1 ebfc5784 2024-01-07 op /* $OpenBSD: tls_config.c,v 1.67 2023/07/02 06:37:27 beck Exp $ */
3 f9ab77a8 2023-08-23 op * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
5 f9ab77a8 2023-08-23 op * Permission to use, copy, modify, and distribute this software for any
6 f9ab77a8 2023-08-23 op * purpose with or without fee is hereby granted, provided that the above
7 f9ab77a8 2023-08-23 op * copyright notice and this permission notice appear in all copies.
9 f9ab77a8 2023-08-23 op * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 f9ab77a8 2023-08-23 op * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 f9ab77a8 2023-08-23 op * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 f9ab77a8 2023-08-23 op * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 f9ab77a8 2023-08-23 op * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 f9ab77a8 2023-08-23 op * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 f9ab77a8 2023-08-23 op * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 f9ab77a8 2023-08-23 op #include "config.h"
20 f9ab77a8 2023-08-23 op #include <sys/stat.h>
22 f9ab77a8 2023-08-23 op #include <ctype.h>
23 f9ab77a8 2023-08-23 op #include <errno.h>
24 f9ab77a8 2023-08-23 op #include <fcntl.h>
25 f9ab77a8 2023-08-23 op #include <stdlib.h>
26 f9ab77a8 2023-08-23 op #include <string.h>
27 f9ab77a8 2023-08-23 op #include <unistd.h>
29 f9ab77a8 2023-08-23 op #include <tls.h>
31 f9ab77a8 2023-08-23 op #include "tls_internal.h"
34 f9ab77a8 2023-08-23 op tls_default_ca_cert_file(void)
36 f9ab77a8 2023-08-23 op #ifdef OPENSMTPD_CA_FILE
37 f9ab77a8 2023-08-23 op return OPENSMTPD_CA_FILE;
39 f9ab77a8 2023-08-23 op return X509_get_default_cert_file();
44 f9ab77a8 2023-08-23 op tls_config_load_file(struct tls_error *error, const char *filetype,
45 f9ab77a8 2023-08-23 op const char *filename, char **buf, size_t *len)
47 f9ab77a8 2023-08-23 op struct stat st;
55 f9ab77a8 2023-08-23 op if ((fd = open(filename, O_RDONLY)) == -1) {
56 f9ab77a8 2023-08-23 op tls_error_set(error, "failed to open %s file '%s'",
57 f9ab77a8 2023-08-23 op filetype, filename);
60 f9ab77a8 2023-08-23 op if (fstat(fd, &st) != 0) {
61 f9ab77a8 2023-08-23 op tls_error_set(error, "failed to stat %s file '%s'",
62 f9ab77a8 2023-08-23 op filetype, filename);
65 f9ab77a8 2023-08-23 op if (st.st_size < 0)
67 f9ab77a8 2023-08-23 op *len = (size_t)st.st_size;
68 f9ab77a8 2023-08-23 op if ((*buf = malloc(*len)) == NULL) {
69 f9ab77a8 2023-08-23 op tls_error_set(error, "failed to allocate buffer for "
70 f9ab77a8 2023-08-23 op "%s file", filetype);
73 f9ab77a8 2023-08-23 op n = read(fd, *buf, *len);
74 f9ab77a8 2023-08-23 op if (n < 0 || (size_t)n != *len) {
75 f9ab77a8 2023-08-23 op tls_error_set(error, "failed to read %s file '%s'",
76 f9ab77a8 2023-08-23 op filetype, filename);
85 f9ab77a8 2023-08-23 op freezero(*buf, *len);
92 f9ab77a8 2023-08-23 op struct tls_config *
93 f9ab77a8 2023-08-23 op tls_config_new_internal(void)
95 f9ab77a8 2023-08-23 op struct tls_config *config;
96 f9ab77a8 2023-08-23 op unsigned char sid[TLS_MAX_SESSION_ID_LENGTH];
98 f9ab77a8 2023-08-23 op if ((config = calloc(1, sizeof(*config))) == NULL)
99 f9ab77a8 2023-08-23 op return (NULL);
101 f9ab77a8 2023-08-23 op config->refcount = 1;
102 f9ab77a8 2023-08-23 op config->session_fd = -1;
104 f9ab77a8 2023-08-23 op if ((config->keypair = tls_keypair_new()) == NULL)
108 f9ab77a8 2023-08-23 op * Default configuration.
110 f9ab77a8 2023-08-23 op if (tls_config_set_dheparams(config, "none") != 0)
112 f9ab77a8 2023-08-23 op if (tls_config_set_ecdhecurves(config, "default") != 0)
114 f9ab77a8 2023-08-23 op if (tls_config_set_ciphers(config, "secure") != 0)
117 f9ab77a8 2023-08-23 op if (tls_config_set_protocols(config, TLS_PROTOCOLS_DEFAULT) != 0)
119 f9ab77a8 2023-08-23 op if (tls_config_set_verify_depth(config, 6) != 0)
123 f9ab77a8 2023-08-23 op * Set session ID context to a random value. For the simple case
124 f9ab77a8 2023-08-23 op * of a single process server this is good enough. For multiprocess
125 f9ab77a8 2023-08-23 op * servers the session ID needs to be set by the caller.
127 f9ab77a8 2023-08-23 op arc4random_buf(sid, sizeof(sid));
128 f9ab77a8 2023-08-23 op if (tls_config_set_session_id(config, sid, sizeof(sid)) != 0)
130 f9ab77a8 2023-08-23 op config->ticket_keyrev = arc4random();
131 f9ab77a8 2023-08-23 op config->ticket_autorekey = 1;
133 f9ab77a8 2023-08-23 op tls_config_prefer_ciphers_server(config);
135 f9ab77a8 2023-08-23 op tls_config_verify(config);
137 f9ab77a8 2023-08-23 op return (config);
140 f9ab77a8 2023-08-23 op tls_config_free(config);
141 f9ab77a8 2023-08-23 op return (NULL);
144 f9ab77a8 2023-08-23 op struct tls_config *
145 f9ab77a8 2023-08-23 op tls_config_new(void)
147 f9ab77a8 2023-08-23 op if (tls_init() == -1)
148 f9ab77a8 2023-08-23 op return (NULL);
150 f9ab77a8 2023-08-23 op return tls_config_new_internal();
154 f9ab77a8 2023-08-23 op tls_config_free(struct tls_config *config)
156 f9ab77a8 2023-08-23 op struct tls_keypair *kp, *nkp;
157 f9ab77a8 2023-08-23 op int refcount;
159 f9ab77a8 2023-08-23 op if (config == NULL)
162 f9ab77a8 2023-08-23 op refcount = --config->refcount;
164 f9ab77a8 2023-08-23 op if (refcount > 0)
167 f9ab77a8 2023-08-23 op for (kp = config->keypair; kp != NULL; kp = nkp) {
168 f9ab77a8 2023-08-23 op nkp = kp->next;
169 f9ab77a8 2023-08-23 op tls_keypair_free(kp);
172 f9ab77a8 2023-08-23 op free(config->error.msg);
174 f9ab77a8 2023-08-23 op free(config->alpn);
175 f9ab77a8 2023-08-23 op free((char *)config->ca_mem);
176 f9ab77a8 2023-08-23 op free((char *)config->ca_path);
177 f9ab77a8 2023-08-23 op free((char *)config->ciphers);
178 f9ab77a8 2023-08-23 op free((char *)config->crl_mem);
179 f9ab77a8 2023-08-23 op free(config->ecdhecurves);
181 f9ab77a8 2023-08-23 op free(config);
185 f9ab77a8 2023-08-23 op tls_config_keypair_add(struct tls_config *config, struct tls_keypair *keypair)
187 f9ab77a8 2023-08-23 op struct tls_keypair *kp;
189 f9ab77a8 2023-08-23 op kp = config->keypair;
190 f9ab77a8 2023-08-23 op while (kp->next != NULL)
191 f9ab77a8 2023-08-23 op kp = kp->next;
193 f9ab77a8 2023-08-23 op kp->next = keypair;
197 f9ab77a8 2023-08-23 op tls_config_error(struct tls_config *config)
199 f9ab77a8 2023-08-23 op return config->error.msg;
203 f9ab77a8 2023-08-23 op tls_config_clear_keys(struct tls_config *config)
205 f9ab77a8 2023-08-23 op struct tls_keypair *kp;
207 f9ab77a8 2023-08-23 op for (kp = config->keypair; kp != NULL; kp = kp->next)
208 f9ab77a8 2023-08-23 op tls_keypair_clear_key(kp);
212 f9ab77a8 2023-08-23 op tls_config_parse_protocols(uint32_t *protocols, const char *protostr)
214 f9ab77a8 2023-08-23 op uint32_t proto, protos = 0;
215 f9ab77a8 2023-08-23 op char *s, *p, *q;
218 f9ab77a8 2023-08-23 op if (protostr == NULL) {
219 f9ab77a8 2023-08-23 op *protocols = TLS_PROTOCOLS_DEFAULT;
223 f9ab77a8 2023-08-23 op if ((s = strdup(protostr)) == NULL)
227 f9ab77a8 2023-08-23 op while ((p = strsep(&q, ",:")) != NULL) {
228 f9ab77a8 2023-08-23 op while (*p == ' ' || *p == '\t')
232 f9ab77a8 2023-08-23 op if (*p == '!') {
237 f9ab77a8 2023-08-23 op if (negate && protos == 0)
238 f9ab77a8 2023-08-23 op protos = TLS_PROTOCOLS_ALL;
241 f9ab77a8 2023-08-23 op if (strcasecmp(p, "all") == 0 ||
242 f9ab77a8 2023-08-23 op strcasecmp(p, "legacy") == 0)
243 f9ab77a8 2023-08-23 op proto = TLS_PROTOCOLS_ALL;
244 f9ab77a8 2023-08-23 op else if (strcasecmp(p, "default") == 0 ||
245 f9ab77a8 2023-08-23 op strcasecmp(p, "secure") == 0)
246 f9ab77a8 2023-08-23 op proto = TLS_PROTOCOLS_DEFAULT;
247 f9ab77a8 2023-08-23 op if (strcasecmp(p, "tlsv1") == 0)
248 f9ab77a8 2023-08-23 op proto = TLS_PROTOCOL_TLSv1;
249 f9ab77a8 2023-08-23 op else if (strcasecmp(p, "tlsv1.0") == 0)
250 ebfc5784 2024-01-07 op proto = TLS_PROTOCOL_TLSv1_2;
251 f9ab77a8 2023-08-23 op else if (strcasecmp(p, "tlsv1.1") == 0)
252 ebfc5784 2024-01-07 op proto = TLS_PROTOCOL_TLSv1_2;
253 f9ab77a8 2023-08-23 op else if (strcasecmp(p, "tlsv1.2") == 0)
254 f9ab77a8 2023-08-23 op proto = TLS_PROTOCOL_TLSv1_2;
255 f9ab77a8 2023-08-23 op else if (strcasecmp(p, "tlsv1.3") == 0)
256 f9ab77a8 2023-08-23 op proto = TLS_PROTOCOL_TLSv1_3;
258 f9ab77a8 2023-08-23 op if (proto == 0) {
264 f9ab77a8 2023-08-23 op protos &= ~proto;
266 f9ab77a8 2023-08-23 op protos |= proto;
269 f9ab77a8 2023-08-23 op *protocols = protos;
277 f9ab77a8 2023-08-23 op tls_config_parse_alpn(struct tls_config *config, const char *alpn,
278 f9ab77a8 2023-08-23 op char **alpn_data, size_t *alpn_len)
280 f9ab77a8 2023-08-23 op size_t buf_len, i, len;
281 f9ab77a8 2023-08-23 op char *buf = NULL;
282 f9ab77a8 2023-08-23 op char *s = NULL;
285 f9ab77a8 2023-08-23 op free(*alpn_data);
286 f9ab77a8 2023-08-23 op *alpn_data = NULL;
287 f9ab77a8 2023-08-23 op *alpn_len = 0;
289 f9ab77a8 2023-08-23 op if ((buf_len = strlen(alpn) + 1) > 65535) {
290 f9ab77a8 2023-08-23 op tls_config_set_errorx(config, "alpn too large");
294 f9ab77a8 2023-08-23 op if ((buf = malloc(buf_len)) == NULL) {
295 f9ab77a8 2023-08-23 op tls_config_set_errorx(config, "out of memory");
299 f9ab77a8 2023-08-23 op if ((s = strdup(alpn)) == NULL) {
300 f9ab77a8 2023-08-23 op tls_config_set_errorx(config, "out of memory");
306 f9ab77a8 2023-08-23 op while ((p = strsep(&q, ",")) != NULL) {
307 f9ab77a8 2023-08-23 op if ((len = strlen(p)) == 0) {
308 f9ab77a8 2023-08-23 op tls_config_set_errorx(config,
309 f9ab77a8 2023-08-23 op "alpn protocol with zero length");
312 f9ab77a8 2023-08-23 op if (len > 255) {
313 f9ab77a8 2023-08-23 op tls_config_set_errorx(config,
314 f9ab77a8 2023-08-23 op "alpn protocol too long");
317 f9ab77a8 2023-08-23 op buf[i++] = len & 0xff;
318 f9ab77a8 2023-08-23 op memcpy(&buf[i], p, len);
324 f9ab77a8 2023-08-23 op *alpn_data = buf;
325 f9ab77a8 2023-08-23 op *alpn_len = buf_len;
337 f9ab77a8 2023-08-23 op tls_config_set_alpn(struct tls_config *config, const char *alpn)
339 f9ab77a8 2023-08-23 op return tls_config_parse_alpn(config, alpn, &config->alpn,
340 f9ab77a8 2023-08-23 op &config->alpn_len);
344 f9ab77a8 2023-08-23 op tls_config_add_keypair_file_internal(struct tls_config *config,
345 f9ab77a8 2023-08-23 op const char *cert_file, const char *key_file, const char *ocsp_file)
347 f9ab77a8 2023-08-23 op struct tls_keypair *keypair;
349 f9ab77a8 2023-08-23 op if ((keypair = tls_keypair_new()) == NULL)
351 f9ab77a8 2023-08-23 op if (tls_keypair_set_cert_file(keypair, &config->error, cert_file) != 0)
353 f9ab77a8 2023-08-23 op if (key_file != NULL &&
354 f9ab77a8 2023-08-23 op tls_keypair_set_key_file(keypair, &config->error, key_file) != 0)
356 f9ab77a8 2023-08-23 op if (ocsp_file != NULL &&
357 f9ab77a8 2023-08-23 op tls_keypair_set_ocsp_staple_file(keypair, &config->error,
358 f9ab77a8 2023-08-23 op ocsp_file) != 0)
361 f9ab77a8 2023-08-23 op tls_config_keypair_add(config, keypair);
366 f9ab77a8 2023-08-23 op tls_keypair_free(keypair);
371 f9ab77a8 2023-08-23 op tls_config_add_keypair_mem_internal(struct tls_config *config, const uint8_t *cert,
372 f9ab77a8 2023-08-23 op size_t cert_len, const uint8_t *key, size_t key_len,
373 f9ab77a8 2023-08-23 op const uint8_t *staple, size_t staple_len)
375 f9ab77a8 2023-08-23 op struct tls_keypair *keypair;
377 f9ab77a8 2023-08-23 op if ((keypair = tls_keypair_new()) == NULL)
379 f9ab77a8 2023-08-23 op if (tls_keypair_set_cert_mem(keypair, &config->error, cert, cert_len) != 0)
381 f9ab77a8 2023-08-23 op if (key != NULL &&
382 f9ab77a8 2023-08-23 op tls_keypair_set_key_mem(keypair, &config->error, key, key_len) != 0)
384 f9ab77a8 2023-08-23 op if (staple != NULL &&
385 f9ab77a8 2023-08-23 op tls_keypair_set_ocsp_staple_mem(keypair, &config->error, staple,
386 f9ab77a8 2023-08-23 op staple_len) != 0)
389 f9ab77a8 2023-08-23 op tls_config_keypair_add(config, keypair);
394 f9ab77a8 2023-08-23 op tls_keypair_free(keypair);
399 f9ab77a8 2023-08-23 op tls_config_add_keypair_mem(struct tls_config *config, const uint8_t *cert,
400 f9ab77a8 2023-08-23 op size_t cert_len, const uint8_t *key, size_t key_len)
402 f9ab77a8 2023-08-23 op return tls_config_add_keypair_mem_internal(config, cert, cert_len, key,
403 f9ab77a8 2023-08-23 op key_len, NULL, 0);
407 f9ab77a8 2023-08-23 op tls_config_add_keypair_file(struct tls_config *config,
408 f9ab77a8 2023-08-23 op const char *cert_file, const char *key_file)
410 f9ab77a8 2023-08-23 op return tls_config_add_keypair_file_internal(config, cert_file,
411 f9ab77a8 2023-08-23 op key_file, NULL);
415 f9ab77a8 2023-08-23 op tls_config_add_keypair_ocsp_mem(struct tls_config *config, const uint8_t *cert,
416 f9ab77a8 2023-08-23 op size_t cert_len, const uint8_t *key, size_t key_len, const uint8_t *staple,
417 f9ab77a8 2023-08-23 op size_t staple_len)
419 f9ab77a8 2023-08-23 op return tls_config_add_keypair_mem_internal(config, cert, cert_len, key,
420 f9ab77a8 2023-08-23 op key_len, staple, staple_len);
424 f9ab77a8 2023-08-23 op tls_config_add_keypair_ocsp_file(struct tls_config *config,
425 f9ab77a8 2023-08-23 op const char *cert_file, const char *key_file, const char *ocsp_file)
427 f9ab77a8 2023-08-23 op return tls_config_add_keypair_file_internal(config, cert_file,
428 f9ab77a8 2023-08-23 op key_file, ocsp_file);
432 f9ab77a8 2023-08-23 op tls_config_set_ca_file(struct tls_config *config, const char *ca_file)
434 f9ab77a8 2023-08-23 op return tls_config_load_file(&config->error, "CA", ca_file,
435 f9ab77a8 2023-08-23 op &config->ca_mem, &config->ca_len);
439 f9ab77a8 2023-08-23 op tls_config_set_ca_path(struct tls_config *config, const char *ca_path)
441 f9ab77a8 2023-08-23 op return tls_set_string(&config->ca_path, ca_path);
445 f9ab77a8 2023-08-23 op tls_config_set_ca_mem(struct tls_config *config, const uint8_t *ca, size_t len)
447 f9ab77a8 2023-08-23 op return tls_set_mem(&config->ca_mem, &config->ca_len, ca, len);
451 f9ab77a8 2023-08-23 op tls_config_set_cert_file(struct tls_config *config, const char *cert_file)
453 f9ab77a8 2023-08-23 op return tls_keypair_set_cert_file(config->keypair, &config->error,
458 f9ab77a8 2023-08-23 op tls_config_set_cert_mem(struct tls_config *config, const uint8_t *cert,
461 f9ab77a8 2023-08-23 op return tls_keypair_set_cert_mem(config->keypair, &config->error,
466 f9ab77a8 2023-08-23 op tls_config_set_ciphers(struct tls_config *config, const char *ciphers)
468 f9ab77a8 2023-08-23 op SSL_CTX *ssl_ctx = NULL;
470 f9ab77a8 2023-08-23 op if (ciphers == NULL ||
471 f9ab77a8 2023-08-23 op strcasecmp(ciphers, "default") == 0 ||
472 f9ab77a8 2023-08-23 op strcasecmp(ciphers, "secure") == 0)
473 f9ab77a8 2023-08-23 op ciphers = TLS_CIPHERS_DEFAULT;
474 f9ab77a8 2023-08-23 op else if (strcasecmp(ciphers, "compat") == 0)
475 f9ab77a8 2023-08-23 op ciphers = TLS_CIPHERS_COMPAT;
476 f9ab77a8 2023-08-23 op else if (strcasecmp(ciphers, "legacy") == 0)
477 f9ab77a8 2023-08-23 op ciphers = TLS_CIPHERS_LEGACY;
478 f9ab77a8 2023-08-23 op else if (strcasecmp(ciphers, "all") == 0 ||
479 f9ab77a8 2023-08-23 op strcasecmp(ciphers, "insecure") == 0)
480 f9ab77a8 2023-08-23 op ciphers = TLS_CIPHERS_ALL;
482 f9ab77a8 2023-08-23 op if ((ssl_ctx = SSL_CTX_new(SSLv23_method())) == NULL) {
483 f9ab77a8 2023-08-23 op tls_config_set_errorx(config, "out of memory");
486 f9ab77a8 2023-08-23 op if (SSL_CTX_set_cipher_list(ssl_ctx, ciphers) != 1) {
487 f9ab77a8 2023-08-23 op tls_config_set_errorx(config, "no ciphers for '%s'", ciphers);
491 f9ab77a8 2023-08-23 op SSL_CTX_free(ssl_ctx);
492 f9ab77a8 2023-08-23 op return tls_set_string(&config->ciphers, ciphers);
495 f9ab77a8 2023-08-23 op SSL_CTX_free(ssl_ctx);
500 f9ab77a8 2023-08-23 op tls_config_set_crl_file(struct tls_config *config, const char *crl_file)
502 f9ab77a8 2023-08-23 op return tls_config_load_file(&config->error, "CRL", crl_file,
503 f9ab77a8 2023-08-23 op &config->crl_mem, &config->crl_len);
507 f9ab77a8 2023-08-23 op tls_config_set_crl_mem(struct tls_config *config, const uint8_t *crl,
510 f9ab77a8 2023-08-23 op return tls_set_mem(&config->crl_mem, &config->crl_len, crl, len);
514 f9ab77a8 2023-08-23 op tls_config_set_dheparams(struct tls_config *config, const char *params)
518 f9ab77a8 2023-08-23 op if (params == NULL || strcasecmp(params, "none") == 0)
520 f9ab77a8 2023-08-23 op else if (strcasecmp(params, "auto") == 0)
522 f9ab77a8 2023-08-23 op else if (strcasecmp(params, "legacy") == 0)
523 f9ab77a8 2023-08-23 op keylen = 1024;
525 f9ab77a8 2023-08-23 op tls_config_set_errorx(config, "invalid dhe param '%s'", params);
529 f9ab77a8 2023-08-23 op config->dheparams = keylen;
535 f9ab77a8 2023-08-23 op tls_config_set_ecdhecurve(struct tls_config *config, const char *curve)
537 f9ab77a8 2023-08-23 op if (curve == NULL ||
538 f9ab77a8 2023-08-23 op strcasecmp(curve, "none") == 0 ||
539 f9ab77a8 2023-08-23 op strcasecmp(curve, "auto") == 0) {
540 f9ab77a8 2023-08-23 op curve = TLS_ECDHE_CURVES;
541 f9ab77a8 2023-08-23 op } else if (strchr(curve, ',') != NULL || strchr(curve, ':') != NULL) {
542 f9ab77a8 2023-08-23 op tls_config_set_errorx(config, "invalid ecdhe curve '%s'",
547 f9ab77a8 2023-08-23 op return tls_config_set_ecdhecurves(config, curve);
551 f9ab77a8 2023-08-23 op tls_config_set_ecdhecurves(struct tls_config *config, const char *curves)
553 f9ab77a8 2023-08-23 op int *curves_list = NULL, *curves_new;
554 f9ab77a8 2023-08-23 op size_t curves_num = 0;
555 f9ab77a8 2023-08-23 op char *cs = NULL;
560 f9ab77a8 2023-08-23 op free(config->ecdhecurves);
561 f9ab77a8 2023-08-23 op config->ecdhecurves = NULL;
562 f9ab77a8 2023-08-23 op config->ecdhecurves_len = 0;
564 f9ab77a8 2023-08-23 op if (curves == NULL || strcasecmp(curves, "default") == 0)
565 f9ab77a8 2023-08-23 op curves = TLS_ECDHE_CURVES;
567 f9ab77a8 2023-08-23 op if ((cs = strdup(curves)) == NULL) {
568 f9ab77a8 2023-08-23 op tls_config_set_errorx(config, "out of memory");
573 f9ab77a8 2023-08-23 op while ((p = strsep(&q, ",:")) != NULL) {
574 f9ab77a8 2023-08-23 op while (*p == ' ' || *p == '\t')
577 f9ab77a8 2023-08-23 op nid = OBJ_sn2nid(p);
578 f9ab77a8 2023-08-23 op if (nid == NID_undef)
579 f9ab77a8 2023-08-23 op nid = OBJ_ln2nid(p);
580 f9ab77a8 2023-08-23 op if (nid == NID_undef)
581 f9ab77a8 2023-08-23 op nid = EC_curve_nist2nid(p);
582 f9ab77a8 2023-08-23 op if (nid == NID_undef) {
583 f9ab77a8 2023-08-23 op tls_config_set_errorx(config,
584 f9ab77a8 2023-08-23 op "invalid ecdhe curve '%s'", p);
588 f9ab77a8 2023-08-23 op if ((curves_new = reallocarray(curves_list, curves_num + 1,
589 f9ab77a8 2023-08-23 op sizeof(int))) == NULL) {
590 f9ab77a8 2023-08-23 op tls_config_set_errorx(config, "out of memory");
593 f9ab77a8 2023-08-23 op curves_list = curves_new;
594 f9ab77a8 2023-08-23 op curves_list[curves_num] = nid;
595 f9ab77a8 2023-08-23 op curves_num++;
598 f9ab77a8 2023-08-23 op config->ecdhecurves = curves_list;
599 f9ab77a8 2023-08-23 op config->ecdhecurves_len = curves_num;
600 f9ab77a8 2023-08-23 op curves_list = NULL;
606 f9ab77a8 2023-08-23 op free(curves_list);
612 f9ab77a8 2023-08-23 op tls_config_set_key_file(struct tls_config *config, const char *key_file)
614 f9ab77a8 2023-08-23 op return tls_keypair_set_key_file(config->keypair, &config->error,
619 f9ab77a8 2023-08-23 op tls_config_set_key_mem(struct tls_config *config, const uint8_t *key,
622 f9ab77a8 2023-08-23 op return tls_keypair_set_key_mem(config->keypair, &config->error,
627 f9ab77a8 2023-08-23 op tls_config_set_keypair_file_internal(struct tls_config *config,
628 f9ab77a8 2023-08-23 op const char *cert_file, const char *key_file, const char *ocsp_file)
630 f9ab77a8 2023-08-23 op if (tls_config_set_cert_file(config, cert_file) != 0)
632 f9ab77a8 2023-08-23 op if (tls_config_set_key_file(config, key_file) != 0)
634 f9ab77a8 2023-08-23 op if (ocsp_file != NULL &&
635 f9ab77a8 2023-08-23 op tls_config_set_ocsp_staple_file(config, ocsp_file) != 0)
642 f9ab77a8 2023-08-23 op tls_config_set_keypair_mem_internal(struct tls_config *config, const uint8_t *cert,
643 f9ab77a8 2023-08-23 op size_t cert_len, const uint8_t *key, size_t key_len,
644 f9ab77a8 2023-08-23 op const uint8_t *staple, size_t staple_len)
646 f9ab77a8 2023-08-23 op if (tls_config_set_cert_mem(config, cert, cert_len) != 0)
648 f9ab77a8 2023-08-23 op if (tls_config_set_key_mem(config, key, key_len) != 0)
650 f9ab77a8 2023-08-23 op if ((staple != NULL) &&
651 f9ab77a8 2023-08-23 op (tls_config_set_ocsp_staple_mem(config, staple, staple_len) != 0))
658 f9ab77a8 2023-08-23 op tls_config_set_keypair_file(struct tls_config *config,
659 f9ab77a8 2023-08-23 op const char *cert_file, const char *key_file)
661 f9ab77a8 2023-08-23 op return tls_config_set_keypair_file_internal(config, cert_file, key_file,
666 f9ab77a8 2023-08-23 op tls_config_set_keypair_mem(struct tls_config *config, const uint8_t *cert,
667 f9ab77a8 2023-08-23 op size_t cert_len, const uint8_t *key, size_t key_len)
669 f9ab77a8 2023-08-23 op return tls_config_set_keypair_mem_internal(config, cert, cert_len,
670 f9ab77a8 2023-08-23 op key, key_len, NULL, 0);
674 f9ab77a8 2023-08-23 op tls_config_set_keypair_ocsp_file(struct tls_config *config,
675 f9ab77a8 2023-08-23 op const char *cert_file, const char *key_file, const char *ocsp_file)
677 f9ab77a8 2023-08-23 op return tls_config_set_keypair_file_internal(config, cert_file, key_file,
682 f9ab77a8 2023-08-23 op tls_config_set_keypair_ocsp_mem(struct tls_config *config, const uint8_t *cert,
683 f9ab77a8 2023-08-23 op size_t cert_len, const uint8_t *key, size_t key_len,
684 f9ab77a8 2023-08-23 op const uint8_t *staple, size_t staple_len)
686 f9ab77a8 2023-08-23 op return tls_config_set_keypair_mem_internal(config, cert, cert_len,
687 f9ab77a8 2023-08-23 op key, key_len, staple, staple_len);
692 f9ab77a8 2023-08-23 op tls_config_set_protocols(struct tls_config *config, uint32_t protocols)
694 f9ab77a8 2023-08-23 op config->protocols = protocols;
700 f9ab77a8 2023-08-23 op tls_config_set_session_fd(struct tls_config *config, int session_fd)
702 f9ab77a8 2023-08-23 op struct stat sb;
705 f9ab77a8 2023-08-23 op if (session_fd == -1) {
706 f9ab77a8 2023-08-23 op config->session_fd = session_fd;
710 f9ab77a8 2023-08-23 op if (fstat(session_fd, &sb) == -1) {
711 f9ab77a8 2023-08-23 op tls_config_set_error(config, "failed to stat session file");
714 f9ab77a8 2023-08-23 op if (!S_ISREG(sb.st_mode)) {
715 f9ab77a8 2023-08-23 op tls_config_set_errorx(config,
716 f9ab77a8 2023-08-23 op "session file is not a regular file");
720 f9ab77a8 2023-08-23 op if (sb.st_uid != getuid()) {
721 f9ab77a8 2023-08-23 op tls_config_set_errorx(config, "session file has incorrect "
722 f9ab77a8 2023-08-23 op "owner (uid %u != %u)", sb.st_uid, getuid());
725 f9ab77a8 2023-08-23 op mugo = sb.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO);
726 f9ab77a8 2023-08-23 op if (mugo != (S_IRUSR|S_IWUSR)) {
727 f9ab77a8 2023-08-23 op tls_config_set_errorx(config, "session file has incorrect "
728 f9ab77a8 2023-08-23 op "permissions (%o != 600)", mugo);
732 f9ab77a8 2023-08-23 op config->session_fd = session_fd;
738 ebfc5784 2024-01-07 op tls_config_set_sign_cb(struct tls_config *config, tls_sign_cb cb, void *cb_arg)
740 ebfc5784 2024-01-07 op config->use_fake_private_key = 1;
741 ebfc5784 2024-01-07 op config->skip_private_key_check = 1;
742 ebfc5784 2024-01-07 op config->sign_cb = cb;
743 ebfc5784 2024-01-07 op config->sign_cb_arg = cb_arg;
749 f9ab77a8 2023-08-23 op tls_config_set_verify_depth(struct tls_config *config, int verify_depth)
751 f9ab77a8 2023-08-23 op config->verify_depth = verify_depth;
757 f9ab77a8 2023-08-23 op tls_config_prefer_ciphers_client(struct tls_config *config)
759 f9ab77a8 2023-08-23 op config->ciphers_server = 0;
763 f9ab77a8 2023-08-23 op tls_config_prefer_ciphers_server(struct tls_config *config)
765 f9ab77a8 2023-08-23 op config->ciphers_server = 1;
769 f9ab77a8 2023-08-23 op tls_config_insecure_noverifycert(struct tls_config *config)
771 f9ab77a8 2023-08-23 op config->verify_cert = 0;
775 f9ab77a8 2023-08-23 op tls_config_insecure_noverifyname(struct tls_config *config)
777 f9ab77a8 2023-08-23 op config->verify_name = 0;
781 f9ab77a8 2023-08-23 op tls_config_insecure_noverifytime(struct tls_config *config)
783 f9ab77a8 2023-08-23 op config->verify_time = 0;
787 f9ab77a8 2023-08-23 op tls_config_verify(struct tls_config *config)
789 f9ab77a8 2023-08-23 op config->verify_cert = 1;
790 f9ab77a8 2023-08-23 op config->verify_name = 1;
791 f9ab77a8 2023-08-23 op config->verify_time = 1;
795 f9ab77a8 2023-08-23 op tls_config_ocsp_require_stapling(struct tls_config *config)
797 f9ab77a8 2023-08-23 op config->ocsp_require_stapling = 1;
801 f9ab77a8 2023-08-23 op tls_config_verify_client(struct tls_config *config)
803 f9ab77a8 2023-08-23 op config->verify_client = 1;
807 f9ab77a8 2023-08-23 op tls_config_verify_client_optional(struct tls_config *config)
809 f9ab77a8 2023-08-23 op config->verify_client = 2;
813 f9ab77a8 2023-08-23 op tls_config_skip_private_key_check(struct tls_config *config)
815 f9ab77a8 2023-08-23 op config->skip_private_key_check = 1;
819 f9ab77a8 2023-08-23 op tls_config_use_fake_private_key(struct tls_config *config)
821 f9ab77a8 2023-08-23 op config->use_fake_private_key = 1;
822 f9ab77a8 2023-08-23 op config->skip_private_key_check = 1;
826 f9ab77a8 2023-08-23 op tls_config_set_ocsp_staple_file(struct tls_config *config, const char *staple_file)
828 f9ab77a8 2023-08-23 op return tls_keypair_set_ocsp_staple_file(config->keypair, &config->error,
829 f9ab77a8 2023-08-23 op staple_file);
833 f9ab77a8 2023-08-23 op tls_config_set_ocsp_staple_mem(struct tls_config *config, const uint8_t *staple,
836 f9ab77a8 2023-08-23 op return tls_keypair_set_ocsp_staple_mem(config->keypair, &config->error,
837 f9ab77a8 2023-08-23 op staple, len);
841 f9ab77a8 2023-08-23 op tls_config_set_session_id(struct tls_config *config,
842 f9ab77a8 2023-08-23 op const unsigned char *session_id, size_t len)
844 f9ab77a8 2023-08-23 op if (len > TLS_MAX_SESSION_ID_LENGTH) {
845 f9ab77a8 2023-08-23 op tls_config_set_errorx(config, "session ID too large");
848 f9ab77a8 2023-08-23 op memset(config->session_id, 0, sizeof(config->session_id));
849 f9ab77a8 2023-08-23 op memcpy(config->session_id, session_id, len);
854 f9ab77a8 2023-08-23 op tls_config_set_session_lifetime(struct tls_config *config, int lifetime)
856 f9ab77a8 2023-08-23 op if (lifetime > TLS_MAX_SESSION_TIMEOUT) {
857 f9ab77a8 2023-08-23 op tls_config_set_errorx(config, "session lifetime too large");
860 f9ab77a8 2023-08-23 op if (lifetime != 0 && lifetime < TLS_MIN_SESSION_TIMEOUT) {
861 f9ab77a8 2023-08-23 op tls_config_set_errorx(config, "session lifetime too small");
865 f9ab77a8 2023-08-23 op config->session_lifetime = lifetime;
870 f9ab77a8 2023-08-23 op tls_config_add_ticket_key(struct tls_config *config, uint32_t keyrev,
871 f9ab77a8 2023-08-23 op unsigned char *key, size_t keylen)
873 f9ab77a8 2023-08-23 op struct tls_ticket_key newkey;
876 f9ab77a8 2023-08-23 op if (TLS_TICKET_KEY_SIZE != keylen ||
877 f9ab77a8 2023-08-23 op sizeof(newkey.aes_key) + sizeof(newkey.hmac_key) > keylen) {
878 f9ab77a8 2023-08-23 op tls_config_set_errorx(config,
879 f9ab77a8 2023-08-23 op "wrong amount of ticket key data");
883 f9ab77a8 2023-08-23 op keyrev = htonl(keyrev);
884 f9ab77a8 2023-08-23 op memset(&newkey, 0, sizeof(newkey));
885 f9ab77a8 2023-08-23 op memcpy(newkey.key_name, &keyrev, sizeof(keyrev));
886 f9ab77a8 2023-08-23 op memcpy(newkey.aes_key, key, sizeof(newkey.aes_key));
887 f9ab77a8 2023-08-23 op memcpy(newkey.hmac_key, key + sizeof(newkey.aes_key),
888 f9ab77a8 2023-08-23 op sizeof(newkey.hmac_key));
889 f9ab77a8 2023-08-23 op newkey.time = time(NULL);
891 f9ab77a8 2023-08-23 op for (i = 0; i < TLS_NUM_TICKETS; i++) {
892 f9ab77a8 2023-08-23 op struct tls_ticket_key *tk = &config->ticket_keys[i];
893 f9ab77a8 2023-08-23 op if (memcmp(newkey.key_name, tk->key_name,
894 f9ab77a8 2023-08-23 op sizeof(tk->key_name)) != 0)
897 f9ab77a8 2023-08-23 op /* allow re-entry of most recent key */
898 f9ab77a8 2023-08-23 op if (i == 0 && memcmp(newkey.aes_key, tk->aes_key,
899 f9ab77a8 2023-08-23 op sizeof(tk->aes_key)) == 0 && memcmp(newkey.hmac_key,
900 f9ab77a8 2023-08-23 op tk->hmac_key, sizeof(tk->hmac_key)) == 0)
902 f9ab77a8 2023-08-23 op tls_config_set_errorx(config, "ticket key already present");
906 f9ab77a8 2023-08-23 op memmove(&config->ticket_keys[1], &config->ticket_keys[0],
907 f9ab77a8 2023-08-23 op sizeof(config->ticket_keys) - sizeof(config->ticket_keys[0]));
908 f9ab77a8 2023-08-23 op config->ticket_keys[0] = newkey;
910 f9ab77a8 2023-08-23 op config->ticket_autorekey = 0;
916 f9ab77a8 2023-08-23 op tls_config_ticket_autorekey(struct tls_config *config)
918 f9ab77a8 2023-08-23 op unsigned char key[TLS_TICKET_KEY_SIZE];
921 f9ab77a8 2023-08-23 op arc4random_buf(key, sizeof(key));
922 f9ab77a8 2023-08-23 op rv = tls_config_add_ticket_key(config, config->ticket_keyrev++, key,
923 f9ab77a8 2023-08-23 op sizeof(key));
924 f9ab77a8 2023-08-23 op config->ticket_autorekey = 1;