search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Update copyright year to 2015.
[libpwmd.git] / src / tls.c
blob25c90389322485a758f2e37262c2b28672ac019c
1 /*
2 Copyright (C) 2012, 2013, 2014, 2015
3 Ben Kibbey <bjk@luxsci.net>
4
5 This file is part of libpwmd.
6
7 Libpwmd is free software: you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation, either version 2 of the License, or
10 (at your option) any later version.
11
12 Libpwmd is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with Libpwmd. If not, see <http://www.gnu.org/licenses/>.
19 */
20 #ifdef HAVE_CONFIG_H
21 #include <config.h>
22 #endif
23
24 #include <stdio.h>
25 #include <stdlib.h>
26 #include <unistd.h>
27 #include <errno.h>
28 #include <ctype.h>
29 #include <sys/types.h>
30 #include <sys/socket.h>
31 #include <fcntl.h>
32
33 #ifdef HAVE_STRINGS_H
34 #include <strings.h>
35 #endif
36
37 #include "types.h"
38 #include "misc.h"
39
40 #define WAIT_INTERVAL 50000
41 #define TEST_TIMEOUT(timeout, ret, start, rc) \
42 do { \
43 if (ret == GNUTLS_E_AGAIN) \
44 { \
45 time_t now = time (NULL); \
46 if (timeout && now - start >= timeout) \
47 { \
48 rc = gpg_error (GPG_ERR_ETIMEDOUT); \
49 break; \
50 } \
51 struct timeval tv = { 0, WAIT_INTERVAL }; \
52 select (0, NULL, NULL, NULL, &tv); \
53 } \
54 if (ret != GNUTLS_E_INTERRUPTED) \
55 break; \
56 } \
57 while (0)
58
59 void
60 tls_free (pwm_t *pwm)
61 {
62 struct tls_s *tls = pwm->tcp->tls;
63 int ret = 0;
64
65 if (!tls)
66 return;
67
68 pwmd_free (tls->ca);
69 pwmd_free (tls->cert);
70 pwmd_free (tls->key);
71 pwmd_free (tls->priority);
72 pwmd_free (tls->server_fp);
73
74 if (tls->session)
75 {
76 time_t start = time (NULL);
77
78 do
79 {
80 gpg_error_t rc = 0;
81
82 ret = gnutls_bye (tls->session, GNUTLS_SHUT_WR);
83 TEST_TIMEOUT (tls->timeout, ret, start, rc);
84 if (rc)
85 break;
86 }
87 while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
88
89 gnutls_deinit (tls->session);
90 }
91 else if (pwm->fd != -1)
92 {
93 close (pwm->fd);
94 pwm->fd = -1;
95 }
96
97 if (tls->x509)
98 gnutls_certificate_free_credentials (tls->x509);
99
100 tls->session = NULL;
101 tls->x509 = NULL;
102 pwmd_free (tls);
103 pwm->tls_error = ret;
104 }
105
106 ssize_t
107 read_hook_tls (pwm_t *pwm, assuan_fd_t fd, void *data, size_t len)
108 {
109 struct tls_s *tls = pwm->tcp->tls;
110
111 if (*tls->fd == -1)
112 return -1;
113
114 ssize_t ret;
115 time_t start = time (NULL);
116
117 rehandshake:
118 do
119 {
120 gpg_error_t rc = 0;
121
122 ret = gnutls_record_recv (tls->session, data, len);
123 if (ret == GNUTLS_E_REHANDSHAKE)
124 {
125 ret = gnutls_rehandshake (tls->session);
126 if (ret == GNUTLS_E_GOT_APPLICATION_DATA)
127 goto rehandshake;
128 else if (ret != GNUTLS_E_SUCCESS)
129 {
130 pwm->tls_error = ret;
131 ret = 0;
132 break;
133 }
134
135 do
136 {
137 ret = gnutls_handshake (tls->session);
138 rc = 0;
139 TEST_TIMEOUT (tls->timeout, ret, start, rc);
140 if (rc)
141 {
142 close (*tls->fd);
143 *tls->fd = -1;
144 errno = ETIMEDOUT;
145 return -1;
146 }
147 }
148 while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
149
150 pwm->tls_error = ret;
151 if (rc)
152 break;
153
154 continue;
155 }
156
157 TEST_TIMEOUT (tls->timeout, ret, start, rc);
158 if (rc)
159 {
160 close (*tls->fd);
161 *tls->fd = -1;
162 errno = ETIMEDOUT;
163 return -1;
164 }
165 }
166 while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
167
168 if (ret < 0)
169 pwm->tls_error = ret;
170
171 if (!ret)
172 return 0;
173 else if (ret == GNUTLS_E_PREMATURE_TERMINATION)
174 errno = EPIPE;
175
176 return ret < 0 ? -1 : ret;
177 }
178
179 ssize_t
180 write_hook_tls (pwm_t *pwm, assuan_fd_t fd, const void *data, size_t len)
181 {
182 struct tls_s *tls = pwm->tcp->tls;
183
184 /* This is probably the BYE command after a previous call timed
185 * out. If not done, the time(2) call seems to hang.*/
186 if (*tls->fd == -1)
187 return -1;
188
189 ssize_t ret;
190 time_t start = time (NULL);
191
192 do
193 {
194 gpg_error_t rc = 0;
195
196 ret = gnutls_record_send (tls->session, data, len);
197 TEST_TIMEOUT (tls->timeout, ret, start, rc);
198 if (rc)
199 {
200 close (*tls->fd);
201 *tls->fd = -1;
202 errno = ETIMEDOUT;
203 return -1;
204 }
205 }
206 while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
207
208 if (ret < 0)
209 pwm->tls_error = ret;
210
211 if (!ret)
212 return 0;
213 else if (ret == GNUTLS_E_PREMATURE_TERMINATION)
214 errno = EPIPE;
215
216 return ret < 0 ? -1 : ret;
217 }
218
219 static gpg_error_t
220 tls_fingerprint (pwm_t *pwm, char **result)
221 {
222 gnutls_session_t ses = pwm->tcp->tls->session;
223 gnutls_x509_crt_t crt;
224 const gnutls_datum_t *cert_list;
225 unsigned count;
226 unsigned char buf[32];
227 size_t len = sizeof (buf);
228
229 *result = NULL;
230 gnutls_x509_crt_init (&crt);
231 if (!crt)
232 return GPG_ERR_ENOMEM;
233
234 cert_list = gnutls_certificate_get_peers (ses, &count);
235 if (count)
236 {
237 pwm->tls_error = gnutls_x509_crt_import (crt, &cert_list[0],
238 GNUTLS_X509_FMT_DER);
239 if (!pwm->tls_error)
240 gnutls_x509_crt_get_fingerprint (crt, GNUTLS_DIG_SHA256, buf, &len);
241 }
242
243 gnutls_x509_crt_deinit (crt);
244 if (!pwm->tls_error)
245 *result = bin2hex (buf, len);
246
247 return !pwm->tls_error ? 0 : GPG_ERR_ENOMEM;
248 }
249
250 static gpg_error_t
251 verify_certificate (pwm_t *pwm)
252 {
253 unsigned int status;
254 const gnutls_datum_t *cert_list;
255 unsigned int cert_list_size;
256 int i;
257 gnutls_x509_crt_t cert;
258 gpg_error_t rc = 0;
259
260 i = gnutls_certificate_verify_peers2 (pwm->tcp->tls->session, &status);
261 if (i < 0)
262 {
263 pwm->tls_error = i;
264 return GPG_ERR_BAD_CERT;
265 }
266
267 if (status & GNUTLS_CERT_INVALID)
268 return GPG_ERR_BAD_CERT;
269
270 if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
271 return GPG_ERR_BAD_SIGNATURE;
272
273 if (status & GNUTLS_CERT_REVOKED)
274 return GPG_ERR_CERT_REVOKED;
275
276 if (gnutls_certificate_type_get (pwm->tcp->tls->session) != GNUTLS_CRT_X509)
277 return GPG_ERR_UNSUPPORTED_CERT;
278
279 if (gnutls_x509_crt_init (&cert) < 0)
280 return gpg_error_from_errno (ENOMEM);
281
282 cert_list = gnutls_certificate_get_peers (pwm->tcp->tls->session,
283 &cert_list_size);
284 if (!cert_list)
285 {
286 rc = GPG_ERR_MISSING_CERT;
287 goto done;
288 }
289
290 for (i = 0; i < cert_list_size; i++)
291 {
292 pwm->tls_error = gnutls_x509_crt_import (cert, &cert_list[i],
293 GNUTLS_X509_FMT_DER);
294 if (pwm->tls_error < 0)
295 {
296 rc = GPG_ERR_BAD_CERT_CHAIN;
297 goto done;
298 }
299
300 if (gnutls_x509_crt_get_expiration_time (cert) < time (0))
301 {
302 rc = GPG_ERR_CERT_EXPIRED;
303 goto done;
304 }
305
306 if (gnutls_x509_crt_get_activation_time (cert) > time (0))
307 {
308 rc = GPG_ERR_CERT_TOO_YOUNG;
309 goto done;
310 }
311
312 if (pwm->tcp->tls->verify)
313 {
314 if (!gnutls_x509_crt_check_hostname (cert, pwm->tcp->host))
315 {
316 rc = GPG_ERR_BAD_CERT_CHAIN;
317 goto done;
318 }
319 }
320 }
321
322 if (pwm->tcp->tls->server_fp)
323 {
324 char *result;
325
326 rc = tls_fingerprint (pwm, &result);
327 if (!rc)
328 {
329 if (!result || !*result ||
330 strcasecmp (result, pwm->tcp->tls->server_fp))
331 rc = GPG_ERR_BAD_CERT;
332
333 pwmd_free (result);
334 }
335 }
336
337 done:
338 gnutls_x509_crt_deinit (cert);
339 return rc;
340 }
341
342 static gpg_error_t
343 tls_init (pwm_t * pwm)
344 {
345 gpg_error_t rc;
346 int ret;
347 const char *errstr;
348
349 ret = gnutls_certificate_allocate_credentials (&pwm->tcp->tls->x509);
350 if (ret)
351 {
352 pwm->tls_error = ret;
353 return gpg_error_from_errno (ENOMEM);
354 }
355
356 /* The client certificate must be signed by the CA of the pwmd server
357 * certificate in order for the client to authenticate successfully. Man in
358 * the middle attacks are still possible if the attacker is running a pwmd
359 * that doesn't require client certificate authentication. So require the
360 * client to verify the server certificate.
361 */
362 ret = gnutls_certificate_set_x509_trust_file (pwm->tcp->tls->x509,
363 pwm->tcp->tls->ca,
364 GNUTLS_X509_FMT_PEM);
365 if (ret == -1)
366 {
367 rc = GPG_ERR_INV_CERT_OBJ;
368 goto fail;
369 }
370
371 ret = gnutls_certificate_set_x509_key_file (pwm->tcp->tls->x509,
372 pwm->tcp->tls->cert,
373 pwm->tcp->tls->key,
374 GNUTLS_X509_FMT_PEM);
375 if (ret != GNUTLS_E_SUCCESS)
376 {
377 pwm->tls_error = ret;
378 rc = GPG_ERR_INV_CERT_OBJ;
379 goto fail;
380 }
381
382 ret = gnutls_init (&pwm->tcp->tls->session, GNUTLS_CLIENT);
383 if (ret != GNUTLS_E_SUCCESS)
384 {
385 pwm->tls_error = ret;
386 rc = GPG_ERR_INV_CERT_OBJ;
387 goto fail;
388 }
389
390 ret = gnutls_priority_set_direct (pwm->tcp->tls->session,
391 pwm->tcp->tls->priority ? pwm->tcp->tls->
392 priority : "SECURE256", &errstr);
393 if (ret != GNUTLS_E_SUCCESS)
394 {
395 pwm->tls_error = ret;
396 rc = GPG_ERR_INV_CERT_OBJ;
397 goto fail;
398 }
399
400 ret = gnutls_credentials_set (pwm->tcp->tls->session, GNUTLS_CRD_CERTIFICATE,
401 pwm->tcp->tls->x509);
402 if (ret != GNUTLS_E_SUCCESS)
403 {
404 pwm->tls_error = ret;
405 rc = GPG_ERR_INV_CERT_OBJ;
406 goto fail;
407 }
408
409 gnutls_transport_set_ptr (pwm->tcp->tls->session,
410 (gnutls_transport_ptr_t) pwm->fd);
411 fcntl (pwm->fd, F_SETFL, O_NONBLOCK);
412 time_t start = time (NULL);
413 do
414 {
415 ret = gnutls_handshake (pwm->tcp->tls->session);
416 rc = 0;
417 TEST_TIMEOUT (pwm->tcp->tls->timeout, ret, start, rc);
418 if (rc)
419 goto fail;
420 }
421 while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
422
423 if (ret != GNUTLS_E_SUCCESS)
424 {
425 pwm->tls_error = ret;
426 rc = GPG_ERR_INV_CERT_OBJ;
427 goto fail;
428 }
429
430 rc = verify_certificate (pwm);
431
432 fail:
433 if (rc)
434 {
435 /* Keep the original error since it maybe overwritten during TLS
436 * shutdown. */
437 ret = pwm->tls_error;
438 free_tcp (pwm);
439 pwm->tls_error = ret;
440 }
441
442 return rc;
443 }
444
445 gpg_error_t
446 _do_tls_connect (pwm_t * pwm, const char *host, int port,
447 const char *cert, const char *key, const char *cacert,
448 const char *prio, const char *server_fp, int verify)
449 {
450 struct tcp_s *tcp = pwmd_calloc (1, sizeof (struct tcp_s));
451 gpg_error_t rc;
452
453 if (!tcp)
454 return GPG_ERR_ENOMEM;
455
456 if (!cert || !key || !cacert)
457 {
458 pwmd_free (tcp);
459 return GPG_ERR_INV_ARG;
460 }
461
462 pwm->tcp = tcp;
463 tcp->port = port;
464 tcp->host = pwmd_strdup (host);
465 if (!tcp->host)
466 {
467 rc = GPG_ERR_ENOMEM;
468 goto fail;
469 }
470
471 tcp->tls = pwmd_calloc (1, sizeof (struct tls_s));
472 if (!tcp->tls)
473 {
474 rc = GPG_ERR_ENOMEM;
475 goto fail;
476 }
477
478 tcp->tls->timeout = pwm->socket_timeout;
479 tcp->tls->verify = verify;
480 tcp->tls->cert = pwmd_strdup (cert);
481 if (!tcp->tls->cert)
482 {
483 rc = GPG_ERR_ENOMEM;
484 goto fail;
485 }
486
487 tcp->tls->key = pwmd_strdup (key);
488 if (!tcp->tls->key)
489 {
490 rc = GPG_ERR_ENOMEM;
491 goto fail;
492 }
493
494 tcp->tls->ca = pwmd_strdup (cacert);
495 if (!tcp->tls->ca)
496 {
497 rc = GPG_ERR_ENOMEM;
498 goto fail;
499 }
500
501 if (prio)
502 {
503 tcp->tls->priority = pwmd_strdup (prio);
504 if (!tcp->tls->priority)
505 {
506 rc = GPG_ERR_ENOMEM;
507 goto fail;
508 }
509 }
510
511 if (server_fp)
512 {
513 tcp->tls->server_fp = pwmd_strdup (server_fp);
514 if (!tcp->tls->server_fp)
515 {
516 rc = GPG_ERR_ENOMEM;
517 goto fail;
518 }
519 }
520
521 rc = tcp_connect_common (pwm);
522 if (!rc)
523 {
524 rc = tls_init (pwm);
525 if (!rc)
526 {
527 pwm->tcp->fd = pwm->tcp->tls->fd = &pwm->fd;
528 rc = assuan_socket_connect_fd (pwm->ctx, pwm->fd, 0);
529 }
530 }
531
532 fail:
533 if (rc)
534 free_tcp (pwm);
535
536 return rc;
537 }
538
539 /*
540 * tls[46]://[hostname][:port]
541 */
542 gpg_error_t
543 _parse_tls_url (const char *str, char **host, int *port)
544 {
545 *port = 6466;
546 return parse_hostname_common (str, host, port);
547 }
An API for pwmd.