summaryrefslogtreecommitdiff
path: root/src/lib/libtls/tls.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Plug a long standing leak in libtls CRL handlingtb2022-02-081-2/+1
| | | | | | | | | X509_STORE_add_crl() does not take ownership of the CRL, it bumps its refcount. So nulling out the CRL from the stack will leak it. Issue reported by KS Sreeram, thanks! ok jsing
* Introduce a signer interface intented to make TLS privsep simplereric2022-01-251-1/+19
| | | | | | | | | | | | | | | | to implement. Add a tls_config_set_sign_cb() function that allows to register a callback for the signing operation on a tls_config. When used, the context installs fake pivate keys internally, and the callback receives the hash of the public key. Add a tls_signer_*() set of functions to manage tls_signer objects. A tls_signer is an opaque structure on which keys are added. It is used to compute signatures with private keys identified by their associated public key hash. Discussed with and ok jsing@ tb@
* Switch from X509_VERIFY_PARAM_set_flags() to X509_STORE_set_flags().tb2021-10-211-2/+2
| | | | | | This reduces the number of reacharounds into libcrypto internals. ok jsing
* Use *printf %d instead of %itb2021-10-211-2/+2
| | | | ok jsing
* Use SSL_CTX_get0_param() rather than reaching into the SSL_CTX.jsing2021-10-021-2/+2
|
* Use "EC/RSA key setup failure" to align error with otherstb2021-02-011-3/+3
| | | | ok eric jsing
* Move private key setup to a helper function with proper erroreric2021-01-261-10/+47
| | | | | | | checking. Only install the hash on the key if fake key is used, and do it for EC keys too. ok tb@ jsing@
* return -1 on error for consistencyeric2021-01-211-2/+2
| | | | ok tb@
* Allow setting a keypair on a tls context without specifying the privateeric2021-01-211-22/+62
| | | | | | | | key, and fake it internally with the certificate public key instead. It makes it easier for privsep engines like relayd that don't have to use bogus keys anymore. ok beck@ tb@ jsing@
* Clear SSL_MODE_AUTO_RETRY in libtls, since we handle WANT_POLLIN correctly.jsing2020-05-241-1/+3
|
* Add support for TLSv1.3 as a protocol to libtls.jsing2020-01-201-1/+4
| | | | | | | This makes tls_config_parse_protocols() recognise and handle "tlsv1.3". If TLSv1.3 is enabled libtls will also request libssl to enable it. ok beck@ tb@
* Add a mutex to guard reference counting for tls_config.jsing2019-04-011-1/+3
| | | | | | | | This makes libtls more friendly for multithreaded use - otherwise we can end up with incorrect refcounts and end up freeing when we should not be (or not freeing when we should be). ok beck@
* expose the default cert file as a function, not a define. it's reallytedu2018-11-291-2/+2
| | | | | | an internal detail of the library, so the string should live inside it, not in the application code. ok jsing
* Define TLS_CA_CERT_FILE rather than having every application create theirjsing2018-11-061-2/+2
| | | | | | own define for /etc/ssl/cert.pem. ok beck@ bluhm@ tb@
* Switch to OPENSSL_init_ssl() and prevent an openssl configuration file fromjsing2018-04-071-3/+2
| | | | | | being loaded behind our back, at a later point. ok beck@
* Automatically handle library initialisation for libtls.jsing2018-03-191-3/+2
| | | | | | | | | Now that we have tls_init() under pthread_once(), automatically initialise libtls from the entry point functions (tls_config(), tls_client() and tls_server()) - this makes an explicit tls_init() call no longer a requirement. ok bcook@ beck@ inoguchi@
* un-revert tls_init pthread_once change, now that stub is added so that ↵beck2018-03-081-12/+20
| | | | builds work
* backout. diff was not tested comprehensively, resulting in a broken tree.deraadt2018-03-071-20/+12
|
* Make tls_init() concurrently callable using pthread_once().beck2018-03-071-12/+20
| | | | | | | | | | | ok jsing@ This brings pthread_once usage into libressl, which will need to get dealt with correctly in portable. This sets us up to autoinit libtls, and we will also be using pthread_once to deal with autoinit stuff in libssl and libcrypto
* Move the keypair pubkey hash handling code to during config.jsing2018-02-101-4/+29
| | | | | | | | | | | | | | The keypair pubkey hash was being generated and set in the keypair when the TLS context was being configured. This code should not be messing around with the keypair contents, since it is part of the config (and not the context). Instead, generate the pubkey hash and store it in the keypair when the certificate is configured. This means that we are guaranteed to have the pubkey hash and as a side benefit, we identify bad certificate content when it is provided, instead of during the context configuration. ok beck@
* Have tls_keypair_pubkey_hash() call tls_keypair_load_cert() instead ofjsing2018-02-081-2/+3
| | | | | rolling its own certificate loading. This also means we get better error reporting on failure.
* Move tls_keypair_pubkey_hash() to the keypair file.jsing2018-02-081-41/+1
|
* Avoid a memory leak that results when the same tls_config is reused.jsing2018-02-081-1/+4
| | | | Reported by and fix from Nate Bessette <openbsd at nate dot sh> - thanks.
* Keep track of which keypair is in use by a TLS context.jsing2017-09-201-1/+4
| | | | | | | | | | This fixes a bug where by a TLS server with SNI would always only return the OCSP staple for the default keypair, rather than returning the OCSP staple associated with the keypair that was selected via SNI. Issue reported by William Graeber and confirmed by Andreas Bartelt. Fix tested by William Graeber and Andreas Bartelt - thanks!
* Fix unchecked return nitbeck2017-08-281-2/+5
| | | | ok bcook@ jsing@
* Don't use tls_cert_hash for the hashing used by the engine offloading magicclaudio2017-08-091-7/+20
| | | | | | | | for the TLS privsep code. Instead use X509_pubkey_digest() because only the key should be used as identifier. Relayd is rewriting certificates and then the hash would change. Rename the hash is struct tls_keypair to pubkey_hash to make clear what this hash is about. With input and OK jsing@
* Add support for providing CRLs to libtls - once a CRL is provided wejsing2017-07-061-1/+41
| | | | | | | | enable CRL checking for the full certificate chain. Based on a diff from Jack Burton <jack at saosce dot com dot au>, thanks! Discussed with beck@
* Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so thatjsing2017-06-221-6/+6
| | | | | | | we can prevent libcrypto from going behind our back and trying to read passwords from standard input (which we may not be permitted to do). Found by jsg@ with httpd and password protected keys.
* Fix incorrect indentation.jsing2017-06-221-2/+2
|
* Plug a memory leak in tls_keypair_cert_hash(), introduced in r1.60.jsing2017-06-221-1/+3
|
* Remove dead code that has remained hiding since ressl.c r1.14!jsing2017-06-221-4/+1
|
* Return an error if tls_handshake() is called on a TLS context that hasjsing2017-05-071-1/+6
| | | | already completed a TLS handshake.
* Perform reference counting for tls_config. This allows tls_config_free() tojsing2017-05-061-3/+10
| | | | | | | | | be called as soon as it has been passed to the final tls_configure() call, simplifying lifetime tracking for the application. Requested some time ago by tedu@. ok beck@
* Add tls_peer_cert_chain_pem - To retreive the peer certificate and chainbeck2017-04-051-1/+4
| | | | | | | as PEM format. This allows for it to be used or examined with tools external to libtls bump minor ok jsing@
* Internal changes to allow for relayd engine privsep. sends the hash of thebeck2017-04-051-2/+65
| | | | | | public key as an identifier to RSA, and adds an function for relayd to use to disable private key checking when doing engine privsep. ok jsing@
* Use a flag to track when we need to call SSL_shutdown(). This avoids anjsing2017-01-261-2/+3
| | | | | | | | | issue where by calling tls_close() on a TLS context that has not attempted a handshake, results in an unexpected failure. Reported by Vinay Sajip. ok beck@
* Disable session cache and tickets by default.claudio2017-01-221-1/+5
| | | | OK beck@ jsing@
* whitespacederaadt2017-01-131-3/+3
|
* If certificate verification has been disabled, do not attempt to load ajsing2017-01-031-5/+9
| | | | | | | CA chain or specify CA paths. This prevents attempts to access the file system, which may fail due to pledge. ok bluhm@
* Revert previous - the original code was correct since X509_verify_cert()jsing2017-01-031-5/+5
| | | | | | | | | | | should not have changed the X509_STORE_CTX error value on success and it was initialised to X509_V_OK by X509_STORE_CTX_init(). Other software also depends on this behaviour. Previously X509_verify_cert() was mishandling the X509_STORE_CTX error value when validating alternate chains. This has been fixed and further changes now explicitly ensure that the error value will be set to X509_V_OK if X509_verify_cert() returns success.
* fix cert verify. a cert with an alt chain may verify but leave an errortedu2017-01-021-5/+5
| | | | | | in the context. don't look for errors in case of success. fixes spurious verify errors. guilty change tracked and fix tested by sthen
* Hook up a certificate verify callback so that we can set user friendlyjsing2016-12-261-4/+29
| | | | | | | | | | | | | | | | | | error messages, instead of libssl error strings. This gives us messages like: certificate verification failed: certificate has expired Instead of: 14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed This also lets us always enable peer verification since the no verification case is now handled via the callback. Tested by tedu@ ok beck@
* rename ocsp_ctx to ocspbeck2016-11-051-6/+6
| | | | ok jsing@
* Only set an error from libssl related code, if an error has not alreadyjsing2016-11-031-6/+41
| | | | | | | | been set by libtls code. This avoids the situation where a libtls callback has set an error, only to have it replaced by a less useful libssl based error. ok beck@
* Add OCSP client side support to libtls.beck2016-11-021-1/+6
| | | | | | | | | | | | | - Provide access to certificate OCSP URL - Provide ability to check a raw OCSP reply against an established TLS ctx - Check and validate OCSP stapling info in the TLS handshake if a stapled OCSP response is provided.` Add example code to show OCSP URL and stapled info into netcat. ok jsing@
* Add callback-based interface to libtls.bcook2016-09-041-1/+5
| | | | | | | This allows working with buffers and callback functions instead of directly on sockets or file descriptors. Original patch from Tobias Pape <tobias_at_netshed.de>. ok beck@
* Various clean up and reorganisation of the connection info handling code.jsing2016-08-221-8/+5
| | | | | | | | | In particular, rename tls_free_conninfo() to tls_conninfo_free() and make it a real free function. Rename tls_get_conninfo() to tls_conninfo_populate() and have it allocate the struct tls_conninfo (after freeing any existing one). ok beck@
* Create contexts for server side SNI - these include the additional SSL_CTXjsing2016-08-221-1/+27
| | | | | | | | | that is required for certificate switching with libssl and the certificate itself so that we can match against the subject and SANs. Hook up the servername callback and switch to the appropriate SSL_CTX if we find a matching certificate. ok beck@
* Explicitly pass in an SSL_CTX * to the functions that operate on one,jsing2016-08-151-23/+21
| | | | | | | | | | | instead of assuming that they should use the one associated with the TLS context. This allows these functions to be used with the additional SSL contexts that are needed to support server-side SNI. Also rename tls_configure_keypair() to tls_configure_ssl_keypair(), so that these functions have a common prefix. ok reyk@
* Load CA, certificate and key files into memory when the appropriatejsing2016-08-131-27/+25
| | | | | | | | | | tls_config_set_*_file() function is called. This allows us to immediately propagate useful error messages, play more nicely with privsep/pledge and have a single code path. Instead of always loading the default CA when tls_config_new() is called, defer and only load the default CA when tls_configure() is invoked, if a CA has not already been specified. ok beck@ bluhm@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 22:56:23 +0000