aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls/openssl.c
AgeCommit message (Collapse)Author
2018-01-03openssl: fix memory leak of SSLKEYLOGFILE filenameJay Satiro
- Free the copy of SSLKEYLOGFILE env returned by curl_getenv during ossl initialization. Caught by ASAN.
2017-12-10openssl: Disable file buffering for Win32 SSLKEYLOGFILEJay Satiro
Prior to this change SSLKEYLOGFILE used line buffering on WIN32 just like it does for other platforms. However, the Windows CRT does not actually support line buffering (_IOLBF) and will use full buffering (_IOFBF) instead. We can't use full buffering because multiple processes may be writing to the file and that could lead to corruption, and since full buffering is the only buffering available this commit disables buffering for Windows SSLKEYLOGFILE entirely (_IONBF). Ref: https://github.com/curl/curl/pull/1346#issuecomment-350530901
2017-12-08openssl: improve data-pending check for https proxyJay Satiro
- Allow proxy_ssl to be checked for pending data even when connssl does not yet have an SSL handle. This change is for posterity. Currently there doesn't seem to be a code path that will cause a pending data check when proxyssl could have pending data and the connssl handle doesn't yet exist [1]. [1]: Recall that an https proxy connection starts out in connssl but if the destination is also https then the proxy SSL backend data is moved from connssl to proxyssl, which means connssl handle is temporarily empty until an SSL handle for the destination can be created. Ref: https://github.com/curl/curl/commit/f4a6238#commitcomment-24396542 Closes https://github.com/curl/curl/pull/1916
2017-12-02openssl: pkcs12 is supported by boringsslDaniel Stenberg
Removes another #ifdef for BoringSSL Pointed-out-by: David Benjamin Closes #2134
2017-11-27openssl: fix boringssl build againDaniel Stenberg
commit d3ab7c5a21e broke the boringssl build since it doesn't have RSA_flags(), so we disable that code block for boringssl builds. Reported-by: W. Mark Kubacki Fixes #2117
2017-11-21openssl: fix "Value stored to 'rc' is never read" scan-build errorDaniel Stenberg
2017-11-15openssl: fix too broad use of HAVE_OPAQUE_EVP_PKEYDirk Feytons
Fixes #2079 Closes #2081
2017-10-25time: rename Curl_tvnow to Curl_nowDaniel Stenberg
... since the 'tv' stood for timeval and this function does not return a timeval struct anymore. Also, cleaned up the Curl_timediff*() functions to avoid typecasts and clean up the descriptive comments. Closes #2011
2017-10-25timediff: return timediff_t from the time diff functionsDaniel Stenberg
... to cater for systems with unsigned time_t variables. - Renamed the functions to curlx_timediff and Curl_timediff_us. - Added overflow protection for both of them in either direction for both 32 bit and 64 bit time_ts - Reprefixed the curlx_time functions to use Curl_* Reported-by: Peter Piekarski Fixes #2004 Closes #2005
2017-10-19vtls: change struct Curl_ssl `close' field name to `close_one'.Patrick Monnerat
On OS/400, `close' is an ASCII system macro that corrupts the code if not used in a context not targetting the close() system API.
2017-10-11openssl: don't use old BORINGSSL_YYYYMM macrosDavid Benjamin
Those were temporary things we'd add and remove for our own convenience long ago. The last few stayed around for too long as an oversight but have since been removed. These days we have a running BORINGSSL_API_VERSION counter which is bumped when we find it convenient, but 2015-11-19 was quite some time ago, so just check OPENSSL_IS_BORINGSSL. Closes #1979
2017-10-09openssl: enable PKCS12 support for !BoringSSLDaniel Stenberg
Enable PKCS12 for all non-boringssl builds without relying on configure or cmake checks. Bug: https://curl.haxx.se/mail/lib-2017-10/0007.html Reported-by: Christian Schmitz Closes #1948
2017-10-06openssl: fix build without HAVE_OPAQUE_EVP_PKEYDaniel Stenberg
Reported-by: Javier Sixto Fixes #1955 Closes #1956
2017-09-21openssl: only verify RSA private key if supportedDirk Feytons
In some cases the RSA key does not support verifying it because it's located on a smart card, an engine wants to hide it, ... Check the flags on the key before trying to verify it. OpenSSL does the same thing internally; see ssl/ssl_rsa.c Closes #1904
2017-09-16openssl: add missing includesDavid Benjamin
lib/vtls/openssl.c uses OpenSSL APIs from BUF_MEM and BIO APIs. Include their headers directly rather than relying on other OpenSSL headers including things. Closes https://github.com/curl/curl/pull/1891
2017-09-15conversions: fix several compiler warningsDaniel Stenberg
2017-09-11code style: use spaces around plusesDaniel Stenberg
2017-09-11code style: use spaces around equals signsDaniel Stenberg
2017-09-07OpenSSL: fix yet another mistake while encapsulating SSL backend dataJohannes Schindelin
Another mistake in my manual fixups of the largely mechanical search-and-replace ("connssl->" -> "BACKEND->"), just like the previous commit concerning HTTPS proxies (and hence not caught during my earlier testing). Fixes #1855 Closes #1871 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-09-07OpenSSL: fix erroneous SSL backend encapsulationJohannes Schindelin
In d65e6cc4f (vtls: prepare the SSL backends for encapsulated private data, 2017-06-21), this developer prepared for a separation of the private data of the SSL backends from the general connection data. This conversion was partially automated (search-and-replace) and partially manual (e.g. proxy_ssl's backend data). Sadly, there was a crucial error in the manual part, where the wrong handle was used: rather than connecting ssl[sockindex]' BIO to the proxy_ssl[sockindex]', we reconnected proxy_ssl[sockindex]. The reason was an incorrect location to paste "BACKEND->"... d'oh. Reported by Jay Satiro in https://github.com/curl/curl/issues/1855. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-09-05openssl: Integrate Peter Wu's SSLKEYLOGFILE implementationJay Satiro
This is an adaptation of 2 of Peter Wu's SSLKEYLOGFILE implementations. The first one, written for old OpenSSL versions: https://git.lekensteyn.nl/peter/wireshark-notes/tree/src/sslkeylog.c The second one, written for BoringSSL and new OpenSSL versions: https://github.com/curl/curl/pull/1346 Note the first one is GPL licensed but the author gave permission to waive that license for libcurl. As of right now this feature is disabled by default, and does not have a configure option to enable it. To enable this feature define ENABLE_SSLKEYLOGFILE when building libcurl and set environment variable SSLKEYLOGFILE to a pathname that will receive the keys. And in Wireshark change your preferences to point to that key file: Edit > Preferences > Protocols > SSL > Master-Secret Co-authored-by: Peter Wu Ref: https://github.com/curl/curl/pull/1030 Ref: https://github.com/curl/curl/pull/1346 Closes https://github.com/curl/curl/pull/1866
2017-09-05openssl: use OpenSSL's default ciphers by defaultKamil Dudka
Up2date versions of OpenSSL maintain the default reasonably secure without breaking compatibility, so it is better not to override the default by curl. Suggested at https://bugzilla.redhat.com/1483972 Closes #1846
2017-08-28vtls: refactor out essential information about the SSL backendsJohannes Schindelin
There is information about the compiled-in SSL backends that is really no concern of any code other than the SSL backend itself, such as which function (if any) implements SHA-256 summing. And there is information that is really interesting to the user, such as the name, or the curl_sslbackend value. Let's factor out the latter into a publicly visible struct. This information will be used in the upcoming API to set the SSL backend globally. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: allow selecting which SSL backend to use at runtimeJohannes Schindelin
When building software for the masses, it is sometimes not possible to decide for all users which SSL backend is appropriate. Git for Windows, for example, uses cURL to perform clones, fetches and pushes via HTTPS, and some users strongly prefer OpenSSL, while other users really need to use Secure Channel because it offers enterprise-ready tools to manage credentials via Windows' Credential Store. The current Git for Windows versions use the ugly work-around of building libcurl once with OpenSSL support and once with Secure Channel support, and switching out the binaries in the installer depending on the user's choice. Needless to say, this is a super ugly workaround that actually only works in some cases: Git for Windows also comes in a portable form, and in a form intended for third-party applications requiring Git functionality, in which cases this "swap out libcurl-4.dll" simply is not an option. Therefore, the Git for Windows project has a vested interest in teaching cURL to make the SSL backend a *runtime* option. This patch makes that possible. By running ./configure with multiple --with-<backend> options, cURL will be built with multiple backends. For the moment, the backend can be configured using the environment variable CURL_SSL_BACKEND (valid values are e.g. "openssl" and "schannel"). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: fold the backend ID into the Curl_ssl structureJohannes Schindelin
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: encapsulate SSL backend-specific dataJohannes Schindelin
So far, all of the SSL backends' private data has been declared as part of the ssl_connect_data struct, in one big #if .. #elif .. #endif block. This can only work as long as the SSL backend is a compile-time option, something we want to change in the next commits. Therefore, let's encapsulate the exact data needed by each SSL backend into a private struct, and let's avoid bleeding any SSL backend-specific information into urldata.h. This is also necessary to allow multiple SSL backends to be compiled in at the same time, as e.g. OpenSSL's and CyaSSL's headers cannot be included in the same .c file. To avoid too many malloc() calls, we simply append the private structs to the connectdata struct in allocate_conn(). This requires us to take extra care of alignment issues: struct fields often need to be aligned on certain boundaries e.g. 32-bit values need to be stored at addresses that divide evenly by 4 (= 32 bit / 8 bit-per-byte). We do that by assuming that no SSL backend's private data contains any fields that need to be aligned on boundaries larger than `long long` (typically 64-bit) would need. Under this assumption, we simply add a dummy field of type `long long` to the `struct connectdata` struct. This field will never be accessed but acts as a placeholder for the four instances of ssl_backend_data instead. the size of each ssl_backend_data struct is stored in the SSL backend-specific metadata, to allow allocate_conn() to know how much extra space to allocate, and how to initialize the ssl[sockindex]->backend and proxy_ssl[sockindex]->backend pointers. This would appear to be a little complicated at first, but is really necessary to encapsulate the private data of each SSL backend correctly. And we need to encapsulate thusly if we ever want to allow selecting CyaSSL and OpenSSL at runtime, as their headers cannot be included within the same .c file (there are just too many conflicting definitions and declarations for that). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: prepare the SSL backends for encapsulated private dataJohannes Schindelin
At the moment, cURL's SSL backend needs to be configured at build time. As such, it is totally okay for them to hard-code their backend-specific data in the ssl_connect_data struct. In preparation for making the SSL backend a runtime option, let's make the access of said private data a bit more abstract so that it can be adjusted later in an easy manner. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28getinfo: access SSL internals via Curl_sslJohannes Schindelin
In the ongoing endeavor to abstract out all SSL backend-specific functionality, this is the next step: Instead of hard-coding how the different SSL backends access their internal data in getinfo.c, let's implement backend-specific functions to do that task. This will also allow for switching SSL backends as a runtime option. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: move SSL backends' private constants out of their header filesJohannes Schindelin
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: remove obsolete declarations of SSL backend functionalityJohannes Schindelin
These functions are all available via the Curl_ssl struct now, no need to declare them separately anymore. As the global declarations are removed, the corresponding function definitions are marked as file-local. The only two exceptions here are Curl_mbedtls_shutdown() and Curl_polarssl_shutdown(): only the declarations were removed, there are no function definitions to mark file-local. Please note that Curl_nss_force_init() is *still* declared globally, as the only SSL backend-specific function, because it was introduced specifically for the use case where cURL was compiled with `--without-ssl --with-nss`. For details, see f3b77e561 (http_ntlm: add support for NSS, 2010-06-27). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: move the SUPPORT_HTTPS_PROXY flag into the Curl_ssl structJohannes Schindelin
That will allow us to choose the SSL backend at runtime. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: convert the have_curlssl_* constants to runtime flagsJohannes Schindelin
The entire idea of introducing the Curl_ssl struct to describe SSL backends is to prepare for choosing the SSL backend at runtime. To that end, convert all the #ifdef have_curlssl_* style conditionals to use bit flags instead. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: move sha256sum into the Curl_ssl structJohannes Schindelin
The SHA-256 checksumming is also an SSL backend-specific function. Let's include it in the struct declaring the functionality of SSL backends. In contrast to MD5, there is no fall-back code. To indicate this, the respective entries are NULL for those backends that offer no support for SHA-256 checksumming. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: move md5sum into the Curl_ssl structJohannes Schindelin
The MD5 summing is also an SSL backend-specific function. So let's include it, offering the previous fall-back code as a separate function now: Curl_none_md5sum(). To allow for that, the signature had to be changed so that an error could be returned from the implementation (Curl_none_md5sum() can run out of memory). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: use the Curl_ssl struct to access all SSL backends' functionalityJohannes Schindelin
This is the first step to unify the SSL backend handling. Now all the SSL backend-specific functionality is accessed via a global instance of the Curl_ssl struct. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: declare Curl_ssl structs for every SSL backendJohannes Schindelin
The idea of introducing the Curl_ssl struct was to unify how the SSL backends are declared and called. To this end, we now provide an instance of the Curl_ssl struct for each and every SSL backend. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-11openssl: fix "error: this statement may fall through"Daniel Stenberg
A gcc7 warning.
2017-08-11openssl: remove CONST_ASN1_BIT_STRING.David Benjamin
Just making the pointer as const works for the pre-1.1.0 path too. Closes #1759
2017-07-28timeval: struct curltime is a struct timeval replacementDaniel Stenberg
... to make all libcurl internals able to use the same data types for the struct members. The timeval struct differs subtly on several platforms so it makes it cumbersome to use everywhere. Ref: #1652 Closes #1693
2017-06-30openssl: improve fallback seed of PRNG with a time based hashdmitrykos
Fixes #1620
2017-06-16HTTPS-Proxy: don't offer h2 for https proxy connectionsJay Satiro
Bug: https://github.com/curl/curl/issues/1254 Closes #1546
2017-06-13libressl: OCSP and intermediate certs workaround no longer neededStuart Henderson
lib/vtls/openssl.c has a workaround for a bug with OCSP responses signed by intermediate certs, this was fixed in LibreSSL in https://github.com/libressl-portable/openbsd/commit/912c64f68f7ac4f225b7d1fdc8fbd43168912ba0 Bug: https://curl.haxx.se/mail/lib-2017-06/0038.html
2017-05-01openssl: use local stack for temp storageDaniel Stenberg
2017-04-20openssl: fix memory leak in servercertDaniel Stenberg
... when failing to get the server certificate.
2017-04-18TLS: Fix switching off SSL session id when client cert is usedJay Satiro
Move the sessionid flag to ssl_primary_config so that ssl and proxy_ssl will each have their own sessionid flag. Regression since HTTPS-Proxy support was added in cb4e2be. Prior to that this issue had been fixed in 247d890, CVE-2016-5419. Bug: https://github.com/curl/curl/issues/1341 Reported-by: lijian996@users.noreply.github.com The new incarnation of this bug is called CVE-2017-7468 and is documented here: https://curl.haxx.se/docs/adv_20170419.html
2017-04-17openssl: don't try to print nonexistant peer private keysDavid Benjamin
X.509 certificates carry public keys, not private keys. Fields corresponding to the private half of the key will always be NULL. Closes #1425
2017-04-17openssl: fix thread-safety bugs in error-handlingDavid Benjamin
ERR_error_string with NULL parameter is not thread-safe. The library writes the string into some static buffer. Two threads doing this at once may clobber each other and run into problems. Switch to ERR_error_string_n which avoids this problem and is explicitly bounds-checked. Also clean up some remnants of OpenSSL 0.9.5 around here. A number of comments (fixed buffer size, explaining that ERR_error_string_n was added in a particular version) date to when ossl_strerror tried to support pre-ERR_error_string_n OpenSSLs. Closes #1424
2017-04-17openssl: make SSL_ERROR_to_str more future-proofDavid Benjamin
Rather than making assumptions about the values, use a switch-case. Closes #1424
2017-04-10openssl: fix this statement may fall through [-Wimplicit-fallthrough=]Alexis La Goutte
Closes #1402
2017-04-08vtls: fix unreferenced variable warningsMarcel Raad
... by moving the variables into the correct #ifdef block.