mirror of https://github.com/aria2/aria2
351 lines
9.0 KiB
C++
351 lines
9.0 KiB
C++
/* <!-- copyright */
|
|
/*
|
|
* aria2 - The high speed download utility
|
|
*
|
|
* Copyright (C) 2013 Tatsuhiro Tsujikawa
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
|
*
|
|
* In addition, as a special exception, the copyright holders give
|
|
* permission to link the code of portions of this program with the
|
|
* OpenSSL library under certain conditions as described in each
|
|
* individual source file, and distribute linked combinations
|
|
* including the two.
|
|
* You must obey the GNU General Public License in all respects
|
|
* for all of the code used other than OpenSSL. If you modify
|
|
* file(s) with this exception, you may extend this exception to your
|
|
* version of the file(s), but you are not obligated to do so. If you
|
|
* do not wish to do so, delete this exception statement from your
|
|
* version. If you delete this exception statement from all source
|
|
* files in the program, then also delete it here.
|
|
*/
|
|
/* copyright --> */
|
|
#include "LibsslTLSSession.h"
|
|
|
|
#include <openssl/err.h>
|
|
#include <openssl/x509.h>
|
|
#include <openssl/x509v3.h>
|
|
|
|
#include "LogFactory.h"
|
|
#include "util.h"
|
|
#include "SocketCore.h"
|
|
|
|
namespace aria2 {
|
|
|
|
TLSSession* TLSSession::make(TLSContext* ctx)
|
|
{
|
|
return new OpenSSLTLSSession(static_cast<OpenSSLTLSContext*>(ctx));
|
|
}
|
|
|
|
OpenSSLTLSSession::OpenSSLTLSSession(OpenSSLTLSContext* tlsContext)
|
|
: ssl_(nullptr), tlsContext_(tlsContext), rv_(1)
|
|
{
|
|
}
|
|
|
|
OpenSSLTLSSession::~OpenSSLTLSSession()
|
|
{
|
|
if (ssl_) {
|
|
SSL_free(ssl_);
|
|
}
|
|
}
|
|
|
|
int OpenSSLTLSSession::init(sock_t sockfd)
|
|
{
|
|
ERR_clear_error();
|
|
ssl_ = SSL_new(tlsContext_->getSSLCtx());
|
|
if (!ssl_) {
|
|
return TLS_ERR_ERROR;
|
|
}
|
|
rv_ = SSL_set_fd(ssl_, sockfd);
|
|
if (rv_ == 0) {
|
|
return TLS_ERR_ERROR;
|
|
}
|
|
return TLS_ERR_OK;
|
|
}
|
|
|
|
int OpenSSLTLSSession::setSNIHostname(const std::string& hostname)
|
|
{
|
|
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
|
|
ERR_clear_error();
|
|
// TLS extensions: SNI. There is not documentation about the
|
|
// return code for this function (actually this is macro
|
|
// wrapping SSL_ctrl at the time of this writing).
|
|
SSL_set_tlsext_host_name(ssl_, hostname.c_str());
|
|
#endif // SSL_CTRL_SET_TLSEXT_HOSTNAME
|
|
return TLS_ERR_OK;
|
|
}
|
|
|
|
int OpenSSLTLSSession::closeConnection()
|
|
{
|
|
ERR_clear_error();
|
|
SSL_shutdown(ssl_);
|
|
// TODO handle return value
|
|
return TLS_ERR_OK;
|
|
}
|
|
|
|
int OpenSSLTLSSession::checkDirection()
|
|
{
|
|
int error = SSL_get_error(ssl_, rv_);
|
|
if (error == SSL_ERROR_WANT_WRITE) {
|
|
return TLS_WANT_WRITE;
|
|
}
|
|
else {
|
|
// TODO We ignore error other than SSL_ERR_WANT_READ here for now
|
|
return TLS_WANT_READ;
|
|
}
|
|
}
|
|
|
|
namespace {
|
|
bool wouldblock(SSL* ssl, int rv)
|
|
{
|
|
int error = SSL_get_error(ssl, rv);
|
|
return error == SSL_ERROR_WANT_READ || error == SSL_ERROR_WANT_WRITE;
|
|
}
|
|
} // namespace
|
|
|
|
ssize_t OpenSSLTLSSession::writeData(const void* data, size_t len)
|
|
{
|
|
ERR_clear_error();
|
|
rv_ = SSL_write(ssl_, data, len);
|
|
if (rv_ <= 0) {
|
|
if (wouldblock(ssl_, rv_)) {
|
|
return TLS_ERR_WOULDBLOCK;
|
|
}
|
|
else {
|
|
return TLS_ERR_ERROR;
|
|
}
|
|
}
|
|
else {
|
|
ssize_t ret = rv_;
|
|
rv_ = 1;
|
|
return ret;
|
|
}
|
|
}
|
|
|
|
ssize_t OpenSSLTLSSession::readData(void* data, size_t len)
|
|
{
|
|
ERR_clear_error();
|
|
rv_ = SSL_read(ssl_, data, len);
|
|
if (rv_ <= 0) {
|
|
if (wouldblock(ssl_, rv_)) {
|
|
return TLS_ERR_WOULDBLOCK;
|
|
}
|
|
|
|
if (rv_ == 0) {
|
|
auto err = SSL_get_error(ssl_, rv_);
|
|
|
|
if (err == SSL_ERROR_ZERO_RETURN) {
|
|
return 0;
|
|
}
|
|
}
|
|
|
|
return TLS_ERR_ERROR;
|
|
}
|
|
|
|
ssize_t ret = rv_;
|
|
rv_ = 1;
|
|
return ret;
|
|
}
|
|
|
|
int OpenSSLTLSSession::handshake(TLSVersion& version)
|
|
{
|
|
ERR_clear_error();
|
|
if (tlsContext_->getSide() == TLS_CLIENT) {
|
|
rv_ = SSL_connect(ssl_);
|
|
}
|
|
else {
|
|
rv_ = SSL_accept(ssl_);
|
|
}
|
|
if (rv_ <= 0) {
|
|
int sslError = SSL_get_error(ssl_, rv_);
|
|
switch (sslError) {
|
|
case SSL_ERROR_NONE:
|
|
case SSL_ERROR_WANT_X509_LOOKUP:
|
|
case SSL_ERROR_ZERO_RETURN:
|
|
// TODO Now assume we are doing non-blocking. Then above 2
|
|
// errors are OK.
|
|
break;
|
|
case SSL_ERROR_WANT_READ:
|
|
case SSL_ERROR_WANT_WRITE:
|
|
return TLS_ERR_WOULDBLOCK;
|
|
default:
|
|
return TLS_ERR_ERROR;
|
|
}
|
|
}
|
|
|
|
switch (SSL_version(ssl_)) {
|
|
case SSL3_VERSION:
|
|
version = TLS_PROTO_SSL3;
|
|
break;
|
|
|
|
#ifdef TLS1_VERSION
|
|
case TLS1_VERSION:
|
|
version = TLS_PROTO_TLS10;
|
|
break;
|
|
#endif // TLS1_VERSION
|
|
|
|
#ifdef TLS1_1_VERSION
|
|
case TLS1_1_VERSION:
|
|
version = TLS_PROTO_TLS11;
|
|
break;
|
|
#endif // TLS1_1_VERSION
|
|
|
|
#ifdef TLS1_2_VERSION
|
|
case TLS1_2_VERSION:
|
|
version = TLS_PROTO_TLS12;
|
|
break;
|
|
#endif // TLS1_2_VERSION
|
|
|
|
default:
|
|
version = TLS_PROTO_NONE;
|
|
break;
|
|
}
|
|
|
|
return TLS_ERR_OK;
|
|
}
|
|
|
|
int OpenSSLTLSSession::tlsConnect(const std::string& hostname,
|
|
TLSVersion& version,
|
|
std::string& handshakeErr)
|
|
{
|
|
handshakeErr = "";
|
|
int ret;
|
|
ret = handshake(version);
|
|
if (ret != TLS_ERR_OK) {
|
|
return ret;
|
|
}
|
|
if (tlsContext_->getSide() == TLS_CLIENT && tlsContext_->getVerifyPeer()) {
|
|
// verify peer
|
|
X509* peerCert = SSL_get_peer_certificate(ssl_);
|
|
if (!peerCert) {
|
|
handshakeErr = "certificate not found";
|
|
return TLS_ERR_ERROR;
|
|
}
|
|
std::unique_ptr<X509, decltype(&X509_free)> certDeleter(peerCert,
|
|
X509_free);
|
|
long verifyResult = SSL_get_verify_result(ssl_);
|
|
if (verifyResult != X509_V_OK) {
|
|
handshakeErr = X509_verify_cert_error_string(verifyResult);
|
|
return TLS_ERR_ERROR;
|
|
}
|
|
std::string commonName;
|
|
std::vector<std::string> dnsNames;
|
|
std::vector<std::string> ipAddrs;
|
|
GENERAL_NAMES* altNames;
|
|
altNames = reinterpret_cast<GENERAL_NAMES*>(
|
|
X509_get_ext_d2i(peerCert, NID_subject_alt_name, nullptr, NULL));
|
|
if (altNames) {
|
|
std::unique_ptr<GENERAL_NAMES, decltype(&GENERAL_NAMES_free)>
|
|
altNamesDeleter(altNames, GENERAL_NAMES_free);
|
|
size_t n = sk_GENERAL_NAME_num(altNames);
|
|
for (size_t i = 0; i < n; ++i) {
|
|
const GENERAL_NAME* altName = sk_GENERAL_NAME_value(altNames, i);
|
|
if (altName->type == GEN_DNS) {
|
|
const char* name =
|
|
reinterpret_cast<char*>(ASN1_STRING_data(altName->d.ia5));
|
|
if (!name) {
|
|
continue;
|
|
}
|
|
size_t len = ASN1_STRING_length(altName->d.ia5);
|
|
dnsNames.push_back(std::string(name, len));
|
|
}
|
|
else if (altName->type == GEN_IPADD) {
|
|
const unsigned char* ipAddr = altName->d.iPAddress->data;
|
|
if (!ipAddr) {
|
|
continue;
|
|
}
|
|
size_t len = altName->d.iPAddress->length;
|
|
ipAddrs.push_back(
|
|
std::string(reinterpret_cast<const char*>(ipAddr), len));
|
|
}
|
|
}
|
|
}
|
|
X509_NAME* subjectName = X509_get_subject_name(peerCert);
|
|
if (!subjectName) {
|
|
handshakeErr = "could not get X509 name object from the certificate.";
|
|
return TLS_ERR_ERROR;
|
|
}
|
|
int lastpos = -1;
|
|
while (1) {
|
|
lastpos =
|
|
X509_NAME_get_index_by_NID(subjectName, NID_commonName, lastpos);
|
|
if (lastpos == -1) {
|
|
break;
|
|
}
|
|
X509_NAME_ENTRY* entry = X509_NAME_get_entry(subjectName, lastpos);
|
|
unsigned char* out;
|
|
int outlen = ASN1_STRING_to_UTF8(&out, X509_NAME_ENTRY_get_data(entry));
|
|
if (outlen < 0) {
|
|
continue;
|
|
}
|
|
commonName.assign(&out[0], &out[outlen]);
|
|
OPENSSL_free(out);
|
|
break;
|
|
}
|
|
if (!net::verifyHostname(hostname, dnsNames, ipAddrs, commonName)) {
|
|
handshakeErr = "hostname does not match";
|
|
return TLS_ERR_ERROR;
|
|
}
|
|
}
|
|
|
|
return TLS_ERR_OK;
|
|
}
|
|
|
|
int OpenSSLTLSSession::tlsAccept(TLSVersion& version)
|
|
{
|
|
return handshake(version);
|
|
}
|
|
|
|
std::string OpenSSLTLSSession::getLastErrorString()
|
|
{
|
|
if (rv_ <= 0) {
|
|
int sslError = SSL_get_error(ssl_, rv_);
|
|
switch (sslError) {
|
|
case SSL_ERROR_NONE:
|
|
case SSL_ERROR_WANT_READ:
|
|
case SSL_ERROR_WANT_WRITE:
|
|
case SSL_ERROR_WANT_X509_LOOKUP:
|
|
case SSL_ERROR_ZERO_RETURN:
|
|
return "";
|
|
case SSL_ERROR_SYSCALL: {
|
|
int err = ERR_get_error();
|
|
if (err == 0) {
|
|
if (rv_ == 0) {
|
|
return "EOF was received";
|
|
}
|
|
else if (rv_ == -1) {
|
|
return "SSL I/O error";
|
|
}
|
|
else {
|
|
return "unknown syscall error";
|
|
}
|
|
}
|
|
else {
|
|
return ERR_error_string(err, nullptr);
|
|
}
|
|
}
|
|
case SSL_ERROR_SSL:
|
|
return "protocol error";
|
|
default:
|
|
return "unknown error";
|
|
}
|
|
}
|
|
else {
|
|
return "";
|
|
}
|
|
}
|
|
|
|
} // namespace aria2
|