1 /***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 * SPDX-License-Identifier: curl
22 *
23 ***************************************************************************/
24
25 #include "curl_setup.h"
26
27 #if defined(USE_HTTP3) && \
28 (defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_WOLFSSL))
29
30 #ifdef USE_OPENSSL
31 #include <openssl/err.h>
32 #include "vtls/openssl.h"
33 #elif defined(USE_GNUTLS)
34 #include <gnutls/abstract.h>
35 #include <gnutls/gnutls.h>
36 #include <gnutls/x509.h>
37 #include <gnutls/crypto.h>
38 #include <nettle/sha2.h>
39 #include "vtls/gtls.h"
40 #elif defined(USE_WOLFSSL)
41 #include <wolfssl/options.h>
42 #include <wolfssl/ssl.h>
43 #include <wolfssl/quic.h>
44 #include "vtls/wolfssl.h"
45 #endif
46
47 #include "urldata.h"
48 #include "curl_trc.h"
49 #include "cfilters.h"
50 #include "multiif.h"
51 #include "vtls/keylog.h"
52 #include "vtls/vtls.h"
53 #include "vtls/vtls_scache.h"
54 #include "vquic-tls.h"
55
56 /* The last 3 #include files should be in this order */
57 #include "curl_printf.h"
58 #include "curl_memory.h"
59 #include "memdebug.h"
60
61 #ifndef ARRAYSIZE
62 #define ARRAYSIZE(A) (sizeof(A)/sizeof((A)[0]))
63 #endif
64
65 #if defined(USE_WOLFSSL)
66
67 #define QUIC_CIPHERS \
68 "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_" \
69 "POLY1305_SHA256:TLS_AES_128_CCM_SHA256"
70 #define QUIC_GROUPS "P-256:P-384:P-521"
71
72 #if defined(HAVE_SECRET_CALLBACK)
keylog_callback(const WOLFSSL * ssl,const char * line)73 static void keylog_callback(const WOLFSSL *ssl, const char *line)
74 {
75 (void)ssl;
76 Curl_tls_keylog_write_line(line);
77 }
78 #endif
79
wssl_init_ctx(struct curl_tls_ctx * ctx,struct Curl_cfilter * cf,struct Curl_easy * data,Curl_vquic_tls_ctx_setup * cb_setup,void * cb_user_data)80 static CURLcode wssl_init_ctx(struct curl_tls_ctx *ctx,
81 struct Curl_cfilter *cf,
82 struct Curl_easy *data,
83 Curl_vquic_tls_ctx_setup *cb_setup,
84 void *cb_user_data)
85 {
86 struct ssl_primary_config *conn_config;
87 CURLcode result = CURLE_FAILED_INIT;
88
89 conn_config = Curl_ssl_cf_get_primary_config(cf);
90 if(!conn_config) {
91 result = CURLE_FAILED_INIT;
92 goto out;
93 }
94
95 ctx->wssl.ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
96 if(!ctx->wssl.ctx) {
97 result = CURLE_OUT_OF_MEMORY;
98 goto out;
99 }
100
101 if(cb_setup) {
102 result = cb_setup(cf, data, cb_user_data);
103 if(result)
104 goto out;
105 }
106
107 wolfSSL_CTX_set_default_verify_paths(ctx->wssl.ctx);
108
109 if(wolfSSL_CTX_set_cipher_list(ctx->wssl.ctx, conn_config->cipher_list13 ?
110 conn_config->cipher_list13 :
111 QUIC_CIPHERS) != 1) {
112 char error_buffer[256];
113 ERR_error_string_n(ERR_get_error(), error_buffer, sizeof(error_buffer));
114 failf(data, "wolfSSL failed to set ciphers: %s", error_buffer);
115 result = CURLE_BAD_FUNCTION_ARGUMENT;
116 goto out;
117 }
118
119 if(wolfSSL_CTX_set1_groups_list(ctx->wssl.ctx, conn_config->curves ?
120 conn_config->curves :
121 (char *)QUIC_GROUPS) != 1) {
122 failf(data, "wolfSSL failed to set curves");
123 result = CURLE_BAD_FUNCTION_ARGUMENT;
124 goto out;
125 }
126
127 /* Open the file if a TLS or QUIC backend has not done this before. */
128 Curl_tls_keylog_open();
129 if(Curl_tls_keylog_enabled()) {
130 #if defined(HAVE_SECRET_CALLBACK)
131 wolfSSL_CTX_set_keylog_callback(ctx->wssl.ctx, keylog_callback);
132 #else
133 failf(data, "wolfSSL was built without keylog callback");
134 result = CURLE_NOT_BUILT_IN;
135 goto out;
136 #endif
137 }
138
139 if(conn_config->verifypeer) {
140 const char * const ssl_cafile = conn_config->CAfile;
141 const char * const ssl_capath = conn_config->CApath;
142
143 wolfSSL_CTX_set_verify(ctx->wssl.ctx, SSL_VERIFY_PEER, NULL);
144 if(ssl_cafile || ssl_capath) {
145 /* tell wolfSSL where to find CA certificates that are used to verify
146 the server's certificate. */
147 int rc =
148 wolfSSL_CTX_load_verify_locations_ex(ctx->wssl.ctx, ssl_cafile,
149 ssl_capath,
150 WOLFSSL_LOAD_FLAG_IGNORE_ERR);
151 if(SSL_SUCCESS != rc) {
152 /* Fail if we insist on successfully verifying the server. */
153 failf(data, "error setting certificate verify locations:"
154 " CAfile: %s CApath: %s",
155 ssl_cafile ? ssl_cafile : "none",
156 ssl_capath ? ssl_capath : "none");
157 result = CURLE_SSL_CACERT_BADFILE;
158 goto out;
159 }
160 infof(data, " CAfile: %s", ssl_cafile ? ssl_cafile : "none");
161 infof(data, " CApath: %s", ssl_capath ? ssl_capath : "none");
162 }
163 #ifdef CURL_CA_FALLBACK
164 else {
165 /* verifying the peer without any CA certificates will not work so
166 use wolfSSL's built-in default as fallback */
167 wolfSSL_CTX_set_default_verify_paths(ctx->wssl.ctx);
168 }
169 #endif
170 }
171 else {
172 wolfSSL_CTX_set_verify(ctx->wssl.ctx, SSL_VERIFY_NONE, NULL);
173 }
174
175 /* give application a chance to interfere with SSL set up. */
176 if(data->set.ssl.fsslctx) {
177 Curl_set_in_callback(data, TRUE);
178 result = (*data->set.ssl.fsslctx)(data, ctx->wssl.ctx,
179 data->set.ssl.fsslctxp);
180 Curl_set_in_callback(data, FALSE);
181 if(result) {
182 failf(data, "error signaled by ssl ctx callback");
183 goto out;
184 }
185 }
186 result = CURLE_OK;
187
188 out:
189 if(result && ctx->wssl.ctx) {
190 SSL_CTX_free(ctx->wssl.ctx);
191 ctx->wssl.ctx = NULL;
192 }
193 return result;
194 }
195
196 /** SSL callbacks ***/
197
wssl_init_ssl(struct curl_tls_ctx * ctx,struct Curl_cfilter * cf,struct Curl_easy * data,struct ssl_peer * peer,const char * alpn,size_t alpn_len,void * user_data)198 static CURLcode wssl_init_ssl(struct curl_tls_ctx *ctx,
199 struct Curl_cfilter *cf,
200 struct Curl_easy *data,
201 struct ssl_peer *peer,
202 const char *alpn, size_t alpn_len,
203 void *user_data)
204 {
205 struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data);
206
207 DEBUGASSERT(!ctx->wssl.handle);
208 DEBUGASSERT(ctx->wssl.ctx);
209 ctx->wssl.handle = wolfSSL_new(ctx->wssl.ctx);
210
211 wolfSSL_set_app_data(ctx->wssl.handle, user_data);
212 wolfSSL_set_connect_state(ctx->wssl.handle);
213 wolfSSL_set_quic_use_legacy_codepoint(ctx->wssl.handle, 0);
214
215 if(alpn)
216 wolfSSL_set_alpn_protos(ctx->wssl.handle, (const unsigned char *)alpn,
217 (unsigned int)alpn_len);
218
219 if(peer->sni) {
220 wolfSSL_UseSNI(ctx->wssl.handle, WOLFSSL_SNI_HOST_NAME,
221 peer->sni, (unsigned short)strlen(peer->sni));
222 }
223
224 if(ssl_config->primary.cache_session) {
225 (void)Curl_wssl_setup_session(cf, data, &ctx->wssl, peer->scache_key);
226 }
227
228 return CURLE_OK;
229 }
230 #endif /* defined(USE_WOLFSSL) */
231
Curl_vquic_tls_init(struct curl_tls_ctx * ctx,struct Curl_cfilter * cf,struct Curl_easy * data,struct ssl_peer * peer,const char * alpn,size_t alpn_len,Curl_vquic_tls_ctx_setup * cb_setup,void * cb_user_data,void * ssl_user_data)232 CURLcode Curl_vquic_tls_init(struct curl_tls_ctx *ctx,
233 struct Curl_cfilter *cf,
234 struct Curl_easy *data,
235 struct ssl_peer *peer,
236 const char *alpn, size_t alpn_len,
237 Curl_vquic_tls_ctx_setup *cb_setup,
238 void *cb_user_data, void *ssl_user_data)
239 {
240 char tls_id[80];
241 CURLcode result;
242
243 #ifdef USE_OPENSSL
244 Curl_ossl_version(tls_id, sizeof(tls_id));
245 #elif defined(USE_GNUTLS)
246 Curl_gtls_version(tls_id, sizeof(tls_id));
247 #elif defined(USE_WOLFSSL)
248 Curl_wssl_version(tls_id, sizeof(tls_id));
249 #else
250 #error "no TLS lib in used, should not happen"
251 return CURLE_FAILED_INIT;
252 #endif
253 result = Curl_ssl_peer_init(peer, cf, tls_id, TRNSPRT_QUIC);
254 if(result)
255 return result;
256
257 #ifdef USE_OPENSSL
258 (void)result;
259 return Curl_ossl_ctx_init(&ctx->ossl, cf, data, peer,
260 (const unsigned char *)alpn, alpn_len,
261 cb_setup, cb_user_data, NULL, ssl_user_data);
262 #elif defined(USE_GNUTLS)
263 (void)result;
264 return Curl_gtls_ctx_init(&ctx->gtls, cf, data, peer,
265 (const unsigned char *)alpn, alpn_len, NULL,
266 cb_setup, cb_user_data, ssl_user_data);
267 #elif defined(USE_WOLFSSL)
268 result = wssl_init_ctx(ctx, cf, data, cb_setup, cb_user_data);
269 if(result)
270 return result;
271
272 return wssl_init_ssl(ctx, cf, data, peer, alpn, alpn_len, ssl_user_data);
273 #else
274 #error "no TLS lib in used, should not happen"
275 return CURLE_FAILED_INIT;
276 #endif
277 }
278
Curl_vquic_tls_cleanup(struct curl_tls_ctx * ctx)279 void Curl_vquic_tls_cleanup(struct curl_tls_ctx *ctx)
280 {
281 #ifdef USE_OPENSSL
282 if(ctx->ossl.ssl)
283 SSL_free(ctx->ossl.ssl);
284 if(ctx->ossl.ssl_ctx)
285 SSL_CTX_free(ctx->ossl.ssl_ctx);
286 #elif defined(USE_GNUTLS)
287 if(ctx->gtls.session)
288 gnutls_deinit(ctx->gtls.session);
289 Curl_gtls_shared_creds_free(&ctx->gtls.shared_creds);
290 #elif defined(USE_WOLFSSL)
291 if(ctx->wssl.handle)
292 wolfSSL_free(ctx->wssl.handle);
293 if(ctx->wssl.ctx)
294 wolfSSL_CTX_free(ctx->wssl.ctx);
295 #endif
296 memset(ctx, 0, sizeof(*ctx));
297 }
298
Curl_vquic_tls_before_recv(struct curl_tls_ctx * ctx,struct Curl_cfilter * cf,struct Curl_easy * data)299 CURLcode Curl_vquic_tls_before_recv(struct curl_tls_ctx *ctx,
300 struct Curl_cfilter *cf,
301 struct Curl_easy *data)
302 {
303 #ifdef USE_OPENSSL
304 if(!ctx->ossl.x509_store_setup) {
305 CURLcode result = Curl_ssl_setup_x509_store(cf, data, ctx->ossl.ssl_ctx);
306 if(result)
307 return result;
308 ctx->ossl.x509_store_setup = TRUE;
309 }
310 #elif defined(USE_WOLFSSL)
311 if(!ctx->wssl.x509_store_setup) {
312 CURLcode result = Curl_wssl_setup_x509_store(cf, data, &ctx->wssl);
313 if(result)
314 return result;
315 }
316 #elif defined(USE_GNUTLS)
317 if(!ctx->gtls.shared_creds->trust_setup) {
318 CURLcode result = Curl_gtls_client_trust_setup(cf, data, &ctx->gtls);
319 if(result)
320 return result;
321 }
322 #else
323 (void)ctx; (void)cf; (void)data;
324 #endif
325 return CURLE_OK;
326 }
327
Curl_vquic_tls_verify_peer(struct curl_tls_ctx * ctx,struct Curl_cfilter * cf,struct Curl_easy * data,struct ssl_peer * peer)328 CURLcode Curl_vquic_tls_verify_peer(struct curl_tls_ctx *ctx,
329 struct Curl_cfilter *cf,
330 struct Curl_easy *data,
331 struct ssl_peer *peer)
332 {
333 struct ssl_primary_config *conn_config;
334 CURLcode result = CURLE_OK;
335
336 conn_config = Curl_ssl_cf_get_primary_config(cf);
337 if(!conn_config)
338 return CURLE_FAILED_INIT;
339
340 #ifdef USE_OPENSSL
341 (void)conn_config;
342 result = Curl_oss_check_peer_cert(cf, data, &ctx->ossl, peer);
343 #elif defined(USE_GNUTLS)
344 if(conn_config->verifyhost) {
345 result = Curl_gtls_verifyserver(data, ctx->gtls.session,
346 conn_config, &data->set.ssl, peer,
347 data->set.str[STRING_SSL_PINNEDPUBLICKEY]);
348 if(result)
349 return result;
350 }
351 #elif defined(USE_WOLFSSL)
352 (void)data;
353 if(conn_config->verifyhost) {
354 if(peer->sni) {
355 WOLFSSL_X509* cert = wolfSSL_get_peer_certificate(ctx->wssl.handle);
356 if(wolfSSL_X509_check_host(cert, peer->sni, strlen(peer->sni), 0, NULL)
357 == WOLFSSL_FAILURE) {
358 result = CURLE_PEER_FAILED_VERIFICATION;
359 }
360 wolfSSL_X509_free(cert);
361 }
362
363 }
364 #endif
365 /* on error, remove any session we might have in the pool */
366 if(result)
367 Curl_ssl_scache_remove_all(cf, data, peer->scache_key);
368 return result;
369 }
370
371
372 #endif /* !USE_HTTP3 && (USE_OPENSSL || USE_GNUTLS || USE_WOLFSSL) */
373
