1 /* 2 * Copyright 2012-2022 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include "ssl_local.h" 12 #include <openssl/conf.h> 13 #include <openssl/objects.h> 14 #include <openssl/decoder.h> 15 #include <openssl/core_dispatch.h> 16 #include "internal/nelem.h" 17 18 /* 19 * structure holding name tables. This is used for permitted elements in lists 20 * such as TLSv1. 21 */ 22 23 typedef struct { 24 const char *name; 25 int namelen; 26 unsigned int name_flags; 27 uint64_t option_value; 28 } ssl_flag_tbl; 29 30 /* Switch table: use for single command line switches like no_tls2 */ 31 typedef struct { 32 uint64_t option_value; 33 unsigned int name_flags; 34 } ssl_switch_tbl; 35 36 /* Sense of name is inverted e.g. "TLSv1" will clear SSL_OP_NO_TLSv1 */ 37 #define SSL_TFLAG_INV 0x1 38 /* Mask for type of flag referred to */ 39 #define SSL_TFLAG_TYPE_MASK 0xf00 40 /* Flag is for options */ 41 #define SSL_TFLAG_OPTION 0x000 42 /* Flag is for cert_flags */ 43 #define SSL_TFLAG_CERT 0x100 44 /* Flag is for verify mode */ 45 #define SSL_TFLAG_VFY 0x200 46 /* Option can only be used for clients */ 47 #define SSL_TFLAG_CLIENT SSL_CONF_FLAG_CLIENT 48 /* Option can only be used for servers */ 49 #define SSL_TFLAG_SERVER SSL_CONF_FLAG_SERVER 50 #define SSL_TFLAG_BOTH (SSL_TFLAG_CLIENT|SSL_TFLAG_SERVER) 51 52 #define SSL_FLAG_TBL(str, flag) \ 53 {str, (int)(sizeof(str) - 1), SSL_TFLAG_BOTH, flag} 54 #define SSL_FLAG_TBL_SRV(str, flag) \ 55 {str, (int)(sizeof(str) - 1), SSL_TFLAG_SERVER, flag} 56 #define SSL_FLAG_TBL_CLI(str, flag) \ 57 {str, (int)(sizeof(str) - 1), SSL_TFLAG_CLIENT, flag} 58 #define SSL_FLAG_TBL_INV(str, flag) \ 59 {str, (int)(sizeof(str) - 1), SSL_TFLAG_INV|SSL_TFLAG_BOTH, flag} 60 #define SSL_FLAG_TBL_SRV_INV(str, flag) \ 61 {str, (int)(sizeof(str) - 1), SSL_TFLAG_INV|SSL_TFLAG_SERVER, flag} 62 #define SSL_FLAG_TBL_CERT(str, flag) \ 63 {str, (int)(sizeof(str) - 1), SSL_TFLAG_CERT|SSL_TFLAG_BOTH, flag} 64 65 #define SSL_FLAG_VFY_CLI(str, flag) \ 66 {str, (int)(sizeof(str) - 1), SSL_TFLAG_VFY | SSL_TFLAG_CLIENT, flag} 67 #define SSL_FLAG_VFY_SRV(str, flag) \ 68 {str, (int)(sizeof(str) - 1), SSL_TFLAG_VFY | SSL_TFLAG_SERVER, flag} 69 70 /* 71 * Opaque structure containing SSL configuration context. 72 */ 73 74 struct ssl_conf_ctx_st { 75 /* 76 * Various flags indicating (among other things) which options we will 77 * recognise. 78 */ 79 unsigned int flags; 80 /* Prefix and length of commands */ 81 char *prefix; 82 size_t prefixlen; 83 /* SSL_CTX or SSL structure to perform operations on */ 84 SSL_CTX *ctx; 85 SSL *ssl; 86 /* Pointer to SSL or SSL_CTX options field or NULL if none */ 87 uint64_t *poptions; 88 /* Certificate filenames for each type */ 89 char *cert_filename[SSL_PKEY_NUM]; 90 /* Pointer to SSL or SSL_CTX cert_flags or NULL if none */ 91 uint32_t *pcert_flags; 92 /* Pointer to SSL or SSL_CTX verify_mode or NULL if none */ 93 uint32_t *pvfy_flags; 94 /* Pointer to SSL or SSL_CTX min_version field or NULL if none */ 95 int *min_version; 96 /* Pointer to SSL or SSL_CTX max_version field or NULL if none */ 97 int *max_version; 98 /* Current flag table being worked on */ 99 const ssl_flag_tbl *tbl; 100 /* Size of table */ 101 size_t ntbl; 102 /* Client CA names */ 103 STACK_OF(X509_NAME) *canames; 104 }; 105 106 static void ssl_set_option(SSL_CONF_CTX *cctx, unsigned int name_flags, 107 uint64_t option_value, int onoff) 108 { 109 uint32_t *pflags; 110 111 if (cctx->poptions == NULL) 112 return; 113 if (name_flags & SSL_TFLAG_INV) 114 onoff ^= 1; 115 switch (name_flags & SSL_TFLAG_TYPE_MASK) { 116 117 case SSL_TFLAG_CERT: 118 pflags = cctx->pcert_flags; 119 break; 120 121 case SSL_TFLAG_VFY: 122 pflags = cctx->pvfy_flags; 123 break; 124 125 case SSL_TFLAG_OPTION: 126 if (onoff) 127 *cctx->poptions |= option_value; 128 else 129 *cctx->poptions &= ~option_value; 130 return; 131 132 default: 133 return; 134 135 } 136 if (onoff) 137 *pflags |= option_value; 138 else 139 *pflags &= ~option_value; 140 } 141 142 static int ssl_match_option(SSL_CONF_CTX *cctx, const ssl_flag_tbl *tbl, 143 const char *name, int namelen, int onoff) 144 { 145 /* If name not relevant for context skip */ 146 if (!(cctx->flags & tbl->name_flags & SSL_TFLAG_BOTH)) 147 return 0; 148 if (namelen == -1) { 149 if (strcmp(tbl->name, name)) 150 return 0; 151 } else if (tbl->namelen != namelen 152 || OPENSSL_strncasecmp(tbl->name, name, namelen)) 153 return 0; 154 ssl_set_option(cctx, tbl->name_flags, tbl->option_value, onoff); 155 return 1; 156 } 157 158 static int ssl_set_option_list(const char *elem, int len, void *usr) 159 { 160 SSL_CONF_CTX *cctx = usr; 161 size_t i; 162 const ssl_flag_tbl *tbl; 163 int onoff = 1; 164 /* 165 * len == -1 indicates not being called in list context, just for single 166 * command line switches, so don't allow +, -. 167 */ 168 if (elem == NULL) 169 return 0; 170 if (len != -1) { 171 if (*elem == '+') { 172 elem++; 173 len--; 174 onoff = 1; 175 } else if (*elem == '-') { 176 elem++; 177 len--; 178 onoff = 0; 179 } 180 } 181 for (i = 0, tbl = cctx->tbl; i < cctx->ntbl; i++, tbl++) { 182 if (ssl_match_option(cctx, tbl, elem, len, onoff)) 183 return 1; 184 } 185 return 0; 186 } 187 188 /* Set supported signature algorithms */ 189 static int cmd_SignatureAlgorithms(SSL_CONF_CTX *cctx, const char *value) 190 { 191 int rv; 192 if (cctx->ssl) 193 rv = SSL_set1_sigalgs_list(cctx->ssl, value); 194 /* NB: ctx == NULL performs syntax checking only */ 195 else 196 rv = SSL_CTX_set1_sigalgs_list(cctx->ctx, value); 197 return rv > 0; 198 } 199 200 /* Set supported client signature algorithms */ 201 static int cmd_ClientSignatureAlgorithms(SSL_CONF_CTX *cctx, const char *value) 202 { 203 int rv; 204 if (cctx->ssl) 205 rv = SSL_set1_client_sigalgs_list(cctx->ssl, value); 206 /* NB: ctx == NULL performs syntax checking only */ 207 else 208 rv = SSL_CTX_set1_client_sigalgs_list(cctx->ctx, value); 209 return rv > 0; 210 } 211 212 static int cmd_Groups(SSL_CONF_CTX *cctx, const char *value) 213 { 214 int rv; 215 if (cctx->ssl) 216 rv = SSL_set1_groups_list(cctx->ssl, value); 217 /* NB: ctx == NULL performs syntax checking only */ 218 else 219 rv = SSL_CTX_set1_groups_list(cctx->ctx, value); 220 return rv > 0; 221 } 222 223 /* This is the old name for cmd_Groups - retained for backwards compatibility */ 224 static int cmd_Curves(SSL_CONF_CTX *cctx, const char *value) 225 { 226 return cmd_Groups(cctx, value); 227 } 228 229 /* ECDH temporary parameters */ 230 static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value) 231 { 232 int rv = 1; 233 234 /* Ignore values supported by 1.0.2 for the automatic selection */ 235 if ((cctx->flags & SSL_CONF_FLAG_FILE) 236 && (OPENSSL_strcasecmp(value, "+automatic") == 0 237 || OPENSSL_strcasecmp(value, "automatic") == 0)) 238 return 1; 239 if ((cctx->flags & SSL_CONF_FLAG_CMDLINE) && 240 strcmp(value, "auto") == 0) 241 return 1; 242 243 /* ECDHParameters accepts a single group name */ 244 if (strstr(value, ":") != NULL) 245 return 0; 246 247 if (cctx->ctx) 248 rv = SSL_CTX_set1_groups_list(cctx->ctx, value); 249 else if (cctx->ssl) 250 rv = SSL_set1_groups_list(cctx->ssl, value); 251 252 return rv > 0; 253 } 254 255 static int cmd_CipherString(SSL_CONF_CTX *cctx, const char *value) 256 { 257 int rv = 1; 258 259 if (cctx->ctx) 260 rv = SSL_CTX_set_cipher_list(cctx->ctx, value); 261 if (cctx->ssl) 262 rv = SSL_set_cipher_list(cctx->ssl, value); 263 return rv > 0; 264 } 265 266 static int cmd_Ciphersuites(SSL_CONF_CTX *cctx, const char *value) 267 { 268 int rv = 1; 269 270 if (cctx->ctx) 271 rv = SSL_CTX_set_ciphersuites(cctx->ctx, value); 272 if (cctx->ssl) 273 rv = SSL_set_ciphersuites(cctx->ssl, value); 274 return rv > 0; 275 } 276 277 static int cmd_Protocol(SSL_CONF_CTX *cctx, const char *value) 278 { 279 static const ssl_flag_tbl ssl_protocol_list[] = { 280 SSL_FLAG_TBL_INV("ALL", SSL_OP_NO_SSL_MASK), 281 SSL_FLAG_TBL_INV("SSLv2", SSL_OP_NO_SSLv2), 282 SSL_FLAG_TBL_INV("SSLv3", SSL_OP_NO_SSLv3), 283 SSL_FLAG_TBL_INV("TLSv1", SSL_OP_NO_TLSv1), 284 SSL_FLAG_TBL_INV("TLSv1.1", SSL_OP_NO_TLSv1_1), 285 SSL_FLAG_TBL_INV("TLSv1.2", SSL_OP_NO_TLSv1_2), 286 SSL_FLAG_TBL_INV("TLSv1.3", SSL_OP_NO_TLSv1_3), 287 SSL_FLAG_TBL_INV("DTLSv1", SSL_OP_NO_DTLSv1), 288 SSL_FLAG_TBL_INV("DTLSv1.2", SSL_OP_NO_DTLSv1_2) 289 }; 290 cctx->tbl = ssl_protocol_list; 291 cctx->ntbl = OSSL_NELEM(ssl_protocol_list); 292 return CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx); 293 } 294 295 /* 296 * protocol_from_string - converts a protocol version string to a number 297 * 298 * Returns -1 on failure or the version on success 299 */ 300 static int protocol_from_string(const char *value) 301 { 302 struct protocol_versions { 303 const char *name; 304 int version; 305 }; 306 /* 307 * Note: To avoid breaking previously valid configurations, we must retain 308 * legacy entries in this table even if the underlying protocol is no 309 * longer supported. This also means that the constants SSL3_VERSION, ... 310 * need to be retained indefinitely. This table can only grow, never 311 * shrink. 312 */ 313 static const struct protocol_versions versions[] = { 314 {"None", 0}, 315 {"SSLv3", SSL3_VERSION}, 316 {"TLSv1", TLS1_VERSION}, 317 {"TLSv1.1", TLS1_1_VERSION}, 318 {"TLSv1.2", TLS1_2_VERSION}, 319 {"TLSv1.3", TLS1_3_VERSION}, 320 {"DTLSv1", DTLS1_VERSION}, 321 {"DTLSv1.2", DTLS1_2_VERSION} 322 }; 323 size_t i; 324 size_t n = OSSL_NELEM(versions); 325 326 for (i = 0; i < n; i++) 327 if (strcmp(versions[i].name, value) == 0) 328 return versions[i].version; 329 return -1; 330 } 331 332 static int min_max_proto(SSL_CONF_CTX *cctx, const char *value, int *bound) 333 { 334 int method_version; 335 int new_version; 336 337 if (cctx->ctx != NULL) 338 method_version = cctx->ctx->method->version; 339 else if (cctx->ssl != NULL) 340 method_version = cctx->ssl->ctx->method->version; 341 else 342 return 0; 343 if ((new_version = protocol_from_string(value)) < 0) 344 return 0; 345 return ssl_set_version_bound(method_version, new_version, bound); 346 } 347 348 /* 349 * cmd_MinProtocol - Set min protocol version 350 * @cctx: config structure to save settings in 351 * @value: The min protocol version in string form 352 * 353 * Returns 1 on success and 0 on failure. 354 */ 355 static int cmd_MinProtocol(SSL_CONF_CTX *cctx, const char *value) 356 { 357 return min_max_proto(cctx, value, cctx->min_version); 358 } 359 360 /* 361 * cmd_MaxProtocol - Set max protocol version 362 * @cctx: config structure to save settings in 363 * @value: The max protocol version in string form 364 * 365 * Returns 1 on success and 0 on failure. 366 */ 367 static int cmd_MaxProtocol(SSL_CONF_CTX *cctx, const char *value) 368 { 369 return min_max_proto(cctx, value, cctx->max_version); 370 } 371 372 static int cmd_Options(SSL_CONF_CTX *cctx, const char *value) 373 { 374 static const ssl_flag_tbl ssl_option_list[] = { 375 SSL_FLAG_TBL_INV("SessionTicket", SSL_OP_NO_TICKET), 376 SSL_FLAG_TBL_INV("EmptyFragments", 377 SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS), 378 SSL_FLAG_TBL("Bugs", SSL_OP_ALL), 379 SSL_FLAG_TBL_INV("Compression", SSL_OP_NO_COMPRESSION), 380 SSL_FLAG_TBL_SRV("ServerPreference", SSL_OP_CIPHER_SERVER_PREFERENCE), 381 SSL_FLAG_TBL_SRV("NoResumptionOnRenegotiation", 382 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION), 383 SSL_FLAG_TBL_SRV("DHSingle", SSL_OP_SINGLE_DH_USE), 384 SSL_FLAG_TBL_SRV("ECDHSingle", SSL_OP_SINGLE_ECDH_USE), 385 SSL_FLAG_TBL("UnsafeLegacyRenegotiation", 386 SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION), 387 SSL_FLAG_TBL("UnsafeLegacyServerConnect", 388 SSL_OP_LEGACY_SERVER_CONNECT), 389 SSL_FLAG_TBL("ClientRenegotiation", 390 SSL_OP_ALLOW_CLIENT_RENEGOTIATION), 391 SSL_FLAG_TBL_INV("EncryptThenMac", SSL_OP_NO_ENCRYPT_THEN_MAC), 392 SSL_FLAG_TBL("NoRenegotiation", SSL_OP_NO_RENEGOTIATION), 393 SSL_FLAG_TBL("AllowNoDHEKEX", SSL_OP_ALLOW_NO_DHE_KEX), 394 SSL_FLAG_TBL("PrioritizeChaCha", SSL_OP_PRIORITIZE_CHACHA), 395 SSL_FLAG_TBL("MiddleboxCompat", SSL_OP_ENABLE_MIDDLEBOX_COMPAT), 396 SSL_FLAG_TBL_INV("AntiReplay", SSL_OP_NO_ANTI_REPLAY), 397 SSL_FLAG_TBL_INV("ExtendedMasterSecret", SSL_OP_NO_EXTENDED_MASTER_SECRET), 398 SSL_FLAG_TBL_INV("CANames", SSL_OP_DISABLE_TLSEXT_CA_NAMES), 399 SSL_FLAG_TBL("KTLS", SSL_OP_ENABLE_KTLS) 400 }; 401 if (value == NULL) 402 return -3; 403 cctx->tbl = ssl_option_list; 404 cctx->ntbl = OSSL_NELEM(ssl_option_list); 405 return CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx); 406 } 407 408 static int cmd_VerifyMode(SSL_CONF_CTX *cctx, const char *value) 409 { 410 static const ssl_flag_tbl ssl_vfy_list[] = { 411 SSL_FLAG_VFY_CLI("Peer", SSL_VERIFY_PEER), 412 SSL_FLAG_VFY_SRV("Request", SSL_VERIFY_PEER), 413 SSL_FLAG_VFY_SRV("Require", 414 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT), 415 SSL_FLAG_VFY_SRV("Once", SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE), 416 SSL_FLAG_VFY_SRV("RequestPostHandshake", 417 SSL_VERIFY_PEER | SSL_VERIFY_POST_HANDSHAKE), 418 SSL_FLAG_VFY_SRV("RequirePostHandshake", 419 SSL_VERIFY_PEER | SSL_VERIFY_POST_HANDSHAKE | 420 SSL_VERIFY_FAIL_IF_NO_PEER_CERT), 421 }; 422 if (value == NULL) 423 return -3; 424 cctx->tbl = ssl_vfy_list; 425 cctx->ntbl = OSSL_NELEM(ssl_vfy_list); 426 return CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx); 427 } 428 429 static int cmd_Certificate(SSL_CONF_CTX *cctx, const char *value) 430 { 431 int rv = 1; 432 CERT *c = NULL; 433 if (cctx->ctx) { 434 rv = SSL_CTX_use_certificate_chain_file(cctx->ctx, value); 435 c = cctx->ctx->cert; 436 } 437 if (cctx->ssl) { 438 rv = SSL_use_certificate_chain_file(cctx->ssl, value); 439 c = cctx->ssl->cert; 440 } 441 if (rv > 0 && c && cctx->flags & SSL_CONF_FLAG_REQUIRE_PRIVATE) { 442 char **pfilename = &cctx->cert_filename[c->key - c->pkeys]; 443 OPENSSL_free(*pfilename); 444 *pfilename = OPENSSL_strdup(value); 445 if (*pfilename == NULL) 446 rv = 0; 447 } 448 449 return rv > 0; 450 } 451 452 static int cmd_PrivateKey(SSL_CONF_CTX *cctx, const char *value) 453 { 454 int rv = 1; 455 if (!(cctx->flags & SSL_CONF_FLAG_CERTIFICATE)) 456 return -2; 457 if (cctx->ctx) 458 rv = SSL_CTX_use_PrivateKey_file(cctx->ctx, value, SSL_FILETYPE_PEM); 459 if (cctx->ssl) 460 rv = SSL_use_PrivateKey_file(cctx->ssl, value, SSL_FILETYPE_PEM); 461 return rv > 0; 462 } 463 464 static int cmd_ServerInfoFile(SSL_CONF_CTX *cctx, const char *value) 465 { 466 int rv = 1; 467 if (cctx->ctx) 468 rv = SSL_CTX_use_serverinfo_file(cctx->ctx, value); 469 return rv > 0; 470 } 471 472 static int do_store(SSL_CONF_CTX *cctx, 473 const char *CAfile, const char *CApath, const char *CAstore, 474 int verify_store) 475 { 476 CERT *cert; 477 X509_STORE **st; 478 SSL_CTX *ctx; 479 OSSL_LIB_CTX *libctx = NULL; 480 const char *propq = NULL; 481 482 if (cctx->ctx != NULL) { 483 cert = cctx->ctx->cert; 484 ctx = cctx->ctx; 485 } else if (cctx->ssl != NULL) { 486 cert = cctx->ssl->cert; 487 ctx = cctx->ssl->ctx; 488 } else { 489 return 1; 490 } 491 if (ctx != NULL) { 492 libctx = ctx->libctx; 493 propq = ctx->propq; 494 } 495 st = verify_store ? &cert->verify_store : &cert->chain_store; 496 if (*st == NULL) { 497 *st = X509_STORE_new(); 498 if (*st == NULL) 499 return 0; 500 } 501 502 if (CAfile != NULL && !X509_STORE_load_file_ex(*st, CAfile, libctx, propq)) 503 return 0; 504 if (CApath != NULL && !X509_STORE_load_path(*st, CApath)) 505 return 0; 506 if (CAstore != NULL && !X509_STORE_load_store_ex(*st, CAstore, libctx, 507 propq)) 508 return 0; 509 return 1; 510 } 511 512 static int cmd_ChainCAPath(SSL_CONF_CTX *cctx, const char *value) 513 { 514 return do_store(cctx, NULL, value, NULL, 0); 515 } 516 517 static int cmd_ChainCAFile(SSL_CONF_CTX *cctx, const char *value) 518 { 519 return do_store(cctx, value, NULL, NULL, 0); 520 } 521 522 static int cmd_ChainCAStore(SSL_CONF_CTX *cctx, const char *value) 523 { 524 return do_store(cctx, NULL, NULL, value, 0); 525 } 526 527 static int cmd_VerifyCAPath(SSL_CONF_CTX *cctx, const char *value) 528 { 529 return do_store(cctx, NULL, value, NULL, 1); 530 } 531 532 static int cmd_VerifyCAFile(SSL_CONF_CTX *cctx, const char *value) 533 { 534 return do_store(cctx, value, NULL, NULL, 1); 535 } 536 537 static int cmd_VerifyCAStore(SSL_CONF_CTX *cctx, const char *value) 538 { 539 return do_store(cctx, NULL, NULL, value, 1); 540 } 541 542 static int cmd_RequestCAFile(SSL_CONF_CTX *cctx, const char *value) 543 { 544 if (cctx->canames == NULL) 545 cctx->canames = sk_X509_NAME_new_null(); 546 if (cctx->canames == NULL) 547 return 0; 548 return SSL_add_file_cert_subjects_to_stack(cctx->canames, value); 549 } 550 551 static int cmd_ClientCAFile(SSL_CONF_CTX *cctx, const char *value) 552 { 553 return cmd_RequestCAFile(cctx, value); 554 } 555 556 static int cmd_RequestCAPath(SSL_CONF_CTX *cctx, const char *value) 557 { 558 if (cctx->canames == NULL) 559 cctx->canames = sk_X509_NAME_new_null(); 560 if (cctx->canames == NULL) 561 return 0; 562 return SSL_add_dir_cert_subjects_to_stack(cctx->canames, value); 563 } 564 565 static int cmd_ClientCAPath(SSL_CONF_CTX *cctx, const char *value) 566 { 567 return cmd_RequestCAPath(cctx, value); 568 } 569 570 static int cmd_RequestCAStore(SSL_CONF_CTX *cctx, const char *value) 571 { 572 if (cctx->canames == NULL) 573 cctx->canames = sk_X509_NAME_new_null(); 574 if (cctx->canames == NULL) 575 return 0; 576 return SSL_add_store_cert_subjects_to_stack(cctx->canames, value); 577 } 578 579 static int cmd_ClientCAStore(SSL_CONF_CTX *cctx, const char *value) 580 { 581 return cmd_RequestCAStore(cctx, value); 582 } 583 584 static int cmd_DHParameters(SSL_CONF_CTX *cctx, const char *value) 585 { 586 int rv = 0; 587 EVP_PKEY *dhpkey = NULL; 588 BIO *in = NULL; 589 SSL_CTX *sslctx = (cctx->ssl != NULL) ? cctx->ssl->ctx : cctx->ctx; 590 OSSL_DECODER_CTX *decoderctx = NULL; 591 592 if (cctx->ctx != NULL || cctx->ssl != NULL) { 593 in = BIO_new(BIO_s_file()); 594 if (in == NULL) 595 goto end; 596 if (BIO_read_filename(in, value) <= 0) 597 goto end; 598 599 decoderctx 600 = OSSL_DECODER_CTX_new_for_pkey(&dhpkey, "PEM", NULL, "DH", 601 OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, 602 sslctx->libctx, sslctx->propq); 603 if (decoderctx == NULL) 604 goto end; 605 ERR_set_mark(); 606 while (!OSSL_DECODER_from_bio(decoderctx, in) 607 && dhpkey == NULL 608 && !BIO_eof(in)); 609 OSSL_DECODER_CTX_free(decoderctx); 610 611 if (dhpkey == NULL) { 612 ERR_clear_last_mark(); 613 goto end; 614 } 615 ERR_pop_to_mark(); 616 } else { 617 return 1; 618 } 619 620 if (cctx->ctx != NULL) { 621 if ((rv = SSL_CTX_set0_tmp_dh_pkey(cctx->ctx, dhpkey)) > 0) 622 dhpkey = NULL; 623 } 624 if (cctx->ssl != NULL) { 625 if ((rv = SSL_set0_tmp_dh_pkey(cctx->ssl, dhpkey)) > 0) 626 dhpkey = NULL; 627 } 628 end: 629 EVP_PKEY_free(dhpkey); 630 BIO_free(in); 631 return rv > 0; 632 } 633 634 static int cmd_RecordPadding(SSL_CONF_CTX *cctx, const char *value) 635 { 636 int rv = 0; 637 int block_size = atoi(value); 638 639 /* 640 * All we care about is a non-negative value, 641 * the setters check the range 642 */ 643 if (block_size >= 0) { 644 if (cctx->ctx) 645 rv = SSL_CTX_set_block_padding(cctx->ctx, block_size); 646 if (cctx->ssl) 647 rv = SSL_set_block_padding(cctx->ssl, block_size); 648 } 649 return rv; 650 } 651 652 653 static int cmd_NumTickets(SSL_CONF_CTX *cctx, const char *value) 654 { 655 int rv = 0; 656 int num_tickets = atoi(value); 657 658 if (num_tickets >= 0) { 659 if (cctx->ctx) 660 rv = SSL_CTX_set_num_tickets(cctx->ctx, num_tickets); 661 if (cctx->ssl) 662 rv = SSL_set_num_tickets(cctx->ssl, num_tickets); 663 } 664 return rv; 665 } 666 667 typedef struct { 668 int (*cmd) (SSL_CONF_CTX *cctx, const char *value); 669 const char *str_file; 670 const char *str_cmdline; 671 unsigned short flags; 672 unsigned short value_type; 673 } ssl_conf_cmd_tbl; 674 675 /* Table of supported parameters */ 676 677 #define SSL_CONF_CMD(name, cmdopt, flags, type) \ 678 {cmd_##name, #name, cmdopt, flags, type} 679 680 #define SSL_CONF_CMD_STRING(name, cmdopt, flags) \ 681 SSL_CONF_CMD(name, cmdopt, flags, SSL_CONF_TYPE_STRING) 682 683 #define SSL_CONF_CMD_SWITCH(name, flags) \ 684 {0, NULL, name, flags, SSL_CONF_TYPE_NONE} 685 686 /* See apps/include/opt.h if you change this table. */ 687 /* The SSL_CONF_CMD_SWITCH should be the same order as ssl_cmd_switches */ 688 static const ssl_conf_cmd_tbl ssl_conf_cmds[] = { 689 SSL_CONF_CMD_SWITCH("no_ssl3", 0), 690 SSL_CONF_CMD_SWITCH("no_tls1", 0), 691 SSL_CONF_CMD_SWITCH("no_tls1_1", 0), 692 SSL_CONF_CMD_SWITCH("no_tls1_2", 0), 693 SSL_CONF_CMD_SWITCH("no_tls1_3", 0), 694 SSL_CONF_CMD_SWITCH("bugs", 0), 695 SSL_CONF_CMD_SWITCH("no_comp", 0), 696 SSL_CONF_CMD_SWITCH("comp", 0), 697 SSL_CONF_CMD_SWITCH("ecdh_single", SSL_CONF_FLAG_SERVER), 698 SSL_CONF_CMD_SWITCH("no_ticket", 0), 699 SSL_CONF_CMD_SWITCH("serverpref", SSL_CONF_FLAG_SERVER), 700 SSL_CONF_CMD_SWITCH("legacy_renegotiation", 0), 701 SSL_CONF_CMD_SWITCH("client_renegotiation", SSL_CONF_FLAG_SERVER), 702 SSL_CONF_CMD_SWITCH("legacy_server_connect", SSL_CONF_FLAG_CLIENT), 703 SSL_CONF_CMD_SWITCH("no_renegotiation", 0), 704 SSL_CONF_CMD_SWITCH("no_resumption_on_reneg", SSL_CONF_FLAG_SERVER), 705 SSL_CONF_CMD_SWITCH("no_legacy_server_connect", SSL_CONF_FLAG_CLIENT), 706 SSL_CONF_CMD_SWITCH("allow_no_dhe_kex", 0), 707 SSL_CONF_CMD_SWITCH("prioritize_chacha", SSL_CONF_FLAG_SERVER), 708 SSL_CONF_CMD_SWITCH("strict", 0), 709 SSL_CONF_CMD_SWITCH("no_middlebox", 0), 710 SSL_CONF_CMD_SWITCH("anti_replay", SSL_CONF_FLAG_SERVER), 711 SSL_CONF_CMD_SWITCH("no_anti_replay", SSL_CONF_FLAG_SERVER), 712 SSL_CONF_CMD_SWITCH("no_etm", 0), 713 SSL_CONF_CMD_STRING(SignatureAlgorithms, "sigalgs", 0), 714 SSL_CONF_CMD_STRING(ClientSignatureAlgorithms, "client_sigalgs", 0), 715 SSL_CONF_CMD_STRING(Curves, "curves", 0), 716 SSL_CONF_CMD_STRING(Groups, "groups", 0), 717 SSL_CONF_CMD_STRING(ECDHParameters, "named_curve", SSL_CONF_FLAG_SERVER), 718 SSL_CONF_CMD_STRING(CipherString, "cipher", 0), 719 SSL_CONF_CMD_STRING(Ciphersuites, "ciphersuites", 0), 720 SSL_CONF_CMD_STRING(Protocol, NULL, 0), 721 SSL_CONF_CMD_STRING(MinProtocol, "min_protocol", 0), 722 SSL_CONF_CMD_STRING(MaxProtocol, "max_protocol", 0), 723 SSL_CONF_CMD_STRING(Options, NULL, 0), 724 SSL_CONF_CMD_STRING(VerifyMode, NULL, 0), 725 SSL_CONF_CMD(Certificate, "cert", SSL_CONF_FLAG_CERTIFICATE, 726 SSL_CONF_TYPE_FILE), 727 SSL_CONF_CMD(PrivateKey, "key", SSL_CONF_FLAG_CERTIFICATE, 728 SSL_CONF_TYPE_FILE), 729 SSL_CONF_CMD(ServerInfoFile, NULL, 730 SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE, 731 SSL_CONF_TYPE_FILE), 732 SSL_CONF_CMD(ChainCAPath, "chainCApath", SSL_CONF_FLAG_CERTIFICATE, 733 SSL_CONF_TYPE_DIR), 734 SSL_CONF_CMD(ChainCAFile, "chainCAfile", SSL_CONF_FLAG_CERTIFICATE, 735 SSL_CONF_TYPE_FILE), 736 SSL_CONF_CMD(ChainCAStore, "chainCAstore", SSL_CONF_FLAG_CERTIFICATE, 737 SSL_CONF_TYPE_STORE), 738 SSL_CONF_CMD(VerifyCAPath, "verifyCApath", SSL_CONF_FLAG_CERTIFICATE, 739 SSL_CONF_TYPE_DIR), 740 SSL_CONF_CMD(VerifyCAFile, "verifyCAfile", SSL_CONF_FLAG_CERTIFICATE, 741 SSL_CONF_TYPE_FILE), 742 SSL_CONF_CMD(VerifyCAStore, "verifyCAstore", SSL_CONF_FLAG_CERTIFICATE, 743 SSL_CONF_TYPE_STORE), 744 SSL_CONF_CMD(RequestCAFile, "requestCAFile", SSL_CONF_FLAG_CERTIFICATE, 745 SSL_CONF_TYPE_FILE), 746 SSL_CONF_CMD(ClientCAFile, NULL, 747 SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE, 748 SSL_CONF_TYPE_FILE), 749 SSL_CONF_CMD(RequestCAPath, NULL, SSL_CONF_FLAG_CERTIFICATE, 750 SSL_CONF_TYPE_DIR), 751 SSL_CONF_CMD(ClientCAPath, NULL, 752 SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE, 753 SSL_CONF_TYPE_DIR), 754 SSL_CONF_CMD(RequestCAStore, "requestCAStore", SSL_CONF_FLAG_CERTIFICATE, 755 SSL_CONF_TYPE_STORE), 756 SSL_CONF_CMD(ClientCAStore, NULL, 757 SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE, 758 SSL_CONF_TYPE_STORE), 759 SSL_CONF_CMD(DHParameters, "dhparam", 760 SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE, 761 SSL_CONF_TYPE_FILE), 762 SSL_CONF_CMD_STRING(RecordPadding, "record_padding", 0), 763 SSL_CONF_CMD_STRING(NumTickets, "num_tickets", SSL_CONF_FLAG_SERVER), 764 }; 765 766 /* Supported switches: must match order of switches in ssl_conf_cmds */ 767 static const ssl_switch_tbl ssl_cmd_switches[] = { 768 {SSL_OP_NO_SSLv3, 0}, /* no_ssl3 */ 769 {SSL_OP_NO_TLSv1, 0}, /* no_tls1 */ 770 {SSL_OP_NO_TLSv1_1, 0}, /* no_tls1_1 */ 771 {SSL_OP_NO_TLSv1_2, 0}, /* no_tls1_2 */ 772 {SSL_OP_NO_TLSv1_3, 0}, /* no_tls1_3 */ 773 {SSL_OP_ALL, 0}, /* bugs */ 774 {SSL_OP_NO_COMPRESSION, 0}, /* no_comp */ 775 {SSL_OP_NO_COMPRESSION, SSL_TFLAG_INV}, /* comp */ 776 {SSL_OP_SINGLE_ECDH_USE, 0}, /* ecdh_single */ 777 {SSL_OP_NO_TICKET, 0}, /* no_ticket */ 778 {SSL_OP_CIPHER_SERVER_PREFERENCE, 0}, /* serverpref */ 779 /* legacy_renegotiation */ 780 {SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION, 0}, 781 /* Allow client renegotiation */ 782 {SSL_OP_ALLOW_CLIENT_RENEGOTIATION, 0}, 783 /* legacy_server_connect */ 784 {SSL_OP_LEGACY_SERVER_CONNECT, 0}, 785 /* no_renegotiation */ 786 {SSL_OP_NO_RENEGOTIATION, 0}, 787 /* no_resumption_on_reneg */ 788 {SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION, 0}, 789 /* no_legacy_server_connect */ 790 {SSL_OP_LEGACY_SERVER_CONNECT, SSL_TFLAG_INV}, 791 /* allow_no_dhe_kex */ 792 {SSL_OP_ALLOW_NO_DHE_KEX, 0}, 793 /* chacha reprioritization */ 794 {SSL_OP_PRIORITIZE_CHACHA, 0}, 795 {SSL_CERT_FLAG_TLS_STRICT, SSL_TFLAG_CERT}, /* strict */ 796 /* no_middlebox */ 797 {SSL_OP_ENABLE_MIDDLEBOX_COMPAT, SSL_TFLAG_INV}, 798 /* anti_replay */ 799 {SSL_OP_NO_ANTI_REPLAY, SSL_TFLAG_INV}, 800 /* no_anti_replay */ 801 {SSL_OP_NO_ANTI_REPLAY, 0}, 802 /* no Encrypt-then-Mac */ 803 {SSL_OP_NO_ENCRYPT_THEN_MAC, 0}, 804 }; 805 806 static int ssl_conf_cmd_skip_prefix(SSL_CONF_CTX *cctx, const char **pcmd) 807 { 808 if (pcmd == NULL || *pcmd == NULL) 809 return 0; 810 /* If a prefix is set, check and skip */ 811 if (cctx->prefix) { 812 if (strlen(*pcmd) <= cctx->prefixlen) 813 return 0; 814 if (cctx->flags & SSL_CONF_FLAG_CMDLINE && 815 strncmp(*pcmd, cctx->prefix, cctx->prefixlen)) 816 return 0; 817 if (cctx->flags & SSL_CONF_FLAG_FILE && 818 OPENSSL_strncasecmp(*pcmd, cctx->prefix, cctx->prefixlen)) 819 return 0; 820 *pcmd += cctx->prefixlen; 821 } else if (cctx->flags & SSL_CONF_FLAG_CMDLINE) { 822 if (**pcmd != '-' || !(*pcmd)[1]) 823 return 0; 824 *pcmd += 1; 825 } 826 return 1; 827 } 828 829 /* Determine if a command is allowed according to cctx flags */ 830 static int ssl_conf_cmd_allowed(SSL_CONF_CTX *cctx, const ssl_conf_cmd_tbl * t) 831 { 832 unsigned int tfl = t->flags; 833 unsigned int cfl = cctx->flags; 834 if ((tfl & SSL_CONF_FLAG_SERVER) && !(cfl & SSL_CONF_FLAG_SERVER)) 835 return 0; 836 if ((tfl & SSL_CONF_FLAG_CLIENT) && !(cfl & SSL_CONF_FLAG_CLIENT)) 837 return 0; 838 if ((tfl & SSL_CONF_FLAG_CERTIFICATE) 839 && !(cfl & SSL_CONF_FLAG_CERTIFICATE)) 840 return 0; 841 return 1; 842 } 843 844 static const ssl_conf_cmd_tbl *ssl_conf_cmd_lookup(SSL_CONF_CTX *cctx, 845 const char *cmd) 846 { 847 const ssl_conf_cmd_tbl *t; 848 size_t i; 849 if (cmd == NULL) 850 return NULL; 851 852 /* Look for matching parameter name in table */ 853 for (i = 0, t = ssl_conf_cmds; i < OSSL_NELEM(ssl_conf_cmds); i++, t++) { 854 if (ssl_conf_cmd_allowed(cctx, t)) { 855 if (cctx->flags & SSL_CONF_FLAG_CMDLINE) { 856 if (t->str_cmdline && strcmp(t->str_cmdline, cmd) == 0) 857 return t; 858 } 859 if (cctx->flags & SSL_CONF_FLAG_FILE) { 860 if (t->str_file && OPENSSL_strcasecmp(t->str_file, cmd) == 0) 861 return t; 862 } 863 } 864 } 865 return NULL; 866 } 867 868 static int ctrl_switch_option(SSL_CONF_CTX *cctx, const ssl_conf_cmd_tbl * cmd) 869 { 870 /* Find index of command in table */ 871 size_t idx = cmd - ssl_conf_cmds; 872 const ssl_switch_tbl *scmd; 873 874 /* Sanity check index */ 875 if (idx >= OSSL_NELEM(ssl_cmd_switches)) { 876 ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR); 877 return 0; 878 } 879 /* Obtain switches entry with same index */ 880 scmd = ssl_cmd_switches + idx; 881 ssl_set_option(cctx, scmd->name_flags, scmd->option_value, 1); 882 return 1; 883 } 884 885 int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value) 886 { 887 const ssl_conf_cmd_tbl *runcmd; 888 if (cmd == NULL) { 889 ERR_raise(ERR_LIB_SSL, SSL_R_INVALID_NULL_CMD_NAME); 890 return 0; 891 } 892 893 if (!ssl_conf_cmd_skip_prefix(cctx, &cmd)) 894 goto unknown_cmd; 895 896 runcmd = ssl_conf_cmd_lookup(cctx, cmd); 897 898 if (runcmd) { 899 int rv = -3; 900 901 if (runcmd->value_type == SSL_CONF_TYPE_NONE) { 902 return ctrl_switch_option(cctx, runcmd); 903 } 904 if (value == NULL) 905 goto bad_value; 906 rv = runcmd->cmd(cctx, value); 907 if (rv > 0) 908 return 2; 909 if (rv != -2) 910 rv = 0; 911 912 bad_value: 913 if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS) 914 ERR_raise_data(ERR_LIB_SSL, SSL_R_BAD_VALUE, 915 "cmd=%s, value=%s", cmd, 916 value != NULL ? value : "<EMPTY>"); 917 return rv; 918 } 919 920 unknown_cmd: 921 if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS) 922 ERR_raise_data(ERR_LIB_SSL, SSL_R_UNKNOWN_CMD_NAME, "cmd=%s", cmd); 923 924 return -2; 925 } 926 927 int SSL_CONF_cmd_argv(SSL_CONF_CTX *cctx, int *pargc, char ***pargv) 928 { 929 int rv; 930 const char *arg = NULL, *argn; 931 932 if (pargc != NULL && *pargc == 0) 933 return 0; 934 if (pargc == NULL || *pargc > 0) 935 arg = **pargv; 936 if (arg == NULL) 937 return 0; 938 if (pargc == NULL || *pargc > 1) 939 argn = (*pargv)[1]; 940 else 941 argn = NULL; 942 cctx->flags &= ~SSL_CONF_FLAG_FILE; 943 cctx->flags |= SSL_CONF_FLAG_CMDLINE; 944 rv = SSL_CONF_cmd(cctx, arg, argn); 945 if (rv > 0) { 946 /* Success: update pargc, pargv */ 947 (*pargv) += rv; 948 if (pargc) 949 (*pargc) -= rv; 950 return rv; 951 } 952 /* Unknown switch: indicate no arguments processed */ 953 if (rv == -2) 954 return 0; 955 /* Some error occurred processing command, return fatal error */ 956 if (rv == 0) 957 return -1; 958 return rv; 959 } 960 961 int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd) 962 { 963 if (ssl_conf_cmd_skip_prefix(cctx, &cmd)) { 964 const ssl_conf_cmd_tbl *runcmd; 965 runcmd = ssl_conf_cmd_lookup(cctx, cmd); 966 if (runcmd) 967 return runcmd->value_type; 968 } 969 return SSL_CONF_TYPE_UNKNOWN; 970 } 971 972 SSL_CONF_CTX *SSL_CONF_CTX_new(void) 973 { 974 SSL_CONF_CTX *ret = OPENSSL_zalloc(sizeof(*ret)); 975 976 return ret; 977 } 978 979 int SSL_CONF_CTX_finish(SSL_CONF_CTX *cctx) 980 { 981 /* See if any certificates are missing private keys */ 982 size_t i; 983 CERT *c = NULL; 984 if (cctx->ctx) 985 c = cctx->ctx->cert; 986 else if (cctx->ssl) 987 c = cctx->ssl->cert; 988 if (c && cctx->flags & SSL_CONF_FLAG_REQUIRE_PRIVATE) { 989 for (i = 0; i < SSL_PKEY_NUM; i++) { 990 const char *p = cctx->cert_filename[i]; 991 /* 992 * If missing private key try to load one from certificate file 993 */ 994 if (p && !c->pkeys[i].privatekey) { 995 if (!cmd_PrivateKey(cctx, p)) 996 return 0; 997 } 998 } 999 } 1000 if (cctx->canames) { 1001 if (cctx->ssl) 1002 SSL_set0_CA_list(cctx->ssl, cctx->canames); 1003 else if (cctx->ctx) 1004 SSL_CTX_set0_CA_list(cctx->ctx, cctx->canames); 1005 else 1006 sk_X509_NAME_pop_free(cctx->canames, X509_NAME_free); 1007 cctx->canames = NULL; 1008 } 1009 return 1; 1010 } 1011 1012 void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx) 1013 { 1014 if (cctx) { 1015 size_t i; 1016 for (i = 0; i < SSL_PKEY_NUM; i++) 1017 OPENSSL_free(cctx->cert_filename[i]); 1018 OPENSSL_free(cctx->prefix); 1019 sk_X509_NAME_pop_free(cctx->canames, X509_NAME_free); 1020 OPENSSL_free(cctx); 1021 } 1022 } 1023 1024 unsigned int SSL_CONF_CTX_set_flags(SSL_CONF_CTX *cctx, unsigned int flags) 1025 { 1026 cctx->flags |= flags; 1027 return cctx->flags; 1028 } 1029 1030 unsigned int SSL_CONF_CTX_clear_flags(SSL_CONF_CTX *cctx, unsigned int flags) 1031 { 1032 cctx->flags &= ~flags; 1033 return cctx->flags; 1034 } 1035 1036 int SSL_CONF_CTX_set1_prefix(SSL_CONF_CTX *cctx, const char *pre) 1037 { 1038 char *tmp = NULL; 1039 if (pre) { 1040 tmp = OPENSSL_strdup(pre); 1041 if (tmp == NULL) 1042 return 0; 1043 } 1044 OPENSSL_free(cctx->prefix); 1045 cctx->prefix = tmp; 1046 if (tmp) 1047 cctx->prefixlen = strlen(tmp); 1048 else 1049 cctx->prefixlen = 0; 1050 return 1; 1051 } 1052 1053 void SSL_CONF_CTX_set_ssl(SSL_CONF_CTX *cctx, SSL *ssl) 1054 { 1055 cctx->ssl = ssl; 1056 cctx->ctx = NULL; 1057 if (ssl) { 1058 cctx->poptions = &ssl->options; 1059 cctx->min_version = &ssl->min_proto_version; 1060 cctx->max_version = &ssl->max_proto_version; 1061 cctx->pcert_flags = &ssl->cert->cert_flags; 1062 cctx->pvfy_flags = &ssl->verify_mode; 1063 } else { 1064 cctx->poptions = NULL; 1065 cctx->min_version = NULL; 1066 cctx->max_version = NULL; 1067 cctx->pcert_flags = NULL; 1068 cctx->pvfy_flags = NULL; 1069 } 1070 } 1071 1072 void SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *cctx, SSL_CTX *ctx) 1073 { 1074 cctx->ctx = ctx; 1075 cctx->ssl = NULL; 1076 if (ctx) { 1077 cctx->poptions = &ctx->options; 1078 cctx->min_version = &ctx->min_proto_version; 1079 cctx->max_version = &ctx->max_proto_version; 1080 cctx->pcert_flags = &ctx->cert->cert_flags; 1081 cctx->pvfy_flags = &ctx->verify_mode; 1082 } else { 1083 cctx->poptions = NULL; 1084 cctx->min_version = NULL; 1085 cctx->max_version = NULL; 1086 cctx->pcert_flags = NULL; 1087 cctx->pvfy_flags = NULL; 1088 } 1089 } 1090