Gitiles
Code Review Sign In
gerrit.openfyde.cn / webrtc.googlesource.com / src / 13b2d4659380675871e2a232bd3a0b8dbbc35a7a / . / talk / base / opensslstreamadapter.cc
blob: 16021a96bd970e3589cd230f1771ab2df8c8f86d [file] [log] [blame]
henrike@webrtc.org28e20752013-07-10 00:45:36 +0000[diff] [blame]1/*
2 * libjingle
3 * Copyright 2004--2008, Google Inc.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright notice,
9 * this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright notice,
11 * this list of conditions and the following disclaimer in the documentation
12 * and/or other materials provided with the distribution.
13 * 3. The name of the author may not be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
17 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
18 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
19 * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
20 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
21 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
22 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
23 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
24 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
25 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28#if HAVE_CONFIG_H
29#include "config.h"
30#endif // HAVE_CONFIG_H
31
32#if HAVE_OPENSSL_SSL_H
33
34#include "talk/base/opensslstreamadapter.h"
35
36#include <openssl/bio.h>
37#include <openssl/crypto.h>
38#include <openssl/err.h>
39#include <openssl/rand.h>
40#include <openssl/ssl.h>
41#include <openssl/x509v3.h>
42
43#include <vector>
44
45#include "talk/base/common.h"
46#include "talk/base/logging.h"
47#include "talk/base/stream.h"
48#include "talk/base/openssladapter.h"
49#include "talk/base/openssldigest.h"
50#include "talk/base/opensslidentity.h"
51#include "talk/base/stringutils.h"
52#include "talk/base/thread.h"
53
54namespace talk_base {
55
56#if (OPENSSL_VERSION_NUMBER >= 0x10001000L)
57#define HAVE_DTLS_SRTP
58#endif
59
60#if (OPENSSL_VERSION_NUMBER >= 0x10000000L)
61#define HAVE_DTLS
62#endif
63
64#ifdef HAVE_DTLS_SRTP
65// SRTP cipher suite table
66struct SrtpCipherMapEntry {
67 const char* external_name;
68 const char* internal_name;
69};
70
71// This isn't elegant, but it's better than an external reference
72static SrtpCipherMapEntry SrtpCipherMap[] = {
73 {"AES_CM_128_HMAC_SHA1_80", "SRTP_AES128_CM_SHA1_80"},
74 {"AES_CM_128_HMAC_SHA1_32", "SRTP_AES128_CM_SHA1_32"},
75 {NULL, NULL}
76};
77#endif
78
79//////////////////////////////////////////////////////////////////////
80// StreamBIO
81//////////////////////////////////////////////////////////////////////
82
83static int stream_write(BIO* h, const char* buf, int num);
84static int stream_read(BIO* h, char* buf, int size);
85static int stream_puts(BIO* h, const char* str);
86static long stream_ctrl(BIO* h, int cmd, long arg1, void* arg2);
87static int stream_new(BIO* h);
88static int stream_free(BIO* data);
89
90static BIO_METHOD methods_stream = {
91 BIO_TYPE_BIO,
92 "stream",
93 stream_write,
94 stream_read,
95 stream_puts,
96 0,
97 stream_ctrl,
98 stream_new,
99 stream_free,
100 NULL,
101};
102
103static BIO_METHOD* BIO_s_stream() { return(&methods_stream); }
104
105static BIO* BIO_new_stream(StreamInterface* stream) {
106 BIO* ret = BIO_new(BIO_s_stream());
107 if (ret == NULL)
108 return NULL;
109 ret->ptr = stream;
110 return ret;
111}
112
113// bio methods return 1 (or at least non-zero) on success and 0 on failure.
114
115static int stream_new(BIO* b) {
116 b->shutdown = 0;
117 b->init = 1;
118 b->num = 0; // 1 means end-of-stream
119 b->ptr = 0;
120 return 1;
121}
122
123static int stream_free(BIO* b) {
124 if (b == NULL)
125 return 0;
126 return 1;
127}
128
129static int stream_read(BIO* b, char* out, int outl) {
130 if (!out)
131 return -1;
132 StreamInterface* stream = static_cast<StreamInterface*>(b->ptr);
133 BIO_clear_retry_flags(b);
134 size_t read;
135 int error;
136 StreamResult result = stream->Read(out, outl, &read, &error);
137 if (result == SR_SUCCESS) {
138 return read;
139 } else if (result == SR_EOS) {
140 b->num = 1;
141 } else if (result == SR_BLOCK) {
142 BIO_set_retry_read(b);
143 }
144 return -1;
145}
146
147static int stream_write(BIO* b, const char* in, int inl) {
148 if (!in)
149 return -1;
150 StreamInterface* stream = static_cast<StreamInterface*>(b->ptr);
151 BIO_clear_retry_flags(b);
152 size_t written;
153 int error;
154 StreamResult result = stream->Write(in, inl, &written, &error);
155 if (result == SR_SUCCESS) {
156 return written;
157 } else if (result == SR_BLOCK) {
158 BIO_set_retry_write(b);
159 }
160 return -1;
161}
162
163static int stream_puts(BIO* b, const char* str) {
164 return stream_write(b, str, strlen(str));
165}
166
167static long stream_ctrl(BIO* b, int cmd, long num, void* ptr) {
168 UNUSED(num);
169 UNUSED(ptr);
170
171 switch (cmd) {
172 case BIO_CTRL_RESET:
173 return 0;
174 case BIO_CTRL_EOF:
175 return b->num;
176 case BIO_CTRL_WPENDING:
177 case BIO_CTRL_PENDING:
178 return 0;
179 case BIO_CTRL_FLUSH:
180 return 1;
181 default:
182 return 0;
183 }
184}
185
186/////////////////////////////////////////////////////////////////////////////
187// OpenSSLStreamAdapter
188/////////////////////////////////////////////////////////////////////////////
189
190OpenSSLStreamAdapter::OpenSSLStreamAdapter(StreamInterface* stream)
191 : SSLStreamAdapter(stream),
192 state_(SSL_NONE),
193 role_(SSL_CLIENT),
194 ssl_read_needs_write_(false), ssl_write_needs_read_(false),
195 ssl_(NULL), ssl_ctx_(NULL),
196 custom_verification_succeeded_(false),
197 ssl_mode_(SSL_MODE_TLS) {
198}
199
200OpenSSLStreamAdapter::~OpenSSLStreamAdapter() {
201 Cleanup();
202}
203
204void OpenSSLStreamAdapter::SetIdentity(SSLIdentity* identity) {
205 ASSERT(!identity_);
206 identity_.reset(static_cast<OpenSSLIdentity*>(identity));
207}
208
209void OpenSSLStreamAdapter::SetServerRole(SSLRole role) {
210 role_ = role;
211}
212
213void OpenSSLStreamAdapter::SetPeerCertificate(SSLCertificate* cert) {
214 ASSERT(!peer_certificate_);
215 ASSERT(peer_certificate_digest_algorithm_.empty());
216 ASSERT(ssl_server_name_.empty());
217 peer_certificate_.reset(static_cast<OpenSSLCertificate*>(cert));
218}
219
220bool OpenSSLStreamAdapter::SetPeerCertificateDigest(const std::string
221 &digest_alg,
222 const unsigned char*
223 digest_val,
224 size_t digest_len) {
225 ASSERT(!peer_certificate_);
226 ASSERT(peer_certificate_digest_algorithm_.size() == 0);
227 ASSERT(ssl_server_name_.empty());
228 size_t expected_len;
229
230 if (!OpenSSLDigest::GetDigestSize(digest_alg, &expected_len)) {
231 LOG(LS_WARNING) << "Unknown digest algorithm: " << digest_alg;
232 return false;
233 }
234 if (expected_len != digest_len)
235 return false;
236
237 peer_certificate_digest_value_.SetData(digest_val, digest_len);
238 peer_certificate_digest_algorithm_ = digest_alg;
239
240 return true;
241}
242
243// Key Extractor interface
244bool OpenSSLStreamAdapter::ExportKeyingMaterial(const std::string& label,
245 const uint8* context,
246 size_t context_len,
247 bool use_context,
248 uint8* result,
249 size_t result_len) {
250#ifdef HAVE_DTLS_SRTP
251 int i;
252
253 i = SSL_export_keying_material(ssl_, result, result_len,
254 label.c_str(), label.length(),
255 const_cast<uint8 *>(context),
256 context_len, use_context);
257
258 if (i != 1)
259 return false;
260
261 return true;
262#else
263 return false;
264#endif
265}
266
267bool OpenSSLStreamAdapter::SetDtlsSrtpCiphers(
268 const std::vector<std::string>& ciphers) {
269 std::string internal_ciphers;
270
271 if (state_ != SSL_NONE)
272 return false;
273
274#ifdef HAVE_DTLS_SRTP
275 for (std::vector<std::string>::const_iterator cipher = ciphers.begin();
276 cipher != ciphers.end(); ++cipher) {
277 bool found = false;
278 for (SrtpCipherMapEntry *entry = SrtpCipherMap; entry->internal_name;
279 ++entry) {
280 if (*cipher == entry->external_name) {
281 found = true;
282 if (!internal_ciphers.empty())
283 internal_ciphers += ":";
284 internal_ciphers += entry->internal_name;
285 break;
286 }
287 }
288
289 if (!found) {
290 LOG(LS_ERROR) << "Could not find cipher: " << *cipher;
291 return false;
292 }
293 }
294
295 if (internal_ciphers.empty())
296 return false;
297
298 srtp_ciphers_ = internal_ciphers;
299 return true;
300#else
301 return false;
302#endif
303}
304
305bool OpenSSLStreamAdapter::GetDtlsSrtpCipher(std::string* cipher) {
306#ifdef HAVE_DTLS_SRTP
307 ASSERT(state_ == SSL_CONNECTED);
308 if (state_ != SSL_CONNECTED)
309 return false;
310
311 SRTP_PROTECTION_PROFILE *srtp_profile =
312 SSL_get_selected_srtp_profile(ssl_);
313
314 if (!srtp_profile)
315 return false;
316
317 for (SrtpCipherMapEntry *entry = SrtpCipherMap;
318 entry->internal_name; ++entry) {
319 if (!strcmp(entry->internal_name, srtp_profile->name)) {
320 *cipher = entry->external_name;
321 return true;
322 }
323 }
324
325 ASSERT(false); // This should never happen
326
327 return false;
328#else
329 return false;
330#endif
331}
332
333int OpenSSLStreamAdapter::StartSSLWithServer(const char* server_name) {
334 ASSERT(server_name != NULL && server_name[0] != '\0');
335 ssl_server_name_ = server_name;
336 return StartSSL();
337}
338
339int OpenSSLStreamAdapter::StartSSLWithPeer() {
340 ASSERT(ssl_server_name_.empty());
341 // It is permitted to specify peer_certificate_ only later.
342 return StartSSL();
343}
344
345void OpenSSLStreamAdapter::SetMode(SSLMode mode) {
346 ASSERT(state_ == SSL_NONE);
347 ssl_mode_ = mode;
348}
349
350//
351// StreamInterface Implementation
352//
353
354StreamResult OpenSSLStreamAdapter::Write(const void* data, size_t data_len,
355 size_t* written, int* error) {
356 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Write(" << data_len << ")";
357
358 switch (state_) {
359 case SSL_NONE:
360 // pass-through in clear text
361 return StreamAdapterInterface::Write(data, data_len, written, error);
362
363 case SSL_WAIT:
364 case SSL_CONNECTING:
365 return SR_BLOCK;
366
367 case SSL_CONNECTED:
368 break;
369
370 case SSL_ERROR:
371 case SSL_CLOSED:
372 default:
373 if (error)
374 *error = ssl_error_code_;
375 return SR_ERROR;
376 }
377
378 // OpenSSL will return an error if we try to write zero bytes
379 if (data_len == 0) {
380 if (written)
381 *written = 0;
382 return SR_SUCCESS;
383 }
384
385 ssl_write_needs_read_ = false;
386
387 int code = SSL_write(ssl_, data, data_len);
388 int ssl_error = SSL_get_error(ssl_, code);
389 switch (ssl_error) {
390 case SSL_ERROR_NONE:
391 LOG(LS_VERBOSE) << " -- success";
392 ASSERT(0 < code && static_cast<unsigned>(code) <= data_len);
393 if (written)
394 *written = code;
395 return SR_SUCCESS;
396 case SSL_ERROR_WANT_READ:
397 LOG(LS_VERBOSE) << " -- error want read";
398 ssl_write_needs_read_ = true;
399 return SR_BLOCK;
400 case SSL_ERROR_WANT_WRITE:
401 LOG(LS_VERBOSE) << " -- error want write";
402 return SR_BLOCK;
403
404 case SSL_ERROR_ZERO_RETURN:
405 default:
406 Error("SSL_write", (ssl_error ? ssl_error : -1), false);
407 if (error)
408 *error = ssl_error_code_;
409 return SR_ERROR;
410 }
411 // not reached
412}
413
414StreamResult OpenSSLStreamAdapter::Read(void* data, size_t data_len,
415 size_t* read, int* error) {
416 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Read(" << data_len << ")";
417 switch (state_) {
418 case SSL_NONE:
419 // pass-through in clear text
420 return StreamAdapterInterface::Read(data, data_len, read, error);
421
422 case SSL_WAIT:
423 case SSL_CONNECTING:
424 return SR_BLOCK;
425
426 case SSL_CONNECTED:
427 break;
428
429 case SSL_CLOSED:
430 return SR_EOS;
431
432 case SSL_ERROR:
433 default:
434 if (error)
435 *error = ssl_error_code_;
436 return SR_ERROR;
437 }
438
439 // Don't trust OpenSSL with zero byte reads
440 if (data_len == 0) {
441 if (read)
442 *read = 0;
443 return SR_SUCCESS;
444 }
445
446 ssl_read_needs_write_ = false;
447
448 int code = SSL_read(ssl_, data, data_len);
449 int ssl_error = SSL_get_error(ssl_, code);
450 switch (ssl_error) {
451 case SSL_ERROR_NONE:
452 LOG(LS_VERBOSE) << " -- success";
453 ASSERT(0 < code && static_cast<unsigned>(code) <= data_len);
454 if (read)
455 *read = code;
456
457 if (ssl_mode_ == SSL_MODE_DTLS) {
458 // Enforce atomic reads -- this is a short read
459 unsigned int pending = SSL_pending(ssl_);
460
461 if (pending) {
462 LOG(LS_INFO) << " -- short DTLS read. flushing";
463 FlushInput(pending);
464 if (error)
465 *error = SSE_MSG_TRUNC;
466 return SR_ERROR;
467 }
468 }
469 return SR_SUCCESS;
470 case SSL_ERROR_WANT_READ:
471 LOG(LS_VERBOSE) << " -- error want read";
472 return SR_BLOCK;
473 case SSL_ERROR_WANT_WRITE:
474 LOG(LS_VERBOSE) << " -- error want write";
475 ssl_read_needs_write_ = true;
476 return SR_BLOCK;
477 case SSL_ERROR_ZERO_RETURN:
478 LOG(LS_VERBOSE) << " -- remote side closed";
479 return SR_EOS;
480 break;
481 default:
482 LOG(LS_VERBOSE) << " -- error " << code;
483 Error("SSL_read", (ssl_error ? ssl_error : -1), false);
484 if (error)
485 *error = ssl_error_code_;
486 return SR_ERROR;
487 }
488 // not reached
489}
490
491void OpenSSLStreamAdapter::FlushInput(unsigned int left) {
492 unsigned char buf[2048];
493
494 while (left) {
495 // This should always succeed
496 int toread = (sizeof(buf) < left) ? sizeof(buf) : left;
497 int code = SSL_read(ssl_, buf, toread);
498
499 int ssl_error = SSL_get_error(ssl_, code);
500 ASSERT(ssl_error == SSL_ERROR_NONE);
501
502 if (ssl_error != SSL_ERROR_NONE) {
503 LOG(LS_VERBOSE) << " -- error " << code;
504 Error("SSL_read", (ssl_error ? ssl_error : -1), false);
505 return;
506 }
507
508 LOG(LS_VERBOSE) << " -- flushed " << code << " bytes";
509 left -= code;
510 }
511}
512
513void OpenSSLStreamAdapter::Close() {
514 Cleanup();
515 ASSERT(state_ == SSL_CLOSED || state_ == SSL_ERROR);
516 StreamAdapterInterface::Close();
517}
518
519StreamState OpenSSLStreamAdapter::GetState() const {
520 switch (state_) {
521 case SSL_WAIT:
522 case SSL_CONNECTING:
523 return SS_OPENING;
524 case SSL_CONNECTED:
525 return SS_OPEN;
526 default:
527 return SS_CLOSED;
528 };
529 // not reached
530}
531
532void OpenSSLStreamAdapter::OnEvent(StreamInterface* stream, int events,
533 int err) {
534 int events_to_signal = 0;
535 int signal_error = 0;
536 ASSERT(stream == this->stream());
537 if ((events & SE_OPEN)) {
538 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent SE_OPEN";
539 if (state_ != SSL_WAIT) {
540 ASSERT(state_ == SSL_NONE);
541 events_to_signal |= SE_OPEN;
542 } else {
543 state_ = SSL_CONNECTING;
544 if (int err = BeginSSL()) {
545 Error("BeginSSL", err, true);
546 return;
547 }
548 }
549 }
550 if ((events & (SE_READ|SE_WRITE))) {
551 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent"
552 << ((events & SE_READ) ? " SE_READ" : "")
553 << ((events & SE_WRITE) ? " SE_WRITE" : "");
554 if (state_ == SSL_NONE) {
555 events_to_signal |= events & (SE_READ|SE_WRITE);
556 } else if (state_ == SSL_CONNECTING) {
557 if (int err = ContinueSSL()) {
558 Error("ContinueSSL", err, true);
559 return;
560 }
561 } else if (state_ == SSL_CONNECTED) {
562 if (((events & SE_READ) && ssl_write_needs_read_) ||
563 (events & SE_WRITE)) {
564 LOG(LS_VERBOSE) << " -- onStreamWriteable";
565 events_to_signal |= SE_WRITE;
566 }
567 if (((events & SE_WRITE) && ssl_read_needs_write_) ||
568 (events & SE_READ)) {
569 LOG(LS_VERBOSE) << " -- onStreamReadable";
570 events_to_signal |= SE_READ;
571 }
572 }
573 }
574 if ((events & SE_CLOSE)) {
575 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent(SE_CLOSE, " << err << ")";
576 Cleanup();
577 events_to_signal |= SE_CLOSE;
578 // SE_CLOSE is the only event that uses the final parameter to OnEvent().
579 ASSERT(signal_error == 0);
580 signal_error = err;
581 }
582 if (events_to_signal)
583 StreamAdapterInterface::OnEvent(stream, events_to_signal, signal_error);
584}
585
586int OpenSSLStreamAdapter::StartSSL() {
587 ASSERT(state_ == SSL_NONE);
588
589 if (StreamAdapterInterface::GetState() != SS_OPEN) {
590 state_ = SSL_WAIT;
591 return 0;
592 }
593
594 state_ = SSL_CONNECTING;
595 if (int err = BeginSSL()) {
596 Error("BeginSSL", err, false);
597 return err;
598 }
599
600 return 0;
601}
602
603int OpenSSLStreamAdapter::BeginSSL() {
604 ASSERT(state_ == SSL_CONNECTING);
605 // The underlying stream has open. If we are in peer-to-peer mode
606 // then a peer certificate must have been specified by now.
607 ASSERT(!ssl_server_name_.empty() ||
608 peer_certificate_ ||
609 !peer_certificate_digest_algorithm_.empty());
610 LOG(LS_INFO) << "BeginSSL: "
611 << (!ssl_server_name_.empty() ? ssl_server_name_ :
612 "with peer");
613
614 BIO* bio = NULL;
615
616 // First set up the context
617 ASSERT(ssl_ctx_ == NULL);
618 ssl_ctx_ = SetupSSLContext();
619 if (!ssl_ctx_)
620 return -1;
621
622 bio = BIO_new_stream(static_cast<StreamInterface*>(stream()));
623 if (!bio)
624 return -1;
625
626 ssl_ = SSL_new(ssl_ctx_);
627 if (!ssl_) {
628 BIO_free(bio);
629 return -1;
630 }
631
632 SSL_set_app_data(ssl_, this);
633
634 SSL_set_bio(ssl_, bio, bio); // the SSL object owns the bio now.
635
636 SSL_set_mode(ssl_, SSL_MODE_ENABLE_PARTIAL_WRITE |
637 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
638
639 // Do the connect
640 return ContinueSSL();
641}
642
643int OpenSSLStreamAdapter::ContinueSSL() {
644 LOG(LS_VERBOSE) << "ContinueSSL";
645 ASSERT(state_ == SSL_CONNECTING);
646
647 // Clear the DTLS timer
648 Thread::Current()->Clear(this, MSG_TIMEOUT);
649
650 int code = (role_ == SSL_CLIENT) ? SSL_connect(ssl_) : SSL_accept(ssl_);
651 int ssl_error;
652 switch (ssl_error = SSL_get_error(ssl_, code)) {
653 case SSL_ERROR_NONE:
654 LOG(LS_VERBOSE) << " -- success";
655
656 if (!SSLPostConnectionCheck(ssl_, ssl_server_name_.c_str(),
657 peer_certificate_ ?
658 peer_certificate_->x509() : NULL,
659 peer_certificate_digest_algorithm_)) {
660 LOG(LS_ERROR) << "TLS post connection check failed";
661 return -1;
662 }
663
664 state_ = SSL_CONNECTED;
665 StreamAdapterInterface::OnEvent(stream(), SE_OPEN|SE_READ|SE_WRITE, 0);
666 break;
667
668 case SSL_ERROR_WANT_READ: {
669 LOG(LS_VERBOSE) << " -- error want read";
670#ifdef HAVE_DTLS
671 struct timeval timeout;
672 if (DTLSv1_get_timeout(ssl_, &timeout)) {
673 int delay = timeout.tv_sec * 1000 + timeout.tv_usec/1000;
674
675 Thread::Current()->PostDelayed(delay, this, MSG_TIMEOUT, 0);
676 }
677#endif
678 }
679 break;
680
681 case SSL_ERROR_WANT_WRITE:
682 LOG(LS_VERBOSE) << " -- error want write";
683 break;
684
685 case SSL_ERROR_ZERO_RETURN:
686 default:
687 LOG(LS_VERBOSE) << " -- error " << code;
688 return (ssl_error != 0) ? ssl_error : -1;
689 }
690
691 return 0;
692}
693
694void OpenSSLStreamAdapter::Error(const char* context, int err, bool signal) {
695 LOG(LS_WARNING) << "OpenSSLStreamAdapter::Error("
696 << context << ", " << err << ")";
697 state_ = SSL_ERROR;
698 ssl_error_code_ = err;
699 Cleanup();
700 if (signal)
701 StreamAdapterInterface::OnEvent(stream(), SE_CLOSE, err);
702}
703
704void OpenSSLStreamAdapter::Cleanup() {
705 LOG(LS_INFO) << "Cleanup";
706
707 if (state_ != SSL_ERROR) {
708 state_ = SSL_CLOSED;
709 ssl_error_code_ = 0;
710 }
711
712 if (ssl_) {
713 SSL_free(ssl_);
714 ssl_ = NULL;
715 }
716 if (ssl_ctx_) {
717 SSL_CTX_free(ssl_ctx_);
718 ssl_ctx_ = NULL;
719 }
720 identity_.reset();
721 peer_certificate_.reset();
722
723 // Clear the DTLS timer
724 Thread::Current()->Clear(this, MSG_TIMEOUT);
725}
726
727
728void OpenSSLStreamAdapter::OnMessage(Message* msg) {
729 // Process our own messages and then pass others to the superclass
730 if (MSG_TIMEOUT == msg->message_id) {
731 LOG(LS_INFO) << "DTLS timeout expired";
732#ifdef HAVE_DTLS
733 DTLSv1_handle_timeout(ssl_);
734#endif
735 ContinueSSL();
736 } else {
737 StreamInterface::OnMessage(msg);
738 }
739}
740
741SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() {
742 SSL_CTX *ctx = NULL;
743
744 if (role_ == SSL_CLIENT) {
745#ifdef HAVE_DTLS
746 ctx = SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ?
747 DTLSv1_client_method() : TLSv1_client_method());
748#else
749 ctx = SSL_CTX_new(TLSv1_client_method());
750#endif
751 } else {
752#ifdef HAVE_DTLS
753 ctx = SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ?
754 DTLSv1_server_method() : TLSv1_server_method());
755#else
756 ctx = SSL_CTX_new(TLSv1_server_method());
757#endif
758 }
759 if (ctx == NULL)
760 return NULL;
761
762 if (identity_ && !identity_->ConfigureIdentity(ctx)) {
763 SSL_CTX_free(ctx);
764 return NULL;
765 }
766
767 if (!peer_certificate_) { // traditional mode
768 // Add the root cert to the SSL context
769 if (!OpenSSLAdapter::ConfigureTrustedRootCertificates(ctx)) {
770 SSL_CTX_free(ctx);
771 return NULL;
772 }
773 }
774
775 if (peer_certificate_ && role_ == SSL_SERVER)
776 // we must specify which client cert to ask for
777 SSL_CTX_add_client_CA(ctx, peer_certificate_->x509());
778
779#ifdef _DEBUG
780 SSL_CTX_set_info_callback(ctx, OpenSSLAdapter::SSLInfoCallback);
781#endif
782
783 SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER |SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
784 SSLVerifyCallback);
785 SSL_CTX_set_verify_depth(ctx, 4);
786 SSL_CTX_set_cipher_list(ctx, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
787
788#ifdef HAVE_DTLS_SRTP
789 if (!srtp_ciphers_.empty()) {
790 if (SSL_CTX_set_tlsext_use_srtp(ctx, srtp_ciphers_.c_str())) {
791 SSL_CTX_free(ctx);
792 return NULL;
793 }
794 }
795#endif
796
797 return ctx;
798}
799
800int OpenSSLStreamAdapter::SSLVerifyCallback(int ok, X509_STORE_CTX* store) {
801#if _DEBUG
802 if (!ok) {
803 char data[256];
804 X509* cert = X509_STORE_CTX_get_current_cert(store);
805 int depth = X509_STORE_CTX_get_error_depth(store);
806 int err = X509_STORE_CTX_get_error(store);
807
808 LOG(LS_INFO) << "Error with certificate at depth: " << depth;
809 X509_NAME_oneline(X509_get_issuer_name(cert), data, sizeof(data));
810 LOG(LS_INFO) << " issuer = " << data;
811 X509_NAME_oneline(X509_get_subject_name(cert), data, sizeof(data));
812 LOG(LS_INFO) << " subject = " << data;
813 LOG(LS_INFO) << " err = " << err
814 << ":" << X509_verify_cert_error_string(err);
815 }
816#endif
817
818 // Get our SSL structure from the store
819 SSL* ssl = reinterpret_cast<SSL*>(X509_STORE_CTX_get_ex_data(
820 store,
821 SSL_get_ex_data_X509_STORE_CTX_idx()));
822
823 OpenSSLStreamAdapter* stream =
824 reinterpret_cast<OpenSSLStreamAdapter*>(SSL_get_app_data(ssl));
825
826 // In peer-to-peer mode, no root cert / certificate authority was
827 // specified, so the libraries knows of no certificate to accept,
828 // and therefore it will necessarily call here on the first cert it
829 // tries to verify.
830 if (!ok && stream->peer_certificate_) {
831 X509* cert = X509_STORE_CTX_get_current_cert(store);
832 int err = X509_STORE_CTX_get_error(store);
833 // peer-to-peer mode: allow the certificate to be self-signed,
834 // assuming it matches the cert that was specified.
835 if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT &&
836 X509_cmp(cert, stream->peer_certificate_->x509()) == 0) {
837 LOG(LS_INFO) << "Accepted self-signed peer certificate authority";
838 ok = 1;
839 }
840 } else if (!ok && !stream->peer_certificate_digest_algorithm_.empty()) {
841 X509* cert = X509_STORE_CTX_get_current_cert(store);
842 int err = X509_STORE_CTX_get_error(store);
843
844 // peer-to-peer mode: allow the certificate to be self-signed,
845 // assuming it matches the digest that was specified.
846 if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) {
847 unsigned char digest[EVP_MAX_MD_SIZE];
848 std::size_t digest_length;
849
850 if (OpenSSLCertificate::
851 ComputeDigest(cert,
852 stream->peer_certificate_digest_algorithm_,
853 digest, sizeof(digest),
854 &digest_length)) {
855 Buffer computed_digest(digest, digest_length);
856 if (computed_digest == stream->peer_certificate_digest_value_) {
857 LOG(LS_INFO) <<
858 "Accepted self-signed peer certificate authority";
859 ok = 1;
860 }
861 }
862 }
863 } else if (!ok && OpenSSLAdapter::custom_verify_callback_) {
864 // this applies only in traditional mode
865 void* cert =
866 reinterpret_cast<void*>(X509_STORE_CTX_get_current_cert(store));
867 if (OpenSSLAdapter::custom_verify_callback_(cert)) {
868 stream->custom_verification_succeeded_ = true;
869 LOG(LS_INFO) << "validated certificate using custom callback";
870 ok = 1;
871 }
872 }
873
874 if (!ok && stream->ignore_bad_cert()) {
875 LOG(LS_WARNING) << "Ignoring cert error while verifying cert chain";
876 ok = 1;
877 }
878
879 return ok;
880}
881
882// This code is taken from the "Network Security with OpenSSL"
883// sample in chapter 5
884bool OpenSSLStreamAdapter::SSLPostConnectionCheck(SSL* ssl,
885 const char* server_name,
886 const X509* peer_cert,
887 const std::string
888 &peer_digest) {
889 ASSERT(server_name != NULL);
890 bool ok;
891 if (server_name[0] != '\0') { // traditional mode
892 ok = OpenSSLAdapter::VerifyServerName(ssl, server_name, ignore_bad_cert());
893
894 if (ok) {
895 ok = (SSL_get_verify_result(ssl) == X509_V_OK ||
896 custom_verification_succeeded_);
897 }
898 } else { // peer-to-peer mode
899 ASSERT((peer_cert != NULL) || (!peer_digest.empty()));
900 // no server name validation
901 ok = true;
902 }
903
904 if (!ok && ignore_bad_cert()) {
905 LOG(LS_ERROR) << "SSL_get_verify_result(ssl) = "
906 << SSL_get_verify_result(ssl);
907 LOG(LS_INFO) << "Other TLS post connection checks failed.";
908 ok = true;
909 }
910
911 return ok;
912}
913
914bool OpenSSLStreamAdapter::HaveDtls() {
915#ifdef HAVE_DTLS
916 return true;
917#else
918 return false;
919#endif
920}
921
922bool OpenSSLStreamAdapter::HaveDtlsSrtp() {
923#ifdef HAVE_DTLS_SRTP
924 return true;
925#else
926 return false;
927#endif
928}
929
930bool OpenSSLStreamAdapter::HaveExporter() {
931#ifdef HAVE_DTLS_SRTP
932 return true;
933#else
934 return false;
935#endif
936}
937
938} // namespace talk_base
939
940#endif // HAVE_OPENSSL_SSL_H