| /* |
| * libjingle |
| * Copyright 2004--2008, Google Inc. |
| * |
| * Redistribution and use in source and binary forms, with or without |
| * modification, are permitted provided that the following conditions are met: |
| * |
| * 1. Redistributions of source code must retain the above copyright notice, |
| * this list of conditions and the following disclaimer. |
| * 2. Redistributions in binary form must reproduce the above copyright notice, |
| * this list of conditions and the following disclaimer in the documentation |
| * and/or other materials provided with the distribution. |
| * 3. The name of the author may not be used to endorse or promote products |
| * derived from this software without specific prior written permission. |
| * |
| * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED |
| * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF |
| * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO |
| * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, |
| * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; |
| * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, |
| * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR |
| * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF |
| * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| */ |
| |
| #if HAVE_CONFIG_H |
| #include "config.h" |
| #endif // HAVE_CONFIG_H |
| |
| #if HAVE_OPENSSL_SSL_H |
| |
| #include "talk/base/opensslstreamadapter.h" |
| |
| #include <openssl/bio.h> |
| #include <openssl/crypto.h> |
| #include <openssl/err.h> |
| #include <openssl/rand.h> |
| #include <openssl/ssl.h> |
| #include <openssl/x509v3.h> |
| |
| #include "talk/base/common.h" |
| #include "talk/base/logging.h" |
| #include "talk/base/stream.h" |
| #include "talk/base/openssladapter.h" |
| #include "talk/base/opensslidentity.h" |
| #include "talk/base/stringutils.h" |
| |
| namespace talk_base { |
| |
| ////////////////////////////////////////////////////////////////////// |
| // StreamBIO |
| ////////////////////////////////////////////////////////////////////// |
| |
| static int stream_write(BIO* h, const char* buf, int num); |
| static int stream_read(BIO* h, char* buf, int size); |
| static int stream_puts(BIO* h, const char* str); |
| static long stream_ctrl(BIO* h, int cmd, long arg1, void* arg2); |
| static int stream_new(BIO* h); |
| static int stream_free(BIO* data); |
| |
| static BIO_METHOD methods_stream = { |
| BIO_TYPE_BIO, |
| "stream", |
| stream_write, |
| stream_read, |
| stream_puts, |
| 0, |
| stream_ctrl, |
| stream_new, |
| stream_free, |
| NULL, |
| }; |
| |
| static BIO_METHOD* BIO_s_stream() { return(&methods_stream); } |
| |
| static BIO* BIO_new_stream(StreamInterface* stream) { |
| BIO* ret = BIO_new(BIO_s_stream()); |
| if (ret == NULL) |
| return NULL; |
| ret->ptr = stream; |
| return ret; |
| } |
| |
| // bio methods return 1 (or at least non-zero) on success and 0 on failure. |
| |
| static int stream_new(BIO* b) { |
| b->shutdown = 0; |
| b->init = 1; |
| b->num = 0; // 1 means end-of-stream |
| b->ptr = 0; |
| return 1; |
| } |
| |
| static int stream_free(BIO* b) { |
| if (b == NULL) |
| return 0; |
| return 1; |
| } |
| |
| static int stream_read(BIO* b, char* out, int outl) { |
| if (!out) |
| return -1; |
| StreamInterface* stream = static_cast<StreamInterface*>(b->ptr); |
| BIO_clear_retry_flags(b); |
| size_t read; |
| int error; |
| StreamResult result = stream->Read(out, outl, &read, &error); |
| if (result == SR_SUCCESS) { |
| return read; |
| } else if (result == SR_EOS) { |
| b->num = 1; |
| } else if (result == SR_BLOCK) { |
| BIO_set_retry_read(b); |
| } |
| return -1; |
| } |
| |
| static int stream_write(BIO* b, const char* in, int inl) { |
| if (!in) |
| return -1; |
| StreamInterface* stream = static_cast<StreamInterface*>(b->ptr); |
| BIO_clear_retry_flags(b); |
| size_t written; |
| int error; |
| StreamResult result = stream->Write(in, inl, &written, &error); |
| if (result == SR_SUCCESS) { |
| return written; |
| } else if (result == SR_BLOCK) { |
| BIO_set_retry_write(b); |
| } |
| return -1; |
| } |
| |
| static int stream_puts(BIO* b, const char* str) { |
| return stream_write(b, str, strlen(str)); |
| } |
| |
| static long stream_ctrl(BIO* b, int cmd, long num, void* ptr) { |
| UNUSED(num); |
| UNUSED(ptr); |
| |
| switch (cmd) { |
| case BIO_CTRL_RESET: |
| return 0; |
| case BIO_CTRL_EOF: |
| return b->num; |
| case BIO_CTRL_WPENDING: |
| case BIO_CTRL_PENDING: |
| return 0; |
| case BIO_CTRL_FLUSH: |
| return 1; |
| default: |
| return 0; |
| } |
| } |
| |
| ///////////////////////////////////////////////////////////////////////////// |
| // OpenSSLStreamAdapter |
| ///////////////////////////////////////////////////////////////////////////// |
| |
| OpenSSLStreamAdapter::OpenSSLStreamAdapter(StreamInterface* stream) |
| : SSLStreamAdapter(stream), |
| state_(SSL_NONE), |
| role_(SSL_CLIENT), |
| ssl_read_needs_write_(false), ssl_write_needs_read_(false), |
| ssl_(NULL), ssl_ctx_(NULL), |
| custom_verification_succeeded_(false) { |
| } |
| |
| OpenSSLStreamAdapter::~OpenSSLStreamAdapter() { |
| Cleanup(); |
| } |
| |
| void OpenSSLStreamAdapter::SetIdentity(SSLIdentity* identity) { |
| ASSERT(identity_.get() == NULL); |
| identity_.reset(static_cast<OpenSSLIdentity*>(identity)); |
| } |
| |
| void OpenSSLStreamAdapter::SetServerRole() { |
| role_ = SSL_SERVER; |
| } |
| |
| void OpenSSLStreamAdapter::SetPeerCertificate(SSLCertificate* cert) { |
| ASSERT(peer_certificate_.get() == NULL); |
| ASSERT(ssl_server_name_.empty()); |
| peer_certificate_.reset(static_cast<OpenSSLCertificate*>(cert)); |
| } |
| |
| int OpenSSLStreamAdapter::StartSSLWithServer(const char* server_name) { |
| ASSERT(server_name != NULL && server_name[0] != '\0'); |
| ssl_server_name_ = server_name; |
| return StartSSL(); |
| } |
| |
| int OpenSSLStreamAdapter::StartSSLWithPeer() { |
| ASSERT(ssl_server_name_.empty()); |
| // It is permitted to specify peer_certificate_ only later. |
| return StartSSL(); |
| } |
| |
| // |
| // StreamInterface Implementation |
| // |
| |
| StreamResult OpenSSLStreamAdapter::Write(const void* data, size_t data_len, |
| size_t* written, int* error) { |
| LOG(LS_INFO) << "OpenSSLStreamAdapter::Write(" << data_len << ")"; |
| |
| switch (state_) { |
| case SSL_NONE: |
| // pass-through in clear text |
| return StreamAdapterInterface::Write(data, data_len, written, error); |
| |
| case SSL_WAIT: |
| case SSL_CONNECTING: |
| return SR_BLOCK; |
| |
| case SSL_CONNECTED: |
| break; |
| |
| case SSL_ERROR: |
| case SSL_CLOSED: |
| default: |
| if (error) |
| *error = ssl_error_code_; |
| return SR_ERROR; |
| } |
| |
| // OpenSSL will return an error if we try to write zero bytes |
| if (data_len == 0) { |
| if (written) |
| *written = 0; |
| return SR_SUCCESS; |
| } |
| |
| ssl_write_needs_read_ = false; |
| |
| int code = SSL_write(ssl_, data, data_len); |
| switch (SSL_get_error(ssl_, code)) { |
| case SSL_ERROR_NONE: |
| LOG(LS_INFO) << " -- success"; |
| ASSERT(0 < code && static_cast<unsigned>(code) <= data_len); |
| if (written) |
| *written = code; |
| return SR_SUCCESS; |
| case SSL_ERROR_WANT_READ: |
| LOG(LS_INFO) << " -- error want read"; |
| ssl_write_needs_read_ = true; |
| return SR_BLOCK; |
| case SSL_ERROR_WANT_WRITE: |
| LOG(LS_INFO) << " -- error want write"; |
| return SR_BLOCK; |
| |
| case SSL_ERROR_ZERO_RETURN: |
| default: |
| Error("SSL_write", (code ? code : -1), false); |
| if (error) |
| *error = ssl_error_code_; |
| return SR_ERROR; |
| } |
| // not reached |
| } |
| |
| StreamResult OpenSSLStreamAdapter::Read(void* data, size_t data_len, |
| size_t* read, int* error) { |
| LOG(LS_INFO) << "OpenSSLStreamAdapter::Read(" << data_len << ")"; |
| switch (state_) { |
| case SSL_NONE: |
| // pass-through in clear text |
| return StreamAdapterInterface::Read(data, data_len, read, error); |
| |
| case SSL_WAIT: |
| case SSL_CONNECTING: |
| return SR_BLOCK; |
| |
| case SSL_CONNECTED: |
| break; |
| |
| case SSL_CLOSED: |
| return SR_EOS; |
| |
| case SSL_ERROR: |
| default: |
| if (error) |
| *error = ssl_error_code_; |
| return SR_ERROR; |
| } |
| |
| // Don't trust OpenSSL with zero byte reads |
| if (data_len == 0) { |
| if (read) |
| *read = 0; |
| return SR_SUCCESS; |
| } |
| |
| ssl_read_needs_write_ = false; |
| |
| int code = SSL_read(ssl_, data, data_len); |
| switch (SSL_get_error(ssl_, code)) { |
| case SSL_ERROR_NONE: |
| LOG(LS_INFO) << " -- success"; |
| ASSERT(0 < code && static_cast<unsigned>(code) <= data_len); |
| if (read) |
| *read = code; |
| return SR_SUCCESS; |
| case SSL_ERROR_WANT_READ: |
| LOG(LS_INFO) << " -- error want read"; |
| return SR_BLOCK; |
| case SSL_ERROR_WANT_WRITE: |
| LOG(LS_INFO) << " -- error want write"; |
| ssl_read_needs_write_ = true; |
| return SR_BLOCK; |
| case SSL_ERROR_ZERO_RETURN: |
| LOG(LS_INFO) << " -- remote side closed"; |
| return SR_EOS; |
| break; |
| default: |
| LOG(LS_INFO) << " -- error " << code; |
| Error("SSL_read", (code ? code : -1), false); |
| if (error) |
| *error = ssl_error_code_; |
| return SR_ERROR; |
| } |
| // not reached |
| } |
| |
| void OpenSSLStreamAdapter::Close() { |
| Cleanup(); |
| ASSERT(state_ == SSL_CLOSED || state_ == SSL_ERROR); |
| StreamAdapterInterface::Close(); |
| } |
| |
| StreamState OpenSSLStreamAdapter::GetState() const { |
| switch(state_) { |
| case SSL_WAIT: |
| case SSL_CONNECTING: |
| return SS_OPENING; |
| case SSL_CONNECTED: |
| return SS_OPEN; |
| default: |
| return SS_CLOSED; |
| }; |
| // not reached |
| } |
| |
| void OpenSSLStreamAdapter::OnEvent(StreamInterface* stream, int events, |
| int err) { |
| int events_to_signal = 0; |
| int signal_error = 0; |
| ASSERT(stream == this->stream()); |
| if ((events & SE_OPEN)) { |
| LOG(LS_INFO) << "OpenSSLStreamAdapter::OnEvent SE_OPEN"; |
| if (state_ != SSL_WAIT) { |
| ASSERT(state_ == SSL_NONE); |
| events_to_signal |= SE_OPEN; |
| } else { |
| state_ = SSL_CONNECTING; |
| if (int err = BeginSSL()) { |
| Error("BeginSSL", err, true); |
| return; |
| } |
| } |
| } |
| if ((events & (SE_READ|SE_WRITE))) { |
| LOG(LS_INFO) << "OpenSSLStreamAdapter::OnEvent" |
| << ((events & SE_READ) ? " SE_READ" : "") |
| << ((events & SE_WRITE) ? " SE_WRITE" : ""); |
| if (state_ == SSL_NONE) { |
| events_to_signal |= events & (SE_READ|SE_WRITE); |
| } else if (state_ == SSL_CONNECTING) { |
| if (int err = ContinueSSL()) { |
| Error("ContinueSSL", err, true); |
| return; |
| } |
| } else if (state_ == SSL_CONNECTED) { |
| if (((events & SE_READ) && ssl_write_needs_read_) || |
| (events & SE_WRITE)) { |
| LOG(LS_INFO) << " -- onStreamWriteable"; |
| events_to_signal |= SE_WRITE; |
| } |
| if (((events & SE_WRITE) && ssl_read_needs_write_) || |
| (events & SE_READ)) { |
| LOG(LS_INFO) << " -- onStreamReadable"; |
| events_to_signal |= SE_READ; |
| } |
| } |
| } |
| if ((events & SE_CLOSE)) { |
| LOG(LS_INFO) << "OpenSSLStreamAdapter::OnEvent(SE_CLOSE, " << err << ")"; |
| Cleanup(); |
| events_to_signal |= SE_CLOSE; |
| // SE_CLOSE is the only event that uses the final parameter to OnEvent(). |
| ASSERT(signal_error == 0); |
| signal_error = err; |
| } |
| if(events_to_signal) |
| StreamAdapterInterface::OnEvent(stream, events_to_signal, signal_error); |
| } |
| |
| int OpenSSLStreamAdapter::StartSSL() { |
| ASSERT(state_ == SSL_NONE); |
| |
| if (StreamAdapterInterface::GetState() != SS_OPEN) { |
| state_ = SSL_WAIT; |
| return 0; |
| } |
| |
| state_ = SSL_CONNECTING; |
| if (int err = BeginSSL()) { |
| Error("BeginSSL", err, false); |
| return err; |
| } |
| |
| return 0; |
| } |
| |
| int OpenSSLStreamAdapter::BeginSSL() { |
| ASSERT(state_ == SSL_CONNECTING); |
| // The underlying stream has open. If we are in peer-to-peer mode |
| // then a peer certificate must have been specified by now. |
| ASSERT(!ssl_server_name_.empty() || peer_certificate_.get() != NULL); |
| LOG(LS_INFO) << "BeginSSL: " |
| << (!ssl_server_name_.empty() ? ssl_server_name_ : |
| "with peer"); |
| |
| BIO* bio = NULL; |
| |
| // First set up the context |
| ASSERT(ssl_ctx_ == NULL); |
| ssl_ctx_ = SetupSSLContext(); |
| if (!ssl_ctx_) |
| return -1; |
| |
| bio = BIO_new_stream(static_cast<StreamInterface*>(stream())); |
| if (!bio) |
| return -1; |
| |
| ssl_ = SSL_new(ssl_ctx_); |
| if (!ssl_) { |
| BIO_free(bio); |
| return -1; |
| } |
| |
| SSL_set_app_data(ssl_, this); |
| |
| SSL_set_bio(ssl_, bio, bio); // the SSL object owns the bio now. |
| |
| SSL_set_mode(ssl_, SSL_MODE_ENABLE_PARTIAL_WRITE | |
| SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); |
| |
| // Do the connect |
| return ContinueSSL(); |
| } |
| |
| int OpenSSLStreamAdapter::ContinueSSL() { |
| LOG(LS_INFO) << "ContinueSSL"; |
| ASSERT(state_ == SSL_CONNECTING); |
| |
| int code = (role_ == SSL_CLIENT) ? SSL_connect(ssl_) : SSL_accept(ssl_); |
| switch (SSL_get_error(ssl_, code)) { |
| case SSL_ERROR_NONE: |
| LOG(LS_INFO) << " -- success"; |
| |
| if (!SSLPostConnectionCheck(ssl_, ssl_server_name_.c_str(), |
| peer_certificate_.get() != NULL |
| ? peer_certificate_->x509() : NULL)) { |
| LOG(LS_ERROR) << "TLS post connection check failed"; |
| return -1; |
| } |
| |
| state_ = SSL_CONNECTED; |
| StreamAdapterInterface::OnEvent(stream(), SE_OPEN|SE_READ|SE_WRITE, 0); |
| break; |
| |
| case SSL_ERROR_WANT_READ: |
| LOG(LS_INFO) << " -- error want read"; |
| break; |
| |
| case SSL_ERROR_WANT_WRITE: |
| LOG(LS_INFO) << " -- error want write"; |
| break; |
| |
| case SSL_ERROR_ZERO_RETURN: |
| default: |
| LOG(LS_INFO) << " -- error " << code; |
| return (code != 0) ? code : -1; |
| } |
| |
| return 0; |
| } |
| |
| void OpenSSLStreamAdapter::Error(const char* context, int err, bool signal) { |
| LOG(LS_WARNING) << "OpenSSLStreamAdapter::Error(" |
| << context << ", " << err << ")"; |
| state_ = SSL_ERROR; |
| ssl_error_code_ = err; |
| Cleanup(); |
| if (signal) |
| StreamAdapterInterface::OnEvent(stream(), SE_CLOSE, err); |
| } |
| |
| void OpenSSLStreamAdapter::Cleanup() { |
| LOG(LS_INFO) << "Cleanup"; |
| |
| if (state_ != SSL_ERROR) { |
| state_ = SSL_CLOSED; |
| ssl_error_code_ = 0; |
| } |
| |
| if (ssl_) { |
| SSL_free(ssl_); |
| ssl_ = NULL; |
| } |
| if (ssl_ctx_) { |
| SSL_CTX_free(ssl_ctx_); |
| ssl_ctx_ = NULL; |
| } |
| identity_.reset(); |
| peer_certificate_.reset(); |
| } |
| |
| SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() { |
| SSL_CTX* ctx = SSL_CTX_new(role_ == SSL_CLIENT ? TLSv1_client_method() |
| : TLSv1_server_method()); |
| if (ctx == NULL) |
| return NULL; |
| |
| if (identity_.get() && !identity_->ConfigureIdentity(ctx)) { |
| SSL_CTX_free(ctx); |
| return NULL; |
| } |
| |
| if (peer_certificate_.get() == NULL) { // traditional mode |
| // Add the root cert to the SSL context |
| if(!OpenSSLAdapter::ConfigureTrustedRootCertificates(ctx)) { |
| SSL_CTX_free(ctx); |
| return NULL; |
| } |
| } |
| |
| if (peer_certificate_.get() != NULL && role_ == SSL_SERVER) |
| // we must specify which client cert to ask for |
| SSL_CTX_add_client_CA(ctx, peer_certificate_->x509()); |
| |
| #ifdef _DEBUG |
| SSL_CTX_set_info_callback(ctx, OpenSSLAdapter::SSLInfoCallback); |
| #endif |
| |
| SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER |SSL_VERIFY_FAIL_IF_NO_PEER_CERT, |
| SSLVerifyCallback); |
| SSL_CTX_set_verify_depth(ctx, 4); |
| SSL_CTX_set_cipher_list(ctx, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"); |
| |
| return ctx; |
| } |
| |
| int OpenSSLStreamAdapter::SSLVerifyCallback(int ok, X509_STORE_CTX* store) { |
| #if _DEBUG |
| if (!ok) { |
| char data[256]; |
| X509* cert = X509_STORE_CTX_get_current_cert(store); |
| int depth = X509_STORE_CTX_get_error_depth(store); |
| int err = X509_STORE_CTX_get_error(store); |
| |
| LOG(LS_INFO) << "Error with certificate at depth: " << depth; |
| X509_NAME_oneline(X509_get_issuer_name(cert), data, sizeof(data)); |
| LOG(LS_INFO) << " issuer = " << data; |
| X509_NAME_oneline(X509_get_subject_name(cert), data, sizeof(data)); |
| LOG(LS_INFO) << " subject = " << data; |
| LOG(LS_INFO) << " err = " << err |
| << ":" << X509_verify_cert_error_string(err); |
| } |
| #endif |
| |
| // Get our SSL structure from the store |
| SSL* ssl = reinterpret_cast<SSL*>(X509_STORE_CTX_get_ex_data( |
| store, |
| SSL_get_ex_data_X509_STORE_CTX_idx())); |
| |
| OpenSSLStreamAdapter* stream = |
| reinterpret_cast<OpenSSLStreamAdapter*>(SSL_get_app_data(ssl)); |
| |
| // In peer-to-peer mode, no root cert / certificate authority was |
| // specified, so the libraries knows of no certificate to accept, |
| // and therefore it will necessarily call here on the first cert it |
| // tries to verify. |
| if (!ok && stream->peer_certificate_.get() != NULL) { |
| X509* cert = X509_STORE_CTX_get_current_cert(store); |
| int err = X509_STORE_CTX_get_error(store); |
| // peer-to-peer mode: allow the certificate to be self-signed, |
| // assuming it matches the cert that was specified. |
| if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT && |
| X509_cmp(cert, stream->peer_certificate_->x509()) == 0) { |
| LOG(LS_INFO) << "Accepted self-signed peer certificate authority"; |
| ok = 1; |
| } |
| } else if (!ok && OpenSSLAdapter::custom_verify_callback_) { |
| // this applies only in traditional mode |
| void* cert = |
| reinterpret_cast<void*>(X509_STORE_CTX_get_current_cert(store)); |
| if (OpenSSLAdapter::custom_verify_callback_(cert)) { |
| stream->custom_verification_succeeded_ = true; |
| LOG(LS_INFO) << "validated certificate using custom callback"; |
| ok = 1; |
| } |
| } |
| |
| if (!ok && stream->ignore_bad_cert()) { |
| LOG(LS_WARNING) << "Ignoring cert error while verifying cert chain"; |
| ok = 1; |
| } |
| |
| return ok; |
| } |
| |
| // This code is taken from the "Network Security with OpenSSL" |
| // sample in chapter 5 |
| bool OpenSSLStreamAdapter::SSLPostConnectionCheck(SSL* ssl, |
| const char* server_name, |
| const X509* peer_cert) { |
| ASSERT(server_name != NULL); |
| bool ok; |
| if(server_name[0] != '\0') { // traditional mode |
| ok = OpenSSLAdapter::VerifyServerName(ssl, server_name, ignore_bad_cert()); |
| |
| if (ok) { |
| ok = (SSL_get_verify_result(ssl) == X509_V_OK || |
| custom_verification_succeeded_); |
| } |
| } else { // peer-to-peer mode |
| ASSERT(peer_cert != NULL); |
| // no server name validation |
| ok = true; |
| } |
| |
| if (!ok && ignore_bad_cert()) { |
| LOG(LS_ERROR) << "SSL_get_verify_result(ssl) = " |
| << SSL_get_verify_result(ssl); |
| LOG(LS_INFO) << "Other TLS post connection checks failed."; |
| ok = true; |
| } |
| |
| return ok; |
| } |
| |
| } // namespace talk_base |
| |
| #endif // HAVE_OPENSSL_SSL_H |