Lines Matching +full:- +full:- +full:with +full:- +full:ngtcp2
21 * SPDX-License-Identifier: curl
26 * Source file for all OpenSSL-specific code for the TLS/SSL layer. No code
91 (__data__->set.tls_ech && \
92 !(__data__->set.tls_ech & CURLECH_DISABLE)\
117 renegotiations when built with BoringSSL. Renegotiating is non-compliant
118 with HTTP/2 and "an extremely dangerous protocol feature". Beware.
145 #define HAVE_X509_GET0_EXTENSIONS 1 /* added in 1.1.0 -pre1 */
146 #define HAVE_OPAQUE_EVP_PKEY 1 /* since 1.1.0 -pre3 */
147 #define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */
206 * BoringSSL: supported since d28f59c27bac (committed 2015-11-19)
218 * LibreSSL: supported since 3.4.1 (released 2021-10-14)
235 * BoringSSL: supported since 5fd1807d95f7 (committed 2016-09-30)
248 #define OSSL_PACKAGE "AWS-LC"
263 /* ... but it is not the case with old versions of OpenSSL */
297 * * `X509_STORE_up_ref` -- Introduced: OpenSSL 1.1.0.
350 if(_type->_name) { \
351 pubkey_show(data, mem, _num, #_type, #_name, _type->_name); \
400 Curl_ssl_push_certinfo_len(data, certnum, namebuf, biomem->data, in X509V3_ext()
401 biomem->length); in X509V3_ext()
457 if(num->type == V_ASN1_NEG_INTEGER) in Curl_ossl_certchain()
458 BIO_puts(mem, "-"); in Curl_ossl_certchain()
459 for(j = 0; j < num->length; j++) in Curl_ossl_certchain()
460 BIO_printf(mem, "%02x", num->data[j]); in Curl_ossl_certchain()
491 X509_CINF *cinf = x->cert_info; in Curl_ossl_certchain()
493 i2a_ASN1_OBJECT(mem, cinf->signature->algorithm); in Curl_ossl_certchain()
496 i2a_ASN1_OBJECT(mem, cinf->key->algor->algorithm); in Curl_ossl_certchain()
499 X509V3_ext(data, i, cinf->extensions); in Curl_ossl_certchain()
501 psig = x->signature; in Curl_ossl_certchain()
519 pktype = pubkey->type; in Curl_ossl_certchain()
529 rsa = pubkey->pkey.rsa; in Curl_ossl_certchain()
545 BIO_printf(mem, "%d", rsa->n ? BN_num_bits(rsa->n) : 0); in Curl_ossl_certchain()
564 dsa = pubkey->pkey.dsa; in Curl_ossl_certchain()
602 dh = pubkey->pkey.dh; in Curl_ossl_certchain()
640 for(j = 0; j < psig->length; j++) in Curl_ossl_certchain()
641 BIO_printf(mem, "%02x:", psig->data[j]); in Curl_ossl_certchain()
660 #define BIO_set_init(x,v) ((x)->init=(v))
661 #define BIO_get_data(x) ((x)->ptr)
662 #define BIO_set_data(x,v) ((x)->ptr=(v))
664 #define BIO_get_shutdown(x) ((x)->shutdown)
665 #define BIO_set_shutdown(x,v) ((x)->shutdown=(v))
673 bio->num = -1; in ossl_bio_cf_create()
711 return (!cf->next || !cf->next->connected); in ossl_bio_cf_ctrl()
723 struct ssl_connect_data *connssl = cf->ctx; in ossl_bio_cf_out_write()
724 struct ossl_ctx *octx = (struct ossl_ctx *)connssl->backend; in ossl_bio_cf_out_write()
730 nwritten = Curl_conn_cf_send(cf->next, data, buf, blen, &result); in ossl_bio_cf_out_write()
731 CURL_TRC_CF(data, cf, "ossl_bio_cf_out_write(len=%d) -> %d, err=%d", in ossl_bio_cf_out_write()
734 octx->io_result = result; in ossl_bio_cf_out_write()
745 struct ssl_connect_data *connssl = cf->ctx; in ossl_bio_cf_in_read()
746 struct ossl_ctx *octx = (struct ossl_ctx *)connssl->backend; in ossl_bio_cf_in_read()
756 nread = Curl_conn_cf_recv(cf->next, data, buf, blen, &result); in ossl_bio_cf_in_read()
757 CURL_TRC_CF(data, cf, "ossl_bio_cf_in_read(len=%d) -> %d, err=%d", in ossl_bio_cf_in_read()
760 octx->io_result = result; in ossl_bio_cf_in_read()
766 connssl->peer_closed = TRUE; in ossl_bio_cf_in_read()
771 if(!octx->x509_store_setup) { in ossl_bio_cf_in_read()
772 result = Curl_ssl_setup_x509_store(cf, data, octx->ssl_ctx); in ossl_bio_cf_in_read()
774 octx->io_result = result; in ossl_bio_cf_in_read()
775 return -1; in ossl_bio_cf_in_read()
777 octx->x509_store_setup = TRUE; in ossl_bio_cf_in_read()
863 /* ssl->s3 is not checked in openssl 1.1.0-pre6, but let's assume that in ossl_log_tls12_secret()
864 * we have a valid SSL context if we have a non-NULL session. */ in ossl_log_tls12_secret()
869 if(ssl->s3 && session->master_key_length > 0) { in ossl_log_tls12_secret()
870 master_key_length = session->master_key_length; in ossl_log_tls12_secret()
871 memcpy(master_key, session->master_key, session->master_key_length); in ossl_log_tls12_secret()
872 memcpy(client_random, ssl->s3->client_random, SSL3_RANDOM_SIZE); in ossl_log_tls12_secret()
877 * session (when curl was built with older OpenSSL headers and running with in ossl_log_tls12_secret()
937 DEBUGASSERT(len < (size - 2)); in ossl_strerror()
938 if(len < (size - 2)) { in ossl_strerror()
940 size -= (len + 2); in ossl_strerror()
987 if(data->multi && data->multi->ssl_seeded) in ossl_seed()
992 if(data->multi) in ossl_seed()
993 data->multi->ssl_seeded = TRUE; in ossl_seed()
997 /* with OpenSSL 1.1.0+, a failed RAND_status is a showstopper */ in ossl_seed()
1067 return -1; in do_file_type()
1131 /* the typecast of blob->len is fine since it is guaranteed to never be in SSL_CTX_use_certificate_blob()
1133 BIO *in = BIO_new_mem_buf(blob->data, (int)(blob->len)); in SSL_CTX_use_certificate_blob()
1169 BIO *in = BIO_new_mem_buf(blob->data, (int)(blob->len)); in SSL_CTX_use_PrivateKey_blob()
1204 BIO *in = BIO_new_mem_buf(blob->data, (int)(blob->len)); in SSL_CTX_use_certificate_chain_blob()
1312 /* SSL_CTX_use_certificate_file() works with either PEM or ASN1, but in cert_stuff()
1313 we use the case above for PEM so this can only be performed with in cert_stuff()
1336 if(!data->state.engine) { in cert_stuff()
1344 if(data->state.engine) { in cert_stuff()
1355 if(!ENGINE_ctrl(data->state.engine, ENGINE_CTRL_GET_CMD_FROM_NAME, in cert_stuff()
1362 if(!ENGINE_ctrl_cmd(data->state.engine, cmd_name, in cert_stuff()
1364 failf(data, "ssl engine cannot load client cert with id" in cert_stuff()
1403 cert_bio = BIO_new_mem_buf(cert_blob->data, (int)(cert_blob->len)); in cert_stuff()
1542 if(!data->state.engine) { in cert_stuff()
1550 if(data->state.engine) { in cert_stuff()
1555 " user-interface method"); in cert_stuff()
1562 priv_key = ENGINE_load_private_key(data->state.engine, key_file, in cert_stuff()
1624 pktype = priv_key->type; in cert_stuff()
1668 /* returns non-zero on failure */
1681 if((size_t)biomem->length < size) in x509_name_oneline()
1682 size = biomem->length; in x509_name_oneline()
1684 size--; /* don't overwrite the buffer end */ in x509_name_oneline()
1686 memcpy(buf, biomem->data, size); in x509_name_oneline()
1756 turns them into no-ops in OpenSSL 1.0 compatibility mode */ in ossl_cleanup()
1810 if(data->state.engine) { in ossl_set_engine()
1811 ENGINE_finish(data->state.engine); in ossl_set_engine()
1812 ENGINE_free(data->state.engine); in ossl_set_engine()
1813 data->state.engine = NULL; in ossl_set_engine()
1823 data->state.engine = e; in ossl_set_engine()
1837 if(data->state.engine) { in ossl_set_engine_default()
1838 if(ENGINE_set_default(data->state.engine, ENGINE_METHOD_ALL) > 0) { in ossl_set_engine_default()
1840 ENGINE_get_id(data->state.engine)); in ossl_set_engine_default()
1844 ENGINE_get_id(data->state.engine)); in ossl_set_engine_default()
1878 struct ssl_connect_data *connssl = cf->ctx; in ossl_close()
1879 struct ossl_ctx *octx = (struct ossl_ctx *)connssl->backend; in ossl_close()
1884 if(octx->ssl) { in ossl_close()
1887 if(cf->next && cf->next->connected && !connssl->peer_closed) { in ossl_close()
1895 nread = SSL_read(octx->ssl, buf, (int)sizeof(buf)); in ossl_close()
1896 err = SSL_get_error(octx->ssl, nread); in ossl_close()
1905 n = Curl_conn_cf_recv(cf->next, data, buf, blen, &result); in ossl_close()
1907 connssl->peer_closed = TRUE; in ossl_close()
1912 if(connssl->peer_closed) { in ossl_close()
1919 else if(SSL_shutdown(octx->ssl) == 1) { in ossl_close()
1923 nread = SSL_read(octx->ssl, buf, (int)sizeof(buf)); in ossl_close()
1924 err = SSL_get_error(octx->ssl, nread); in ossl_close()
1950 SSL_set_connect_state(octx->ssl); in ossl_close()
1953 SSL_free(octx->ssl); in ossl_close()
1954 octx->ssl = NULL; in ossl_close()
1956 if(octx->ssl_ctx) { in ossl_close()
1957 SSL_CTX_free(octx->ssl_ctx); in ossl_close()
1958 octx->ssl_ctx = NULL; in ossl_close()
1959 octx->x509_store_setup = FALSE; in ossl_close()
1961 if(octx->bio_method) { in ossl_close()
1962 ossl_bio_cf_method_free(octx->bio_method); in ossl_close()
1963 octx->bio_method = NULL; in ossl_close()
1969 * socket open (CCC - Clear Command Channel)
1975 struct ssl_connect_data *connssl = cf->ctx; in ossl_shutdown()
1983 struct ossl_ctx *octx = (struct ossl_ctx *)connssl->backend; in ossl_shutdown()
1994 if(data->set.ftp_ccc == CURLFTPSSL_CCC_ACTIVE) in ossl_shutdown()
1995 (void)SSL_shutdown(octx->ssl); in ossl_shutdown()
1998 if(octx->ssl) { in ossl_shutdown()
2000 while(!done && loop--) { in ossl_shutdown()
2008 nread = SSL_read(octx->ssl, buf, buffsize); in ossl_shutdown()
2009 err = SSL_get_error(octx->ssl, nread); in ossl_shutdown()
2019 /* there's data pending, re-invoke SSL_read() */ in ossl_shutdown()
2047 retval = -1; in ossl_shutdown()
2050 } /* while()-loop for the select() */ in ossl_shutdown()
2052 if(data->set.verbose) { in ossl_shutdown()
2054 switch(SSL_get_shutdown(octx->ssl)) { in ossl_shutdown()
2069 SSL_free(octx->ssl); in ossl_shutdown()
2070 octx->ssl = NULL; in ossl_shutdown()
2089 if(data->state.engine) { in ossl_close_all()
2090 ENGINE_finish(data->state.engine); in ossl_close_all()
2091 ENGINE_free(data->state.engine); in ossl_close_all()
2092 data->state.engine = NULL; in ossl_close_all()
2099 /* OpenSSL 1.0.1 and 1.0.2 build an error queue that is stored per-thread in ossl_close_all()
2101 code should extract the error in association with the error so clearing in ossl_close_all()
2151 This function is now used from ngtcp2 (QUIC) as well.
2171 hostlen = strlen(peer->hostname); in Curl_ossl_verifyhost()
2172 switch(peer->type) { in Curl_ossl_verifyhost()
2174 if(!Curl_inet_pton(AF_INET, peer->hostname, &addr)) in Curl_ossl_verifyhost()
2181 if(!Curl_inet_pton(AF_INET6, peer->hostname, &addr)) in Curl_ossl_verifyhost()
2192 failf(data, "unexpected ssl peer type: %d", peer->type); in Curl_ossl_verifyhost()
2214 /* loop through all alternatives - until a dnsmatch */ in Curl_ossl_verifyhost()
2219 if(check->type == GEN_DNS) in Curl_ossl_verifyhost()
2221 else if(check->type == GEN_IPADD) in Curl_ossl_verifyhost()
2225 if(check->type == target) { in Curl_ossl_verifyhost()
2227 const char *altptr = (char *)ASN1_STRING_get0_data(check->d.ia5); in Curl_ossl_verifyhost()
2228 size_t altlen = (size_t) ASN1_STRING_length(check->d.ia5); in Curl_ossl_verifyhost()
2239 is always null-terminated. in Curl_ossl_verifyhost()
2245 peer->hostname, hostlen, in Curl_ossl_verifyhost()
2246 peer->dispname)) { in Curl_ossl_verifyhost()
2258 peer->dispname); in Curl_ossl_verifyhost()
2274 const char *tname = (peer->type == CURL_SSL_PEER_DNS) ? "host name" : in Curl_ossl_verifyhost()
2275 (peer->type == CURL_SSL_PEER_IPV4) ? in Curl_ossl_verifyhost()
2277 infof(data, " subjectAltName does not match %s %s", tname, peer->dispname); in Curl_ossl_verifyhost()
2279 "target %s '%s'", tname, peer->dispname); in Curl_ossl_verifyhost()
2285 int i = -1; in Curl_ossl_verifyhost()
2306 is already UTF-8 encoded. We check for this case and copy the raw in Curl_ossl_verifyhost()
2343 peerlen, peer->hostname, hostlen)) { in Curl_ossl_verifyhost()
2345 "target host name '%s'", peer_CN, peer->dispname); in Curl_ossl_verifyhost()
2363 struct ssl_connect_data *connssl = cf->ctx; in verifystatus()
2376 struct ossl_ctx *octx = (struct ossl_ctx *)connssl->backend; in verifystatus()
2386 len = SSL_get_tlsext_status_ocsp_resp(octx->ssl, &status); in verifystatus()
2416 ch = SSL_get_peer_cert_chain(octx->ssl); in verifystatus()
2422 st = SSL_CTX_get_cert_store(octx->ssl_ctx); in verifystatus()
2435 if(sk_X509_num(ch) >= 2 && sk_X509_num(br->certs) >= 1) { in verifystatus()
2436 X509 *responder = sk_X509_value(br->certs, sk_X509_num(br->certs) - 1); in verifystatus()
2459 cert = SSL_get1_peer_certificate(octx->ssl); in verifystatus()
2492 if(!OCSP_check_validity(thisupd, nextupd, 300L, -1L)) { in verifystatus()
2653 if(!data || !data->set.fdebug || (direction && direction != 1)) in ossl_trace()
2695 * For TLS 1.3, skip notification of the decrypted inner Content-Type. in ossl_trace()
2713 /* SSLv2 doesn't seem to have TLS record-type headers, so OpenSSL in ossl_trace()
2714 * always pass-up content-type as 0. But the interesting message-type in ossl_trace()
2766 long curl_ssl_version_min = conn_config->version; in ossl_set_ssl_version_min_max()
2803 So we skip this, and stay with the library default in ossl_set_ssl_version_min_max()
2812 curl_ssl_version_max = conn_config->version_max; in ossl_set_ssl_version_min_max()
2864 long ssl_version = conn_config->version; in ossl_set_ssl_version_min_max_legacy()
2865 long ssl_version_max = conn_config->version_max; in ossl_set_ssl_version_min_max_legacy()
2873 struct ssl_connect_data *connssl = cf->ctx; in ossl_set_ssl_version_min_max_legacy()
2874 struct ossl_ctx *octx = (struct ossl_ctx *)connssl->backend; in ossl_set_ssl_version_min_max_legacy()
2876 SSL_CTX_set_max_proto_version(octx->ssl_ctx, TLS1_3_VERSION); in ossl_set_ssl_version_min_max_legacy()
2949 if(config->primary.sessionid) { in Curl_ossl_add_session()
2979 * or non-zero if the session has been put into the session cache.
2988 connssl = cf? cf->ctx : NULL; in ossl_new_session_cb()
2990 Curl_ossl_add_session(cf, data, &connssl->peer, ssl_sessionid); in ossl_new_session_cb()
3005 if(ca_info_blob->len > (size_t)INT_MAX) in load_cacert_from_memory()
3008 cbio = BIO_new_mem_buf(ca_info_blob->data, (int)ca_info_blob->len); in load_cacert_from_memory()
3021 if(itmp->x509) { in load_cacert_from_memory()
3022 if(X509_STORE_add_cert(store, itmp->x509)) { in load_cacert_from_memory()
3031 if(itmp->crl) { in load_cacert_from_memory()
3032 if(X509_STORE_add_crl(store, itmp->crl)) { in load_cacert_from_memory()
3066 iteration we can grow it with realloc, when necessary. */ in import_windows_cert_store()
3072 skipped. 'result' is used to store only hard-fail conditions (such in import_windows_cert_store()
3096 encoded_cert = (const unsigned char *)pContext->pbCertEncoded; in import_windows_cert_store()
3101 if(CompareFileTime(&pContext->pCertInfo->NotBefore, &now) > 0 || in import_windows_cert_store()
3102 CompareFileTime(&now, &pContext->pCertInfo->NotAfter) > 0) in import_windows_cert_store()
3106 if(CertGetIntendedKeyUsage(pContext->dwCertEncodingType, in import_windows_cert_store()
3107 pContext->pCertInfo, in import_windows_cert_store()
3138 if(!enhkey_usage->cUsageIdentifier) { in import_windows_cert_store()
3149 for(i = 0; i < enhkey_usage->cUsageIdentifier; ++i) { in import_windows_cert_store()
3151 enhkey_usage->rgpszUsageIdentifier[i])) { in import_windows_cert_store()
3167 x509 = d2i_X509(NULL, &encoded_cert, pContext->cbCertEncoded); in import_windows_cert_store()
3203 const struct curl_blob *ca_info_blob = conn_config->ca_info_blob; in populate_x509_store()
3206 (ca_info_blob ? NULL : conn_config->CAfile); in populate_x509_store()
3207 const char * const ssl_capath = conn_config->CApath; in populate_x509_store()
3208 const char * const ssl_crlfile = ssl_config->primary.CRLfile; in populate_x509_store()
3209 const bool verifypeer = conn_config->verifypeer; in populate_x509_store()
3225 if(ssl_config->native_ca_store) { in populate_x509_store()
3306 work so use openssl's built-in default as fallback */ in populate_x509_store()
3331 problems with server-sent legacy intermediates. Newer versions of in populate_x509_store()
3340 if(!ssl_config->no_partialchain && !ssl_crlfile) { in populate_x509_store()
3342 trust-anchors, in the same way as self-signed root CA certificates in populate_x509_store()
3347 cannot do partial chains with a CRL check. in populate_x509_store()
3361 const struct ssl_general_config *cfg = &data->set.general_ssl; in cached_x509_store_expired()
3363 timediff_t elapsed_ms = Curl_timediff(now, mb->time); in cached_x509_store_expired()
3364 timediff_t timeout_ms = cfg->ca_cache_timeout * (timediff_t)1000; in cached_x509_store_expired()
3377 if(!mb->CAfile || !conn_config->CAfile) in cached_x509_store_different()
3378 return mb->CAfile != conn_config->CAfile; in cached_x509_store_different()
3380 return strcmp(mb->CAfile, conn_config->CAfile); in cached_x509_store_different()
3386 struct Curl_multi *multi = data->multi; in get_cached_x509_store()
3391 multi->ssl_backend_data && in get_cached_x509_store()
3392 multi->ssl_backend_data->store && in get_cached_x509_store()
3393 !cached_x509_store_expired(data, multi->ssl_backend_data) && in get_cached_x509_store()
3394 !cached_x509_store_different(cf, multi->ssl_backend_data)) { in get_cached_x509_store()
3395 store = multi->ssl_backend_data->store; in get_cached_x509_store()
3406 struct Curl_multi *multi = data->multi; in set_cached_x509_store()
3413 if(!multi->ssl_backend_data) { in set_cached_x509_store()
3414 multi->ssl_backend_data = calloc(1, sizeof(struct multi_ssl_backend_data)); in set_cached_x509_store()
3415 if(!multi->ssl_backend_data) in set_cached_x509_store()
3419 mbackend = multi->ssl_backend_data; in set_cached_x509_store()
3424 if(conn_config->CAfile) { in set_cached_x509_store()
3425 CAfile = strdup(conn_config->CAfile); in set_cached_x509_store()
3432 if(mbackend->store) { in set_cached_x509_store()
3433 X509_STORE_free(mbackend->store); in set_cached_x509_store()
3434 free(mbackend->CAfile); in set_cached_x509_store()
3437 mbackend->time = Curl_now(); in set_cached_x509_store()
3438 mbackend->store = store; in set_cached_x509_store()
3439 mbackend->CAfile = CAfile; in set_cached_x509_store()
3454 or no source is provided and we are falling back to openssl's built-in in Curl_ssl_setup_x509_store()
3456 cache_criteria_met = (data->set.general_ssl.ca_cache_timeout != 0) && in Curl_ssl_setup_x509_store()
3457 conn_config->verifypeer && in Curl_ssl_setup_x509_store()
3458 !conn_config->CApath && in Curl_ssl_setup_x509_store()
3459 !conn_config->ca_info_blob && in Curl_ssl_setup_x509_store()
3460 !ssl_config->primary.CRLfile && in Curl_ssl_setup_x509_store()
3461 !ssl_config->native_ca_store; in Curl_ssl_setup_x509_store()
3507 const long int ssl_version = conn_config->version; in Curl_ossl_ctx_init()
3508 char * const ssl_cert = ssl_config->primary.clientcert; in Curl_ossl_ctx_init()
3509 const struct curl_blob *ssl_cert_blob = ssl_config->primary.cert_blob; in Curl_ossl_ctx_init()
3510 const char * const ssl_cert_type = ssl_config->cert_type; in Curl_ossl_ctx_init()
3511 const bool verifypeer = conn_config->verifypeer; in Curl_ossl_ctx_init()
3514 struct ssl_connect_data *connssl = cf->ctx; in Curl_ossl_ctx_init()
3522 ssl_config->certverifyresult = !X509_V_OK; in Curl_ossl_ctx_init()
3534 /* it will be handled later with the context options */ in Curl_ossl_ctx_init()
3572 DEBUGASSERT(!octx->ssl_ctx); in Curl_ossl_ctx_init()
3573 octx->ssl_ctx = SSL_CTX_new(req_method); in Curl_ossl_ctx_init()
3575 if(!octx->ssl_ctx) { in Curl_ossl_ctx_init()
3588 if(data->set.fdebug && data->set.verbose) { in Curl_ossl_ctx_init()
3590 SSL_CTX_set_msg_callback(octx->ssl_ctx, ossl_trace); in Curl_ossl_ctx_init()
3591 SSL_CTX_set_msg_callback_arg(octx->ssl_ctx, cf); in Curl_ossl_ctx_init()
3596 SSL-implementations. SSL_CTX_set_options() is used to enabled those in Curl_ossl_ctx_init()
3597 work-arounds. The man page for this option states that SSL_OP_ALL enables in Curl_ossl_ctx_init()
3598 all the work-arounds and that "It is usually safe to use SSL_OP_ALL to in Curl_ossl_ctx_init()
3599 enable the bug workaround options if compatibility with somewhat broken in Curl_ossl_ctx_init()
3602 The "-no_ticket" option was introduced in OpenSSL 0.9.8j. It's a flag to in Curl_ossl_ctx_init()
3611 If someone writes an application with libcurl and OpenSSL who wants to in Curl_ossl_ctx_init()
3615 interoperability with web server Netscape Enterprise Server 2.0.1 which in Curl_ossl_ctx_init()
3618 Due to CVE-2010-4180, option SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG has in Curl_ossl_ctx_init()
3620 CVE-2010-4180 when using previous OpenSSL versions we no longer enable in Curl_ossl_ctx_init()
3623 OpenSSL added a work-around for a SSL 3.0/TLS 1.0 CBC vulnerability in Curl_ossl_ctx_init()
3624 (https://www.openssl.org/~bodo/tls-cbc.txt). In 0.9.6e they added a bit to in Curl_ossl_ctx_init()
3625 SSL_OP_ALL that _disables_ that work-around despite the fact that in Curl_ossl_ctx_init()
3627 keep the secure work-around, the SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS bit in Curl_ossl_ctx_init()
3642 /* mitigate CVE-2010-4180 */ in Curl_ossl_ctx_init()
3648 use the work-around */ in Curl_ossl_ctx_init()
3649 if(!ssl_config->enable_beast) in Curl_ossl_ctx_init()
3658 /* "--tlsv<x.y>" options mean TLS >= version <x.y> */ in Curl_ossl_ctx_init()
3671 result = ossl_set_ssl_version_min_max(cf, octx->ssl_ctx); in Curl_ossl_ctx_init()
3684 SSL_CTX_set_options(octx->ssl_ctx, ctx_options); in Curl_ossl_ctx_init()
3688 if(SSL_CTX_set_alpn_protos(octx->ssl_ctx, alpn, (int)alpn_len)) { in Curl_ossl_ctx_init()
3697 !cert_stuff(data, octx->ssl_ctx, in Curl_ossl_ctx_init()
3699 ssl_config->key, ssl_config->key_blob, in Curl_ossl_ctx_init()
3700 ssl_config->key_type, ssl_config->key_passwd)) in Curl_ossl_ctx_init()
3707 ciphers = conn_config->cipher_list; in Curl_ossl_ctx_init()
3708 if(!ciphers && (peer->transport != TRNSPRT_QUIC)) in Curl_ossl_ctx_init()
3711 if(!SSL_CTX_set_cipher_list(octx->ssl_ctx, ciphers)) { in Curl_ossl_ctx_init()
3720 const char *ciphers13 = conn_config->cipher_list13; in Curl_ossl_ctx_init()
3722 if(!SSL_CTX_set_ciphersuites(octx->ssl_ctx, ciphers13)) { in Curl_ossl_ctx_init()
3732 /* OpenSSL 1.1.1 requires clients to opt-in for PHA */ in Curl_ossl_ctx_init()
3733 SSL_CTX_set_post_handshake_auth(octx->ssl_ctx, 1); in Curl_ossl_ctx_init()
3738 const char *curves = conn_config->curves; in Curl_ossl_ctx_init()
3740 if(!SSL_CTX_set1_curves_list(octx->ssl_ctx, curves)) { in Curl_ossl_ctx_init()
3749 if(ssl_config->primary.username && Curl_auth_allowed_to_host(data)) { in Curl_ossl_ctx_init()
3750 char * const ssl_username = ssl_config->primary.username; in Curl_ossl_ctx_init()
3751 char * const ssl_password = ssl_config->primary.password; in Curl_ossl_ctx_init()
3752 infof(data, "Using TLS-SRP username: %s", ssl_username); in Curl_ossl_ctx_init()
3754 if(!SSL_CTX_set_srp_username(octx->ssl_ctx, ssl_username)) { in Curl_ossl_ctx_init()
3758 if(!SSL_CTX_set_srp_password(octx->ssl_ctx, ssl_password)) { in Curl_ossl_ctx_init()
3762 if(!conn_config->cipher_list) { in Curl_ossl_ctx_init()
3765 if(!SSL_CTX_set_cipher_list(octx->ssl_ctx, "SRP")) { in Curl_ossl_ctx_init()
3775 * anyway. In the latter case the result of the verification is checked with in Curl_ossl_ctx_init()
3777 SSL_CTX_set_verify(octx->ssl_ctx, in Curl_ossl_ctx_init()
3783 SSL_CTX_set_keylog_callback(octx->ssl_ctx, ossl_keylog_callback); in Curl_ossl_ctx_init()
3792 SSL_CTX_set_session_cache_mode(octx->ssl_ctx, in Curl_ossl_ctx_init()
3795 SSL_CTX_sess_set_new_cb(octx->ssl_ctx, cb_new_session); in Curl_ossl_ctx_init()
3798 /* give application a chance to interfere with SSL set up. */ in Curl_ossl_ctx_init()
3799 if(data->set.ssl.fsslctx) { in Curl_ossl_ctx_init()
3803 if(!octx->x509_store_setup) { in Curl_ossl_ctx_init()
3804 result = Curl_ssl_setup_x509_store(cf, data, octx->ssl_ctx); in Curl_ossl_ctx_init()
3807 octx->x509_store_setup = TRUE; in Curl_ossl_ctx_init()
3810 result = (*data->set.ssl.fsslctx)(data, octx->ssl_ctx, in Curl_ossl_ctx_init()
3811 data->set.ssl.fsslctxp); in Curl_ossl_ctx_init()
3820 if(octx->ssl) in Curl_ossl_ctx_init()
3821 SSL_free(octx->ssl); in Curl_ossl_ctx_init()
3822 octx->ssl = SSL_new(octx->ssl_ctx); in Curl_ossl_ctx_init()
3823 if(!octx->ssl) { in Curl_ossl_ctx_init()
3828 SSL_set_app_data(octx->ssl, ssl_user_data); in Curl_ossl_ctx_init()
3832 if(conn_config->verifystatus) in Curl_ossl_ctx_init()
3833 SSL_set_tlsext_status_type(octx->ssl, TLSEXT_STATUSTYPE_ocsp); in Curl_ossl_ctx_init()
3838 SSL_set_renegotiate_mode(octx->ssl, ssl_renegotiate_freely); in Curl_ossl_ctx_init()
3841 SSL_set_connect_state(octx->ssl); in Curl_ossl_ctx_init()
3843 octx->server_cert = 0x0; in Curl_ossl_ctx_init()
3845 if(peer->sni) { in Curl_ossl_ctx_init()
3846 if(!SSL_set_tlsext_host_name(octx->ssl, peer->sni)) { in Curl_ossl_ctx_init()
3856 char *outername = data->set.str[STRING_ECH_PUBLIC]; in Curl_ossl_ctx_init()
3859 if(data->set.tls_ech & CURLECH_GREASE) { in Curl_ossl_ctx_init()
3862 SSL_set_enable_ech_grease(octx->ssl, 1); in Curl_ossl_ctx_init()
3864 SSL_set_options(octx->ssl, SSL_OP_ECH_GREASE); in Curl_ossl_ctx_init()
3867 else if(data->set.tls_ech & CURLECH_CLA_CFG) { in Curl_ossl_ctx_init()
3870 const char *b64 = data->set.str[STRING_ECH_CONFIG]; in Curl_ossl_ctx_init()
3880 if(data->set.tls_ech & CURLECH_HARD) in Curl_ossl_ctx_init()
3883 if(SSL_set1_ech_config_list(octx->ssl, ech_config, in Curl_ossl_ctx_init()
3886 if(data->set.tls_ech & CURLECH_HARD) { in Curl_ossl_ctx_init()
3894 ech_config = (unsigned char *) data->set.str[STRING_ECH_CONFIG]; in Curl_ossl_ctx_init()
3899 ech_config_len = strlen(data->set.str[STRING_ECH_CONFIG]); in Curl_ossl_ctx_init()
3900 if(SSL_ech_set1_echconfig(octx->ssl, ech_config, ech_config_len) != 1) { in Curl_ossl_ctx_init()
3902 if(data->set.tls_ech & CURLECH_HARD) in Curl_ossl_ctx_init()
3913 dns = Curl_fetch_addr(data, connssl->peer.hostname, connssl->peer.port); in Curl_ossl_ctx_init()
3916 if(data->set.tls_ech & CURLECH_HARD) in Curl_ossl_ctx_init()
3922 rinfo = dns->hinfo; in Curl_ossl_ctx_init()
3923 if(rinfo && rinfo->echconfiglist) { in Curl_ossl_ctx_init()
3924 unsigned char *ecl = rinfo->echconfiglist; in Curl_ossl_ctx_init()
3925 size_t elen = rinfo->echconfiglist_len; in Curl_ossl_ctx_init()
3929 if(SSL_ech_set1_echconfig(octx->ssl, ecl, elen) != 1) { in Curl_ossl_ctx_init()
3931 if(data->set.tls_ech & CURLECH_HARD) in Curl_ossl_ctx_init()
3935 if(SSL_set1_ech_config_list(octx->ssl, ecl, elen) != 1) { in Curl_ossl_ctx_init()
3937 if(data->set.tls_ech & CURLECH_HARD) in Curl_ossl_ctx_init()
3948 if(data->set.tls_ech & CURLECH_HARD) in Curl_ossl_ctx_init()
3956 infof(data, "ECH: setting public_name not supported with boringssl"); in Curl_ossl_ctx_init()
3962 connssl->peer.hostname, outername); in Curl_ossl_ctx_init()
3963 result = SSL_ech_set_server_names(octx->ssl, in Curl_ossl_ctx_init()
3964 connssl->peer.hostname, outername, in Curl_ossl_ctx_init()
3973 && SSL_set_min_proto_version(octx->ssl, TLS1_3_VERSION) != 1) { in Curl_ossl_ctx_init()
3982 octx->reused_session = FALSE; in Curl_ossl_ctx_init()
3983 if(ssl_config->primary.sessionid && transport == TRNSPRT_TCP) { in Curl_ossl_ctx_init()
3987 if(!SSL_set_session(octx->ssl, ssl_sessionid)) { in Curl_ossl_ctx_init()
3996 octx->reused_session = TRUE; in Curl_ossl_ctx_init()
4007 struct ssl_connect_data *connssl = cf->ctx; in ossl_connect_step1()
4008 struct ossl_ctx *octx = (struct ossl_ctx *)connssl->backend; in ossl_connect_step1()
4013 DEBUGASSERT(ssl_connect_1 == connssl->connecting_state); in ossl_connect_step1()
4017 if(connssl->alpn) { in ossl_connect_step1()
4018 result = Curl_alpn_to_proto_buf(&proto, connssl->alpn); in ossl_connect_step1()
4026 result = Curl_ossl_ctx_init(octx, cf, data, &connssl->peer, TRNSPRT_TCP, in ossl_connect_step1()
4032 octx->bio_method = ossl_bio_cf_method_create(); in ossl_connect_step1()
4033 if(!octx->bio_method) in ossl_connect_step1()
4035 bio = BIO_new(octx->bio_method); in ossl_connect_step1()
4041 /* with OpenSSL v1.1.1 we get an alternative to SSL_set_bio() that works in ossl_connect_step1()
4047 SSL_set0_rbio(octx->ssl, bio); in ossl_connect_step1()
4048 SSL_set0_wbio(octx->ssl, bio); in ossl_connect_step1()
4050 SSL_set_bio(octx->ssl, bio, bio); in ossl_connect_step1()
4054 if(connssl->alpn) { in ossl_connect_step1()
4055 Curl_alpn_to_proto_str(&proto, connssl->alpn); in ossl_connect_step1()
4059 connssl->connecting_state = ssl_connect_2; in ossl_connect_step1()
4131 struct ssl_connect_data *connssl = cf->ctx;
4132 struct ossl_ctx *octx = (struct ossl_ctx *)connssl->backend;
4134 DEBUGASSERT(ssl_connect_2 == connssl->connecting_state
4135 || ssl_connect_2_reading == connssl->connecting_state
4136 || ssl_connect_2_writing == connssl->connecting_state);
4141 err = SSL_connect(octx->ssl);
4143 if(!octx->x509_store_setup) {
4146 CURLcode result = Curl_ssl_setup_x509_store(cf, data, octx->ssl_ctx);
4149 octx->x509_store_setup = TRUE;
4155 * proceed with logging secrets (for TLS 1.2 or older).
4158 ossl_log_tls12_secret(octx->ssl, &done);
4159 octx->keylog_done = done;
4167 int detail = SSL_get_error(octx->ssl, err);
4170 connssl->connecting_state = ssl_connect_2_reading;
4174 connssl->connecting_state = ssl_connect_2_writing;
4179 connssl->connecting_state = ssl_connect_2;
4185 connssl->connecting_state = ssl_connect_2;
4189 if(octx->io_result == CURLE_AGAIN) {
4202 connssl->connecting_state = ssl_connect_2;
4217 lerr = SSL_get_verify_result(octx->ssl);
4219 ssl_config->certverifyresult = lerr;
4231 OpenSSL version above v1.1.1, not LibreSSL, BoringSSL, or AWS-LC */
4249 ossl_trace_ech_retry_configs(data, octx->ssl, reason);
4262 /* If we e.g. use SSLv2 request-method and the server doesn't like us
4274 connssl->peer.hostname, connssl->peer.port);
4289 connssl->connecting_state = ssl_connect_3;
4292 SSL_get_peer_signature_type_nid(octx->ssl, &psigtype_nid);
4294 negotiated_group_name = SSL_get0_group_name(octx->ssl);
4297 OBJ_nid2sn(SSL_get_negotiated_group(octx->ssl) & 0x0000FFFF);
4303 SSL_get_version(octx->ssl),
4304 SSL_get_cipher(octx->ssl),
4315 rv = SSL_ech_get_status(octx->ssl, &inner, &outer);
4321 status = "sent GREASE, got retry-configs";
4356 ossl_trace_ech_retry_configs(data, octx->ssl, 0);
4359 && data->set.tls_ech & CURLECH_HARD) {
4360 infof(data, "ECH: ech-hard failed");
4374 if(connssl->alpn) {
4377 SSL_get0_alpn_selected(octx->ssl, &neg_protocol, &len);
4430 if((len1 != len2) || !temp || ((temp - buff1) != len1))
4519 struct connectdata *conn = cf->conn;
4531 bool strict = (conn_config->verifypeer || conn_config->verifyhost);
4544 if(data->set.ssl.certinfo)
4546 (void)Curl_ossl_certchain(data, octx->ssl);
4548 octx->server_cert = SSL_get1_peer_certificate(octx->ssl);
4549 if(!octx->server_cert) {
4561 rc = x509_name_oneline(X509_get_subject_name(octx->server_cert),
4568 ASN1_TIME_print(mem, X509_get0_notBefore(octx->server_cert));
4573 ASN1_TIME_print(mem, X509_get0_notAfter(octx->server_cert));
4582 if(conn_config->verifyhost) {
4583 result = Curl_ossl_verifyhost(data, conn, peer, octx->server_cert);
4585 X509_free(octx->server_cert);
4586 octx->server_cert = NULL;
4591 rc = x509_name_oneline(X509_get_issuer_name(octx->server_cert),
4595 failf(data, "SSL: couldn't get X509-issuer name");
4604 /* e.g. match issuer name with provided issuer certificate */
4605 if(conn_config->issuercert || conn_config->issuercert_blob) {
4606 if(conn_config->issuercert_blob) {
4607 fp = BIO_new_mem_buf(conn_config->issuercert_blob->data,
4608 (int)conn_config->issuercert_blob->len);
4615 X509_free(octx->server_cert);
4616 octx->server_cert = NULL;
4628 X509_free(octx->server_cert);
4629 octx->server_cert = NULL;
4633 if(BIO_read_filename(fp, conn_config->issuercert) <= 0) {
4636 conn_config->issuercert);
4638 X509_free(octx->server_cert);
4639 octx->server_cert = NULL;
4648 conn_config->issuercert);
4651 X509_free(octx->server_cert);
4652 octx->server_cert = NULL;
4656 if(X509_check_issued(issuer, octx->server_cert) != X509_V_OK) {
4659 conn_config->issuercert);
4662 X509_free(octx->server_cert);
4663 octx->server_cert = NULL;
4668 conn_config->issuercert);
4673 lerr = SSL_get_verify_result(octx->ssl);
4674 ssl_config->certverifyresult = lerr;
4676 if(conn_config->verifypeer) {
4693 infof_certstack(data, octx->ssl);
4697 if(conn_config->verifystatus && !octx->reused_session) {
4716 X509_free(octx->server_cert);
4717 octx->server_cert = NULL;
4729 data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY]:
4730 data->set.str[STRING_SSL_PINNEDPUBLICKEY];
4732 ptr = data->set.str[STRING_SSL_PINNEDPUBLICKEY];
4735 result = ossl_pkp_pin_peer_pubkey(data, octx->server_cert, ptr);
4740 X509_free(octx->server_cert);
4741 octx->server_cert = NULL;
4750 struct ssl_connect_data *connssl = cf->ctx;
4751 struct ossl_ctx *octx = (struct ossl_ctx *)connssl->backend;
4753 DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
4757 * man-in-the-middle attack; NEVERTHELESS, if we're told explicitly not to
4762 result = Curl_oss_check_peer_cert(cf, data, octx, &connssl->peer);
4764 connssl->connecting_state = ssl_connect_done;
4775 struct ssl_connect_data *connssl = cf->ctx;
4780 if(ssl_connection_complete == connssl->state) {
4785 if(ssl_connect_1 == connssl->connecting_state) {
4800 while(ssl_connect_2 == connssl->connecting_state ||
4801 ssl_connect_2_reading == connssl->connecting_state ||
4802 ssl_connect_2_writing == connssl->connecting_state) {
4816 (connssl->connecting_state == ssl_connect_2_reading ||
4817 connssl->connecting_state == ssl_connect_2_writing)) {
4820 connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
4822 connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
4849 (ssl_connect_2 == connssl->connecting_state ||
4850 ssl_connect_2_reading == connssl->connecting_state ||
4851 ssl_connect_2_writing == connssl->connecting_state)))
4856 if(ssl_connect_3 == connssl->connecting_state) {
4862 if(ssl_connect_done == connssl->connecting_state) {
4863 connssl->state = ssl_connection_complete;
4870 connssl->connecting_state = ssl_connect_1;
4901 struct ssl_connect_data *connssl = cf->ctx;
4902 struct ossl_ctx *octx = (struct ossl_ctx *)connssl->backend;
4906 if(octx->ssl && SSL_pending(octx->ssl))
4924 struct ssl_connect_data *connssl = cf->ctx;
4925 struct ossl_ctx *octx = (struct ossl_ctx *)connssl->backend;
4933 rc = SSL_write(octx->ssl, mem, memlen);
4936 err = SSL_get_error(octx->ssl, rc);
4945 rc = -1;
4951 if(octx->io_result == CURLE_AGAIN) {
4953 rc = -1;
4968 rc = -1;
4978 rc = -1;
4986 rc = -1;
5006 struct connectdata *conn = cf->conn;
5007 struct ssl_connect_data *connssl = cf->ctx;
5008 struct ossl_ctx *octx = (struct ossl_ctx *)connssl->backend;
5016 nread = (ssize_t)SSL_read(octx->ssl, buf, buffsize);
5020 int err = SSL_get_error(octx->ssl, (int)nread);
5027 if(cf->sockindex == FIRSTSOCKET)
5034 /* there's data pending, re-invoke SSL_read() */
5036 nread = -1;
5042 if(octx->io_result == CURLE_AGAIN) {
5044 nread = -1;
5062 nread = -1;
5067 abruptly without a close_notify alert. For compatibility with older
5071 if it goes ok eventually transition to allow in dev and release with
5086 nread = -1;
5105 if(strncasecompare(ver, expected, sizeof(expected) - 1)) {
5106 ver += sizeof(expected) - 1;
5153 sub[1] = (char) ((minor_ver - 1) % 26 + 'a' + 1);
5157 sub[0] = (char) (minor_ver + 'a' - 1);
5166 "-fips"
5177 /* can be called with data == NULL */
5233 struct ossl_ctx *octx = (struct ossl_ctx *)connssl->backend;
5236 (void *)octx->ssl_ctx : (void *)octx->ssl;
5243 if(mbackend->store) {
5244 X509_STORE_free(mbackend->store);
5246 free(mbackend->CAfile);