search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
vsftpd 3.0.3
[tomato.git] / release / src / router / vsftpd / ssl.c
blobc60ef2a5c7dc6c7a9cf676f8814c4adb987c36a8
1 /*
2 * Part of Very Secure FTPd
3 * Licence: GPL v2. Note that this code interfaces with with the OpenSSL
4 * libraries, so please read LICENSE where I give explicit permission to link
5 * against the OpenSSL libraries.
6 * Author: Chris Evans
7 * ssl.c
8 *
9 * Routines to handle a SSL/TLS-based implementation of RFC 2228, i.e.
10 * encryption.
11 */
12
13 #include "ssl.h"
14 #include "session.h"
15 #include "ftpcodes.h"
16 #include "ftpcmdio.h"
17 #include "defs.h"
18 #include "str.h"
19 #include "sysutil.h"
20 #include "tunables.h"
21 #include "utility.h"
22 #include "builddefs.h"
23 #include "logging.h"
24
25 #ifdef VSF_BUILD_SSL
26
27 #include <openssl/ssl.h>
28 #include <openssl/err.h>
29 #include <openssl/rand.h>
30 #include <openssl/bio.h>
31 #include <openssl/ec.h>
32 #include <errno.h>
33 #include <limits.h>
34
35 static char* get_ssl_error();
36 static SSL* get_ssl(struct vsf_session* p_sess, int fd);
37 static int ssl_session_init(struct vsf_session* p_sess);
38 static void setup_bio_callbacks();
39 static long bio_callback(
40 BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval);
41 static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx);
42 static int ssl_cert_digest(
43 SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str);
44 static void maybe_log_shutdown_state(struct vsf_session* p_sess);
45 static void maybe_log_ssl_error_state(struct vsf_session* p_sess, int ret);
46 static int ssl_read_common(struct vsf_session* p_sess,
47 SSL* p_ssl,
48 char* p_buf,
49 unsigned int len,
50 int (*p_ssl_func)(SSL*, void*, int));
51
52 static int ssl_inited;
53 static struct mystr debug_str;
54
55 void
56 ssl_init(struct vsf_session* p_sess)
57 {
58 if (!ssl_inited)
59 {
60 SSL_CTX* p_ctx;
61 long options;
62 int verify_option = 0;
63 SSL_library_init();
64 p_ctx = SSL_CTX_new(SSLv23_server_method());
65 if (p_ctx == NULL)
66 {
67 die("SSL: could not allocate SSL context");
68 }
69 options = SSL_OP_ALL;
70 if (!tunable_sslv2)
71 {
72 options |= SSL_OP_NO_SSLv2;
73 }
74 if (!tunable_sslv3)
75 {
76 options |= SSL_OP_NO_SSLv3;
77 }
78 if (!tunable_tlsv1)
79 {
80 options |= SSL_OP_NO_TLSv1;
81 }
82 SSL_CTX_set_options(p_ctx, options);
83 if (tunable_rsa_cert_file)
84 {
85 const char* p_key = tunable_rsa_private_key_file;
86 if (!p_key)
87 {
88 p_key = tunable_rsa_cert_file;
89 }
90 if (SSL_CTX_use_certificate_chain_file(p_ctx, tunable_rsa_cert_file) != 1)
91 {
92 die("SSL: cannot load RSA certificate");
93 }
94 if (SSL_CTX_use_PrivateKey_file(p_ctx, p_key, X509_FILETYPE_PEM) != 1)
95 {
96 die("SSL: cannot load RSA private key");
97 }
98 }
99 if (tunable_dsa_cert_file)
100 {
101 const char* p_key = tunable_dsa_private_key_file;
102 if (!p_key)
103 {
104 p_key = tunable_dsa_cert_file;
105 }
106 if (SSL_CTX_use_certificate_chain_file(p_ctx, tunable_dsa_cert_file) != 1)
107 {
108 die("SSL: cannot load DSA certificate");
109 }
110 if (SSL_CTX_use_PrivateKey_file(p_ctx, p_key, X509_FILETYPE_PEM) != 1)
111 {
112 die("SSL: cannot load DSA private key");
113 }
114 }
115 if (tunable_ssl_ciphers &&
116 SSL_CTX_set_cipher_list(p_ctx, tunable_ssl_ciphers) != 1)
117 {
118 die("SSL: could not set cipher list");
119 }
120 if (RAND_status() != 1)
121 {
122 die("SSL: RNG is not seeded");
123 }
124 {
125 EC_KEY* key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
126 if (key == NULL)
127 {
128 die("SSL: failed to get curve p256");
129 }
130 SSL_CTX_set_tmp_ecdh(p_ctx, key);
131 EC_KEY_free(key);
132 }
133 if (tunable_ssl_request_cert)
134 {
135 verify_option |= SSL_VERIFY_PEER;
136 }
137 if (tunable_require_cert)
138 {
139 verify_option |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
140 }
141 if (verify_option)
142 {
143 SSL_CTX_set_verify(p_ctx, verify_option, ssl_verify_callback);
144 if (tunable_ca_certs_file)
145 {
146 STACK_OF(X509_NAME)* p_names;
147 if (!SSL_CTX_load_verify_locations(p_ctx, tunable_ca_certs_file, NULL))
148 {
149 die("SSL: could not load verify file");
150 }
151 p_names = SSL_load_client_CA_file(tunable_ca_certs_file);
152 if (!p_names)
153 {
154 die("SSL: could not load client certs file");
155 }
156 SSL_CTX_set_client_CA_list(p_ctx, p_names);
157 }
158 }
159 {
160 static const char* p_ctx_id = "vsftpd";
161 SSL_CTX_set_session_id_context(p_ctx, (void*) p_ctx_id,
162 vsf_sysutil_strlen(p_ctx_id));
163 }
164 if (tunable_require_ssl_reuse)
165 {
166 /* Ensure cached session doesn't expire */
167 SSL_CTX_set_timeout(p_ctx, INT_MAX);
168 }
169 p_sess->p_ssl_ctx = p_ctx;
170 ssl_inited = 1;
171 }
172 }
173
174 void
175 ssl_control_handshake(struct vsf_session* p_sess)
176 {
177 if (!ssl_session_init(p_sess))
178 {
179 struct mystr err_str = INIT_MYSTR;
180 str_alloc_text(&err_str, "Negotiation failed: ");
181 /* Technically, we shouldn't leak such detailed error messages. */
182 str_append_text(&err_str, get_ssl_error());
183 vsf_cmdio_write_str(p_sess, FTP_TLS_FAIL, &err_str);
184 vsf_sysutil_exit(1);
185 }
186 p_sess->control_use_ssl = 1;
187 }
188
189 void
190 handle_auth(struct vsf_session* p_sess)
191 {
192 str_upper(&p_sess->ftp_arg_str);
193 if (str_equal_text(&p_sess->ftp_arg_str, "TLS") ||
194 str_equal_text(&p_sess->ftp_arg_str, "TLS-C") ||
195 str_equal_text(&p_sess->ftp_arg_str, "SSL") ||
196 str_equal_text(&p_sess->ftp_arg_str, "TLS-P"))
197 {
198 vsf_cmdio_write(p_sess, FTP_AUTHOK, "Proceed with negotiation.");
199 ssl_control_handshake(p_sess);
200 if (str_equal_text(&p_sess->ftp_arg_str, "SSL") ||
201 str_equal_text(&p_sess->ftp_arg_str, "TLS-P"))
202 {
203 p_sess->data_use_ssl = 1;
204 }
205 }
206 else
207 {
208 vsf_cmdio_write(p_sess, FTP_BADAUTH, "Unknown AUTH type.");
209 }
210 }
211
212 void
213 handle_pbsz(struct vsf_session* p_sess)
214 {
215 if (!p_sess->control_use_ssl)
216 {
217 vsf_cmdio_write(p_sess, FTP_BADPBSZ, "PBSZ needs a secure connection.");
218 }
219 else
220 {
221 vsf_cmdio_write(p_sess, FTP_PBSZOK, "PBSZ set to 0.");
222 }
223 }
224
225 void
226 handle_prot(struct vsf_session* p_sess)
227 {
228 str_upper(&p_sess->ftp_arg_str);
229 if (!p_sess->control_use_ssl)
230 {
231 vsf_cmdio_write(p_sess, FTP_BADPROT, "PROT needs a secure connection.");
232 }
233 else if (str_equal_text(&p_sess->ftp_arg_str, "C"))
234 {
235 p_sess->data_use_ssl = 0;
236 vsf_cmdio_write(p_sess, FTP_PROTOK, "PROT now Clear.");
237 }
238 else if (str_equal_text(&p_sess->ftp_arg_str, "P"))
239 {
240 p_sess->data_use_ssl = 1;
241 vsf_cmdio_write(p_sess, FTP_PROTOK, "PROT now Private.");
242 }
243 else if (str_equal_text(&p_sess->ftp_arg_str, "S") ||
244 str_equal_text(&p_sess->ftp_arg_str, "E"))
245 {
246 vsf_cmdio_write(p_sess, FTP_NOHANDLEPROT, "PROT not supported.");
247 }
248 else
249 {
250 vsf_cmdio_write(p_sess, FTP_NOSUCHPROT, "PROT not recognized.");
251 }
252 }
253
254 int
255 ssl_read(struct vsf_session* p_sess, void* p_ssl, char* p_buf, unsigned int len)
256 {
257 return ssl_read_common(p_sess, (SSL*) p_ssl, p_buf, len, SSL_read);
258 }
259
260 int
261 ssl_peek(struct vsf_session* p_sess, void* p_ssl, char* p_buf, unsigned int len)
262 {
263 return ssl_read_common(p_sess, (SSL*) p_ssl, p_buf, len, SSL_peek);
264 }
265
266 static int
267 ssl_read_common(struct vsf_session* p_sess,
268 SSL* p_void_ssl,
269 char* p_buf,
270 unsigned int len,
271 int (*p_ssl_func)(SSL*, void*, int))
272 {
273 int retval;
274 int err;
275 SSL* p_ssl = (SSL*) p_void_ssl;
276 do
277 {
278 retval = (*p_ssl_func)(p_ssl, p_buf, len);
279 err = SSL_get_error(p_ssl, retval);
280 }
281 while (retval < 0 && (err == SSL_ERROR_WANT_READ ||
282 err == SSL_ERROR_WANT_WRITE));
283 /* If we hit an EOF, make sure it was from the peer, not injected by the
284 * attacker.
285 */
286 if (retval == 0 && SSL_get_shutdown(p_ssl) != SSL_RECEIVED_SHUTDOWN)
287 {
288 if (p_ssl == p_sess->p_control_ssl)
289 {
290 str_alloc_text(&debug_str, "Control");
291 }
292 else
293 {
294 str_alloc_text(&debug_str, "DATA");
295 }
296 str_append_text(&debug_str, " connection terminated without SSL shutdown.");
297 if (p_ssl != p_sess->p_control_ssl)
298 {
299 str_append_text(&debug_str,
300 " Buggy client! Integrity of upload cannot be asserted.");
301 }
302 vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
303 if (tunable_strict_ssl_read_eof)
304 {
305 return -1;
306 }
307 }
308 return retval;
309 }
310
311 int
312 ssl_write(void* p_ssl, const char* p_buf, unsigned int len)
313 {
314 int retval;
315 int err;
316 do
317 {
318 retval = SSL_write((SSL*) p_ssl, p_buf, len);
319 err = SSL_get_error((SSL*) p_ssl, retval);
320 }
321 while (retval < 0 && (err == SSL_ERROR_WANT_READ ||
322 err == SSL_ERROR_WANT_WRITE));
323 return retval;
324 }
325
326 int
327 ssl_write_str(void* p_ssl, const struct mystr* p_str)
328 {
329 unsigned int len = str_getlen(p_str);
330 int ret = SSL_write((SSL*) p_ssl, str_getbuf(p_str), len);
331 if ((unsigned int) ret != len)
332 {
333 return -1;
334 }
335 return 0;
336 }
337
338 int
339 ssl_read_into_str(struct vsf_session* p_sess, void* p_ssl, struct mystr* p_str)
340 {
341 unsigned int len = str_getlen(p_str);
342 int ret = ssl_read(p_sess, p_ssl, (char*) str_getbuf(p_str), len);
343 if (ret >= 0)
344 {
345 str_trunc(p_str, (unsigned int) ret);
346 }
347 else
348 {
349 str_empty(p_str);
350 }
351 return ret;
352 }
353
354 static void
355 maybe_log_shutdown_state(struct vsf_session* p_sess)
356 {
357 if (tunable_debug_ssl)
358 {
359 int ret = SSL_get_shutdown(p_sess->p_data_ssl);
360 str_alloc_text(&debug_str, "SSL shutdown state is: ");
361 if (ret == 0)
362 {
363 str_append_text(&debug_str, "NONE");
364 }
365 else if (ret == SSL_SENT_SHUTDOWN)
366 {
367 str_append_text(&debug_str, "SSL_SENT_SHUTDOWN");
368 }
369 else if (ret == SSL_RECEIVED_SHUTDOWN)
370 {
371 str_append_text(&debug_str, "SSL_RECEIVED_SHUTDOWN");
372 }
373 else
374 {
375 str_append_ulong(&debug_str, ret);
376 }
377 vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
378 }
379 }
380
381 static void
382 maybe_log_ssl_error_state(struct vsf_session* p_sess, int ret)
383 {
384 if (tunable_debug_ssl)
385 {
386 str_alloc_text(&debug_str, "SSL ret: ");
387 str_append_ulong(&debug_str, ret);
388 str_append_text(&debug_str, ", SSL error: ");
389 str_append_text(&debug_str, get_ssl_error());
390 str_append_text(&debug_str, ", errno: ");
391 str_append_ulong(&debug_str, errno);
392 vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
393 }
394 }
395
396 int
397 ssl_data_close(struct vsf_session* p_sess)
398 {
399 int success = 1;
400 SSL* p_ssl = p_sess->p_data_ssl;
401 if (p_ssl)
402 {
403 int ret;
404 maybe_log_shutdown_state(p_sess);
405
406 /* Disable Nagle algorithm. We want the shutdown packet to be sent
407 * immediately, there's nothing coming after.
408 */
409 vsf_sysutil_set_nodelay(SSL_get_fd(p_ssl));
410
411 /* This is a mess. Ideally, when we're the sender, we'd like to get to the
412 * SSL_RECEIVED_SHUTDOWN state to get a cryptographic guarantee that the
413 * peer received all the data and shut the connection down cleanly. It
414 * doesn't matter hugely apart from logging, but it's a nagging detail.
415 * Unfortunately, no FTP client I found was able to get sends into that
416 * state, so the best we can do is issue SSL_shutdown but not check the
417 * errors / returns. At least this enables the receiver to be sure of the
418 * integrity of the send in terms of unwanted truncation.
419 */
420 ret = SSL_shutdown(p_ssl);
421 maybe_log_shutdown_state(p_sess);
422 if (ret == 0)
423 {
424 ret = SSL_shutdown(p_ssl);
425 maybe_log_shutdown_state(p_sess);
426 if (ret != 1)
427 {
428 if (tunable_strict_ssl_write_shutdown)
429 {
430 success = 0;
431 }
432 maybe_log_shutdown_state(p_sess);
433 maybe_log_ssl_error_state(p_sess, ret);
434 }
435 }
436 else if (ret < 0)
437 {
438 if (tunable_strict_ssl_write_shutdown)
439 {
440 success = 0;
441 }
442 maybe_log_ssl_error_state(p_sess, ret);
443 }
444 SSL_free(p_ssl);
445 p_sess->p_data_ssl = NULL;
446 }
447 return success;
448 }
449
450 int
451 ssl_accept(struct vsf_session* p_sess, int fd)
452 {
453 /* SECURITY: data SSL connections don't have any auth on them as part of the
454 * protocol. If a client sends an unfortunately optional client cert then
455 * we can check for a match between the control and data connections.
456 */
457 SSL* p_ssl;
458 int reused;
459 if (p_sess->p_data_ssl != NULL)
460 {
461 die("p_data_ssl should be NULL.");
462 }
463 p_ssl = get_ssl(p_sess, fd);
464 if (p_ssl == NULL)
465 {
466 return 0;
467 }
468 p_sess->p_data_ssl = p_ssl;
469 setup_bio_callbacks(p_ssl);
470 reused = SSL_session_reused(p_ssl);
471 if (tunable_require_ssl_reuse && !reused)
472 {
473 str_alloc_text(&debug_str, "No SSL session reuse on data channel.");
474 vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
475 ssl_data_close(p_sess);
476 return 0;
477 }
478 if (str_getlen(&p_sess->control_cert_digest) > 0)
479 {
480 static struct mystr data_cert_digest;
481 if (!ssl_cert_digest(p_ssl, p_sess, &data_cert_digest))
482 {
483 str_alloc_text(&debug_str, "Missing cert on data channel.");
484 vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
485 ssl_data_close(p_sess);
486 return 0;
487 }
488 if (str_strcmp(&p_sess->control_cert_digest, &data_cert_digest))
489 {
490 str_alloc_text(&debug_str, "DIFFERENT cert on data channel.");
491 vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
492 ssl_data_close(p_sess);
493 return 0;
494 }
495 if (tunable_debug_ssl)
496 {
497 str_alloc_text(&debug_str, "Matching cert on data channel.");
498 vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
499 }
500 }
501 return 1;
502 }
503
504 void
505 ssl_comm_channel_init(struct vsf_session* p_sess)
506 {
507 const struct vsf_sysutil_socketpair_retval retval =
508 vsf_sysutil_unix_stream_socketpair();
509 if (p_sess->ssl_consumer_fd != -1)
510 {
511 bug("ssl_consumer_fd active");
512 }
513 if (p_sess->ssl_slave_fd != -1)
514 {
515 bug("ssl_slave_fd active");
516 }
517 p_sess->ssl_consumer_fd = retval.socket_one;
518 p_sess->ssl_slave_fd = retval.socket_two;
519 }
520
521 void
522 ssl_comm_channel_set_consumer_context(struct vsf_session* p_sess)
523 {
524 if (p_sess->ssl_slave_fd == -1)
525 {
526 bug("ssl_slave_fd already closed");
527 }
528 vsf_sysutil_close(p_sess->ssl_slave_fd);
529 p_sess->ssl_slave_fd = -1;
530 }
531
532 void
533 ssl_comm_channel_set_producer_context(struct vsf_session* p_sess)
534 {
535 if (p_sess->ssl_consumer_fd == -1)
536 {
537 bug("ssl_consumer_fd already closed");
538 }
539 vsf_sysutil_close(p_sess->ssl_consumer_fd);
540 p_sess->ssl_consumer_fd = -1;
541 }
542
543 static SSL*
544 get_ssl(struct vsf_session* p_sess, int fd)
545 {
546 SSL* p_ssl = SSL_new(p_sess->p_ssl_ctx);
547 if (p_ssl == NULL)
548 {
549 if (tunable_debug_ssl)
550 {
551 str_alloc_text(&debug_str, "SSL_new failed");
552 vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
553 }
554 return NULL;
555 }
556 if (!SSL_set_fd(p_ssl, fd))
557 {
558 if (tunable_debug_ssl)
559 {
560 str_alloc_text(&debug_str, "SSL_set_fd failed");
561 vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
562 }
563 SSL_free(p_ssl);
564 return NULL;
565 }
566 if (SSL_accept(p_ssl) != 1)
567 {
568 const char* p_err = get_ssl_error();
569 if (tunable_debug_ssl)
570 {
571 str_alloc_text(&debug_str, "SSL_accept failed: ");
572 str_append_text(&debug_str, p_err);
573 vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
574 }
575 /* The RFC is quite clear that we can just close the control channel
576 * here.
577 */
578 die(p_err);
579 }
580 if (tunable_debug_ssl)
581 {
582 const char* p_ssl_version = SSL_get_cipher_version(p_ssl);
583 const SSL_CIPHER* p_ssl_cipher = SSL_get_current_cipher(p_ssl);
584 const char* p_cipher_name = SSL_CIPHER_get_name(p_ssl_cipher);
585 X509* p_ssl_cert = SSL_get_peer_certificate(p_ssl);
586 int reused = SSL_session_reused(p_ssl);
587 str_alloc_text(&debug_str, "SSL version: ");
588 str_append_text(&debug_str, p_ssl_version);
589 str_append_text(&debug_str, ", SSL cipher: ");
590 str_append_text(&debug_str, p_cipher_name);
591 if (reused)
592 {
593 str_append_text(&debug_str, ", reused");
594 }
595 else
596 {
597 str_append_text(&debug_str, ", not reused");
598 }
599 if (p_ssl_cert != NULL)
600 {
601 str_append_text(&debug_str, ", CERT PRESENTED");
602 X509_free(p_ssl_cert);
603 }
604 else
605 {
606 str_append_text(&debug_str, ", no cert");
607 }
608 vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
609 }
610 return p_ssl;
611 }
612
613 static int
614 ssl_session_init(struct vsf_session* p_sess)
615 {
616 SSL* p_ssl = get_ssl(p_sess, VSFTP_COMMAND_FD);
617 if (p_ssl == NULL)
618 {
619 return 0;
620 }
621 p_sess->p_control_ssl = p_ssl;
622 (void) ssl_cert_digest(p_ssl, p_sess, &p_sess->control_cert_digest);
623 setup_bio_callbacks(p_ssl);
624 return 1;
625 }
626
627 static int
628 ssl_cert_digest(SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str)
629 {
630 X509* p_cert = SSL_get_peer_certificate(p_ssl);
631 unsigned int num_bytes = 0;
632 if (p_cert == NULL)
633 {
634 return 0;
635 }
636 str_reserve(p_str, EVP_MAX_MD_SIZE);
637 str_empty(p_str);
638 str_rpad(p_str, EVP_MAX_MD_SIZE);
639 if (!X509_digest(p_cert, EVP_sha256(), (unsigned char*) str_getbuf(p_str),
640 &num_bytes))
641 {
642 die("X509_digest failed");
643 }
644 X509_free(p_cert);
645 if (tunable_debug_ssl)
646 {
647 unsigned int i;
648 str_alloc_text(&debug_str, "Cert digest:");
649 for (i = 0; i < num_bytes; ++i)
650 {
651 str_append_char(&debug_str, ' ');
652 str_append_ulong(
653 &debug_str, (unsigned long) (unsigned char) str_get_char_at(p_str, i));
654 }
655 vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
656 }
657 str_trunc(p_str, num_bytes);
658 return 1;
659 }
660
661 static char*
662 get_ssl_error()
663 {
664 SSL_load_error_strings();
665 return ERR_error_string(ERR_get_error(), NULL);
666 }
667
668 static void setup_bio_callbacks(SSL* p_ssl)
669 {
670 BIO* p_bio = SSL_get_rbio(p_ssl);
671 BIO_set_callback(p_bio, bio_callback);
672 p_bio = SSL_get_wbio(p_ssl);
673 BIO_set_callback(p_bio, bio_callback);
674 }
675
676 static long
677 bio_callback(
678 BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long ret)
679 {
680 int retval = 0;
681 int fd = 0;
682 (void) p_arg;
683 (void) argi;
684 (void) argl;
685 if (oper == (BIO_CB_READ | BIO_CB_RETURN) ||
686 oper == (BIO_CB_WRITE | BIO_CB_RETURN))
687 {
688 retval = (int) ret;
689 fd = BIO_get_fd(p_bio, NULL);
690 }
691 vsf_sysutil_check_pending_actions(kVSFSysUtilIO, retval, fd);
692 return ret;
693 }
694
695 static int
696 ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx)
697 {
698 (void) p_ctx;
699 if (tunable_validate_cert)
700 {
701 return verify_ok;
702 }
703 return 1;
704 }
705
706 void
707 ssl_add_entropy(struct vsf_session* p_sess)
708 {
709 /* Although each child does seem to have its different pool of entropy, I
710 * don't trust the interaction of OpenSSL's opaque RAND API and fork(). So
711 * throw a bit more in (only works on systems with /dev/urandom for now).
712 */
713 int ret = RAND_load_file("/dev/urandom", 16);
714 if (ret != 16)
715 {
716 str_alloc_text(&debug_str, "Couldn't add extra OpenSSL entropy: ");
717 str_append_ulong(&debug_str, (unsigned long) ret);
718 vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
719 }
720 }
721
722 #else /* VSF_BUILD_SSL */
723
724 void
725 ssl_init(struct vsf_session* p_sess)
726 {
727 (void) p_sess;
728 die("SSL: ssl_enable is set but SSL support not compiled in");
729 }
730
731 void
732 ssl_control_handshake(struct vsf_session* p_sess)
733 {
734 (void) p_sess;
735 }
736
737 void
738 handle_auth(struct vsf_session* p_sess)
739 {
740 (void) p_sess;
741 }
742
743 void
744 handle_pbsz(struct vsf_session* p_sess)
745 {
746 (void) p_sess;
747 }
748
749 void
750 handle_prot(struct vsf_session* p_sess)
751 {
752 (void) p_sess;
753 }
754
755 int
756 ssl_read(struct vsf_session* p_sess, void* p_ssl, char* p_buf, unsigned int len)
757 {
758 (void) p_sess;
759 (void) p_ssl;
760 (void) p_buf;
761 (void) len;
762 return -1;
763 }
764
765 int
766 ssl_peek(struct vsf_session* p_sess, void* p_ssl, char* p_buf, unsigned int len)
767 {
768 (void) p_sess;
769 (void) p_ssl;
770 (void) p_buf;
771 (void) len;
772 return -1;
773 }
774
775 int
776 ssl_write(void* p_ssl, const char* p_buf, unsigned int len)
777 {
778 (void) p_ssl;
779 (void) p_buf;
780 (void) len;
781 return -1;
782 }
783
784 int
785 ssl_write_str(void* p_ssl, const struct mystr* p_str)
786 {
787 (void) p_ssl;
788 (void) p_str;
789 return -1;
790 }
791
792 int
793 ssl_accept(struct vsf_session* p_sess, int fd)
794 {
795 (void) p_sess;
796 (void) fd;
797 return -1;
798 }
799
800 int
801 ssl_data_close(struct vsf_session* p_sess)
802 {
803 (void) p_sess;
804 return 1;
805 }
806
807 void
808 ssl_comm_channel_init(struct vsf_session* p_sess)
809 {
810 (void) p_sess;
811 }
812
813 void
814 ssl_comm_channel_set_consumer_context(struct vsf_session* p_sess)
815 {
816 (void) p_sess;
817 }
818
819 void
820 ssl_comm_channel_set_producer_context(struct vsf_session* p_sess)
821 {
822 (void) p_sess;
823 }
824
825 void
826 ssl_add_entropy(struct vsf_session* p_sess)
827 {
828 (void) p_sess;
829 }
830
831 int
832 ssl_read_into_str(struct vsf_session* p_sess, void* p_ssl, struct mystr* p_str)
833 {
834 (void) p_sess;
835 (void) p_ssl;
836 (void) p_str;
837 return -1;
838 }
839
840 #endif /* VSF_BUILD_SSL */
841
Tomato firmware and modifications.