1 /* 2 * Copyright 2008 The WebRTC Project Authors. All rights reserved. 3 * 4 * Use of this source code is governed by a BSD-style license 5 * that can be found in the LICENSE file in the root of the source 6 * tree. An additional intellectual property rights grant can be found 7 * in the file PATENTS. All contributing project authors may 8 * be found in the AUTHORS file in the root of the source tree. 9 */ 10 11 #if HAVE_OPENSSL_SSL_H 12 13 #include "webrtc/base/openssladapter.h" 14 15 #if defined(WEBRTC_POSIX) 16 #include <unistd.h> 17 #endif 18 19 // Must be included first before openssl headers. 20 #include "webrtc/base/win32.h" // NOLINT 21 22 #include <openssl/bio.h> 23 #include <openssl/crypto.h> 24 #include <openssl/err.h> 25 #include <openssl/opensslv.h> 26 #include <openssl/rand.h> 27 #include <openssl/x509.h> 28 #include <openssl/x509v3.h> 29 30 #if HAVE_CONFIG_H 31 #include "config.h" 32 #endif // HAVE_CONFIG_H 33 34 #include "webrtc/base/common.h" 35 #include "webrtc/base/logging.h" 36 #include "webrtc/base/openssl.h" 37 #include "webrtc/base/sslroots.h" 38 #include "webrtc/base/stringutils.h" 39 40 // TODO: Use a nicer abstraction for mutex. 41 42 #if defined(WEBRTC_WIN) 43 #define MUTEX_TYPE HANDLE 44 #define MUTEX_SETUP(x) (x) = CreateMutex(NULL, FALSE, NULL) 45 #define MUTEX_CLEANUP(x) CloseHandle(x) 46 #define MUTEX_LOCK(x) WaitForSingleObject((x), INFINITE) 47 #define MUTEX_UNLOCK(x) ReleaseMutex(x) 48 #define THREAD_ID GetCurrentThreadId() 49 #elif defined(WEBRTC_POSIX) 50 #define MUTEX_TYPE pthread_mutex_t 51 #define MUTEX_SETUP(x) pthread_mutex_init(&(x), NULL) 52 #define MUTEX_CLEANUP(x) pthread_mutex_destroy(&(x)) 53 #define MUTEX_LOCK(x) pthread_mutex_lock(&(x)) 54 #define MUTEX_UNLOCK(x) pthread_mutex_unlock(&(x)) 55 #define THREAD_ID pthread_self() 56 #else 57 #error You must define mutex operations appropriate for your platform! 58 #endif 59 60 struct CRYPTO_dynlock_value { 61 MUTEX_TYPE mutex; 62 }; 63 64 ////////////////////////////////////////////////////////////////////// 65 // SocketBIO 66 ////////////////////////////////////////////////////////////////////// 67 68 static int socket_write(BIO* h, const char* buf, int num); 69 static int socket_read(BIO* h, char* buf, int size); 70 static int socket_puts(BIO* h, const char* str); 71 static long socket_ctrl(BIO* h, int cmd, long arg1, void* arg2); 72 static int socket_new(BIO* h); 73 static int socket_free(BIO* data); 74 75 static BIO_METHOD methods_socket = { 76 BIO_TYPE_BIO, 77 "socket", 78 socket_write, 79 socket_read, 80 socket_puts, 81 0, 82 socket_ctrl, 83 socket_new, 84 socket_free, 85 NULL, 86 }; 87 88 static BIO_METHOD* BIO_s_socket2() { return(&methods_socket); } 89 90 static BIO* BIO_new_socket(rtc::AsyncSocket* socket) { 91 BIO* ret = BIO_new(BIO_s_socket2()); 92 if (ret == NULL) { 93 return NULL; 94 } 95 ret->ptr = socket; 96 return ret; 97 } 98 99 static int socket_new(BIO* b) { 100 b->shutdown = 0; 101 b->init = 1; 102 b->num = 0; // 1 means socket closed 103 b->ptr = 0; 104 return 1; 105 } 106 107 static int socket_free(BIO* b) { 108 if (b == NULL) 109 return 0; 110 return 1; 111 } 112 113 static int socket_read(BIO* b, char* out, int outl) { 114 if (!out) 115 return -1; 116 rtc::AsyncSocket* socket = static_cast<rtc::AsyncSocket*>(b->ptr); 117 BIO_clear_retry_flags(b); 118 int result = socket->Recv(out, outl); 119 if (result > 0) { 120 return result; 121 } else if (result == 0) { 122 b->num = 1; 123 } else if (socket->IsBlocking()) { 124 BIO_set_retry_read(b); 125 } 126 return -1; 127 } 128 129 static int socket_write(BIO* b, const char* in, int inl) { 130 if (!in) 131 return -1; 132 rtc::AsyncSocket* socket = static_cast<rtc::AsyncSocket*>(b->ptr); 133 BIO_clear_retry_flags(b); 134 int result = socket->Send(in, inl); 135 if (result > 0) { 136 return result; 137 } else if (socket->IsBlocking()) { 138 BIO_set_retry_write(b); 139 } 140 return -1; 141 } 142 143 static int socket_puts(BIO* b, const char* str) { 144 return socket_write(b, str, strlen(str)); 145 } 146 147 static long socket_ctrl(BIO* b, int cmd, long num, void* ptr) { 148 RTC_UNUSED(num); 149 RTC_UNUSED(ptr); 150 151 switch (cmd) { 152 case BIO_CTRL_RESET: 153 return 0; 154 case BIO_CTRL_EOF: 155 return b->num; 156 case BIO_CTRL_WPENDING: 157 case BIO_CTRL_PENDING: 158 return 0; 159 case BIO_CTRL_FLUSH: 160 return 1; 161 default: 162 return 0; 163 } 164 } 165 166 ///////////////////////////////////////////////////////////////////////////// 167 // OpenSSLAdapter 168 ///////////////////////////////////////////////////////////////////////////// 169 170 namespace rtc { 171 172 // This array will store all of the mutexes available to OpenSSL. 173 static MUTEX_TYPE* mutex_buf = NULL; 174 175 static void locking_function(int mode, int n, const char * file, int line) { 176 if (mode & CRYPTO_LOCK) { 177 MUTEX_LOCK(mutex_buf[n]); 178 } else { 179 MUTEX_UNLOCK(mutex_buf[n]); 180 } 181 } 182 183 static unsigned long id_function() { // NOLINT 184 // Use old-style C cast because THREAD_ID's type varies with the platform, 185 // in some cases requiring static_cast, and in others requiring 186 // reinterpret_cast. 187 return (unsigned long)THREAD_ID; // NOLINT 188 } 189 190 static CRYPTO_dynlock_value* dyn_create_function(const char* file, int line) { 191 CRYPTO_dynlock_value* value = new CRYPTO_dynlock_value; 192 if (!value) 193 return NULL; 194 MUTEX_SETUP(value->mutex); 195 return value; 196 } 197 198 static void dyn_lock_function(int mode, CRYPTO_dynlock_value* l, 199 const char* file, int line) { 200 if (mode & CRYPTO_LOCK) { 201 MUTEX_LOCK(l->mutex); 202 } else { 203 MUTEX_UNLOCK(l->mutex); 204 } 205 } 206 207 static void dyn_destroy_function(CRYPTO_dynlock_value* l, 208 const char* file, int line) { 209 MUTEX_CLEANUP(l->mutex); 210 delete l; 211 } 212 213 VerificationCallback OpenSSLAdapter::custom_verify_callback_ = NULL; 214 215 bool OpenSSLAdapter::InitializeSSL(VerificationCallback callback) { 216 if (!InitializeSSLThread() || !SSL_library_init()) 217 return false; 218 #if !defined(ADDRESS_SANITIZER) || !defined(WEBRTC_MAC) || defined(WEBRTC_IOS) 219 // Loading the error strings crashes mac_asan. Omit this debugging aid there. 220 SSL_load_error_strings(); 221 #endif 222 ERR_load_BIO_strings(); 223 OpenSSL_add_all_algorithms(); 224 RAND_poll(); 225 custom_verify_callback_ = callback; 226 return true; 227 } 228 229 bool OpenSSLAdapter::InitializeSSLThread() { 230 mutex_buf = new MUTEX_TYPE[CRYPTO_num_locks()]; 231 if (!mutex_buf) 232 return false; 233 for (int i = 0; i < CRYPTO_num_locks(); ++i) 234 MUTEX_SETUP(mutex_buf[i]); 235 236 // we need to cast our id_function to return an unsigned long -- pthread_t is 237 // a pointer 238 CRYPTO_set_id_callback(id_function); 239 CRYPTO_set_locking_callback(locking_function); 240 CRYPTO_set_dynlock_create_callback(dyn_create_function); 241 CRYPTO_set_dynlock_lock_callback(dyn_lock_function); 242 CRYPTO_set_dynlock_destroy_callback(dyn_destroy_function); 243 return true; 244 } 245 246 bool OpenSSLAdapter::CleanupSSL() { 247 if (!mutex_buf) 248 return false; 249 CRYPTO_set_id_callback(NULL); 250 CRYPTO_set_locking_callback(NULL); 251 CRYPTO_set_dynlock_create_callback(NULL); 252 CRYPTO_set_dynlock_lock_callback(NULL); 253 CRYPTO_set_dynlock_destroy_callback(NULL); 254 for (int i = 0; i < CRYPTO_num_locks(); ++i) 255 MUTEX_CLEANUP(mutex_buf[i]); 256 delete [] mutex_buf; 257 mutex_buf = NULL; 258 return true; 259 } 260 261 OpenSSLAdapter::OpenSSLAdapter(AsyncSocket* socket) 262 : SSLAdapter(socket), 263 state_(SSL_NONE), 264 ssl_read_needs_write_(false), 265 ssl_write_needs_read_(false), 266 restartable_(false), 267 ssl_(NULL), ssl_ctx_(NULL), 268 custom_verification_succeeded_(false) { 269 } 270 271 OpenSSLAdapter::~OpenSSLAdapter() { 272 Cleanup(); 273 } 274 275 int 276 OpenSSLAdapter::StartSSL(const char* hostname, bool restartable) { 277 if (state_ != SSL_NONE) 278 return -1; 279 280 ssl_host_name_ = hostname; 281 restartable_ = restartable; 282 283 if (socket_->GetState() != Socket::CS_CONNECTED) { 284 state_ = SSL_WAIT; 285 return 0; 286 } 287 288 state_ = SSL_CONNECTING; 289 if (int err = BeginSSL()) { 290 Error("BeginSSL", err, false); 291 return err; 292 } 293 294 return 0; 295 } 296 297 int 298 OpenSSLAdapter::BeginSSL() { 299 LOG(LS_INFO) << "BeginSSL: " << ssl_host_name_; 300 ASSERT(state_ == SSL_CONNECTING); 301 302 int err = 0; 303 BIO* bio = NULL; 304 305 // First set up the context 306 if (!ssl_ctx_) 307 ssl_ctx_ = SetupSSLContext(); 308 309 if (!ssl_ctx_) { 310 err = -1; 311 goto ssl_error; 312 } 313 314 bio = BIO_new_socket(static_cast<AsyncSocketAdapter*>(socket_)); 315 if (!bio) { 316 err = -1; 317 goto ssl_error; 318 } 319 320 ssl_ = SSL_new(ssl_ctx_); 321 if (!ssl_) { 322 err = -1; 323 goto ssl_error; 324 } 325 326 SSL_set_app_data(ssl_, this); 327 328 SSL_set_bio(ssl_, bio, bio); 329 SSL_set_mode(ssl_, SSL_MODE_ENABLE_PARTIAL_WRITE | 330 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); 331 332 // the SSL object owns the bio now 333 bio = NULL; 334 335 // Do the connect 336 err = ContinueSSL(); 337 if (err != 0) 338 goto ssl_error; 339 340 return err; 341 342 ssl_error: 343 Cleanup(); 344 if (bio) 345 BIO_free(bio); 346 347 return err; 348 } 349 350 int 351 OpenSSLAdapter::ContinueSSL() { 352 ASSERT(state_ == SSL_CONNECTING); 353 354 int code = SSL_connect(ssl_); 355 switch (SSL_get_error(ssl_, code)) { 356 case SSL_ERROR_NONE: 357 if (!SSLPostConnectionCheck(ssl_, ssl_host_name_.c_str())) { 358 LOG(LS_ERROR) << "TLS post connection check failed"; 359 // make sure we close the socket 360 Cleanup(); 361 // The connect failed so return -1 to shut down the socket 362 return -1; 363 } 364 365 state_ = SSL_CONNECTED; 366 AsyncSocketAdapter::OnConnectEvent(this); 367 #if 0 // TODO: worry about this 368 // Don't let ourselves go away during the callbacks 369 PRefPtr<OpenSSLAdapter> lock(this); 370 LOG(LS_INFO) << " -- onStreamReadable"; 371 AsyncSocketAdapter::OnReadEvent(this); 372 LOG(LS_INFO) << " -- onStreamWriteable"; 373 AsyncSocketAdapter::OnWriteEvent(this); 374 #endif 375 break; 376 377 case SSL_ERROR_WANT_READ: 378 case SSL_ERROR_WANT_WRITE: 379 break; 380 381 case SSL_ERROR_ZERO_RETURN: 382 default: 383 LOG(LS_WARNING) << "ContinueSSL -- error " << code; 384 return (code != 0) ? code : -1; 385 } 386 387 return 0; 388 } 389 390 void 391 OpenSSLAdapter::Error(const char* context, int err, bool signal) { 392 LOG(LS_WARNING) << "OpenSSLAdapter::Error(" 393 << context << ", " << err << ")"; 394 state_ = SSL_ERROR; 395 SetError(err); 396 if (signal) 397 AsyncSocketAdapter::OnCloseEvent(this, err); 398 } 399 400 void 401 OpenSSLAdapter::Cleanup() { 402 LOG(LS_INFO) << "Cleanup"; 403 404 state_ = SSL_NONE; 405 ssl_read_needs_write_ = false; 406 ssl_write_needs_read_ = false; 407 custom_verification_succeeded_ = false; 408 409 if (ssl_) { 410 SSL_free(ssl_); 411 ssl_ = NULL; 412 } 413 414 if (ssl_ctx_) { 415 SSL_CTX_free(ssl_ctx_); 416 ssl_ctx_ = NULL; 417 } 418 } 419 420 // 421 // AsyncSocket Implementation 422 // 423 424 int 425 OpenSSLAdapter::Send(const void* pv, size_t cb) { 426 //LOG(LS_INFO) << "OpenSSLAdapter::Send(" << cb << ")"; 427 428 switch (state_) { 429 case SSL_NONE: 430 return AsyncSocketAdapter::Send(pv, cb); 431 432 case SSL_WAIT: 433 case SSL_CONNECTING: 434 SetError(EWOULDBLOCK); 435 return SOCKET_ERROR; 436 437 case SSL_CONNECTED: 438 break; 439 440 case SSL_ERROR: 441 default: 442 return SOCKET_ERROR; 443 } 444 445 // OpenSSL will return an error if we try to write zero bytes 446 if (cb == 0) 447 return 0; 448 449 ssl_write_needs_read_ = false; 450 451 int code = SSL_write(ssl_, pv, cb); 452 switch (SSL_get_error(ssl_, code)) { 453 case SSL_ERROR_NONE: 454 //LOG(LS_INFO) << " -- success"; 455 return code; 456 case SSL_ERROR_WANT_READ: 457 //LOG(LS_INFO) << " -- error want read"; 458 ssl_write_needs_read_ = true; 459 SetError(EWOULDBLOCK); 460 break; 461 case SSL_ERROR_WANT_WRITE: 462 //LOG(LS_INFO) << " -- error want write"; 463 SetError(EWOULDBLOCK); 464 break; 465 case SSL_ERROR_ZERO_RETURN: 466 //LOG(LS_INFO) << " -- remote side closed"; 467 SetError(EWOULDBLOCK); 468 // do we need to signal closure? 469 break; 470 default: 471 //LOG(LS_INFO) << " -- error " << code; 472 Error("SSL_write", (code ? code : -1), false); 473 break; 474 } 475 476 return SOCKET_ERROR; 477 } 478 479 int 480 OpenSSLAdapter::Recv(void* pv, size_t cb) { 481 //LOG(LS_INFO) << "OpenSSLAdapter::Recv(" << cb << ")"; 482 switch (state_) { 483 484 case SSL_NONE: 485 return AsyncSocketAdapter::Recv(pv, cb); 486 487 case SSL_WAIT: 488 case SSL_CONNECTING: 489 SetError(EWOULDBLOCK); 490 return SOCKET_ERROR; 491 492 case SSL_CONNECTED: 493 break; 494 495 case SSL_ERROR: 496 default: 497 return SOCKET_ERROR; 498 } 499 500 // Don't trust OpenSSL with zero byte reads 501 if (cb == 0) 502 return 0; 503 504 ssl_read_needs_write_ = false; 505 506 int code = SSL_read(ssl_, pv, cb); 507 switch (SSL_get_error(ssl_, code)) { 508 case SSL_ERROR_NONE: 509 //LOG(LS_INFO) << " -- success"; 510 return code; 511 case SSL_ERROR_WANT_READ: 512 //LOG(LS_INFO) << " -- error want read"; 513 SetError(EWOULDBLOCK); 514 break; 515 case SSL_ERROR_WANT_WRITE: 516 //LOG(LS_INFO) << " -- error want write"; 517 ssl_read_needs_write_ = true; 518 SetError(EWOULDBLOCK); 519 break; 520 case SSL_ERROR_ZERO_RETURN: 521 //LOG(LS_INFO) << " -- remote side closed"; 522 SetError(EWOULDBLOCK); 523 // do we need to signal closure? 524 break; 525 default: 526 //LOG(LS_INFO) << " -- error " << code; 527 Error("SSL_read", (code ? code : -1), false); 528 break; 529 } 530 531 return SOCKET_ERROR; 532 } 533 534 int 535 OpenSSLAdapter::Close() { 536 Cleanup(); 537 state_ = restartable_ ? SSL_WAIT : SSL_NONE; 538 return AsyncSocketAdapter::Close(); 539 } 540 541 Socket::ConnState 542 OpenSSLAdapter::GetState() const { 543 //if (signal_close_) 544 // return CS_CONNECTED; 545 ConnState state = socket_->GetState(); 546 if ((state == CS_CONNECTED) 547 && ((state_ == SSL_WAIT) || (state_ == SSL_CONNECTING))) 548 state = CS_CONNECTING; 549 return state; 550 } 551 552 void 553 OpenSSLAdapter::OnConnectEvent(AsyncSocket* socket) { 554 LOG(LS_INFO) << "OpenSSLAdapter::OnConnectEvent"; 555 if (state_ != SSL_WAIT) { 556 ASSERT(state_ == SSL_NONE); 557 AsyncSocketAdapter::OnConnectEvent(socket); 558 return; 559 } 560 561 state_ = SSL_CONNECTING; 562 if (int err = BeginSSL()) { 563 AsyncSocketAdapter::OnCloseEvent(socket, err); 564 } 565 } 566 567 void 568 OpenSSLAdapter::OnReadEvent(AsyncSocket* socket) { 569 //LOG(LS_INFO) << "OpenSSLAdapter::OnReadEvent"; 570 571 if (state_ == SSL_NONE) { 572 AsyncSocketAdapter::OnReadEvent(socket); 573 return; 574 } 575 576 if (state_ == SSL_CONNECTING) { 577 if (int err = ContinueSSL()) { 578 Error("ContinueSSL", err); 579 } 580 return; 581 } 582 583 if (state_ != SSL_CONNECTED) 584 return; 585 586 // Don't let ourselves go away during the callbacks 587 //PRefPtr<OpenSSLAdapter> lock(this); // TODO: fix this 588 if (ssl_write_needs_read_) { 589 //LOG(LS_INFO) << " -- onStreamWriteable"; 590 AsyncSocketAdapter::OnWriteEvent(socket); 591 } 592 593 //LOG(LS_INFO) << " -- onStreamReadable"; 594 AsyncSocketAdapter::OnReadEvent(socket); 595 } 596 597 void 598 OpenSSLAdapter::OnWriteEvent(AsyncSocket* socket) { 599 //LOG(LS_INFO) << "OpenSSLAdapter::OnWriteEvent"; 600 601 if (state_ == SSL_NONE) { 602 AsyncSocketAdapter::OnWriteEvent(socket); 603 return; 604 } 605 606 if (state_ == SSL_CONNECTING) { 607 if (int err = ContinueSSL()) { 608 Error("ContinueSSL", err); 609 } 610 return; 611 } 612 613 if (state_ != SSL_CONNECTED) 614 return; 615 616 // Don't let ourselves go away during the callbacks 617 //PRefPtr<OpenSSLAdapter> lock(this); // TODO: fix this 618 619 if (ssl_read_needs_write_) { 620 //LOG(LS_INFO) << " -- onStreamReadable"; 621 AsyncSocketAdapter::OnReadEvent(socket); 622 } 623 624 //LOG(LS_INFO) << " -- onStreamWriteable"; 625 AsyncSocketAdapter::OnWriteEvent(socket); 626 } 627 628 void 629 OpenSSLAdapter::OnCloseEvent(AsyncSocket* socket, int err) { 630 LOG(LS_INFO) << "OpenSSLAdapter::OnCloseEvent(" << err << ")"; 631 AsyncSocketAdapter::OnCloseEvent(socket, err); 632 } 633 634 // This code is taken from the "Network Security with OpenSSL" 635 // sample in chapter 5 636 637 bool OpenSSLAdapter::VerifyServerName(SSL* ssl, const char* host, 638 bool ignore_bad_cert) { 639 if (!host) 640 return false; 641 642 // Checking the return from SSL_get_peer_certificate here is not strictly 643 // necessary. With our setup, it is not possible for it to return 644 // NULL. However, it is good form to check the return. 645 X509* certificate = SSL_get_peer_certificate(ssl); 646 if (!certificate) 647 return false; 648 649 // Logging certificates is extremely verbose. So it is disabled by default. 650 #ifdef LOG_CERTIFICATES 651 { 652 LOG(LS_INFO) << "Certificate from server:"; 653 BIO* mem = BIO_new(BIO_s_mem()); 654 X509_print_ex(mem, certificate, XN_FLAG_SEP_CPLUS_SPC, X509_FLAG_NO_HEADER); 655 BIO_write(mem, "\0", 1); 656 char* buffer; 657 BIO_get_mem_data(mem, &buffer); 658 LOG(LS_INFO) << buffer; 659 BIO_free(mem); 660 661 char* cipher_description = 662 SSL_CIPHER_description(SSL_get_current_cipher(ssl), NULL, 128); 663 LOG(LS_INFO) << "Cipher: " << cipher_description; 664 OPENSSL_free(cipher_description); 665 } 666 #endif 667 668 bool ok = false; 669 int extension_count = X509_get_ext_count(certificate); 670 for (int i = 0; i < extension_count; ++i) { 671 X509_EXTENSION* extension = X509_get_ext(certificate, i); 672 int extension_nid = OBJ_obj2nid(X509_EXTENSION_get_object(extension)); 673 674 if (extension_nid == NID_subject_alt_name) { 675 const X509V3_EXT_METHOD* meth = X509V3_EXT_get(extension); 676 if (!meth) 677 break; 678 679 void* ext_str = NULL; 680 681 // We assign this to a local variable, instead of passing the address 682 // directly to ASN1_item_d2i. 683 // See http://readlist.com/lists/openssl.org/openssl-users/0/4761.html. 684 unsigned char* ext_value_data = extension->value->data; 685 686 const unsigned char **ext_value_data_ptr = 687 (const_cast<const unsigned char **>(&ext_value_data)); 688 689 if (meth->it) { 690 ext_str = ASN1_item_d2i(NULL, ext_value_data_ptr, 691 extension->value->length, 692 ASN1_ITEM_ptr(meth->it)); 693 } else { 694 ext_str = meth->d2i(NULL, ext_value_data_ptr, extension->value->length); 695 } 696 697 STACK_OF(CONF_VALUE)* value = meth->i2v(meth, ext_str, NULL); 698 699 // Cast to size_t to be compilable for both OpenSSL and BoringSSL. 700 for (size_t j = 0; j < static_cast<size_t>(sk_CONF_VALUE_num(value)); 701 ++j) { 702 CONF_VALUE* nval = sk_CONF_VALUE_value(value, j); 703 // The value for nval can contain wildcards 704 if (!strcmp(nval->name, "DNS") && string_match(host, nval->value)) { 705 ok = true; 706 break; 707 } 708 } 709 sk_CONF_VALUE_pop_free(value, X509V3_conf_free); 710 value = NULL; 711 712 if (meth->it) { 713 ASN1_item_free(reinterpret_cast<ASN1_VALUE*>(ext_str), 714 ASN1_ITEM_ptr(meth->it)); 715 } else { 716 meth->ext_free(ext_str); 717 } 718 ext_str = NULL; 719 } 720 if (ok) 721 break; 722 } 723 724 char data[256]; 725 X509_NAME* subject; 726 if (!ok 727 && ((subject = X509_get_subject_name(certificate)) != NULL) 728 && (X509_NAME_get_text_by_NID(subject, NID_commonName, 729 data, sizeof(data)) > 0)) { 730 data[sizeof(data)-1] = 0; 731 if (_stricmp(data, host) == 0) 732 ok = true; 733 } 734 735 X509_free(certificate); 736 737 // This should only ever be turned on for debugging and development. 738 if (!ok && ignore_bad_cert) { 739 LOG(LS_WARNING) << "TLS certificate check FAILED. " 740 << "Allowing connection anyway."; 741 ok = true; 742 } 743 744 return ok; 745 } 746 747 bool OpenSSLAdapter::SSLPostConnectionCheck(SSL* ssl, const char* host) { 748 bool ok = VerifyServerName(ssl, host, ignore_bad_cert()); 749 750 if (ok) { 751 ok = (SSL_get_verify_result(ssl) == X509_V_OK || 752 custom_verification_succeeded_); 753 } 754 755 if (!ok && ignore_bad_cert()) { 756 LOG(LS_INFO) << "Other TLS post connection checks failed."; 757 ok = true; 758 } 759 760 return ok; 761 } 762 763 #if _DEBUG 764 765 // We only use this for tracing and so it is only needed in debug mode 766 767 void 768 OpenSSLAdapter::SSLInfoCallback(const SSL* s, int where, int ret) { 769 const char* str = "undefined"; 770 int w = where & ~SSL_ST_MASK; 771 if (w & SSL_ST_CONNECT) { 772 str = "SSL_connect"; 773 } else if (w & SSL_ST_ACCEPT) { 774 str = "SSL_accept"; 775 } 776 if (where & SSL_CB_LOOP) { 777 LOG(LS_INFO) << str << ":" << SSL_state_string_long(s); 778 } else if (where & SSL_CB_ALERT) { 779 str = (where & SSL_CB_READ) ? "read" : "write"; 780 LOG(LS_INFO) << "SSL3 alert " << str 781 << ":" << SSL_alert_type_string_long(ret) 782 << ":" << SSL_alert_desc_string_long(ret); 783 } else if (where & SSL_CB_EXIT) { 784 if (ret == 0) { 785 LOG(LS_INFO) << str << ":failed in " << SSL_state_string_long(s); 786 } else if (ret < 0) { 787 LOG(LS_INFO) << str << ":error in " << SSL_state_string_long(s); 788 } 789 } 790 } 791 792 #endif // _DEBUG 793 794 int 795 OpenSSLAdapter::SSLVerifyCallback(int ok, X509_STORE_CTX* store) { 796 #if _DEBUG 797 if (!ok) { 798 char data[256]; 799 X509* cert = X509_STORE_CTX_get_current_cert(store); 800 int depth = X509_STORE_CTX_get_error_depth(store); 801 int err = X509_STORE_CTX_get_error(store); 802 803 LOG(LS_INFO) << "Error with certificate at depth: " << depth; 804 X509_NAME_oneline(X509_get_issuer_name(cert), data, sizeof(data)); 805 LOG(LS_INFO) << " issuer = " << data; 806 X509_NAME_oneline(X509_get_subject_name(cert), data, sizeof(data)); 807 LOG(LS_INFO) << " subject = " << data; 808 LOG(LS_INFO) << " err = " << err 809 << ":" << X509_verify_cert_error_string(err); 810 } 811 #endif 812 813 // Get our stream pointer from the store 814 SSL* ssl = reinterpret_cast<SSL*>( 815 X509_STORE_CTX_get_ex_data(store, 816 SSL_get_ex_data_X509_STORE_CTX_idx())); 817 818 OpenSSLAdapter* stream = 819 reinterpret_cast<OpenSSLAdapter*>(SSL_get_app_data(ssl)); 820 821 if (!ok && custom_verify_callback_) { 822 void* cert = 823 reinterpret_cast<void*>(X509_STORE_CTX_get_current_cert(store)); 824 if (custom_verify_callback_(cert)) { 825 stream->custom_verification_succeeded_ = true; 826 LOG(LS_INFO) << "validated certificate using custom callback"; 827 ok = true; 828 } 829 } 830 831 // Should only be used for debugging and development. 832 if (!ok && stream->ignore_bad_cert()) { 833 LOG(LS_WARNING) << "Ignoring cert error while verifying cert chain"; 834 ok = 1; 835 } 836 837 return ok; 838 } 839 840 bool OpenSSLAdapter::ConfigureTrustedRootCertificates(SSL_CTX* ctx) { 841 // Add the root cert that we care about to the SSL context 842 int count_of_added_certs = 0; 843 for (int i = 0; i < ARRAY_SIZE(kSSLCertCertificateList); i++) { 844 const unsigned char* cert_buffer = kSSLCertCertificateList[i]; 845 size_t cert_buffer_len = kSSLCertCertificateSizeList[i]; 846 X509* cert = d2i_X509(NULL, &cert_buffer, cert_buffer_len); 847 if (cert) { 848 int return_value = X509_STORE_add_cert(SSL_CTX_get_cert_store(ctx), cert); 849 if (return_value == 0) { 850 LOG(LS_WARNING) << "Unable to add certificate."; 851 } else { 852 count_of_added_certs++; 853 } 854 X509_free(cert); 855 } 856 } 857 return count_of_added_certs > 0; 858 } 859 860 SSL_CTX* 861 OpenSSLAdapter::SetupSSLContext() { 862 SSL_CTX* ctx = SSL_CTX_new(TLSv1_client_method()); 863 if (ctx == NULL) { 864 unsigned long error = ERR_get_error(); // NOLINT: type used by OpenSSL. 865 LOG(LS_WARNING) << "SSL_CTX creation failed: " 866 << '"' << ERR_reason_error_string(error) << "\" " 867 << "(error=" << error << ')'; 868 return NULL; 869 } 870 if (!ConfigureTrustedRootCertificates(ctx)) { 871 SSL_CTX_free(ctx); 872 return NULL; 873 } 874 875 #ifdef _DEBUG 876 SSL_CTX_set_info_callback(ctx, SSLInfoCallback); 877 #endif 878 879 SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, SSLVerifyCallback); 880 SSL_CTX_set_verify_depth(ctx, 4); 881 SSL_CTX_set_cipher_list(ctx, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"); 882 883 return ctx; 884 } 885 886 } // namespace rtc 887 888 #endif // HAVE_OPENSSL_SSL_H 889