ssl.c 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840
  1. /*
  2. * Part of Very Secure FTPd
  3. * Licence: GPL v2. Note that this code interfaces with with the OpenSSL
  4. * libraries, so please read LICENSE where I give explicit permission to link
  5. * against the OpenSSL libraries.
  6. * Author: Chris Evans
  7. * ssl.c
  8. *
  9. * Routines to handle a SSL/TLS-based implementation of RFC 2228, i.e.
  10. * encryption.
  11. */
  12. #include "ssl.h"
  13. #include "session.h"
  14. #include "ftpcodes.h"
  15. #include "ftpcmdio.h"
  16. #include "defs.h"
  17. #include "str.h"
  18. #include "sysutil.h"
  19. #include "tunables.h"
  20. #include "utility.h"
  21. #include "builddefs.h"
  22. #include "logging.h"
  23. #ifdef VSF_BUILD_SSL
  24. #include <openssl/ssl.h>
  25. #include <openssl/err.h>
  26. #include <openssl/rand.h>
  27. #include <openssl/bio.h>
  28. #include <errno.h>
  29. #include <limits.h>
  30. static char* get_ssl_error();
  31. static SSL* get_ssl(struct vsf_session* p_sess, int fd);
  32. static int ssl_session_init(struct vsf_session* p_sess);
  33. static void setup_bio_callbacks();
  34. static long bio_callback(
  35. BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval);
  36. static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx);
  37. static int ssl_cert_digest(
  38. SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str);
  39. static void maybe_log_shutdown_state(struct vsf_session* p_sess);
  40. static void maybe_log_ssl_error_state(struct vsf_session* p_sess, int ret);
  41. static int ssl_read_common(struct vsf_session* p_sess,
  42. SSL* p_ssl,
  43. char* p_buf,
  44. unsigned int len,
  45. int (*p_ssl_func)(SSL*, void*, int));
  46. static int ssl_inited;
  47. static struct mystr debug_str;
  48. void
  49. ssl_init(struct vsf_session* p_sess)
  50. {
  51. if (!ssl_inited)
  52. {
  53. SSL_CTX* p_ctx;
  54. long options;
  55. int verify_option = 0;
  56. SSL_library_init();
  57. p_ctx = SSL_CTX_new(SSLv23_server_method());
  58. if (p_ctx == NULL)
  59. {
  60. die("SSL: could not allocate SSL context");
  61. }
  62. options = SSL_OP_ALL;
  63. if (!tunable_sslv2)
  64. {
  65. options |= SSL_OP_NO_SSLv2;
  66. }
  67. if (!tunable_sslv3)
  68. {
  69. options |= SSL_OP_NO_SSLv3;
  70. }
  71. if (!tunable_tlsv1)
  72. {
  73. options |= SSL_OP_NO_TLSv1;
  74. }
  75. SSL_CTX_set_options(p_ctx, options);
  76. if (tunable_rsa_cert_file)
  77. {
  78. const char* p_key = tunable_rsa_private_key_file;
  79. if (!p_key)
  80. {
  81. p_key = tunable_rsa_cert_file;
  82. }
  83. if (SSL_CTX_use_certificate_chain_file(p_ctx, tunable_rsa_cert_file) != 1)
  84. {
  85. die("SSL: cannot load RSA certificate");
  86. }
  87. if (SSL_CTX_use_PrivateKey_file(p_ctx, p_key, X509_FILETYPE_PEM) != 1)
  88. {
  89. die("SSL: cannot load RSA private key");
  90. }
  91. }
  92. if (tunable_dsa_cert_file)
  93. {
  94. const char* p_key = tunable_dsa_private_key_file;
  95. if (!p_key)
  96. {
  97. p_key = tunable_dsa_cert_file;
  98. }
  99. if (SSL_CTX_use_certificate_chain_file(p_ctx, tunable_dsa_cert_file) != 1)
  100. {
  101. die("SSL: cannot load DSA certificate");
  102. }
  103. if (SSL_CTX_use_PrivateKey_file(p_ctx, p_key, X509_FILETYPE_PEM) != 1)
  104. {
  105. die("SSL: cannot load DSA private key");
  106. }
  107. }
  108. if (tunable_ssl_ciphers &&
  109. SSL_CTX_set_cipher_list(p_ctx, tunable_ssl_ciphers) != 1)
  110. {
  111. die("SSL: could not set cipher list");
  112. }
  113. if (RAND_status() != 1)
  114. {
  115. die("SSL: RNG is not seeded");
  116. }
  117. {
  118. EC_KEY* key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
  119. if (key == NULL)
  120. {
  121. die("SSL: failed to get curve p256");
  122. }
  123. SSL_CTX_set_tmp_ecdh(p_ctx, key);
  124. EC_KEY_free(key);
  125. }
  126. if (tunable_ssl_request_cert)
  127. {
  128. verify_option |= SSL_VERIFY_PEER;
  129. }
  130. if (tunable_require_cert)
  131. {
  132. verify_option |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
  133. }
  134. if (verify_option)
  135. {
  136. SSL_CTX_set_verify(p_ctx, verify_option, ssl_verify_callback);
  137. if (tunable_ca_certs_file)
  138. {
  139. STACK_OF(X509_NAME)* p_names;
  140. if (!SSL_CTX_load_verify_locations(p_ctx, tunable_ca_certs_file, NULL))
  141. {
  142. die("SSL: could not load verify file");
  143. }
  144. p_names = SSL_load_client_CA_file(tunable_ca_certs_file);
  145. if (!p_names)
  146. {
  147. die("SSL: could not load client certs file");
  148. }
  149. SSL_CTX_set_client_CA_list(p_ctx, p_names);
  150. }
  151. }
  152. {
  153. static const char* p_ctx_id = "vsftpd";
  154. SSL_CTX_set_session_id_context(p_ctx, (void*) p_ctx_id,
  155. vsf_sysutil_strlen(p_ctx_id));
  156. }
  157. if (tunable_require_ssl_reuse)
  158. {
  159. /* Ensure cached session doesn't expire */
  160. SSL_CTX_set_timeout(p_ctx, INT_MAX);
  161. }
  162. p_sess->p_ssl_ctx = p_ctx;
  163. ssl_inited = 1;
  164. }
  165. }
  166. void
  167. ssl_control_handshake(struct vsf_session* p_sess)
  168. {
  169. if (!ssl_session_init(p_sess))
  170. {
  171. struct mystr err_str = INIT_MYSTR;
  172. str_alloc_text(&err_str, "Negotiation failed: ");
  173. /* Technically, we shouldn't leak such detailed error messages. */
  174. str_append_text(&err_str, get_ssl_error());
  175. vsf_cmdio_write_str(p_sess, FTP_TLS_FAIL, &err_str);
  176. vsf_sysutil_exit(1);
  177. }
  178. p_sess->control_use_ssl = 1;
  179. }
  180. void
  181. handle_auth(struct vsf_session* p_sess)
  182. {
  183. str_upper(&p_sess->ftp_arg_str);
  184. if (str_equal_text(&p_sess->ftp_arg_str, "TLS") ||
  185. str_equal_text(&p_sess->ftp_arg_str, "TLS-C") ||
  186. str_equal_text(&p_sess->ftp_arg_str, "SSL") ||
  187. str_equal_text(&p_sess->ftp_arg_str, "TLS-P"))
  188. {
  189. vsf_cmdio_write(p_sess, FTP_AUTHOK, "Proceed with negotiation.");
  190. ssl_control_handshake(p_sess);
  191. if (str_equal_text(&p_sess->ftp_arg_str, "SSL") ||
  192. str_equal_text(&p_sess->ftp_arg_str, "TLS-P"))
  193. {
  194. p_sess->data_use_ssl = 1;
  195. }
  196. }
  197. else
  198. {
  199. vsf_cmdio_write(p_sess, FTP_BADAUTH, "Unknown AUTH type.");
  200. }
  201. }
  202. void
  203. handle_pbsz(struct vsf_session* p_sess)
  204. {
  205. if (!p_sess->control_use_ssl)
  206. {
  207. vsf_cmdio_write(p_sess, FTP_BADPBSZ, "PBSZ needs a secure connection.");
  208. }
  209. else
  210. {
  211. vsf_cmdio_write(p_sess, FTP_PBSZOK, "PBSZ set to 0.");
  212. }
  213. }
  214. void
  215. handle_prot(struct vsf_session* p_sess)
  216. {
  217. str_upper(&p_sess->ftp_arg_str);
  218. if (!p_sess->control_use_ssl)
  219. {
  220. vsf_cmdio_write(p_sess, FTP_BADPROT, "PROT needs a secure connection.");
  221. }
  222. else if (str_equal_text(&p_sess->ftp_arg_str, "C"))
  223. {
  224. p_sess->data_use_ssl = 0;
  225. vsf_cmdio_write(p_sess, FTP_PROTOK, "PROT now Clear.");
  226. }
  227. else if (str_equal_text(&p_sess->ftp_arg_str, "P"))
  228. {
  229. p_sess->data_use_ssl = 1;
  230. vsf_cmdio_write(p_sess, FTP_PROTOK, "PROT now Private.");
  231. }
  232. else if (str_equal_text(&p_sess->ftp_arg_str, "S") ||
  233. str_equal_text(&p_sess->ftp_arg_str, "E"))
  234. {
  235. vsf_cmdio_write(p_sess, FTP_NOHANDLEPROT, "PROT not supported.");
  236. }
  237. else
  238. {
  239. vsf_cmdio_write(p_sess, FTP_NOSUCHPROT, "PROT not recognized.");
  240. }
  241. }
  242. int
  243. ssl_read(struct vsf_session* p_sess, void* p_ssl, char* p_buf, unsigned int len)
  244. {
  245. return ssl_read_common(p_sess, (SSL*) p_ssl, p_buf, len, SSL_read);
  246. }
  247. int
  248. ssl_peek(struct vsf_session* p_sess, void* p_ssl, char* p_buf, unsigned int len)
  249. {
  250. return ssl_read_common(p_sess, (SSL*) p_ssl, p_buf, len, SSL_peek);
  251. }
  252. static int
  253. ssl_read_common(struct vsf_session* p_sess,
  254. SSL* p_void_ssl,
  255. char* p_buf,
  256. unsigned int len,
  257. int (*p_ssl_func)(SSL*, void*, int))
  258. {
  259. int retval;
  260. int err;
  261. SSL* p_ssl = (SSL*) p_void_ssl;
  262. do
  263. {
  264. retval = (*p_ssl_func)(p_ssl, p_buf, len);
  265. err = SSL_get_error(p_ssl, retval);
  266. }
  267. while (retval < 0 && (err == SSL_ERROR_WANT_READ ||
  268. err == SSL_ERROR_WANT_WRITE));
  269. /* If we hit an EOF, make sure it was from the peer, not injected by the
  270. * attacker.
  271. */
  272. if (retval == 0 && SSL_get_shutdown(p_ssl) != SSL_RECEIVED_SHUTDOWN)
  273. {
  274. if (p_ssl == p_sess->p_control_ssl)
  275. {
  276. str_alloc_text(&debug_str, "Control");
  277. }
  278. else
  279. {
  280. str_alloc_text(&debug_str, "DATA");
  281. }
  282. str_append_text(&debug_str, " connection terminated without SSL shutdown.");
  283. if (p_ssl != p_sess->p_control_ssl)
  284. {
  285. str_append_text(&debug_str,
  286. " Buggy client! Integrity of upload cannot be asserted.");
  287. }
  288. vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
  289. if (tunable_strict_ssl_read_eof)
  290. {
  291. return -1;
  292. }
  293. }
  294. return retval;
  295. }
  296. int
  297. ssl_write(void* p_ssl, const char* p_buf, unsigned int len)
  298. {
  299. int retval;
  300. int err;
  301. do
  302. {
  303. retval = SSL_write((SSL*) p_ssl, p_buf, len);
  304. err = SSL_get_error((SSL*) p_ssl, retval);
  305. }
  306. while (retval < 0 && (err == SSL_ERROR_WANT_READ ||
  307. err == SSL_ERROR_WANT_WRITE));
  308. return retval;
  309. }
  310. int
  311. ssl_write_str(void* p_ssl, const struct mystr* p_str)
  312. {
  313. unsigned int len = str_getlen(p_str);
  314. int ret = SSL_write((SSL*) p_ssl, str_getbuf(p_str), len);
  315. if ((unsigned int) ret != len)
  316. {
  317. return -1;
  318. }
  319. return 0;
  320. }
  321. int
  322. ssl_read_into_str(struct vsf_session* p_sess, void* p_ssl, struct mystr* p_str)
  323. {
  324. unsigned int len = str_getlen(p_str);
  325. int ret = ssl_read(p_sess, p_ssl, (char*) str_getbuf(p_str), len);
  326. if (ret >= 0)
  327. {
  328. str_trunc(p_str, (unsigned int) ret);
  329. }
  330. else
  331. {
  332. str_empty(p_str);
  333. }
  334. return ret;
  335. }
  336. static void
  337. maybe_log_shutdown_state(struct vsf_session* p_sess)
  338. {
  339. if (tunable_debug_ssl)
  340. {
  341. int ret = SSL_get_shutdown(p_sess->p_data_ssl);
  342. str_alloc_text(&debug_str, "SSL shutdown state is: ");
  343. if (ret == 0)
  344. {
  345. str_append_text(&debug_str, "NONE");
  346. }
  347. else if (ret == SSL_SENT_SHUTDOWN)
  348. {
  349. str_append_text(&debug_str, "SSL_SENT_SHUTDOWN");
  350. }
  351. else if (ret == SSL_RECEIVED_SHUTDOWN)
  352. {
  353. str_append_text(&debug_str, "SSL_RECEIVED_SHUTDOWN");
  354. }
  355. else
  356. {
  357. str_append_ulong(&debug_str, ret);
  358. }
  359. vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
  360. }
  361. }
  362. static void
  363. maybe_log_ssl_error_state(struct vsf_session* p_sess, int ret)
  364. {
  365. if (tunable_debug_ssl)
  366. {
  367. str_alloc_text(&debug_str, "SSL ret: ");
  368. str_append_ulong(&debug_str, ret);
  369. str_append_text(&debug_str, ", SSL error: ");
  370. str_append_text(&debug_str, get_ssl_error());
  371. str_append_text(&debug_str, ", errno: ");
  372. str_append_ulong(&debug_str, errno);
  373. vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
  374. }
  375. }
  376. int
  377. ssl_data_close(struct vsf_session* p_sess)
  378. {
  379. int success = 1;
  380. SSL* p_ssl = p_sess->p_data_ssl;
  381. if (p_ssl)
  382. {
  383. int ret;
  384. maybe_log_shutdown_state(p_sess);
  385. /* Disable Nagle algorithm. We want the shutdown packet to be sent
  386. * immediately, there's nothing coming after.
  387. */
  388. vsf_sysutil_set_nodelay(SSL_get_fd(p_ssl));
  389. /* This is a mess. Ideally, when we're the sender, we'd like to get to the
  390. * SSL_RECEIVED_SHUTDOWN state to get a cryptographic guarantee that the
  391. * peer received all the data and shut the connection down cleanly. It
  392. * doesn't matter hugely apart from logging, but it's a nagging detail.
  393. * Unfortunately, no FTP client I found was able to get sends into that
  394. * state, so the best we can do is issue SSL_shutdown but not check the
  395. * errors / returns. At least this enables the receiver to be sure of the
  396. * integrity of the send in terms of unwanted truncation.
  397. */
  398. ret = SSL_shutdown(p_ssl);
  399. maybe_log_shutdown_state(p_sess);
  400. if (ret == 0)
  401. {
  402. ret = SSL_shutdown(p_ssl);
  403. maybe_log_shutdown_state(p_sess);
  404. if (ret != 1)
  405. {
  406. if (tunable_strict_ssl_write_shutdown)
  407. {
  408. success = 0;
  409. }
  410. maybe_log_shutdown_state(p_sess);
  411. maybe_log_ssl_error_state(p_sess, ret);
  412. }
  413. }
  414. else if (ret < 0)
  415. {
  416. if (tunable_strict_ssl_write_shutdown)
  417. {
  418. success = 0;
  419. }
  420. maybe_log_ssl_error_state(p_sess, ret);
  421. }
  422. SSL_free(p_ssl);
  423. p_sess->p_data_ssl = NULL;
  424. }
  425. return success;
  426. }
  427. int
  428. ssl_accept(struct vsf_session* p_sess, int fd)
  429. {
  430. /* SECURITY: data SSL connections don't have any auth on them as part of the
  431. * protocol. If a client sends an unfortunately optional client cert then
  432. * we can check for a match between the control and data connections.
  433. */
  434. SSL* p_ssl;
  435. int reused;
  436. if (p_sess->p_data_ssl != NULL)
  437. {
  438. die("p_data_ssl should be NULL.");
  439. }
  440. p_ssl = get_ssl(p_sess, fd);
  441. if (p_ssl == NULL)
  442. {
  443. return 0;
  444. }
  445. p_sess->p_data_ssl = p_ssl;
  446. setup_bio_callbacks(p_ssl);
  447. reused = SSL_session_reused(p_ssl);
  448. if (tunable_require_ssl_reuse && !reused)
  449. {
  450. str_alloc_text(&debug_str, "No SSL session reuse on data channel.");
  451. vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
  452. ssl_data_close(p_sess);
  453. return 0;
  454. }
  455. if (str_getlen(&p_sess->control_cert_digest) > 0)
  456. {
  457. static struct mystr data_cert_digest;
  458. if (!ssl_cert_digest(p_ssl, p_sess, &data_cert_digest))
  459. {
  460. str_alloc_text(&debug_str, "Missing cert on data channel.");
  461. vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
  462. ssl_data_close(p_sess);
  463. return 0;
  464. }
  465. if (str_strcmp(&p_sess->control_cert_digest, &data_cert_digest))
  466. {
  467. str_alloc_text(&debug_str, "DIFFERENT cert on data channel.");
  468. vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
  469. ssl_data_close(p_sess);
  470. return 0;
  471. }
  472. if (tunable_debug_ssl)
  473. {
  474. str_alloc_text(&debug_str, "Matching cert on data channel.");
  475. vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
  476. }
  477. }
  478. return 1;
  479. }
  480. void
  481. ssl_comm_channel_init(struct vsf_session* p_sess)
  482. {
  483. const struct vsf_sysutil_socketpair_retval retval =
  484. vsf_sysutil_unix_stream_socketpair();
  485. if (p_sess->ssl_consumer_fd != -1)
  486. {
  487. bug("ssl_consumer_fd active");
  488. }
  489. if (p_sess->ssl_slave_fd != -1)
  490. {
  491. bug("ssl_slave_fd active");
  492. }
  493. p_sess->ssl_consumer_fd = retval.socket_one;
  494. p_sess->ssl_slave_fd = retval.socket_two;
  495. }
  496. void
  497. ssl_comm_channel_set_consumer_context(struct vsf_session* p_sess)
  498. {
  499. if (p_sess->ssl_slave_fd == -1)
  500. {
  501. bug("ssl_slave_fd already closed");
  502. }
  503. vsf_sysutil_close(p_sess->ssl_slave_fd);
  504. p_sess->ssl_slave_fd = -1;
  505. }
  506. void
  507. ssl_comm_channel_set_producer_context(struct vsf_session* p_sess)
  508. {
  509. if (p_sess->ssl_consumer_fd == -1)
  510. {
  511. bug("ssl_consumer_fd already closed");
  512. }
  513. vsf_sysutil_close(p_sess->ssl_consumer_fd);
  514. p_sess->ssl_consumer_fd = -1;
  515. }
  516. static SSL*
  517. get_ssl(struct vsf_session* p_sess, int fd)
  518. {
  519. SSL* p_ssl = SSL_new(p_sess->p_ssl_ctx);
  520. if (p_ssl == NULL)
  521. {
  522. if (tunable_debug_ssl)
  523. {
  524. str_alloc_text(&debug_str, "SSL_new failed");
  525. vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
  526. }
  527. return NULL;
  528. }
  529. if (!SSL_set_fd(p_ssl, fd))
  530. {
  531. if (tunable_debug_ssl)
  532. {
  533. str_alloc_text(&debug_str, "SSL_set_fd failed");
  534. vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
  535. }
  536. SSL_free(p_ssl);
  537. return NULL;
  538. }
  539. if (SSL_accept(p_ssl) != 1)
  540. {
  541. const char* p_err = get_ssl_error();
  542. if (tunable_debug_ssl)
  543. {
  544. str_alloc_text(&debug_str, "SSL_accept failed: ");
  545. str_append_text(&debug_str, p_err);
  546. vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
  547. }
  548. /* The RFC is quite clear that we can just close the control channel
  549. * here.
  550. */
  551. die(p_err);
  552. }
  553. if (tunable_debug_ssl)
  554. {
  555. const char* p_ssl_version = SSL_get_cipher_version(p_ssl);
  556. const SSL_CIPHER* p_ssl_cipher = SSL_get_current_cipher(p_ssl);
  557. const char* p_cipher_name = SSL_CIPHER_get_name(p_ssl_cipher);
  558. X509* p_ssl_cert = SSL_get_peer_certificate(p_ssl);
  559. int reused = SSL_session_reused(p_ssl);
  560. str_alloc_text(&debug_str, "SSL version: ");
  561. str_append_text(&debug_str, p_ssl_version);
  562. str_append_text(&debug_str, ", SSL cipher: ");
  563. str_append_text(&debug_str, p_cipher_name);
  564. if (reused)
  565. {
  566. str_append_text(&debug_str, ", reused");
  567. }
  568. else
  569. {
  570. str_append_text(&debug_str, ", not reused");
  571. }
  572. if (p_ssl_cert != NULL)
  573. {
  574. str_append_text(&debug_str, ", CERT PRESENTED");
  575. X509_free(p_ssl_cert);
  576. }
  577. else
  578. {
  579. str_append_text(&debug_str, ", no cert");
  580. }
  581. vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
  582. }
  583. return p_ssl;
  584. }
  585. static int
  586. ssl_session_init(struct vsf_session* p_sess)
  587. {
  588. SSL* p_ssl = get_ssl(p_sess, VSFTP_COMMAND_FD);
  589. if (p_ssl == NULL)
  590. {
  591. return 0;
  592. }
  593. p_sess->p_control_ssl = p_ssl;
  594. (void) ssl_cert_digest(p_ssl, p_sess, &p_sess->control_cert_digest);
  595. setup_bio_callbacks(p_ssl);
  596. return 1;
  597. }
  598. static int
  599. ssl_cert_digest(SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str)
  600. {
  601. X509* p_cert = SSL_get_peer_certificate(p_ssl);
  602. unsigned int num_bytes = 0;
  603. if (p_cert == NULL)
  604. {
  605. return 0;
  606. }
  607. str_reserve(p_str, EVP_MAX_MD_SIZE);
  608. str_empty(p_str);
  609. str_rpad(p_str, EVP_MAX_MD_SIZE);
  610. if (!X509_digest(p_cert, EVP_sha256(), (unsigned char*) str_getbuf(p_str),
  611. &num_bytes))
  612. {
  613. die("X509_digest failed");
  614. }
  615. X509_free(p_cert);
  616. if (tunable_debug_ssl)
  617. {
  618. unsigned int i;
  619. str_alloc_text(&debug_str, "Cert digest:");
  620. for (i = 0; i < num_bytes; ++i)
  621. {
  622. str_append_char(&debug_str, ' ');
  623. str_append_ulong(
  624. &debug_str, (unsigned long) (unsigned char) str_get_char_at(p_str, i));
  625. }
  626. vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
  627. }
  628. str_trunc(p_str, num_bytes);
  629. return 1;
  630. }
  631. static char*
  632. get_ssl_error()
  633. {
  634. SSL_load_error_strings();
  635. return ERR_error_string(ERR_get_error(), NULL);
  636. }
  637. static void setup_bio_callbacks(SSL* p_ssl)
  638. {
  639. BIO* p_bio = SSL_get_rbio(p_ssl);
  640. BIO_set_callback(p_bio, bio_callback);
  641. p_bio = SSL_get_wbio(p_ssl);
  642. BIO_set_callback(p_bio, bio_callback);
  643. }
  644. static long
  645. bio_callback(
  646. BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long ret)
  647. {
  648. int retval = 0;
  649. int fd = 0;
  650. (void) p_arg;
  651. (void) argi;
  652. (void) argl;
  653. if (oper == (BIO_CB_READ | BIO_CB_RETURN) ||
  654. oper == (BIO_CB_WRITE | BIO_CB_RETURN))
  655. {
  656. retval = (int) ret;
  657. fd = BIO_get_fd(p_bio, NULL);
  658. }
  659. vsf_sysutil_check_pending_actions(kVSFSysUtilIO, retval, fd);
  660. return ret;
  661. }
  662. static int
  663. ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx)
  664. {
  665. (void) p_ctx;
  666. if (tunable_validate_cert)
  667. {
  668. return verify_ok;
  669. }
  670. return 1;
  671. }
  672. void
  673. ssl_add_entropy(struct vsf_session* p_sess)
  674. {
  675. /* Although each child does seem to have its different pool of entropy, I
  676. * don't trust the interaction of OpenSSL's opaque RAND API and fork(). So
  677. * throw a bit more in (only works on systems with /dev/urandom for now).
  678. */
  679. int ret = RAND_load_file("/dev/urandom", 16);
  680. if (ret != 16)
  681. {
  682. str_alloc_text(&debug_str, "Couldn't add extra OpenSSL entropy: ");
  683. str_append_ulong(&debug_str, (unsigned long) ret);
  684. vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str);
  685. }
  686. }
  687. #else /* VSF_BUILD_SSL */
  688. void
  689. ssl_init(struct vsf_session* p_sess)
  690. {
  691. (void) p_sess;
  692. die("SSL: ssl_enable is set but SSL support not compiled in");
  693. }
  694. void
  695. ssl_control_handshake(struct vsf_session* p_sess)
  696. {
  697. (void) p_sess;
  698. }
  699. void
  700. handle_auth(struct vsf_session* p_sess)
  701. {
  702. (void) p_sess;
  703. }
  704. void
  705. handle_pbsz(struct vsf_session* p_sess)
  706. {
  707. (void) p_sess;
  708. }
  709. void
  710. handle_prot(struct vsf_session* p_sess)
  711. {
  712. (void) p_sess;
  713. }
  714. int
  715. ssl_read(struct vsf_session* p_sess, void* p_ssl, char* p_buf, unsigned int len)
  716. {
  717. (void) p_sess;
  718. (void) p_ssl;
  719. (void) p_buf;
  720. (void) len;
  721. return -1;
  722. }
  723. int
  724. ssl_peek(struct vsf_session* p_sess, void* p_ssl, char* p_buf, unsigned int len)
  725. {
  726. (void) p_sess;
  727. (void) p_ssl;
  728. (void) p_buf;
  729. (void) len;
  730. return -1;
  731. }
  732. int
  733. ssl_write(void* p_ssl, const char* p_buf, unsigned int len)
  734. {
  735. (void) p_ssl;
  736. (void) p_buf;
  737. (void) len;
  738. return -1;
  739. }
  740. int
  741. ssl_write_str(void* p_ssl, const struct mystr* p_str)
  742. {
  743. (void) p_ssl;
  744. (void) p_str;
  745. return -1;
  746. }
  747. int
  748. ssl_accept(struct vsf_session* p_sess, int fd)
  749. {
  750. (void) p_sess;
  751. (void) fd;
  752. return -1;
  753. }
  754. int
  755. ssl_data_close(struct vsf_session* p_sess)
  756. {
  757. (void) p_sess;
  758. return 1;
  759. }
  760. void
  761. ssl_comm_channel_init(struct vsf_session* p_sess)
  762. {
  763. (void) p_sess;
  764. }
  765. void
  766. ssl_comm_channel_set_consumer_context(struct vsf_session* p_sess)
  767. {
  768. (void) p_sess;
  769. }
  770. void
  771. ssl_comm_channel_set_producer_context(struct vsf_session* p_sess)
  772. {
  773. (void) p_sess;
  774. }
  775. void
  776. ssl_add_entropy(struct vsf_session* p_sess)
  777. {
  778. (void) p_sess;
  779. }
  780. int
  781. ssl_read_into_str(struct vsf_session* p_sess, void* p_ssl, struct mystr* p_str)
  782. {
  783. (void) p_sess;
  784. (void) p_ssl;
  785. (void) p_str;
  786. return -1;
  787. }
  788. #endif /* VSF_BUILD_SSL */