Context Navigation

gnutls_hooks.c @ 1c3853a

Visit:

asyncioproxy-ticket

Last change on this file since 1c3853a was 1c3853a, checked in by Fiona Klute <fiona.klute@…>, 16 months ago

Minimal multi-staple implementation

Works, but has limitations:

Async OCSP updates are only done for the server (end entity) certificate.

The configuration requires there to be an OCSP URI in every certificate but the last one in the configured chain. If configuration for any certificate fails vhost configuration fails.

Property mode set to 100644

File size: 70.2 KB

Line
1	/*
2	* Copyright 2004-2005 Paul Querna
3	* Copyright 2008, 2014 Nikos Mavrogiannopoulos
4	* Copyright 2011 Dash Shendy
5	* Copyright 2013-2014 Daniel Kahn Gillmor
6	* Copyright 2015-2020 Fiona Klute
7	*
8	* Licensed under the Apache License, Version 2.0 (the "License");
9	* you may not use this file except in compliance with the License.
10	* You may obtain a copy of the License at
11	*
12	* http://www.apache.org/licenses/LICENSE-2.0
13	*
14	* Unless required by applicable law or agreed to in writing, software
15	* distributed under the License is distributed on an "AS IS" BASIS,
16	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17	* See the License for the specific language governing permissions and
18	* limitations under the License.
19	*/
20
21	#include "mod_gnutls.h"
22	#include "gnutls_cache.h"
23	#include "gnutls_config.h"
24	#include "gnutls_ocsp.h"
25	#include "gnutls_proxy.h"
26	#include "gnutls_sni.h"
27	#include "gnutls_util.h"
28	#include "gnutls_watchdog.h"
29
30	#include "http_vhost.h"
31	#include "ap_mpm.h"
32	#include <mod_status.h>
33	#include <util_mutex.h>
34	#include <apr_escape.h>
35	/* This provides strcmp and related functions */
36	#define APR_WANT_STRFUNC
37	#include <apr_want.h>
38
39	#ifdef ENABLE_MSVA
40	#include <msv/msv.h>
41	#endif
42
43	#ifdef APLOG_USE_MODULE
44	APLOG_USE_MODULE(gnutls);
45	#endif
46
47	#if MOD_GNUTLS_DEBUG
48	static apr_file_t *debug_log_fp;
49	#endif
50
51	#define IS_PROXY_STR(c) \
52	((c->is_proxy == GNUTLS_ENABLED_TRUE) ? "proxy " : "")
53
54	/** Key to encrypt session tickets. Must be kept secret. This key is
55	* generated in the `pre_config` hook and thus constant across
56	* forks. The problem with this approach is that it does not support
57	* regular key rotation. */
58	static gnutls_datum_t session_ticket_key = {NULL, 0};
59
60
61
62	static int mgs_cert_verify(request_rec * r, mgs_handle_t * ctxt);
63	/** use side==0 for server and side==1 for client */
64	static void mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt_t cert, int side, size_t export_cert_size);
65	mgs_srvconf_rec* mgs_find_sni_server(mgs_handle_t *ctxt);
66	static int mgs_status_hook(request_rec *r, int flags);
67	#ifdef ENABLE_MSVA
68	static const char* mgs_x509_construct_uid(request_rec * pool, gnutls_x509_crt_t cert);
69	#endif
70
71	/* Pool Cleanup Function */
72	apr_status_t mgs_cleanup_pre_config(void *data __attribute__((unused)))
73	{
74	/* Free session ticket master key */
75	gnutls_memset(session_ticket_key.data, 0, session_ticket_key.size);
76	gnutls_free(session_ticket_key.data);
77	session_ticket_key.data = NULL;
78	session_ticket_key.size = 0;
79
80	/* Deinit default priority setting */
81	mgs_default_priority_deinit();
82	return APR_SUCCESS;
83	}
84
85	/* Logging Function for Maintainers */
86	#if MOD_GNUTLS_DEBUG
87	static void gnutls_debug_log_all(int level, const char *str) {
88	apr_file_printf(debug_log_fp, "<%d> %s", level, str);
89	}
90	#define _gnutls_log apr_file_printf
91	#else
92	#define _gnutls_log(...)
93	#endif
94
95	static const char* mgs_readable_cvm(mgs_client_verification_method_e m) {
96	switch(m) {
97	case mgs_cvm_unset:
98	return "unset";
99	case mgs_cvm_cartel:
100	return "cartel";
101	case mgs_cvm_msva:
102	return "msva";
103	}
104	return "unknown";
105	}
106
107	/* Pre-Configuration HOOK: Runs First */
108	int mgs_hook_pre_config(apr_pool_t * pconf, apr_pool_t * plog, apr_pool_t * ptemp __attribute__((unused))) {
109
110	/* Maintainer Logging */
111	#if MOD_GNUTLS_DEBUG
112	apr_file_open(&debug_log_fp, "/tmp/gnutls_debug", APR_APPEND \| APR_WRITE \| APR_CREATE, APR_OS_DEFAULT, pconf);
113	_gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
114	gnutls_global_set_log_level(9);
115	gnutls_global_set_log_function(gnutls_debug_log_all);
116	_gnutls_log(debug_log_fp, "gnutls: %s\n", gnutls_check_version(NULL));
117	#endif
118
119	int ret;
120
121	/* Check for required GnuTLS Library Version */
122	if (gnutls_check_version(LIBGNUTLS_VERSION) == NULL) {
123	ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, plog, "gnutls_check_version() failed. Required: "
124	"gnutls-%s Found: gnutls-%s", LIBGNUTLS_VERSION, gnutls_check_version(NULL));
125	return DONE;
126	}
127
128	/* Generate a Session Key */
129	ret = gnutls_session_ticket_key_generate(&session_ticket_key);
130	if (ret < 0) {
131	ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, plog, "gnutls_session_ticket_key_generate: %s", gnutls_strerror(ret));
132	return DONE;
133	}
134
135	/* Initialize default priority setting */
136	ret = mgs_default_priority_init();
137	if (ret < 0)
138	{
139	ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, plog,
140	"gnutls_priority_init failed for default '%s': %s (%d)",
141	MGS_DEFAULT_PRIORITY, gnutls_strerror(ret), ret);
142	return DONE;
143	}
144
145	AP_OPTIONAL_HOOK(status_hook, mgs_status_hook, NULL, NULL, APR_HOOK_MIDDLE);
146
147	ap_mutex_register(pconf, MGS_CACHE_MUTEX_NAME, NULL, APR_LOCK_DEFAULT, 0);
148	ap_mutex_register(pconf, MGS_OCSP_MUTEX_NAME, NULL, APR_LOCK_DEFAULT, 0);
149	ap_mutex_register(pconf, MGS_OCSP_CACHE_MUTEX_NAME, NULL,
150	APR_LOCK_DEFAULT, 0);
151
152	/* Register a pool clean-up function */
153	apr_pool_cleanup_register(pconf, NULL, mgs_cleanup_pre_config, apr_pool_cleanup_null);
154
155	return OK;
156	}
157
158
159
160	/**
161	* Get the list of available protocols for this connection and add it
162	* to the GnuTLS session. Must run before the client hello function.
163	*/
164	static void prepare_alpn_proposals(mgs_handle_t *ctxt)
165	{
166	/* Check if any protocol upgrades are available
167	*
168	* The "report_all" parameter to ap_get_protocol_upgrades() is 0
169	* (report only more preferable protocols) because setting it to 1
170	* doesn't actually report ALL protocols, but only all except the
171	* current one. This way we can at least list the current one as
172	* available by appending it without potentially negotiating a
173	* less preferred protocol. */
174	const apr_array_header_t *pupgrades = NULL;
175	apr_status_t ret =
176	ap_get_protocol_upgrades(ctxt->c, NULL, ctxt->sc->s,
177	/report_all/ 0, &pupgrades);
178	if (ret != APR_SUCCESS)
179	{
180	ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, ctxt->c,
181	"%s: ap_get_protocol_upgrades() failed, "
182	"cannot configure ALPN!", __func__);
183	return;
184	}
185
186	if (pupgrades == NULL \|\| pupgrades->nelts == 0)
187	{
188	ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, ctxt->c,
189	"%s: No protocol upgrades available.", __func__);
190	return;
191	}
192
193	ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, ctxt->c,
194	"%s: Found %d protocol upgrade(s) for ALPN: %s",
195	__func__, pupgrades->nelts,
196	apr_array_pstrcat(ctxt->c->pool, pupgrades, ','));
197	gnutls_datum_t *alpn_protos =
198	mgs_str_array_to_datum_array(pupgrades,
199	ctxt->c->pool,
200	pupgrades->nelts + 1);
201
202	/* Add the current (default) protocol at the end of the list */
203	alpn_protos[pupgrades->nelts].data =
204	(void*) apr_pstrdup(ctxt->c->pool, ap_get_protocol(ctxt->c));
205	alpn_protos[pupgrades->nelts].size =
206	strlen((char*) alpn_protos[pupgrades->nelts].data);
207	ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, ctxt->c,
208	"%s: Adding current protocol %s to ALPN set.",
209	__func__, alpn_protos[pupgrades->nelts].data);
210
211	gnutls_alpn_set_protocols(ctxt->session,
212	alpn_protos,
213	pupgrades->nelts,
214	GNUTLS_ALPN_SERVER_PRECEDENCE);
215	}
216
217
218
219	/**
220	* Check if ALPN selected any protocol upgrade, try to switch if so.
221	*/
222	static int process_alpn_result(mgs_handle_t *ctxt)
223	{
224	int ret = 0;
225	gnutls_datum_t alpn_proto;
226	ret = gnutls_alpn_get_selected_protocol(ctxt->session, &alpn_proto);
227	if (ret != GNUTLS_E_SUCCESS)
228	{
229	ap_log_cerror(APLOG_MARK, APLOG_TRACE1, APR_SUCCESS, ctxt->c,
230	"%s: No ALPN result: %s (%d)",
231	__func__, gnutls_strerror(ret), ret);
232	return GNUTLS_E_SUCCESS;
233	}
234
235	apr_array_header_t *client_protos =
236	apr_array_make(ctxt->c->pool, 1, sizeof(char *));
237	/* apr_pstrndup to ensure that the protocol is null terminated */
238	APR_ARRAY_PUSH(client_protos, char *) =
239	apr_pstrndup(ctxt->c->pool, (char*) alpn_proto.data, alpn_proto.size);
240	const char *selected =
241	ap_select_protocol(ctxt->c, NULL, ctxt->sc->s, client_protos);
242
243	/* ap_select_protocol() will return NULL if none of the ALPN
244	* proposals matched. GnuTLS negotiated alpn_proto based on the
245	* list provided by the server, but the vhost might have changed
246	* based on SNI. Apache seems to adjust the proposal list to avoid
247	* such issues though.
248	*
249	* GnuTLS will return a fatal "no_application_protocol" alert as
250	* required by RFC 7301 if the post client hello function returns
251	* GNUTLS_E_NO_APPLICATION_PROTOCOL. */
252	if (!selected)
253	{
254	ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_EGENERAL, ctxt->c,
255	"%s: ap_select_protocol() returned NULL! Please "
256	"make sure any overlapping vhosts have the same "
257	"protocols available.",
258	__func__);
259	return GNUTLS_E_NO_APPLICATION_PROTOCOL;
260	}
261
262	if (strcmp(selected, ap_get_protocol(ctxt->c)) == 0)
263	{
264	ap_log_cerror(APLOG_MARK, APLOG_TRACE1, APR_SUCCESS, ctxt->c,
265	"%s: Already using protocol '%s', nothing to do.",
266	__func__, selected);
267	return GNUTLS_E_SUCCESS;
268	}
269
270	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c,
271	"%s: Switching protocol to '%s' based on ALPN.",
272	__func__, selected);
273	apr_status_t status = ap_switch_protocol(ctxt->c, NULL,
274	ctxt->sc->s,
275	selected);
276	if (status != APR_SUCCESS)
277	{
278	ap_log_cerror(APLOG_MARK, APLOG_ERR, status, ctxt->c,
279	"%s: Protocol switch to '%s' failed!",
280	__func__, selected);
281	return GNUTLS_E_NO_APPLICATION_PROTOCOL;
282	}
283	/* ALPN done! */
284	return GNUTLS_E_SUCCESS;
285	}
286
287
288
289	/**
290	* (Re-)Load credentials and priorities for the connection. This is
291	* meant to be called after virtual host selection in the pre or post
292	* client hello hook.
293	*/
294	static int reload_session_credentials(mgs_handle_t *ctxt)
295	{
296	int ret = 0;
297
298	gnutls_certificate_server_set_request(ctxt->session,
299	ctxt->sc->client_verify_mode);
300
301	/* Set x509 credentials */
302	gnutls_credentials_set(ctxt->session,
303	GNUTLS_CRD_CERTIFICATE, ctxt->sc->certs);
304	/* Set Anon credentials */
305	gnutls_credentials_set(ctxt->session, GNUTLS_CRD_ANON,
306	ctxt->sc->anon_creds);
307
308	#ifdef ENABLE_SRP
309	/* Set SRP credentials */
310	if (ctxt->sc->srp_tpasswd_conf_file != NULL && ctxt->sc->srp_tpasswd_file != NULL) {
311	gnutls_credentials_set(ctxt->session, GNUTLS_CRD_SRP,
312	ctxt->sc->srp_creds);
313	}
314	#endif
315
316	/* Enable session tickets */
317	if (session_ticket_key.data != NULL &&
318	ctxt->sc->tickets == GNUTLS_ENABLED_TRUE)
319	{
320	ret = gnutls_session_ticket_enable_server(ctxt->session, &session_ticket_key);
321	if (ret != GNUTLS_E_SUCCESS)
322	ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_EGENERAL, ctxt->c,
323	"gnutls_session_ticket_enable_server failed: %s (%d)",
324	gnutls_strerror(ret), ret);
325	}
326
327	/* Update the priorities - to avoid negotiating a ciphersuite that is not
328	* enabled on this virtual server. Note that here we ignore the version
329	* negotiation. */
330	ret = gnutls_priority_set(ctxt->session, ctxt->sc->priorities);
331
332	return ret;
333	}
334
335
336
337	/**
338	* Post client hello hook function for GnuTLS. This function has two
339	* purposes: Firstly, it acts as a fallback for early_sni_hook(), by
340	* parsing SNI and selecting a virtual host based on it if
341	* necessary. Secondly, it calls ALPN processing.
342	*
343	* @param session the TLS session
344	*
345	* @return zero or a GnuTLS error code, as required by GnuTLS hook
346	* definition
347	*/
348	static int post_client_hello_hook(gnutls_session_t session)
349	{
350	int ret = 0;
351	mgs_handle_t *ctxt = gnutls_session_get_ptr(session);
352
353	/* If ctxt->sni_name is set at this point the early_sni_hook()
354	* function ran, found an SNI server name, selected a virtual
355	* host, and set up credentials, so we don't need to do that
356	* again. Otherwise try again, to cover GnuTLS versions < 3.6.3
357	* and pick up future extensions to gnutls_server_name_get(). */
358	if (ctxt->sni_name == NULL)
359	{
360	/* try to find a virtual host */
361	mgs_srvconf_rec *tsc = mgs_find_sni_server(ctxt);
362	if (tsc != NULL)
363	{
364	/* Found a TLS vhost based on the SNI, configure the
365	* connection context. */
366	ctxt->sc = tsc;
367	}
368
369	ap_log_cerror(APLOG_MARK, APLOG_TRACE1, APR_SUCCESS, ctxt->c,
370	"%s: Loading credentials in post client hello hook",
371	__func__);
372	reload_session_credentials(ctxt);
373	}
374
375	ret = process_alpn_result(ctxt);
376	if (ret != GNUTLS_E_SUCCESS)
377	return ret;
378
379	/* actually it shouldn't fail since we have checked at startup */
380	return ret;
381	}
382
383	static int cert_retrieve_fn(gnutls_session_t session,
384	const struct gnutls_cert_retr_st *info __attribute__((unused)),
385	gnutls_pcert_st **pcerts,
386	unsigned int *pcert_length,
387	gnutls_ocsp_data_st **ocsp,
388	unsigned int *ocsp_length,
389	gnutls_privkey_t *privkey,
390	unsigned int *flags)
391	{
392	_gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
393
394	mgs_handle_t *ctxt;
395
396	if (session == NULL) {
397	// ERROR INVALID SESSION
398	return -1;
399	}
400
401	ctxt = gnutls_transport_get_ptr(session);
402
403	if (gnutls_certificate_type_get(session) == GNUTLS_CRT_X509) {
404	// X509 CERTIFICATE
405	*pcerts = ctxt->sc->certs_x509_chain;
406	*pcert_length = ctxt->sc->certs_x509_chain_num;
407	*ocsp = NULL;
408	*ocsp_length = 0;
409	*privkey = ctxt->sc->privkey_x509;
410	*flags = 0;
411
412	if (ctxt->sc->ocsp_staple == GNUTLS_ENABLED_TRUE)
413	{
414	gnutls_ocsp_data_st *resp =
415	apr_palloc(ctxt->c->pool,
416	sizeof(gnutls_ocsp_data_st)
417	* (ctxt->sc->certs_x509_chain_num - 1));
418
419	for (unsigned int i = 0; i < ctxt->sc->ocsp_num; i++)
420	{
421	resp[i].version = 0;
422	resp[i].exptime = 0;
423
424	int ret = mgs_get_ocsp_response(ctxt, ctxt->sc->ocsp[i],
425	&resp[i].response);
426	if (ret == GNUTLS_E_SUCCESS)
427	{
428	ocsp[i] = resp;
429	*ocsp_length = i + 1;
430	}
431	else
432	break;
433	}
434	}
435
436	return 0;
437	} else {
438	// UNKNOWN CERTIFICATE
439	return -1;
440	}
441	}
442
443
444
445	/**
446	* Try to estimate a GnuTLS security parameter based on the given
447	* private key. Any errors are logged.
448	*
449	* @param s The `server_rec` to use for logging
450	*
451	* @param key The private key to use
452	*
453	* @return `gnutls_sec_param_t` as returned by
454	* `gnutls_pk_bits_to_sec_param` for the key properties, or
455	* GNUTLS_SEC_PARAM_UNKNOWN in case of error
456	*/
457	static gnutls_sec_param_t sec_param_from_privkey(server_rec *server,
458	gnutls_privkey_t key)
459	{
460	unsigned int bits = 0;
461	int pk_algo = gnutls_privkey_get_pk_algorithm(key, &bits);
462	if (pk_algo < 0)
463	{
464	ap_log_error(APLOG_MARK, APLOG_ERR, APR_EGENERAL, server,
465	"%s: Could not get private key parameters: %s (%d)",
466	__func__, gnutls_strerror(pk_algo), pk_algo);
467	return GNUTLS_SEC_PARAM_UNKNOWN;
468	}
469	return gnutls_pk_bits_to_sec_param(pk_algo, bits);
470	}
471
472
473
474	/**
475	* Configure the default DH groups to use for the given server. When
476	* compiled against GnuTLS version 3.5.6 or newer the known DH group
477	* matching the GnuTLS security parameter estimated from the private
478	* key is used. Otherwise the ffdhe2048 DH group as defined in RFC
479	* 7919, Appendix A.1 is the default.
480	*
481	* @param server the host to configure
482	*
483	* @return `OK` on success, `HTTP_UNAUTHORIZED` otherwise
484	*/
485	static int set_default_dh_param(server_rec *server)
486	{
487	mgs_srvconf_rec sc = (mgs_srvconf_rec )
488	ap_get_module_config(server->module_config, &gnutls_module);
489
490	gnutls_sec_param_t seclevel = GNUTLS_SEC_PARAM_UNKNOWN;
491	if (sc->privkey_x509)
492	{
493	seclevel = sec_param_from_privkey(server, sc->privkey_x509);
494	ap_log_error(APLOG_MARK, APLOG_TRACE1, APR_SUCCESS, server,
495	"%s: GnuTLS security param estimated based on "
496	"private key '%s': %s",
497	__func__, sc->x509_key_file,
498	gnutls_sec_param_get_name(seclevel));
499	}
500
501	if (seclevel == GNUTLS_SEC_PARAM_UNKNOWN)
502	seclevel = GNUTLS_SEC_PARAM_MEDIUM;
503	ap_log_error(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, server,
504	"%s: Setting DH params for security level '%s'.",
505	__func__, gnutls_sec_param_get_name(seclevel));
506
507	int ret = gnutls_certificate_set_known_dh_params(sc->certs, seclevel);
508	if (ret < 0)
509	{
510	ap_log_error(APLOG_MARK, APLOG_EMERG, APR_EGENERAL, server,
511	"%s: setting known DH params failed: %s (%d)",
512	__func__, gnutls_strerror(ret), ret);
513	return HTTP_UNAUTHORIZED;
514	}
515	ret = gnutls_anon_set_server_known_dh_params(sc->anon_creds, seclevel);
516	if (ret < 0)
517	{
518	ap_log_error(APLOG_MARK, APLOG_EMERG, APR_EGENERAL, server,
519	"%s: setting known DH params failed: %s (%d)",
520	__func__, gnutls_strerror(ret), ret);
521	return HTTP_UNAUTHORIZED;
522	}
523
524	return OK;
525	}
526
527
528
529	/**
530	* Post config hook.
531	*
532	* Must return OK or DECLINED on success, something else on
533	* error. These codes are defined in Apache httpd.h along with the
534	* HTTP status codes, so I'm going to use HTTP error codes both for
535	* fun (and to avoid conflicts).
536	*/
537	int mgs_hook_post_config(apr_pool_t *pconf,
538	apr_pool_t *plog __attribute__((unused)),
539	apr_pool_t *ptemp,
540	server_rec *base_server)
541	{
542	int rv;
543	server_rec *s;
544	mgs_srvconf_rec *sc;
545	mgs_srvconf_rec *sc_base;
546	void *data = NULL;
547	const char *userdata_key = "mgs_init";
548
549	_gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
550
551	apr_pool_userdata_get(&data, userdata_key, base_server->process->pool);
552	if (data == NULL) {
553	apr_pool_userdata_set((const void *) 1, userdata_key, apr_pool_cleanup_null, base_server->process->pool);
554	}
555
556	s = base_server;
557	sc_base = (mgs_srvconf_rec *) ap_get_module_config(s->module_config, &gnutls_module);
558
559
560	rv = mgs_cache_post_config(pconf, ptemp, s, sc_base);
561	if (rv != APR_SUCCESS)
562	{
563	ap_log_error(APLOG_MARK, APLOG_STARTUP, rv, s,
564	"Post config for cache failed.");
565	return HTTP_INSUFFICIENT_STORAGE;
566	}
567
568	if (sc_base->ocsp_mutex == NULL)
569	{
570	rv = ap_global_mutex_create(&sc_base->ocsp_mutex, NULL,
571	MGS_OCSP_MUTEX_NAME, NULL,
572	base_server, pconf, 0);
573	if (rv != APR_SUCCESS)
574	return rv;
575	}
576
577	/* If GnuTLSP11Module is set, load the listed PKCS #11
578	* modules. Otherwise system defaults will be used. */
579	if (sc_base->p11_modules != NULL)
580	{
581	rv = gnutls_pkcs11_init(GNUTLS_PKCS11_FLAG_MANUAL, NULL);
582	if (rv < 0)
583	{
584	ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, s,
585	"GnuTLS: Initializing PKCS #11 "
586	"failed: %s (%d).",
587	gnutls_strerror(rv), rv);
588	}
589	else
590	{
591	for (int i = 0; i < sc_base->p11_modules->nelts; i++)
592	{
593	char *p11_module =
594	APR_ARRAY_IDX(sc_base->p11_modules, i, char *);
595	rv = gnutls_pkcs11_add_provider(p11_module, NULL);
596	if (rv != GNUTLS_E_SUCCESS)
597	ap_log_error(APLOG_MARK, APLOG_STARTUP, APR_EGENERAL, s,
598	"GnuTLS: Loading PKCS #11 provider module %s "
599	"failed: %s (%d).",
600	p11_module, gnutls_strerror(rv), rv);
601	else
602	ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
603	"%s: PKCS #11 provider module %s loaded.",
604	__func__, p11_module);
605	}
606	}
607	}
608
609	sc_base->singleton_wd =
610	mgs_new_singleton_watchdog(base_server, MGS_SINGLETON_WATCHDOG, pconf);
611
612	for (s = base_server; s; s = s->next)
613	{
614	sc = (mgs_srvconf_rec *) ap_get_module_config(s->module_config, &gnutls_module);
615	sc->s = s;
616	sc->cache_enable = sc_base->cache_enable;
617	sc->cache = sc_base->cache;
618	if (sc->cache_timeout == MGS_TIMEOUT_UNSET)
619	sc->cache_timeout = sc_base->cache_timeout;
620	sc->ocsp_cache = sc_base->ocsp_cache;
621
622	sc->singleton_wd = sc_base->singleton_wd;
623
624	/* defaults for unset values: */
625	if (sc->enabled == GNUTLS_ENABLED_UNSET)
626	sc->enabled = GNUTLS_ENABLED_FALSE;
627	if (sc->tickets == GNUTLS_ENABLED_UNSET)
628	{
629	/* GnuTLS 3.6.4 introduced automatic master key rotation */
630	if (gnutls_check_version_numeric(3, 6, 4))
631	sc->tickets = GNUTLS_ENABLED_TRUE;
632	else
633	sc->tickets = GNUTLS_ENABLED_FALSE;
634	}
635	if (sc->export_certificates_size < 0)
636	sc->export_certificates_size = 0;
637	if (sc->client_verify_mode == -1)
638	sc->client_verify_mode = GNUTLS_CERT_IGNORE;
639	if (sc->client_verify_method == mgs_cvm_unset)
640	sc->client_verify_method = mgs_cvm_cartel;
641
642	// TODO: None of the stuff below needs to be done if
643	// sc->enabled == GNUTLS_ENABLED_FALSE, we could just continue
644	// to the next host.
645
646	/* Load certificates and stuff (includes parsing priority) */
647	rv = mgs_load_files(pconf, ptemp, s);
648	if (rv != 0) {
649	ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, s,
650	"%s: Loading credentials failed!", __func__);
651	return HTTP_NOT_FOUND;
652	}
653
654	sc->ocsp_mutex = sc_base->ocsp_mutex;
655	/* init OCSP configuration unless explicitly disabled */
656	if (sc->enabled && sc->ocsp_staple != GNUTLS_ENABLED_FALSE)
657	{
658	const char *err = mgs_ocsp_configure_stapling(pconf, ptemp, s);
659	if (err != NULL)
660	{
661	/* If OCSP stapling is enabled only by default ignore
662	* error and disable stapling */
663	if (sc->ocsp_staple == GNUTLS_ENABLED_UNSET)
664	{
665	ap_log_error(APLOG_MARK, APLOG_INFO, APR_SUCCESS, s,
666	"Cannnot enable OCSP stapling for "
667	"host '%s:%d': %s",
668	s->server_hostname, s->addrs->host_port, err);
669	sc->ocsp_staple = GNUTLS_ENABLED_FALSE;
670	}
671	/* If OCSP stapling is explicitly enabled this is a
672	* critical error. */
673	else
674	{
675	ap_log_error(APLOG_MARK, APLOG_STARTUP, APR_EINVAL, s,
676	"OCSP stapling configuration failed for "
677	"host '%s:%d': %s",
678	s->server_hostname, s->addrs->host_port, err);
679	return HTTP_INTERNAL_SERVER_ERROR;
680	}
681	}
682	else
683	{
684	/* Might already be set */
685	sc->ocsp_staple = GNUTLS_ENABLED_TRUE;
686	/* Set up stapling */
687	rv = mgs_ocsp_enable_stapling(pconf, ptemp, s);
688	if (rv != OK && rv != DECLINED)
689	return rv;
690	}
691	}
692
693	/* Check if the priorities have been set */
694	if (sc->priorities == NULL && sc->enabled == GNUTLS_ENABLED_TRUE) {
695	ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
696	"No GnuTLSPriorities directive for host '%s:%d', "
697	"using default '%s'.",
698	s->server_hostname, s->addrs->host_port,
699	MGS_DEFAULT_PRIORITY);
700	sc->priorities = mgs_get_default_prio();
701	}
702
703	/* Set host DH params from user configuration or defaults */
704	if (sc->dh_params != NULL) {
705	gnutls_certificate_set_dh_params(sc->certs, sc->dh_params);
706	gnutls_anon_set_server_dh_params(sc->anon_creds, sc->dh_params);
707	} else {
708	rv = set_default_dh_param(s);
709	if (rv != OK)
710	return rv;
711	}
712
713	gnutls_certificate_set_retrieve_function3(sc->certs, cert_retrieve_fn);
714
715	if ((sc->certs_x509_chain == NULL \|\| sc->certs_x509_chain_num < 1) &&
716	sc->enabled == GNUTLS_ENABLED_TRUE) {
717	ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, s,
718	"GnuTLS: Host '%s:%d' is missing a Certificate File!",
719	s->server_hostname, s->addrs->host_port);
720	return HTTP_UNAUTHORIZED;
721	}
722	if (sc->enabled == GNUTLS_ENABLED_TRUE &&
723	(sc->certs_x509_chain_num > 0 && sc->privkey_x509 == NULL))
724	{
725	ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, s,
726	"GnuTLS: Host '%s:%d' is missing a Private Key File!",
727	s->server_hostname, s->addrs->host_port);
728	return HTTP_UNAUTHORIZED;
729	}
730
731	if (sc->enabled == GNUTLS_ENABLED_TRUE
732	&& sc->proxy_enabled == GNUTLS_ENABLED_TRUE
733	&& load_proxy_x509_credentials(pconf, ptemp, s) != APR_SUCCESS)
734	{
735	ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, s,
736	"%s: loading proxy credentials for host "
737	"'%s:%d' failed, exiting!",
738	__func__, s->server_hostname, s->addrs->host_port);
739	return HTTP_PROXY_AUTHENTICATION_REQUIRED;
740	}
741	}
742
743
744	ap_add_version_component(pconf, "mod_gnutls/" MOD_GNUTLS_VERSION);
745
746	{
747	const char* libvers = gnutls_check_version(NULL);
748	char* gnutls_version = NULL;
749	if(libvers && (gnutls_version = apr_psprintf(pconf, "GnuTLS/%s", libvers))) {
750	ap_add_version_component(pconf, gnutls_version);
751	} else {
752	// In case we could not create the above string go for the static version instead
753	ap_add_version_component(pconf, "GnuTLS/" GNUTLS_VERSION "-static");
754	}
755	}
756
757	return OK;
758	}
759
760	void mgs_hook_child_init(apr_pool_t p, server_rec s)
761	{
762	apr_status_t rv = APR_SUCCESS;
763	mgs_srvconf_rec sc = (mgs_srvconf_rec )
764	ap_get_module_config(s->module_config, &gnutls_module);
765
766	_gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
767
768	/* if we use PKCS #11 reinitialize it */
769	if (mgs_pkcs11_reinit(s) < 0) {
770	ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s,
771	"GnuTLS: Failed to reinitialize PKCS #11");
772	exit(-1);
773	}
774
775	if (sc->cache_enable == GNUTLS_ENABLED_TRUE)
776	{
777	rv = mgs_cache_child_init(p, s, sc->cache, MGS_CACHE_MUTEX_NAME);
778	if (rv != APR_SUCCESS)
779	ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
780	"Child init for session cache failed!");
781	}
782
783	if (sc->ocsp_cache != NULL)
784	{
785	rv = mgs_cache_child_init(p, s, sc->ocsp_cache,
786	MGS_OCSP_CACHE_MUTEX_NAME);
787	if (rv != APR_SUCCESS)
788	ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
789	"Child init for OCSP cache failed!");
790	}
791
792	/* reinit OCSP request mutex */
793	const char *lockfile = apr_global_mutex_lockfile(sc->ocsp_mutex);
794	rv = apr_global_mutex_child_init(&sc->ocsp_mutex, lockfile, p);
795	if (rv != APR_SUCCESS)
796	ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
797	"Failed to reinit mutex '" MGS_OCSP_MUTEX_NAME "'.");
798
799	/* Block SIGPIPE Signals */
800	rv = apr_signal_block(SIGPIPE);
801	if(rv != APR_SUCCESS) {
802	/* error sending output */
803	ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
804	"GnuTLS: Error Blocking SIGPIPE Signal!");
805	}
806	}
807
808	const char mgs_hook_http_scheme(const request_rec r) {
809	mgs_srvconf_rec *sc;
810
811	if (r == NULL)
812	return NULL;
813
814	sc = (mgs_srvconf_rec *) ap_get_module_config(r->
815	server->module_config,
816	&gnutls_module);
817
818	_gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
819	if (sc->enabled == GNUTLS_ENABLED_FALSE) {
820	return NULL;
821	}
822
823	return "https";
824	}
825
826	apr_port_t mgs_hook_default_port(const request_rec * r) {
827	mgs_srvconf_rec *sc;
828
829	if (r == NULL)
830	return 0;
831
832	sc = (mgs_srvconf_rec *) ap_get_module_config(r->
833	server->module_config,
834	&gnutls_module);
835
836	_gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
837	if (sc->enabled == GNUTLS_ENABLED_FALSE) {
838	return 0;
839	}
840
841	return 443;
842	}
843
844
845
846	typedef struct {
847	mgs_handle_t *ctxt;
848	mgs_srvconf_rec *sc;
849	const char *sni_name;
850	} vhost_cb_rec;
851
852	/**
853	* Matches the current vhost's ServerAlias directives
854	*
855	* @param x vhost callback record
856	* @param s server record
857	* @param tsc mod_gnutls server data for `s`
858	*
859	* @return true if a match, false otherwise
860	*
861	*/
862	int check_server_aliases(vhost_cb_rec x, server_rec s, mgs_srvconf_rec *tsc)
863	{
864	apr_array_header_t *names;
865	int rv = 0;
866	char ** name;
867
868	/* Check ServerName First! */
869	if (strcasecmp(x->sni_name, s->server_hostname) == 0) {
870	// We have a match, save this server configuration
871	x->sc = tsc;
872	rv = 1;
873	/* Check any ServerAlias directives */
874	} else if(s->names->nelts) {
875	names = s->names;
876	name = (char **) names->elts;
877	for (int i = 0; i < names->nelts; ++i)
878	{
879	if (!name[i])
880	continue;
881	if (strcasecmp(x->sni_name, name[i]) == 0)
882	{
883	// We have a match, save this server configuration
884	x->sc = tsc;
885	rv = 1;
886	}
887	}
888	/* ServerAlias directives may contain wildcards, check those last. */
889	} else if(s->wild_names->nelts) {
890	names = s->wild_names;
891	name = (char **) names->elts;
892	for (int i = 0; i < names->nelts; ++i)
893	{
894	if (!name[i])
895	continue;
896	if (ap_strcasecmp_match(x->sni_name, name[i]) == 0)
897	{
898	x->sc = tsc;
899	rv = 1;
900	}
901	}
902	}
903	return rv;
904	}
905
906	static int vhost_cb(void baton, conn_rec conn, server_rec * s)
907	{
908	mgs_srvconf_rec *tsc;
909	vhost_cb_rec *x = baton;
910	int ret;
911
912	_gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
913	tsc = (mgs_srvconf_rec *) ap_get_module_config(s->module_config,
914	&gnutls_module);
915
916	if (tsc->enabled != GNUTLS_ENABLED_TRUE) {
917	return 0;
918	}
919
920	if (tsc->certs_x509_chain_num > 0) {
921	/* this check is there to warn administrator of any missing hostname
922	* in the certificate. */
923	ret = gnutls_x509_crt_check_hostname(tsc->certs_x509_crt_chain[0], s->server_hostname);
924	if (0 == ret)
925	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, conn,
926	"GnuTLS: the certificate doesn't match requested "
927	"hostname '%s'", s->server_hostname);
928	} else {
929	ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, conn,
930	"GnuTLS: SNI request for '%s' but no X.509 certs "
931	"available at all",
932	s->server_hostname);
933	}
934	return check_server_aliases(x, s, tsc);
935	}
936
937	/**
938	* Get SNI data from GnuTLS (if any) and search for a matching virtual
939	* host configuration. This method is called from the post client
940	* hello function.
941	*
942	* @param ctxt the mod_gnutls connection handle
943	*
944	* @return either the matching mod_gnutls server config, or `NULL`
945	*/
946	mgs_srvconf_rec mgs_find_sni_server(mgs_handle_t ctxt)
947	{
948	if (ctxt->sni_name == NULL)
949	{
950	const char *sni_name = mgs_server_name_get(ctxt);
951	if (sni_name != NULL)
952	ctxt->sni_name = sni_name;
953	else
954	return NULL;
955	}
956
957	ap_log_cerror(APLOG_MARK, APLOG_TRACE1, APR_SUCCESS, ctxt->c,
958	"%s: client requested server '%s'.",
959	__func__, ctxt->sni_name);
960
961	/* Search for vhosts matching connection parameters and the
962	* SNI. If a match is found, cbx.sc will contain the mod_gnutls
963	* server config for the vhost. */
964	vhost_cb_rec cbx = {
965	.ctxt = ctxt,
966	.sc = NULL,
967	.sni_name = ctxt->sni_name
968	};
969	int rv = ap_vhost_iterate_given_conn(ctxt->c, vhost_cb, &cbx);
970	if (rv == 1) {
971	return cbx.sc;
972	}
973	return NULL;
974	}
975
976
977
978	#ifdef ENABLE_EARLY_SNI
979	/**
980	* Pre client hello hook function for GnuTLS that implements early SNI
981	* processing using `gnutls_ext_raw_parse()` (available since GnuTLS
982	* 3.6.3). Reading the SNI (if any) before GnuTLS processes the client
983	* hello allows loading virtual host settings that cannot be changed
984	* in the post client hello hook, including ALPN proposals (required
985	* for HTTP/2 support using the `Protocols` directive). In addition to
986	* ALPN this function configures the server credentials.
987	*
988	* The function signature is required by the GnuTLS API.
989	*
990	* @param session the current session
991	* @param htype handshake message type
992	* @param when hook position relative to GnuTLS processing
993	* @param incoming true if the message is incoming, for client hello
994	* that means the hook is running on the server
995	* @param msg raw message data
996	*
997	* @return `GNUTLS_E_SUCCESS` or a GnuTLS error code
998	*/
999	static int early_sni_hook(gnutls_session_t session,
1000	unsigned int htype,
1001	unsigned when,
1002	unsigned int incoming,
1003	const gnutls_datum_t *msg)
1004	{
1005	if (!incoming)
1006	return 0;
1007
1008	mgs_handle_t ctxt = (mgs_handle_t ) gnutls_session_get_ptr(session);
1009
1010	/* This is a hook for pre client hello ONLY! */
1011	if (htype != GNUTLS_HANDSHAKE_CLIENT_HELLO \|\| when != GNUTLS_HOOK_PRE)
1012	{
1013	ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_EINVAL, ctxt->c,
1014	"%s called outside pre client hello hook, this "
1015	"indicates a programming error!",
1016	__func__);
1017	return GNUTLS_E_SELF_TEST_ERROR;
1018	}
1019
1020	int ret = gnutls_ext_raw_parse(session, mgs_sni_ext_hook, msg,
1021	GNUTLS_EXT_RAW_FLAG_TLS_CLIENT_HELLO);
1022	if (ret == 0 && ctxt->sni_name != NULL)
1023	{
1024	ap_log_cerror(APLOG_MARK, APLOG_TRACE1, APR_SUCCESS, ctxt->c,
1025	"%s found SNI name: '%s'",
1026	__func__, ctxt->sni_name);
1027
1028	/* try to find a virtual host for that name */
1029	mgs_srvconf_rec *tsc = mgs_find_sni_server(ctxt);
1030	if (tsc != NULL)
1031	{
1032	/* Found a TLS vhost based on the SNI, configure the
1033	* connection context. */
1034	ctxt->sc = tsc;
1035	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c,
1036	"%s: Selected virtual host %s from early SNI, "
1037	"connection server is %s.",
1038	__func__, ctxt->sc->s->server_hostname,
1039	ctxt->c->base_server->server_hostname);
1040	}
1041	}
1042
1043	reload_session_credentials(ctxt);
1044
1045	prepare_alpn_proposals(ctxt);
1046
1047	return ret;
1048	}
1049	#endif
1050
1051
1052
1053	/**
1054	* This function is intended as a cleanup handler for connections
1055	* using GnuTLS. If attached to the connection pool, it ensures that
1056	* session resources are released with the connection pool even if the
1057	* session wasn't terminated properly.
1058	*
1059	* @param data must point to the mgs_handle_t associated with the
1060	* connection
1061	*/
1062	static apr_status_t cleanup_gnutls_session(void *data)
1063	{
1064	/* nothing to do */
1065	if (data == NULL)
1066	return APR_SUCCESS;
1067
1068	/* check if session needs closing */
1069	mgs_handle_t ctxt = (mgs_handle_t ) data;
1070	if (ctxt->session != NULL)
1071	{
1072	ap_log_cerror(APLOG_MARK, APLOG_WARNING, APR_ECONNABORTED, ctxt->c,
1073	"%s: connection pool cleanup in progress but %sTLS "
1074	"session hasn't been terminated, trying to close",
1075	__func__, IS_PROXY_STR(ctxt));
1076	int ret;
1077	/* Try A Clean Shutdown */
1078	do
1079	ret = gnutls_bye(ctxt->session, GNUTLS_SHUT_WR);
1080	while (ret == GNUTLS_E_INTERRUPTED \|\| ret == GNUTLS_E_AGAIN);
1081	if (ret != GNUTLS_E_SUCCESS)
1082	ap_log_cerror(APLOG_MARK, APLOG_INFO, APR_EGENERAL, ctxt->c,
1083	"%s: error while closing TLS %sconnection: %s (%d)",
1084	__func__, IS_PROXY_STR(ctxt),
1085	gnutls_strerror(ret), ret);
1086	else
1087	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c,
1088	"%s: TLS %sconnection closed.",
1089	__func__, IS_PROXY_STR(ctxt));
1090	/* De-Initialize Session */
1091	gnutls_deinit(ctxt->session);
1092	ctxt->session = NULL;
1093	}
1094	return APR_SUCCESS;
1095	}
1096
1097	static void create_gnutls_handle(conn_rec * c)
1098	{
1099	_gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
1100
1101	/* Get connection specific configuration */
1102	mgs_handle_t *ctxt = init_gnutls_ctxt(c);
1103	ctxt->enabled = GNUTLS_ENABLED_TRUE;
1104	ctxt->status = 0;
1105	ctxt->input_rc = APR_SUCCESS;
1106	ctxt->input_bb = apr_brigade_create(c->pool, c->bucket_alloc);
1107	ctxt->input_cbuf.length = 0;
1108	ctxt->output_rc = APR_SUCCESS;
1109	ctxt->output_bb = apr_brigade_create(c->pool, c->bucket_alloc);
1110	ctxt->output_blen = 0;
1111	ctxt->output_length = 0;
1112
1113	/* Initialize GnuTLS Library */
1114	int err = 0;
1115	if (ctxt->is_proxy == GNUTLS_ENABLED_TRUE)
1116	{
1117	/* this is an outgoing proxy connection, client mode */
1118	err = gnutls_init(&ctxt->session, GNUTLS_CLIENT);
1119	if (err != GNUTLS_E_SUCCESS)
1120	ap_log_cerror(APLOG_MARK, APLOG_ERR, err, c,
1121	"gnutls_init for proxy connection failed: %s (%d)",
1122	gnutls_strerror(err), err);
1123	}
1124	else
1125	{
1126	/* incoming connection, server mode */
1127	err = gnutls_init(&ctxt->session, GNUTLS_SERVER);
1128	if (err != GNUTLS_E_SUCCESS)
1129	ap_log_cerror(APLOG_MARK, APLOG_ERR, err, c,
1130	"gnutls_init for server side failed: %s (%d)",
1131	gnutls_strerror(err), err);
1132	}
1133
1134	/* Ensure TLS session resources are released when the connection
1135	* pool is cleared, if the filters haven't done that already. */
1136	apr_pool_pre_cleanup_register(c->pool, ctxt, cleanup_gnutls_session);
1137
1138	/* Set Default Priority */
1139	err = gnutls_priority_set(ctxt->session, mgs_get_default_prio());
1140	if (err != GNUTLS_E_SUCCESS)
1141	ap_log_cerror(APLOG_MARK, APLOG_ERR, err, c,
1142	"gnutls_priority_set failed!");
1143
1144	#ifdef ENABLE_EARLY_SNI
1145	/* Pre-handshake hook, EXPERIMENTAL */
1146	gnutls_handshake_set_hook_function(ctxt->session,
1147	GNUTLS_HANDSHAKE_CLIENT_HELLO,
1148	GNUTLS_HOOK_PRE, early_sni_hook);
1149	#else
1150	prepare_alpn_proposals(ctxt);
1151	#endif
1152
1153	/* Post client hello hook (called after GnuTLS has parsed it) */
1154	gnutls_handshake_set_post_client_hello_function(ctxt->session,
1155	post_client_hello_hook);
1156
1157	/* Set GnuTLS user pointer, so we can access the module session
1158	* context in GnuTLS callbacks */
1159	gnutls_session_set_ptr(ctxt->session, ctxt);
1160
1161	/* If mod_gnutls is the TLS server, early_sni_hook (or
1162	* post_client_hello_hook, if early SNI is not available) will
1163	* load appropriate credentials during the handshake. However,
1164	* when handling a proxy backend connection, mod_gnutls acts as
1165	* TLS client and credentials must be loaded here. */
1166	if (ctxt->is_proxy == GNUTLS_ENABLED_TRUE)
1167	{
1168	/* Set anonymous client credentials for proxy connections */
1169	gnutls_credentials_set(ctxt->session, GNUTLS_CRD_ANON,
1170	ctxt->sc->anon_client_creds);
1171	/* Set x509 credentials */
1172	gnutls_credentials_set(ctxt->session, GNUTLS_CRD_CERTIFICATE,
1173	ctxt->sc->proxy_x509_creds);
1174	/* Load priorities from the server configuration */
1175	err = gnutls_priority_set(ctxt->session, ctxt->sc->proxy_priorities);
1176	if (err != GNUTLS_E_SUCCESS)
1177	ap_log_cerror(APLOG_MARK, APLOG_ERR, err, c,
1178	"%s: setting priorities for proxy connection "
1179	"failed: %s (%d)",
1180	__func__, gnutls_strerror(err), err);
1181	}
1182
1183	/* Initialize Session Cache */
1184	mgs_cache_session_init(ctxt);
1185
1186	/* Set pull, push & ptr functions */
1187	gnutls_transport_set_pull_function(ctxt->session,
1188	mgs_transport_read);
1189	gnutls_transport_set_push_function(ctxt->session,
1190	mgs_transport_write);
1191	gnutls_transport_set_ptr(ctxt->session, ctxt);
1192	/* Add IO filters */
1193	ctxt->input_filter = ap_add_input_filter(GNUTLS_INPUT_FILTER_NAME,
1194	ctxt, NULL, c);
1195	ctxt->output_filter = ap_add_output_filter(GNUTLS_OUTPUT_FILTER_NAME,
1196	ctxt, NULL, c);
1197	}
1198
1199	int mgs_hook_pre_connection(conn_rec * c, void *csd __attribute__((unused)))
1200	{
1201	_gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
1202
1203	if (c->master)
1204	{
1205	ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c,
1206	"%s declined secondary connection", __func__);
1207	return DECLINED;
1208	}
1209
1210	mgs_srvconf_rec sc = (mgs_srvconf_rec )
1211	ap_get_module_config(c->base_server->module_config, &gnutls_module);
1212	mgs_handle_t ctxt = (mgs_handle_t )
1213	ap_get_module_config(c->conn_config, &gnutls_module);
1214
1215	if ((sc && (!sc->enabled))
1216	\|\| (ctxt && ctxt->enabled == GNUTLS_ENABLED_FALSE))
1217	{
1218	ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, "%s declined connection",
1219	__func__);
1220	return DECLINED;
1221	}
1222
1223	create_gnutls_handle(c);
1224	return OK;
1225	}
1226
1227
1228
1229	/**
1230	* process_connection hook: Do a zero byte read to trigger the
1231	* handshake. Doesn't change anything for traditional protocols that
1232	* just do reads, but HTTP/2 needs the TLS handshake and ALPN to
1233	* happen before its process_connection hook runs.
1234	*/
1235	int mgs_hook_process_connection(conn_rec* c)
1236	{
1237	mgs_handle_t ctxt = (mgs_handle_t )
1238	ap_get_module_config(c->conn_config, &gnutls_module);
1239
1240	if ((ctxt != NULL) && (ctxt->enabled == GNUTLS_ENABLED_TRUE))
1241	{
1242	/* This connection is supposed to use TLS. Give the filters a
1243	* kick with a zero byte read to trigger the handshake. */
1244	apr_bucket_brigade* temp =
1245	apr_brigade_create(c->pool, c->bucket_alloc);
1246	ap_get_brigade(c->input_filters, temp,
1247	AP_MODE_INIT, APR_BLOCK_READ, 0);
1248	apr_brigade_destroy(temp);
1249	}
1250	return DECLINED;
1251	}
1252
1253
1254
1255	/* Post request hook, checks if TLS connection and vhost match */
1256	int mgs_req_vhost_check(request_rec *r)
1257	{
1258	/* mod_gnutls server record for the request vhost */
1259	mgs_srvconf_rec r_sc = (mgs_srvconf_rec )
1260	ap_get_module_config(r->server->module_config, &gnutls_module);
1261	mgs_handle_t *ctxt = get_effective_gnutls_ctxt(r->connection);
1262
1263	/* Nothing to check for non-TLS and outgoing proxy connections */
1264	if (ctxt == NULL \|\| !ctxt->enabled \|\| ctxt->is_proxy)
1265	return DECLINED;
1266
1267	if (ctxt->sc != r_sc)
1268	{
1269	ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_SUCCESS, ctxt->c,
1270	"%s: Mismatch between handshake and request servers!",
1271	__func__);
1272	return HTTP_MISDIRECTED_REQUEST;
1273	}
1274
1275	if (!ctxt->sni_name)
1276	return DECLINED;
1277
1278	/* Got an SNI name, so verify it matches. */
1279	ap_log_cerror(APLOG_MARK, APLOG_TRACE1, APR_SUCCESS, ctxt->c,
1280	"%s: Checking request hostname against SNI name '%s'.",
1281	__func__, ctxt->sni_name);
1282
1283	if (!r->hostname)
1284	{
1285	ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, r->connection,
1286	"Client requested '%s' via SNI, but provided "
1287	"no hostname in HTTP request!", ctxt->sni_name);
1288	return HTTP_MISDIRECTED_REQUEST;
1289	}
1290
1291	if (strcasecmp(r->hostname, ctxt->sni_name) != 0)
1292	{
1293	ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, r->connection,
1294	"Client requested '%s' via SNI, but '%s' in "
1295	"the HTTP request!", ctxt->sni_name, r->hostname);
1296	return HTTP_MISDIRECTED_REQUEST;
1297	}
1298
1299	return DECLINED;
1300	}
1301
1302
1303
1304	int mgs_hook_fixups(request_rec * r) {
1305	unsigned char sbuf[GNUTLS_MAX_SESSION_ID];
1306	const char *tmp;
1307	size_t len;
1308	mgs_handle_t *ctxt;
1309	int rv = OK;
1310
1311	if (r == NULL)
1312	return DECLINED;
1313
1314	_gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
1315	apr_table_t *env = r->subprocess_env;
1316
1317	ctxt = get_effective_gnutls_ctxt(r->connection);
1318
1319	if (!ctxt \|\| ctxt->enabled != GNUTLS_ENABLED_TRUE \|\| ctxt->session == NULL)
1320	{
1321	ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "request declined in %s", __func__);
1322	return DECLINED;
1323	}
1324
1325	apr_table_setn(env, "HTTPS", "on");
1326
1327	apr_table_setn(env, "SSL_VERSION_LIBRARY",
1328	"GnuTLS/" LIBGNUTLS_VERSION);
1329	apr_table_setn(env, "SSL_VERSION_INTERFACE",
1330	"mod_gnutls/" MOD_GNUTLS_VERSION);
1331
1332	apr_table_setn(env, "SSL_PROTOCOL",
1333	gnutls_protocol_get_name(gnutls_protocol_get_version(ctxt->session)));
1334
1335	/* should have been called SSL_CIPHERSUITE instead */
1336	apr_table_setn(env, "SSL_CIPHER",
1337	gnutls_cipher_suite_get_name(gnutls_kx_get(ctxt->session),
1338	gnutls_cipher_get(ctxt->session),
1339	gnutls_mac_get(ctxt->session)));
1340
1341	/* Compression support has been removed since GnuTLS 3.6.0 */
1342	apr_table_setn(env, "SSL_COMPRESS_METHOD", "NULL");
1343
1344	#ifdef ENABLE_SRP
1345	if (ctxt->sc->srp_tpasswd_conf_file != NULL && ctxt->sc->srp_tpasswd_file != NULL) {
1346	tmp = gnutls_srp_server_get_username(ctxt->session);
1347	apr_table_setn(env, "SSL_SRP_USER", (tmp != NULL) ? tmp : "");
1348	} else {
1349	apr_table_unset(env, "SSL_SRP_USER");
1350	}
1351	#endif
1352
1353	if (apr_table_get(env, "SSL_CLIENT_VERIFY") == NULL)
1354	apr_table_setn(env, "SSL_CLIENT_VERIFY", "NONE");
1355
1356	unsigned int key_size = 8 * gnutls_cipher_get_key_size(gnutls_cipher_get(ctxt->session));
1357	tmp = apr_psprintf(r->pool, "%u", key_size);
1358
1359	apr_table_setn(env, "SSL_CIPHER_USEKEYSIZE", tmp);
1360
1361	apr_table_setn(env, "SSL_CIPHER_ALGKEYSIZE", tmp);
1362
1363	apr_table_setn(env, "SSL_CIPHER_EXPORT",
1364	(key_size <= 40) ? "true" : "false");
1365
1366	int dhsize = gnutls_dh_get_prime_bits(ctxt->session);
1367	if (dhsize > 0) {
1368	tmp = apr_psprintf(r->pool, "%d", dhsize);
1369	apr_table_setn(env, "SSL_DH_PRIME_BITS", tmp);
1370	}
1371
1372	len = sizeof (sbuf);
1373	gnutls_session_get_id(ctxt->session, sbuf, &len);
1374	apr_table_setn(env, "SSL_SESSION_ID",
1375	apr_pescape_hex(r->pool, sbuf, len, 0));
1376
1377	if (gnutls_certificate_type_get(ctxt->session) == GNUTLS_CRT_X509) {
1378	mgs_add_common_cert_vars(r, ctxt->sc->certs_x509_crt_chain[0], 0,
1379	ctxt->sc->export_certificates_size);
1380	}
1381
1382	return rv;
1383	}
1384
1385	int mgs_hook_authz(request_rec * r) {
1386	int rv;
1387	mgs_handle_t *ctxt;
1388	mgs_dirconf_rec *dc;
1389
1390	if (r == NULL)
1391	return DECLINED;
1392
1393	dc = ap_get_module_config(r->per_dir_config, &gnutls_module);
1394
1395	_gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
1396	ctxt = get_effective_gnutls_ctxt(r->connection);
1397
1398	if (!ctxt \|\| ctxt->session == NULL) {
1399	return DECLINED;
1400	}
1401
1402	if (dc->client_verify_mode == GNUTLS_CERT_IGNORE) {
1403	ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
1404	"GnuTLS: Directory set to Ignore Client Certificate!");
1405	} else {
1406	if (ctxt->sc->client_verify_mode < dc->client_verify_mode) {
1407	ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
1408	"GnuTLS: Attempting to rehandshake with peer. %d %d",
1409	ctxt->sc->client_verify_mode,
1410	dc->client_verify_mode);
1411
1412	/* If we already have a client certificate, there's no point in
1413	* re-handshaking... */
1414	rv = mgs_cert_verify(r, ctxt);
1415	if (rv != DECLINED && rv != HTTP_FORBIDDEN)
1416	return rv;
1417
1418	gnutls_certificate_server_set_request
1419	(ctxt->session, dc->client_verify_mode);
1420
1421	if (mgs_rehandshake(ctxt) != 0) {
1422	return HTTP_FORBIDDEN;
1423	}
1424	} else if (ctxt->sc->client_verify_mode ==
1425	GNUTLS_CERT_IGNORE) {
1426	#if MOD_GNUTLS_DEBUG
1427	ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1428	"GnuTLS: Peer is set to IGNORE");
1429	#endif
1430	return DECLINED;
1431	}
1432	rv = mgs_cert_verify(r, ctxt);
1433	if (rv != DECLINED
1434	&& (rv != HTTP_FORBIDDEN
1435	\|\| dc->client_verify_mode == GNUTLS_CERT_REQUIRE
1436	\|\| (dc->client_verify_mode == -1
1437	&& ctxt->sc->client_verify_mode == GNUTLS_CERT_REQUIRE)))
1438	{
1439	return rv;
1440	}
1441	}
1442
1443	return DECLINED;
1444	}
1445
1446	/* variables that are not sent by default:
1447	*
1448	* SSL_CLIENT_CERT string PEM-encoded client certificate
1449	* SSL_SERVER_CERT string PEM-encoded client certificate
1450	*/
1451
1452	/* @param side is either 0 for SERVER or 1 for CLIENT
1453	*
1454	* @param export_cert_size (int) maximum size for environment variable
1455	* to use for the PEM-encoded certificate (0 means do not export)
1456	*/
1457	#define MGS_SIDE(suffix) ((side==0) ? "SSL_SERVER" suffix : "SSL_CLIENT" suffix)
1458
1459	static void mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt_t cert, int side, size_t export_cert_size) {
1460	unsigned char sbuf[64]; /* buffer to hold serials */
1461	char buf[AP_IOBUFSIZE];
1462	const char *tmp;
1463	char *tmp2;
1464	size_t len;
1465	int ret;
1466
1467	if (r == NULL)
1468	return;
1469
1470	apr_table_t *env = r->subprocess_env;
1471
1472	_gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
1473	if (export_cert_size > 0) {
1474	len = 0;
1475	ret = gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_PEM, NULL, &len);
1476	if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
1477	if (len >= export_cert_size) {
1478	apr_table_setn(env, MGS_SIDE("_CERT"), "GNUTLS_CERTIFICATE_SIZE_LIMIT_EXCEEDED");
1479	ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1480	"GnuTLS: Failed to export too-large X.509 certificate to environment");
1481	} else {
1482	char* cert_buf = apr_palloc(r->pool, len + 1);
1483	if (cert_buf != NULL && gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_PEM, cert_buf, &len) >= 0) {
1484	cert_buf[len] = 0;
1485	apr_table_setn(env, MGS_SIDE("_CERT"), cert_buf);
1486	} else {
1487	ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
1488	"GnuTLS: failed to export X.509 certificate");
1489	}
1490	}
1491	} else {
1492	ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
1493	"GnuTLS: dazed and confused about X.509 certificate size");
1494	}
1495	}
1496
1497	len = sizeof (buf);
1498	gnutls_x509_crt_get_dn(cert, buf, &len);
1499	apr_table_setn(env, MGS_SIDE("_S_DN"), apr_pstrmemdup(r->pool, buf, len));
1500
1501	len = sizeof (buf);
1502	gnutls_x509_crt_get_issuer_dn(cert, buf, &len);
1503	apr_table_setn(env, MGS_SIDE("_I_DN"), apr_pstrmemdup(r->pool, buf, len));
1504
1505	len = sizeof (sbuf);
1506	gnutls_x509_crt_get_serial(cert, sbuf, &len);
1507	apr_table_setn(env, MGS_SIDE("_M_SERIAL"),
1508	apr_pescape_hex(r->pool, sbuf, len, 0));
1509
1510	ret = gnutls_x509_crt_get_version(cert);
1511	if (ret > 0)
1512	apr_table_setn(env, MGS_SIDE("_M_VERSION"),
1513	apr_psprintf(r->pool, "%u", ret));
1514
1515	apr_table_setn(env, MGS_SIDE("_CERT_TYPE"), "X.509");
1516
1517	tmp =
1518	mgs_time2sz(gnutls_x509_crt_get_expiration_time
1519	(cert), buf, sizeof (buf));
1520	apr_table_setn(env, MGS_SIDE("_V_END"), apr_pstrdup(r->pool, tmp));
1521
1522	tmp =
1523	mgs_time2sz(gnutls_x509_crt_get_activation_time
1524	(cert), buf, sizeof (buf));
1525	apr_table_setn(env, MGS_SIDE("_V_START"), apr_pstrdup(r->pool, tmp));
1526
1527	ret = gnutls_x509_crt_get_signature_algorithm(cert);
1528	if (ret >= 0) {
1529	apr_table_setn(env, MGS_SIDE("_A_SIG"),
1530	gnutls_sign_algorithm_get_name(ret));
1531	}
1532
1533	ret = gnutls_x509_crt_get_pk_algorithm(cert, NULL);
1534	if (ret >= 0) {
1535	apr_table_setn(env, MGS_SIDE("_A_KEY"),
1536	gnutls_pk_algorithm_get_name(ret));
1537	}
1538
1539	/* export all the alternative names (DNS, RFC822 and URI) */
1540	for (int i = 0; !(ret < 0); i++)
1541	{
1542	const char san, sanlabel;
1543	len = 0;
1544	ret = gnutls_x509_crt_get_subject_alt_name(cert, i,
1545	NULL, &len,
1546	NULL);
1547
1548	if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER && len > 1) {
1549	tmp2 = apr_palloc(r->pool, len + 1);
1550
1551	ret =
1552	gnutls_x509_crt_get_subject_alt_name(cert, i,
1553	tmp2,
1554	&len,
1555	NULL);
1556	tmp2[len] = 0;
1557
1558	sanlabel = apr_psprintf(r->pool, "%s%u", MGS_SIDE("_S_AN"), i);
1559	if (ret == GNUTLS_SAN_DNSNAME) {
1560	san = apr_psprintf(r->pool, "DNSNAME:%s", tmp2);
1561	} else if (ret == GNUTLS_SAN_RFC822NAME) {
1562	san = apr_psprintf(r->pool, "RFC822NAME:%s", tmp2);
1563	} else if (ret == GNUTLS_SAN_URI) {
1564	san = apr_psprintf(r->pool, "URI:%s", tmp2);
1565	} else {
1566	san = "UNSUPPORTED";
1567	}
1568	apr_table_setn(env, sanlabel, san);
1569	}
1570	}
1571	}
1572
1573
1574
1575	/* TODO: Allow client sending a X.509 certificate chain */
1576	static int mgs_cert_verify(request_rec * r, mgs_handle_t * ctxt) {
1577	const gnutls_datum_t *cert_list;
1578	unsigned int cert_list_size;
1579	/* assume the certificate is invalid unless explicitly set
1580	* otherwise */
1581	unsigned int status = GNUTLS_CERT_INVALID;
1582	int rv = GNUTLS_E_NO_CERTIFICATE_FOUND, ret;
1583	unsigned int ch_size = 0;
1584
1585	// TODO: union no longer needed here after removing its "pgp" component.
1586	union {
1587	gnutls_x509_crt_t x509[MAX_CHAIN_SIZE];
1588	} cert;
1589	apr_time_t expiration_time, cur_time;
1590
1591	if (r == NULL \|\| ctxt == NULL \|\| ctxt->session == NULL)
1592	return HTTP_FORBIDDEN;
1593
1594	_gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
1595	cert_list =
1596	gnutls_certificate_get_peers(ctxt->session, &cert_list_size);
1597
1598	if (cert_list == NULL \|\| cert_list_size == 0) {
1599	/* It is perfectly OK for a client not to send a certificate if on REQUEST mode
1600	*/
1601	if (ctxt->sc->client_verify_mode == GNUTLS_CERT_REQUEST)
1602	return OK;
1603
1604	/* no certificate provided by the client, but one was required. */
1605	ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1606	"GnuTLS: Failed to Verify Peer: "
1607	"Client did not submit a certificate");
1608	return HTTP_FORBIDDEN;
1609	}
1610
1611	if (gnutls_certificate_type_get(ctxt->session) == GNUTLS_CRT_X509) {
1612	ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
1613	"GnuTLS: A Chain of %d certificate(s) was provided for validation",
1614	cert_list_size);
1615
1616	for (ch_size = 0; ch_size < cert_list_size; ch_size++) {
1617	gnutls_x509_crt_init(&cert.x509[ch_size]);
1618	rv = gnutls_x509_crt_import(cert.x509[ch_size],
1619	&cert_list[ch_size],
1620	GNUTLS_X509_FMT_DER);
1621	// When failure to import, leave the loop
1622	if (rv != GNUTLS_E_SUCCESS) {
1623	if (ch_size < 1) {
1624	ap_log_rerror(APLOG_MARK,
1625	APLOG_INFO, 0, r,
1626	"GnuTLS: Failed to Verify Peer: "
1627	"Failed to import peer certificates.");
1628	ret = HTTP_FORBIDDEN;
1629	goto exit;
1630	}
1631	ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1632	"GnuTLS: Failed to import some peer certificates. Using %d certificates",
1633	ch_size);
1634	rv = GNUTLS_E_SUCCESS;
1635	break;
1636	}
1637	}
1638	} else
1639	return HTTP_FORBIDDEN;
1640
1641	if (rv < 0) {
1642	ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1643	"GnuTLS: Failed to Verify Peer: "
1644	"Failed to import peer certificates.");
1645	ret = HTTP_FORBIDDEN;
1646	goto exit;
1647	}
1648
1649	if (gnutls_certificate_type_get(ctxt->session) == GNUTLS_CRT_X509) {
1650	apr_time_ansi_put(&expiration_time,
1651	gnutls_x509_crt_get_expiration_time
1652	(cert.x509[0]));
1653
1654	ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
1655	"GnuTLS: Verifying list of %d certificate(s) via method '%s'",
1656	ch_size, mgs_readable_cvm(ctxt->sc->client_verify_method));
1657	switch(ctxt->sc->client_verify_method) {
1658	case mgs_cvm_cartel:
1659	rv = gnutls_x509_crt_list_verify(cert.x509, ch_size,
1660	ctxt->sc->ca_list,
1661	ctxt->sc->ca_list_size,
1662	NULL, 0, 0, &status);
1663	break;
1664	#ifdef ENABLE_MSVA
1665	case mgs_cvm_msva:
1666	{
1667	struct msv_response* resp = NULL;
1668	struct msv_query q = { .context="https", .peertype="client", .pkctype="x509pem" };
1669	msv_ctxt_t ctx = msv_ctxt_init(NULL);
1670	char cert_pem_buf[10 * 1024];
1671	size_t len = sizeof (cert_pem_buf);
1672
1673	rv = 0;
1674	if (gnutls_x509_crt_export(cert.x509[0], GNUTLS_X509_FMT_PEM, cert_pem_buf, &len) >= 0) {
1675	/* FIXME : put together a name from the cert we received, instead of hard-coding this value: */
1676	q.peername = mgs_x509_construct_uid(r, cert.x509[0]);
1677	q.pkcdata = cert_pem_buf;
1678	rv = msv_query_agent(ctx, q, &resp);
1679	if (rv == LIBMSV_ERROR_SUCCESS) {
1680	status = 0;
1681	} else if (rv == LIBMSV_ERROR_INVALID) {
1682	ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
1683	"GnuTLS: Monkeysphere validation failed: (message: %s)", resp->message);
1684	status = GNUTLS_CERT_INVALID;
1685	} else {
1686	ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
1687	"GnuTLS: Error communicating with the Monkeysphere Validation Agent: (%d) %s", rv, msv_strerror(ctx, rv));
1688	status = GNUTLS_CERT_INVALID;
1689	rv = -1;
1690	}
1691	} else {
1692	ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1693	"GnuTLS: Could not convert the client certificate to PEM format");
1694	status = GNUTLS_CERT_INVALID;
1695	rv = GNUTLS_E_ASN1_ELEMENT_NOT_FOUND;
1696	}
1697	msv_response_destroy(resp);
1698	msv_ctxt_destroy(ctx);
1699	}
1700	break;
1701	#endif
1702	default:
1703	/* If this block is reached, that indicates a
1704	* configuration error or bug in mod_gnutls (invalid value
1705	* of ctxt->sc->client_verify_method). */
1706	ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1707	"GnuTLS: Failed to Verify X.509 Peer: method '%s' is not supported",
1708	mgs_readable_cvm(ctxt->sc->client_verify_method));
1709	rv = GNUTLS_E_UNIMPLEMENTED_FEATURE;
1710	}
1711
1712	} else {
1713	/* Unknown certificate type */
1714	rv = GNUTLS_E_UNIMPLEMENTED_FEATURE;
1715	}
1716
1717	/* "goto exit" at the end of this block skips evaluation of the
1718	* "status" variable */
1719	if (rv < 0) {
1720	ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1721	"GnuTLS: Failed to Verify Peer certificate: (%d) %s",
1722	rv, gnutls_strerror(rv));
1723	if (rv == GNUTLS_E_NO_CERTIFICATE_FOUND)
1724	ap_log_rerror(APLOG_MARK, APLOG_EMERG, 0, r,
1725	"GnuTLS: No certificate was found for verification. Did you set the GnuTLSClientCAFile directive?");
1726	ret = HTTP_FORBIDDEN;
1727	goto exit;
1728	}
1729
1730	/* TODO: X509 CRL Verification. */
1731	/* May add later if anyone needs it.
1732	*/
1733	/* ret = gnutls_x509_crt_check_revocation(crt, crl_list, crl_list_size); */
1734
1735	cur_time = apr_time_now();
1736
1737	if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) {
1738	ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1739	"GnuTLS: Could not find Signer for Peer Certificate");
1740	}
1741
1742	if (status & GNUTLS_CERT_SIGNER_NOT_CA) {
1743	ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1744	"GnuTLS: Peer's Certificate signer is not a CA");
1745	}
1746
1747	if (status & GNUTLS_CERT_INSECURE_ALGORITHM) {
1748	ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1749	"GnuTLS: Peer's Certificate is using insecure algorithms");
1750	}
1751
1752	if (status & GNUTLS_CERT_EXPIRED
1753	\|\| status & GNUTLS_CERT_NOT_ACTIVATED) {
1754	ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1755	"GnuTLS: Peer's Certificate signer is expired or not yet activated");
1756	}
1757
1758	if (status & GNUTLS_CERT_INVALID) {
1759	ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1760	"GnuTLS: Peer Certificate is invalid.");
1761	} else if (status & GNUTLS_CERT_REVOKED) {
1762	ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1763	"GnuTLS: Peer Certificate is revoked.");
1764	}
1765
1766	mgs_add_common_cert_vars(r, cert.x509[0], 1, ctxt->sc->export_certificates_size);
1767
1768	{
1769	/* days remaining */
1770	unsigned long remain =
1771	(apr_time_sec(expiration_time) -
1772	apr_time_sec(cur_time)) / 86400;
1773	apr_table_setn(r->subprocess_env, "SSL_CLIENT_V_REMAIN",
1774	apr_psprintf(r->pool, "%lu", remain));
1775	}
1776
1777	if (status == 0) {
1778	apr_table_setn(r->subprocess_env, "SSL_CLIENT_VERIFY",
1779	"SUCCESS");
1780	ret = OK;
1781	} else {
1782	apr_table_setn(r->subprocess_env, "SSL_CLIENT_VERIFY",
1783	"FAILED");
1784	if (ctxt->sc->client_verify_mode == GNUTLS_CERT_REQUEST)
1785	ret = OK;
1786	else
1787	ret = HTTP_FORBIDDEN;
1788	}
1789
1790	exit:
1791	if (gnutls_certificate_type_get(ctxt->session) == GNUTLS_CRT_X509)
1792	for (unsigned int i = 0; i < ch_size; i++)
1793	gnutls_x509_crt_deinit(cert.x509[i]);
1794
1795	return ret;
1796	}
1797
1798
1799
1800	#ifdef ENABLE_MSVA
1801	/* this section of code is used only when trying to talk to the MSVA */
1802	static const char* mgs_x509_leaf_oid_from_dn(apr_pool_t pool, const char oid, gnutls_x509_crt_t cert) {
1803	int rv=GNUTLS_E_SUCCESS, i;
1804	size_t sz=0, lastsz=0;
1805	char* data=NULL;
1806
1807	i = -1;
1808	while(rv != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
1809	i++;
1810	lastsz=sz;
1811	sz=0;
1812	rv = gnutls_x509_crt_get_dn_by_oid (cert, oid, i, 0, NULL, &sz);
1813	}
1814	if (i > 0) {
1815	data = apr_palloc(pool, lastsz);
1816	sz=lastsz;
1817	rv = gnutls_x509_crt_get_dn_by_oid (cert, oid, i-1, 0, data, &sz);
1818	if (rv == GNUTLS_E_SUCCESS)
1819	return data;
1820	}
1821	return NULL;
1822	}
1823
1824	static const char* mgs_x509_first_type_from_san(apr_pool_t *pool, gnutls_x509_subject_alt_name_t target, gnutls_x509_crt_t cert) {
1825	int rv=GNUTLS_E_SUCCESS;
1826	size_t sz;
1827	char* data=NULL;
1828	unsigned int i;
1829	gnutls_x509_subject_alt_name_t thistype;
1830
1831	i = 0;
1832	while(rv != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
1833	sz = 0;
1834	rv = gnutls_x509_crt_get_subject_alt_name2(cert, i, NULL, &sz, &thistype, NULL);
1835	if (rv == GNUTLS_E_SHORT_MEMORY_BUFFER && thistype == target) {
1836	data = apr_palloc(pool, sz);
1837	rv = gnutls_x509_crt_get_subject_alt_name2(cert, i, data, &sz, &thistype, NULL);
1838	if (rv >=0 && (thistype == target))
1839	return data;
1840	}
1841	i++;
1842	}
1843	return NULL;
1844	}
1845
1846
1847	/* Create a string representing a candidate User ID from an X.509
1848	* certificate
1849
1850	* We need this for client certification because a client gives us a
1851	* certificate, but doesn't tell us (in any other way) who they are
1852	* trying to authenticate as.
1853
1854	* one complaint might be "but the user wanted to be another identity,
1855	* which is also in the certificate (e.g. in a SubjectAltName)"
1856	* However, given that any user can regenerate their own X.509
1857	* certificate with their own public key content, they should just do
1858	* so, and not expect us to guess at their identity :)
1859
1860	* This function allocates it's response from the pool given it. When
1861	* that pool is reclaimed, the response will also be deallocated.
1862
1863	* FIXME: what about extracting a server-style cert
1864	* (e.g. https://imposter.example) from the DN or any sAN?
1865
1866	* FIXME: what if we want to call this outside the context of a
1867	* request? That complicates the logging.
1868	*/
1869	static const char* mgs_x509_construct_uid(request_rec *r, gnutls_x509_crt_t cert) {
1870	/* basic strategy, assuming humans are the users: we are going to
1871	* try to reconstruct a "conventional" User ID by pulling in a
1872	* name, comment, and e-mail address.
1873	*/
1874	apr_pool_t *pool = r->pool;
1875	const char name=NULL, comment=NULL, *email=NULL;
1876	const char *ret=NULL;
1877	/* subpool for temporary allocation: */
1878	apr_pool_t *sp=NULL;
1879
1880	if (APR_SUCCESS != apr_pool_create(&sp, pool))
1881	return NULL; /* i'm assuming that libapr would log this kind
1882	* of error on its own */
1883
1884	/* Name
1885
1886	the name comes from the leaf commonName of the cert's Subject.
1887
1888	(MAYBE: should we look at trying to assemble a candidate from
1889	givenName, surName, suffix, etc? the "name" field
1890	appears to be case-insensitive, which seems problematic
1891	from what we expect; see:
1892	http://www.itu.int/rec/T-REC-X.520-200102-s/e )
1893
1894	(MAYBE: should we try pulling a commonName or otherName or
1895	something from subjectAltName? see:
1896	https://tools.ietf.org/html/rfc5280#section-4.2.1.6
1897	GnuTLS does not support looking for Common Names in the
1898	SAN yet)
1899	*/
1900	name = mgs_x509_leaf_oid_from_dn(sp, GNUTLS_OID_X520_COMMON_NAME, cert);
1901
1902	/* Comment
1903
1904	I am inclined to punt on this for now, as Comment has been so
1905	atrociously misused in OpenPGP. Perhaps if there is a
1906	pseudonym (OID 2.5.4.65, aka GNUTLS_OID_X520_PSEUDONYM) field
1907	in the subject or sAN?
1908	*/
1909	comment = mgs_x509_leaf_oid_from_dn(sp, GNUTLS_OID_X520_PSEUDONYM, cert);
1910
1911	/* E-mail
1912
1913	This should be the the first rfc822Name from the sAN.
1914
1915	failing that, we'll take the leaf email in the certificate's
1916	subject; this is a deprecated use though.
1917	*/
1918	email = mgs_x509_first_type_from_san(sp, GNUTLS_SAN_RFC822NAME, cert);
1919	if (email == NULL)
1920	email = mgs_x509_leaf_oid_from_dn(sp, GNUTLS_OID_PKCS9_EMAIL, cert);
1921
1922	/* assemble all the parts: */
1923
1924	/* must have at least a name or an e-mail. */
1925	if (name == NULL && email == NULL) {
1926	ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
1927	"GnuTLS: Need either a name or an e-mail address to get a User ID from an X.509 certificate.");
1928	goto end;
1929	}
1930	if (name) {
1931	if (comment) {
1932	if (email) {
1933	ret = apr_psprintf(pool, "%s (%s) <%s>", name, comment, email);
1934	} else {
1935	ret = apr_psprintf(pool, "%s (%s)", name, comment);
1936	}
1937	} else {
1938	if (email) {
1939	ret = apr_psprintf(pool, "%s <%s>", name, email);
1940	} else {
1941	ret = apr_pstrdup(pool, name);
1942	}
1943	}
1944	} else {
1945	if (comment) {
1946	ret = apr_psprintf(pool, "(%s) <%s>", comment, email);
1947	} else {
1948	ret = apr_psprintf(pool, "<%s>", email);
1949	}
1950	}
1951
1952	end:
1953	apr_pool_destroy(sp);
1954	return ret;
1955	}
1956	#endif /* ENABLE_MSVA */
1957
1958
1959
1960	/*
1961	* This hook writes the mod_gnutls status message for a mod_status
1962	* report. According to the comments in mod_status.h, the "flags"
1963	* parameter is a bitwise OR of the AP_STATUS_ flags.
1964	*
1965	* Note that this implementation gives flags explicitly requesting a
1966	* simple response priority, e.g. if AP_STATUS_SHORT is set, flags
1967	* requesting an HTML report will be ignored. As of Apache 2.4.10, the
1968	* following flags were defined in mod_status.h:
1969	*
1970	* AP_STATUS_SHORT (short, non-HTML report requested)
1971	* AP_STATUS_NOTABLE (HTML report without tables)
1972	* AP_STATUS_EXTENDED (detailed report)
1973	*/
1974	static int mgs_status_hook(request_rec *r, int flags)
1975	{
1976	if (r == NULL)
1977	return OK;
1978
1979	mgs_srvconf_rec sc = (mgs_srvconf_rec )
1980	ap_get_module_config(r->server->module_config, &gnutls_module);
1981
1982	_gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
1983
1984	if (flags & AP_STATUS_SHORT)
1985	{
1986	ap_rprintf(r, "Using GnuTLS version: %s\n", gnutls_check_version(NULL));
1987	ap_rputs("Built against GnuTLS version: " GNUTLS_VERSION "\n", r);
1988	}
1989	else
1990	{
1991	ap_rputs("<hr>\n", r);
1992	ap_rputs("<h2>GnuTLS Information:</h2>\n<dl>\n", r);
1993
1994	ap_rprintf(r, "<dt>Using GnuTLS version:</dt><dd>%s</dd>\n",
1995	gnutls_check_version(NULL));
1996	ap_rputs("<dt>Built against GnuTLS version:</dt><dd>"
1997	GNUTLS_VERSION "</dd>\n", r);
1998	ap_rprintf(r, "<dt>Using TLS:</dt><dd>%s</dd>\n",
1999	(sc->enabled == GNUTLS_ENABLED_FALSE ? "no" : "yes"));
2000	}
2001
2002	if (sc->enabled != GNUTLS_ENABLED_FALSE)
2003	{
2004	mgs_handle_t* ctxt = get_effective_gnutls_ctxt(r->connection);
2005	if (ctxt && ctxt->session != NULL)
2006	{
2007	char* s_info = gnutls_session_get_desc(ctxt->session);
2008	if (s_info)
2009	{
2010	if (flags & AP_STATUS_SHORT)
2011	ap_rprintf(r, "Current TLS session: %s\n", s_info);
2012	else
2013	ap_rprintf(r, "<dt>Current TLS session:</dt><dd>%s</dd>\n",
2014	s_info);
2015	gnutls_free(s_info);
2016	}
2017	}
2018	}
2019
2020	if (!(flags & AP_STATUS_SHORT))
2021	ap_rputs("</dl>\n", r);
2022
2023	if (sc->ocsp_cache)
2024	mgs_cache_status(sc->ocsp_cache, "GnuTLS OCSP Cache", r, flags);
2025	if (sc->cache_enable)
2026	mgs_cache_status(sc->cache, "GnuTLS Session Cache", r, flags);
2027
2028	return OK;
2029	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: mod_gnutls/src/gnutls_hooks.c @ 1c3853a

Download in other formats: