2007-12-12 22:09:01 +01:00
|
|
|
/* Copyright (c) 2003, Roger Dingledine
|
|
|
|
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
2015-01-02 20:27:39 +01:00
|
|
|
* Copyright (c) 2007-2015, The Tor Project, Inc. */
|
2003-09-04 18:05:08 +02:00
|
|
|
/* See LICENSE for licensing information */
|
|
|
|
|
2012-10-12 18:13:10 +02:00
|
|
|
#ifndef TOR_TORTLS_H
|
|
|
|
#define TOR_TORTLS_H
|
2003-09-04 18:05:08 +02:00
|
|
|
|
2004-05-10 09:54:13 +02:00
|
|
|
/**
|
|
|
|
* \file tortls.h
|
|
|
|
* \brief Headers for tortls.c
|
|
|
|
**/
|
|
|
|
|
2007-08-08 07:50:31 +02:00
|
|
|
#include "crypto.h"
|
2015-11-10 16:02:21 +01:00
|
|
|
#include "compat_openssl.h"
|
2007-08-08 07:50:31 +02:00
|
|
|
#include "compat.h"
|
2014-04-15 14:20:34 +02:00
|
|
|
#include "testsupport.h"
|
2003-09-04 18:05:08 +02:00
|
|
|
|
2004-05-01 22:46:28 +02:00
|
|
|
/* Opaque structure to hold a TLS connection. */
|
2005-10-06 06:33:40 +02:00
|
|
|
typedef struct tor_tls_t tor_tls_t;
|
2003-09-04 18:05:08 +02:00
|
|
|
|
2011-09-13 17:37:15 +02:00
|
|
|
/* Opaque structure to hold an X509 certificate. */
|
2014-09-30 14:31:08 +02:00
|
|
|
typedef struct tor_x509_cert_t tor_x509_cert_t;
|
2011-09-13 17:37:15 +02:00
|
|
|
|
2004-05-01 22:46:28 +02:00
|
|
|
/* Possible return values for most tor_tls_* functions. */
|
2012-10-12 18:22:13 +02:00
|
|
|
#define MIN_TOR_TLS_ERROR_VAL_ -9
|
2007-01-15 22:13:37 +01:00
|
|
|
#define TOR_TLS_ERROR_MISC -9
|
2008-12-18 17:11:24 +01:00
|
|
|
/* Rename to unexpected close or something. XXXX */
|
2007-01-15 22:13:37 +01:00
|
|
|
#define TOR_TLS_ERROR_IO -8
|
|
|
|
#define TOR_TLS_ERROR_CONNREFUSED -7
|
|
|
|
#define TOR_TLS_ERROR_CONNRESET -6
|
|
|
|
#define TOR_TLS_ERROR_NO_ROUTE -5
|
|
|
|
#define TOR_TLS_ERROR_TIMEOUT -4
|
|
|
|
#define TOR_TLS_CLOSE -3
|
|
|
|
#define TOR_TLS_WANTREAD -2
|
|
|
|
#define TOR_TLS_WANTWRITE -1
|
|
|
|
#define TOR_TLS_DONE 0
|
2003-09-04 18:05:08 +02:00
|
|
|
|
2008-12-17 23:58:20 +01:00
|
|
|
/** Collection of case statements for all TLS errors that are not due to
|
|
|
|
* underlying IO failure. */
|
2008-02-21 17:11:58 +01:00
|
|
|
#define CASE_TOR_TLS_ERROR_ANY_NONIO \
|
2007-01-15 22:21:05 +01:00
|
|
|
case TOR_TLS_ERROR_MISC: \
|
|
|
|
case TOR_TLS_ERROR_CONNREFUSED: \
|
|
|
|
case TOR_TLS_ERROR_CONNRESET: \
|
|
|
|
case TOR_TLS_ERROR_NO_ROUTE: \
|
|
|
|
case TOR_TLS_ERROR_TIMEOUT
|
|
|
|
|
2008-02-21 17:11:58 +01:00
|
|
|
/** Use this macro in a switch statement to catch _any_ TLS error. That way,
|
|
|
|
* if more errors are added, your switches will still work. */
|
|
|
|
#define CASE_TOR_TLS_ERROR_ANY \
|
|
|
|
CASE_TOR_TLS_ERROR_ANY_NONIO: \
|
|
|
|
case TOR_TLS_ERROR_IO
|
|
|
|
|
2007-01-15 22:21:05 +01:00
|
|
|
#define TOR_TLS_IS_ERROR(rv) ((rv) < TOR_TLS_CLOSE)
|
2015-09-15 17:09:18 +02:00
|
|
|
|
|
|
|
#ifdef TORTLS_PRIVATE
|
|
|
|
#define TOR_TLS_MAGIC 0x71571571
|
|
|
|
|
|
|
|
typedef enum {
|
|
|
|
TOR_TLS_ST_HANDSHAKE, TOR_TLS_ST_OPEN, TOR_TLS_ST_GOTCLOSE,
|
|
|
|
TOR_TLS_ST_SENTCLOSE, TOR_TLS_ST_CLOSED, TOR_TLS_ST_RENEGOTIATE,
|
|
|
|
TOR_TLS_ST_BUFFEREVENT
|
|
|
|
} tor_tls_state_t;
|
|
|
|
#define tor_tls_state_bitfield_t ENUM_BF(tor_tls_state_t)
|
|
|
|
|
|
|
|
/** Holds a SSL_CTX object and related state used to configure TLS
|
|
|
|
* connections.
|
|
|
|
*/
|
|
|
|
typedef struct tor_tls_context_t {
|
|
|
|
int refcnt;
|
|
|
|
SSL_CTX *ctx;
|
|
|
|
tor_x509_cert_t *my_link_cert;
|
|
|
|
tor_x509_cert_t *my_id_cert;
|
|
|
|
tor_x509_cert_t *my_auth_cert;
|
|
|
|
crypto_pk_t *link_key;
|
|
|
|
crypto_pk_t *auth_key;
|
|
|
|
} tor_tls_context_t;
|
|
|
|
|
|
|
|
/** Structure that we use for a single certificate. */
|
|
|
|
struct tor_x509_cert_t {
|
|
|
|
X509 *cert;
|
|
|
|
uint8_t *encoded;
|
|
|
|
size_t encoded_len;
|
|
|
|
unsigned pkey_digests_set : 1;
|
|
|
|
digests_t cert_digests;
|
|
|
|
digests_t pkey_digests;
|
|
|
|
};
|
|
|
|
|
|
|
|
/** Holds a SSL object and its associated data. Members are only
|
|
|
|
* accessed from within tortls.c.
|
|
|
|
*/
|
|
|
|
struct tor_tls_t {
|
|
|
|
uint32_t magic;
|
|
|
|
tor_tls_context_t *context; /** A link to the context object for this tls. */
|
|
|
|
SSL *ssl; /**< An OpenSSL SSL object. */
|
|
|
|
int socket; /**< The underlying file descriptor for this TLS connection. */
|
|
|
|
char *address; /**< An address to log when describing this connection. */
|
|
|
|
tor_tls_state_bitfield_t state : 3; /**< The current SSL state,
|
|
|
|
* depending on which operations
|
|
|
|
* have completed successfully. */
|
|
|
|
unsigned int isServer:1; /**< True iff this is a server-side connection */
|
|
|
|
unsigned int wasV2Handshake:1; /**< True iff the original handshake for
|
|
|
|
* this connection used the updated version
|
|
|
|
* of the connection protocol (client sends
|
|
|
|
* different cipher list, server sends only
|
|
|
|
* one certificate). */
|
|
|
|
/** True iff we should call negotiated_callback when we're done reading. */
|
|
|
|
unsigned int got_renegotiate:1;
|
|
|
|
/** Return value from tor_tls_classify_client_ciphers, or 0 if we haven't
|
|
|
|
* called that function yet. */
|
|
|
|
int8_t client_cipher_list_type;
|
|
|
|
/** Incremented every time we start the server side of a handshake. */
|
|
|
|
uint8_t server_handshake_count;
|
|
|
|
size_t wantwrite_n; /**< 0 normally, >0 if we returned wantwrite last
|
|
|
|
* time. */
|
|
|
|
/** Last values retrieved from BIO_number_read()/write(); see
|
|
|
|
* tor_tls_get_n_raw_bytes() for usage.
|
|
|
|
*/
|
|
|
|
unsigned long last_write_count;
|
|
|
|
unsigned long last_read_count;
|
|
|
|
/** If set, a callback to invoke whenever the client tries to renegotiate
|
|
|
|
* the handshake. */
|
|
|
|
void (*negotiated_callback)(tor_tls_t *tls, void *arg);
|
|
|
|
/** Argument to pass to negotiated_callback. */
|
|
|
|
void *callback_arg;
|
|
|
|
};
|
|
|
|
|
|
|
|
STATIC int tor_errno_to_tls_error(int e);
|
|
|
|
STATIC int tor_tls_get_error(tor_tls_t *tls, int r, int extra,
|
|
|
|
const char *doing, int severity, int domain);
|
|
|
|
STATIC tor_tls_t *tor_tls_get_by_ssl(const SSL *ssl);
|
|
|
|
STATIC void tor_tls_allocate_tor_tls_object_ex_data_index(void);
|
|
|
|
STATIC int always_accept_verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx);
|
2015-10-02 14:33:54 +02:00
|
|
|
STATIC int tor_tls_classify_client_ciphers(const SSL *ssl,
|
|
|
|
STACK_OF(SSL_CIPHER) *peer_ciphers);
|
2015-09-15 17:09:18 +02:00
|
|
|
STATIC int tor_tls_client_is_using_v2_ciphers(const SSL *ssl);
|
2015-10-02 14:33:54 +02:00
|
|
|
MOCK_DECL(STATIC void, try_to_extract_certs_from_tls,
|
|
|
|
(int severity, tor_tls_t *tls, X509 **cert_out, X509 **id_cert_out));
|
2015-10-05 20:56:27 +02:00
|
|
|
#ifndef HAVE_SSL_SESSION_GET_MASTER_KEY
|
2015-10-02 14:33:54 +02:00
|
|
|
STATIC size_t SSL_SESSION_get_master_key(SSL_SESSION *s, uint8_t *out,
|
|
|
|
size_t len);
|
2015-10-05 20:56:27 +02:00
|
|
|
#endif
|
2015-09-15 17:09:18 +02:00
|
|
|
STATIC void tor_tls_debug_state_callback(const SSL *ssl, int type, int val);
|
|
|
|
STATIC void tor_tls_server_info_callback(const SSL *ssl, int type, int val);
|
2015-10-02 14:33:54 +02:00
|
|
|
STATIC int tor_tls_session_secret_cb(SSL *ssl, void *secret,
|
|
|
|
int *secret_len,
|
|
|
|
STACK_OF(SSL_CIPHER) *peer_ciphers,
|
|
|
|
SSL_CIPHER **cipher, void *arg);
|
|
|
|
STATIC int find_cipher_by_id(const SSL *ssl, const SSL_METHOD *m,
|
|
|
|
uint16_t cipher);
|
2015-09-15 17:09:18 +02:00
|
|
|
MOCK_DECL(STATIC X509*, tor_tls_create_certificate,(crypto_pk_t *rsa,
|
|
|
|
crypto_pk_t *rsa_sign,
|
|
|
|
const char *cname,
|
|
|
|
const char *cname_sign,
|
2015-10-02 14:33:54 +02:00
|
|
|
unsigned int cert_lifetime));
|
|
|
|
STATIC tor_tls_context_t *tor_tls_context_new(crypto_pk_t *identity,
|
|
|
|
unsigned int key_lifetime, unsigned flags, int is_client);
|
2015-09-15 17:09:18 +02:00
|
|
|
MOCK_DECL(STATIC tor_x509_cert_t *, tor_x509_cert_new,(X509 *x509_cert));
|
|
|
|
STATIC int tor_tls_context_init_one(tor_tls_context_t **ppcontext,
|
|
|
|
crypto_pk_t *identity,
|
|
|
|
unsigned int key_lifetime,
|
|
|
|
unsigned int flags,
|
|
|
|
int is_client);
|
2015-10-02 14:33:54 +02:00
|
|
|
STATIC void tls_log_errors(tor_tls_t *tls, int severity, int domain,
|
|
|
|
const char *doing);
|
2015-09-15 17:09:18 +02:00
|
|
|
#endif
|
|
|
|
|
2007-11-07 17:37:08 +01:00
|
|
|
const char *tor_tls_err_to_string(int err);
|
2011-06-22 21:29:30 +02:00
|
|
|
void tor_tls_get_state_description(tor_tls_t *tls, char *buf, size_t sz);
|
2007-01-15 22:21:05 +01:00
|
|
|
|
2005-02-11 02:41:19 +01:00
|
|
|
void tor_tls_free_all(void);
|
2012-12-26 02:04:54 +01:00
|
|
|
|
|
|
|
#define TOR_TLS_CTX_IS_PUBLIC_SERVER (1u<<0)
|
|
|
|
#define TOR_TLS_CTX_USE_ECDHE_P256 (1u<<1)
|
|
|
|
#define TOR_TLS_CTX_USE_ECDHE_P224 (1u<<2)
|
|
|
|
|
|
|
|
int tor_tls_context_init(unsigned flags,
|
2012-01-18 21:53:30 +01:00
|
|
|
crypto_pk_t *client_identity,
|
|
|
|
crypto_pk_t *server_identity,
|
2010-10-01 23:06:57 +02:00
|
|
|
unsigned int key_lifetime);
|
2006-06-07 08:21:11 +02:00
|
|
|
tor_tls_t *tor_tls_new(int sock, int is_server);
|
2008-02-19 23:27:44 +01:00
|
|
|
void tor_tls_set_logged_address(tor_tls_t *tls, const char *address);
|
2011-12-07 01:49:20 +01:00
|
|
|
void tor_tls_set_renegotiate_callback(tor_tls_t *tls,
|
2007-12-01 09:09:48 +01:00
|
|
|
void (*cb)(tor_tls_t *, void *arg),
|
|
|
|
void *arg);
|
2005-10-06 06:33:40 +02:00
|
|
|
int tor_tls_is_server(tor_tls_t *tls);
|
|
|
|
void tor_tls_free(tor_tls_t *tls);
|
|
|
|
int tor_tls_peer_has_cert(tor_tls_t *tls);
|
2014-10-16 15:07:50 +02:00
|
|
|
MOCK_DECL(tor_x509_cert_t *,tor_tls_get_peer_cert,(tor_tls_t *tls));
|
2012-01-18 21:53:30 +01:00
|
|
|
int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_t **identity);
|
2011-11-15 17:56:21 +01:00
|
|
|
int tor_tls_check_lifetime(int severity,
|
|
|
|
tor_tls_t *tls, int past_tolerance,
|
2011-11-15 04:21:45 +01:00
|
|
|
int future_tolerance);
|
2014-09-18 20:03:49 +02:00
|
|
|
MOCK_DECL(int, tor_tls_read, (tor_tls_t *tls, char *cp, size_t len));
|
2007-01-30 23:19:41 +01:00
|
|
|
int tor_tls_write(tor_tls_t *tls, const char *cp, size_t n);
|
2005-10-06 06:33:40 +02:00
|
|
|
int tor_tls_handshake(tor_tls_t *tls);
|
2009-08-14 20:34:16 +02:00
|
|
|
int tor_tls_finish_handshake(tor_tls_t *tls);
|
2010-09-27 22:07:14 +02:00
|
|
|
void tor_tls_unblock_renegotiation(tor_tls_t *tls);
|
2011-12-07 01:49:21 +01:00
|
|
|
void tor_tls_block_renegotiation(tor_tls_t *tls);
|
2010-10-12 20:45:15 +02:00
|
|
|
void tor_tls_assert_renegotiation_unblocked(tor_tls_t *tls);
|
2005-10-06 06:33:40 +02:00
|
|
|
int tor_tls_shutdown(tor_tls_t *tls);
|
|
|
|
int tor_tls_get_pending_bytes(tor_tls_t *tls);
|
2006-12-13 23:46:42 +01:00
|
|
|
size_t tor_tls_get_forced_write_size(tor_tls_t *tls);
|
2005-10-06 06:33:40 +02:00
|
|
|
|
2006-12-29 04:42:46 +01:00
|
|
|
void tor_tls_get_n_raw_bytes(tor_tls_t *tls,
|
|
|
|
size_t *n_read, size_t *n_written);
|
2004-01-13 02:19:02 +01:00
|
|
|
|
2015-05-13 18:12:53 +02:00
|
|
|
int tor_tls_get_buffer_sizes(tor_tls_t *tls,
|
2009-09-01 05:23:47 +02:00
|
|
|
size_t *rbuf_capacity, size_t *rbuf_bytes,
|
|
|
|
size_t *wbuf_capacity, size_t *wbuf_bytes);
|
2008-04-10 17:12:24 +02:00
|
|
|
|
2014-04-15 14:20:34 +02:00
|
|
|
MOCK_DECL(double, tls_get_write_overhead_ratio, (void));
|
2013-03-12 03:06:07 +01:00
|
|
|
|
2007-10-30 22:46:02 +01:00
|
|
|
int tor_tls_used_v1_handshake(tor_tls_t *tls);
|
2010-10-11 19:45:27 +02:00
|
|
|
int tor_tls_get_num_server_handshakes(tor_tls_t *tls);
|
|
|
|
int tor_tls_server_got_renegotiate(tor_tls_t *tls);
|
2014-10-16 15:07:50 +02:00
|
|
|
MOCK_DECL(int,tor_tls_get_tlssecrets,(tor_tls_t *tls, uint8_t *secrets_out));
|
2007-10-30 22:46:02 +01:00
|
|
|
|
2004-05-01 22:46:28 +02:00
|
|
|
/* Log and abort if there are unhandled TLS errors in OpenSSL's error stack.
|
|
|
|
*/
|
2012-10-12 18:22:13 +02:00
|
|
|
#define check_no_tls_errors() check_no_tls_errors_(__FILE__,__LINE__)
|
2004-04-27 01:00:07 +02:00
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
void check_no_tls_errors_(const char *fname, int line);
|
2010-10-11 19:26:57 +02:00
|
|
|
void tor_tls_log_one_error(tor_tls_t *tls, unsigned long err,
|
|
|
|
int severity, int domain, const char *doing);
|
2004-04-27 01:00:07 +02:00
|
|
|
|
2009-08-14 20:34:16 +02:00
|
|
|
#ifdef USE_BUFFEREVENTS
|
|
|
|
int tor_tls_start_renegotiating(tor_tls_t *tls);
|
|
|
|
struct bufferevent *tor_tls_init_bufferevent(tor_tls_t *tls,
|
|
|
|
struct bufferevent *bufev_in,
|
2010-11-09 21:36:27 +01:00
|
|
|
evutil_socket_t socket, int receiving,
|
|
|
|
int filter);
|
2009-08-14 20:34:16 +02:00
|
|
|
#endif
|
|
|
|
|
2014-09-30 14:31:08 +02:00
|
|
|
void tor_x509_cert_free(tor_x509_cert_t *cert);
|
|
|
|
tor_x509_cert_t *tor_x509_cert_decode(const uint8_t *certificate,
|
2011-10-11 17:30:01 +02:00
|
|
|
size_t certificate_len);
|
2014-09-30 14:31:08 +02:00
|
|
|
void tor_x509_cert_get_der(const tor_x509_cert_t *cert,
|
2011-09-13 17:37:15 +02:00
|
|
|
const uint8_t **encoded_out, size_t *size_out);
|
2014-09-30 14:31:08 +02:00
|
|
|
const digests_t *tor_x509_cert_get_id_digests(const tor_x509_cert_t *cert);
|
|
|
|
const digests_t *tor_x509_cert_get_cert_digests(const tor_x509_cert_t *cert);
|
2011-09-13 17:37:15 +02:00
|
|
|
int tor_tls_get_my_certs(int server,
|
2014-09-30 14:31:08 +02:00
|
|
|
const tor_x509_cert_t **link_cert_out,
|
|
|
|
const tor_x509_cert_t **id_cert_out);
|
2012-01-18 21:53:30 +01:00
|
|
|
crypto_pk_t *tor_tls_get_my_client_auth_key(void);
|
2014-09-30 14:31:08 +02:00
|
|
|
crypto_pk_t *tor_tls_cert_get_key(tor_x509_cert_t *cert);
|
2014-10-08 21:39:34 +02:00
|
|
|
MOCK_DECL(int,tor_tls_cert_matches_key,(const tor_tls_t *tls,
|
|
|
|
const tor_x509_cert_t *cert));
|
2011-11-15 17:56:21 +01:00
|
|
|
int tor_tls_cert_is_valid(int severity,
|
2014-09-30 14:31:08 +02:00
|
|
|
const tor_x509_cert_t *cert,
|
|
|
|
const tor_x509_cert_t *signing_cert,
|
2011-09-22 16:01:41 +02:00
|
|
|
int check_rsa_1024);
|
2012-11-28 19:31:17 +01:00
|
|
|
const char *tor_tls_get_ciphersuite_name(tor_tls_t *tls);
|
2011-09-13 17:37:15 +02:00
|
|
|
|
2015-05-21 19:07:30 +02:00
|
|
|
int evaluate_ecgroup_for_tls(const char *ecgroup);
|
|
|
|
|
2003-09-04 18:05:08 +02:00
|
|
|
#endif
|
2015-10-02 14:33:54 +02:00
|
|
|
|