xref: /freebsd/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c (revision 19261079b74319502c6ffa1249920079f0f69a72)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3  *
4  * Copyright (c) 2008 Isilon Inc http://www.isilon.com/
5  * Authors: Doug Rabson <dfr@rabson.org>
6  * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org>
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27  * SUCH DAMAGE.
28  */
29 
30 /*
31  * Extensively modified from /usr/src/usr.sbin/gssd.c r344402 for
32  * the client side of kernel RPC-over-TLS by Rick Macklem.
33  */
34 
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
37 
38 #include <sys/param.h>
39 #include <sys/types.h>
40 #include <sys/queue.h>
41 #include <sys/linker.h>
42 #include <sys/module.h>
43 #include <sys/stat.h>
44 #include <sys/sysctl.h>
45 #include <sys/syslog.h>
46 #include <sys/time.h>
47 #include <err.h>
48 #include <getopt.h>
49 #include <libutil.h>
50 #include <netdb.h>
51 #include <signal.h>
52 #include <stdarg.h>
53 #include <stdbool.h>
54 #include <stdio.h>
55 #include <stdlib.h>
56 #include <string.h>
57 #include <unistd.h>
58 
59 #include <rpc/rpc.h>
60 #include <rpc/rpc_com.h>
61 #include <rpc/rpcsec_tls.h>
62 
63 #include <openssl/opensslconf.h>
64 #include <openssl/bio.h>
65 #include <openssl/ssl.h>
66 #include <openssl/err.h>
67 #include <openssl/x509v3.h>
68 
69 #include "rpctlscd.h"
70 #include "rpc.tlscommon.h"
71 
72 #ifndef _PATH_RPCTLSCDSOCK
73 #define _PATH_RPCTLSCDSOCK	"/var/run/rpc.tlsclntd.sock"
74 #endif
75 #ifndef	_PATH_CERTANDKEY
76 #define	_PATH_CERTANDKEY	"/etc/rpc.tlsclntd/"
77 #endif
78 #ifndef	_PATH_RPCTLSCDPID
79 #define	_PATH_RPCTLSCDPID	"/var/run/rpc.tlsclntd.pid"
80 #endif
81 
82 /* Global variables also used by rpc.tlscommon.c. */
83 int			rpctls_debug_level;
84 bool			rpctls_verbose;
85 SSL_CTX			*rpctls_ctx = NULL;
86 const char		*rpctls_verify_cafile = NULL;
87 const char		*rpctls_verify_capath = NULL;
88 char			*rpctls_crlfile = NULL;
89 bool			rpctls_cert = false;
90 bool			rpctls_gothup = false;
91 struct ssl_list		rpctls_ssllist;
92 
93 static struct pidfh	*rpctls_pfh = NULL;
94 static const char	*rpctls_certdir = _PATH_CERTANDKEY;
95 static const char	*rpctls_ciphers = NULL;
96 static uint64_t		rpctls_ssl_refno = 0;
97 static uint64_t		rpctls_ssl_sec = 0;
98 static uint64_t		rpctls_ssl_usec = 0;
99 
100 static void		rpctlscd_terminate(int);
101 static SSL_CTX		*rpctls_setupcl_ssl(void);
102 static SSL		*rpctls_connect(SSL_CTX *ctx, int s, char *certname,
103 			    u_int certlen, X509 **certp);
104 static void		rpctls_huphandler(int sig __unused);
105 
106 extern void rpctlscd_1(struct svc_req *rqstp, SVCXPRT *transp);
107 
108 static struct option longopts[] = {
109 	{ "certdir",		required_argument,	NULL,	'D' },
110 	{ "ciphers",		required_argument,	NULL,	'C' },
111 	{ "debuglevel",		no_argument,		NULL,	'd' },
112 	{ "verifylocs",		required_argument,	NULL,	'l' },
113 	{ "mutualverf",		no_argument,		NULL,	'm' },
114 	{ "verifydir",		required_argument,	NULL,	'p' },
115 	{ "crl",		required_argument,	NULL,	'r' },
116 	{ "verbose",		no_argument,		NULL,	'v' },
117 	{ NULL,			0,			NULL,	0  }
118 };
119 
120 int
121 main(int argc, char **argv)
122 {
123 	/*
124 	 * We provide an RPC service on a local-domain socket. The
125 	 * kernel rpctls code will upcall to this daemon to do the initial
126 	 * TLS handshake.
127 	 */
128 	struct sockaddr_un sun;
129 	int ch, fd, oldmask;
130 	SVCXPRT *xprt;
131 	bool tls_enable;
132 	struct timeval tm;
133 	struct timezone tz;
134 	pid_t otherpid;
135 	size_t tls_enable_len;
136 
137 	/* Check that another rpctlscd isn't already running. */
138 	rpctls_pfh = pidfile_open(_PATH_RPCTLSCDPID, 0600, &otherpid);
139 	if (rpctls_pfh == NULL) {
140 		if (errno == EEXIST)
141 			errx(1, "rpctlscd already running, pid: %d.", otherpid);
142 		warn("cannot open or create pidfile");
143 	}
144 
145 	/* Check to see that the ktls is enabled. */
146 	tls_enable_len = sizeof(tls_enable);
147 	if (sysctlbyname("kern.ipc.tls.enable", &tls_enable, &tls_enable_len,
148 	    NULL, 0) != 0 || !tls_enable)
149 		errx(1, "Kernel TLS not enabled");
150 
151 	/* Get the time when this daemon is started. */
152 	gettimeofday(&tm, &tz);
153 	rpctls_ssl_sec = tm.tv_sec;
154 	rpctls_ssl_usec = tm.tv_usec;
155 
156 	rpctls_verbose = false;
157 	while ((ch = getopt_long(argc, argv, "CD:dl:mp:r:v", longopts, NULL)) !=
158 	    -1) {
159 		switch (ch) {
160 		case 'C':
161 			rpctls_ciphers = optarg;
162 			break;
163 		case 'D':
164 			rpctls_certdir = optarg;
165 			break;
166 		case 'd':
167 			rpctls_debug_level++;
168 			break;
169 		case 'l':
170 			rpctls_verify_cafile = optarg;
171 			break;
172 		case 'm':
173 			rpctls_cert = true;
174 			break;
175 		case 'p':
176 			rpctls_verify_capath = optarg;
177 			break;
178 		case 'r':
179 			rpctls_crlfile = optarg;
180 			break;
181 		case 'v':
182 			rpctls_verbose = true;
183 			break;
184 		default:
185 			fprintf(stderr, "usage: %s "
186 			    "[-C/--ciphers preferred_ciphers] "
187 			    "[-D/--certdir certdir] [-d/--debuglevel] "
188 			    "[-l/--verifylocs CAfile] [-m/--mutualverf] "
189 			    "[-p/--verifydir CApath] [-r/--crl CRLfile] "
190 			    "[-v/--verbose]\n", argv[0]);
191 			exit(1);
192 			break;
193 		}
194 	}
195 	if (rpctls_crlfile != NULL && rpctls_verify_cafile == NULL &&
196 	    rpctls_verify_capath == NULL)
197 		errx(1, "-r requires the -l <CAfile> and/or "
198 		    "-p <CApath> options");
199 
200 	if (modfind("krpc") < 0) {
201 		/* Not present in kernel, try loading it */
202 		if (kldload("krpc") < 0 || modfind("krpc") < 0)
203 			errx(1, "Kernel RPC is not available");
204 	}
205 
206 	/*
207 	 * Set up the SSL_CTX *.
208 	 * Do it now, before daemonizing, in case the private key
209 	 * is encrypted and requires a passphrase to be entered.
210 	 */
211 	rpctls_ctx = rpctls_setupcl_ssl();
212 	if (rpctls_ctx == NULL) {
213 		if (rpctls_debug_level == 0) {
214 			syslog(LOG_ERR, "Can't set up TLS context");
215 			exit(1);
216 		}
217 		err(1, "Can't set up TLS context");
218 	}
219 	LIST_INIT(&rpctls_ssllist);
220 
221 	if (!rpctls_debug_level) {
222 		if (daemon(0, 0) != 0)
223 			err(1, "Can't daemonize");
224 		signal(SIGINT, SIG_IGN);
225 		signal(SIGQUIT, SIG_IGN);
226 		signal(SIGHUP, SIG_IGN);
227 	}
228 	signal(SIGTERM, rpctlscd_terminate);
229 	signal(SIGPIPE, SIG_IGN);
230 	signal(SIGHUP, rpctls_huphandler);
231 
232 	pidfile_write(rpctls_pfh);
233 
234 	memset(&sun, 0, sizeof sun);
235 	sun.sun_family = AF_LOCAL;
236 	unlink(_PATH_RPCTLSCDSOCK);
237 	strcpy(sun.sun_path, _PATH_RPCTLSCDSOCK);
238 	sun.sun_len = SUN_LEN(&sun);
239 	fd = socket(AF_LOCAL, SOCK_STREAM, 0);
240 	if (fd < 0) {
241 		if (rpctls_debug_level == 0) {
242 			syslog(LOG_ERR, "Can't create local rpctlscd socket");
243 			exit(1);
244 		}
245 		err(1, "Can't create local rpctlscd socket");
246 	}
247 	oldmask = umask(S_IXUSR|S_IRWXG|S_IRWXO);
248 	if (bind(fd, (struct sockaddr *)&sun, sun.sun_len) < 0) {
249 		if (rpctls_debug_level == 0) {
250 			syslog(LOG_ERR, "Can't bind local rpctlscd socket");
251 			exit(1);
252 		}
253 		err(1, "Can't bind local rpctlscd socket");
254 	}
255 	umask(oldmask);
256 	if (listen(fd, SOMAXCONN) < 0) {
257 		if (rpctls_debug_level == 0) {
258 			syslog(LOG_ERR,
259 			    "Can't listen on local rpctlscd socket");
260 			exit(1);
261 		}
262 		err(1, "Can't listen on local rpctlscd socket");
263 	}
264 	xprt = svc_vc_create(fd, RPC_MAXDATASIZE, RPC_MAXDATASIZE);
265 	if (!xprt) {
266 		if (rpctls_debug_level == 0) {
267 			syslog(LOG_ERR,
268 			    "Can't create transport for local rpctlscd socket");
269 			exit(1);
270 		}
271 		err(1, "Can't create transport for local rpctlscd socket");
272 	}
273 	if (!svc_reg(xprt, RPCTLSCD, RPCTLSCDVERS, rpctlscd_1, NULL)) {
274 		if (rpctls_debug_level == 0) {
275 			syslog(LOG_ERR,
276 			    "Can't register service for local rpctlscd socket");
277 			exit(1);
278 		}
279 		err(1, "Can't register service for local rpctlscd socket");
280 	}
281 
282 	rpctls_syscall(RPCTLS_SYSC_CLSETPATH, _PATH_RPCTLSCDSOCK);
283 
284 	rpctls_svc_run();
285 
286 	rpctls_syscall(RPCTLS_SYSC_CLSHUTDOWN, "");
287 
288 	SSL_CTX_free(rpctls_ctx);
289 	EVP_cleanup();
290 	return (0);
291 }
292 
293 bool_t
294 rpctlscd_null_1_svc(__unused void *argp, __unused void *result,
295     __unused struct svc_req *rqstp)
296 {
297 
298 	rpctls_verbose_out("rpctlscd_null: done\n");
299 	return (TRUE);
300 }
301 
302 bool_t
303 rpctlscd_connect_1_svc(struct rpctlscd_connect_arg *argp,
304     struct rpctlscd_connect_res *result, __unused struct svc_req *rqstp)
305 {
306 	int s;
307 	SSL *ssl;
308 	struct ssl_entry *newslp;
309 	X509 *cert;
310 
311 	rpctls_verbose_out("rpctlsd_connect: started\n");
312 	/* Get the socket fd from the kernel. */
313 	s = rpctls_syscall(RPCTLS_SYSC_CLSOCKET, "");
314 	if (s < 0) {
315 		result->reterr = RPCTLSERR_NOSOCKET;
316 		return (TRUE);
317 	}
318 
319 	/* Do a TLS connect handshake. */
320 	ssl = rpctls_connect(rpctls_ctx, s, argp->certname.certname_val,
321 	    argp->certname.certname_len, &cert);
322 	if (ssl == NULL) {
323 		rpctls_verbose_out("rpctlsd_connect: can't do TLS "
324 		    "handshake\n");
325 		result->reterr = RPCTLSERR_NOSSL;
326 	} else {
327 		result->reterr = RPCTLSERR_OK;
328 		result->sec = rpctls_ssl_sec;
329 		result->usec = rpctls_ssl_usec;
330 		result->ssl = ++rpctls_ssl_refno;
331 		/* Hard to believe this will ever wrap around.. */
332 		if (rpctls_ssl_refno == 0)
333 			result->ssl = ++rpctls_ssl_refno;
334 	}
335 
336 	if (ssl == NULL) {
337 		/*
338 		 * For RPC-over-TLS, this upcall is expected
339 		 * to close off the socket.
340 		 */
341 		close(s);
342 		return (TRUE);
343 	}
344 
345 	/* Maintain list of all current SSL *'s */
346 	newslp = malloc(sizeof(*newslp));
347 	newslp->refno = rpctls_ssl_refno;
348 	newslp->s = s;
349 	newslp->shutoff = false;
350 	newslp->ssl = ssl;
351 	newslp->cert = cert;
352 	LIST_INSERT_HEAD(&rpctls_ssllist, newslp, next);
353 	return (TRUE);
354 }
355 
356 bool_t
357 rpctlscd_handlerecord_1_svc(struct rpctlscd_handlerecord_arg *argp,
358     struct rpctlscd_handlerecord_res *result, __unused struct svc_req *rqstp)
359 {
360 	struct ssl_entry *slp;
361 	int ret;
362 	char junk;
363 
364 	slp = NULL;
365 	if (argp->sec == rpctls_ssl_sec && argp->usec ==
366 	    rpctls_ssl_usec) {
367 		LIST_FOREACH(slp, &rpctls_ssllist, next) {
368 			if (slp->refno == argp->ssl)
369 				break;
370 		}
371 	}
372 
373 	if (slp != NULL) {
374 		rpctls_verbose_out("rpctlscd_handlerecord fd=%d\n",
375 		    slp->s);
376 		/*
377 		 * An SSL_read() of 0 bytes should fail, but it should
378 		 * handle the non-application data record before doing so.
379 		 */
380 		ret = SSL_read(slp->ssl, &junk, 0);
381 		if (ret <= 0) {
382 			/* Check to see if this was a close alert. */
383 			ret = SSL_get_shutdown(slp->ssl);
384 			if ((ret & (SSL_SENT_SHUTDOWN |
385 			    SSL_RECEIVED_SHUTDOWN)) == SSL_RECEIVED_SHUTDOWN)
386 				SSL_shutdown(slp->ssl);
387 		} else {
388 			if (rpctls_debug_level == 0)
389 				syslog(LOG_ERR, "SSL_read returned %d", ret);
390 			else
391 				fprintf(stderr, "SSL_read returned %d\n", ret);
392 		}
393 		result->reterr = RPCTLSERR_OK;
394 	} else
395 		result->reterr = RPCTLSERR_NOSSL;
396 	return (TRUE);
397 }
398 
399 bool_t
400 rpctlscd_disconnect_1_svc(struct rpctlscd_disconnect_arg *argp,
401     struct rpctlscd_disconnect_res *result, __unused struct svc_req *rqstp)
402 {
403 	struct ssl_entry *slp;
404 	int ret;
405 
406 	slp = NULL;
407 	if (argp->sec == rpctls_ssl_sec && argp->usec ==
408 	    rpctls_ssl_usec) {
409 		LIST_FOREACH(slp, &rpctls_ssllist, next) {
410 			if (slp->refno == argp->ssl)
411 				break;
412 		}
413 	}
414 
415 	if (slp != NULL) {
416 		rpctls_verbose_out("rpctlscd_disconnect: fd=%d closed\n",
417 		    slp->s);
418 		LIST_REMOVE(slp, next);
419 		if (!slp->shutoff) {
420 			ret = SSL_get_shutdown(slp->ssl);
421 			/*
422 			 * Do an SSL_shutdown() unless a close alert has
423 			 * already been sent.
424 			 */
425 			if ((ret & SSL_SENT_SHUTDOWN) == 0)
426 				SSL_shutdown(slp->ssl);
427 		}
428 		SSL_free(slp->ssl);
429 		if (slp->cert != NULL)
430 			X509_free(slp->cert);
431 		/*
432 		 * For RPC-over-TLS, this upcall is expected
433 		 * to close off the socket.
434 		 */
435 		if (!slp->shutoff)
436 			shutdown(slp->s, SHUT_WR);
437 		close(slp->s);
438 		free(slp);
439 		result->reterr = RPCTLSERR_OK;
440 	} else
441 		result->reterr = RPCTLSERR_NOCLOSE;
442 	return (TRUE);
443 }
444 
445 int
446 rpctlscd_1_freeresult(__unused SVCXPRT *transp, __unused xdrproc_t xdr_result,
447     __unused caddr_t result)
448 {
449 
450 	return (TRUE);
451 }
452 
453 static void
454 rpctlscd_terminate(int sig __unused)
455 {
456 
457 	rpctls_syscall(RPCTLS_SYSC_CLSHUTDOWN, "");
458 	pidfile_remove(rpctls_pfh);
459 	exit(0);
460 }
461 
462 static SSL_CTX *
463 rpctls_setupcl_ssl(void)
464 {
465 	SSL_CTX *ctx;
466 	long flags;
467 	char path[PATH_MAX];
468 	size_t len, rlen;
469 	int ret;
470 
471 	SSL_library_init();
472 	SSL_load_error_strings();
473 	OpenSSL_add_all_algorithms();
474 
475 	ctx = SSL_CTX_new(TLS_client_method());
476 	if (ctx == NULL) {
477 		rpctls_verbose_out("rpctls_setupcl_ssl: SSL_CTX_new "
478 		    "failed\n");
479 		return (NULL);
480 	}
481 	SSL_CTX_set_ecdh_auto(ctx, 1);
482 
483 	if (rpctls_ciphers != NULL) {
484 		/*
485 		 * Set preferred ciphers, since KERN_TLS only supports a
486 		 * few of them.
487 		 */
488 		ret = SSL_CTX_set_cipher_list(ctx, rpctls_ciphers);
489 		if (ret == 0) {
490 			rpctls_verbose_out("rpctls_setupcl_ssl: "
491 			    "SSL_CTX_set_cipher_list failed: %s\n",
492 			    rpctls_ciphers);
493 			SSL_CTX_free(ctx);
494 			return (NULL);
495 		}
496 	}
497 
498 	/*
499 	 * If rpctls_cert is true, a certificate and key exists in
500 	 * rpctls_certdir, so that it can do mutual authentication.
501 	 */
502 	if (rpctls_cert) {
503 		/* Get the cert.pem and certkey.pem files. */
504 		len = strlcpy(path, rpctls_certdir, sizeof(path));
505 		rlen = sizeof(path) - len;
506 		if (strlcpy(&path[len], "cert.pem", rlen) != 8) {
507 			SSL_CTX_free(ctx);
508 			return (NULL);
509 		}
510 		ret = SSL_CTX_use_certificate_file(ctx, path,
511 		    SSL_FILETYPE_PEM);
512 		if (ret != 1) {
513 			rpctls_verbose_out("rpctls_setupcl_ssl: can't use "
514 			    "certificate file path=%s ret=%d\n", path, ret);
515 			SSL_CTX_free(ctx);
516 			return (NULL);
517 		}
518 		if (strlcpy(&path[len], "certkey.pem", rlen) != 11) {
519 			SSL_CTX_free(ctx);
520 			return (NULL);
521 		}
522 		ret = SSL_CTX_use_PrivateKey_file(ctx, path,
523 		    SSL_FILETYPE_PEM);
524 		if (ret != 1) {
525 			rpctls_verbose_out("rpctls_setupcl_ssl: Can't use "
526 			    "private key path=%s ret=%d\n", path, ret);
527 			SSL_CTX_free(ctx);
528 			return (NULL);
529 		}
530 	}
531 
532 	if (rpctls_verify_cafile != NULL || rpctls_verify_capath != NULL) {
533 		if (rpctls_crlfile != NULL) {
534 			ret = rpctls_loadcrlfile(ctx);
535 			if (ret == 0) {
536 				rpctls_verbose_out("rpctls_setupcl_ssl: "
537 				    "Load CRLfile failed\n");
538 				SSL_CTX_free(ctx);
539 				return (NULL);
540 			}
541 		}
542 #if OPENSSL_VERSION_NUMBER >= 0x30000000
543 		ret = 1;
544 		if (rpctls_verify_cafile != NULL)
545 			ret = SSL_CTX_load_verify_file(ctx,
546 			    rpctls_verify_cafile);
547 		if (ret != 0 && rpctls_verify_capath != NULL)
548 			ret = SSL_CTX_load_verify_dir(ctx,
549 			    rpctls_verify_capath);
550 #else
551 		ret = SSL_CTX_load_verify_locations(ctx,
552 		    rpctls_verify_cafile, rpctls_verify_capath);
553 #endif
554 		if (ret == 0) {
555 			rpctls_verbose_out("rpctls_setupcl_ssl: "
556 			    "Can't load verify locations\n");
557 			SSL_CTX_free(ctx);
558 			return (NULL);
559 		}
560 		/*
561 		 * The man page says that the
562 		 * SSL_CTX_set0_CA_list() call is not normally
563 		 * needed, but I believe it is harmless.
564 		 */
565 		if (rpctls_verify_cafile != NULL)
566 			SSL_CTX_set0_CA_list(ctx,
567 			    SSL_load_client_CA_file(rpctls_verify_cafile));
568 	}
569 
570 	/* RPC-over-TLS must use TLSv1.3, according to the IETF draft.*/
571 #ifdef notyet
572 	flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 |
573 	    SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2;
574 #else
575 	flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1_3;
576 #endif
577 #ifdef SSL_OP_ENABLE_KTLS
578 	flags |= SSL_OP_ENABLE_KTLS;
579 #endif
580 	SSL_CTX_set_options(ctx, flags);
581 #ifdef SSL_MODE_NO_KTLS_TX
582 	SSL_CTX_clear_mode(ctx, SSL_MODE_NO_KTLS_TX | SSL_MODE_NO_KTLS_RX);
583 #endif
584 	return (ctx);
585 }
586 
587 static SSL *
588 rpctls_connect(SSL_CTX *ctx, int s, char *certname, u_int certlen, X509 **certp)
589 {
590 	SSL *ssl;
591 	X509 *cert;
592 	struct sockaddr_storage ad;
593 	struct sockaddr *sad;
594 	char hostnam[NI_MAXHOST], path[PATH_MAX];
595 	int gethostret, ret;
596 	char *cp, *cp2;
597 	size_t len, rlen;
598 	long verfret;
599 
600 	*certp = NULL;
601 	sad = (struct sockaddr *)&ad;
602 	ssl = SSL_new(ctx);
603 	if (ssl == NULL) {
604 		rpctls_verbose_out("rpctls_connect: "
605 		    "SSL_new failed\n");
606 		return (NULL);
607 	}
608 	if (SSL_set_fd(ssl, s) != 1) {
609 		rpctls_verbose_out("rpctls_connect: "
610 		    "SSL_set_fd failed\n");
611 		SSL_free(ssl);
612 		return (NULL);
613 	}
614 
615 	/*
616 	 * If rpctls_cert is true and certname is set, a alternate certificate
617 	 * and key exists in files named <certname>.pem and <certname>key.pem
618 	 * in rpctls_certdir that is to be used for mutual authentication.
619 	 */
620 	if (rpctls_cert && certlen > 0) {
621 		len = strlcpy(path, rpctls_certdir, sizeof(path));
622 		rlen = sizeof(path) - len;
623 		if (rlen <= certlen) {
624 			SSL_free(ssl);
625 			return (NULL);
626 		}
627 		memcpy(&path[len], certname, certlen);
628 		rlen -= certlen;
629 		len += certlen;
630 		path[len] = '\0';
631 		if (strlcpy(&path[len], ".pem", rlen) != 4) {
632 			SSL_free(ssl);
633 			return (NULL);
634 		}
635 		ret = SSL_use_certificate_file(ssl, path, SSL_FILETYPE_PEM);
636 		if (ret != 1) {
637 			rpctls_verbose_out("rpctls_connect: can't use "
638 			    "certificate file path=%s ret=%d\n", path, ret);
639 			SSL_free(ssl);
640 			return (NULL);
641 		}
642 		if (strlcpy(&path[len], "key.pem", rlen) != 7) {
643 			SSL_free(ssl);
644 			return (NULL);
645 		}
646 		ret = SSL_use_PrivateKey_file(ssl, path, SSL_FILETYPE_PEM);
647 		if (ret != 1) {
648 			rpctls_verbose_out("rpctls_connect: Can't use "
649 			    "private key path=%s ret=%d\n", path, ret);
650 			SSL_free(ssl);
651 			return (NULL);
652 		}
653 	}
654 
655 	ret = SSL_connect(ssl);
656 	if (ret != 1) {
657 		rpctls_verbose_out("rpctls_connect: "
658 		    "SSL_connect failed %d\n",
659 		    ret);
660 		SSL_free(ssl);
661 		return (NULL);
662 	}
663 
664 	cert = SSL_get_peer_certificate(ssl);
665 	if (cert == NULL) {
666 		rpctls_verbose_out("rpctls_connect: get peer"
667 		    " certificate failed\n");
668 		SSL_free(ssl);
669 		return (NULL);
670 	}
671 	gethostret = rpctls_gethost(s, sad, hostnam, sizeof(hostnam));
672 	if (gethostret == 0)
673 		hostnam[0] = '\0';
674 	verfret = SSL_get_verify_result(ssl);
675 	if (verfret == X509_V_OK && (rpctls_verify_cafile != NULL ||
676 	    rpctls_verify_capath != NULL) && (gethostret == 0 ||
677 	    rpctls_checkhost(sad, cert, X509_CHECK_FLAG_NO_WILDCARDS) != 1))
678 		verfret = X509_V_ERR_HOSTNAME_MISMATCH;
679 	if (verfret != X509_V_OK && (rpctls_verify_cafile != NULL ||
680 	    rpctls_verify_capath != NULL)) {
681 		if (verfret != X509_V_OK) {
682 			cp = X509_NAME_oneline(X509_get_issuer_name(cert),
683 			    NULL, 0);
684 			cp2 = X509_NAME_oneline(X509_get_subject_name(cert),
685 			    NULL, 0);
686 			if (rpctls_debug_level == 0)
687 				syslog(LOG_INFO | LOG_DAEMON,
688 				    "rpctls_connect: client IP %s "
689 				    "issuerName=%s subjectName=%s verify "
690 				    "failed %s\n", hostnam, cp, cp2,
691 				    X509_verify_cert_error_string(verfret));
692 			else
693 				fprintf(stderr,
694 				    "rpctls_connect: client IP %s "
695 				    "issuerName=%s subjectName=%s verify "
696 				    "failed %s\n", hostnam, cp, cp2,
697 				    X509_verify_cert_error_string(verfret));
698 		}
699 		X509_free(cert);
700 		SSL_free(ssl);
701 		return (NULL);
702 	}
703 
704 	/* Check to see if ktls is enabled on the connection. */
705 	ret = BIO_get_ktls_send(SSL_get_wbio(ssl));
706 	rpctls_verbose_out("rpctls_connect: BIO_get_ktls_send=%d\n", ret);
707 	if (ret != 0) {
708 		ret = BIO_get_ktls_recv(SSL_get_rbio(ssl));
709 		rpctls_verbose_out("rpctls_connect: BIO_get_ktls_recv=%d\n",
710 		    ret);
711 	}
712 	if (ret == 0) {
713 		if (rpctls_debug_level == 0)
714 			syslog(LOG_ERR, "ktls not working\n");
715 		else
716 			fprintf(stderr, "ktls not working\n");
717 		X509_free(cert);
718 		SSL_free(ssl);
719 		return (NULL);
720 	}
721 	if (ret == X509_V_OK && (rpctls_verify_cafile != NULL ||
722 	    rpctls_verify_capath != NULL) && rpctls_crlfile != NULL)
723 		*certp = cert;
724 	else
725 		X509_free(cert);
726 
727 	return (ssl);
728 }
729 
730 static void
731 rpctls_huphandler(int sig __unused)
732 {
733 
734 	rpctls_gothup = true;
735 }
736