search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fixup for Coverity issue #101137.
[libpwmd.git] / src / tls.c
blob2624a24dab52bae11a4a8d9fd0597e0da5f5f933
1 /*
2 Copyright (C) 2012, 2013, 2014, 2015
3 Ben Kibbey <bjk@luxsci.net>
4
5 This file is part of libpwmd.
6
7 Libpwmd is free software: you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation, either version 2 of the License, or
10 (at your option) any later version.
11
12 Libpwmd is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with Libpwmd. If not, see <http://www.gnu.org/licenses/>.
19 */
20 #ifdef HAVE_CONFIG_H
21 #include <config.h>
22 #endif
23
24 #include <stdio.h>
25 #include <stdlib.h>
26 #include <unistd.h>
27 #include <errno.h>
28 #include <ctype.h>
29 #include <sys/types.h>
30 #include <sys/socket.h>
31 #include <fcntl.h>
32
33 #ifdef HAVE_STRINGS_H
34 #include <strings.h>
35 #endif
36
37 #include "types.h"
38 #include "misc.h"
39
40 #define DEFAULT_TLS_PRIORITY "SECURE256:SECURE192:SECURE128:-VERS-SSL3.0"
41 #define WAIT_INTERVAL 50000
42 #define TEST_TIMEOUT(timeout, ret, start, rc) \
43 do { \
44 if (ret == GNUTLS_E_AGAIN) \
45 { \
46 time_t now = time (NULL); \
47 if (timeout && now - start >= timeout) \
48 { \
49 rc = gpg_error (GPG_ERR_ETIMEDOUT); \
50 break; \
51 } \
52 struct timeval tv = { 0, WAIT_INTERVAL }; \
53 select (0, NULL, NULL, NULL, &tv); \
54 } \
55 if (ret != GNUTLS_E_INTERRUPTED) \
56 break; \
57 } \
58 while (0)
59
60 void
61 tls_free (pwm_t *pwm)
62 {
63 struct tls_s *tls = pwm->tcp->tls;
64 int ret = 0;
65
66 if (!tls)
67 return;
68
69 pwmd_free (tls->ca);
70 pwmd_free (tls->cert);
71 pwmd_free (tls->key);
72 pwmd_free (tls->priority);
73 pwmd_free (tls->server_fp);
74
75 if (tls->session)
76 {
77 time_t start = time (NULL);
78
79 do
80 {
81 gpg_error_t rc = 0;
82
83 ret = gnutls_bye (tls->session, GNUTLS_SHUT_WR);
84 TEST_TIMEOUT (tls->timeout, ret, start, rc);
85 if (rc)
86 break;
87 }
88 while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
89
90 gnutls_deinit (tls->session);
91 }
92 else if (pwm->fd != -1)
93 {
94 close (pwm->fd);
95 pwm->fd = -1;
96 }
97
98 if (tls->x509)
99 gnutls_certificate_free_credentials (tls->x509);
100
101 tls->session = NULL;
102 tls->x509 = NULL;
103 pwmd_free (tls);
104 pwm->tls_error = ret;
105 }
106
107 ssize_t
108 read_hook_tls (pwm_t *pwm, assuan_fd_t fd, void *data, size_t len)
109 {
110 struct tls_s *tls = pwm->tcp->tls;
111
112 if (*tls->fd == -1)
113 return -1;
114
115 ssize_t ret;
116 time_t start = time (NULL);
117
118 rehandshake:
119 do
120 {
121 gpg_error_t rc = 0;
122
123 ret = gnutls_record_recv (tls->session, data, len);
124 if (ret == GNUTLS_E_REHANDSHAKE)
125 {
126 ret = gnutls_rehandshake (tls->session);
127 if (ret == GNUTLS_E_GOT_APPLICATION_DATA)
128 goto rehandshake;
129 else if (ret != GNUTLS_E_SUCCESS)
130 {
131 pwm->tls_error = ret;
132 ret = 0;
133 break;
134 }
135
136 do
137 {
138 ret = gnutls_handshake (tls->session);
139 rc = 0;
140 TEST_TIMEOUT (tls->timeout, ret, start, rc);
141 if (rc)
142 {
143 close (*tls->fd);
144 *tls->fd = -1;
145 errno = ETIMEDOUT;
146 return -1;
147 }
148 }
149 while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
150
151 pwm->tls_error = ret;
152 continue;
153 }
154
155 TEST_TIMEOUT (tls->timeout, ret, start, rc);
156 if (rc)
157 {
158 close (*tls->fd);
159 *tls->fd = -1;
160 errno = ETIMEDOUT;
161 return -1;
162 }
163 }
164 while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
165
166 if (ret < 0)
167 pwm->tls_error = ret;
168
169 if (!ret)
170 return 0;
171 else if (ret == GNUTLS_E_PREMATURE_TERMINATION)
172 errno = EPIPE;
173
174 return ret < 0 ? -1 : ret;
175 }
176
177 ssize_t
178 write_hook_tls (pwm_t *pwm, assuan_fd_t fd, const void *data, size_t len)
179 {
180 struct tls_s *tls = pwm->tcp->tls;
181
182 /* This is probably the BYE command after a previous call timed
183 * out. If not done, the time(2) call seems to hang.*/
184 if (*tls->fd == -1)
185 return -1;
186
187 ssize_t ret;
188 time_t start = time (NULL);
189
190 do
191 {
192 gpg_error_t rc = 0;
193
194 ret = gnutls_record_send (tls->session, data, len);
195 TEST_TIMEOUT (tls->timeout, ret, start, rc);
196 if (rc)
197 {
198 close (*tls->fd);
199 *tls->fd = -1;
200 errno = ETIMEDOUT;
201 return -1;
202 }
203 }
204 while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
205
206 if (ret < 0)
207 pwm->tls_error = ret;
208
209 if (!ret)
210 return 0;
211 else if (ret == GNUTLS_E_PREMATURE_TERMINATION)
212 errno = EPIPE;
213
214 return ret < 0 ? -1 : ret;
215 }
216
217 static gpg_error_t
218 tls_fingerprint (pwm_t *pwm, char **result)
219 {
220 gnutls_session_t ses = pwm->tcp->tls->session;
221 gnutls_x509_crt_t crt;
222 const gnutls_datum_t *cert_list;
223 unsigned count;
224 unsigned char buf[32];
225 size_t len = sizeof (buf);
226
227 *result = NULL;
228 gnutls_x509_crt_init (&crt);
229 if (!crt)
230 return GPG_ERR_ENOMEM;
231
232 cert_list = gnutls_certificate_get_peers (ses, &count);
233 if (count)
234 {
235 pwm->tls_error = gnutls_x509_crt_import (crt, &cert_list[0],
236 GNUTLS_X509_FMT_DER);
237 if (!pwm->tls_error)
238 gnutls_x509_crt_get_fingerprint (crt, GNUTLS_DIG_SHA256, buf, &len);
239 }
240
241 gnutls_x509_crt_deinit (crt);
242 if (!count)
243 {
244 pwm->tls_error = GNUTLS_CERT_INVALID;
245 return GPG_ERR_MISSING_CERT;
246 }
247
248 if (!pwm->tls_error)
249 *result = bin2hex (buf, len);
250
251 return !pwm->tls_error ? 0 : GPG_ERR_ENOMEM;
252 }
253
254 static gpg_error_t
255 verify_server_certificate (unsigned status)
256 {
257 if (status & GNUTLS_CERT_REVOKED)
258 {
259 fprintf (stderr, "server certificate is revoked\n");
260 return GPG_ERR_CERT_REVOKED;
261 }
262
263 if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
264 {
265 fprintf (stderr, "server certificate has no signer\n");
266 return GPG_ERR_NO_SIGNATURE_SCHEME;
267 }
268
269 if (status & GNUTLS_CERT_SIGNATURE_FAILURE)
270 {
271 fprintf (stderr, "server certificate signature verification failed\n");
272 return GPG_ERR_BAD_SIGNATURE;
273 }
274
275 if (status & GNUTLS_CERT_EXPIRED)
276 {
277 fprintf (stderr, "server certificate expired\n");
278 return GPG_ERR_CERT_EXPIRED;
279 }
280
281 if (status & GNUTLS_CERT_SIGNER_NOT_CA)
282 {
283 fprintf (stderr, "server certificate signer is not from CA\n");
284 return GPG_ERR_BAD_CA_CERT;
285 }
286
287 if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
288 {
289 fprintf (stderr, "server certificate has insecure algorithm\n");
290 return GPG_ERR_UNSUPPORTED_ALGORITHM;
291 }
292
293 if (status)
294 {
295 fprintf (stderr, "server certificate is invalid: %u\n", status);
296 return GPG_ERR_BAD_CERT;
297 }
298
299 return 0;
300 }
301
302 static gpg_error_t
303 verify_certificate (pwm_t *pwm)
304 {
305 unsigned int status;
306 const gnutls_datum_t *cert_list;
307 unsigned int cert_list_size;
308 int i;
309 gnutls_x509_crt_t cert;
310 gpg_error_t rc = 0;
311
312 i = gnutls_certificate_verify_peers2 (pwm->tcp->tls->session, &status);
313 if (i < 0)
314 {
315 pwm->tls_error = i;
316 return GPG_ERR_BAD_CERT;
317 }
318
319 rc = verify_server_certificate (status);
320 if (rc)
321 return rc;
322
323 if (gnutls_certificate_type_get (pwm->tcp->tls->session) != GNUTLS_CRT_X509)
324 return GPG_ERR_UNSUPPORTED_CERT;
325
326 if (gnutls_x509_crt_init (&cert) < 0)
327 return gpg_error_from_errno (ENOMEM);
328
329 cert_list = gnutls_certificate_get_peers (pwm->tcp->tls->session,
330 &cert_list_size);
331 if (!cert_list)
332 {
333 rc = GPG_ERR_MISSING_CERT;
334 goto done;
335 }
336
337 for (i = 0; i < cert_list_size; i++)
338 {
339 pwm->tls_error = gnutls_x509_crt_import (cert, &cert_list[i],
340 GNUTLS_X509_FMT_DER);
341 if (pwm->tls_error < 0)
342 {
343 rc = GPG_ERR_BAD_CERT_CHAIN;
344 goto done;
345 }
346
347 if (gnutls_x509_crt_get_expiration_time (cert) < time (0))
348 {
349 rc = GPG_ERR_CERT_EXPIRED;
350 goto done;
351 }
352
353 if (gnutls_x509_crt_get_activation_time (cert) > time (0))
354 {
355 rc = GPG_ERR_CERT_TOO_YOUNG;
356 goto done;
357 }
358
359 if (pwm->tcp->tls->verify)
360 {
361 if (!gnutls_x509_crt_check_hostname (cert, pwm->tcp->host))
362 {
363 rc = GPG_ERR_BAD_CERT_CHAIN;
364 goto done;
365 }
366 }
367 }
368
369 if (pwm->tcp->tls->server_fp)
370 {
371 char *result;
372
373 rc = tls_fingerprint (pwm, &result);
374 if (!rc)
375 {
376 if (!result || !*result ||
377 strcasecmp (result, pwm->tcp->tls->server_fp))
378 rc = GPG_ERR_BAD_CERT;
379
380 pwmd_free (result);
381 }
382 }
383
384 done:
385 gnutls_x509_crt_deinit (cert);
386 return rc;
387 }
388
389 static gpg_error_t
390 tls_init (pwm_t * pwm)
391 {
392 gpg_error_t rc;
393 int ret;
394 const char *errstr;
395
396 ret = gnutls_certificate_allocate_credentials (&pwm->tcp->tls->x509);
397 if (ret)
398 {
399 pwm->tls_error = ret;
400 return gpg_error_from_errno (ENOMEM);
401 }
402
403 /* The client certificate must be signed by the CA of the pwmd server
404 * certificate in order for the client to authenticate successfully. Man in
405 * the middle attacks are still possible if the attacker is running a pwmd
406 * that doesn't require client certificate authentication. So require the
407 * client to verify the server certificate.
408 */
409 ret = gnutls_certificate_set_x509_trust_file (pwm->tcp->tls->x509,
410 pwm->tcp->tls->ca,
411 GNUTLS_X509_FMT_PEM);
412 if (ret == -1)
413 {
414 rc = GPG_ERR_INV_CERT_OBJ;
415 goto fail;
416 }
417
418 ret = gnutls_certificate_set_x509_key_file (pwm->tcp->tls->x509,
419 pwm->tcp->tls->cert,
420 pwm->tcp->tls->key,
421 GNUTLS_X509_FMT_PEM);
422 if (ret != GNUTLS_E_SUCCESS)
423 {
424 pwm->tls_error = ret;
425 rc = GPG_ERR_INV_CERT_OBJ;
426 goto fail;
427 }
428
429 ret = gnutls_init (&pwm->tcp->tls->session, GNUTLS_CLIENT);
430 if (ret != GNUTLS_E_SUCCESS)
431 {
432 pwm->tls_error = ret;
433 rc = GPG_ERR_INV_CERT_OBJ;
434 goto fail;
435 }
436
437 ret = gnutls_priority_set_direct (pwm->tcp->tls->session,
438 pwm->tcp->tls->priority
439 ? pwm->tcp->tls->priority
440 : DEFAULT_TLS_PRIORITY,
441 &errstr);
442 if (ret != GNUTLS_E_SUCCESS)
443 {
444 pwm->tls_error = ret;
445 rc = GPG_ERR_INV_CERT_OBJ;
446 goto fail;
447 }
448
449 ret = gnutls_credentials_set (pwm->tcp->tls->session, GNUTLS_CRD_CERTIFICATE,
450 pwm->tcp->tls->x509);
451 if (ret != GNUTLS_E_SUCCESS)
452 {
453 pwm->tls_error = ret;
454 rc = GPG_ERR_INV_CERT_OBJ;
455 goto fail;
456 }
457
458 gnutls_transport_set_ptr (pwm->tcp->tls->session,
459 (gnutls_transport_ptr_t) pwm->fd);
460 if (fcntl (pwm->fd, F_SETFL, O_NONBLOCK) == -1)
461 {
462 rc = gpg_error_from_errno (errno);
463 goto fail;
464 }
465
466 time_t start = time (NULL);
467 do
468 {
469 ret = gnutls_handshake (pwm->tcp->tls->session);
470 rc = 0;
471 TEST_TIMEOUT (pwm->tcp->tls->timeout, ret, start, rc);
472 if (rc)
473 goto fail;
474 }
475 while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
476
477 if (ret != GNUTLS_E_SUCCESS)
478 {
479 pwm->tls_error = ret;
480 rc = GPG_ERR_INV_CERT_OBJ;
481 goto fail;
482 }
483
484 rc = verify_certificate (pwm);
485
486 fail:
487 if (rc)
488 {
489 /* Keep the original error since it maybe overwritten during TLS
490 * shutdown. */
491 ret = pwm->tls_error;
492 /* The session may not have completed a handshake. Will crash during
493 * gnutls_bye(). */
494 gnutls_deinit (pwm->tcp->tls->session);
495 pwm->tcp->tls->session = NULL;
496 free_tcp (pwm);
497 pwm->tls_error = ret;
498 }
499
500 return rc;
501 }
502
503 gpg_error_t
504 _do_tls_connect (pwm_t * pwm, const char *host, int port,
505 const char *cert, const char *key, const char *cacert,
506 const char *prio, const char *server_fp, int verify)
507 {
508 struct tcp_s *tcp = pwmd_calloc (1, sizeof (struct tcp_s));
509 gpg_error_t rc;
510
511 if (!tcp)
512 return GPG_ERR_ENOMEM;
513
514 if (!cert || !key || !cacert)
515 {
516 pwmd_free (tcp);
517 return GPG_ERR_INV_ARG;
518 }
519
520 pwm->tcp = tcp;
521 tcp->port = port;
522 tcp->host = pwmd_strdup (host);
523 if (!tcp->host)
524 {
525 rc = GPG_ERR_ENOMEM;
526 goto fail;
527 }
528
529 tcp->tls = pwmd_calloc (1, sizeof (struct tls_s));
530 if (!tcp->tls)
531 {
532 rc = GPG_ERR_ENOMEM;
533 goto fail;
534 }
535
536 tcp->tls->timeout = pwm->socket_timeout;
537 tcp->tls->verify = verify;
538 tcp->tls->cert = pwmd_strdup (cert);
539 if (!tcp->tls->cert)
540 {
541 rc = GPG_ERR_ENOMEM;
542 goto fail;
543 }
544
545 tcp->tls->key = pwmd_strdup (key);
546 if (!tcp->tls->key)
547 {
548 rc = GPG_ERR_ENOMEM;
549 goto fail;
550 }
551
552 tcp->tls->ca = pwmd_strdup (cacert);
553 if (!tcp->tls->ca)
554 {
555 rc = GPG_ERR_ENOMEM;
556 goto fail;
557 }
558
559 if (prio)
560 {
561 tcp->tls->priority = pwmd_strdup (prio);
562 if (!tcp->tls->priority)
563 {
564 rc = GPG_ERR_ENOMEM;
565 goto fail;
566 }
567 }
568
569 if (server_fp)
570 {
571 tcp->tls->server_fp = pwmd_strdup (server_fp);
572 if (!tcp->tls->server_fp)
573 {
574 rc = GPG_ERR_ENOMEM;
575 goto fail;
576 }
577 }
578
579 rc = tcp_connect_common (pwm);
580 if (!rc)
581 {
582 rc = tls_init (pwm);
583 if (!rc)
584 {
585 pwm->tcp->fd = pwm->tcp->tls->fd = &pwm->fd;
586 rc = assuan_socket_connect_fd (pwm->ctx, pwm->fd, 0);
587 }
588 }
589
590 fail:
591 if (rc)
592 free_tcp (pwm);
593
594 return rc;
595 }
596
597 /*
598 * tls[46]://[hostname][:port]
599 */
600 gpg_error_t
601 _parse_tls_url (const char *str, char **host, int *port)
602 {
603 *port = 6466;
604 return parse_hostname_common (str, host, port);
605 }
An API for pwmd.