src/tls.c

   1 /*
   2     Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015
   3     Ben Kibbey <bjk@luxsci.net>
   4
   5     This file is part of pwmd.
   6
   7     Pwmd is free software: you can redistribute it and/or modify
   8     it under the terms of the GNU General Public License as published by
   9     the Free Software Foundation, either version 2 of the License, or
  10     (at your option) any later version.
  11
  12     Pwmd is distributed in the hope that it will be useful,
  13     but WITHOUT ANY WARRANTY; without even the implied warranty of
  14     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15     GNU General Public License for more details.
  16
  17     You should have received a copy of the GNU General Public License
  18     along with Pwmd.  If not, see <http://www.gnu.org/licenses/>.
  19 */
  20 #include <gnutls/x509.h>
  21
  22 #ifdef HAVE_CONFIG_H
  23 #include <config.h>
  24 #endif
  25
  26 #include <errno.h>
  27
  28 #ifdef HAVE_STRINGS_H
  29 #include <strings.h>
  30 #endif
  31
  32 #include "pwmd-error.h"
  33 #include "mem.h"
  34 #include "util-misc.h"
  35 #include "util-string.h"
  36 #include "common.h"
  37 #include "tls.h"
  38 #include "mutex.h"
  39
  40 #define WAIT_INTERVAL 50000
  41 #define TEST_TIMEOUT(timeout, ret, start, rc)                           \
  42   do {                                                                  \
  43     if (ret == GNUTLS_E_AGAIN)                                          \
  44       {                                                                 \
  45         time_t now = time (NULL);                                       \
  46         if (timeout && now - start >= timeout)                          \
  47           {                                                             \
  48             rc = gpg_error (GPG_ERR_ETIMEDOUT);                         \
  49             break;                                                      \
  50           }                                                             \
  51         struct timeval tv = { 0, WAIT_INTERVAL };                       \
  52         select (0, NULL, NULL, NULL, &tv);                              \
  53       }                                                                 \
  54     if (ret != GNUTLS_E_INTERRUPTED)                                    \
  55       break;                                                            \
  56   }                                                                     \
  57   while (0)
  58
  59 static char *
  60 tls_fingerprint (gnutls_session_t ses)
  61 {
  62   gnutls_x509_crt_t crt;
  63   const gnutls_datum_t *cert_list;
  64   unsigned count;
  65   unsigned char buf[32];
  66   size_t len = sizeof (buf);
  67
  68   gnutls_x509_crt_init (&crt);
  69   if (!crt)
  70     {
  71       log_write ("%s(%i): %s(): %s", __FILE__, __LINE__, __FUNCTION__,
  72                  gnutls_strerror (GNUTLS_E_MEMORY_ERROR));
  73       return NULL;
  74     }
  75
  76   cert_list = gnutls_certificate_get_peers (ses, &count);
  77   if (count)
  78     {
  79       gnutls_x509_crt_import (crt, &cert_list[0], GNUTLS_X509_FMT_DER);
  80       gnutls_x509_crt_get_fingerprint (crt, GNUTLS_DIG_SHA256, buf, &len);
  81       gnutls_x509_crt_deinit (crt);
  82
  83       return len ? bin2hex (buf, len) : NULL;
  84     }
  85
  86   gnutls_x509_crt_deinit (crt);
  87   return NULL;
  88 }
  89
  90 static int
  91 verify_client_certificate (unsigned status)
  92 {
  93   if (!status)
  94     return 0;
  95
  96   if (status & GNUTLS_CERT_REVOKED)
  97     log_write (_("client certificate is revoked"));
  98
  99   if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
 100     log_write (_("client certificate has no signer"));
 101
 102   if (status & GNUTLS_CERT_SIGNATURE_FAILURE)
 103     log_write (_("client certificate signature verification failed"));
 104
 105   if (status & GNUTLS_CERT_EXPIRED)
 106     log_write (_("client certificate expired"));
 107
 108   if (status & GNUTLS_CERT_SIGNER_NOT_CA)
 109     log_write (_("client certificate signer is not from CA"));
 110
 111   if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
 112     log_write (_("client certificate has insecure algorithm"));
 113
 114   if (status & GNUTLS_CERT_INVALID)
 115     log_write (_("client certificate is invalid"));
 116
 117   return GNUTLS_E_CERTIFICATE_ERROR;
 118 }
 119
 120 struct tls_s *
 121 tls_init (int fd, int timeout, const char *prio)
 122 {
 123   struct tls_s *tls = xcalloc (1, sizeof (struct tls_s));
 124   int ret;
 125   unsigned status;
 126   const char *prio_error;
 127   gnutls_kx_algorithm_t kx;
 128   gpg_error_t rc = 0;
 129
 130   if (!tls)
 131     {
 132       log_write ("%s(%i): %s: %s", __FILE__, __LINE__, __FUNCTION__,
 133                  strerror (ENOMEM));
 134       return NULL;
 135     }
 136
 137   ret = gnutls_init (&tls->ses, GNUTLS_SERVER);
 138   if (ret != GNUTLS_E_SUCCESS)
 139     goto fail;
 140
 141   ret = gnutls_priority_set_direct (tls->ses, prio, &prio_error);
 142   if (ret != GNUTLS_E_SUCCESS)
 143     goto fail;
 144
 145   ret = gnutls_credentials_set (tls->ses, GNUTLS_CRD_CERTIFICATE, x509_cred);
 146   if (ret != GNUTLS_E_SUCCESS)
 147     goto fail;
 148
 149   gnutls_certificate_server_set_request (tls->ses, GNUTLS_CERT_REQUIRE);
 150   gnutls_transport_set_ptr (tls->ses, (gnutls_transport_ptr_t) fd);
 151   time_t start = time (NULL);
 152   do
 153     {
 154       ret = gnutls_handshake (tls->ses);
 155       TEST_TIMEOUT (timeout, ret, start, rc);
 156       if (rc)
 157         goto fail;
 158     }
 159   while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
 160
 161   if (ret != GNUTLS_E_SUCCESS)
 162     goto fail;
 163
 164   ret = gnutls_certificate_verify_peers2 (tls->ses, &status);
 165   if (ret)
 166     goto fail;
 167
 168   kx = gnutls_kx_get (tls->ses);
 169   tls->fp = tls_fingerprint (tls->ses);
 170   log_write ("PROTO=%s CIPHER=%s MAC=%s KX=%s(%d) FP=%s",
 171              gnutls_protocol_get_name (gnutls_protocol_get_version
 172                                        (tls->ses)),
 173              gnutls_cipher_get_name (gnutls_cipher_get (tls->ses)),
 174              gnutls_mac_get_name (gnutls_mac_get (tls->ses)),
 175              gnutls_kx_get_name (kx), gnutls_dh_get_prime_bits (tls->ses),
 176              tls->fp ? tls->fp : "N/A");
 177   ret = verify_client_certificate (status);
 178   if (ret)
 179     goto fail;
 180
 181   return tls;
 182
 183 fail:
 184   log_write ("%s", rc ? gpg_strerror(rc) : gnutls_strerror (ret));
 185   gnutls_deinit (tls->ses);
 186   xfree (tls->fp);
 187   xfree (tls);
 188   return NULL;
 189 }
 190
 191 void
 192 tls_log (int level, const char *msg)
 193 {
 194   log_write ("TLS: %i: %s", level, msg);
 195 }
 196
 197 ssize_t
 198 tls_read_hook (assuan_context_t ctx, assuan_fd_t fd, void *data, size_t len)
 199 {
 200   struct client_s *client = assuan_get_pointer (ctx);
 201   time_t start = time (NULL);
 202   ssize_t ret;
 203
 204  rehandshake:
 205   do
 206     {
 207       gpg_error_t rc = 0;
 208
 209       ret = gnutls_record_recv (client->thd->tls->ses, data, len);
 210       if (ret == GNUTLS_E_REHANDSHAKE)
 211         {
 212           ret = gnutls_rehandshake (client->thd->tls->ses);
 213           if (ret == GNUTLS_E_GOT_APPLICATION_DATA)
 214             goto rehandshake;
 215           else if (ret != GNUTLS_E_SUCCESS)
 216             {
 217               log_write ("%s", gnutls_strerror (ret));
 218               ret = 0;
 219               break;
 220             }
 221
 222           do
 223             {
 224               ret = gnutls_handshake (client->thd->tls->ses);
 225               rc = 0;
 226               TEST_TIMEOUT (client->thd->timeout, ret, start, rc);
 227               if (rc)
 228                 {
 229                   log_write ("%s", gnutls_strerror (ret));
 230                   ret = 0;
 231                   close (client->thd->fd);
 232                   client->thd->fd = -1;
 233                   break;
 234                 }
 235             }
 236           while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
 237
 238           if (rc)
 239             break;
 240
 241           continue;
 242         }
 243
 244       TEST_TIMEOUT (client->thd->timeout, ret, start, rc);
 245       if (rc)
 246         {
 247           errno = ETIMEDOUT;
 248           close (client->thd->fd);
 249           client->thd->fd = -1;
 250           return -1;
 251         }
 252     }
 253   while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN);
 254
 255   if (ret < 0)
 256     {
 257       log_write ("%s", gnutls_strerror (ret));
 258       ret = 0;
 259     }
 260
 261   return ret;
 262 }
 263
 264 ssize_t
 265 tls_write_hook (assuan_context_t ctx, assuan_fd_t fd, const void *data,
 266                 size_t len)
 267 {
 268   struct client_s *client = assuan_get_pointer (ctx);
 269   ssize_t ret;
 270   time_t start = time (NULL);
 271
 272   do
 273     {
 274       gpg_error_t rc = 0;
 275
 276       ret = gnutls_record_send (client->thd->tls->ses, data, len);
 277       TEST_TIMEOUT (client->thd->timeout, ret, start, rc);
 278       if (rc)
 279         {
 280           errno = ETIMEDOUT;
 281           close (client->thd->fd);
 282           client->thd->fd = -1;
 283           return -1;
 284         }
 285     }
 286   while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN);
 287
 288   return ret;
 289 }
 290
 291 static int
 292 parse_dh_sec_level (const char *str, gpg_error_t *rc)
 293 {
 294   *rc = 0;
 295
 296   if (!str)
 297     return gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_MEDIUM);
 298
 299   if (!strcasecmp (str, "low"))
 300     return gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_LOW);
 301   else if (!strcasecmp (str, "medium"))
 302     return gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_MEDIUM);
 303   else if (!strcasecmp (str, "high"))
 304     return gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_HIGH);
 305   else if (!strcasecmp (str, "ultra"))
 306     return gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_ULTRA);
 307
 308   *rc = GPG_ERR_INV_VALUE;
 309   return GNUTLS_SEC_PARAM_UNKNOWN;
 310 }
 311
 312 gpg_error_t
 313 tls_init_params (const char *dh_sec_level)
 314 {
 315   int n;
 316   char *tmp, *tmp2;
 317   gpg_error_t rc = GPG_ERR_UNKNOWN_ERRNO;
 318   int bits = parse_dh_sec_level (dh_sec_level, &rc);
 319
 320   if (rc)
 321     return rc;
 322
 323   rc = GPG_ERR_UNKNOWN_ERRNO;
 324   n = gnutls_certificate_allocate_credentials (&x509_cred);
 325   if (n != GNUTLS_E_SUCCESS)
 326     {
 327       log_write ("%s", gnutls_strerror (n));
 328       x509_cred = NULL;
 329       goto fail;
 330     }
 331
 332   tmp = str_asprintf ("%s/ca-cert.pem", homedir);
 333   if (!tmp)
 334     {
 335       rc = GPG_ERR_ENOMEM;
 336       goto fail;
 337     }
 338
 339   n = gnutls_certificate_set_x509_trust_file (x509_cred, tmp,
 340                                               GNUTLS_X509_FMT_PEM);
 341   if (n < 0)
 342     {
 343       log_write ("%s: %s", tmp, gnutls_strerror (n));
 344       xfree (tmp);
 345       goto fail;
 346     }
 347
 348   xfree (tmp);
 349   tmp = str_asprintf ("%s/server-cert.pem", homedir);
 350   if (!tmp)
 351     {
 352       rc = GPG_ERR_ENOMEM;
 353       goto fail;
 354     }
 355
 356   tmp2 = str_asprintf ("%s/server-key.pem", homedir);
 357   if (!tmp2)
 358     {
 359       xfree (tmp);
 360       log_write ("%s(%i): %s", __FILE__, __LINE__, strerror (ENOMEM));
 361       goto fail;
 362     }
 363
 364   n = gnutls_certificate_set_x509_key_file (x509_cred, tmp, tmp2,
 365                                             GNUTLS_X509_FMT_PEM);
 366   xfree (tmp);
 367   xfree (tmp2);
 368   if (n != GNUTLS_E_SUCCESS)
 369     {
 370       log_write ("%s", gnutls_strerror (n));
 371       goto fail;
 372     }
 373
 374   log_write ("%s", _("Generating key exchange parameters..."));
 375   n = gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
 376   if (n)
 377     {
 378       log_write ("%s", pwmd_strerror (n));
 379       goto fail;
 380     }
 381
 382   n = gnutls_dh_params_init (&dh_params);
 383   if (n != GNUTLS_E_SUCCESS)
 384     {
 385       log_write ("%s", gnutls_strerror (n));
 386       goto fail;
 387     }
 388
 389   n = gnutls_dh_params_generate2 (dh_params, bits);
 390   if (n != GNUTLS_E_SUCCESS)
 391     {
 392       log_write ("%s", gnutls_strerror (n));
 393       goto fail;
 394     }
 395
 396   gnutls_certificate_set_dh_params (x509_cred, dh_params);
 397   return 0;
 398
 399 fail:
 400   return rc;
 401 }
 402
 403 void
 404 tls_deinit_params ()
 405 {
 406   if (dh_params)
 407     {
 408       gnutls_dh_params_deinit (dh_params);
 409       dh_params = NULL;
 410     }
 411
 412   if (x509_cred)
 413     {
 414       gnutls_certificate_free_credentials (x509_cred);
 415       x509_cred = NULL;
 416     }
 417 }
 418
 419 static gpg_error_t
 420 do_tls_validate_access (struct client_s *client, const char *section)
 421 {
 422   char **access = config_get_list (section, "allowed");
 423   char **p;
 424   int allowed = 0;
 425
 426   if (!access || !*access)
 427     return GPG_ERR_EACCES;
 428
 429   for (p = access; p && *p; p++)
 430     {
 431       int not = 0;
 432       char *fp = *p;
 433
 434       if (*fp && *fp == '+' && *(fp + 1) == 0) // allow all connections
 435         {
 436           allowed = 1;
 437           continue;
 438         }
 439
 440       if (*fp == '!' || *fp == '-')
 441         {
 442           not = 1;
 443           fp++;
 444           if (!*fp)
 445             break;
 446         }
 447
 448       if (*fp++ != '#')
 449         continue;
 450
 451       if (!strcasecmp (client->thd->tls->fp, fp))
 452         allowed = not ? 0 : 1;
 453     }
 454
 455   strv_free (access);
 456   return allowed ? 0 : GPG_ERR_EACCES;
 457 }
 458
 459 gpg_error_t
 460 tls_validate_access (struct client_s *client, const char *filename)
 461 {
 462   gpg_error_t rc = do_tls_validate_access (client, "global");
 463
 464   if (!rc && filename)
 465     rc = do_tls_validate_access (client, filename);
 466
 467   return rc;
 468 }