# define EXIM_HAVE_ECDH
# endif
# if OPENSSL_VERSION_NUMBER >= 0x10002000L
-# if OPENSSL_VERSION_NUMBER < 0x10100000L
-# define EXIM_HAVE_OPENSSL_ECDH_AUTO
-# endif
# define EXIM_HAVE_OPENSSL_EC_NIST2NID
# endif
# endif
uschar *privatekey;
#ifndef DISABLE_OCSP
BOOL is_server;
+ STACK_OF(X509) *verify_stack; /* chain for verifying the proof */
union {
struct {
uschar *file;
} server;
struct {
X509_STORE *verify_store; /* non-null if status requested */
- STACK_OF(X509) *verify_stack;
BOOL verify_required;
} client;
} u_ocsp;
if (!X509_STORE_add_cert(client_static_cbinfo->u_ocsp.client.verify_store,
cert))
ERR_clear_error();
- sk_X509_push(client_static_cbinfo->u_ocsp.client.verify_stack, cert);
+ sk_X509_push(client_static_cbinfo->verify_stack, cert);
}
#endif
#ifndef DISABLE_EVENT
#endif
{
log_write(0, LOG_MAIN,
- "[%s] SSL verify error: certificate name mismatch: \"%s\"",
- tlsp == &tls_out ? deliver_host_address : sender_host_address,
- dn);
+ "[%s] SSL verify error: certificate name mismatch: "
+ "DN=\"%s\" H=\"%s\"",
+ deliver_host_address, dn, verify_cert_hostnames);
*calledp = TRUE;
if (!*optionalp)
{
if (!exp_curve || !*exp_curve)
return TRUE;
-# ifdef EXIM_HAVE_OPENSSL_ECDH_AUTO
-/* check if new enough library to support auto ECDH temp key parameter selection */
+/* "auto" needs to be handled carefully.
+ * OpenSSL < 1.0.2: we do not select anything, but fallback to primve256v1
+ * OpenSSL < 1.1.0: we have to call SSL_CTX_set_ecdh_auto
+ * (openss/ssl.h defines SSL_CTRL_SET_ECDH_AUTO)
+ * OpenSSL >= 1.1.0: we do not set anything, the libray does autoselection
+ * https://github.com/openssl/openssl/commit/fe6ef2472db933f01b59cad82aa925736935984b
+ */
if (Ustrcmp(exp_curve, "auto") == 0)
{
+#if OPENSSL_VERSION_NUMBER < 0x10002000L
+ DEBUG(D_tls) debug_printf(
+ "ECDH OpenSSL < 1.0.2: temp key parameter settings: overriding \"auto\" with \"prime256v1\"\n");
+ exp_curve = "prime256v1";
+#else
+# if defined SSL_CTRL_SET_ECDH_AUTO
DEBUG(D_tls) debug_printf(
- "ECDH temp key parameter settings: OpenSSL 1.2+ autoselection\n");
+ "ECDH OpenSSL 1.0.2+ temp key parameter settings: autoselection\n");
SSL_CTX_set_ecdh_auto(sctx, 1);
return TRUE;
+# else
+ DEBUG(D_tls) debug_printf(
+ "ECDH OpenSSL 1.1.0+ temp key parameter settings: default selection\n");
+ return TRUE;
+# endif
+#endif
}
-# endif
DEBUG(D_tls) debug_printf("ECDH: curve '%s'\n", exp_curve);
if ( (nid = OBJ_sn2nid (CCS exp_curve)) == NID_undef
/*************************************************
* Load OCSP information into state *
*************************************************/
-
-static STACK_OF(X509) *
-cert_stack_from_store(X509_STORE * store)
-{
-STACK_OF(X509_OBJECT) * roots= store->objs;
-STACK_OF(X509) * sk = sk_X509_new_null();
-int i;
-
-for(i = sk_X509_OBJECT_num(roots) - 1; i >= 0; i--)
- {
- X509_OBJECT * tmp_obj= sk_X509_OBJECT_value(roots, i);
- if(tmp_obj->type == X509_LU_X509)
- {
- X509 * x = tmp_obj->data.x509;
- sk_X509_push(sk, x);
- }
- }
-return sk;
-}
-
-static void
-cert_stack_free(STACK_OF(X509) * sk)
-{
-while (sk_X509_num(sk) > 0) (void) sk_X509_pop(sk);
-sk_X509_free(sk);
-}
-
-
-
/* Called to load the server OCSP response from the given file into memory, once
caller has determined this is needed. Checks validity. Debugs a message
if invalid.
OCSP_BASICRESP * basic_response;
OCSP_SINGLERESP * single_response;
ASN1_GENERALIZEDTIME * rev, * thisupd, * nextupd;
-X509_STORE * store;
STACK_OF(X509) * sk;
unsigned long verify_flags;
int status, reason, i;
goto bad;
}
-store = SSL_CTX_get_cert_store(sctx);
-sk = cert_stack_from_store(store);
+sk = cbinfo->verify_stack;
verify_flags = OCSP_NOVERIFY; /* check sigs, but not purpose */
/* May need to expose ability to adjust those flags?
when OCSP_NOVERIFY is set. The content from the wire
"basic_response" and a cert-stack "sk" are all that is used.
+We have a stack, loaded in setup_certs() if tls_verify_certificates
+was a file (not a directory, or "system"). It is unfortunate we
+cannot used the connection context store, as that would neatly
+handle the "system" case too, but there seems to be no library
+function for getting a stack from a store.
+[ In OpenSSL 1.1 - ? X509_STORE_CTX_get0_chain(ctx) ? ]
+We do not free the stack since it could be needed a second time for
+SNI handling.
+
Seperately we might try to replace using OCSP_basic_verify() - which seems to not
be a public interface into the OpenSSL library (there's no manual entry) -
But what with? We also use OCSP_basic_verify in the client stapling callback.
ERR_error_string(ERR_get_error(), ssl_errstring);
debug_printf("OCSP response verify failure: %s\n", US ssl_errstring);
}
- cert_stack_free(sk);
goto bad;
}
-cert_stack_free(sk);
/* Here's the simplifying assumption: there's only one response, for the
one certificate we use, and nothing for anything else in a chain. If this
DEBUG(D_tls) debug_printf(" - value unchanged, using existing values\n");
}
else
- {
ocsp_load_response(sctx, cbinfo, expanded);
- }
}
}
#endif
}
#endif
-rc = setup_certs(server_sni, tls_verify_certificates, tls_crl, NULL, FALSE, verify_callback_server);
-if (rc != OK) return SSL_TLSEXT_ERR_NOACK;
+if ((rc = setup_certs(server_sni, tls_verify_certificates, tls_crl, NULL, FALSE,
+ verify_callback_server)) != OK)
+ return SSL_TLSEXT_ERR_NOACK;
/* do this after setup_certs, because this can require the certs for verifying
OCSP information. */
/* Use the chain that verified the server cert to verify the stapled info */
/* DEBUG(D_tls) x509_store_dump_cert_s_names(cbinfo->u_ocsp.client.verify_store); */
- if ((i = OCSP_basic_verify(bs, cbinfo->u_ocsp.client.verify_stack,
+ if ((i = OCSP_basic_verify(bs, cbinfo->verify_stack,
cbinfo->u_ocsp.client.verify_store, 0)) <= 0)
{
tls_out.ocsp = OCSP_FAILED;
cbinfo->certificate = certificate;
cbinfo->privatekey = privatekey;
#ifndef DISABLE_OCSP
+cbinfo->verify_stack = NULL;
if ((cbinfo->is_server = host==NULL))
{
cbinfo->u_ocsp.server.file = ocsp_file;
cbinfo->u_ocsp.server.response = NULL;
}
else
- {
cbinfo->u_ocsp.client.verify_store = NULL;
- cbinfo->u_ocsp.client.verify_stack = NULL;
- }
#endif
cbinfo->dhparam = dhparam;
cbinfo->server_cipher_list = NULL;
if ((rc = tls_expand_session_files(*ctxp, cbinfo)) != OK)
return rc;
-/* If we need to handle SNI, do so */
+/* If we need to handle SNI or OCSP, do so */
+
#ifdef EXIM_HAVE_OPENSSL_TLSEXT
+# ifndef DISABLE_OCSP
+ if (!(cbinfo->verify_stack = sk_X509_new_null()))
+ {
+ DEBUG(D_tls) debug_printf("failed to create stack for stapling verify\n");
+ return FAIL;
+ }
+# endif
+
if (host == NULL) /* server */
{
# ifndef DISABLE_OCSP
DEBUG(D_tls) debug_printf("failed to create store for stapling verify\n");
return FAIL;
}
- if (!(cbinfo->u_ocsp.client.verify_stack = sk_X509_new_null()))
- {
- DEBUG(D_tls) debug_printf("failed to create stack for stapling verify\n");
- return FAIL;
- }
SSL_CTX_set_tlsext_status_cb(*ctxp, tls_client_stapling_cb);
SSL_CTX_set_tlsext_status_arg(*ctxp, cbinfo);
}
* Set up for verifying certificates *
*************************************************/
+/* Load certs from file, return TRUE on success */
+
+static BOOL
+chain_from_pem_file(const uschar * file, STACK_OF(X509) * verify_stack)
+{
+BIO * bp;
+X509 * x;
+
+if (!(bp = BIO_new_file(CS file, "r"))) return FALSE;
+while ((x = PEM_read_bio_X509(bp, NULL, 0, NULL)))
+ sk_X509_push(verify_stack, x);
+BIO_free(bp);
+return TRUE;
+}
+
+
+
/* Called by both client and server startup
Arguments:
if ((statbuf.st_mode & S_IFMT) == S_IFDIR)
{ file = NULL; dir = expcerts; }
else
- { file = expcerts; dir = NULL; }
+ {
+ file = expcerts; dir = NULL;
+#ifndef DISABLE_OCSP
+ /* In the server if we will be offering an OCSP proof, load chain from
+ file for verifying the OCSP proof at load time. */
+
+ if ( !host
+ && statbuf.st_size > 0
+ && server_static_cbinfo->u_ocsp.server.file
+ && !chain_from_pem_file(file, server_static_cbinfo->verify_stack)
+ )
+ {
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "failed to load cert hain from %s", file);
+ return DEFER;
+ }
+#endif
+ }
/* If a certificate file is empty, the next function fails with an
unhelpful error message. If we skip it, we get the correct behaviour (no
certificates are recognized, but the error message is still misleading (it
- says no certificate was supplied.) But this is better. */
+ says no certificate was supplied). But this is better. */
if ( (!file || statbuf.st_size > 0)
&& !SSL_CTX_load_verify_locations(sctx, CS file, CS dir))
tests, and also for general convenience, we turn underscores into hyphens here.
*/
-if (expciphers != NULL)
+if (expciphers)
{
- uschar *s = expciphers;
+ uschar * s = expciphers;
while (*s != 0) { if (*s == '_') *s = '-'; s++; }
DEBUG(D_tls) debug_printf("required ciphers: %s\n", expciphers);
if (!SSL_CTX_set_cipher_list(server_ctx, CS expciphers))
/* Prepare for new connection */
-if ((server_ssl = SSL_new(server_ctx)) == NULL) return tls_error(US"SSL_new", NULL, NULL);
+if (!(server_ssl = SSL_new(server_ctx))) return tls_error(US"SSL_new", NULL, NULL);
/* Warning: we used to SSL_clear(ssl) here, it was removed.
*
rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)
) if (rr->type == T_TLSA)
{
- uschar * p = rr->data;
+ const uschar * p = rr->data;
uint8_t usage, selector, mtype;
const char * mdname;
projects / exim.git / blobdiff