webcit/crypto.c

   1 // Copyright (c) 1996-2021 by the citadel.org team
   2 //
   3 // This program is open source software.  You can redistribute it and/or
   4 // modify it under the terms of the GNU General Public License, version 3.
   5 //
   6 // This program is distributed in the hope that it will be useful,
   7 // but WITHOUT ANY WARRANTY; without even the implied warranty of
   8 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   9 // GNU General Public License for more details.
  10
  11 #include "sysdep.h"
  12 #ifdef HAVE_OPENSSL
  13
  14 #include "webcit.h"
  15 #include "webserver.h"
  16
  17
  18 SSL_CTX *ssl_ctx;               // Global SSL context
  19 char *ssl_cipher_list = DEFAULT_SSL_CIPHER_LIST;
  20
  21 pthread_key_t ThreadSSL;        // Per-thread SSL context
  22
  23 void shutdown_ssl(void) {
  24         ERR_free_strings();
  25 }
  26
  27
  28 // initialize ssl engine, load certs and initialize openssl internals
  29 void init_ssl(void) {
  30         const SSL_METHOD *ssl_method;
  31
  32 #ifndef OPENSSL_NO_EGD
  33         if (!access("/var/run/egd-pool", F_OK)) {
  34                 RAND_egd("/var/run/egd-pool");
  35         }
  36 #endif
  37
  38         if (!RAND_status()) {
  39                 syslog(LOG_WARNING, "PRNG not adequately seeded, won't do SSL/TLS");
  40                 return;
  41         }
  42
  43         // Initialize SSL transport layer
  44         SSL_library_init();
  45         SSL_load_error_strings();
  46         ssl_method = SSLv23_server_method();
  47         if (!(ssl_ctx = SSL_CTX_new(ssl_method))) {
  48                 syslog(LOG_WARNING, "SSL_CTX_new failed: %s", ERR_reason_error_string(ERR_get_error()));
  49                 return;
  50         }
  51
  52         syslog(LOG_INFO, "Requesting cipher list: %s", ssl_cipher_list);
  53         if (!(SSL_CTX_set_cipher_list(ssl_ctx, ssl_cipher_list))) {
  54                 syslog(LOG_WARNING, "SSL_CTX_set_cipher_list failed: %s", ERR_reason_error_string(ERR_get_error()));
  55                 return;
  56         }
  57
  58
  59         // Now try to bind to the key and certificate.
  60         // Note that we use SSL_CTX_use_certificate_chain_file() which allows
  61         // the certificate file to contain intermediate certificates.
  62
  63
  64         char *key_file[PATH_MAX];
  65         char *cert_file[PATH_MAX];
  66         snprintf(key_file, sizeof key_file, "%s/keys/citadel.key", ctdl_dir);
  67         snprintf(cert_file, sizeof key_file, "%s/keys/citadel.cer", ctdl_dir);
  68
  69         SSL_CTX_use_certificate_chain_file(ssl_ctx, cert_file);
  70         SSL_CTX_use_PrivateKey_file(ssl_ctx, key_file, SSL_FILETYPE_PEM);
  71
  72         if ( !SSL_CTX_check_private_key(ssl_ctx) ) {
  73                 syslog(LOG_WARNING, "crypto: cannot install certificate: %s", ERR_reason_error_string(ERR_get_error()));
  74         }
  75 }
  76
  77
  78 // starts SSL/TLS encryption for the current session.
  79 int starttls(int sock) {
  80         int retval, bits, alg_bits;
  81         SSL *newssl;
  82
  83         pthread_setspecific(ThreadSSL, NULL);
  84
  85         if (!ssl_ctx) {
  86                 return(1);
  87         }
  88         if (!(newssl = SSL_new(ssl_ctx))) {
  89                 syslog(LOG_WARNING, "SSL_new failed: %s", ERR_reason_error_string(ERR_get_error()));
  90                 return(2);
  91         }
  92         if (!(SSL_set_fd(newssl, sock))) {
  93                 syslog(LOG_WARNING, "SSL_set_fd failed: %s", ERR_reason_error_string(ERR_get_error()));
  94                 SSL_free(newssl);
  95                 return(3);
  96         }
  97         retval = SSL_accept(newssl);
  98         if (retval < 1) {
  99                 // Can't notify the client of an error here; they will
 100                 // discover the problem at the SSL layer and should
 101                 // revert to unencrypted communications.
 102                 long errval;
 103                 const char *ssl_error_reason = NULL;
 104
 105                 errval = SSL_get_error(newssl, retval);
 106                 ssl_error_reason = ERR_reason_error_string(ERR_get_error());
 107                 if (ssl_error_reason == NULL) {
 108                         syslog(LOG_WARNING, "first SSL_accept failed: errval=%ld, retval=%d %s", errval, retval, strerror(errval));
 109                 }
 110                 else {
 111                         syslog(LOG_WARNING, "first SSL_accept failed: %s", ssl_error_reason);
 112                 }
 113                 // sleeeeeeeeeep(1);
 114                 // retval = SSL_accept(newssl);
 115         }
 116         // if (retval < 1) {
 117                 // long errval;
 118                 // const char *ssl_error_reason = NULL;
 119 //
 120                 // errval = SSL_get_error(newssl, retval);
 121                 // ssl_error_reason = ERR_reason_error_string(ERR_get_error());
 122                 // if (ssl_error_reason == NULL) {
 123                         // syslog(LOG_WARNING, "second SSL_accept failed: errval=%ld, retval=%d (%s)", errval, retval, strerror(errval));
 124                 // }
 125                 // else {
 126                         // syslog(LOG_WARNING, "second SSL_accept failed: %s", ssl_error_reason);
 127                 // }
 128                 // SSL_free(newssl);
 129                 // newssl = NULL;
 130                 // return(4);
 131         // }
 132         else {
 133                 syslog(LOG_INFO, "SSL_accept success");
 134         }
 135         /*r = */BIO_set_close(SSL_get_rbio(newssl), BIO_NOCLOSE);
 136         bits = SSL_CIPHER_get_bits(SSL_get_current_cipher(newssl), &alg_bits);
 137         syslog(LOG_INFO, "SSL/TLS using %s on %s (%d of %d bits)",
 138                 SSL_CIPHER_get_name(SSL_get_current_cipher(newssl)),
 139                 SSL_CIPHER_get_version(SSL_get_current_cipher(newssl)),
 140                 bits, alg_bits);
 141
 142         pthread_setspecific(ThreadSSL, newssl);
 143         syslog(LOG_INFO, "SSL started");
 144         return(0);
 145 }
 146
 147
 148 // shuts down the TLS connection
 149 //
 150 // WARNING:  This may make your session vulnerable to a known plaintext
 151 // attack in the current implmentation.
 152 void endtls(void) {
 153
 154         if (THREADSSL == NULL) {
 155                 return;
 156         }
 157
 158         syslog(LOG_INFO, "Ending SSL/TLS");
 159         SSL_shutdown(THREADSSL);
 160         SSL_get_SSL_CTX(THREADSSL);
 161         SSL_free(THREADSSL);
 162         pthread_setspecific(ThreadSSL, NULL);
 163 }
 164
 165
 166 // Send binary data to the client encrypted.
 167 int client_write_ssl(const StrBuf *Buf) {
 168         const char *buf;
 169         int retval;
 170         int nremain;
 171         long nbytes;
 172         char junk[1];
 173
 174         if (THREADSSL == NULL) return -1;
 175
 176         nbytes = nremain = StrLength(Buf);
 177         buf = ChrPtr(Buf);
 178
 179         while (nremain > 0) {
 180                 if (SSL_want_write(THREADSSL)) {
 181                         if ((SSL_read(THREADSSL, junk, 0)) < 1) {
 182                                 syslog(LOG_WARNING, "SSL_read in client_write: %s", ERR_reason_error_string(ERR_get_error()));
 183                         }
 184                 }
 185                 retval = SSL_write(THREADSSL, &buf[nbytes - nremain], nremain);
 186                 if (retval < 1) {
 187                         long errval;
 188
 189                         errval = SSL_get_error(THREADSSL, retval);
 190                         if (errval == SSL_ERROR_WANT_READ || errval == SSL_ERROR_WANT_WRITE) {
 191                                 sleeeeeeeeeep(1);
 192                                 continue;
 193                         }
 194                         syslog(LOG_WARNING, "SSL_write got error %ld, ret %d", errval, retval);
 195                         if (retval == -1) {
 196                                 syslog(LOG_WARNING, "errno is %d\n", errno);
 197                         }
 198                         endtls();
 199                         return -1;
 200                 }
 201                 nremain -= retval;
 202         }
 203         return 0;
 204 }
 205
 206
 207 // read data from the encrypted layer.
 208 int client_read_sslbuffer(StrBuf *buf, int timeout) {
 209         char sbuf[16384];       // OpenSSL communicates in 16k blocks, so let's speak its native tongue.
 210         int rlen;
 211         char junk[1];
 212         SSL *pssl = THREADSSL;
 213
 214         if (pssl == NULL) return(-1);
 215
 216         while (1) {
 217                 if (SSL_want_read(pssl)) {
 218                         if ((SSL_write(pssl, junk, 0)) < 1) {
 219                                 syslog(LOG_WARNING, "SSL_write in client_read");
 220                         }
 221                 }
 222                 rlen = SSL_read(pssl, sbuf, sizeof(sbuf));
 223                 if (rlen < 1) {
 224                         long errval;
 225
 226                         errval = SSL_get_error(pssl, rlen);
 227                         if (errval == SSL_ERROR_WANT_READ || errval == SSL_ERROR_WANT_WRITE) {
 228                                 sleeeeeeeeeep(1);
 229                                 continue;
 230                         }
 231                         syslog(LOG_WARNING, "SSL_read got error %ld", errval);
 232                         endtls();
 233                         return (-1);
 234                 }
 235                 StrBufAppendBufPlain(buf, sbuf, rlen, 0);
 236                 return rlen;
 237         }
 238         return (0);
 239 }
 240
 241 #endif                          /* HAVE_OPENSSL */