aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls/schannel.c
AgeCommit message (Collapse)Author
2017-09-04schannel: return CURLE_SSL_CACERT on failed verificationDaniel Stenberg
... not *CACERT_BADFILE as it isn't really because of a bad file. Bug: https://curl.haxx.se/mail/lib-2017-09/0002.html Closes #1858
2017-08-28vtls: refactor out essential information about the SSL backendsJohannes Schindelin
There is information about the compiled-in SSL backends that is really no concern of any code other than the SSL backend itself, such as which function (if any) implements SHA-256 summing. And there is information that is really interesting to the user, such as the name, or the curl_sslbackend value. Let's factor out the latter into a publicly visible struct. This information will be used in the upcoming API to set the SSL backend globally. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: allow selecting which SSL backend to use at runtimeJohannes Schindelin
When building software for the masses, it is sometimes not possible to decide for all users which SSL backend is appropriate. Git for Windows, for example, uses cURL to perform clones, fetches and pushes via HTTPS, and some users strongly prefer OpenSSL, while other users really need to use Secure Channel because it offers enterprise-ready tools to manage credentials via Windows' Credential Store. The current Git for Windows versions use the ugly work-around of building libcurl once with OpenSSL support and once with Secure Channel support, and switching out the binaries in the installer depending on the user's choice. Needless to say, this is a super ugly workaround that actually only works in some cases: Git for Windows also comes in a portable form, and in a form intended for third-party applications requiring Git functionality, in which cases this "swap out libcurl-4.dll" simply is not an option. Therefore, the Git for Windows project has a vested interest in teaching cURL to make the SSL backend a *runtime* option. This patch makes that possible. By running ./configure with multiple --with-<backend> options, cURL will be built with multiple backends. For the moment, the backend can be configured using the environment variable CURL_SSL_BACKEND (valid values are e.g. "openssl" and "schannel"). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: fold the backend ID into the Curl_ssl structureJohannes Schindelin
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: encapsulate SSL backend-specific dataJohannes Schindelin
So far, all of the SSL backends' private data has been declared as part of the ssl_connect_data struct, in one big #if .. #elif .. #endif block. This can only work as long as the SSL backend is a compile-time option, something we want to change in the next commits. Therefore, let's encapsulate the exact data needed by each SSL backend into a private struct, and let's avoid bleeding any SSL backend-specific information into urldata.h. This is also necessary to allow multiple SSL backends to be compiled in at the same time, as e.g. OpenSSL's and CyaSSL's headers cannot be included in the same .c file. To avoid too many malloc() calls, we simply append the private structs to the connectdata struct in allocate_conn(). This requires us to take extra care of alignment issues: struct fields often need to be aligned on certain boundaries e.g. 32-bit values need to be stored at addresses that divide evenly by 4 (= 32 bit / 8 bit-per-byte). We do that by assuming that no SSL backend's private data contains any fields that need to be aligned on boundaries larger than `long long` (typically 64-bit) would need. Under this assumption, we simply add a dummy field of type `long long` to the `struct connectdata` struct. This field will never be accessed but acts as a placeholder for the four instances of ssl_backend_data instead. the size of each ssl_backend_data struct is stored in the SSL backend-specific metadata, to allow allocate_conn() to know how much extra space to allocate, and how to initialize the ssl[sockindex]->backend and proxy_ssl[sockindex]->backend pointers. This would appear to be a little complicated at first, but is really necessary to encapsulate the private data of each SSL backend correctly. And we need to encapsulate thusly if we ever want to allow selecting CyaSSL and OpenSSL at runtime, as their headers cannot be included within the same .c file (there are just too many conflicting definitions and declarations for that). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: prepare the SSL backends for encapsulated private dataJohannes Schindelin
At the moment, cURL's SSL backend needs to be configured at build time. As such, it is totally okay for them to hard-code their backend-specific data in the ssl_connect_data struct. In preparation for making the SSL backend a runtime option, let's make the access of said private data a bit more abstract so that it can be adjusted later in an easy manner. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28getinfo: access SSL internals via Curl_sslJohannes Schindelin
In the ongoing endeavor to abstract out all SSL backend-specific functionality, this is the next step: Instead of hard-coding how the different SSL backends access their internal data in getinfo.c, let's implement backend-specific functions to do that task. This will also allow for switching SSL backends as a runtime option. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: move SSL backends' private constants out of their header filesJohannes Schindelin
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: remove obsolete declarations of SSL backend functionalityJohannes Schindelin
These functions are all available via the Curl_ssl struct now, no need to declare them separately anymore. As the global declarations are removed, the corresponding function definitions are marked as file-local. The only two exceptions here are Curl_mbedtls_shutdown() and Curl_polarssl_shutdown(): only the declarations were removed, there are no function definitions to mark file-local. Please note that Curl_nss_force_init() is *still* declared globally, as the only SSL backend-specific function, because it was introduced specifically for the use case where cURL was compiled with `--without-ssl --with-nss`. For details, see f3b77e561 (http_ntlm: add support for NSS, 2010-06-27). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28schannel: reorder functions topologicallyJohannes Schindelin
The _shutdown() function calls the _session_free() function; While this is not a problem now (because schannel.h declares both functions), a patch looming in the immediate future with make all of these functions file-local. So let's just move the _session_free() function's definition before it is called. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: move the SUPPORT_HTTPS_PROXY flag into the Curl_ssl structJohannes Schindelin
That will allow us to choose the SSL backend at runtime. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: convert the have_curlssl_* constants to runtime flagsJohannes Schindelin
The entire idea of introducing the Curl_ssl struct to describe SSL backends is to prepare for choosing the SSL backend at runtime. To that end, convert all the #ifdef have_curlssl_* style conditionals to use bit flags instead. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: move sha256sum into the Curl_ssl structJohannes Schindelin
The SHA-256 checksumming is also an SSL backend-specific function. Let's include it in the struct declaring the functionality of SSL backends. In contrast to MD5, there is no fall-back code. To indicate this, the respective entries are NULL for those backends that offer no support for SHA-256 checksumming. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: move md5sum into the Curl_ssl structJohannes Schindelin
The MD5 summing is also an SSL backend-specific function. So let's include it, offering the previous fall-back code as a separate function now: Curl_none_md5sum(). To allow for that, the signature had to be changed so that an error could be returned from the implementation (Curl_none_md5sum() can run out of memory). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: use the Curl_ssl struct to access all SSL backends' functionalityJohannes Schindelin
This is the first step to unify the SSL backend handling. Now all the SSL backend-specific functionality is accessed via a global instance of the Curl_ssl struct. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: declare Curl_ssl structs for every SSL backendJohannes Schindelin
The idea of introducing the Curl_ssl struct was to unify how the SSL backends are declared and called. To this end, we now provide an instance of the Curl_ssl struct for each and every SSL backend. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: use consistent signature for _random() implementationsJohannes Schindelin
This will make the upcoming multissl backend much easier to implement. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-05-04schannel: return a more specific error code for SEC_E_UNTRUSTED_ROOTDan Fandrich
2017-04-22schannel: Don't treat encrypted partial record as pending dataJay Satiro
- Track when the cached encrypted data contains only a partial record that can't be decrypted without more data (SEC_E_INCOMPLETE_MESSAGE). - Change Curl_schannel_data_pending to return false in such a case. Other SSL libraries have pending data functions that behave similarly. Ref: https://github.com/curl/curl/pull/1387 Closes https://github.com/curl/curl/pull/1392
2017-04-18TLS: Fix switching off SSL session id when client cert is usedJay Satiro
Move the sessionid flag to ssl_primary_config so that ssl and proxy_ssl will each have their own sessionid flag. Regression since HTTPS-Proxy support was added in cb4e2be. Prior to that this issue had been fixed in 247d890, CVE-2016-5419. Bug: https://github.com/curl/curl/issues/1341 Reported-by: lijian996@users.noreply.github.com The new incarnation of this bug is called CVE-2017-7468 and is documented here: https://curl.haxx.se/docs/adv_20170419.html
2017-04-07schannel: fix compiler warningsMarcel Raad
When UNICODE is not defined, the Curl_convert_UTF8_to_tchar macro maps directly to its argument. As it is declared as a pointer to const and InitializeSecurityContext expects a pointer to non-const, both MSVC and MinGW issue a warning about implicitly casting away the const. Fix this by declaring the variables as pointers to non-const. Closes https://github.com/curl/curl/pull/1394
2017-03-30schannel: fix unused variable warningMarcel Raad
If CURL_DISABLE_VERBOSE_STRINGS is defined, hostname is not used in schannel_connect_step3.
2017-03-28schannel: fix variable shadowing warningMarcel Raad
No need to redeclare the variable.
2017-03-08vtls: add options to specify range of enabled TLS versionsJozef Kralik
This commit introduces the CURL_SSLVERSION_MAX_* constants as well as the --tls-max option of the curl tool. Closes https://github.com/curl/curl/pull/1166
2017-02-07schannel: Remove incorrect SNI disabled messageJDepooter
- Remove the SNI disabled when host verification disabled message since that is incorrect. - Show a message for legacy versions of Windows <= XP that connections may fail since those versions of WinSSL lack SNI, algorithms, etc. Bug: https://github.com/curl/curl/pull/1240
2017-01-12rand: make it work without TLS backingDaniel Stenberg
Regression introduced in commit f682156a4fc6c4 Reported-by: John Kohl Bug: https://curl.haxx.se/mail/lib-2017-01/0055.html
2016-12-19schannel: fix wildcard cert name validation on Win CEDan McNulty
Fixes a few issues in manual wildcard cert name validation in schannel support code for Win32 CE: - when comparing the wildcard name to the hostname, the wildcard character was removed from the cert name and the hostname was checked to see if it ended with the modified cert name. This allowed cert names like *.com to match the connection hostname. This violates recommendations from RFC 6125. - when the wildcard name in the certificate is longer than the connection hostname, a buffer overread of the connection hostname buffer would occur during the comparison of the certificate name and the connection hostname.
2016-11-24checksrc: white space edits to comply to stricter checksrcDaniel Stenberg
2016-11-24checksrc: code style: use 'char *name' styleDaniel Stenberg
2016-11-24HTTPS-proxy: fixed mbedtls and polishingOkhin Vasilij
2016-11-24proxy: Support HTTPS proxy and SOCKS+HTTP(s)Alex Rousskov
* HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-19vtls: fix build warningsMarcel Raad
Fix warnings about conversions from long to time_t in openssl.c and schannel.c. Follow-up to de4de4e3c7c
2016-11-09vtls: Fail on unrecognized param for CURLOPT_SSLVERSIONJay Satiro
- Fix GnuTLS code for CURL_SSLVERSION_TLSv1_2 that broke when the TLS 1.3 support was added in 6ad3add. - Homogenize across code for all backends the error message when TLS 1.3 is not available to "<backend>: TLS 1.3 is not yet supported". - Return an error when a user-specified ssl version is unrecognized. --- Prior to this change our code for some of the backends used the 'default' label in the switch statement (ie ver unrecognized) for ssl.version and treated it the same as CURL_SSLVERSION_DEFAULT. Bug: https://curl.haxx.se/mail/lib-2016-11/0048.html Reported-by: Kamil Dudka
2016-11-07vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3Kamil Dudka
Fully implemented with the NSS backend only for now. Reviewed-by: Ray Satiro
2016-10-18select: switch to macros in uppercaseDaniel Stenberg
Curl_select_ready() was the former API that was replaced with Curl_select_check() a while back and the former arg setup was provided with a define (in order to leave existing code unmodified). Now we instead offer SOCKET_READABLE and SOCKET_WRITABLE for the most common shortcuts where only one socket is checked. They're also more visibly macros.
2016-08-26schannel: Disable ALPN for Wine since it is causing problemsJay Satiro
- Disable ALPN on Wine. - Don't pass input secbuffer when ALPN is disabled. When ALPN support was added a change was made to pass an input secbuffer to initialize the context. When ALPN is enabled the buffer contains the ALPN information, and when it's disabled the buffer is empty. In either case this input buffer caused problems with Wine and connections would not complete. Bug: https://github.com/curl/curl/issues/983 Reported-by: Christian Fillion
2016-06-22internals: rename the SessionHandle struct to Curl_easyDaniel Stenberg
2016-06-22vtls: Only call add/getsession if session id is enabledJay Satiro
Prior to this change we called Curl_ssl_getsessionid and Curl_ssl_addsessionid regardless of whether session ID reusing was enabled. According to comments that is in case session ID reuse was disabled but then later enabled. The old way was not intuitive and probably not something users expected. When a user disables session ID caching I'd guess they don't expect the session ID to be cached anyway in case the caching is later enabled.
2016-06-06schannel: Disable ALPN on Windows < 8.1Steve Holme
Calling QueryContextAttributes with SECPKG_ATTR_APPLICATION_PROTOCOL fails on Windows < 8.1 so we need to disable ALPN on these OS versions. Inspiration provide by: Daniel Seither Closes #848 Fixes #840
2016-06-04win32: Used centralised verify windows version functionSteve Holme
Closes #845
2016-06-01vtls: fix ssl session cache race conditionIvan Avdeev
Sessionid cache management is inseparable from managing individual session lifetimes. E.g. for reference-counted sessions (like those in SChannel and OpenSSL engines) every session addition and removal should be accompanied with refcount increment and decrement respectively. Failing to do so synchronously leads to a race condition that causes symptoms like use-after-free and memory corruption. This commit: - makes existing session cache locking explicit, thus allowing individual engines to manage lock's scope. - fixes OpenSSL and SChannel engines by putting refcount management inside this lock's scope in relevant places. - adds these explicit locking calls to other engines that use sessionid cache to accommodate for this change. Note, however, that it is unknown whether any of these engines could also have this race. Bug: https://github.com/curl/curl/issues/815 Fixes #815 Closes #847
2016-06-01schannel: add CURLOPT_CERTINFO supportAndrew Kurushin
Closes #822
2016-05-18schannel: fix compile break with MSVC XP toolsetMarcel Raad
For the Windows XP toolset of Visual C++ 2013/2015, the old Windows SDK 7.1 is used. In this case, _USING_V110_SDK71_ is defined. Closes #812
2016-05-09TLS: move the ALPN/NPN enable bits to the connectionDaniel Stenberg
Only protocols that actually have a protocol registered for ALPN and NPN should try to get that negotiated in the TLS handshake. That is only HTTPS (well, http/1.1 and http/2) right now. Previously ALPN and NPN would wrongly be used in all handshakes if libcurl was built with it enabled. Reported-by: Jay Satiro Fixes #789
2016-04-03code: style updatesDaniel Stenberg
2016-03-26schannel: Fixed compilation warning from commit f8d88a4913Steve Holme
warning C4244: '=': conversion from 'int' to 'unsigned short', possible loss of data
2016-03-24schannel: Add ALPN supportJDepooter
Add ALPN support for schannel. This allows cURL to negotiate HTTP/2.0 connections when built with schannel. Closes #724
2016-02-04URLs: change more http to httpsViktor Szakats
2016-02-03URLs: change all http:// URLs to https://Daniel Stenberg
2015-11-21schannel: Corrected copy/paste error in commit 8d17117683Steve Holme