| blob | 36d83e9ce8ad2c34d2bbc705558f93e701162865 |
1 /***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at http://curl.haxx.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 * $Id: gtls.c,v 1.2 2007-03-15 19:22:13 andy Exp $
22 ***************************************************************************/
24 /*
25 * Source file for all GnuTLS-specific code for the TLS/SSL layer. No code
26 * but sslgen.c should ever call or use these functions.
27 *
28 * Note: don't use the GnuTLS' *_t variable type names in this source code,
29 * since they were not present in 1.0.X.
30 */
33 #ifdef USE_GNUTLS
34 #include <gnutls/gnutls.h>
35 #include <gnutls/x509.h>
37 #include <string.h>
38 #include <stdlib.h>
39 #include <ctype.h>
40 #ifdef HAVE_SYS_TYPES_H
41 #include <sys/types.h>
42 #endif
43 #ifdef HAVE_SYS_SOCKET_H
44 #include <sys/socket.h>
45 #endif
55 #include <curl/mprintf.h>
57 /* The last #include file should be: */
60 /* Enable GnuTLS debugging by defining GTLSDEBUG */
61 /*#define GTLSDEBUG */
63 #ifdef GTLSDEBUG
65 {
67 }
68 #endif
70 /*
71 * Custom push and pull callback functions used by GNU TLS to read and write
72 * to the socket. These functions are simple wrappers to send() and recv()
73 * (although here using the sread/swrite macros as defined by setup_once.h).
74 * We use custom functions rather than the GNU TLS defaults because it allows
75 * us to get specific about the fourth "flags" argument, and to use arbitrary
76 * private data with gnutls_transport_set_ptr if we wish.
77 */
79 {
81 }
84 {
86 }
88 /* Global GnuTLS init, called from Curl_ssl_init() */
90 {
92 #ifdef GTLSDEBUG
95 #endif
97 }
100 {
103 }
108 {
110 #ifdef HAVE_GMTIME_R
113 #else
115 #endif
117 BUFSIZE,
119 text,
128 }
130 /* this function does a BLOCKING SSL/TLS (re-)handshake */
132 gnutls_session session,
135 {
150 /* get the strictest timeout of the ones converted to milliseconds */
153 }
155 /* Evaluate in milliseconds how much time that has passed */
158 /* subtract the passed time */
162 /* a precaution, no need to continue if time already is up */
165 }
170 /* reabable or writable, go loop*/
173 /* timeout */
176 }
178 /* anything that gets here is fatally bad */
181 }
182 }
183 else
190 }
193 }
196 {
204 }
207 /*
208 * This function is called after the TCP connect has completed. Setup the TLS
209 * layer and do all necessary magic.
210 */
211 CURLcode
215 {
218 gnutls_session session;
223 gnutls_x509_crt x509_cert;
233 /* GnuTLS only supports TLSv1 (and SSLv3?) */
237 }
239 /* allocate a cred struct */
244 }
247 /* set the trusted CA cert bundle file */
249 GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
253 GNUTLS_X509_FMT_PEM);
259 }
260 else
263 }
265 /* Initialize TLS session as a client */
270 }
272 /* convenient assign */
275 /* Use default priorities */
280 /* Sets the priority on the certificate types supported by gnutls. Priority
281 is higher for types specified before others. After specifying the types
282 you want, you must append a 0. */
294 }
295 }
297 /* put the credentials to the current session */
301 /* set the connection handle (file descriptor for the socket) */
305 /* register callback functions to send and receive data. */
309 /* lowat must be set to zero when using custom push and pull functions. */
312 /* This might be a reconnect, so we check for a session ID in the cache
313 to speed up things */
316 /* we got a session id, use it! */
319 /* Informational message */
321 }
325 /* handshake() sets its own error message with failf() */
328 /* This function will return the peer's raw certificate (chain) as sent by
329 the peer. These certificates are in raw format (DER encoded for
330 X.509). In case of a X.509 then a certificate list may be present. The
331 first certificate in the list is the peer's certificate, following the
332 issuer's certificate, then the issuer's issuer etc. */
339 }
341 }
343 /* This function will try to verify the peer's certificate and return its
344 status (trusted, invalid etc.). The value of status should be one or more
345 of the gnutls_certificate_status_t enumerated elements bitwise or'd. To
346 avoid denial of service attacks some default upper limits regarding the
347 certificate key size and chain size are set. To override them use
348 gnutls_certificate_set_verify_limits(). */
354 }
356 /* verify_status is a bitmask of gnutls_certificate_status bits */
362 }
363 else
365 }
366 else
369 /* initialize an X.509 certificate structure. */
372 /* convert the given DER or PEM encoded Certificate to the native
373 gnutls_x509_crt_t format */
379 FALSE,
380 certbuf,
385 }
387 /* This function will check if the given certificate's subject matches the
388 given hostname. This is a basic implementation of the matching described
389 in RFC2818 (HTTPS), which takes into account wildcards, and the subject
390 alternative name PKIX extension. Returns non zero on success, and zero on
391 failure. */
400 }
401 else
404 }
405 else
408 /* Show:
410 - ciphers used
411 - subject
412 - start date
413 - expire date
414 - common name
415 - issuer
417 */
419 /* public key algorithm's parameters */
424 /* version of the X.509 certificate. */
445 /* compression algorithm (if any) */
447 /* the *_get_name() says "NULL" if GNUTLS_COMP_NULL is returned */
450 /* the name of the cipher used. ie 3DES. */
454 /* the MAC algorithms name. ie SHA1 */
459 /* this session was not previously in the cache, add it now */
461 /* get the session ID data size */
466 /* extract session ID to the allocated buffer */
469 /* store this session id */
471 }
472 }
475 }
478 /* return number of sent (non-SSL) bytes */
483 {
490 }
493 }
496 {
497 /* FIX: make the OpenSSL code more generic and use parts of it here */
499 }
503 {
507 }
509 }
512 {
517 }
519 /*
520 * This function is called to shut down the SSL layer but keep the
521 * socket open (CCC - Clear Command Channel)
522 */
524 {
529 ssize_t nread;
532 /* This has only been tested on the proftpd server, and the mod_tls code
533 sends a close notify alert without waiting for a close notify alert in
534 response. Thus we wait for a close notify alert from the server, but
535 we do not send one. Let's hope other servers do the same... */
542 /* Something to read, let's do it and hope that it is the close
543 notify alert from the server */
548 /* This is the expected response. There was no data but only
549 the close notify alert */
560 }
561 }
563 /* timeout */
567 }
569 /* anything that gets here is fatally bad */
573 }
574 }
576 }
583 }
585 /*
586 * If the read would block we return -1 and set 'wouldblock' to TRUE.
587 * Otherwise we return the amount of data read. Other errors should return -1
588 * and set 'wouldblock' to FALSE.
589 */
595 {
596 ssize_t ret;
602 }
605 /* BLOCKING call, this is bad but a work-around for now. Fixing this "the
606 proper way" takes a whole lot of work. */
609 /* handshake() writes error message on its own */
613 }
619 }
625 }
628 }
631 {
633 }
636 {
638 }