Gitiles
Code Review Sign In
gerrit.openfyde.cn / webrtc.googlesource.com / src / eb0df088caaea172a468ca9c34d42c59fd99b99d / . / rtc_base / openssladapter.cc
blob: ce00469129c93c4da2db10a4624a9164c1519406 [file] [log] [blame]
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1/*
2 * Copyright 2008 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
Mirko Bonadei92ea95e2017-09-15 06:47:31 +0200[diff] [blame]11#include "rtc_base/openssladapter.h"
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]12
13#if defined(WEBRTC_POSIX)
14#include <unistd.h>
15#endif
16
Mirko Bonadeie0623852018-02-01 11:17:40 +0100[diff] [blame]17#if defined(WEBRTC_WIN)
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]18// Must be included first before openssl headers.
Mirko Bonadei92ea95e2017-09-15 06:47:31 +0200[diff] [blame]19#include "rtc_base/win32.h" // NOLINT
Mirko Bonadeie0623852018-02-01 11:17:40 +0100[diff] [blame]20#endif // WEBRTC_WIN
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]21
22#include <openssl/bio.h>
23#include <openssl/crypto.h>
24#include <openssl/err.h>
25#include <openssl/opensslv.h>
26#include <openssl/rand.h>
henrike@webrtc.orgd5a05062014-06-30 20:38:56 +0000[diff] [blame]27#include <openssl/x509.h>
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]28#include <openssl/x509v3.h>
29
Mirko Bonadei92ea95e2017-09-15 06:47:31 +0200[diff] [blame]30#include "rtc_base/arraysize.h"
31#include "rtc_base/checks.h"
32#include "rtc_base/logging.h"
Karl Wiberge40468b2017-11-22 10:42:26 +0100[diff] [blame]33#include "rtc_base/numerics/safe_conversions.h"
Mirko Bonadei92ea95e2017-09-15 06:47:31 +0200[diff] [blame]34#include "rtc_base/openssl.h"
Mirko Bonadei92ea95e2017-09-15 06:47:31 +0200[diff] [blame]35#include "rtc_base/sslroots.h"
36#include "rtc_base/stringencode.h"
37#include "rtc_base/stringutils.h"
38#include "rtc_base/thread.h"
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]39
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]40#ifndef OPENSSL_IS_BORINGSSL
41
42// TODO: Use a nicer abstraction for mutex.
43
44#if defined(WEBRTC_WIN)
45 #define MUTEX_TYPE HANDLE
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]46#define MUTEX_SETUP(x) (x) = CreateMutex(nullptr, FALSE, nullptr)
47#define MUTEX_CLEANUP(x) CloseHandle(x)
48#define MUTEX_LOCK(x) WaitForSingleObject((x), INFINITE)
49#define MUTEX_UNLOCK(x) ReleaseMutex(x)
50#define THREAD_ID GetCurrentThreadId()
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]51#elif defined(WEBRTC_POSIX)
52 #define MUTEX_TYPE pthread_mutex_t
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]53 #define MUTEX_SETUP(x) pthread_mutex_init(&(x), nullptr)
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]54 #define MUTEX_CLEANUP(x) pthread_mutex_destroy(&(x))
55 #define MUTEX_LOCK(x) pthread_mutex_lock(&(x))
56 #define MUTEX_UNLOCK(x) pthread_mutex_unlock(&(x))
57 #define THREAD_ID pthread_self()
58#else
59 #error You must define mutex operations appropriate for your platform!
60#endif
61
62struct CRYPTO_dynlock_value {
63 MUTEX_TYPE mutex;
64};
65
66#endif // #ifndef OPENSSL_IS_BORINGSSL
67
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]68//////////////////////////////////////////////////////////////////////
69// SocketBIO
70//////////////////////////////////////////////////////////////////////
71
72static int socket_write(BIO* h, const char* buf, int num);
73static int socket_read(BIO* h, char* buf, int size);
74static int socket_puts(BIO* h, const char* str);
75static long socket_ctrl(BIO* h, int cmd, long arg1, void* arg2);
76static int socket_new(BIO* h);
77static int socket_free(BIO* data);
78
Jiawei Oueb0df082018-02-02 14:51:18 -0800[diff] [blame^]79static BIO_METHOD* BIO_socket_method() {
80 static BIO_METHOD* methods = [] {
81 BIO_METHOD* methods = BIO_meth_new(BIO_TYPE_BIO, "socket");
82 BIO_meth_set_write(methods, socket_write);
83 BIO_meth_set_read(methods, socket_read);
84 BIO_meth_set_puts(methods, socket_puts);
85 BIO_meth_set_ctrl(methods, socket_ctrl);
86 BIO_meth_set_create(methods, socket_new);
87 BIO_meth_set_destroy(methods, socket_free);
88 return methods;
89 }();
90 return methods;
91}
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]92
henrike@webrtc.orgc50bf7c2014-05-14 18:24:13 +0000[diff] [blame]93static BIO* BIO_new_socket(rtc::AsyncSocket* socket) {
Jiawei Oueb0df082018-02-02 14:51:18 -0800[diff] [blame^]94 BIO* ret = BIO_new(BIO_socket_method());
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]95 if (ret == nullptr) {
96 return nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]97 }
Jiawei Oueb0df082018-02-02 14:51:18 -0800[diff] [blame^]98 BIO_set_data(ret, socket);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]99 return ret;
100}
101
102static int socket_new(BIO* b) {
Jiawei Oueb0df082018-02-02 14:51:18 -0800[diff] [blame^]103 BIO_set_shutdown(b, 0);
104 BIO_set_init(b, 1);
105 BIO_set_data(b, 0);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]106 return 1;
107}
108
109static int socket_free(BIO* b) {
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]110 if (b == nullptr)
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]111 return 0;
112 return 1;
113}
114
115static int socket_read(BIO* b, char* out, int outl) {
116 if (!out)
117 return -1;
Jiawei Oueb0df082018-02-02 14:51:18 -0800[diff] [blame^]118 rtc::AsyncSocket* socket = static_cast<rtc::AsyncSocket*>(BIO_get_data(b));
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]119 BIO_clear_retry_flags(b);
Stefan Holmer9131efd2016-05-23 18:19:26 +0200[diff] [blame]120 int result = socket->Recv(out, outl, nullptr);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]121 if (result > 0) {
122 return result;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]123 } else if (socket->IsBlocking()) {
124 BIO_set_retry_read(b);
125 }
126 return -1;
127}
128
129static int socket_write(BIO* b, const char* in, int inl) {
130 if (!in)
131 return -1;
Jiawei Oueb0df082018-02-02 14:51:18 -0800[diff] [blame^]132 rtc::AsyncSocket* socket = static_cast<rtc::AsyncSocket*>(BIO_get_data(b));
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]133 BIO_clear_retry_flags(b);
134 int result = socket->Send(in, inl);
135 if (result > 0) {
136 return result;
137 } else if (socket->IsBlocking()) {
138 BIO_set_retry_write(b);
139 }
140 return -1;
141}
142
143static int socket_puts(BIO* b, const char* str) {
henrike@webrtc.orgd89b69a2014-11-06 17:23:09 +0000[diff] [blame]144 return socket_write(b, str, rtc::checked_cast<int>(strlen(str)));
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]145}
146
147static long socket_ctrl(BIO* b, int cmd, long num, void* ptr) {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]148 switch (cmd) {
149 case BIO_CTRL_RESET:
150 return 0;
Jiawei Ou018dd6e2018-01-30 12:13:48 -0800[diff] [blame]151 case BIO_CTRL_EOF: {
152 rtc::AsyncSocket* socket = static_cast<rtc::AsyncSocket*>(ptr);
153 // 1 means socket closed.
154 return (socket->GetState() == rtc::AsyncSocket::CS_CLOSED) ? 1 : 0;
155 }
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]156 case BIO_CTRL_WPENDING:
157 case BIO_CTRL_PENDING:
158 return 0;
159 case BIO_CTRL_FLUSH:
160 return 1;
161 default:
162 return 0;
163 }
164}
165
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]166static void LogSslError() {
167 // Walk down the error stack to find the SSL error.
168 uint32_t error_code;
169 const char* file;
170 int line;
171 do {
172 error_code = ERR_get_error_line(&file, &line);
173 if (ERR_GET_LIB(error_code) == ERR_LIB_SSL) {
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]174 RTC_LOG(LS_ERROR) << "ERR_LIB_SSL: " << error_code << ", " << file << ":"
175 << line;
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]176 break;
177 }
178 } while (error_code != 0);
179}
180
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]181/////////////////////////////////////////////////////////////////////////////
182// OpenSSLAdapter
183/////////////////////////////////////////////////////////////////////////////
184
185namespace rtc {
186
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]187VerificationCallback OpenSSLAdapter::custom_verify_callback_ = nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]188
189bool OpenSSLAdapter::InitializeSSL(VerificationCallback callback) {
Jiawei Oueb0df082018-02-02 14:51:18 -0800[diff] [blame^]190 if (!SSL_library_init())
191 return false;
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]192#if !defined(ADDRESS_SANITIZER) || !defined(WEBRTC_MAC) || defined(WEBRTC_IOS)
193 // Loading the error strings crashes mac_asan. Omit this debugging aid there.
194 SSL_load_error_strings();
195#endif
196 ERR_load_BIO_strings();
197 OpenSSL_add_all_algorithms();
198 RAND_poll();
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]199 custom_verify_callback_ = callback;
200 return true;
201}
202
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]203bool OpenSSLAdapter::CleanupSSL() {
Torbjorn Granlund9adc91d2016-03-24 14:05:06 +0100[diff] [blame]204 return true;
205}
206
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]207OpenSSLAdapter::OpenSSLAdapter(AsyncSocket* socket,
208 OpenSSLAdapterFactory* factory)
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]209 : SSLAdapter(socket),
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]210 factory_(factory),
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]211 state_(SSL_NONE),
Steve Anton786de702017-08-17 15:15:46 -0700[diff] [blame]212 role_(SSL_CLIENT),
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]213 ssl_read_needs_write_(false),
214 ssl_write_needs_read_(false),
215 restartable_(false),
216 ssl_(nullptr),
217 ssl_ctx_(nullptr),
218 ssl_mode_(SSL_MODE_TLS),
Diogo Real1dca9d52017-08-29 12:18:32 -0700[diff] [blame]219 ignore_bad_cert_(false),
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]220 custom_verification_succeeded_(false) {
221 // If a factory is used, take a reference on the factory's SSL_CTX.
222 // Otherwise, we'll create our own later.
223 // Either way, we'll release our reference via SSL_CTX_free() in Cleanup().
224 if (factory_) {
225 ssl_ctx_ = factory_->ssl_ctx();
226 RTC_DCHECK(ssl_ctx_);
227 // Note: if using OpenSSL, requires version 1.1.0 or later.
228 SSL_CTX_up_ref(ssl_ctx_);
229 }
230}
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]231
232OpenSSLAdapter::~OpenSSLAdapter() {
233 Cleanup();
234}
235
Diogo Real1dca9d52017-08-29 12:18:32 -0700[diff] [blame]236void OpenSSLAdapter::SetIgnoreBadCert(bool ignore) {
237 ignore_bad_cert_ = ignore;
238}
239
240void OpenSSLAdapter::SetAlpnProtocols(const std::vector<std::string>& protos) {
241 alpn_protocols_ = protos;
242}
243
Diogo Real7bd1f1b2017-09-08 12:50:41 -0700[diff] [blame]244void OpenSSLAdapter::SetEllipticCurves(const std::vector<std::string>& curves) {
245 elliptic_curves_ = curves;
246}
247
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]248void OpenSSLAdapter::SetMode(SSLMode mode) {
249 RTC_DCHECK(!ssl_ctx_);
nisseede5da42017-01-12 05:15:36 -0800[diff] [blame]250 RTC_DCHECK(state_ == SSL_NONE);
pthatcher@webrtc.orga9b1ec02014-12-29 23:00:14 +0000[diff] [blame]251 ssl_mode_ = mode;
252}
253
Steve Anton786de702017-08-17 15:15:46 -0700[diff] [blame]254void OpenSSLAdapter::SetIdentity(SSLIdentity* identity) {
255 RTC_DCHECK(!identity_);
256 identity_.reset(static_cast<OpenSSLIdentity*>(identity));
257}
258
259void OpenSSLAdapter::SetRole(SSLRole role) {
260 role_ = role;
261}
262
263AsyncSocket* OpenSSLAdapter::Accept(SocketAddress* paddr) {
264 RTC_DCHECK(role_ == SSL_SERVER);
265 AsyncSocket* socket = SSLAdapter::Accept(paddr);
266 if (!socket) {
267 return nullptr;
268 }
269
270 SSLAdapter* adapter = SSLAdapter::Create(socket);
271 adapter->SetIdentity(identity_->GetReference());
272 adapter->SetRole(rtc::SSL_SERVER);
Diogo Real1dca9d52017-08-29 12:18:32 -0700[diff] [blame]273 adapter->SetIgnoreBadCert(ignore_bad_cert_);
Steve Anton786de702017-08-17 15:15:46 -0700[diff] [blame]274 adapter->StartSSL("", false);
275 return adapter;
276}
277
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]278int OpenSSLAdapter::StartSSL(const char* hostname, bool restartable) {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]279 if (state_ != SSL_NONE)
280 return -1;
281
282 ssl_host_name_ = hostname;
283 restartable_ = restartable;
284
285 if (socket_->GetState() != Socket::CS_CONNECTED) {
286 state_ = SSL_WAIT;
287 return 0;
288 }
289
290 state_ = SSL_CONNECTING;
291 if (int err = BeginSSL()) {
292 Error("BeginSSL", err, false);
293 return err;
294 }
295
296 return 0;
297}
298
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]299int OpenSSLAdapter::BeginSSL() {
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]300 RTC_LOG(LS_INFO) << "OpenSSLAdapter::BeginSSL: " << ssl_host_name_;
nisseede5da42017-01-12 05:15:36 -0800[diff] [blame]301 RTC_DCHECK(state_ == SSL_CONNECTING);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]302
303 int err = 0;
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]304 BIO* bio = nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]305
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]306 // First set up the context. We should either have a factory, with its own
307 // pre-existing context, or be running standalone, in which case we will
308 // need to create one, and specify |false| to disable session caching.
309 if (!factory_) {
310 RTC_DCHECK(!ssl_ctx_);
311 ssl_ctx_ = CreateContext(ssl_mode_, false);
312 }
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]313 if (!ssl_ctx_) {
314 err = -1;
315 goto ssl_error;
316 }
317
Steve Anton786de702017-08-17 15:15:46 -0700[diff] [blame]318 if (identity_ && !identity_->ConfigureIdentity(ssl_ctx_)) {
319 SSL_CTX_free(ssl_ctx_);
320 err = -1;
321 goto ssl_error;
322 }
323
Peter Boström0b518bf2016-01-27 12:35:40 +0100[diff] [blame]324 bio = BIO_new_socket(socket_);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]325 if (!bio) {
326 err = -1;
327 goto ssl_error;
328 }
329
330 ssl_ = SSL_new(ssl_ctx_);
331 if (!ssl_) {
332 err = -1;
333 goto ssl_error;
334 }
335
336 SSL_set_app_data(ssl_, this);
337
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]338 // SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER allows different buffers to be passed
339 // into SSL_write when a record could only be partially transmitted (and thus
340 // requires another call to SSL_write to finish transmission). This allows us
341 // to copy the data into our own buffer when this occurs, since the original
342 // buffer can't safely be accessed after control exits Send.
343 // TODO(deadbeef): Do we want SSL_MODE_ENABLE_PARTIAL_WRITE? It doesn't
344 // appear Send handles partial writes properly, though maybe we never notice
345 // since we never send more than 16KB at once..
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]346 SSL_set_mode(ssl_, SSL_MODE_ENABLE_PARTIAL_WRITE |
347 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
348
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]349 // Enable SNI, if a hostname is supplied.
Emad Omaradab1d2d2017-06-16 15:43:11 -0700[diff] [blame]350 if (!ssl_host_name_.empty()) {
351 SSL_set_tlsext_host_name(ssl_, ssl_host_name_.c_str());
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]352
353 // Enable session caching, if configured and a hostname is supplied.
354 if (factory_) {
355 SSL_SESSION* cached = factory_->LookupSession(ssl_host_name_);
356 if (cached) {
357 if (SSL_set_session(ssl_, cached) == 0) {
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]358 RTC_LOG(LS_WARNING) << "Failed to apply SSL session from cache";
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]359 err = -1;
360 goto ssl_error;
361 }
362
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]363 RTC_LOG(LS_INFO) << "Attempting to resume SSL session to "
364 << ssl_host_name_;
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]365 }
366 }
Emad Omaradab1d2d2017-06-16 15:43:11 -0700[diff] [blame]367 }
368
Jiawei Oueb0df082018-02-02 14:51:18 -0800[diff] [blame^]369#ifdef OPENSSL_IS_BORINGSSL
Emad Omaracb79d232017-07-20 16:34:34 -0700[diff] [blame]370 // Set a couple common TLS extensions; even though we don't use them yet.
Emad Omaracb79d232017-07-20 16:34:34 -0700[diff] [blame]371 SSL_enable_ocsp_stapling(ssl_);
372 SSL_enable_signed_cert_timestamps(ssl_);
Jiawei Oueb0df082018-02-02 14:51:18 -0800[diff] [blame^]373#endif
Emad Omaracb79d232017-07-20 16:34:34 -0700[diff] [blame]374
Diogo Real1dca9d52017-08-29 12:18:32 -0700[diff] [blame]375 if (!alpn_protocols_.empty()) {
376 std::string tls_alpn_string = TransformAlpnProtocols(alpn_protocols_);
377 if (!tls_alpn_string.empty()) {
378 SSL_set_alpn_protos(
379 ssl_, reinterpret_cast<const unsigned char*>(tls_alpn_string.data()),
380 tls_alpn_string.size());
381 }
382 }
383
Diogo Real7bd1f1b2017-09-08 12:50:41 -0700[diff] [blame]384 if (!elliptic_curves_.empty()) {
385 SSL_set1_curves_list(ssl_, rtc::join(elliptic_curves_, ':').c_str());
386 }
387
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]388 // Now that the initial config is done, transfer ownership of |bio| to the
389 // SSL object. If ContinueSSL() fails, the bio will be freed in Cleanup().
390 SSL_set_bio(ssl_, bio, bio);
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]391 bio = nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]392
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]393 // Do the connect.
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]394 err = ContinueSSL();
395 if (err != 0)
396 goto ssl_error;
397
398 return err;
399
400ssl_error:
401 Cleanup();
402 if (bio)
403 BIO_free(bio);
404
405 return err;
406}
407
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]408int OpenSSLAdapter::ContinueSSL() {
nisseede5da42017-01-12 05:15:36 -0800[diff] [blame]409 RTC_DCHECK(state_ == SSL_CONNECTING);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]410
pthatcher@webrtc.orga9b1ec02014-12-29 23:00:14 +0000[diff] [blame]411 // Clear the DTLS timer
412 Thread::Current()->Clear(this, MSG_TIMEOUT);
413
Steve Anton786de702017-08-17 15:15:46 -0700[diff] [blame]414 int code = (role_ == SSL_CLIENT) ? SSL_connect(ssl_) : SSL_accept(ssl_);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]415 switch (SSL_get_error(ssl_, code)) {
416 case SSL_ERROR_NONE:
417 if (!SSLPostConnectionCheck(ssl_, ssl_host_name_.c_str())) {
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]418 RTC_LOG(LS_ERROR) << "TLS post connection check failed";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]419 // make sure we close the socket
420 Cleanup();
421 // The connect failed so return -1 to shut down the socket
422 return -1;
423 }
424
425 state_ = SSL_CONNECTED;
426 AsyncSocketAdapter::OnConnectEvent(this);
427#if 0 // TODO: worry about this
428 // Don't let ourselves go away during the callbacks
429 PRefPtr<OpenSSLAdapter> lock(this);
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]430 RTC_LOG(LS_INFO) << " -- onStreamReadable";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]431 AsyncSocketAdapter::OnReadEvent(this);
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]432 RTC_LOG(LS_INFO) << " -- onStreamWriteable";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]433 AsyncSocketAdapter::OnWriteEvent(this);
434#endif
435 break;
436
437 case SSL_ERROR_WANT_READ:
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]438 RTC_LOG(LS_VERBOSE) << " -- error want read";
pthatcher@webrtc.orga9b1ec02014-12-29 23:00:14 +0000[diff] [blame]439 struct timeval timeout;
440 if (DTLSv1_get_timeout(ssl_, &timeout)) {
441 int delay = timeout.tv_sec * 1000 + timeout.tv_usec/1000;
442
Taylor Brandstetter5d97a9a2016-06-10 14:17:27 -0700[diff] [blame]443 Thread::Current()->PostDelayed(RTC_FROM_HERE, delay, this, MSG_TIMEOUT,
444 0);
pthatcher@webrtc.orga9b1ec02014-12-29 23:00:14 +0000[diff] [blame]445 }
446 break;
447
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]448 case SSL_ERROR_WANT_WRITE:
449 break;
450
451 case SSL_ERROR_ZERO_RETURN:
452 default:
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]453 RTC_LOG(LS_WARNING) << "ContinueSSL -- error " << code;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]454 return (code != 0) ? code : -1;
455 }
456
457 return 0;
458}
459
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]460void OpenSSLAdapter::Error(const char* context, int err, bool signal) {
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]461 RTC_LOG(LS_WARNING) << "OpenSSLAdapter::Error(" << context << ", " << err
462 << ")";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]463 state_ = SSL_ERROR;
464 SetError(err);
465 if (signal)
466 AsyncSocketAdapter::OnCloseEvent(this, err);
467}
468
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]469void OpenSSLAdapter::Cleanup() {
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]470 RTC_LOG(LS_INFO) << "OpenSSLAdapter::Cleanup";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]471
472 state_ = SSL_NONE;
473 ssl_read_needs_write_ = false;
474 ssl_write_needs_read_ = false;
475 custom_verification_succeeded_ = false;
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]476 pending_data_.Clear();
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]477
478 if (ssl_) {
479 SSL_free(ssl_);
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]480 ssl_ = nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]481 }
482
483 if (ssl_ctx_) {
484 SSL_CTX_free(ssl_ctx_);
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]485 ssl_ctx_ = nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]486 }
Steve Anton786de702017-08-17 15:15:46 -0700[diff] [blame]487 identity_.reset();
pthatcher@webrtc.orga9b1ec02014-12-29 23:00:14 +0000[diff] [blame]488
489 // Clear the DTLS timer
490 Thread::Current()->Clear(this, MSG_TIMEOUT);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]491}
492
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]493int OpenSSLAdapter::DoSslWrite(const void* pv, size_t cb, int* error) {
494 // If we have pending data (that was previously only partially written by
495 // SSL_write), we shouldn't be attempting to write anything else.
496 RTC_DCHECK(pending_data_.empty() || pv == pending_data_.data());
497 RTC_DCHECK(error != nullptr);
498
499 ssl_write_needs_read_ = false;
500 int ret = SSL_write(ssl_, pv, checked_cast<int>(cb));
501 *error = SSL_get_error(ssl_, ret);
502 switch (*error) {
503 case SSL_ERROR_NONE:
504 // Success!
505 return ret;
506 case SSL_ERROR_WANT_READ:
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]507 RTC_LOG(LS_INFO) << " -- error want read";
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]508 ssl_write_needs_read_ = true;
509 SetError(EWOULDBLOCK);
510 break;
511 case SSL_ERROR_WANT_WRITE:
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]512 RTC_LOG(LS_INFO) << " -- error want write";
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]513 SetError(EWOULDBLOCK);
514 break;
515 case SSL_ERROR_ZERO_RETURN:
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]516 SetError(EWOULDBLOCK);
517 // do we need to signal closure?
518 break;
519 case SSL_ERROR_SSL:
520 LogSslError();
521 Error("SSL_write", ret ? ret : -1, false);
522 break;
523 default:
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]524 Error("SSL_write", ret ? ret : -1, false);
525 break;
526 }
527
528 return SOCKET_ERROR;
529}
530
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]531//
532// AsyncSocket Implementation
533//
534
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]535int OpenSSLAdapter::Send(const void* pv, size_t cb) {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]536 switch (state_) {
537 case SSL_NONE:
538 return AsyncSocketAdapter::Send(pv, cb);
539
540 case SSL_WAIT:
541 case SSL_CONNECTING:
skvladc309e0e2016-07-28 17:15:20 -0700[diff] [blame]542 SetError(ENOTCONN);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]543 return SOCKET_ERROR;
544
545 case SSL_CONNECTED:
546 break;
547
548 case SSL_ERROR:
549 default:
550 return SOCKET_ERROR;
551 }
552
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]553 int ret;
554 int error;
555
556 if (!pending_data_.empty()) {
557 ret = DoSslWrite(pending_data_.data(), pending_data_.size(), &error);
558 if (ret != static_cast<int>(pending_data_.size())) {
559 // We couldn't finish sending the pending data, so we definitely can't
560 // send any more data. Return with an EWOULDBLOCK error.
561 SetError(EWOULDBLOCK);
562 return SOCKET_ERROR;
563 }
564 // We completed sending the data previously passed into SSL_write! Now
565 // we're allowed to send more data.
566 pending_data_.Clear();
567 }
568
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]569 // OpenSSL will return an error if we try to write zero bytes
570 if (cb == 0)
571 return 0;
572
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]573 ret = DoSslWrite(pv, cb, &error);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]574
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]575 // If SSL_write fails with SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE, this
576 // means the underlying socket is blocked on reading or (more typically)
577 // writing. When this happens, OpenSSL requires that the next call to
578 // SSL_write uses the same arguments (though, with
579 // SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER, the actual buffer pointer may be
580 // different).
581 //
582 // However, after Send exits, we will have lost access to data the user of
583 // this class is trying to send, and there's no guarantee that the user of
584 // this class will call Send with the same arguements when it fails. So, we
585 // buffer the data ourselves. When we know the underlying socket is writable
586 // again from OnWriteEvent (or if Send is called again before that happens),
587 // we'll retry sending this buffered data.
deadbeefe5dce2b2017-06-02 11:52:06 -0700[diff] [blame]588 if (error == SSL_ERROR_WANT_READ || error == SSL_ERROR_WANT_WRITE) {
589 // Shouldn't be able to get to this point if we already have pending data.
590 RTC_DCHECK(pending_data_.empty());
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]591 RTC_LOG(LS_WARNING)
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]592 << "SSL_write couldn't write to the underlying socket; buffering data.";
593 pending_data_.SetData(static_cast<const uint8_t*>(pv), cb);
594 // Since we're taking responsibility for sending this data, return its full
595 // size. The user of this class can consider it sent.
596 return cb;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]597 }
598
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]599 return ret;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]600}
601
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]602int OpenSSLAdapter::SendTo(const void* pv,
603 size_t cb,
604 const SocketAddress& addr) {
pthatcher@webrtc.orga9b1ec02014-12-29 23:00:14 +0000[diff] [blame]605 if (socket_->GetState() == Socket::CS_CONNECTED &&
606 addr == socket_->GetRemoteAddress()) {
607 return Send(pv, cb);
608 }
609
610 SetError(ENOTCONN);
611
612 return SOCKET_ERROR;
613}
614
Stefan Holmer9131efd2016-05-23 18:19:26 +0200[diff] [blame]615int OpenSSLAdapter::Recv(void* pv, size_t cb, int64_t* timestamp) {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]616 switch (state_) {
617
618 case SSL_NONE:
Stefan Holmer9131efd2016-05-23 18:19:26 +0200[diff] [blame]619 return AsyncSocketAdapter::Recv(pv, cb, timestamp);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]620
621 case SSL_WAIT:
622 case SSL_CONNECTING:
skvladc309e0e2016-07-28 17:15:20 -0700[diff] [blame]623 SetError(ENOTCONN);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]624 return SOCKET_ERROR;
625
626 case SSL_CONNECTED:
627 break;
628
629 case SSL_ERROR:
630 default:
631 return SOCKET_ERROR;
632 }
633
634 // Don't trust OpenSSL with zero byte reads
635 if (cb == 0)
636 return 0;
637
638 ssl_read_needs_write_ = false;
639
henrike@webrtc.orgd89b69a2014-11-06 17:23:09 +0000[diff] [blame]640 int code = SSL_read(ssl_, pv, checked_cast<int>(cb));
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]641 int error = SSL_get_error(ssl_, code);
642 switch (error) {
643 case SSL_ERROR_NONE:
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]644 return code;
645 case SSL_ERROR_WANT_READ:
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]646 SetError(EWOULDBLOCK);
647 break;
648 case SSL_ERROR_WANT_WRITE:
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]649 ssl_read_needs_write_ = true;
650 SetError(EWOULDBLOCK);
651 break;
652 case SSL_ERROR_ZERO_RETURN:
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]653 SetError(EWOULDBLOCK);
654 // do we need to signal closure?
655 break;
656 case SSL_ERROR_SSL:
657 LogSslError();
658 Error("SSL_read", (code ? code : -1), false);
659 break;
660 default:
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]661 Error("SSL_read", (code ? code : -1), false);
662 break;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]663 }
664
665 return SOCKET_ERROR;
666}
667
Stefan Holmer9131efd2016-05-23 18:19:26 +0200[diff] [blame]668int OpenSSLAdapter::RecvFrom(void* pv,
669 size_t cb,
670 SocketAddress* paddr,
671 int64_t* timestamp) {
pthatcher@webrtc.orga9b1ec02014-12-29 23:00:14 +0000[diff] [blame]672 if (socket_->GetState() == Socket::CS_CONNECTED) {
Stefan Holmer9131efd2016-05-23 18:19:26 +0200[diff] [blame]673 int ret = Recv(pv, cb, timestamp);
pthatcher@webrtc.orga9b1ec02014-12-29 23:00:14 +0000[diff] [blame]674
675 *paddr = GetRemoteAddress();
676
677 return ret;
678 }
679
680 SetError(ENOTCONN);
681
682 return SOCKET_ERROR;
683}
684
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]685int OpenSSLAdapter::Close() {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]686 Cleanup();
687 state_ = restartable_ ? SSL_WAIT : SSL_NONE;
688 return AsyncSocketAdapter::Close();
689}
690
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]691Socket::ConnState OpenSSLAdapter::GetState() const {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]692 //if (signal_close_)
693 // return CS_CONNECTED;
694 ConnState state = socket_->GetState();
695 if ((state == CS_CONNECTED)
696 && ((state_ == SSL_WAIT) || (state_ == SSL_CONNECTING)))
697 state = CS_CONNECTING;
698 return state;
699}
700
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]701bool OpenSSLAdapter::IsResumedSession() {
702 return (ssl_ && SSL_session_reused(ssl_) == 1);
703}
704
705void OpenSSLAdapter::OnMessage(Message* msg) {
pthatcher@webrtc.orga9b1ec02014-12-29 23:00:14 +0000[diff] [blame]706 if (MSG_TIMEOUT == msg->message_id) {
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]707 RTC_LOG(LS_INFO) << "DTLS timeout expired";
pthatcher@webrtc.orga9b1ec02014-12-29 23:00:14 +0000[diff] [blame]708 DTLSv1_handle_timeout(ssl_);
709 ContinueSSL();
710 }
711}
712
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]713void OpenSSLAdapter::OnConnectEvent(AsyncSocket* socket) {
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]714 RTC_LOG(LS_INFO) << "OpenSSLAdapter::OnConnectEvent";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]715 if (state_ != SSL_WAIT) {
nisseede5da42017-01-12 05:15:36 -0800[diff] [blame]716 RTC_DCHECK(state_ == SSL_NONE);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]717 AsyncSocketAdapter::OnConnectEvent(socket);
718 return;
719 }
720
721 state_ = SSL_CONNECTING;
722 if (int err = BeginSSL()) {
723 AsyncSocketAdapter::OnCloseEvent(socket, err);
724 }
725}
726
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]727void OpenSSLAdapter::OnReadEvent(AsyncSocket* socket) {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]728 if (state_ == SSL_NONE) {
729 AsyncSocketAdapter::OnReadEvent(socket);
730 return;
731 }
732
733 if (state_ == SSL_CONNECTING) {
734 if (int err = ContinueSSL()) {
735 Error("ContinueSSL", err);
736 }
737 return;
738 }
739
740 if (state_ != SSL_CONNECTED)
741 return;
742
743 // Don't let ourselves go away during the callbacks
744 //PRefPtr<OpenSSLAdapter> lock(this); // TODO: fix this
745 if (ssl_write_needs_read_) {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]746 AsyncSocketAdapter::OnWriteEvent(socket);
747 }
748
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]749 AsyncSocketAdapter::OnReadEvent(socket);
750}
751
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]752void OpenSSLAdapter::OnWriteEvent(AsyncSocket* socket) {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]753 if (state_ == SSL_NONE) {
754 AsyncSocketAdapter::OnWriteEvent(socket);
755 return;
756 }
757
758 if (state_ == SSL_CONNECTING) {
759 if (int err = ContinueSSL()) {
760 Error("ContinueSSL", err);
761 }
762 return;
763 }
764
765 if (state_ != SSL_CONNECTED)
766 return;
767
768 // Don't let ourselves go away during the callbacks
769 //PRefPtr<OpenSSLAdapter> lock(this); // TODO: fix this
770
771 if (ssl_read_needs_write_) {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]772 AsyncSocketAdapter::OnReadEvent(socket);
773 }
774
deadbeefed3b9862017-06-02 10:33:16 -0700[diff] [blame]775 // If a previous SSL_write failed due to the underlying socket being blocked,
776 // this will attempt finishing the write operation.
777 if (!pending_data_.empty()) {
778 int error;
779 if (DoSslWrite(pending_data_.data(), pending_data_.size(), &error) ==
780 static_cast<int>(pending_data_.size())) {
781 pending_data_.Clear();
782 }
783 }
784
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]785 AsyncSocketAdapter::OnWriteEvent(socket);
786}
787
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]788void OpenSSLAdapter::OnCloseEvent(AsyncSocket* socket, int err) {
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]789 RTC_LOG(LS_INFO) << "OpenSSLAdapter::OnCloseEvent(" << err << ")";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]790 AsyncSocketAdapter::OnCloseEvent(socket, err);
791}
792
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]793bool OpenSSLAdapter::VerifyServerName(SSL* ssl, const char* host,
794 bool ignore_bad_cert) {
795 if (!host)
796 return false;
797
798 // Checking the return from SSL_get_peer_certificate here is not strictly
799 // necessary. With our setup, it is not possible for it to return
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]800 // null. However, it is good form to check the return.
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]801 X509* certificate = SSL_get_peer_certificate(ssl);
802 if (!certificate)
803 return false;
804
805 // Logging certificates is extremely verbose. So it is disabled by default.
806#ifdef LOG_CERTIFICATES
807 {
Jonas Olssonaddc3802018-02-01 09:53:06 +0100[diff] [blame]808 RTC_DLOG(LS_INFO) << "Certificate from server:";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]809 BIO* mem = BIO_new(BIO_s_mem());
810 X509_print_ex(mem, certificate, XN_FLAG_SEP_CPLUS_SPC, X509_FLAG_NO_HEADER);
811 BIO_write(mem, "\0", 1);
812 char* buffer;
813 BIO_get_mem_data(mem, &buffer);
Jonas Olssonaddc3802018-02-01 09:53:06 +0100[diff] [blame]814 RTC_DLOG(LS_INFO) << buffer;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]815 BIO_free(mem);
816
817 char* cipher_description =
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]818 SSL_CIPHER_description(SSL_get_current_cipher(ssl), nullptr, 128);
Jonas Olssonaddc3802018-02-01 09:53:06 +0100[diff] [blame]819 RTC_DLOG(LS_INFO) << "Cipher: " << cipher_description;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]820 OPENSSL_free(cipher_description);
821 }
822#endif
823
824 bool ok = false;
davidben4ef903d2017-02-17 13:04:43 -0800[diff] [blame]825 GENERAL_NAMES* names = reinterpret_cast<GENERAL_NAMES*>(
826 X509_get_ext_d2i(certificate, NID_subject_alt_name, nullptr, nullptr));
827 if (names) {
Jiawei Oueb0df082018-02-02 14:51:18 -0800[diff] [blame^]828 for (size_t i = 0; i < static_cast<size_t>(sk_GENERAL_NAME_num(names));
829 i++) {
davidben4ef903d2017-02-17 13:04:43 -0800[diff] [blame]830 const GENERAL_NAME* name = sk_GENERAL_NAME_value(names, i);
831 if (name->type != GEN_DNS)
832 continue;
833 std::string value(
834 reinterpret_cast<const char*>(ASN1_STRING_data(name->d.dNSName)),
835 ASN1_STRING_length(name->d.dNSName));
836 // string_match takes NUL-terminated strings, so check for embedded NULs.
837 if (value.find('\0') != std::string::npos)
838 continue;
839 if (string_match(host, value.c_str())) {
840 ok = true;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]841 break;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]842 }
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]843 }
davidben4ef903d2017-02-17 13:04:43 -0800[diff] [blame]844 GENERAL_NAMES_free(names);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]845 }
846
847 char data[256];
henrike@webrtc.orgd5a05062014-06-30 20:38:56 +0000[diff] [blame]848 X509_NAME* subject;
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]849 if (!ok && ((subject = X509_get_subject_name(certificate)) != nullptr) &&
850 (X509_NAME_get_text_by_NID(subject, NID_commonName, data, sizeof(data)) >
851 0)) {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]852 data[sizeof(data)-1] = 0;
853 if (_stricmp(data, host) == 0)
854 ok = true;
855 }
856
857 X509_free(certificate);
858
859 // This should only ever be turned on for debugging and development.
860 if (!ok && ignore_bad_cert) {
Jonas Olssonaddc3802018-02-01 09:53:06 +0100[diff] [blame]861 RTC_DLOG(LS_WARNING) << "TLS certificate check FAILED. "
862 << "Allowing connection anyway.";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]863 ok = true;
864 }
865
866 return ok;
867}
868
869bool OpenSSLAdapter::SSLPostConnectionCheck(SSL* ssl, const char* host) {
Diogo Real1dca9d52017-08-29 12:18:32 -0700[diff] [blame]870 bool ok = VerifyServerName(ssl, host, ignore_bad_cert_);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]871
872 if (ok) {
873 ok = (SSL_get_verify_result(ssl) == X509_V_OK ||
874 custom_verification_succeeded_);
875 }
876
Diogo Real1dca9d52017-08-29 12:18:32 -0700[diff] [blame]877 if (!ok && ignore_bad_cert_) {
Jonas Olssonaddc3802018-02-01 09:53:06 +0100[diff] [blame]878 RTC_DLOG(LS_INFO) << "Other TLS post connection checks failed.";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]879 ok = true;
880 }
881
882 return ok;
883}
884
tfarinaa41ab932015-10-30 16:08:48 -0700[diff] [blame]885#if !defined(NDEBUG)
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]886
887// We only use this for tracing and so it is only needed in debug mode
888
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]889void OpenSSLAdapter::SSLInfoCallback(const SSL* s, int where, int ret) {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]890 const char* str = "undefined";
891 int w = where & ~SSL_ST_MASK;
892 if (w & SSL_ST_CONNECT) {
893 str = "SSL_connect";
894 } else if (w & SSL_ST_ACCEPT) {
895 str = "SSL_accept";
896 }
897 if (where & SSL_CB_LOOP) {
Jonas Olssonaddc3802018-02-01 09:53:06 +0100[diff] [blame]898 RTC_DLOG(LS_INFO) << str << ":" << SSL_state_string_long(s);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]899 } else if (where & SSL_CB_ALERT) {
900 str = (where & SSL_CB_READ) ? "read" : "write";
Jonas Olssonaddc3802018-02-01 09:53:06 +0100[diff] [blame]901 RTC_DLOG(LS_INFO) << "SSL3 alert " << str << ":"
902 << SSL_alert_type_string_long(ret) << ":"
903 << SSL_alert_desc_string_long(ret);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]904 } else if (where & SSL_CB_EXIT) {
905 if (ret == 0) {
Jonas Olssonaddc3802018-02-01 09:53:06 +0100[diff] [blame]906 RTC_DLOG(LS_INFO) << str << ":failed in " << SSL_state_string_long(s);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]907 } else if (ret < 0) {
Jonas Olssonaddc3802018-02-01 09:53:06 +0100[diff] [blame]908 RTC_DLOG(LS_INFO) << str << ":error in " << SSL_state_string_long(s);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]909 }
910 }
911}
912
tfarinaa41ab932015-10-30 16:08:48 -0700[diff] [blame]913#endif
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]914
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]915int OpenSSLAdapter::SSLVerifyCallback(int ok, X509_STORE_CTX* store) {
tfarinaa41ab932015-10-30 16:08:48 -0700[diff] [blame]916#if !defined(NDEBUG)
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]917 if (!ok) {
918 char data[256];
919 X509* cert = X509_STORE_CTX_get_current_cert(store);
920 int depth = X509_STORE_CTX_get_error_depth(store);
921 int err = X509_STORE_CTX_get_error(store);
922
Jonas Olssonaddc3802018-02-01 09:53:06 +0100[diff] [blame]923 RTC_DLOG(LS_INFO) << "Error with certificate at depth: " << depth;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]924 X509_NAME_oneline(X509_get_issuer_name(cert), data, sizeof(data));
Jonas Olssonaddc3802018-02-01 09:53:06 +0100[diff] [blame]925 RTC_DLOG(LS_INFO) << " issuer = " << data;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]926 X509_NAME_oneline(X509_get_subject_name(cert), data, sizeof(data));
Jonas Olssonaddc3802018-02-01 09:53:06 +0100[diff] [blame]927 RTC_DLOG(LS_INFO) << " subject = " << data;
928 RTC_DLOG(LS_INFO) << " err = " << err << ":"
929 << X509_verify_cert_error_string(err);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]930 }
931#endif
932
933 // Get our stream pointer from the store
934 SSL* ssl = reinterpret_cast<SSL*>(
935 X509_STORE_CTX_get_ex_data(store,
936 SSL_get_ex_data_X509_STORE_CTX_idx()));
937
938 OpenSSLAdapter* stream =
939 reinterpret_cast<OpenSSLAdapter*>(SSL_get_app_data(ssl));
940
941 if (!ok && custom_verify_callback_) {
942 void* cert =
943 reinterpret_cast<void*>(X509_STORE_CTX_get_current_cert(store));
944 if (custom_verify_callback_(cert)) {
945 stream->custom_verification_succeeded_ = true;
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]946 RTC_LOG(LS_INFO) << "validated certificate using custom callback";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]947 ok = true;
948 }
949 }
950
951 // Should only be used for debugging and development.
Diogo Real1dca9d52017-08-29 12:18:32 -0700[diff] [blame]952 if (!ok && stream->ignore_bad_cert_) {
Jonas Olssonaddc3802018-02-01 09:53:06 +0100[diff] [blame]953 RTC_DLOG(LS_WARNING) << "Ignoring cert error while verifying cert chain";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]954 ok = 1;
955 }
956
957 return ok;
958}
959
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]960int OpenSSLAdapter::NewSSLSessionCallback(SSL* ssl, SSL_SESSION* session) {
961 OpenSSLAdapter* stream =
962 reinterpret_cast<OpenSSLAdapter*>(SSL_get_app_data(ssl));
963 RTC_DCHECK(stream->factory_);
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]964 RTC_LOG(LS_INFO) << "Caching SSL session for " << stream->ssl_host_name_;
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]965 stream->factory_->AddSession(stream->ssl_host_name_, session);
966 return 1; // We've taken ownership of the session; OpenSSL shouldn't free it.
967}
968
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]969bool OpenSSLAdapter::ConfigureTrustedRootCertificates(SSL_CTX* ctx) {
970 // Add the root cert that we care about to the SSL context
971 int count_of_added_certs = 0;
tfarina5237aaf2015-11-10 23:44:30 -0800[diff] [blame]972 for (size_t i = 0; i < arraysize(kSSLCertCertificateList); i++) {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]973 const unsigned char* cert_buffer = kSSLCertCertificateList[i];
974 size_t cert_buffer_len = kSSLCertCertificateSizeList[i];
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]975 X509* cert =
976 d2i_X509(nullptr, &cert_buffer, checked_cast<long>(cert_buffer_len));
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]977 if (cert) {
978 int return_value = X509_STORE_add_cert(SSL_CTX_get_cert_store(ctx), cert);
979 if (return_value == 0) {
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]980 RTC_LOG(LS_WARNING) << "Unable to add certificate.";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]981 } else {
982 count_of_added_certs++;
983 }
984 X509_free(cert);
985 }
986 }
987 return count_of_added_certs > 0;
988}
989
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]990SSL_CTX* OpenSSLAdapter::CreateContext(SSLMode mode, bool enable_cache) {
Emad Omarac6de0c92017-06-21 16:40:56 -0700[diff] [blame]991 // Use (D)TLS 1.2.
992 // Note: BoringSSL supports a range of versions by setting max/min version
993 // (Default V1.0 to V1.2). However (D)TLSv1_2_client_method functions used
994 // below in OpenSSL only support V1.2.
995 SSL_CTX* ctx = nullptr;
996#ifdef OPENSSL_IS_BORINGSSL
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]997 ctx = SSL_CTX_new(mode == SSL_MODE_DTLS ? DTLS_method() : TLS_method());
Emad Omarac6de0c92017-06-21 16:40:56 -0700[diff] [blame]998#else
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]999 ctx = SSL_CTX_new(mode == SSL_MODE_DTLS ? DTLSv1_2_client_method()
1000 : TLSv1_2_client_method());
Emad Omarac6de0c92017-06-21 16:40:56 -0700[diff] [blame]1001#endif // OPENSSL_IS_BORINGSSL
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]1002 if (ctx == nullptr) {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1003 unsigned long error = ERR_get_error(); // NOLINT: type used by OpenSSL.
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]1004 RTC_LOG(LS_WARNING) << "SSL_CTX creation failed: " << '"'
1005 << ERR_reason_error_string(error) << "\" "
1006 << "(error=" << error << ')';
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]1007 return nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1008 }
1009 if (!ConfigureTrustedRootCertificates(ctx)) {
1010 SSL_CTX_free(ctx);
deadbeef37f5ecf2017-02-27 14:06:41 -0800[diff] [blame]1011 return nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1012 }
1013
tfarinaa41ab932015-10-30 16:08:48 -0700[diff] [blame]1014#if !defined(NDEBUG)
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1015 SSL_CTX_set_info_callback(ctx, SSLInfoCallback);
1016#endif
1017
1018 SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, SSLVerifyCallback);
1019 SSL_CTX_set_verify_depth(ctx, 4);
Emad Omarac6de0c92017-06-21 16:40:56 -0700[diff] [blame]1020 // Use defaults, but disable HMAC-SHA256 and HMAC-SHA384 ciphers
1021 // (note that SHA256 and SHA384 only select legacy CBC ciphers).
1022 // Additionally disable HMAC-SHA1 ciphers in ECDSA. These are the remaining
1023 // CBC-mode ECDSA ciphers.
1024 SSL_CTX_set_cipher_list(
1025 ctx, "ALL:!SHA256:!SHA384:!aPSK:!ECDSA+SHA1:!ADH:!LOW:!EXP:!MD5");
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1026
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]1027 if (mode == SSL_MODE_DTLS) {
pthatcher@webrtc.orga9b1ec02014-12-29 23:00:14 +0000[diff] [blame]1028 SSL_CTX_set_read_ahead(ctx, 1);
1029 }
1030
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]1031 if (enable_cache) {
1032 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_CLIENT);
1033 SSL_CTX_sess_set_new_cb(ctx, &OpenSSLAdapter::NewSSLSessionCallback);
1034 }
1035
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1036 return ctx;
1037}
1038
Diogo Real1dca9d52017-08-29 12:18:32 -0700[diff] [blame]1039std::string TransformAlpnProtocols(
1040 const std::vector<std::string>& alpn_protocols) {
1041 // Transforms the alpn_protocols list to the format expected by
1042 // Open/BoringSSL. This requires joining the protocols into a single string
1043 // and prepending a character with the size of the protocol string before
1044 // each protocol.
1045 std::string transformed_alpn;
1046 for (const std::string& proto : alpn_protocols) {
1047 if (proto.size() == 0 || proto.size() > 0xFF) {
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]1048 RTC_LOG(LS_ERROR) << "OpenSSLAdapter::Error("
1049 << "TransformAlpnProtocols received proto with size "
1050 << proto.size() << ")";
Diogo Real1dca9d52017-08-29 12:18:32 -0700[diff] [blame]1051 return "";
1052 }
1053 transformed_alpn += static_cast<char>(proto.size());
1054 transformed_alpn += proto;
Mirko Bonadei675513b2017-11-09 11:09:25 +0100[diff] [blame]1055 RTC_LOG(LS_VERBOSE) << "TransformAlpnProtocols: Adding proto: " << proto;
Diogo Real1dca9d52017-08-29 12:18:32 -0700[diff] [blame]1056 }
1057 return transformed_alpn;
1058}
1059
Justin Uberti1d445502017-08-14 17:04:34 -0700[diff] [blame]1060//////////////////////////////////////////////////////////////////////
1061// OpenSSLAdapterFactory
1062//////////////////////////////////////////////////////////////////////
1063
1064OpenSSLAdapterFactory::OpenSSLAdapterFactory()
1065 : ssl_mode_(SSL_MODE_TLS), ssl_ctx_(nullptr) {}
1066
1067OpenSSLAdapterFactory::~OpenSSLAdapterFactory() {
1068 for (auto it : sessions_) {
1069 SSL_SESSION_free(it.second);
1070 }
1071 SSL_CTX_free(ssl_ctx_);
1072}
1073
1074void OpenSSLAdapterFactory::SetMode(SSLMode mode) {
1075 RTC_DCHECK(!ssl_ctx_);
1076 ssl_mode_ = mode;
1077}
1078
1079OpenSSLAdapter* OpenSSLAdapterFactory::CreateAdapter(AsyncSocket* socket) {
1080 if (!ssl_ctx_) {
1081 bool enable_cache = true;
1082 ssl_ctx_ = OpenSSLAdapter::CreateContext(ssl_mode_, enable_cache);
1083 if (!ssl_ctx_) {
1084 return nullptr;
1085 }
1086 }
1087
1088 return new OpenSSLAdapter(socket, this);
1089}
1090
1091SSL_SESSION* OpenSSLAdapterFactory::LookupSession(const std::string& hostname) {
1092 auto it = sessions_.find(hostname);
1093 return (it != sessions_.end()) ? it->second : nullptr;
1094}
1095
1096void OpenSSLAdapterFactory::AddSession(const std::string& hostname,
1097 SSL_SESSION* new_session) {
1098 SSL_SESSION* old_session = LookupSession(hostname);
1099 SSL_SESSION_free(old_session);
1100 sessions_[hostname] = new_session;
1101}
1102
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1103} // namespace rtc