aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls
AgeCommit message (Collapse)Author
2016-11-24proxy: Support HTTPS proxy and SOCKS+HTTP(s)Alex Rousskov
* HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-24Limit ASN.1 structure sizes to 256K. Prevent some allocation size overflows.Patrick Monnerat
See CRL-01-006.
2016-11-19vtls: fix build warningsMarcel Raad
Fix warnings about conversions from long to time_t in openssl.c and schannel.c. Follow-up to de4de4e3c7c
2016-11-15darwinssl: fix SSL client certificate not found on MacOS SierraDavid Schweikert
Reviewed-by: Nick Zitzmann Closes #1105
2016-11-14Curl_rand: fixed and moved to rand.cDaniel Stenberg
Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-11openssl: make sure to fail in the unlikely event that PRNG seeding failsDaniel Stenberg
2016-11-11openssl: avoid unnecessary seeding if already doneDaniel Stenberg
1.1.0+ does more of this by itself so we can avoid extra processing this way.
2016-11-11openssl: RAND_status always exists in OpenSSL >= 0.9.7Daniel Stenberg
and remove RAND_screen from configure since nothing is using that function
2016-11-10openssl: raise the max_version to 1.3 if asked forDaniel Stenberg
Now I've managed to negotiate TLS 1.3 with https://enabled.tls13.com/ when using boringssl.
2016-11-09vtls: Fail on unrecognized param for CURLOPT_SSLVERSIONJay Satiro
- Fix GnuTLS code for CURL_SSLVERSION_TLSv1_2 that broke when the TLS 1.3 support was added in 6ad3add. - Homogenize across code for all backends the error message when TLS 1.3 is not available to "<backend>: TLS 1.3 is not yet supported". - Return an error when a user-specified ssl version is unrecognized. --- Prior to this change our code for some of the backends used the 'default' label in the switch statement (ie ver unrecognized) for ssl.version and treated it the same as CURL_SSLVERSION_DEFAULT. Bug: https://curl.haxx.se/mail/lib-2016-11/0048.html Reported-by: Kamil Dudka
2016-11-07nss: silence warning 'SSL_NEXT_PROTO_EARLY_VALUE not handled in switch'Kamil Dudka
... with nss-3.26.0 and newer Reported-by: Daniel Stenberg
2016-11-07openssl: initial TLS 1.3 adaptionsDaniel Stenberg
BoringSSL supports TLSv1.3 already, but these changes don't seem to be anough to get it working.
2016-11-07vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3Kamil Dudka
Fully implemented with the NSS backend only for now. Reviewed-by: Ray Satiro
2016-11-07nss: map CURL_SSLVERSION_DEFAULT to NSS defaultKamil Dudka
... but make sure we use at least TLSv1.0 according to libcurl API Reported-by: Cure53 Reviewed-by: Ray Satiro
2016-11-07s/cURL/curlDaniel Stenberg
We're mostly saying just "curl" in lower case these days so here's a big cleanup to adapt to this reality. A few instances are left as the project could still formally be considered called cURL.
2016-11-04mbedtls: fix build with mbedtls versions < 2.4.0Daniel Stenberg
Regression added in 62a8095e714 Reported-by: Tony Kelman Discussed in #1087
2016-10-31gskit, nss: do not include strequal.hKamil Dudka
follow-up to 811a693b80
2016-10-31strcasecompare: replaced remaining rawstr.h with strcase.hDan Fandrich
This is a followup to commit 811a693b
2016-10-31strcasecompare: all case insensitive string compares ignore locale nowDaniel Stenberg
We had some confusions on when each function was used. We should not act differently on different locales anyway.
2016-10-31strcasecompare: is the new name for strequal()Daniel Stenberg
... to make it less likely that we forget that the function actually does case insentive compares. Also replaced several invokes of the function with a plain strcmp when case sensitivity is not an issue (like comparing with "-").
2016-10-26mbedtls: stop using deprecated include fileDaniel Stenberg
Reported-by: wyattoday Fixes #1087
2016-10-25nss: fix tight loop in non-blocking TLS handhsake over proxyMartin Frodl
... in case the handshake completes before entering CURLM_STATE_PROTOCONNECT Bug: https://bugzilla.redhat.com/1388162
2016-10-18polarssl: indented code, removed unused variablesDaniel Stenberg
2016-10-18polarssl: reduce #ifdef madness with a macroDaniel Stenberg
2016-10-18polarssl: fix unaligned SSL session-id lockDaniel Stenberg
2016-10-18Curl_polarsslthreadlock_thread_setup: clear array at initDaniel Stenberg
... since if it fails to init the entire array and then tries to clean it up, it would attempt to work on an uninitialized pointer.
2016-10-18select: switch to macros in uppercaseDaniel Stenberg
Curl_select_ready() was the former API that was replaced with Curl_select_check() a while back and the former arg setup was provided with a define (in order to leave existing code unmodified). Now we instead offer SOCKET_READABLE and SOCKET_WRITABLE for the most common shortcuts where only one socket is checked. They're also more visibly macros.
2016-10-13vtls: only re-use session-ids using the same schemeDaniel Stenberg
To make it harder to do cross-protocol mistakes
2016-09-22nss: add chacha20-poly1305 cipher suites if supported by NSSKamil Dudka
2016-09-22nss: add cipher suites using SHA384 if supported by NSSKamil Dudka
2016-09-22nss: fix typo in ecdhe_rsa_null cipher suite stringKamil Dudka
As it seems to be a rarely used cipher suite (for securely established but _unencrypted_ connections), I believe it is fine not to provide an alias for the misspelled variant.
2016-09-19darwinssl: Fix typo in commentDaniel Gustafsson
Closes https://github.com/curl/curl/pull/1028
2016-09-19libressl: fix version outputBernard Spil
LibreSSL defines `OPENSSL_VERSION_NUMBER` as `0x20000000L` for all versions returning `LibreSSL/2.0.0` for any LibreSSL version. This change provides a local OpenSSL_version_num function replacement returning LIBRESSL_VERSION_NUMBER instead. Closes #1029
2016-09-19openssl: don't call ERR_remote_thread_state on >= 1.1.0Daniel Stenberg
Follow-up fix to d9321562
2016-09-19openssl: don’t call CRYTPO_cleanup_all_ex_dataDaniel Stenberg
The OpenSSL function CRYTPO_cleanup_all_ex_data() cannot be called multiple times without crashing - and other libs might call it! We basically cannot call it without risking a crash. The function is a no-op since OpenSSL 1.1.0. Not calling this function only risks a small memory leak with OpenSSL < 1.1.0. Bug: https://curl.haxx.se/mail/lib-2016-09/0045.html Reported-by: Todd Short
2016-09-18darwinssl: disable RC4 cipher-suite supportNick Zitzmann
RC4 was a nice alternative to CBC back in the days of BEAST, but it's insecure and obsolete now.
2016-09-14openssl: fix per-thread memory leak usiong 1.0.1 or 1.0.2Daniel Stenberg
OpenSSL 1.0.1 and 1.0.2 build an error queue that is stored per-thread so we need to clean it when easy handles are freed, in case the thread will be killed in which the easy handle was used. All OpenSSL code in libcurl should extract the error in association with the error already so clearing this queue here should be harmless at worst. Fixes #964
2016-09-09openssl: fix bad memory free (regression)Daniel Stenberg
... by partially reverting f975f06033b1. The allocation could be made by OpenSSL so the free must be made with OPENSSL_free() to avoid problems. Reported-by: Harold Stuart Fixes #1005
2016-09-06openssl: fix CURLINFO_SSL_VERIFYRESULTGaurav Malhotra
CURLINFO_SSL_VERIFYRESULT does not get the certificate verification result when SSL_connect fails because of a certificate verification error. This fix saves the result of SSL_get_verify_result so that it is returned by CURLINFO_SSL_VERIFYRESULT. Closes https://github.com/curl/curl/pull/995
2016-09-06darwinssl: test for errSecSuccess in PKCS12 import rather than noErr (#993)Daniel Gustafsson
While noErr and errSecSuccess are defined as the same value, the API documentation states that SecPKCS12Import() returns errSecSuccess if there were no errors in importing. Ensure that a future change of the defined value doesn't break (however unlikely) and be consistent with the API docs.
2016-09-05openssl: Fix compilation with OPENSSL_API_COMPAT=0x10100000LMarcel Raad
With OPENSSL_API_COMPAT=0x10100000L (OpenSSL 1.1 API), the cleanup functions are unavailable (they're no-ops anyway in OpenSSL 1.1). The replacements for SSL_load_error_strings, SSLeay_add_ssl_algorithms, and OpenSSL_add_all_algorithms are called automatically [1][2]. SSLeay() is now called OpenSSL_version_num(). [1]: https://www.openssl.org/docs/man1.1.0/ssl/OPENSSL_init_ssl.html [2]: https://www.openssl.org/docs/man1.1.0/crypto/OPENSSL_init_crypto.html Closes #992
2016-08-26schannel: Disable ALPN for Wine since it is causing problemsJay Satiro
- Disable ALPN on Wine. - Don't pass input secbuffer when ALPN is disabled. When ALPN support was added a change was made to pass an input secbuffer to initialize the context. When ALPN is enabled the buffer contains the ALPN information, and when it's disabled the buffer is empty. In either case this input buffer caused problems with Wine and connections would not complete. Bug: https://github.com/curl/curl/issues/983 Reported-by: Christian Fillion
2016-08-26nss: work around race condition in PK11_FindSlotByName()Peter Wang
Serialise the call to PK11_FindSlotByName() to avoid spurious errors in a multi-threaded environment. The underlying cause is a race condition in nssSlot_IsTokenPresent(). Bug: https://bugzilla.mozilla.org/1297397 Closes #985
2016-08-26nss: refuse previously loaded certificate from fileKamil Dudka
... when we are not asked to use a certificate from file
2016-08-26TLS: random file/egd doesn't have to match for conn reuseDaniel Stenberg
2016-08-25openssl: make build with 1.1.0 againDaniel Stenberg
synced with OpenSSL git master commit cc06906707
2016-08-17nss: make the global variables staticDaniel Stenberg
2016-08-16openssl: use regular malloc instead of OPENSSL_mallocDaniel Stenberg
This allows for better memmory debugging and torture tests.
2016-08-13openssl: accept subjectAltName iPAddress if no dNSName matchJay Satiro
Undo change introduced in d4643d6 which caused iPAddress match to be ignored if dNSName was present but did not match. Also, if iPAddress is present but does not match, and dNSName is not present, fail as no-match. Prior to this change in such a case the CN would be checked for a match. Bug: https://github.com/curl/curl/issues/959 Reported-by: wmsch@users.noreply.github.com
2016-08-05mbedtls: set debug threshold to 4 (verbose) when MBEDTLS_DEBUG is definedThomas Glanzmann
In order to make MBEDTLS_DEBUG work, the debug threshold must be unequal to 0. This patch also adds a comment how mbedtls must be compiled in order to make debugging work, and explains the possible debug levels.