1 /***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 * SPDX-License-Identifier: curl
22 *
23 ***************************************************************************/
24
25 #include "curl_setup.h"
26
27 #if defined(USE_HTTP3) && \
28 (defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_WOLFSSL))
29
30 #ifdef USE_OPENSSL
31 #include <openssl/err.h>
32 #include "vtls/openssl.h"
33 #elif defined(USE_GNUTLS)
34 #include <gnutls/abstract.h>
35 #include <gnutls/gnutls.h>
36 #include <gnutls/x509.h>
37 #include <gnutls/crypto.h>
38 #include <nettle/sha2.h>
39 #include "vtls/gtls.h"
40 #elif defined(USE_WOLFSSL)
41 #include <wolfssl/options.h>
42 #include <wolfssl/ssl.h>
43 #include <wolfssl/quic.h>
44 #include "vtls/wolfssl.h"
45 #endif
46
47 #include "urldata.h"
48 #include "curl_trc.h"
49 #include "cfilters.h"
50 #include "multiif.h"
51 #include "vtls/keylog.h"
52 #include "vtls/vtls.h"
53 #include "vquic-tls.h"
54
55 /* The last 3 #include files should be in this order */
56 #include "curl_printf.h"
57 #include "curl_memory.h"
58 #include "memdebug.h"
59
60 #ifndef ARRAYSIZE
61 #define ARRAYSIZE(A) (sizeof(A)/sizeof((A)[0]))
62 #endif
63
64 #if defined(USE_WOLFSSL)
65
66 #define QUIC_CIPHERS \
67 "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_" \
68 "POLY1305_SHA256:TLS_AES_128_CCM_SHA256"
69 #define QUIC_GROUPS "P-256:P-384:P-521"
70
71 #if defined(HAVE_SECRET_CALLBACK)
keylog_callback(const WOLFSSL * ssl,const char * line)72 static void keylog_callback(const WOLFSSL *ssl, const char *line)
73 {
74 (void)ssl;
75 Curl_tls_keylog_write_line(line);
76 }
77 #endif
78
Curl_wssl_init_ctx(struct curl_tls_ctx * ctx,struct Curl_cfilter * cf,struct Curl_easy * data,Curl_vquic_tls_ctx_setup * cb_setup,void * cb_user_data)79 static CURLcode Curl_wssl_init_ctx(struct curl_tls_ctx *ctx,
80 struct Curl_cfilter *cf,
81 struct Curl_easy *data,
82 Curl_vquic_tls_ctx_setup *cb_setup,
83 void *cb_user_data)
84 {
85 struct ssl_primary_config *conn_config;
86 CURLcode result = CURLE_FAILED_INIT;
87
88 conn_config = Curl_ssl_cf_get_primary_config(cf);
89 if(!conn_config) {
90 result = CURLE_FAILED_INIT;
91 goto out;
92 }
93
94 ctx->wssl.ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
95 if(!ctx->wssl.ctx) {
96 result = CURLE_OUT_OF_MEMORY;
97 goto out;
98 }
99
100 if(cb_setup) {
101 result = cb_setup(cf, data, cb_user_data);
102 if(result)
103 goto out;
104 }
105
106 wolfSSL_CTX_set_default_verify_paths(ctx->wssl.ctx);
107
108 if(wolfSSL_CTX_set_cipher_list(ctx->wssl.ctx, conn_config->cipher_list13 ?
109 conn_config->cipher_list13 :
110 QUIC_CIPHERS) != 1) {
111 char error_buffer[256];
112 ERR_error_string_n(ERR_get_error(), error_buffer, sizeof(error_buffer));
113 failf(data, "wolfSSL failed to set ciphers: %s", error_buffer);
114 result = CURLE_BAD_FUNCTION_ARGUMENT;
115 goto out;
116 }
117
118 if(wolfSSL_CTX_set1_groups_list(ctx->wssl.ctx, conn_config->curves ?
119 conn_config->curves :
120 (char *)QUIC_GROUPS) != 1) {
121 failf(data, "wolfSSL failed to set curves");
122 result = CURLE_BAD_FUNCTION_ARGUMENT;
123 goto out;
124 }
125
126 /* Open the file if a TLS or QUIC backend has not done this before. */
127 Curl_tls_keylog_open();
128 if(Curl_tls_keylog_enabled()) {
129 #if defined(HAVE_SECRET_CALLBACK)
130 wolfSSL_CTX_set_keylog_callback(ctx->wssl.ctx, keylog_callback);
131 #else
132 failf(data, "wolfSSL was built without keylog callback");
133 result = CURLE_NOT_BUILT_IN;
134 goto out;
135 #endif
136 }
137
138 if(conn_config->verifypeer) {
139 const char * const ssl_cafile = conn_config->CAfile;
140 const char * const ssl_capath = conn_config->CApath;
141
142 wolfSSL_CTX_set_verify(ctx->wssl.ctx, SSL_VERIFY_PEER, NULL);
143 if(ssl_cafile || ssl_capath) {
144 /* tell wolfSSL where to find CA certificates that are used to verify
145 the server's certificate. */
146 int rc =
147 wolfSSL_CTX_load_verify_locations_ex(ctx->wssl.ctx, ssl_cafile,
148 ssl_capath,
149 WOLFSSL_LOAD_FLAG_IGNORE_ERR);
150 if(SSL_SUCCESS != rc) {
151 /* Fail if we insist on successfully verifying the server. */
152 failf(data, "error setting certificate verify locations:"
153 " CAfile: %s CApath: %s",
154 ssl_cafile ? ssl_cafile : "none",
155 ssl_capath ? ssl_capath : "none");
156 result = CURLE_SSL_CACERT_BADFILE;
157 goto out;
158 }
159 infof(data, " CAfile: %s", ssl_cafile ? ssl_cafile : "none");
160 infof(data, " CApath: %s", ssl_capath ? ssl_capath : "none");
161 }
162 #ifdef CURL_CA_FALLBACK
163 else {
164 /* verifying the peer without any CA certificates will not work so
165 use wolfSSL's built-in default as fallback */
166 wolfSSL_CTX_set_default_verify_paths(ctx->wssl.ctx);
167 }
168 #endif
169 }
170 else {
171 wolfSSL_CTX_set_verify(ctx->wssl.ctx, SSL_VERIFY_NONE, NULL);
172 }
173
174 /* give application a chance to interfere with SSL set up. */
175 if(data->set.ssl.fsslctx) {
176 Curl_set_in_callback(data, true);
177 result = (*data->set.ssl.fsslctx)(data, ctx->wssl.ctx,
178 data->set.ssl.fsslctxp);
179 Curl_set_in_callback(data, false);
180 if(result) {
181 failf(data, "error signaled by ssl ctx callback");
182 goto out;
183 }
184 }
185 result = CURLE_OK;
186
187 out:
188 if(result && ctx->wssl.ctx) {
189 SSL_CTX_free(ctx->wssl.ctx);
190 ctx->wssl.ctx = NULL;
191 }
192 return result;
193 }
194
195 /** SSL callbacks ***/
196
Curl_wssl_init_ssl(struct curl_tls_ctx * ctx,struct Curl_easy * data,struct ssl_peer * peer,const char * alpn,size_t alpn_len,void * user_data)197 static CURLcode Curl_wssl_init_ssl(struct curl_tls_ctx *ctx,
198 struct Curl_easy *data,
199 struct ssl_peer *peer,
200 const char *alpn, size_t alpn_len,
201 void *user_data)
202 {
203 (void)data;
204 DEBUGASSERT(!ctx->wssl.handle);
205 DEBUGASSERT(ctx->wssl.ctx);
206 ctx->wssl.handle = wolfSSL_new(ctx->wssl.ctx);
207
208 wolfSSL_set_app_data(ctx->wssl.handle, user_data);
209 wolfSSL_set_connect_state(ctx->wssl.handle);
210 wolfSSL_set_quic_use_legacy_codepoint(ctx->wssl.handle, 0);
211
212 if(alpn)
213 wolfSSL_set_alpn_protos(ctx->wssl.handle, (const unsigned char *)alpn,
214 (unsigned int)alpn_len);
215
216 if(peer->sni) {
217 wolfSSL_UseSNI(ctx->wssl.handle, WOLFSSL_SNI_HOST_NAME,
218 peer->sni, (unsigned short)strlen(peer->sni));
219 }
220
221 return CURLE_OK;
222 }
223 #endif /* defined(USE_WOLFSSL) */
224
Curl_vquic_tls_init(struct curl_tls_ctx * ctx,struct Curl_cfilter * cf,struct Curl_easy * data,struct ssl_peer * peer,const char * alpn,size_t alpn_len,Curl_vquic_tls_ctx_setup * cb_setup,void * cb_user_data,void * ssl_user_data)225 CURLcode Curl_vquic_tls_init(struct curl_tls_ctx *ctx,
226 struct Curl_cfilter *cf,
227 struct Curl_easy *data,
228 struct ssl_peer *peer,
229 const char *alpn, size_t alpn_len,
230 Curl_vquic_tls_ctx_setup *cb_setup,
231 void *cb_user_data, void *ssl_user_data)
232 {
233 CURLcode result;
234
235 #ifdef USE_OPENSSL
236 (void)result;
237 return Curl_ossl_ctx_init(&ctx->ossl, cf, data, peer, TRNSPRT_QUIC,
238 (const unsigned char *)alpn, alpn_len,
239 cb_setup, cb_user_data, NULL, ssl_user_data);
240 #elif defined(USE_GNUTLS)
241 (void)result;
242 return Curl_gtls_ctx_init(&ctx->gtls, cf, data, peer,
243 (const unsigned char *)alpn, alpn_len,
244 cb_setup, cb_user_data, ssl_user_data);
245 #elif defined(USE_WOLFSSL)
246 result = Curl_wssl_init_ctx(ctx, cf, data, cb_setup, cb_user_data);
247 if(result)
248 return result;
249
250 return Curl_wssl_init_ssl(ctx, data, peer, alpn, alpn_len, ssl_user_data);
251 #else
252 #error "no TLS lib in used, should not happen"
253 return CURLE_FAILED_INIT;
254 #endif
255 }
256
Curl_vquic_tls_cleanup(struct curl_tls_ctx * ctx)257 void Curl_vquic_tls_cleanup(struct curl_tls_ctx *ctx)
258 {
259 #ifdef USE_OPENSSL
260 if(ctx->ossl.ssl)
261 SSL_free(ctx->ossl.ssl);
262 if(ctx->ossl.ssl_ctx)
263 SSL_CTX_free(ctx->ossl.ssl_ctx);
264 #elif defined(USE_GNUTLS)
265 if(ctx->gtls.session)
266 gnutls_deinit(ctx->gtls.session);
267 Curl_gtls_shared_creds_free(&ctx->gtls.shared_creds);
268 #elif defined(USE_WOLFSSL)
269 if(ctx->wssl.handle)
270 wolfSSL_free(ctx->wssl.handle);
271 if(ctx->wssl.ctx)
272 wolfSSL_CTX_free(ctx->wssl.ctx);
273 #endif
274 memset(ctx, 0, sizeof(*ctx));
275 }
276
Curl_vquic_tls_before_recv(struct curl_tls_ctx * ctx,struct Curl_cfilter * cf,struct Curl_easy * data)277 CURLcode Curl_vquic_tls_before_recv(struct curl_tls_ctx *ctx,
278 struct Curl_cfilter *cf,
279 struct Curl_easy *data)
280 {
281 #ifdef USE_OPENSSL
282 if(!ctx->ossl.x509_store_setup) {
283 CURLcode result = Curl_ssl_setup_x509_store(cf, data, ctx->ossl.ssl_ctx);
284 if(result)
285 return result;
286 ctx->ossl.x509_store_setup = TRUE;
287 }
288 #elif defined(USE_WOLFSSL)
289 if(!ctx->wssl.x509_store_setup) {
290 CURLcode result = Curl_wssl_setup_x509_store(cf, data, &ctx->wssl);
291 if(result)
292 return result;
293 }
294 #elif defined(USE_GNUTLS)
295 if(!ctx->gtls.shared_creds->trust_setup) {
296 CURLcode result = Curl_gtls_client_trust_setup(cf, data, &ctx->gtls);
297 if(result)
298 return result;
299 }
300 #else
301 (void)ctx; (void)cf; (void)data;
302 #endif
303 return CURLE_OK;
304 }
305
Curl_vquic_tls_verify_peer(struct curl_tls_ctx * ctx,struct Curl_cfilter * cf,struct Curl_easy * data,struct ssl_peer * peer)306 CURLcode Curl_vquic_tls_verify_peer(struct curl_tls_ctx *ctx,
307 struct Curl_cfilter *cf,
308 struct Curl_easy *data,
309 struct ssl_peer *peer)
310 {
311 struct ssl_primary_config *conn_config;
312 CURLcode result = CURLE_OK;
313
314 conn_config = Curl_ssl_cf_get_primary_config(cf);
315 if(!conn_config)
316 return CURLE_FAILED_INIT;
317
318 #ifdef USE_OPENSSL
319 (void)conn_config;
320 result = Curl_oss_check_peer_cert(cf, data, &ctx->ossl, peer);
321 #elif defined(USE_GNUTLS)
322 if(conn_config->verifyhost) {
323 result = Curl_gtls_verifyserver(data, ctx->gtls.session,
324 conn_config, &data->set.ssl, peer,
325 data->set.str[STRING_SSL_PINNEDPUBLICKEY]);
326 if(result)
327 return result;
328 }
329 #elif defined(USE_WOLFSSL)
330 (void)data;
331 if(conn_config->verifyhost) {
332 if(peer->sni) {
333 WOLFSSL_X509* cert = wolfSSL_get_peer_certificate(ctx->wssl.handle);
334 if(wolfSSL_X509_check_host(cert, peer->sni, strlen(peer->sni), 0, NULL)
335 == WOLFSSL_FAILURE) {
336 result = CURLE_PEER_FAILED_VERIFICATION;
337 }
338 wolfSSL_X509_free(cert);
339 }
340
341 }
342 #endif
343 return result;
344 }
345
346
347 #endif /* !USE_HTTP3 && (USE_OPENSSL || USE_GNUTLS || USE_WOLFSSL) */
348