 2479 2480 if (tls_global_private_key(ssl_ctx, params->private_key, 2481 params->private_key_passwd)) 2482 return -1; 2483 2484 if (tls_global_dh(ssl_ctx, params->dh_file)) { 2485 wpa_printf(MSG_INFO, "TLS: Failed to load DH file '%s'", 2486 params->dh_file); 2487 return -1; 2488 } 2489 2490 return 0; 2491 } 2492 2493 2494 int tls_connection_get_keyblock_size(void *tls_ctx, 2495 struct tls_connection *conn) 2496 { 2497 const EVP_CIPHER *c; 2498 const EVP_MD *h; 2499 2500 if (conn == NULL || conn->ssl == NULL || 2501 conn->ssl->enc_read_ctx == NULL || 2502 conn->ssl->enc_read_ctx->cipher == NULL || 2503 conn->ssl->read_hash == NULL) 2504 return -1; 2505 2506 c = conn->ssl->enc_read_ctx->cipher; 2507 #if OPENSSL_VERSION_NUMBER >= 0x00909000L 2508 h = EVP_MD_CTX_md(conn->ssl->read_hash); 2509 #else 2510 h = conn->ssl->read_hash; 2511 #endif 2512 2513 return 2 * (EVP_CIPHER_key_length(c) + 2514 EVP_MD_size(h) + 2515 EVP_CIPHER_iv_length(c)); 2516 } 2517 2518 2519 unsigned int tls_capabilities(void *tls_ctx) 2520 { 2521 return 0; 2522 } 2523 2524 2525 int tls_connection_set_ia(void *tls_ctx, struct tls_connection *conn, 2526 int tls_ia) 2527 { 2528 return -1; 2529 } 2530 2531 2532 int tls_connection_ia_send_phase_finished(void *tls_ctx, 2533 struct tls_connection *conn, 2534 int final, 2535 u8 *out_data, size_t out_len) 2536 { 2537 return -1; 2538 } 2539 2540 2541 int tls_connection_ia_final_phase_finished(void *tls_ctx, 2542 struct tls_connection *conn) 2543 { 2544 return -1; 2545 } 2546 2547 2548 int tls_connection_ia_permute_inner_secret(void *tls_ctx, 2549 struct tls_connection *conn, 2550 const u8 *key, size_t key_len) 2551 { 2552 return -1; 2553 } 2554 2555 2556 #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) 2557 /* Pre-shared secred requires a patch to openssl, so this function is 2558 * commented out unless explicitly needed for EAP-FAST in order to be able to 2559 * build this file with unmodified openssl. */ 2560 2561 static int tls_sess_sec_cb(SSL *s, void *secret, int *secret_len, 2562 STACK_OF(SSL_CIPHER) *peer_ciphers, 2563 SSL_CIPHER **cipher, void *arg) 2564 { 2565 struct tls_connection *conn = arg; 2566 int ret; 2567 2568 if (conn == NULL || conn->session_ticket_cb == NULL) 2569 return 0; 2570 2571 ret = conn->session_ticket_cb(conn->session_ticket_cb_ctx, 2572 conn->session_ticket, 2573 conn->session_ticket_len, 2574 s->s3->client_random, 2575 s->s3->server_random, secret); 2576 os_free(conn->session_ticket); 2577 conn->session_ticket = NULL; 2578 2579 if (ret <= 0) 2580 return 0; 2581 2582 *secret_len = SSL_MAX_MASTER_KEY_LENGTH; 2583 return 1; 2584 } 2585 2586 2587 #ifdef CONFIG_OPENSSL_TICKET_OVERRIDE 2588 static int tls_session_ticket_ext_cb(SSL *s, const unsigned char *data, 2589 int len, void *arg) 2590 { 2591 struct tls_connection *conn = arg; 2592 2593 if (conn == NULL || conn->session_ticket_cb == NULL) 2594 return 0; 2595 2596 wpa_printf(MSG_DEBUG, "OpenSSL: %s: length=%d", __func__, len); 2597 2598 os_free(conn->session_ticket); 2599 conn->session_ticket = NULL; 2600 2601 wpa_hexdump(MSG_DEBUG, "OpenSSL: ClientHello SessionTicket " 2602 "extension", data, len); 2603 2604 conn->session_ticket = os_malloc(len); 2605 if (conn->session_ticket == NULL) 2606 return 0; 2607 2608 os_memcpy(conn->session_ticket, data, len); 2609 conn->session_ticket_len = len; 2610 2611 return 1; 2612 } 2613 #else /* CONFIG_OPENSSL_TICKET_OVERRIDE */ 2614 #ifdef SSL_OP_NO_TICKET 2615 static void tls_hello_ext_cb(SSL *s, int client_server, int type, 2616 unsigned char *data, int len, void *arg) 2617 { 2618 struct tls_connection *conn = arg; 2619 2620 if (conn == NULL || conn->session_ticket_cb == NULL) 2621 return; 2622 2623 wpa_printf(MSG_DEBUG, "OpenSSL: %s: type=%d length=%d", __func__, 2624 type, len); 2625 2626 if (type == TLSEXT_TYPE_session_ticket && !client_server) { 2627 os_free(conn->session_ticket); 2628 conn->session_ticket = NULL; 2629 2630 wpa_hexdump(MSG_DEBUG, "OpenSSL: ClientHello SessionTicket " 2631 "extension", data, len); 2632 conn->session_ticket = os_malloc(len); 2633 if (conn->session_ticket == NULL) 2634 return; 2635 2636 os_memcpy(conn->session_ticket, data, len); 2637 conn->session_ticket_len = len; 2638 } 2639 } 2640 #else /* SSL_OP_NO_TICKET */ 2641 static int tls_hello_ext_cb(SSL *s, TLS_EXTENSION *ext, void *arg) 2642 { 2643 struct tls_connection *conn = arg; 2644 2645 if (conn == NULL || conn->session_ticket_cb == NULL) 2646 return 0; 2647 2648 wpa_printf(MSG_DEBUG, "OpenSSL: %s: type=%d length=%d", __func__, 2649 ext->type, ext->length); 2650 2651 os_free(conn->session_ticket); 2652 conn->session_ticket = NULL; 2653 2654 if (ext->type == 35) { 2655 wpa_hexdump(MSG_DEBUG, "OpenSSL: ClientHello SessionTicket " 2656 "extension", ext->data, ext->length); 2657 conn->session_ticket = os_malloc(ext->length); 2658 if (conn->session_ticket == NULL) 2659 return SSL_AD_INTERNAL_ERROR; 2660 2661 os_memcpy(conn->session_ticket, ext->data, ext->length); 2662 conn->session_ticket_len = ext->length; 2663 } 2664 2665 return 0; 2666 } 2667 #endif /* SSL_OP_NO_TICKET */ 2668 #endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */ 2669 #endif /* EAP_FAST || EAP_FAST_DYNAMIC */ 2670 2671 2672 int tls_connection_set_session_ticket_cb(void *tls_ctx, 2673 struct tls_connection *conn, 2674 tls_session_ticket_cb cb, 2675 void *ctx) 2676 { 2677 #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) 2678 conn->session_ticket_cb = cb; 2679 conn->session_ticket_cb_ctx = ctx; 2680 2681 if (cb) { 2682 if (SSL_set_session_secret_cb(conn->ssl, tls_sess_sec_cb, 2683 conn) != 1) 2684 return -1; 2685 #ifdef CONFIG_OPENSSL_TICKET_OVERRIDE 2686 SSL_set_session_ticket_ext_cb(conn->ssl, 2687 tls_session_ticket_ext_cb, conn); 2688 #else /* CONFIG_OPENSSL_TICKET_OVERRIDE */ 2689 #ifdef SSL_OP_NO_TICKET 2690 SSL_set_tlsext_debug_callback(conn->ssl, tls_hello_ext_cb); 2691 SSL_set_tlsext_debug_arg(conn->ssl, conn); 2692 #else /* SSL_OP_NO_TICKET */ 2693 if (SSL_set_hello_extension_cb(conn->ssl, tls_hello_ext_cb, 2694 conn) != 1) 2695 return -1; 2696 #endif /* SSL_OP_NO_TICKET */ 2697 #endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */ 2698 } else { 2699 if (SSL_set_session_secret_cb(conn->ssl, NULL, NULL) != 1) 2700 return -1; 2701 #ifdef CONFIG_OPENSSL_TICKET_OVERRIDE 2702 SSL_set_session_ticket_ext_cb(conn->ssl, NULL, NULL); 2703 #else /* CONFIG_OPENSSL_TICKET_OVERRIDE */ 2704 #ifdef SSL_OP_NO_TICKET 2705 SSL_set_tlsext_debug_callback(conn->ssl, NULL); 2706 SSL_set_tlsext_debug_arg(conn->ssl, conn); 2707 #else /* SSL_OP_NO_TICKET */ 2708 if (SSL_set_hello_extension_cb(conn->ssl, NULL, NULL) != 1) 2709 return -1; 2710 #endif /* SSL_OP_NO_TICKET */ 2711 #endif /* CONFIG_OPENSSL_TICKET_OVERRIDE */ 2712 } 2713 2714 return 0; 2715 #else /* EAP_FAST || EAP_FAST_DYNAMIC */ 2716 return -1; 2717 #endif /* EAP_FAST || EAP_FAST_DYNAMIC */ 2718 } 2719