| blob | 2ebbc78b37e7d1d0b1aa0275770254f4e80ac254 |
1 /***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at http://curl.haxx.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 * $Id: gtls.c,v 1.1.1.1 2008-09-23 16:32:05 hoffman Exp $
22 ***************************************************************************/
24 /*
25 * Source file for all GnuTLS-specific code for the TLS/SSL layer. No code
26 * but sslgen.c should ever call or use these functions.
27 *
28 * Note: don't use the GnuTLS' *_t variable type names in this source code,
29 * since they were not present in 1.0.X.
30 */
33 #ifdef USE_GNUTLS
34 #include <gnutls/gnutls.h>
35 #include <gnutls/x509.h>
37 #include <string.h>
38 #include <stdlib.h>
39 #include <ctype.h>
40 #ifdef HAVE_SYS_SOCKET_H
41 #include <sys/socket.h>
42 #endif
53 #include <curl/mprintf.h>
55 /* The last #include file should be: */
58 /* Enable GnuTLS debugging by defining GTLSDEBUG */
59 /*#define GTLSDEBUG */
61 #ifdef GTLSDEBUG
63 {
65 }
66 #endif
68 /*
69 * Custom push and pull callback functions used by GNU TLS to read and write
70 * to the socket. These functions are simple wrappers to send() and recv()
71 * (although here using the sread/swrite macros as defined by setup_once.h).
72 * We use custom functions rather than the GNU TLS defaults because it allows
73 * us to get specific about the fourth "flags" argument, and to use arbitrary
74 * private data with gnutls_transport_set_ptr if we wish.
75 */
77 {
79 }
82 {
84 }
86 /* Global GnuTLS init, called from Curl_ssl_init() */
88 {
89 /* Unfortunately we can not init here, things like curl --version will
90 * fail to work if there is no egd socket available because libgcrypt
91 * will EXIT the application!!
92 * By doing the actual init later (before actually trying to use GnuTLS),
93 * we can at least provide basic info etc.
94 */
96 }
99 {
103 #ifdef GTLSDEBUG
106 #endif
108 }
110 }
113 {
117 }
119 }
124 {
126 #ifdef HAVE_GMTIME_R
129 #else
131 #endif
133 BUFSIZE,
135 text,
144 }
147 {
160 }
165 }
169 }
172 /* this function does a BLOCKING SSL/TLS (re-)handshake */
174 gnutls_session session,
177 {
189 /* a precaution, no need to continue if time already is up */
192 }
197 /* reabable or writable, go loop*/
200 /* timeout */
203 }
205 /* anything that gets here is fatally bad */
208 }
209 }
210 else
217 }
220 }
223 {
231 }
234 /*
235 * This function is called after the TCP connect has completed. Setup the TLS
236 * layer and do all necessary magic.
237 */
238 CURLcode
242 {
245 gnutls_session session;
251 gnutls_datum issuerp;
260 #ifdef ENABLE_IPV6
262 #else
264 #endif
269 /* GnuTLS only supports SSLv3 and TLSv1 */
273 }
275 /* allocate a cred struct */
280 }
283 /* set the trusted CA cert bundle file */
285 GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
289 GNUTLS_X509_FMT_PEM);
295 }
296 else
299 }
302 /* set the CRL list file */
305 GNUTLS_X509_FMT_PEM);
310 }
311 else
314 }
316 /* Initialize TLS session as a client */
321 }
323 /* convenient assign */
327 #ifdef ENABLE_IPV6
329 #endif
335 /* Use default priorities */
345 }
347 /* Sets the priority on the certificate types supported by gnutls. Priority
348 is higher for types specified before others. After specifying the types
349 you want, you must append a 0. */
363 }
364 }
366 /* put the credentials to the current session */
370 /* set the connection handle (file descriptor for the socket) */
374 /* register callback functions to send and receive data. */
378 /* lowat must be set to zero when using custom push and pull functions. */
381 /* This might be a reconnect, so we check for a session ID in the cache
382 to speed up things */
385 /* we got a session id, use it! */
388 /* Informational message */
390 }
394 /* handshake() sets its own error message with failf() */
397 /* This function will return the peer's raw certificate (chain) as sent by
398 the peer. These certificates are in raw format (DER encoded for
399 X.509). In case of a X.509 then a certificate list may be present. The
400 first certificate in the list is the peer's certificate, following the
401 issuer's certificate, then the issuer's issuer etc. */
410 }
412 }
415 /* This function will try to verify the peer's certificate and return its
416 status (trusted, invalid etc.). The value of status should be one or
417 more of the gnutls_certificate_status_t enumerated elements bitwise
418 or'd. To avoid denial of service attacks some default upper limits
419 regarding the certificate key size and chain size are set. To override
420 them use gnutls_certificate_set_verify_limits(). */
426 }
428 /* verify_status is a bitmask of gnutls_certificate_status bits */
435 }
436 else
438 }
439 else
441 }
442 else
445 /* initialize an X.509 certificate structure. */
448 /* convert the given DER or PEM encoded Certificate to the native
449 gnutls_x509_crt_t format */
462 }
465 }
470 FALSE,
471 certbuf,
476 }
478 /* This function will check if the given certificate's subject matches the
479 given hostname. This is a basic implementation of the matching described
480 in RFC2818 (HTTPS), which takes into account wildcards, and the subject
481 alternative name PKIX extension. Returns non zero on success, and zero on
482 failure. */
491 }
492 else
495 }
496 else
499 /* Check for time-based validity */
505 }
511 }
512 else
514 }
515 else
523 }
529 }
530 else
532 }
533 else
536 /* Show:
538 - ciphers used
539 - subject
540 - start date
541 - expire date
542 - common name
543 - issuer
545 */
547 /* public key algorithm's parameters */
552 /* version of the X.509 certificate. */
573 /* compression algorithm (if any) */
575 /* the *_get_name() says "NULL" if GNUTLS_COMP_NULL is returned */
578 /* the name of the cipher used. ie 3DES. */
582 /* the MAC algorithms name. ie SHA1 */
589 /* this session was not previously in the cache, add it now */
591 /* get the session ID data size */
596 /* extract session ID to the allocated buffer */
599 /* store this session id */
601 }
602 }
605 }
608 /* return number of sent (non-SSL) bytes */
613 {
620 }
623 }
626 {
627 /* FIX: make the OpenSSL code more generic and use parts of it here */
629 }
633 {
638 }
642 }
643 }
646 {
648 }
650 /*
651 * This function is called to shut down the SSL layer but keep the
652 * socket open (CCC - Clear Command Channel)
653 */
655 {
662 /* This has only been tested on the proftpd server, and the mod_tls code
663 sends a close notify alert without waiting for a close notify alert in
664 response. Thus we wait for a close notify alert from the server, but
665 we do not send one. Let's hope other servers do the same... */
675 /* Something to read, let's do it and hope that it is the close
676 notify alert from the server */
681 /* This is the expected response. There was no data but only
682 the close notify alert */
693 }
694 }
696 /* timeout */
700 }
702 /* anything that gets here is fatally bad */
706 }
707 }
709 }
716 }
718 /*
719 * If the read would block we return -1 and set 'wouldblock' to TRUE.
720 * Otherwise we return the amount of data read. Other errors should return -1
721 * and set 'wouldblock' to FALSE.
722 */
728 {
729 ssize_t ret;
735 }
738 /* BLOCKING call, this is bad but a work-around for now. Fixing this "the
739 proper way" takes a whole lot of work. */
742 /* handshake() writes error message on its own */
746 }
752 }
758 }
761 }
764 {
766 }
769 {
771 }