X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fsrc%2Ftls-openssl.c;h=4636f3c320ff44ff669d18258f4175d8b965c70e;hb=753739fdef6d9753ee4a7e89afd959a4034d2ad9;hp=eb18d64d3ed32575d5c176ca5f15e9e735dbb37b;hpb=31f5b3492bde6a055c0c349a3d46718bd5a7e4f0;p=user%2Fhenk%2Fcode%2Fexim.git

diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index eb18d64d3..4636f3c32 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -48,6 +48,7 @@ functions from the OpenSSL library. */
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
 # define EXIM_HAVE_OCSP_RESP_COUNT
 # define OPENSSL_AUTO_SHA256
+# define EXIM_HAVE_ALPN
 #else
 # define EXIM_HAVE_EPHEM_RSA_KEX
 # define EXIM_HAVE_RAND_PSEUDO
@@ -418,9 +419,6 @@ setup_certs(SSL_CTX *sctx, uschar *certs, uschar *crl, host_item *host,
     uschar ** errstr );
 
 /* Callbacks */
-#ifdef EXIM_HAVE_OPENSSL_TLSEXT
-static int tls_servername_cb(SSL *s, int *ad ARG_UNUSED, void *arg);
-#endif
 #ifndef DISABLE_OCSP
 static int tls_server_stapling_cb(SSL *s, void *arg);
 #endif
@@ -903,10 +901,12 @@ DEBUG(D_tls)
 	  str = where & SSL_CB_READ ? US"read" : US"write",
 	  SSL_alert_type_string_long(ret), SSL_alert_desc_string_long(ret));
   else if (where & SSL_CB_EXIT)
-     if (ret == 0)
-	debug_printf("%s: failed in %s\n", str, SSL_state_string_long(s));
-     else if (ret < 0)
-	debug_printf("%s: error in %s\n", str, SSL_state_string_long(s));
+    {
+    if (ret == 0)
+      debug_printf("%s: failed in %s\n", str, SSL_state_string_long(s));
+    else if (ret < 0)
+      debug_printf("%s: error in %s\n", str, SSL_state_string_long(s));
+    }
   else if (where & SSL_CB_HANDSHAKE_START)
      debug_printf("%s: hshake start: %s\n", str, SSL_state_string_long(s));
   else if (where & SSL_CB_HANDSHAKE_DONE)
@@ -1247,10 +1247,14 @@ int status, reason, i;
 DEBUG(D_tls)
   debug_printf("tls_ocsp_file (%s)  '%s'\n", is_pem ? "PEM" : "DER", filename);
 
+if (!filename || !*filename) return;
+
+ERR_clear_error();
 if (!(bio = BIO_new_file(CS filename, "rb")))
   {
-  DEBUG(D_tls) debug_printf("Failed to open OCSP response file \"%s\"\n",
-      filename);
+  log_write(0, LOG_MAIN|LOG_PANIC,
+    "Failed to open OCSP response file \"%s\": %.100s",
+    filename, ERR_reason_error_string(ERR_get_error()));
   return;
   }
 
@@ -1261,8 +1265,8 @@ if (is_pem)
   long len;
   if (!PEM_read_bio(bio, &dummy, &dummy, &data, &len))
     {
-    DEBUG(D_tls) debug_printf("Failed to read PEM file \"%s\"\n",
-	filename);
+    log_write(0, LOG_MAIN|LOG_PANIC, "Failed to read PEM file \"%s\": %.100s",
+      filename, ERR_reason_error_string(ERR_get_error()));
     return;
     }
   freep = data;
@@ -1275,7 +1279,8 @@ BIO_free(bio);
 
 if (!resp)
   {
-  DEBUG(D_tls) debug_printf("Error reading OCSP response.\n");
+  log_write(0, LOG_MAIN|LOG_PANIC, "Error reading OCSP response from \"%s\": %s",
+      filename, ERR_reason_error_string(ERR_get_error()));
   return;
   }
 
@@ -2130,6 +2135,53 @@ bad: return SSL_TLSEXT_ERR_ALERT_FATAL;
 
 
 
+#ifdef EXIM_HAVE_ALPN
+/*************************************************
+*        Callback to handle ALPN                 *
+*************************************************/
+
+/* SSL_CTX_set_alpn_select_cb() */
+/* Called on server when client offers ALPN, after the SNI callback.
+If set and not e?smtp then we dump the connection */
+
+static int
+tls_server_alpn_cb(SSL *ssl, const uschar ** out, uschar * outlen,
+  const uschar * in, unsigned int inlen, void * arg)
+{
+const exim_openssl_state_st * state = arg;
+
+DEBUG(D_tls)
+  {
+  debug_printf("Received TLS ALPN offer:");
+  for (int pos = 0, siz; pos < inlen; pos += siz+1)
+    {
+    siz = in[pos];
+    if (pos + 1 + siz > inlen) siz = inlen - pos - 1;
+    debug_printf(" '%.*s'", siz, in + pos + 1);
+    }
+  debug_printf("\n");
+  }
+
+/* Look for an acceptable ALPN */
+if (  inlen > 1		/* at least one name */
+   && in[0]+1 == inlen	/* filling the vector, so exactly one name */
+   && (  Ustrncmp(in+1, "smtp", in[0]) == 0
+      || Ustrncmp(in+1, "esmtp", in[0]) == 0
+   )  )
+  {
+  *out = in;			/* we checked for exactly one, so can just point to it */
+  *outlen = inlen;
+  return SSL_TLSEXT_ERR_OK;	/* use ALPN */
+  }
+
+/* Reject unacceptable ALPN */
+/* This will be fatal to the TLS conn; would be nice to kill TCP also */
+return SSL_TLSEXT_ERR_ALERT_FATAL;
+}
+#endif	/* EXIM_HAVE_ALPN */
+
+
+
 #ifndef DISABLE_OCSP
 
 /*************************************************
@@ -2597,6 +2649,9 @@ if (!host)		/* server */
   tls_certificate */
   SSL_CTX_set_tlsext_servername_callback(ctx, tls_servername_cb);
   SSL_CTX_set_tlsext_servername_arg(ctx, state);
+# ifdef EXIM_HAVE_ALPN
+  SSL_CTX_set_alpn_select_cb(ctx, tls_server_alpn_cb, state);
+# endif
   }
 # ifndef DISABLE_OCSP
 else			/* client */
@@ -2753,18 +2808,23 @@ if (tlsp->peercert)
 /* Load certs from file, return TRUE on success */
 
 static BOOL
-chain_from_pem_file(const uschar * file, STACK_OF(X509) * verify_stack)
+chain_from_pem_file(const uschar * file, STACK_OF(X509) ** vp)
 {
 BIO * bp;
+STACK_OF(X509) * verify_stack = *vp;
 X509 * x;
 
-while (sk_X509_num(verify_stack) > 0)
-  X509_free(sk_X509_pop(verify_stack));
+if (verify_stack)
+  while (sk_X509_num(verify_stack) > 0)
+    X509_free(sk_X509_pop(verify_stack));
+else
+  verify_stack = sk_X509_new_null();
 
 if (!(bp = BIO_new_file(CS file, "r"))) return FALSE;
-while ((x = PEM_read_bio_X509(bp, NULL, 0, NULL)))
+for (X509 * x; x = PEM_read_bio_X509(bp, NULL, 0, NULL); )
   sk_X509_push(verify_stack, x);
 BIO_free(bp);
+*vp = verify_stack;
 return TRUE;
 }
 #endif
@@ -2819,6 +2879,13 @@ if (expcerts && *expcerts)
 	{ file = NULL; dir = expcerts; }
       else
 	{
+	STACK_OF(X509) * verify_stack =
+#ifndef DISABLE_OCSP
+	  !host ? state_server.verify_stack :
+#endif
+	  NULL;
+	STACK_OF(X509) ** vp = &verify_stack;
+
 	file = expcerts; dir = NULL;
 #ifndef DISABLE_OCSP
 	/* In the server if we will be offering an OCSP proof, load chain from
@@ -2827,11 +2894,10 @@ if (expcerts && *expcerts)
 /*XXX Glitch!   The file here is tls_verify_certs: the chain for verifying the client cert.
 This is inconsistent with the need to verify the OCSP proof of the server cert.
 */
-
 	if (  !host
 	   && statbuf.st_size > 0
 	   && state_server.u_ocsp.server.file
-	   && !chain_from_pem_file(file, state_server.verify_stack)
+	   && !chain_from_pem_file(file, vp)
 	   )
 	  {
 	  log_write(0, LOG_MAIN|LOG_PANIC,
@@ -3117,7 +3183,7 @@ if (rc <= 0)
     /* Handle genuine errors */
     case SSL_ERROR_SSL:
       {
-      uschar * s = US"SSL_accept";
+      uschar * s = NULL;
       int r = ERR_GET_REASON(ERR_peek_error());
       if (  r == SSL_R_WRONG_VERSION_NUMBER
 #ifdef SSL_R_VERSION_TOO_LOW
@@ -3125,7 +3191,7 @@ if (rc <= 0)
 #endif
          || r == SSL_R_UNKNOWN_PROTOCOL || r == SSL_R_UNSUPPORTED_PROTOCOL)
 	s = string_sprintf("%s (%s)", s, SSL_get_version(ssl));
-      (void) tls_error(s, NULL, sigalrm_seen ? US"timed out" : NULL, errstr);
+      (void) tls_error(US"SSL_accept", NULL, sigalrm_seen ? US"timed out" : s, errstr);
       return FAIL;
       }
 
@@ -3390,29 +3456,35 @@ if (tlsp->host_resumable)
 	  debug_printf("decoding session: %s\n", ssl_errstring);
 	  }
 	}
-#ifdef EXIM_HAVE_SESSION_TICKET
-      else if ( SSL_SESSION_get_ticket_lifetime_hint(ss) + dt->time_stamp
-	       < time(NULL))
+      else
 	{
-	DEBUG(D_tls) debug_printf("session expired\n");
-	dbfn_delete(dbm_file, key);
-	}
+	unsigned long lifetime =
+#ifdef EXIM_HAVE_SESSION_TICKET
+	  SSL_SESSION_get_ticket_lifetime_hint(ss);
+#else			/* Use, fairly arbitrilarily, what we as server would */
+	  f.running_in_test_harness ? 6 : ssl_session_timeout;
 #endif
-      else if (!SSL_set_session(ssl, ss))
-	{
-	DEBUG(D_tls)
+	if (lifetime + dt->time_stamp < time(NULL))
 	  {
-	  ERR_error_string_n(ERR_get_error(),
-	    ssl_errstring, sizeof(ssl_errstring));
-	  debug_printf("applying session to ssl: %s\n", ssl_errstring);
+	  DEBUG(D_tls) debug_printf("session expired\n");
+	  dbfn_delete(dbm_file, key);
+	  }
+	else if (!SSL_set_session(ssl, ss))
+	  {
+	  DEBUG(D_tls)
+	    {
+	    ERR_error_string_n(ERR_get_error(),
+	      ssl_errstring, sizeof(ssl_errstring));
+	    debug_printf("applying session to ssl: %s\n", ssl_errstring);
+	    }
+	  }
+	else
+	  {
+	  DEBUG(D_tls) debug_printf("good session\n");
+	  tlsp->resumption |= RESUME_CLIENT_SUGGESTED;
+	  tlsp->verify_override = dt->verify_override;
+	  tlsp->ocsp = dt->ocsp;
 	  }
-	}
-      else
-	{
-	DEBUG(D_tls) debug_printf("good session\n");
-	tlsp->resumption |= RESUME_CLIENT_SUGGESTED;
-	tlsp->verify_override = dt->verify_override;
-	tlsp->ocsp = dt->ocsp;
 	}
       }
     else
@@ -4457,7 +4529,6 @@ tls_openssl_options_parse(uschar *option_spec, long *results)
 {
 long result, item;
 uschar * exp, * end;
-uschar keep_c;
 BOOL adding, item_parsed;
 
 /* Server: send no (<= TLS1.2) session tickets */
@@ -4499,11 +4570,8 @@ for (uschar * s = exp; *s; /**/)
     return FALSE;
     }
   adding = *s++ == '+';
-  for (end = s; (*end != '\0') && !isspace(*end); ++end) /**/ ;
-  keep_c = *end;
-  *end = '\0';
-  item_parsed = tls_openssl_one_option_parse(s, &item);
-  *end = keep_c;
+  for (end = s; *end && !isspace(*end); ) end++;
+  item_parsed = tls_openssl_one_option_parse(string_copyn(s, end-s), &item);
   if (!item_parsed)
     {
     DEBUG(D_tls) debug_printf("openssl option setting unrecognised: \"%s\"\n", s);