1 /***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 * SPDX-License-Identifier: curl
22 *
23 ***************************************************************************/
24
25 #include "curl_setup.h"
26
27 #if defined(USE_HTTP3) && \
28 (defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_WOLFSSL))
29
30 #ifdef USE_OPENSSL
31 #include <openssl/err.h>
32 #include "vtls/openssl.h"
33 #elif defined(USE_GNUTLS)
34 #include <gnutls/abstract.h>
35 #include <gnutls/gnutls.h>
36 #include <gnutls/x509.h>
37 #include <gnutls/crypto.h>
38 #include <nettle/sha2.h>
39 #include "vtls/gtls.h"
40 #elif defined(USE_WOLFSSL)
41 #include <wolfssl/options.h>
42 #include <wolfssl/ssl.h>
43 #include <wolfssl/quic.h>
44 #include "vtls/wolfssl.h"
45 #endif
46
47 #include "urldata.h"
48 #include "curl_trc.h"
49 #include "cfilters.h"
50 #include "multiif.h"
51 #include "vtls/keylog.h"
52 #include "vtls/vtls.h"
53 #include "vquic-tls.h"
54
55 /* The last 3 #include files should be in this order */
56 #include "curl_printf.h"
57 #include "curl_memory.h"
58 #include "memdebug.h"
59
60 #ifndef ARRAYSIZE
61 #define ARRAYSIZE(A) (sizeof(A)/sizeof((A)[0]))
62 #endif
63
64 #if defined(USE_WOLFSSL)
65
66 #define QUIC_CIPHERS \
67 "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_" \
68 "POLY1305_SHA256:TLS_AES_128_CCM_SHA256"
69 #define QUIC_GROUPS "P-256:P-384:P-521"
70
71 #if defined(HAVE_SECRET_CALLBACK)
keylog_callback(const WOLFSSL * ssl,const char * line)72 static void keylog_callback(const WOLFSSL *ssl, const char *line)
73 {
74 (void)ssl;
75 Curl_tls_keylog_write_line(line);
76 }
77 #endif
78
wssl_init_ctx(struct curl_tls_ctx * ctx,struct Curl_cfilter * cf,struct Curl_easy * data,Curl_vquic_tls_ctx_setup * cb_setup,void * cb_user_data)79 static CURLcode wssl_init_ctx(struct curl_tls_ctx *ctx,
80 struct Curl_cfilter *cf,
81 struct Curl_easy *data,
82 Curl_vquic_tls_ctx_setup *cb_setup,
83 void *cb_user_data)
84 {
85 struct ssl_primary_config *conn_config;
86 CURLcode result = CURLE_FAILED_INIT;
87
88 conn_config = Curl_ssl_cf_get_primary_config(cf);
89 if(!conn_config) {
90 result = CURLE_FAILED_INIT;
91 goto out;
92 }
93
94 ctx->wssl.ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
95 if(!ctx->wssl.ctx) {
96 result = CURLE_OUT_OF_MEMORY;
97 goto out;
98 }
99
100 if(cb_setup) {
101 result = cb_setup(cf, data, cb_user_data);
102 if(result)
103 goto out;
104 }
105
106 wolfSSL_CTX_set_default_verify_paths(ctx->wssl.ctx);
107
108 if(wolfSSL_CTX_set_cipher_list(ctx->wssl.ctx, conn_config->cipher_list13 ?
109 conn_config->cipher_list13 :
110 QUIC_CIPHERS) != 1) {
111 char error_buffer[256];
112 ERR_error_string_n(ERR_get_error(), error_buffer, sizeof(error_buffer));
113 failf(data, "wolfSSL failed to set ciphers: %s", error_buffer);
114 result = CURLE_BAD_FUNCTION_ARGUMENT;
115 goto out;
116 }
117
118 if(wolfSSL_CTX_set1_groups_list(ctx->wssl.ctx, conn_config->curves ?
119 conn_config->curves :
120 (char *)QUIC_GROUPS) != 1) {
121 failf(data, "wolfSSL failed to set curves");
122 result = CURLE_BAD_FUNCTION_ARGUMENT;
123 goto out;
124 }
125
126 /* Open the file if a TLS or QUIC backend has not done this before. */
127 Curl_tls_keylog_open();
128 if(Curl_tls_keylog_enabled()) {
129 #if defined(HAVE_SECRET_CALLBACK)
130 wolfSSL_CTX_set_keylog_callback(ctx->wssl.ctx, keylog_callback);
131 #else
132 failf(data, "wolfSSL was built without keylog callback");
133 result = CURLE_NOT_BUILT_IN;
134 goto out;
135 #endif
136 }
137
138 if(conn_config->verifypeer) {
139 const char * const ssl_cafile = conn_config->CAfile;
140 const char * const ssl_capath = conn_config->CApath;
141
142 wolfSSL_CTX_set_verify(ctx->wssl.ctx, SSL_VERIFY_PEER, NULL);
143 if(ssl_cafile || ssl_capath) {
144 /* tell wolfSSL where to find CA certificates that are used to verify
145 the server's certificate. */
146 int rc =
147 wolfSSL_CTX_load_verify_locations_ex(ctx->wssl.ctx, ssl_cafile,
148 ssl_capath,
149 WOLFSSL_LOAD_FLAG_IGNORE_ERR);
150 if(SSL_SUCCESS != rc) {
151 /* Fail if we insist on successfully verifying the server. */
152 failf(data, "error setting certificate verify locations:"
153 " CAfile: %s CApath: %s",
154 ssl_cafile ? ssl_cafile : "none",
155 ssl_capath ? ssl_capath : "none");
156 result = CURLE_SSL_CACERT_BADFILE;
157 goto out;
158 }
159 infof(data, " CAfile: %s", ssl_cafile ? ssl_cafile : "none");
160 infof(data, " CApath: %s", ssl_capath ? ssl_capath : "none");
161 }
162 #ifdef CURL_CA_FALLBACK
163 else {
164 /* verifying the peer without any CA certificates will not work so
165 use wolfSSL's built-in default as fallback */
166 wolfSSL_CTX_set_default_verify_paths(ctx->wssl.ctx);
167 }
168 #endif
169 }
170 else {
171 wolfSSL_CTX_set_verify(ctx->wssl.ctx, SSL_VERIFY_NONE, NULL);
172 }
173
174 /* give application a chance to interfere with SSL set up. */
175 if(data->set.ssl.fsslctx) {
176 Curl_set_in_callback(data, TRUE);
177 result = (*data->set.ssl.fsslctx)(data, ctx->wssl.ctx,
178 data->set.ssl.fsslctxp);
179 Curl_set_in_callback(data, FALSE);
180 if(result) {
181 failf(data, "error signaled by ssl ctx callback");
182 goto out;
183 }
184 }
185 result = CURLE_OK;
186
187 out:
188 if(result && ctx->wssl.ctx) {
189 SSL_CTX_free(ctx->wssl.ctx);
190 ctx->wssl.ctx = NULL;
191 }
192 return result;
193 }
194
195 /** SSL callbacks ***/
196
wssl_init_ssl(struct curl_tls_ctx * ctx,struct Curl_cfilter * cf,struct Curl_easy * data,struct ssl_peer * peer,const char * alpn,size_t alpn_len,void * user_data)197 static CURLcode wssl_init_ssl(struct curl_tls_ctx *ctx,
198 struct Curl_cfilter *cf,
199 struct Curl_easy *data,
200 struct ssl_peer *peer,
201 const char *alpn, size_t alpn_len,
202 void *user_data)
203 {
204 struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data);
205
206 DEBUGASSERT(!ctx->wssl.handle);
207 DEBUGASSERT(ctx->wssl.ctx);
208 ctx->wssl.handle = wolfSSL_new(ctx->wssl.ctx);
209
210 wolfSSL_set_app_data(ctx->wssl.handle, user_data);
211 wolfSSL_set_connect_state(ctx->wssl.handle);
212 wolfSSL_set_quic_use_legacy_codepoint(ctx->wssl.handle, 0);
213
214 if(alpn)
215 wolfSSL_set_alpn_protos(ctx->wssl.handle, (const unsigned char *)alpn,
216 (unsigned int)alpn_len);
217
218 if(peer->sni) {
219 wolfSSL_UseSNI(ctx->wssl.handle, WOLFSSL_SNI_HOST_NAME,
220 peer->sni, (unsigned short)strlen(peer->sni));
221 }
222
223 if(ssl_config->primary.cache_session) {
224 (void)wssl_setup_session(cf, data, &ctx->wssl, peer);
225 }
226
227 return CURLE_OK;
228 }
229 #endif /* defined(USE_WOLFSSL) */
230
Curl_vquic_tls_init(struct curl_tls_ctx * ctx,struct Curl_cfilter * cf,struct Curl_easy * data,struct ssl_peer * peer,const char * alpn,size_t alpn_len,Curl_vquic_tls_ctx_setup * cb_setup,void * cb_user_data,void * ssl_user_data)231 CURLcode Curl_vquic_tls_init(struct curl_tls_ctx *ctx,
232 struct Curl_cfilter *cf,
233 struct Curl_easy *data,
234 struct ssl_peer *peer,
235 const char *alpn, size_t alpn_len,
236 Curl_vquic_tls_ctx_setup *cb_setup,
237 void *cb_user_data, void *ssl_user_data)
238 {
239 CURLcode result;
240
241 #ifdef USE_OPENSSL
242 (void)result;
243 return Curl_ossl_ctx_init(&ctx->ossl, cf, data, peer, TRNSPRT_QUIC,
244 (const unsigned char *)alpn, alpn_len,
245 cb_setup, cb_user_data, NULL, ssl_user_data);
246 #elif defined(USE_GNUTLS)
247 (void)result;
248 return Curl_gtls_ctx_init(&ctx->gtls, cf, data, peer,
249 (const unsigned char *)alpn, alpn_len, NULL,
250 cb_setup, cb_user_data, ssl_user_data);
251 #elif defined(USE_WOLFSSL)
252 result = wssl_init_ctx(ctx, cf, data, cb_setup, cb_user_data);
253 if(result)
254 return result;
255
256 return wssl_init_ssl(ctx, cf, data, peer, alpn, alpn_len, ssl_user_data);
257 #else
258 #error "no TLS lib in used, should not happen"
259 return CURLE_FAILED_INIT;
260 #endif
261 }
262
Curl_vquic_tls_cleanup(struct curl_tls_ctx * ctx)263 void Curl_vquic_tls_cleanup(struct curl_tls_ctx *ctx)
264 {
265 #ifdef USE_OPENSSL
266 if(ctx->ossl.ssl)
267 SSL_free(ctx->ossl.ssl);
268 if(ctx->ossl.ssl_ctx)
269 SSL_CTX_free(ctx->ossl.ssl_ctx);
270 #elif defined(USE_GNUTLS)
271 if(ctx->gtls.session)
272 gnutls_deinit(ctx->gtls.session);
273 Curl_gtls_shared_creds_free(&ctx->gtls.shared_creds);
274 #elif defined(USE_WOLFSSL)
275 if(ctx->wssl.handle)
276 wolfSSL_free(ctx->wssl.handle);
277 if(ctx->wssl.ctx)
278 wolfSSL_CTX_free(ctx->wssl.ctx);
279 #endif
280 memset(ctx, 0, sizeof(*ctx));
281 }
282
Curl_vquic_tls_before_recv(struct curl_tls_ctx * ctx,struct Curl_cfilter * cf,struct Curl_easy * data)283 CURLcode Curl_vquic_tls_before_recv(struct curl_tls_ctx *ctx,
284 struct Curl_cfilter *cf,
285 struct Curl_easy *data)
286 {
287 #ifdef USE_OPENSSL
288 if(!ctx->ossl.x509_store_setup) {
289 CURLcode result = Curl_ssl_setup_x509_store(cf, data, ctx->ossl.ssl_ctx);
290 if(result)
291 return result;
292 ctx->ossl.x509_store_setup = TRUE;
293 }
294 #elif defined(USE_WOLFSSL)
295 if(!ctx->wssl.x509_store_setup) {
296 CURLcode result = Curl_wssl_setup_x509_store(cf, data, &ctx->wssl);
297 if(result)
298 return result;
299 }
300 #elif defined(USE_GNUTLS)
301 if(!ctx->gtls.shared_creds->trust_setup) {
302 CURLcode result = Curl_gtls_client_trust_setup(cf, data, &ctx->gtls);
303 if(result)
304 return result;
305 }
306 #else
307 (void)ctx; (void)cf; (void)data;
308 #endif
309 return CURLE_OK;
310 }
311
Curl_vquic_tls_verify_peer(struct curl_tls_ctx * ctx,struct Curl_cfilter * cf,struct Curl_easy * data,struct ssl_peer * peer)312 CURLcode Curl_vquic_tls_verify_peer(struct curl_tls_ctx *ctx,
313 struct Curl_cfilter *cf,
314 struct Curl_easy *data,
315 struct ssl_peer *peer)
316 {
317 struct ssl_primary_config *conn_config;
318 CURLcode result = CURLE_OK;
319
320 conn_config = Curl_ssl_cf_get_primary_config(cf);
321 if(!conn_config)
322 return CURLE_FAILED_INIT;
323
324 #ifdef USE_OPENSSL
325 (void)conn_config;
326 result = Curl_oss_check_peer_cert(cf, data, &ctx->ossl, peer);
327 #elif defined(USE_GNUTLS)
328 if(conn_config->verifyhost) {
329 result = Curl_gtls_verifyserver(data, ctx->gtls.session,
330 conn_config, &data->set.ssl, peer,
331 data->set.str[STRING_SSL_PINNEDPUBLICKEY]);
332 if(result)
333 return result;
334 }
335 #elif defined(USE_WOLFSSL)
336 (void)data;
337 if(conn_config->verifyhost) {
338 if(peer->sni) {
339 WOLFSSL_X509* cert = wolfSSL_get_peer_certificate(ctx->wssl.handle);
340 if(wolfSSL_X509_check_host(cert, peer->sni, strlen(peer->sni), 0, NULL)
341 == WOLFSSL_FAILURE) {
342 result = CURLE_PEER_FAILED_VERIFICATION;
343 }
344 wolfSSL_X509_free(cert);
345 }
346
347 }
348 #endif
349 return result;
350 }
351
352
353 #endif /* !USE_HTTP3 && (USE_OPENSSL || USE_GNUTLS || USE_WOLFSSL) */
354
