aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls
AgeCommit message (Collapse)Author
2017-08-28vtls: allow selecting which SSL backend to use at runtimeJohannes Schindelin
When building software for the masses, it is sometimes not possible to decide for all users which SSL backend is appropriate. Git for Windows, for example, uses cURL to perform clones, fetches and pushes via HTTPS, and some users strongly prefer OpenSSL, while other users really need to use Secure Channel because it offers enterprise-ready tools to manage credentials via Windows' Credential Store. The current Git for Windows versions use the ugly work-around of building libcurl once with OpenSSL support and once with Secure Channel support, and switching out the binaries in the installer depending on the user's choice. Needless to say, this is a super ugly workaround that actually only works in some cases: Git for Windows also comes in a portable form, and in a form intended for third-party applications requiring Git functionality, in which cases this "swap out libcurl-4.dll" simply is not an option. Therefore, the Git for Windows project has a vested interest in teaching cURL to make the SSL backend a *runtime* option. This patch makes that possible. By running ./configure with multiple --with-<backend> options, cURL will be built with multiple backends. For the moment, the backend can be configured using the environment variable CURL_SSL_BACKEND (valid values are e.g. "openssl" and "schannel"). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: fold the backend ID into the Curl_ssl structureJohannes Schindelin
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: encapsulate SSL backend-specific dataJohannes Schindelin
So far, all of the SSL backends' private data has been declared as part of the ssl_connect_data struct, in one big #if .. #elif .. #endif block. This can only work as long as the SSL backend is a compile-time option, something we want to change in the next commits. Therefore, let's encapsulate the exact data needed by each SSL backend into a private struct, and let's avoid bleeding any SSL backend-specific information into urldata.h. This is also necessary to allow multiple SSL backends to be compiled in at the same time, as e.g. OpenSSL's and CyaSSL's headers cannot be included in the same .c file. To avoid too many malloc() calls, we simply append the private structs to the connectdata struct in allocate_conn(). This requires us to take extra care of alignment issues: struct fields often need to be aligned on certain boundaries e.g. 32-bit values need to be stored at addresses that divide evenly by 4 (= 32 bit / 8 bit-per-byte). We do that by assuming that no SSL backend's private data contains any fields that need to be aligned on boundaries larger than `long long` (typically 64-bit) would need. Under this assumption, we simply add a dummy field of type `long long` to the `struct connectdata` struct. This field will never be accessed but acts as a placeholder for the four instances of ssl_backend_data instead. the size of each ssl_backend_data struct is stored in the SSL backend-specific metadata, to allow allocate_conn() to know how much extra space to allocate, and how to initialize the ssl[sockindex]->backend and proxy_ssl[sockindex]->backend pointers. This would appear to be a little complicated at first, but is really necessary to encapsulate the private data of each SSL backend correctly. And we need to encapsulate thusly if we ever want to allow selecting CyaSSL and OpenSSL at runtime, as their headers cannot be included within the same .c file (there are just too many conflicting definitions and declarations for that). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: prepare the SSL backends for encapsulated private dataJohannes Schindelin
At the moment, cURL's SSL backend needs to be configured at build time. As such, it is totally okay for them to hard-code their backend-specific data in the ssl_connect_data struct. In preparation for making the SSL backend a runtime option, let's make the access of said private data a bit more abstract so that it can be adjusted later in an easy manner. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28getinfo: access SSL internals via Curl_sslJohannes Schindelin
In the ongoing endeavor to abstract out all SSL backend-specific functionality, this is the next step: Instead of hard-coding how the different SSL backends access their internal data in getinfo.c, let's implement backend-specific functions to do that task. This will also allow for switching SSL backends as a runtime option. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: move SSL backends' private constants out of their header filesJohannes Schindelin
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28axtls: use Curl_none_* versions of init() and cleanup()Johannes Schindelin
There are convenient no-op versions of the init/cleanup functions now, no need to define private ones for axTLS. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: remove obsolete declarations of SSL backend functionalityJohannes Schindelin
These functions are all available via the Curl_ssl struct now, no need to declare them separately anymore. As the global declarations are removed, the corresponding function definitions are marked as file-local. The only two exceptions here are Curl_mbedtls_shutdown() and Curl_polarssl_shutdown(): only the declarations were removed, there are no function definitions to mark file-local. Please note that Curl_nss_force_init() is *still* declared globally, as the only SSL backend-specific function, because it was introduced specifically for the use case where cURL was compiled with `--without-ssl --with-nss`. For details, see f3b77e561 (http_ntlm: add support for NSS, 2010-06-27). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28schannel: reorder functions topologicallyJohannes Schindelin
The _shutdown() function calls the _session_free() function; While this is not a problem now (because schannel.h declares both functions), a patch looming in the immediate future with make all of these functions file-local. So let's just move the _session_free() function's definition before it is called. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28axtls: reorder functions topologicallyJohannes Schindelin
The connect_finish() function (like many other functions after it) calls the Curl_axtls_close() function; While this is not a problem now (because axtls.h declares the latter function), a patch looming in the immediate future with make all of these functions file-local. So let's just move the Curl_axtls_close() function's definition before it is called. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: move the SUPPORT_HTTPS_PROXY flag into the Curl_ssl structJohannes Schindelin
That will allow us to choose the SSL backend at runtime. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: convert the have_curlssl_* constants to runtime flagsJohannes Schindelin
The entire idea of introducing the Curl_ssl struct to describe SSL backends is to prepare for choosing the SSL backend at runtime. To that end, convert all the #ifdef have_curlssl_* style conditionals to use bit flags instead. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: move sha256sum into the Curl_ssl structJohannes Schindelin
The SHA-256 checksumming is also an SSL backend-specific function. Let's include it in the struct declaring the functionality of SSL backends. In contrast to MD5, there is no fall-back code. To indicate this, the respective entries are NULL for those backends that offer no support for SHA-256 checksumming. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: move md5sum into the Curl_ssl structJohannes Schindelin
The MD5 summing is also an SSL backend-specific function. So let's include it, offering the previous fall-back code as a separate function now: Curl_none_md5sum(). To allow for that, the signature had to be changed so that an error could be returned from the implementation (Curl_none_md5sum() can run out of memory). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: use the Curl_ssl struct to access all SSL backends' functionalityJohannes Schindelin
This is the first step to unify the SSL backend handling. Now all the SSL backend-specific functionality is accessed via a global instance of the Curl_ssl struct. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: declare Curl_ssl structs for every SSL backendJohannes Schindelin
The idea of introducing the Curl_ssl struct was to unify how the SSL backends are declared and called. To this end, we now provide an instance of the Curl_ssl struct for each and every SSL backend. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: introduce a new struct for SSL backendsJohannes Schindelin
This new struct is similar in nature to Curl_handler: it will define the functions and capabilities of all the SSL backends (where Curl_handler defines the functions and capabilities of protocol handlers). Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: make sure every _sha256sum()'s first arg is constJohannes Schindelin
This patch makes the signature of the _sha256sum() functions consistent among the SSL backends, in preparation for unifying the way all SSL backends are accessed. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: make sure all _data_pending() functions return boolJohannes Schindelin
This patch makes the signature of the _data_pending() functions consistent among the SSL backends, in preparation for unifying the way all SSL backends are accessed. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: make sure all _cleanup() functions return voidJohannes Schindelin
This patch makes the signature of the _cleanup() functions consistent among the SSL backends, in preparation for unifying the way all SSL backends are accessed. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28vtls: use consistent signature for _random() implementationsJohannes Schindelin
This will make the upcoming multissl backend much easier to implement. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-27darwinssl: handle long strings in TLS certsDaniel Stenberg
... as the previous fixed length 128 bytes buffer was sometimes too small. Fixes #1823 Closes #1831 Reported-by: Benjamin Sergeant Assisted-by: Bill Pyne, Ray Satiro, Nick Zitzmann
2017-08-16darwinssi: fix error: variable length array usedDaniel Stenberg
2017-08-11openssl: fix "error: this statement may fall through"Daniel Stenberg
A gcc7 warning.
2017-08-11openssl: remove CONST_ASN1_BIT_STRING.David Benjamin
Just making the pointer as const works for the pre-1.1.0 path too. Closes #1759
2017-08-05darwinssl: fix compiler warningMarcel Raad
clang complains: vtls/darwinssl.c:40:8: error: extra tokens at end of #endif directive [-Werror,-Wextra-tokens] This breaks the darwinssl build on Travis. Fix it by making this token a comment. Closes https://github.com/curl/curl/pull/1734
2017-08-04darwin: silence compiler warningsDaniel Stenberg
With a clang pragma and three type fixes Fixes #1722
2017-08-03darwinssl: fix curlssl_sha256sum() compiler warnings on first argumentDaniel Stenberg
2017-07-28timeval: struct curltime is a struct timeval replacementDaniel Stenberg
... to make all libcurl internals able to use the same data types for the struct members. The timeval struct differs subtly on several platforms so it makes it cumbersome to use everywhere. Ref: #1652 Closes #1693
2017-07-27darwinssl: fix variable type mistake (regression)Daniel Stenberg
... which made --tlsv1.2 not work because it would blank the max tls version variable. Reported-by: Nick Miyake Bug: #1703
2017-07-20nss: fix a possible use-after-free in SelectClientCert()Kamil Dudka
... causing a SIGSEGV in showit() in case the handle used to initiate the connection has already been freed. This commit fixes a bug introduced in curl-7_19_5-204-g5f0cae803. Reported-by: Rob Sanders Bug: https://bugzilla.redhat.com/1436158
2017-07-20nss: unify the coding style of nss_send() and nss_recv()Kamil Dudka
No changes in behavior intended by this commit.
2017-07-17darwinssl: fix pinnedpubkey build errorJay Satiro
- s/SessionHandle/Curl_easy/ Bug: https://github.com/curl/curl/commit/eb16305#commitcomment-23035670 Reported-by: Gisle Vanem
2017-07-03gtls: fix build when sizeof(long) < sizeof(void *)Johannes Schindelin
- Change gnutls pointer/int macros to pointer/curl_socket_t. Prior to this change they used long type as well. The size of the `long` data type can be shorter than that of pointer types. This is the case most notably on Windows. If C99 were acceptable, we could simply use `intptr_t` here. But we want to retain C89 compatibility. Simply use the trick of performing pointer arithmetic with the NULL pointer: to convert an integer `i` to a pointer, simply take the address of the `i`th element of a hypothetical character array starting at address NULL. To convert back, simply cast the pointer difference. Thanks to Jay Satiro for the initial modification to use curl_socket_t instead of int/long. Closes #1617 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-06-30openssl: improve fallback seed of PRNG with a time based hashdmitrykos
Fixes #1620
2017-06-16HTTPS-Proxy: don't offer h2 for https proxy connectionsJay Satiro
Bug: https://github.com/curl/curl/issues/1254 Closes #1546
2017-06-13libressl: OCSP and intermediate certs workaround no longer neededStuart Henderson
lib/vtls/openssl.c has a workaround for a bug with OCSP responses signed by intermediate certs, this was fixed in LibreSSL in https://github.com/libressl-portable/openbsd/commit/912c64f68f7ac4f225b7d1fdc8fbd43168912ba0 Bug: https://curl.haxx.se/mail/lib-2017-06/0038.html
2017-06-03cyassl: define build macros before including ssl.hMarcel Raad
cyassl/ssl.h needs the macros from cyassl/options.h, so define them before including cyassl/ssl.h the first time, which happens in urldata.h. This broke the build on Ubuntu Xenial, which comes with WolfSSL 3.4.8 and therefore redefines the symbols from cyassl/options.h instead of including the header. Closes https://github.com/curl/curl/pull/1536
2017-06-02mbedtls: make TU-local variable staticMarcel Raad
mbedtls_x509_crt_profile_fr is only used locally. This fixes a missing-variable-declarations warning with clang.
2017-05-29mbedtls: fix variable shadow warningJay Satiro
vtls/mbedtls.c:804:69: warning: declaration of 'entropy' shadows a global declaration [-Wshadow] CURLcode Curl_mbedtls_random(struct Curl_easy *data, unsigned char *entropy, ^~~~~~~
2017-05-16darwinssl: Fix exception when processing a client-side certificate fileNick Zitzmann
if no error was raised by the API but the SecIdentityRef was null Fixes #1450
2017-05-15SecureTransport/DarwinSSL: Implement public key pinningmoparisthebest
Closes #1400
2017-05-12mbedtls: Support server renegotiation requestRon Eldor
Tested with servers: IIS 7.5; OpenSSL 1.0.2. Closes https://github.com/curl/curl/pull/1475
2017-05-04schannel: return a more specific error code for SEC_E_UNTRUSTED_ROOTDan Fandrich
2017-05-02gtls: fixed a lingering BUFSIZE referenceDan Fandrich
2017-05-01openssl: use local stack for temp storageDaniel Stenberg
2017-04-25nss: load libnssckbi.so if no other trust is specifiedKamil Dudka
The module contains a more comprehensive set of trust information than supported by nss-pem, because libnssckbi.so also includes information about distrusted certificates. Reviewed-by: Kai Engert Closes #1414
2017-04-25nss: factorize out nss_{un,}load_module to separate fncsKamil Dudka
No change of behavior is intended by this commit.
2017-04-25nss: do not leak PKCS #11 slot while loading a keyKamil Dudka
It could prevent nss-pem from being unloaded later on. Bug: https://bugzilla.redhat.com/1444860
2017-04-24nss: adapt to the new Curl_llist APIKamil Dudka
This commit fixes compilation failure caused by cbae73e1dd95946597ea74ccb580c30f78e3fa73.