lib/system.c

   1 /*
   2  * Copyright (C) 2010-2012 Free Software Foundation, Inc.
   3  *
   4  * Author: Nikos Mavrogiannopoulos
   5  *
   6  * This file is part of GnuTLS.
   7  *
   8  * The GnuTLS is free software; you can redistribute it and/or
   9  * modify it under the terms of the GNU Lesser General Public License
  10  * as published by the Free Software Foundation; either version 3 of
  11  * the License, or (at your option) any later version.
  12  *
  13  * This library is distributed in the hope that it will be useful, but
  14  * WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  16  * Lesser General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU Lesser General Public License
  19  * along with this program.  If not, see <http://www.gnu.org/licenses/>
  20  *
  21  */
  22
  23 #include <system.h>
  24 #include <gnutls_int.h>
  25 #include <gnutls_errors.h>
  26
  27 #include <errno.h>
  28 #include <sys/stat.h>
  29 #include <sys/types.h>
  30
  31 #ifdef _WIN32
  32 # include <windows.h>
  33 # include <Wincrypt.h>
  34
  35 #else
  36 # ifdef HAVE_PTHREAD_LOCKS
  37 #  include <pthread.h>
  38 # endif
  39
  40 # if defined(HAVE_GETPWUID_R)
  41 #  include <pwd.h>
  42 # endif
  43 #endif
  44
  45 /* We need to disable gnulib's replacement wrappers to get native
  46    Windows interfaces. */
  47 #undef recv
  48 #undef send
  49 #undef select
  50
  51 /* System specific function wrappers.
  52  */
  53
  54 /* wrappers for write() and writev()
  55  */
  56 #ifdef _WIN32
  57
  58 int
  59 system_errno (gnutls_transport_ptr p)
  60 {
  61   int tmperr = WSAGetLastError ();
  62   int ret = 0;
  63   switch (tmperr)
  64     {
  65     case WSAEWOULDBLOCK:
  66       ret = EAGAIN;
  67       break;
  68     case NO_ERROR:
  69       ret = 0;
  70       break;
  71     case WSAEINTR:
  72       ret = EINTR;
  73       break;
  74     case WSAEMSGSIZE:
  75       ret = EMSGSIZE;
  76       break;
  77     default:
  78       ret = EIO;
  79       break;
  80     }
  81   WSASetLastError (tmperr);
  82
  83   return ret;
  84 }
  85
  86 ssize_t
  87 system_write (gnutls_transport_ptr ptr, const void *data, size_t data_size)
  88 {
  89   return send (GNUTLS_POINTER_TO_INT (ptr), data, data_size, 0);
  90 }
  91 #else /* POSIX */
  92 int
  93 system_errno (gnutls_transport_ptr_t ptr)
  94 {
  95 #if defined(_AIX) || defined(AIX)
  96   if (errno == 0) errno = EAGAIN;
  97 #endif
  98
  99   return errno;
 100 }
 101
 102 ssize_t
 103 system_writev (gnutls_transport_ptr_t ptr, const giovec_t * iovec,
 104                int iovec_cnt)
 105 {
 106   return writev (GNUTLS_POINTER_TO_INT (ptr), (struct iovec *) iovec,
 107                  iovec_cnt);
 108
 109 }
 110 #endif
 111
 112 ssize_t
 113 system_read (gnutls_transport_ptr_t ptr, void *data, size_t data_size)
 114 {
 115   return recv (GNUTLS_POINTER_TO_INT (ptr), data, data_size, 0);
 116 }
 117
 118 /* Wait for data to be received within a timeout period in milliseconds.
 119  * To catch a termination it will also try to receive 0 bytes from the
 120  * socket if select reports to proceed.
 121  *
 122  * Returns -1 on error, 0 on timeout, positive value if data are available for reading.
 123  */
 124 int system_recv_timeout(gnutls_transport_ptr_t ptr, unsigned int ms)
 125 {
 126 fd_set rfds;
 127 struct timeval tv;
 128 int ret, ret2;
 129 int fd = GNUTLS_POINTER_TO_INT(ptr);
 130
 131   FD_ZERO(&rfds);
 132   FD_SET(fd, &rfds);
 133
 134   tv.tv_sec = 0;
 135   tv.tv_usec = ms * 1000;
 136
 137   while(tv.tv_usec >= 1000000)
 138     {
 139       tv.tv_usec -= 1000000;
 140       tv.tv_sec++;
 141     }
 142
 143   ret = select(fd+1, &rfds, NULL, NULL, &tv);
 144   if (ret <= 0)
 145     return ret;
 146
 147   ret2 = recv(fd, NULL, 0, MSG_PEEK);
 148   if (ret2 == -1)
 149     return ret2;
 150
 151   return ret;
 152 }
 153
 154 /* Thread stuff */
 155
 156 #ifdef HAVE_WIN32_LOCKS
 157
 158
 159 /* FIXME: win32 locks are untested */
 160 static int
 161 gnutls_system_mutex_init (void **priv)
 162 {
 163   CRITICAL_SECTION *lock = malloc (sizeof (CRITICAL_SECTION));
 164
 165   if (lock == NULL)
 166     return GNUTLS_E_MEMORY_ERROR;
 167
 168   InitializeCriticalSection (lock);
 169
 170   *priv = lock;
 171
 172   return 0;
 173 }
 174
 175 static int
 176 gnutls_system_mutex_deinit (void **priv)
 177 {
 178   DeleteCriticalSection ((CRITICAL_SECTION *) * priv);
 179   free (*priv);
 180
 181   return 0;
 182 }
 183
 184 static int
 185 gnutls_system_mutex_lock (void **priv)
 186 {
 187   EnterCriticalSection ((CRITICAL_SECTION *) * priv);
 188   return 0;
 189 }
 190
 191 static int
 192 gnutls_system_mutex_unlock (void **priv)
 193 {
 194   LeaveCriticalSection ((CRITICAL_SECTION *) * priv);
 195   return 0;
 196 }
 197
 198 #endif /* WIN32_LOCKS */
 199
 200 #ifdef HAVE_PTHREAD_LOCKS
 201
 202 static int
 203 gnutls_system_mutex_init (void **priv)
 204 {
 205   pthread_mutex_t *lock = malloc (sizeof (pthread_mutex_t));
 206   int ret;
 207
 208   if (lock == NULL)
 209     return GNUTLS_E_MEMORY_ERROR;
 210
 211   ret = pthread_mutex_init (lock, NULL);
 212   if (ret)
 213     {
 214       free (lock);
 215       gnutls_assert ();
 216       return GNUTLS_E_LOCKING_ERROR;
 217     }
 218
 219   *priv = lock;
 220
 221   return 0;
 222 }
 223
 224 static int
 225 gnutls_system_mutex_deinit (void **priv)
 226 {
 227   pthread_mutex_destroy ((pthread_mutex_t *) * priv);
 228   free (*priv);
 229   return 0;
 230 }
 231
 232 static int
 233 gnutls_system_mutex_lock (void **priv)
 234 {
 235   if (pthread_mutex_lock ((pthread_mutex_t *) * priv))
 236     {
 237       gnutls_assert ();
 238       return GNUTLS_E_LOCKING_ERROR;
 239     }
 240
 241   return 0;
 242 }
 243
 244 static int
 245 gnutls_system_mutex_unlock (void **priv)
 246 {
 247   if (pthread_mutex_unlock ((pthread_mutex_t *) * priv))
 248     {
 249       gnutls_assert ();
 250       return GNUTLS_E_LOCKING_ERROR;
 251     }
 252
 253   return 0;
 254 }
 255
 256 #endif /* PTHREAD_LOCKS */
 257
 258 #ifdef HAVE_NO_LOCKS
 259
 260 static int
 261 gnutls_system_mutex_init (void **priv)
 262 {
 263   return 0;
 264 }
 265
 266 static int
 267 gnutls_system_mutex_deinit (void **priv)
 268 {
 269   return 0;
 270 }
 271
 272 static int
 273 gnutls_system_mutex_lock (void **priv)
 274 {
 275   return 0;
 276 }
 277
 278 static int
 279 gnutls_system_mutex_unlock (void **priv)
 280 {
 281   return 0;
 282 }
 283
 284 #endif /* NO_LOCKS */
 285
 286 gnutls_time_func gnutls_time = time;
 287 mutex_init_func gnutls_mutex_init = gnutls_system_mutex_init;
 288 mutex_deinit_func gnutls_mutex_deinit = gnutls_system_mutex_deinit;
 289 mutex_lock_func gnutls_mutex_lock = gnutls_system_mutex_lock;
 290 mutex_unlock_func gnutls_mutex_unlock = gnutls_system_mutex_unlock;
 291
 292 #define CONFIG_PATH ".gnutls"
 293
 294 /* Returns a path to store user-specific configuration
 295  * data.
 296  */
 297 int _gnutls_find_config_path(char* path, size_t max_size)
 298 {
 299 char tmp_home_dir[1024];
 300 const char *home_dir = getenv ("HOME");
 301
 302 #ifdef _WIN32
 303   if (home_dir == NULL || home_dir[0] == '\0')
 304     {
 305       const char *home_drive = getenv ("HOMEDRIVE");
 306       const char *home_path = getenv ("HOMEPATH");
 307
 308       if (home_drive != NULL && home_path != NULL)
 309         {
 310           snprintf(tmp_home_dir, sizeof(tmp_home_dir), "%s%s", home_drive, home_path);
 311         }
 312       else
 313         {
 314           tmp_home_dir[0] = 0;
 315         }
 316
 317       home_dir = tmp_home_dir;
 318     }
 319 #elif defined(HAVE_GETPWUID_R)
 320   if (home_dir == NULL || home_dir[0] == '\0')
 321     {
 322       struct passwd *pwd;
 323       struct passwd _pwd;
 324       char buf[1024];
 325
 326       getpwuid_r(getuid(), &_pwd, buf, sizeof(buf), &pwd);
 327       if (pwd != NULL)
 328         {
 329           snprintf(tmp_home_dir, sizeof(tmp_home_dir), "%s", pwd->pw_dir);
 330         }
 331       else
 332         {
 333           tmp_home_dir[0] = 0;
 334         }
 335
 336       home_dir = tmp_home_dir;
 337     }
 338 #else
 339   if (home_dir == NULL || home_dir[0] == '\0')
 340     {
 341       tmp_home_dir[0] = 0;
 342       home_dir = tmp_home_dir;
 343     }
 344 #endif
 345
 346   if (home_dir == NULL || home_dir[0] == 0)
 347     path[0] = 0;
 348   else
 349     snprintf(path, max_size, "%s/"CONFIG_PATH, home_dir);
 350
 351   return 0;
 352 }
 353
 354 /**
 355  * gnutls_x509_trust_list_add_system_trust:
 356  * @list: The structure of the list
 357  * @tl_flags: GNUTLS_TL_*
 358  * @tl_vflags: gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL
 359  *
 360  * This function adds the system's default trusted certificate
 361  * authorities to the trusted list. Note that on unsupported system
 362  * this function returns %GNUTLS_E_UNIMPLEMENTED_FEATURE.
 363  *
 364  * Returns: The number of added elements or a negative error code on error.
 365  *
 366  * Since: 3.1
 367  **/
 368 int
 369 gnutls_x509_trust_list_add_system_trust(gnutls_x509_trust_list_t list,
 370                                         unsigned int tl_flags, unsigned int tl_vflags)
 371 {
 372 #if !defined(DEFAULT_TRUST_STORE_PKCS11) && !defined(DEFAULT_TRUST_STORE_FILE) && !defined(_WIN32)
 373   return GNUTLS_E_UNIMPLEMENTED_FEATURE;
 374 #else
 375   int ret, r = 0;
 376   const char* crl_file =
 377 # ifdef DEFAULT_CRL_FILE
 378   DEFAULT_CRL_FILE;
 379 # else
 380   NULL;
 381 # endif
 382
 383 # ifdef _WIN32
 384   unsigned int i;
 385
 386   for (i=0;i<2;i++)
 387   {
 388     HCERTSTORE store;
 389     const CERT_CONTEXT *cert;
 390     const CRL_CONTEXT *crl;
 391     gnutls_datum_t data;
 392
 393     if (i==0) store = CertOpenSystemStore(0, "ROOT");
 394     else store = CertOpenSystemStore(0, "CA");
 395
 396     if (store == NULL) return GNUTLS_E_FILE_ERROR;
 397
 398     cert = CertEnumCertificatesInStore(store, NULL);
 399     crl = CertEnumCRLsInStore(store, NULL);
 400
 401     while(cert != NULL)
 402       {
 403         if (cert->dwCertEncodingType == X509_ASN_ENCODING)
 404           {
 405             data.data = cert->pbCertEncoded;
 406             data.size = cert->cbCertEncoded;
 407             if (gnutls_x509_trust_list_add_trust_mem(list, &data, NULL, GNUTLS_X509_FMT_DER, tl_flags, tl_vflags) > 0)
 408               r++;
 409           }
 410         cert = CertEnumCertificatesInStore(store, cert);
 411       }
 412
 413     while(crl != NULL)
 414       {
 415         if (crl->dwCertEncodingType == X509_ASN_ENCODING)
 416           {
 417             data.data = crl->pbCrlEncoded;
 418             data.size = crl->cbCrlEncoded;
 419             gnutls_x509_trust_list_add_trust_mem(list, NULL, &data, GNUTLS_X509_FMT_DER, tl_flags, tl_vflags);
 420           }
 421         crl = CertEnumCRLsInStore(store, crl);
 422       }
 423     CertCloseStore(store, 0);
 424   }
 425 # endif
 426
 427 # if defined(ENABLE_PKCS11) && defined(DEFAULT_TRUST_STORE_PKCS11)
 428   ret = gnutls_x509_trust_list_add_trust_file(list, DEFAULT_TRUST_STORE_PKCS11, crl_file,
 429                                               GNUTLS_X509_FMT_DER, tl_flags, tl_vflags);
 430   if (ret > 0)
 431     r += ret;
 432 # endif
 433
 434 # ifdef DEFAULT_TRUST_STORE_FILE
 435   ret = gnutls_x509_trust_list_add_trust_file(list, DEFAULT_TRUST_STORE_FILE, crl_file,
 436                                               GNUTLS_X509_FMT_PEM, tl_flags, tl_vflags);
 437   if (ret > 0)
 438     r += ret;
 439 # endif
 440 #endif
 441
 442   return r;
 443 }