1 /* 2 * Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include "ssl_local.h" 12 #include <openssl/conf.h> 13 #include <openssl/objects.h> 14 #include <openssl/dh.h> 15 #include "internal/nelem.h" 16 17 /* 18 * structure holding name tables. This is used for permitted elements in lists 19 * such as TLSv1. 20 */ 21 22 typedef struct { 23 const char *name; 24 int namelen; 25 unsigned int name_flags; 26 unsigned long option_value; 27 } ssl_flag_tbl; 28 29 /* Switch table: use for single command line switches like no_tls2 */ 30 typedef struct { 31 unsigned long option_value; 32 unsigned int name_flags; 33 } ssl_switch_tbl; 34 35 /* Sense of name is inverted e.g. "TLSv1" will clear SSL_OP_NO_TLSv1 */ 36 #define SSL_TFLAG_INV 0x1 37 /* Mask for type of flag referred to */ 38 #define SSL_TFLAG_TYPE_MASK 0xf00 39 /* Flag is for options */ 40 #define SSL_TFLAG_OPTION 0x000 41 /* Flag is for cert_flags */ 42 #define SSL_TFLAG_CERT 0x100 43 /* Flag is for verify mode */ 44 #define SSL_TFLAG_VFY 0x200 45 /* Option can only be used for clients */ 46 #define SSL_TFLAG_CLIENT SSL_CONF_FLAG_CLIENT 47 /* Option can only be used for servers */ 48 #define SSL_TFLAG_SERVER SSL_CONF_FLAG_SERVER 49 #define SSL_TFLAG_BOTH (SSL_TFLAG_CLIENT|SSL_TFLAG_SERVER) 50 51 #define SSL_FLAG_TBL(str, flag) \ 52 {str, (int)(sizeof(str) - 1), SSL_TFLAG_BOTH, flag} 53 #define SSL_FLAG_TBL_SRV(str, flag) \ 54 {str, (int)(sizeof(str) - 1), SSL_TFLAG_SERVER, flag} 55 #define SSL_FLAG_TBL_CLI(str, flag) \ 56 {str, (int)(sizeof(str) - 1), SSL_TFLAG_CLIENT, flag} 57 #define SSL_FLAG_TBL_INV(str, flag) \ 58 {str, (int)(sizeof(str) - 1), SSL_TFLAG_INV|SSL_TFLAG_BOTH, flag} 59 #define SSL_FLAG_TBL_SRV_INV(str, flag) \ 60 {str, (int)(sizeof(str) - 1), SSL_TFLAG_INV|SSL_TFLAG_SERVER, flag} 61 #define SSL_FLAG_TBL_CERT(str, flag) \ 62 {str, (int)(sizeof(str) - 1), SSL_TFLAG_CERT|SSL_TFLAG_BOTH, flag} 63 64 #define SSL_FLAG_VFY_CLI(str, flag) \ 65 {str, (int)(sizeof(str) - 1), SSL_TFLAG_VFY | SSL_TFLAG_CLIENT, flag} 66 #define SSL_FLAG_VFY_SRV(str, flag) \ 67 {str, (int)(sizeof(str) - 1), SSL_TFLAG_VFY | SSL_TFLAG_SERVER, flag} 68 69 /* 70 * Opaque structure containing SSL configuration context. 71 */ 72 73 struct ssl_conf_ctx_st { 74 /* 75 * Various flags indicating (among other things) which options we will 76 * recognise. 77 */ 78 unsigned int flags; 79 /* Prefix and length of commands */ 80 char *prefix; 81 size_t prefixlen; 82 /* SSL_CTX or SSL structure to perform operations on */ 83 SSL_CTX *ctx; 84 SSL *ssl; 85 /* Pointer to SSL or SSL_CTX options field or NULL if none */ 86 uint32_t *poptions; 87 /* Certificate filenames for each type */ 88 char *cert_filename[SSL_PKEY_NUM]; 89 /* Pointer to SSL or SSL_CTX cert_flags or NULL if none */ 90 uint32_t *pcert_flags; 91 /* Pointer to SSL or SSL_CTX verify_mode or NULL if none */ 92 uint32_t *pvfy_flags; 93 /* Pointer to SSL or SSL_CTX min_version field or NULL if none */ 94 int *min_version; 95 /* Pointer to SSL or SSL_CTX max_version field or NULL if none */ 96 int *max_version; 97 /* Current flag table being worked on */ 98 const ssl_flag_tbl *tbl; 99 /* Size of table */ 100 size_t ntbl; 101 /* Client CA names */ 102 STACK_OF(X509_NAME) *canames; 103 }; 104 105 static void ssl_set_option(SSL_CONF_CTX *cctx, unsigned int name_flags, 106 unsigned long option_value, int onoff) 107 { 108 uint32_t *pflags; 109 if (cctx->poptions == NULL) 110 return; 111 if (name_flags & SSL_TFLAG_INV) 112 onoff ^= 1; 113 switch (name_flags & SSL_TFLAG_TYPE_MASK) { 114 115 case SSL_TFLAG_CERT: 116 pflags = cctx->pcert_flags; 117 break; 118 119 case SSL_TFLAG_VFY: 120 pflags = cctx->pvfy_flags; 121 break; 122 123 case SSL_TFLAG_OPTION: 124 pflags = cctx->poptions; 125 break; 126 127 default: 128 return; 129 130 } 131 if (onoff) 132 *pflags |= option_value; 133 else 134 *pflags &= ~option_value; 135 } 136 137 static int ssl_match_option(SSL_CONF_CTX *cctx, const ssl_flag_tbl *tbl, 138 const char *name, int namelen, int onoff) 139 { 140 /* If name not relevant for context skip */ 141 if (!(cctx->flags & tbl->name_flags & SSL_TFLAG_BOTH)) 142 return 0; 143 if (namelen == -1) { 144 if (strcmp(tbl->name, name)) 145 return 0; 146 } else if (tbl->namelen != namelen || strncasecmp(tbl->name, name, namelen)) 147 return 0; 148 ssl_set_option(cctx, tbl->name_flags, tbl->option_value, onoff); 149 return 1; 150 } 151 152 static int ssl_set_option_list(const char *elem, int len, void *usr) 153 { 154 SSL_CONF_CTX *cctx = usr; 155 size_t i; 156 const ssl_flag_tbl *tbl; 157 int onoff = 1; 158 /* 159 * len == -1 indicates not being called in list context, just for single 160 * command line switches, so don't allow +, -. 161 */ 162 if (elem == NULL) 163 return 0; 164 if (len != -1) { 165 if (*elem == '+') { 166 elem++; 167 len--; 168 onoff = 1; 169 } else if (*elem == '-') { 170 elem++; 171 len--; 172 onoff = 0; 173 } 174 } 175 for (i = 0, tbl = cctx->tbl; i < cctx->ntbl; i++, tbl++) { 176 if (ssl_match_option(cctx, tbl, elem, len, onoff)) 177 return 1; 178 } 179 return 0; 180 } 181 182 /* Set supported signature algorithms */ 183 static int cmd_SignatureAlgorithms(SSL_CONF_CTX *cctx, const char *value) 184 { 185 int rv; 186 if (cctx->ssl) 187 rv = SSL_set1_sigalgs_list(cctx->ssl, value); 188 /* NB: ctx == NULL performs syntax checking only */ 189 else 190 rv = SSL_CTX_set1_sigalgs_list(cctx->ctx, value); 191 return rv > 0; 192 } 193 194 /* Set supported client signature algorithms */ 195 static int cmd_ClientSignatureAlgorithms(SSL_CONF_CTX *cctx, const char *value) 196 { 197 int rv; 198 if (cctx->ssl) 199 rv = SSL_set1_client_sigalgs_list(cctx->ssl, value); 200 /* NB: ctx == NULL performs syntax checking only */ 201 else 202 rv = SSL_CTX_set1_client_sigalgs_list(cctx->ctx, value); 203 return rv > 0; 204 } 205 206 static int cmd_Groups(SSL_CONF_CTX *cctx, const char *value) 207 { 208 int rv; 209 if (cctx->ssl) 210 rv = SSL_set1_groups_list(cctx->ssl, value); 211 /* NB: ctx == NULL performs syntax checking only */ 212 else 213 rv = SSL_CTX_set1_groups_list(cctx->ctx, value); 214 return rv > 0; 215 } 216 217 /* This is the old name for cmd_Groups - retained for backwards compatibility */ 218 static int cmd_Curves(SSL_CONF_CTX *cctx, const char *value) 219 { 220 return cmd_Groups(cctx, value); 221 } 222 223 #ifndef OPENSSL_NO_EC 224 /* ECDH temporary parameters */ 225 static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value) 226 { 227 int rv = 1; 228 EC_KEY *ecdh; 229 int nid; 230 231 /* Ignore values supported by 1.0.2 for the automatic selection */ 232 if ((cctx->flags & SSL_CONF_FLAG_FILE) 233 && (strcasecmp(value, "+automatic") == 0 234 || strcasecmp(value, "automatic") == 0)) 235 return 1; 236 if ((cctx->flags & SSL_CONF_FLAG_CMDLINE) && 237 strcmp(value, "auto") == 0) 238 return 1; 239 240 nid = EC_curve_nist2nid(value); 241 if (nid == NID_undef) 242 nid = OBJ_sn2nid(value); 243 if (nid == 0) 244 return 0; 245 ecdh = EC_KEY_new_by_curve_name(nid); 246 if (!ecdh) 247 return 0; 248 if (cctx->ctx) 249 rv = SSL_CTX_set_tmp_ecdh(cctx->ctx, ecdh); 250 else if (cctx->ssl) 251 rv = SSL_set_tmp_ecdh(cctx->ssl, ecdh); 252 EC_KEY_free(ecdh); 253 254 return rv > 0; 255 } 256 #endif 257 static int cmd_CipherString(SSL_CONF_CTX *cctx, const char *value) 258 { 259 int rv = 1; 260 261 if (cctx->ctx) 262 rv = SSL_CTX_set_cipher_list(cctx->ctx, value); 263 if (cctx->ssl) 264 rv = SSL_set_cipher_list(cctx->ssl, value); 265 return rv > 0; 266 } 267 268 static int cmd_Ciphersuites(SSL_CONF_CTX *cctx, const char *value) 269 { 270 int rv = 1; 271 272 if (cctx->ctx) 273 rv = SSL_CTX_set_ciphersuites(cctx->ctx, value); 274 if (cctx->ssl) 275 rv = SSL_set_ciphersuites(cctx->ssl, value); 276 return rv > 0; 277 } 278 279 static int cmd_Protocol(SSL_CONF_CTX *cctx, const char *value) 280 { 281 static const ssl_flag_tbl ssl_protocol_list[] = { 282 SSL_FLAG_TBL_INV("ALL", SSL_OP_NO_SSL_MASK), 283 SSL_FLAG_TBL_INV("SSLv2", SSL_OP_NO_SSLv2), 284 SSL_FLAG_TBL_INV("SSLv3", SSL_OP_NO_SSLv3), 285 SSL_FLAG_TBL_INV("TLSv1", SSL_OP_NO_TLSv1), 286 SSL_FLAG_TBL_INV("TLSv1.1", SSL_OP_NO_TLSv1_1), 287 SSL_FLAG_TBL_INV("TLSv1.2", SSL_OP_NO_TLSv1_2), 288 SSL_FLAG_TBL_INV("TLSv1.3", SSL_OP_NO_TLSv1_3), 289 SSL_FLAG_TBL_INV("DTLSv1", SSL_OP_NO_DTLSv1), 290 SSL_FLAG_TBL_INV("DTLSv1.2", SSL_OP_NO_DTLSv1_2) 291 }; 292 cctx->tbl = ssl_protocol_list; 293 cctx->ntbl = OSSL_NELEM(ssl_protocol_list); 294 return CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx); 295 } 296 297 /* 298 * protocol_from_string - converts a protocol version string to a number 299 * 300 * Returns -1 on failure or the version on success 301 */ 302 static int protocol_from_string(const char *value) 303 { 304 struct protocol_versions { 305 const char *name; 306 int version; 307 }; 308 /* 309 * Note: To avoid breaking previously valid configurations, we must retain 310 * legacy entries in this table even if the underlying protocol is no 311 * longer supported. This also means that the constants SSL3_VERSION, ... 312 * need to be retained indefinitely. This table can only grow, never 313 * shrink. 314 */ 315 static const struct protocol_versions versions[] = { 316 {"None", 0}, 317 {"SSLv3", SSL3_VERSION}, 318 {"TLSv1", TLS1_VERSION}, 319 {"TLSv1.1", TLS1_1_VERSION}, 320 {"TLSv1.2", TLS1_2_VERSION}, 321 {"TLSv1.3", TLS1_3_VERSION}, 322 {"DTLSv1", DTLS1_VERSION}, 323 {"DTLSv1.2", DTLS1_2_VERSION} 324 }; 325 size_t i; 326 size_t n = OSSL_NELEM(versions); 327 328 for (i = 0; i < n; i++) 329 if (strcmp(versions[i].name, value) == 0) 330 return versions[i].version; 331 return -1; 332 } 333 334 static int min_max_proto(SSL_CONF_CTX *cctx, const char *value, int *bound) 335 { 336 int method_version; 337 int new_version; 338 339 if (cctx->ctx != NULL) 340 method_version = cctx->ctx->method->version; 341 else if (cctx->ssl != NULL) 342 method_version = cctx->ssl->ctx->method->version; 343 else 344 return 0; 345 if ((new_version = protocol_from_string(value)) < 0) 346 return 0; 347 return ssl_set_version_bound(method_version, new_version, bound); 348 } 349 350 /* 351 * cmd_MinProtocol - Set min protocol version 352 * @cctx: config structure to save settings in 353 * @value: The min protocol version in string form 354 * 355 * Returns 1 on success and 0 on failure. 356 */ 357 static int cmd_MinProtocol(SSL_CONF_CTX *cctx, const char *value) 358 { 359 return min_max_proto(cctx, value, cctx->min_version); 360 } 361 362 /* 363 * cmd_MaxProtocol - Set max protocol version 364 * @cctx: config structure to save settings in 365 * @value: The max protocol version in string form 366 * 367 * Returns 1 on success and 0 on failure. 368 */ 369 static int cmd_MaxProtocol(SSL_CONF_CTX *cctx, const char *value) 370 { 371 return min_max_proto(cctx, value, cctx->max_version); 372 } 373 374 static int cmd_Options(SSL_CONF_CTX *cctx, const char *value) 375 { 376 static const ssl_flag_tbl ssl_option_list[] = { 377 SSL_FLAG_TBL_INV("SessionTicket", SSL_OP_NO_TICKET), 378 SSL_FLAG_TBL_INV("EmptyFragments", 379 SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS), 380 SSL_FLAG_TBL("Bugs", SSL_OP_ALL), 381 SSL_FLAG_TBL_INV("Compression", SSL_OP_NO_COMPRESSION), 382 SSL_FLAG_TBL_SRV("ServerPreference", SSL_OP_CIPHER_SERVER_PREFERENCE), 383 SSL_FLAG_TBL_SRV("NoResumptionOnRenegotiation", 384 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION), 385 SSL_FLAG_TBL_SRV("DHSingle", SSL_OP_SINGLE_DH_USE), 386 SSL_FLAG_TBL_SRV("ECDHSingle", SSL_OP_SINGLE_ECDH_USE), 387 SSL_FLAG_TBL("UnsafeLegacyRenegotiation", 388 SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION), 389 SSL_FLAG_TBL_INV("EncryptThenMac", SSL_OP_NO_ENCRYPT_THEN_MAC), 390 SSL_FLAG_TBL("NoRenegotiation", SSL_OP_NO_RENEGOTIATION), 391 SSL_FLAG_TBL("AllowNoDHEKEX", SSL_OP_ALLOW_NO_DHE_KEX), 392 SSL_FLAG_TBL("PrioritizeChaCha", SSL_OP_PRIORITIZE_CHACHA), 393 SSL_FLAG_TBL("MiddleboxCompat", SSL_OP_ENABLE_MIDDLEBOX_COMPAT), 394 SSL_FLAG_TBL_INV("AntiReplay", SSL_OP_NO_ANTI_REPLAY), 395 SSL_FLAG_TBL("KTLS", SSL_OP_ENABLE_KTLS) 396 }; 397 if (value == NULL) 398 return -3; 399 cctx->tbl = ssl_option_list; 400 cctx->ntbl = OSSL_NELEM(ssl_option_list); 401 return CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx); 402 } 403 404 static int cmd_VerifyMode(SSL_CONF_CTX *cctx, const char *value) 405 { 406 static const ssl_flag_tbl ssl_vfy_list[] = { 407 SSL_FLAG_VFY_CLI("Peer", SSL_VERIFY_PEER), 408 SSL_FLAG_VFY_SRV("Request", SSL_VERIFY_PEER), 409 SSL_FLAG_VFY_SRV("Require", 410 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT), 411 SSL_FLAG_VFY_SRV("Once", SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE), 412 SSL_FLAG_VFY_SRV("RequestPostHandshake", 413 SSL_VERIFY_PEER | SSL_VERIFY_POST_HANDSHAKE), 414 SSL_FLAG_VFY_SRV("RequirePostHandshake", 415 SSL_VERIFY_PEER | SSL_VERIFY_POST_HANDSHAKE | 416 SSL_VERIFY_FAIL_IF_NO_PEER_CERT), 417 }; 418 if (value == NULL) 419 return -3; 420 cctx->tbl = ssl_vfy_list; 421 cctx->ntbl = OSSL_NELEM(ssl_vfy_list); 422 return CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx); 423 } 424 425 static int cmd_Certificate(SSL_CONF_CTX *cctx, const char *value) 426 { 427 int rv = 1; 428 CERT *c = NULL; 429 if (cctx->ctx) { 430 rv = SSL_CTX_use_certificate_chain_file(cctx->ctx, value); 431 c = cctx->ctx->cert; 432 } 433 if (cctx->ssl) { 434 rv = SSL_use_certificate_chain_file(cctx->ssl, value); 435 c = cctx->ssl->cert; 436 } 437 if (rv > 0 && c && cctx->flags & SSL_CONF_FLAG_REQUIRE_PRIVATE) { 438 char **pfilename = &cctx->cert_filename[c->key - c->pkeys]; 439 OPENSSL_free(*pfilename); 440 *pfilename = OPENSSL_strdup(value); 441 if (!*pfilename) 442 rv = 0; 443 } 444 445 return rv > 0; 446 } 447 448 static int cmd_PrivateKey(SSL_CONF_CTX *cctx, const char *value) 449 { 450 int rv = 1; 451 if (!(cctx->flags & SSL_CONF_FLAG_CERTIFICATE)) 452 return -2; 453 if (cctx->ctx) 454 rv = SSL_CTX_use_PrivateKey_file(cctx->ctx, value, SSL_FILETYPE_PEM); 455 if (cctx->ssl) 456 rv = SSL_use_PrivateKey_file(cctx->ssl, value, SSL_FILETYPE_PEM); 457 return rv > 0; 458 } 459 460 static int cmd_ServerInfoFile(SSL_CONF_CTX *cctx, const char *value) 461 { 462 int rv = 1; 463 if (cctx->ctx) 464 rv = SSL_CTX_use_serverinfo_file(cctx->ctx, value); 465 return rv > 0; 466 } 467 468 static int do_store(SSL_CONF_CTX *cctx, 469 const char *CAfile, const char *CApath, int verify_store) 470 { 471 CERT *cert; 472 X509_STORE **st; 473 if (cctx->ctx) 474 cert = cctx->ctx->cert; 475 else if (cctx->ssl) 476 cert = cctx->ssl->cert; 477 else 478 return 1; 479 st = verify_store ? &cert->verify_store : &cert->chain_store; 480 if (*st == NULL) { 481 *st = X509_STORE_new(); 482 if (*st == NULL) 483 return 0; 484 } 485 return X509_STORE_load_locations(*st, CAfile, CApath) > 0; 486 } 487 488 static int cmd_ChainCAPath(SSL_CONF_CTX *cctx, const char *value) 489 { 490 return do_store(cctx, NULL, value, 0); 491 } 492 493 static int cmd_ChainCAFile(SSL_CONF_CTX *cctx, const char *value) 494 { 495 return do_store(cctx, value, NULL, 0); 496 } 497 498 static int cmd_VerifyCAPath(SSL_CONF_CTX *cctx, const char *value) 499 { 500 return do_store(cctx, NULL, value, 1); 501 } 502 503 static int cmd_VerifyCAFile(SSL_CONF_CTX *cctx, const char *value) 504 { 505 return do_store(cctx, value, NULL, 1); 506 } 507 508 static int cmd_RequestCAFile(SSL_CONF_CTX *cctx, const char *value) 509 { 510 if (cctx->canames == NULL) 511 cctx->canames = sk_X509_NAME_new_null(); 512 if (cctx->canames == NULL) 513 return 0; 514 return SSL_add_file_cert_subjects_to_stack(cctx->canames, value); 515 } 516 517 static int cmd_ClientCAFile(SSL_CONF_CTX *cctx, const char *value) 518 { 519 return cmd_RequestCAFile(cctx, value); 520 } 521 522 static int cmd_RequestCAPath(SSL_CONF_CTX *cctx, const char *value) 523 { 524 if (cctx->canames == NULL) 525 cctx->canames = sk_X509_NAME_new_null(); 526 if (cctx->canames == NULL) 527 return 0; 528 return SSL_add_dir_cert_subjects_to_stack(cctx->canames, value); 529 } 530 531 static int cmd_ClientCAPath(SSL_CONF_CTX *cctx, const char *value) 532 { 533 return cmd_RequestCAPath(cctx, value); 534 } 535 536 #ifndef OPENSSL_NO_DH 537 static int cmd_DHParameters(SSL_CONF_CTX *cctx, const char *value) 538 { 539 int rv = 0; 540 DH *dh = NULL; 541 BIO *in = NULL; 542 if (cctx->ctx || cctx->ssl) { 543 in = BIO_new(BIO_s_file()); 544 if (in == NULL) 545 goto end; 546 if (BIO_read_filename(in, value) <= 0) 547 goto end; 548 dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL); 549 if (dh == NULL) 550 goto end; 551 } else 552 return 1; 553 if (cctx->ctx) 554 rv = SSL_CTX_set_tmp_dh(cctx->ctx, dh); 555 if (cctx->ssl) 556 rv = SSL_set_tmp_dh(cctx->ssl, dh); 557 end: 558 DH_free(dh); 559 BIO_free(in); 560 return rv > 0; 561 } 562 #endif 563 564 static int cmd_RecordPadding(SSL_CONF_CTX *cctx, const char *value) 565 { 566 int rv = 0; 567 int block_size = atoi(value); 568 569 /* 570 * All we care about is a non-negative value, 571 * the setters check the range 572 */ 573 if (block_size >= 0) { 574 if (cctx->ctx) 575 rv = SSL_CTX_set_block_padding(cctx->ctx, block_size); 576 if (cctx->ssl) 577 rv = SSL_set_block_padding(cctx->ssl, block_size); 578 } 579 return rv; 580 } 581 582 583 static int cmd_NumTickets(SSL_CONF_CTX *cctx, const char *value) 584 { 585 int rv = 0; 586 int num_tickets = atoi(value); 587 588 if (num_tickets >= 0) { 589 if (cctx->ctx) 590 rv = SSL_CTX_set_num_tickets(cctx->ctx, num_tickets); 591 if (cctx->ssl) 592 rv = SSL_set_num_tickets(cctx->ssl, num_tickets); 593 } 594 return rv; 595 } 596 597 typedef struct { 598 int (*cmd) (SSL_CONF_CTX *cctx, const char *value); 599 const char *str_file; 600 const char *str_cmdline; 601 unsigned short flags; 602 unsigned short value_type; 603 } ssl_conf_cmd_tbl; 604 605 /* Table of supported parameters */ 606 607 #define SSL_CONF_CMD(name, cmdopt, flags, type) \ 608 {cmd_##name, #name, cmdopt, flags, type} 609 610 #define SSL_CONF_CMD_STRING(name, cmdopt, flags) \ 611 SSL_CONF_CMD(name, cmdopt, flags, SSL_CONF_TYPE_STRING) 612 613 #define SSL_CONF_CMD_SWITCH(name, flags) \ 614 {0, NULL, name, flags, SSL_CONF_TYPE_NONE} 615 616 /* See apps/apps.h if you change this table. */ 617 static const ssl_conf_cmd_tbl ssl_conf_cmds[] = { 618 SSL_CONF_CMD_SWITCH("no_ssl3", 0), 619 SSL_CONF_CMD_SWITCH("no_tls1", 0), 620 SSL_CONF_CMD_SWITCH("no_tls1_1", 0), 621 SSL_CONF_CMD_SWITCH("no_tls1_2", 0), 622 SSL_CONF_CMD_SWITCH("no_tls1_3", 0), 623 SSL_CONF_CMD_SWITCH("bugs", 0), 624 SSL_CONF_CMD_SWITCH("no_comp", 0), 625 SSL_CONF_CMD_SWITCH("comp", 0), 626 SSL_CONF_CMD_SWITCH("ecdh_single", SSL_CONF_FLAG_SERVER), 627 SSL_CONF_CMD_SWITCH("no_ticket", 0), 628 SSL_CONF_CMD_SWITCH("serverpref", SSL_CONF_FLAG_SERVER), 629 SSL_CONF_CMD_SWITCH("legacy_renegotiation", 0), 630 SSL_CONF_CMD_SWITCH("legacy_server_connect", SSL_CONF_FLAG_SERVER), 631 SSL_CONF_CMD_SWITCH("no_renegotiation", 0), 632 SSL_CONF_CMD_SWITCH("no_resumption_on_reneg", SSL_CONF_FLAG_SERVER), 633 SSL_CONF_CMD_SWITCH("no_legacy_server_connect", SSL_CONF_FLAG_SERVER), 634 SSL_CONF_CMD_SWITCH("allow_no_dhe_kex", 0), 635 SSL_CONF_CMD_SWITCH("prioritize_chacha", SSL_CONF_FLAG_SERVER), 636 SSL_CONF_CMD_SWITCH("strict", 0), 637 SSL_CONF_CMD_SWITCH("no_middlebox", 0), 638 SSL_CONF_CMD_SWITCH("anti_replay", SSL_CONF_FLAG_SERVER), 639 SSL_CONF_CMD_SWITCH("no_anti_replay", SSL_CONF_FLAG_SERVER), 640 SSL_CONF_CMD_STRING(SignatureAlgorithms, "sigalgs", 0), 641 SSL_CONF_CMD_STRING(ClientSignatureAlgorithms, "client_sigalgs", 0), 642 SSL_CONF_CMD_STRING(Curves, "curves", 0), 643 SSL_CONF_CMD_STRING(Groups, "groups", 0), 644 #ifndef OPENSSL_NO_EC 645 SSL_CONF_CMD_STRING(ECDHParameters, "named_curve", SSL_CONF_FLAG_SERVER), 646 #endif 647 SSL_CONF_CMD_STRING(CipherString, "cipher", 0), 648 SSL_CONF_CMD_STRING(Ciphersuites, "ciphersuites", 0), 649 SSL_CONF_CMD_STRING(Protocol, NULL, 0), 650 SSL_CONF_CMD_STRING(MinProtocol, "min_protocol", 0), 651 SSL_CONF_CMD_STRING(MaxProtocol, "max_protocol", 0), 652 SSL_CONF_CMD_STRING(Options, NULL, 0), 653 SSL_CONF_CMD_STRING(VerifyMode, NULL, 0), 654 SSL_CONF_CMD(Certificate, "cert", SSL_CONF_FLAG_CERTIFICATE, 655 SSL_CONF_TYPE_FILE), 656 SSL_CONF_CMD(PrivateKey, "key", SSL_CONF_FLAG_CERTIFICATE, 657 SSL_CONF_TYPE_FILE), 658 SSL_CONF_CMD(ServerInfoFile, NULL, 659 SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE, 660 SSL_CONF_TYPE_FILE), 661 SSL_CONF_CMD(ChainCAPath, "chainCApath", SSL_CONF_FLAG_CERTIFICATE, 662 SSL_CONF_TYPE_DIR), 663 SSL_CONF_CMD(ChainCAFile, "chainCAfile", SSL_CONF_FLAG_CERTIFICATE, 664 SSL_CONF_TYPE_FILE), 665 SSL_CONF_CMD(VerifyCAPath, "verifyCApath", SSL_CONF_FLAG_CERTIFICATE, 666 SSL_CONF_TYPE_DIR), 667 SSL_CONF_CMD(VerifyCAFile, "verifyCAfile", SSL_CONF_FLAG_CERTIFICATE, 668 SSL_CONF_TYPE_FILE), 669 SSL_CONF_CMD(RequestCAFile, "requestCAFile", SSL_CONF_FLAG_CERTIFICATE, 670 SSL_CONF_TYPE_FILE), 671 SSL_CONF_CMD(ClientCAFile, NULL, 672 SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE, 673 SSL_CONF_TYPE_FILE), 674 SSL_CONF_CMD(RequestCAPath, NULL, SSL_CONF_FLAG_CERTIFICATE, 675 SSL_CONF_TYPE_DIR), 676 SSL_CONF_CMD(ClientCAPath, NULL, 677 SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE, 678 SSL_CONF_TYPE_DIR), 679 #ifndef OPENSSL_NO_DH 680 SSL_CONF_CMD(DHParameters, "dhparam", 681 SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE, 682 SSL_CONF_TYPE_FILE), 683 #endif 684 SSL_CONF_CMD_STRING(RecordPadding, "record_padding", 0), 685 SSL_CONF_CMD_STRING(NumTickets, "num_tickets", SSL_CONF_FLAG_SERVER), 686 }; 687 688 /* Supported switches: must match order of switches in ssl_conf_cmds */ 689 static const ssl_switch_tbl ssl_cmd_switches[] = { 690 {SSL_OP_NO_SSLv3, 0}, /* no_ssl3 */ 691 {SSL_OP_NO_TLSv1, 0}, /* no_tls1 */ 692 {SSL_OP_NO_TLSv1_1, 0}, /* no_tls1_1 */ 693 {SSL_OP_NO_TLSv1_2, 0}, /* no_tls1_2 */ 694 {SSL_OP_NO_TLSv1_3, 0}, /* no_tls1_3 */ 695 {SSL_OP_ALL, 0}, /* bugs */ 696 {SSL_OP_NO_COMPRESSION, 0}, /* no_comp */ 697 {SSL_OP_NO_COMPRESSION, SSL_TFLAG_INV}, /* comp */ 698 {SSL_OP_SINGLE_ECDH_USE, 0}, /* ecdh_single */ 699 {SSL_OP_NO_TICKET, 0}, /* no_ticket */ 700 {SSL_OP_CIPHER_SERVER_PREFERENCE, 0}, /* serverpref */ 701 /* legacy_renegotiation */ 702 {SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION, 0}, 703 /* legacy_server_connect */ 704 {SSL_OP_LEGACY_SERVER_CONNECT, 0}, 705 /* no_renegotiation */ 706 {SSL_OP_NO_RENEGOTIATION, 0}, 707 /* no_resumption_on_reneg */ 708 {SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION, 0}, 709 /* no_legacy_server_connect */ 710 {SSL_OP_LEGACY_SERVER_CONNECT, SSL_TFLAG_INV}, 711 /* allow_no_dhe_kex */ 712 {SSL_OP_ALLOW_NO_DHE_KEX, 0}, 713 /* chacha reprioritization */ 714 {SSL_OP_PRIORITIZE_CHACHA, 0}, 715 {SSL_CERT_FLAG_TLS_STRICT, SSL_TFLAG_CERT}, /* strict */ 716 /* no_middlebox */ 717 {SSL_OP_ENABLE_MIDDLEBOX_COMPAT, SSL_TFLAG_INV}, 718 /* anti_replay */ 719 {SSL_OP_NO_ANTI_REPLAY, SSL_TFLAG_INV}, 720 /* no_anti_replay */ 721 {SSL_OP_NO_ANTI_REPLAY, 0}, 722 }; 723 724 static int ssl_conf_cmd_skip_prefix(SSL_CONF_CTX *cctx, const char **pcmd) 725 { 726 if (!pcmd || !*pcmd) 727 return 0; 728 /* If a prefix is set, check and skip */ 729 if (cctx->prefix) { 730 if (strlen(*pcmd) <= cctx->prefixlen) 731 return 0; 732 if (cctx->flags & SSL_CONF_FLAG_CMDLINE && 733 strncmp(*pcmd, cctx->prefix, cctx->prefixlen)) 734 return 0; 735 if (cctx->flags & SSL_CONF_FLAG_FILE && 736 strncasecmp(*pcmd, cctx->prefix, cctx->prefixlen)) 737 return 0; 738 *pcmd += cctx->prefixlen; 739 } else if (cctx->flags & SSL_CONF_FLAG_CMDLINE) { 740 if (**pcmd != '-' || !(*pcmd)[1]) 741 return 0; 742 *pcmd += 1; 743 } 744 return 1; 745 } 746 747 /* Determine if a command is allowed according to cctx flags */ 748 static int ssl_conf_cmd_allowed(SSL_CONF_CTX *cctx, const ssl_conf_cmd_tbl * t) 749 { 750 unsigned int tfl = t->flags; 751 unsigned int cfl = cctx->flags; 752 if ((tfl & SSL_CONF_FLAG_SERVER) && !(cfl & SSL_CONF_FLAG_SERVER)) 753 return 0; 754 if ((tfl & SSL_CONF_FLAG_CLIENT) && !(cfl & SSL_CONF_FLAG_CLIENT)) 755 return 0; 756 if ((tfl & SSL_CONF_FLAG_CERTIFICATE) 757 && !(cfl & SSL_CONF_FLAG_CERTIFICATE)) 758 return 0; 759 return 1; 760 } 761 762 static const ssl_conf_cmd_tbl *ssl_conf_cmd_lookup(SSL_CONF_CTX *cctx, 763 const char *cmd) 764 { 765 const ssl_conf_cmd_tbl *t; 766 size_t i; 767 if (cmd == NULL) 768 return NULL; 769 770 /* Look for matching parameter name in table */ 771 for (i = 0, t = ssl_conf_cmds; i < OSSL_NELEM(ssl_conf_cmds); i++, t++) { 772 if (ssl_conf_cmd_allowed(cctx, t)) { 773 if (cctx->flags & SSL_CONF_FLAG_CMDLINE) { 774 if (t->str_cmdline && strcmp(t->str_cmdline, cmd) == 0) 775 return t; 776 } 777 if (cctx->flags & SSL_CONF_FLAG_FILE) { 778 if (t->str_file && strcasecmp(t->str_file, cmd) == 0) 779 return t; 780 } 781 } 782 } 783 return NULL; 784 } 785 786 static int ctrl_switch_option(SSL_CONF_CTX *cctx, const ssl_conf_cmd_tbl * cmd) 787 { 788 /* Find index of command in table */ 789 size_t idx = cmd - ssl_conf_cmds; 790 const ssl_switch_tbl *scmd; 791 /* Sanity check index */ 792 if (idx >= OSSL_NELEM(ssl_cmd_switches)) 793 return 0; 794 /* Obtain switches entry with same index */ 795 scmd = ssl_cmd_switches + idx; 796 ssl_set_option(cctx, scmd->name_flags, scmd->option_value, 1); 797 return 1; 798 } 799 800 int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value) 801 { 802 const ssl_conf_cmd_tbl *runcmd; 803 if (cmd == NULL) { 804 SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_INVALID_NULL_CMD_NAME); 805 return 0; 806 } 807 808 if (!ssl_conf_cmd_skip_prefix(cctx, &cmd)) 809 return -2; 810 811 runcmd = ssl_conf_cmd_lookup(cctx, cmd); 812 813 if (runcmd) { 814 int rv; 815 if (runcmd->value_type == SSL_CONF_TYPE_NONE) { 816 return ctrl_switch_option(cctx, runcmd); 817 } 818 if (value == NULL) 819 return -3; 820 rv = runcmd->cmd(cctx, value); 821 if (rv > 0) 822 return 2; 823 if (rv == -2) 824 return -2; 825 if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS) { 826 SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_BAD_VALUE); 827 ERR_add_error_data(4, "cmd=", cmd, ", value=", value); 828 } 829 return 0; 830 } 831 832 if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS) { 833 SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_UNKNOWN_CMD_NAME); 834 ERR_add_error_data(2, "cmd=", cmd); 835 } 836 837 return -2; 838 } 839 840 int SSL_CONF_cmd_argv(SSL_CONF_CTX *cctx, int *pargc, char ***pargv) 841 { 842 int rv; 843 const char *arg = NULL, *argn; 844 if (pargc && *pargc == 0) 845 return 0; 846 if (!pargc || *pargc > 0) 847 arg = **pargv; 848 if (arg == NULL) 849 return 0; 850 if (!pargc || *pargc > 1) 851 argn = (*pargv)[1]; 852 else 853 argn = NULL; 854 cctx->flags &= ~SSL_CONF_FLAG_FILE; 855 cctx->flags |= SSL_CONF_FLAG_CMDLINE; 856 rv = SSL_CONF_cmd(cctx, arg, argn); 857 if (rv > 0) { 858 /* Success: update pargc, pargv */ 859 (*pargv) += rv; 860 if (pargc) 861 (*pargc) -= rv; 862 return rv; 863 } 864 /* Unknown switch: indicate no arguments processed */ 865 if (rv == -2) 866 return 0; 867 /* Some error occurred processing command, return fatal error */ 868 if (rv == 0) 869 return -1; 870 return rv; 871 } 872 873 int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd) 874 { 875 if (ssl_conf_cmd_skip_prefix(cctx, &cmd)) { 876 const ssl_conf_cmd_tbl *runcmd; 877 runcmd = ssl_conf_cmd_lookup(cctx, cmd); 878 if (runcmd) 879 return runcmd->value_type; 880 } 881 return SSL_CONF_TYPE_UNKNOWN; 882 } 883 884 SSL_CONF_CTX *SSL_CONF_CTX_new(void) 885 { 886 SSL_CONF_CTX *ret = OPENSSL_zalloc(sizeof(*ret)); 887 888 return ret; 889 } 890 891 int SSL_CONF_CTX_finish(SSL_CONF_CTX *cctx) 892 { 893 /* See if any certificates are missing private keys */ 894 size_t i; 895 CERT *c = NULL; 896 if (cctx->ctx) 897 c = cctx->ctx->cert; 898 else if (cctx->ssl) 899 c = cctx->ssl->cert; 900 if (c && cctx->flags & SSL_CONF_FLAG_REQUIRE_PRIVATE) { 901 for (i = 0; i < SSL_PKEY_NUM; i++) { 902 const char *p = cctx->cert_filename[i]; 903 /* 904 * If missing private key try to load one from certificate file 905 */ 906 if (p && !c->pkeys[i].privatekey) { 907 if (!cmd_PrivateKey(cctx, p)) 908 return 0; 909 } 910 } 911 } 912 if (cctx->canames) { 913 if (cctx->ssl) 914 SSL_set0_CA_list(cctx->ssl, cctx->canames); 915 else if (cctx->ctx) 916 SSL_CTX_set0_CA_list(cctx->ctx, cctx->canames); 917 else 918 sk_X509_NAME_pop_free(cctx->canames, X509_NAME_free); 919 cctx->canames = NULL; 920 } 921 return 1; 922 } 923 924 void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx) 925 { 926 if (cctx) { 927 size_t i; 928 for (i = 0; i < SSL_PKEY_NUM; i++) 929 OPENSSL_free(cctx->cert_filename[i]); 930 OPENSSL_free(cctx->prefix); 931 sk_X509_NAME_pop_free(cctx->canames, X509_NAME_free); 932 OPENSSL_free(cctx); 933 } 934 } 935 936 unsigned int SSL_CONF_CTX_set_flags(SSL_CONF_CTX *cctx, unsigned int flags) 937 { 938 cctx->flags |= flags; 939 return cctx->flags; 940 } 941 942 unsigned int SSL_CONF_CTX_clear_flags(SSL_CONF_CTX *cctx, unsigned int flags) 943 { 944 cctx->flags &= ~flags; 945 return cctx->flags; 946 } 947 948 int SSL_CONF_CTX_set1_prefix(SSL_CONF_CTX *cctx, const char *pre) 949 { 950 char *tmp = NULL; 951 if (pre) { 952 tmp = OPENSSL_strdup(pre); 953 if (tmp == NULL) 954 return 0; 955 } 956 OPENSSL_free(cctx->prefix); 957 cctx->prefix = tmp; 958 if (tmp) 959 cctx->prefixlen = strlen(tmp); 960 else 961 cctx->prefixlen = 0; 962 return 1; 963 } 964 965 void SSL_CONF_CTX_set_ssl(SSL_CONF_CTX *cctx, SSL *ssl) 966 { 967 cctx->ssl = ssl; 968 cctx->ctx = NULL; 969 if (ssl) { 970 cctx->poptions = &ssl->options; 971 cctx->min_version = &ssl->min_proto_version; 972 cctx->max_version = &ssl->max_proto_version; 973 cctx->pcert_flags = &ssl->cert->cert_flags; 974 cctx->pvfy_flags = &ssl->verify_mode; 975 } else { 976 cctx->poptions = NULL; 977 cctx->min_version = NULL; 978 cctx->max_version = NULL; 979 cctx->pcert_flags = NULL; 980 cctx->pvfy_flags = NULL; 981 } 982 } 983 984 void SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *cctx, SSL_CTX *ctx) 985 { 986 cctx->ctx = ctx; 987 cctx->ssl = NULL; 988 if (ctx) { 989 cctx->poptions = &ctx->options; 990 cctx->min_version = &ctx->min_proto_version; 991 cctx->max_version = &ctx->max_proto_version; 992 cctx->pcert_flags = &ctx->cert->cert_flags; 993 cctx->pvfy_flags = &ctx->verify_mode; 994 } else { 995 cctx->poptions = NULL; 996 cctx->min_version = NULL; 997 cctx->max_version = NULL; 998 cctx->pcert_flags = NULL; 999 cctx->pvfy_flags = NULL; 1000 } 1001 } 1002