lisp/net/gnutls.el

   1 ;;; gnutls.el --- Support SSL/TLS connections through GnuTLS
   2
   3 ;; Copyright (C) 2010-2013 Free Software Foundation, Inc.
   4
   5 ;; Author: Ted Zlatanov <tzz@lifelogs.com>
   6 ;; Keywords: comm, tls, ssl, encryption
   7 ;; Originally-By: Simon Josefsson (See http://josefsson.org/emacs-security/)
   8 ;; Thanks-To: Lars Magne Ingebrigtsen <larsi@gnus.org>
   9
  10 ;; This file is part of GNU Emacs.
  11
  12 ;; GNU Emacs is free software: you can redistribute it and/or modify
  13 ;; it under the terms of the GNU General Public License as published by
  14 ;; the Free Software Foundation, either version 3 of the License, or
  15 ;; (at your option) any later version.
  16
  17 ;; GNU Emacs is distributed in the hope that it will be useful,
  18 ;; but WITHOUT ANY WARRANTY; without even the implied warranty of
  19 ;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  20 ;; GNU General Public License for more details.
  21
  22 ;; You should have received a copy of the GNU General Public License
  23 ;; along with GNU Emacs.  If not, see <http://www.gnu.org/licenses/>.
  24
  25 ;;; Commentary:
  26
  27 ;; This package provides language bindings for the GnuTLS library
  28 ;; using the corresponding core functions in gnutls.c.  It should NOT
  29 ;; be used directly, only through open-protocol-stream.
  30
  31 ;; Simple test:
  32 ;;
  33 ;; (open-gnutls-stream "tls" "tls-buffer" "yourserver.com" "https")
  34 ;; (open-gnutls-stream "tls" "tls-buffer" "imap.gmail.com" "imaps")
  35
  36 ;;; Code:
  37
  38 (eval-when-compile (require 'cl-lib))
  39
  40 (defgroup gnutls nil
  41   "Emacs interface to the GnuTLS library."
  42   :version "24.1"
  43   :prefix "gnutls-"
  44   :group 'net-utils)
  45
  46 (defcustom gnutls-algorithm-priority nil
  47   "If non-nil, this should be a TLS priority string.
  48 For instance, if you want to skip the \"dhe-rsa\" algorithm,
  49 set this variable to \"normal:-dhe-rsa\"."
  50   :group 'gnutls
  51   :type '(choice (const nil)
  52                  string))
  53
  54 (defcustom gnutls-verify-error nil
  55   "If non-nil, this should be a list of checks per hostname regex or t."
  56   :group 'gnutls
  57   :type '(choice
  58           (const t)
  59           (repeat :tag "List of hostname regexps with flags for each"
  60            (list
  61             (choice :tag "Hostname"
  62                     (const ".*" :tag "Any hostname")
  63                     regexp)
  64             (set (const :trustfiles)
  65                  (const :hostname))))))
  66
  67 (defcustom gnutls-trustfiles
  68   '(
  69     "/etc/ssl/certs/ca-certificates.crt" ; Debian, Ubuntu, Gentoo and Arch Linux
  70     "/etc/pki/tls/certs/ca-bundle.crt"   ; Fedora and RHEL
  71     "/etc/ssl/ca-bundle.pem"             ; Suse
  72     "/usr/ssl/certs/ca-bundle.crt"       ; Cygwin
  73     )
  74   "List of CA bundle location filenames or a function returning said list.
  75 The files may be in PEM or DER format, as per the GnuTLS documentation.
  76 The files may not exist, in which case they will be ignored."
  77   :group 'gnutls
  78   :type '(choice (function :tag "Function to produce list of bundle filenames")
  79                  (repeat (file :tag "Bundle filename"))))
  80
  81 ;;;###autoload
  82 (defcustom gnutls-min-prime-bits 256
  83   ;; Several mail servers send fewer bits than the GnuTLS default.
  84   ;; Currently, 256 appears to be a reasonable choice (Bug#11267).
  85   "Minimum number of prime bits accepted by GnuTLS for key exchange.
  86 During a Diffie-Hellman handshake, if the server sends a prime
  87 number with fewer than this number of bits, the handshake is
  88 rejected.  \(The smaller the prime number, the less secure the
  89 key exchange is against man-in-the-middle attacks.)
  90
  91 A value of nil says to use the default GnuTLS value."
  92   :type '(choice (const :tag "Use default value" nil)
  93                  (integer :tag "Number of bits" 512))
  94   :group 'gnutls)
  95
  96 (defun open-gnutls-stream (name buffer host service)
  97   "Open a SSL/TLS connection for a service to a host.
  98 Returns a subprocess-object to represent the connection.
  99 Input and output work as for subprocesses; `delete-process' closes it.
 100 Args are NAME BUFFER HOST SERVICE.
 101 NAME is name for process.  It is modified if necessary to make it unique.
 102 BUFFER is the buffer (or `buffer-name') to associate with the process.
 103  Process output goes at end of that buffer, unless you specify
 104  an output stream or filter function to handle the output.
 105  BUFFER may be also nil, meaning that this process is not associated
 106  with any buffer
 107 Third arg is name of the host to connect to, or its IP address.
 108 Fourth arg SERVICE is name of the service desired, or an integer
 109 specifying a port number to connect to.
 110
 111 Usage example:
 112
 113   \(with-temp-buffer
 114     \(open-gnutls-stream \"tls\"
 115                         \(current-buffer)
 116                         \"your server goes here\"
 117                         \"imaps\"))
 118
 119 This is a very simple wrapper around `gnutls-negotiate'.  See its
 120 documentation for the specific parameters you can use to open a
 121 GnuTLS connection, including specifying the credential type,
 122 trust and key files, and priority string."
 123   (gnutls-negotiate :process (open-network-stream name buffer host service)
 124                     :type 'gnutls-x509pki
 125                     :hostname host))
 126
 127 (define-error 'gnutls-error "GnuTLS error")
 128
 129 (declare-function gnutls-boot "gnutls.c" (proc type proplist))
 130 (declare-function gnutls-errorp "gnutls.c" (error))
 131 (defvar gnutls-log-level)               ; gnutls.c
 132
 133 (cl-defun gnutls-negotiate
 134     (&rest spec
 135            &key process type hostname priority-string
 136            trustfiles crlfiles keylist min-prime-bits
 137            verify-flags verify-error verify-hostname-error
 138            &allow-other-keys)
 139   "Negotiate a SSL/TLS connection.  Returns proc.  Signals gnutls-error.
 140
 141 Note arguments are passed CL style, :type TYPE instead of just TYPE.
 142
 143 TYPE is `gnutls-x509pki' (default) or `gnutls-anon'.  Use nil for the default.
 144 PROCESS is a process returned by `open-network-stream'.
 145 HOSTNAME is the remote hostname.  It must be a valid string.
 146 PRIORITY-STRING is as per the GnuTLS docs, default is \"NORMAL\".
 147 TRUSTFILES is a list of CA bundles.  It defaults to `gnutls-trustfiles'.
 148 CRLFILES is a list of CRL files.
 149 KEYLIST is an alist of (client key file, client cert file) pairs.
 150 MIN-PRIME-BITS is the minimum acceptable size of Diffie-Hellman keys
 151 \(see `gnutls-min-prime-bits' for more information).  Use nil for the
 152 default.
 153
 154 VERIFY-HOSTNAME-ERROR is a backwards compatibility option for
 155 putting `:hostname' in VERIFY-ERROR.
 156
 157 When VERIFY-ERROR is t or a list containing `:trustfiles', an
 158 error will be raised when the peer certificate verification fails
 159 as per GnuTLS' gnutls_certificate_verify_peers2.  Otherwise, only
 160 warnings will be shown about the verification failure.
 161
 162 When VERIFY-ERROR is t or a list containing `:hostname', an error
 163 will be raised when the hostname does not match the presented
 164 certificate's host name.  The exact verification algorithm is a
 165 basic implementation of the matching described in
 166 RFC2818 (HTTPS), which takes into account wildcards, and the
 167 DNSName/IPAddress subject alternative name PKIX extension.  See
 168 GnuTLS' gnutls_x509_crt_check_hostname for details.  Otherwise,
 169 only a warning will be issued.
 170
 171 Note that the list in `gnutls-verify-error', matched against the
 172 HOSTNAME, is the default VERIFY-ERROR.
 173
 174 VERIFY-FLAGS is a numeric OR of verification flags only for
 175 `gnutls-x509pki' connections.  See GnuTLS' x509.h for details;
 176 here's a recent version of the list.
 177
 178     GNUTLS_VERIFY_DISABLE_CA_SIGN = 1,
 179     GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT = 2,
 180     GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 4,
 181     GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 8,
 182     GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 16,
 183     GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 32,
 184     GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 64,
 185     GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 128,
 186     GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 256
 187
 188 It must be omitted, a number, or nil; if omitted or nil it
 189 defaults to GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT."
 190   (let* ((type (or type 'gnutls-x509pki))
 191          (trustfiles (or trustfiles
 192                          (delq nil
 193                                (mapcar (lambda (f) (and f (file-exists-p f) f))
 194                                        (if (functionp gnutls-trustfiles)
 195                                            (funcall gnutls-trustfiles)
 196                                          gnutls-trustfiles)))))
 197          (priority-string (or priority-string
 198                               (cond
 199                                ((eq type 'gnutls-anon)
 200                                 "NORMAL:+ANON-DH:!ARCFOUR-128")
 201                                ((eq type 'gnutls-x509pki)
 202                                 (if gnutls-algorithm-priority
 203                                     (upcase gnutls-algorithm-priority)
 204                                   "NORMAL")))))
 205          (verify-error (or verify-error
 206                            ;; this uses the value of `gnutls-verify-error'
 207                            (cond
 208                             ;; if t, pass it on
 209                             ((eq gnutls-verify-error t)
 210                              t)
 211                             ;; if a list, look for hostname matches
 212                             ((listp gnutls-verify-error)
 213                              (mapcan
 214                               (lambda (check)
 215                                 (when (string-match (car check) hostname)
 216                                   (cdr check)))
 217                               gnutls-verify-error))
 218                             ;; else it's nil
 219                             (t nil))))
 220          (min-prime-bits (or min-prime-bits gnutls-min-prime-bits))
 221          params ret)
 222
 223     (when verify-hostname-error
 224       (push :hostname verify-error))
 225
 226     (setq params `(:priority ,priority-string
 227                              :hostname ,hostname
 228                              :loglevel ,gnutls-log-level
 229                              :min-prime-bits ,min-prime-bits
 230                              :trustfiles ,trustfiles
 231                              :crlfiles ,crlfiles
 232                              :keylist ,keylist
 233                              :verify-flags ,verify-flags
 234                              :verify-error ,verify-error
 235                              :callbacks nil))
 236
 237     (gnutls-message-maybe
 238      (setq ret (gnutls-boot process type params))
 239      "boot: %s" params)
 240
 241     (when (gnutls-errorp ret)
 242       ;; This is a error from the underlying C code.
 243       (signal 'gnutls-error (list process ret)))
 244
 245     process))
 246
 247 (declare-function gnutls-error-string "gnutls.c" (error))
 248
 249 (defun gnutls-message-maybe (doit format &rest params)
 250   "When DOIT, message with the caller name followed by FORMAT on PARAMS."
 251   ;; (apply 'debug format (or params '(nil)))
 252   (when (gnutls-errorp doit)
 253     (message "%s: (err=[%s] %s) %s"
 254              "gnutls.el"
 255              doit (gnutls-error-string doit)
 256              (apply 'format format (or params '(nil))))))
 257
 258 (provide 'gnutls)
 259
 260 ;;; gnutls.el ends here