31 #elif defined(_MSC_VER) 37 #if defined(ENABLE_CRYPTO_OPENSSL) 49 #ifdef ENABLE_CRYPTOAPI 55 #include <openssl/bn.h> 56 #include <openssl/crypto.h> 57 #include <openssl/dh.h> 58 #include <openssl/dsa.h> 59 #include <openssl/err.h> 60 #include <openssl/pkcs12.h> 61 #include <openssl/rsa.h> 62 #include <openssl/x509.h> 63 #include <openssl/ssl.h> 65 #include <openssl/ec.h> 81 SSL_load_error_strings();
83 OpenSSL_add_all_algorithms();
85 mydata_index = SSL_get_ex_new_index(0,
"struct session *", NULL, NULL, NULL);
109 ctx->
ctx = SSL_CTX_new(SSLv23_server_method());
111 if (ctx->
ctx == NULL)
122 ctx->
ctx = SSL_CTX_new(SSLv23_client_method());
124 if (ctx->
ctx == NULL)
134 if (NULL != ctx->
ctx)
136 SSL_CTX_free(ctx->
ctx);
145 return NULL != ctx->
ctx;
154 #if (OPENSSL_VERSION_NUMBER >= 0x10001000) 157 unsigned char *ekm = (
unsigned char *)
gc_malloc(size,
true, &gc);
159 if (SSL_export_keying_material(ssl->
ssl, ekm, size,
162 unsigned int len = (size * 2) + 2;
172 msg(
M_WARN,
"WARNING: Export keying material failed!");
184 #ifndef INFO_CALLBACK_SSL_CONST 185 #define INFO_CALLBACK_SSL_CONST const 190 if (where & SSL_CB_LOOP)
193 where & SSL_ST_CONNECT ?
"connect" :
194 where &SSL_ST_ACCEPT ?
"accept" :
195 "undefined", SSL_state_string_long(s));
197 else if (where & SSL_CB_ALERT)
200 where & SSL_CB_READ ?
"read" :
"write",
201 SSL_alert_type_string_long(ret),
202 SSL_alert_desc_string_long(ret));
214 #if defined(TLS1_3_VERSION) 216 #elif defined(TLS1_2_VERSION) || defined(SSL_OP_NO_TLSv1_2) 218 #elif defined(TLS1_1_VERSION) || defined(SSL_OP_NO_TLSv1_1) 235 return TLS1_1_VERSION;
239 return TLS1_2_VERSION;
241 #if defined(TLS1_3_VERSION) 244 return TLS1_3_VERSION;
262 tls_ver_min = cur_min < TLS1_VERSION ? TLS1_VERSION : cur_min;
286 long sslopt = SSL_OP_SINGLE_DH_USE | SSL_OP_NO_TICKET;
287 #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE 288 sslopt |= SSL_OP_CIPHER_SERVER_PREFERENCE;
290 sslopt |= SSL_OP_NO_COMPRESSION;
292 SSL_CTX_set_options(ctx->
ctx, sslopt);
299 #ifdef SSL_MODE_RELEASE_BUFFERS 300 SSL_CTX_set_mode(ctx->
ctx, SSL_MODE_RELEASE_BUFFERS);
302 SSL_CTX_set_session_cache_mode(ctx->
ctx, SSL_SESS_CACHE_OFF);
306 int verify_flags = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
314 verify_flags = SSL_VERIFY_PEER;
328 size_t begin_of_cipher, end_of_cipher;
330 const char *current_cipher;
331 size_t current_cipher_len;
335 size_t openssl_ciphers_len = 0;
336 openssl_ciphers[0] =
'\0';
339 begin_of_cipher = end_of_cipher = 0;
340 for (; begin_of_cipher < strlen(ciphers); begin_of_cipher = end_of_cipher)
342 end_of_cipher += strcspn(&ciphers[begin_of_cipher],
":");
345 if (NULL == cipher_pair)
348 current_cipher = &ciphers[begin_of_cipher];
349 current_cipher_len = end_of_cipher - begin_of_cipher;
354 msg(
D_LOW,
"No valid translation found for TLS cipher '%.*s'",
361 current_cipher_len = strlen(current_cipher);
363 if (end_of_cipher - begin_of_cipher == current_cipher_len
364 && 0 != memcmp(&ciphers[begin_of_cipher], cipher_pair->
iana_name,
365 end_of_cipher - begin_of_cipher))
373 if ((SIZE_MAX - openssl_ciphers_len) < current_cipher_len
374 || (len - 1) < (openssl_ciphers_len + current_cipher_len))
377 "Failed to set restricted TLS cipher list, too long (>%d).",
382 memcpy(&openssl_ciphers[openssl_ciphers_len], current_cipher, current_cipher_len);
383 openssl_ciphers_len += current_cipher_len;
384 openssl_ciphers[openssl_ciphers_len] =
':';
385 openssl_ciphers_len++;
390 if (openssl_ciphers_len > 0)
392 openssl_ciphers[openssl_ciphers_len-1] =
'\0';
402 if (!SSL_CTX_set_cipher_list(ctx->
ctx,
419 char openssl_ciphers[4096];
425 if (!SSL_CTX_set_cipher_list(ctx->
ctx, openssl_ciphers))
427 crypto_msg(
M_FATAL,
"Failed to set restricted TLS cipher list: %s", openssl_ciphers);
440 if (strlen(ciphers) >= (len - 1))
443 "Failed to set restricted TLS 1.3 cipher list, too long (>%d).",
447 strncpy(openssl_ciphers, ciphers, len);
449 for (
size_t i = 0; i < strlen(openssl_ciphers); i++)
451 if (openssl_ciphers[i] ==
'-')
453 openssl_ciphers[i] =
'_';
468 #if (OPENSSL_VERSION_NUMBER < 0x1010100fL) 470 "Ignoring TLS 1.3 only tls-ciphersuites '%s' setting.",
475 char openssl_ciphers[4096];
479 if (!SSL_CTX_set_ciphersuites(ctx->
ctx, openssl_ciphers))
490 #ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL 495 if (!profile || 0 == strcmp(profile,
"legacy"))
497 SSL_CTX_set_security_level(ctx->
ctx, 1);
499 else if (0 == strcmp(profile,
"preferred"))
501 SSL_CTX_set_security_level(ctx->
ctx, 2);
503 else if (0 == strcmp(profile,
"suiteb"))
505 SSL_CTX_set_security_level(ctx->
ctx, 3);
506 SSL_CTX_set_cipher_list(ctx->
ctx,
"SUITEB128");
510 msg(
M_FATAL,
"ERROR: Invalid cert profile: %s", profile);
515 msg(
M_WARN,
"WARNING: OpenSSL 1.0.1 does not support --tls-cert-profile" 516 ", ignoring user-set profile: '%s'", profile);
529 #if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) 531 cert = SSL_CTX_get0_certificate(ctx->
ctx);
534 SSL *ssl = SSL_new(ctx->
ctx);
535 cert = SSL_get_certificate(ssl);
543 ret = X509_cmp_time(X509_get_notBefore(cert), NULL);
550 msg(
M_WARN,
"WARNING: Your certificate is not yet valid!");
553 ret = X509_cmp_time(X509_get_notAfter(cert), NULL);
560 msg(
M_WARN,
"WARNING: Your certificate has expired!");
564 #if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) 572 const char *dh_file_inline
582 if (!(bio = BIO_new_mem_buf((
char *)dh_file_inline, -1)))
590 if (!(bio = BIO_new_file(dh_file,
"r")))
596 dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
603 if (!SSL_CTX_set_tmp_dh(ctx->
ctx, dh))
618 #ifndef OPENSSL_NO_EC 621 const char *sname = NULL;
624 SSL_CTX_set_options(ctx->
ctx, SSL_OP_SINGLE_ECDH_USE);
626 if (curve_name != NULL)
629 msg(
D_TLS_DEBUG,
"Using user specified ECDH curve (%s)", curve_name);
630 nid = OBJ_sn2nid(curve_name);
634 #if OPENSSL_VERSION_NUMBER >= 0x10002000L 637 SSL_CTX_set_ecdh_auto(ctx->
ctx, 1);
641 EC_KEY *eckey = NULL;
642 const EC_GROUP *ecgrp = NULL;
643 EVP_PKEY *pkey = NULL;
646 SSL *ssl = SSL_new(ctx->
ctx);
651 pkey = SSL_get_privatekey(ssl);
656 if (pkey != NULL && (eckey = EVP_PKEY_get1_EC_KEY(pkey)) != NULL
657 && (ecgrp = EC_KEY_get0_group(eckey)) != NULL)
659 nid = EC_GROUP_get_curve_name(ecgrp);
665 sname = OBJ_nid2sn(nid);
672 if (NID_undef == nid || NULL == (ecdh = EC_KEY_new_by_curve_name(nid)))
675 ecdh = EC_KEY_new_by_curve_name(NID_secp384r1);
676 const char *
source = (NULL == curve_name) ?
677 "extract curve from certificate" :
"use supplied curve";
679 "Failed to %s (%s), using secp384r1 instead.", source, sname);
680 sname = OBJ_nid2sn(NID_secp384r1);
683 if (!SSL_CTX_set_tmp_ecdh(ctx->
ctx, ecdh))
692 msg(
D_LOW,
"Your OpenSSL library was built without elliptic curve support." 693 " Skipping ECDH parameter loading.");
699 const char *pkcs12_file_inline,
715 BIO *b64 = BIO_new(BIO_f_base64());
716 BIO *bio = BIO_new_mem_buf((
void *) pkcs12_file_inline,
717 (
int) strlen(pkcs12_file_inline));
720 p12 = d2i_PKCS12_bio(b64, NULL);
735 p12 = d2i_PKCS12_fp(fp, NULL);
744 if (!PKCS12_parse(p12,
"", &pkey, &cert, &ca))
749 if (!PKCS12_parse(p12, password, &pkey, &cert, &ca))
751 #ifdef ENABLE_MANAGEMENT 752 if (
management && (ERR_GET_REASON(ERR_peek_error()) == PKCS12_R_MAC_VERIFY_FAILURE))
764 if (!SSL_CTX_use_certificate(ctx->
ctx, cert))
770 if (!SSL_CTX_use_PrivateKey(ctx->
ctx, pkey))
776 if (!SSL_CTX_check_private_key(ctx->
ctx))
788 if (ca && sk_X509_num(ca))
790 for (i = 0; i < sk_X509_num(ca); i++)
792 X509_STORE *cert_store = SSL_CTX_get_cert_store(ctx->
ctx);
793 if (!X509_STORE_add_cert(cert_store,sk_X509_value(ca, i)))
795 crypto_msg(
M_FATAL,
"Cannot add certificate to certificate chain (X509_STORE_add_cert)");
797 if (!SSL_CTX_add_client_CA(ctx->
ctx, sk_X509_value(ca, i)))
799 crypto_msg(
M_FATAL,
"Cannot add certificate to client CA list (SSL_CTX_add_client_CA)");
811 if (ca && sk_X509_num(ca))
813 for (i = 0; i < sk_X509_num(ca); i++)
815 if (!SSL_CTX_add_extra_chain_cert(ctx->
ctx,sk_X509_value(ca, i)))
817 crypto_msg(
M_FATAL,
"Cannot add extra certificate to chain (SSL_CTX_add_extra_chain_cert)");
825 #ifdef ENABLE_CRYPTOAPI 834 crypto_msg(
M_FATAL,
"Cannot load certificate \"%s\" from Microsoft Certificate Store", cryptoapi_cert);
846 if (!PEM_read_bio_X509(bio, &cert, NULL, NULL))
854 if (SSL_CTX_add_extra_chain_cert(ctx->
ctx, cert) != 1)
863 const char *cert_file_inline)
868 bool inline_file =
false;
874 if (inline_file && cert_file_inline)
876 in = BIO_new_mem_buf((
char *)cert_file_inline, -1);
880 in = BIO_new_file(cert_file,
"r");
885 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
889 x = PEM_read_bio_X509(in, NULL,
894 SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_PEM_LIB);
898 ret = SSL_CTX_use_certificate(ctx->
ctx, x);
929 const char *priv_key_file_inline
932 SSL_CTX *ssl_ctx = NULL;
934 EVP_PKEY *pkey = NULL;
943 in = BIO_new_mem_buf((
char *)priv_key_file_inline, -1);
947 in = BIO_new_file(priv_key_file,
"r");
955 pkey = PEM_read_bio_PrivateKey(in, NULL,
963 if (!SSL_CTX_use_PrivateKey(ssl_ctx, pkey))
965 #ifdef ENABLE_MANAGEMENT 966 if (
management && (ERR_GET_REASON(ERR_peek_error()) == EVP_R_BAD_DECRYPT))
976 if (!SSL_CTX_check_private_key(ssl_ctx))
996 const char *crl_inline)
998 X509_CRL *crl = NULL;
1001 X509_STORE *store = SSL_CTX_get_cert_store(ssl_ctx->
ctx);
1010 STACK_OF(X509_OBJECT) *objs = X509_STORE_get0_objects(store);
1011 for (
int i = 0; i < sk_X509_OBJECT_num(objs); i++)
1013 X509_OBJECT *obj = sk_X509_OBJECT_value(objs, i);
1017 sk_X509_OBJECT_delete(objs, i);
1022 X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
1026 in = BIO_new_mem_buf((
char *)crl_inline, -1);
1030 in = BIO_new_file(crl_file,
"r");
1035 msg(
M_WARN,
"CRL: cannot read: %s", crl_file);
1039 crl = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL);
1042 msg(
M_WARN,
"CRL: cannot read CRL from file %s", crl_file);
1046 if (!X509_STORE_add_crl(store, crl))
1048 msg(
M_WARN,
"CRL: cannot add %s to store", crl_file);
1058 #ifdef ENABLE_MANAGEMENT 1062 rsa_pub_enc(
int flen,
const unsigned char *from,
unsigned char *to, RSA *rsa,
int padding)
1070 rsa_pub_dec(
int flen,
const unsigned char *from,
unsigned char *to, RSA *rsa,
int padding)
1078 rsa_priv_dec(
int flen,
const unsigned char *from,
unsigned char *to, RSA *rsa,
int padding)
1091 const RSA_METHOD *meth = RSA_get_method(rsa);
1103 unsigned char *sig,
unsigned int siglen)
1105 char *in_b64 = NULL;
1106 char *out_b64 = NULL;
1127 rsa_priv_enc(
int flen,
const unsigned char *from,
unsigned char *to, RSA *rsa,
int padding)
1129 unsigned int len = RSA_size(rsa);
1132 if (padding != RSA_PKCS1_PADDING)
1140 return (ret == len) ? ret : -1;
1148 RSA_METHOD *rsa_meth;
1156 rsa_meth =
RSA_meth_new(
"OpenVPN external private key RSA Method",
1157 RSA_METHOD_FLAG_NO_CHECK);
1171 SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_MALLOC_FAILURE);
1176 const BIGNUM *n = NULL;
1177 const BIGNUM *e = NULL;
1181 if (!RSA_set_method(rsa, rsa_meth))
1189 if (!SSL_CTX_use_RSAPrivateKey(ctx->
ctx, rsa))
1212 #if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(OPENSSL_NO_EC) && !defined(LIBRESSL_VERSION_NUMBER) 1216 openvpn_extkey_ec_finish(EC_KEY *ec)
1219 const EC_KEY_METHOD *ec_meth = EC_KEY_get_method(ec);
1220 EC_KEY_METHOD_free((EC_KEY_METHOD *) ec_meth);
1228 ecdsa_sign(
int type,
const unsigned char *dgst,
int dgstlen,
unsigned char *sig,
1229 unsigned int *siglen,
const BIGNUM *kinv,
const BIGNUM *r, EC_KEY *ec)
1231 int capacity = ECDSA_size(ec);
1244 ecdsa_sign_setup(EC_KEY *ec, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
1254 ecdsa_sign_sig(
const unsigned char *dgst,
int dgstlen,
const BIGNUM *in_kinv,
1255 const BIGNUM *in_r, EC_KEY *ec)
1257 ECDSA_SIG *ecsig = NULL;
1258 unsigned int len = ECDSA_size(ec);
1261 unsigned char *buf =
gc_malloc(len,
false, &gc);
1262 if (ecdsa_sign(0, dgst, dgstlen, buf, &len, NULL, NULL, ec) != 1)
1267 ecsig = d2i_ECDSA_SIG(NULL, (
const unsigned char **)&buf, len);
1275 tls_ctx_use_external_ec_key(
struct tls_root_ctx *ctx, EVP_PKEY *pkey)
1278 EVP_PKEY *privkey = NULL;
1279 EC_KEY_METHOD *ec_method;
1283 ec_method = EC_KEY_METHOD_new(EC_KEY_OpenSSL());
1290 EC_KEY_METHOD_set_init(ec_method, NULL, openvpn_extkey_ec_finish, NULL, NULL, NULL, NULL);
1291 EC_KEY_METHOD_set_sign(ec_method, ecdsa_sign, ecdsa_sign_setup, ecdsa_sign_sig);
1296 EC_KEY_METHOD_free(ec_method);
1299 if (!EC_KEY_set_method(ec, ec_method))
1301 EC_KEY_METHOD_free(ec_method);
1306 privkey = EVP_PKEY_new();
1307 if (!EVP_PKEY_assign_EC_KEY(privkey, ec))
1313 if (!SSL_CTX_use_PrivateKey(ctx->
ctx, privkey))
1319 EVP_PKEY_free(privkey);
1326 EVP_PKEY_free(privkey);
1343 #if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) 1345 X509 *cert = SSL_CTX_get0_certificate(ctx->
ctx);
1348 SSL *ssl = SSL_new(ctx->
ctx);
1349 X509 *cert = SSL_get_certificate(ssl);
1365 #if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(OPENSSL_NO_EC) && !defined(LIBRESSL_VERSION_NUMBER) 1368 if (!tls_ctx_use_external_ec_key(ctx, pkey))
1375 crypto_msg(
M_WARN,
"management-external-key requires an RSA or EC certificate");
1388 #if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) 1406 return X509_NAME_cmp(*a, *b);
1411 const char *ca_file_inline,
1412 const char *ca_path,
bool tls_server
1415 STACK_OF(X509_INFO) *info_stack = NULL;
1416 STACK_OF(X509_NAME) *cert_names = NULL;
1417 X509_LOOKUP *lookup = NULL;
1418 X509_STORE *store = NULL;
1419 X509_NAME *xn = NULL;
1421 int i, added = 0, prev = 0;
1425 store = SSL_CTX_get_cert_store(ctx->
ctx);
1436 in = BIO_new_mem_buf((
char *)ca_file_inline, -1);
1440 in = BIO_new_file(ca_file,
"r");
1445 info_stack = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);
1450 for (i = 0; i < sk_X509_INFO_num(info_stack); i++)
1452 X509_INFO *info = sk_X509_INFO_value(info_stack, i);
1455 X509_STORE_add_crl(store, info->crl);
1458 if (tls_server && !info->x509)
1465 X509_STORE_add_cert(store, info->x509);
1474 if (cert_names == NULL)
1483 xn = X509_get_subject_name(info->x509);
1490 if (sk_X509_NAME_find(cert_names, xn) == -1)
1492 xn = X509_NAME_dup(xn);
1497 sk_X509_NAME_push(cert_names, xn);
1503 int cnum = sk_X509_NAME_num(cert_names);
1504 if (cnum != (prev + 1))
1507 "Cannot load CA certificate file %s (entry %d did not validate)",
1508 np(ca_file), added);
1514 sk_X509_INFO_pop_free(info_stack, X509_INFO_free);
1519 SSL_CTX_set_client_CA_list(ctx->
ctx, cert_names);
1525 "Cannot load CA certificate file %s (no entries were read)",
1531 int cnum = sk_X509_NAME_num(cert_names);
1535 "of %d entries were valid X509 names)",
1536 np(ca_file), cnum, added);
1549 lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir());
1550 if (lookup && X509_LOOKUP_add_dir(lookup, ca_path, X509_FILETYPE_PEM))
1552 msg(
M_WARN,
"WARNING: experimental option --capath %s", ca_path);
1558 X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
1564 const char *extra_certs_file_inline
1568 if (!strcmp(extra_certs_file,
INLINE_FILE_TAG) && extra_certs_file_inline)
1570 in = BIO_new_mem_buf((
char *)extra_certs_file_inline, -1);
1574 in = BIO_new_file(extra_certs_file,
"r");
1602 #warning BIO_DEBUG defined 1605 static bool biofp_toggle;
1606 static time_t biofp_last_open;
1607 static const int biofp_reopen_interval = 600;
1622 const time_t current = time(NULL);
1623 const pid_t pid = getpid();
1625 if (biofp_last_open + biofp_reopen_interval < current)
1633 biofp = fopen(fn,
"w");
1635 biofp_last_open = time(NULL);
1641 bio_debug_data(
const char *mode, BIO *bio,
const uint8_t *buf,
int len,
const char *desc)
1647 fprintf(biofp,
"BIO_%s %s time=%" PRIi64
" bio=" ptr_format " len=%d data=%s\n",
1655 bio_debug_oc(
const char *mode, BIO *bio)
1658 fprintf(biofp,
"BIO %s time=%" PRIi64
" bio=" ptr_format "\n",
1683 bio_debug_data(
"write", bio, data, size, desc);
1685 i = BIO_write(bio, data, size);
1689 if (BIO_should_retry(bio))
1754 i = BIO_read(bio,
BPTR(buf), len);
1759 bio_debug_data(
"read", bio,
BPTR(buf), i, desc);
1763 if (BIO_should_retry(bio))
1796 ks_ssl->
ssl = SSL_new(ssl_ctx->
ctx);
1811 bio_debug_oc(
"open ssl_bio", ks_ssl->
ssl_bio);
1812 bio_debug_oc(
"open ct_in", ks_ssl->
ct_in);
1813 bio_debug_oc(
"open ct_out", ks_ssl->
ct_out);
1818 SSL_set_accept_state(ks_ssl->
ssl);
1822 SSL_set_connect_state(ks_ssl->
ssl);
1826 BIO_set_ssl(ks_ssl->
ssl_bio, ks_ssl->
ssl, BIO_NOCLOSE);
1835 bio_debug_oc(
"close ssl_bio", ks_ssl->
ssl_bio);
1836 bio_debug_oc(
"close ct_in", ks_ssl->
ct_in);
1837 bio_debug_oc(
"close ct_out", ks_ssl->
ct_out);
1839 BIO_free_all(ks_ssl->
ssl_bio);
1840 SSL_free(ks_ssl->
ssl);
1850 #ifdef ENABLE_CRYPTO_OPENSSL 1854 "tls_write_plaintext");
1885 ret =
bio_read(ks_ssl->
ct_out, buf, maxlen,
"tls_read_ciphertext");
1931 const SSL_CIPHER *ciph;
1937 ciph = SSL_get_current_cipher(ks_ssl->
ssl);
1940 SSL_get_version(ks_ssl->
ssl),
1941 SSL_CIPHER_get_version(ciph),
1942 SSL_CIPHER_get_name(ciph));
1943 cert = SSL_get_peer_certificate(ks_ssl->
ssl);
1946 EVP_PKEY *pkey = X509_get_pubkey(cert);
1961 #ifndef OPENSSL_NO_EC 1965 const EC_GROUP *group = EC_KEY_get0_group(ec);
1968 int nid = EC_GROUP_get_curve_name(group);
1969 if (nid == 0 || (curve = OBJ_nid2sn(nid)) == NULL)
1971 curve =
"Error getting curve name";
1979 EVP_PKEY_free(pkey);
1990 const char *tls_cert_profile,
1995 tls_ctx.
ctx = SSL_CTX_new(SSLv23_method());
2001 #if (OPENSSL_VERSION_NUMBER >= 0x1010100fL) 2016 SSL *ssl = SSL_new(tls_ctx.
ctx);
2022 #if (OPENSSL_VERSION_NUMBER < 0x1010000fL) 2023 STACK_OF(SSL_CIPHER) *sk = SSL_get_ciphers(ssl);
2025 STACK_OF(SSL_CIPHER) *sk = SSL_get1_supported_ciphers(ssl);
2027 for (
int i = 0; i < sk_SSL_CIPHER_num(sk); i++)
2029 const SSL_CIPHER *c = sk_SSL_CIPHER_value(sk, i);
2031 const char *cipher_name = SSL_CIPHER_get_name(c);
2038 printf(
"%s\n", cipher_name);
2040 else if (NULL == pair)
2043 printf(
"%s (No IANA name known to OpenVPN, use OpenSSL name.)\n",
2051 #if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) 2052 sk_SSL_CIPHER_free(sk);
2055 SSL_CTX_free(tls_ctx.
ctx);
2065 #ifndef OPENSSL_NO_EC 2066 EC_builtin_curve *curves = NULL;
2070 crv_len = EC_get_builtin_curves(NULL, 0);
2072 if (EC_get_builtin_curves(curves, crv_len))
2074 printf(
"Available Elliptic curves:\n");
2075 for (n = 0; n < crv_len; n++)
2078 sname = OBJ_nid2sn(curves[n].nid);
2084 printf(
"%s\n", sname);
2093 msg(
M_WARN,
"Your OpenSSL library was built without elliptic curve support. " 2094 "No curves available.");
2103 const char *cipher_name;
2105 ctx = SSL_CTX_new(SSLv23_method());
2116 cipher_name = SSL_get_cipher_list(ssl, 0);
void tls_ctx_restrict_ciphers_tls13(struct tls_root_ctx *ctx, const char *ciphers)
Restrict the list of ciphers that can be used within the TLS context for TLS 1.3 and higher...
#define INFO_CALLBACK_SSL_CONST
void print_details(struct key_state_ssl *ks_ssl, const char *prefix)
static int rsa_priv_dec(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)
static void strncpynt(char *dest, const char *src, size_t maxlen)
bool tls_ctx_set_options(struct tls_root_ctx *ctx, unsigned int ssl_flags)
Set any library specific options.
static void * SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx)
Fetch the default password callback user data from the SSL context.
void tls_ctx_load_cryptoapi(struct tls_root_ctx *ctx, const char *cryptoapi_cert)
void tls_ctx_set_cert_profile(struct tls_root_ctx *ctx, const char *profile)
Set the TLS certificate profile.
int key_state_write_plaintext_const(struct key_state_ssl *ks_ssl, const uint8_t *data, int len)
Insert plaintext data into the TLS module.
static int EVP_PKEY_id(const EVP_PKEY *pkey)
Get the PKEY type.
static pem_password_cb * SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx)
Fetch the default password callback from the SSL context.
static DSA * EVP_PKEY_get0_DSA(EVP_PKEY *pkey)
Get the DSA object of a public key.
static void gc_free(struct gc_arena *a)
#define PERF_BIO_WRITE_CIPHERTEXT
void management_auth_failure(struct management *man, const char *type, const char *reason)
static void tls_ctx_add_extra_certs(struct tls_root_ctx *ctx, BIO *bio)
static int rsa_pub_enc(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)
int pem_password_callback(char *buf, int size, int rwflag, void *u)
Callback to retrieve the user's password.
static int RSA_meth_set_priv_dec(RSA_METHOD *meth, int(*priv_dec)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
Set the private decoding function of an RSA_METHOD object.
int tls_ctx_load_priv_file(struct tls_root_ctx *ctx, const char *priv_key_file, const char *priv_key_file_inline)
Load private key file into the given TLS context.
static int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, long tls_ver_min)
Mimics SSL_CTX_set_min_proto_version for OpenSSL < 1.1.
static int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data)
Set the application data of an RSA_METHOD object.
bool tls_ctx_initialised(struct tls_root_ctx *ctx)
Checks whether the given TLS context is initialised.
static void perf_pop(void)
#define crypto_msg(flags,...)
Retrieve any OpenSSL errors, then print the supplied error message.
static void perf_push(int type)
static char * format_hex(const uint8_t *data, int size, int maxoutput, struct gc_arena *gc)
void setenv_str(struct env_set *es, const char *name, const char *value)
#define PERF_BIO_READ_PLAINTEXT
static int RSA_meth_set_priv_enc(RSA_METHOD *meth, int(*priv_enc)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
Set the private encoding function of an RSA_METHOD object.
static int RSA_meth_set_pub_dec(RSA_METHOD *meth, int(*pub_dec)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
Set the public decoding function of an RSA_METHOD object.
int key_state_write_plaintext(struct key_state_ssl *ks_ssl, struct buffer *buf)
Insert a plaintext buffer into the TLS module.
static EC_KEY * EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey)
Get the EC_KEY object of a public key.
#define ALLOC_ARRAY(dptr, type, n)
static void RSA_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
Get the RSA parameters.
static int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, long tls_ver_max)
Mimics SSL_CTX_set_max_proto_version for OpenSSL < 1.1.
static int RSA_bits(const RSA *rsa)
Number of significant RSA bits.
#define SSLF_CLIENT_CERT_NOT_REQUIRED
int SSL_CTX_use_CryptoAPI_certificate(SSL_CTX *ssl_ctx, const char *cert_prop)
void tls_ctx_free(struct tls_root_ctx *ctx)
Frees the library-specific TLSv1 context.
void tls_clear_error(void)
Clear the underlying SSL library's error state.
static void RSA_meth_free(RSA_METHOD *meth)
Free an existing RSA_METHOD object.
static void X509_OBJECT_free(X509_OBJECT *obj)
Destroy a X509 object.
char * management_query_pk_sig(struct management *man, const char *b64_data)
void convert_tls_list_to_openssl(char *openssl_ciphers, size_t len, const char *ciphers)
int len
Length in bytes of the actual content within the allocated memory.
void setenv_del(struct env_set *es, const char *name)
static int rsa_priv_enc(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)
static void bio_write_post(const int status, struct buffer *buf)
static int get_sig_from_man(const unsigned char *dgst, unsigned int dgstlen, unsigned char *sig, unsigned int siglen)
void convert_tls13_list_to_openssl(char *openssl_ciphers, size_t len, const char *ciphers)
static int tls_ctx_use_external_rsa_key(struct tls_root_ctx *ctx, EVP_PKEY *pkey)
bool openvpn_snprintf(char *str, size_t size, const char *format,...)
static EVP_PKEY * X509_get0_pubkey(const X509 *x)
Get the public key from a X509 certificate.
#define SSLF_TLS_VERSION_MAX_SHIFT
static const char * np(const char *str)
void show_available_curves(void)
#define PERF_BIO_READ_CIPHERTEXT
static struct gc_arena gc_new(void)
static int RSA_meth_set_pub_enc(RSA_METHOD *meth, int(*pub_enc)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
Set the public encoding function of an RSA_METHOD object.
void get_highest_preference_tls_cipher(char *buf, int size)
#define SSLF_TLS_VERSION_MIN_MASK
void * gc_malloc(size_t size, bool clear, struct gc_arena *a)
int openvpn_base64_decode(const char *str, void *data, int size)
void tls_ctx_load_cert_file(struct tls_root_ctx *ctx, const char *cert_file, const char *cert_file_inline)
Use Windows cryptoapi for key and cert, and add to library-specific TLS context.
#define PERF_BIO_WRITE_PLAINTEXT
int tls_version_max(void)
Return the maximum TLS version (as a TLS_VER_x constant) supported by current SSL implementation...
static RSA * EVP_PKEY_get0_RSA(EVP_PKEY *pkey)
Get the RSA object of a public key.
static STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *store)
Fetch the X509 object stack from the X509 store.
int key_state_read_plaintext(struct key_state_ssl *ks_ssl, struct buffer *buf, int maxlen)
Extract plaintext data from the TLS module.
static RSA_METHOD * RSA_meth_new(const char *name, int flags)
Allocate a new RSA method object.
static SERVICE_STATUS status
int verify_callback(void *session_obj, mbedtls_x509_crt *cert, int cert_depth, uint32_t *flags)
Verify that the remote OpenVPN peer's certificate allows setting up a VPN tunnel. ...
static int buf_forward_capacity(const struct buffer *buf)
void key_state_export_keying_material(struct key_state_ssl *ssl, struct tls_session *session)
Keying Material Exporters [RFC 5705] allows additional keying material to be derived from existing TL...
void tls_init_lib(void)
Perform any static initialisation necessary by the library.
const char * get_ssl_library_version(void)
return a pointer to a static memory area containing the name and version number of the SSL library in...
char * format_hex_ex(const uint8_t *data, int size, int maxoutput, unsigned int space_break_flags, const char *separator, struct gc_arena *gc)
int openvpn_base64_encode(const void *data, int size, char **str)
Get a tls_cipher_name_pair containing OpenSSL and IANA names for supplied TLS cipher name...
#define D_HANDSHAKE_VERBOSE
int tls_ctx_load_pkcs12(struct tls_root_ctx *ctx, const char *pkcs12_file, const char *pkcs12_file_inline, bool load_ca_file)
Load PKCS #12 file for key, cert and (optionally) CA certs, and add to library-specific TLS context...
static int rsa_pub_dec(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)
void key_state_ssl_free(struct key_state_ssl *ks_ssl)
Free the SSL channel part of the given key state.
void tls_ctx_server_new(struct tls_root_ctx *ctx)
Initialise a library-specific TLS context for a server.
static int openssl_tls_version(int ver)
Convert internal version number to openssl version number.
static int DSA_bits(const DSA *dsa)
Number of significant DSA bits.
static int sk_x509_name_cmp(const X509_NAME *const *a, const X509_NAME *const *b)
void tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers)
Restrict the list of ciphers that can be used within the TLS context for TLS 1.2 and below...
Structure that wraps the TLS context.
#define SSLF_CLIENT_CERT_OPTIONAL
static void check_malloc_return(const void *p)
void backend_tls_ctx_reload_crl(struct tls_root_ctx *ssl_ctx, const char *crl_file, const char *crl_inline)
Reload the Certificate Revocation List for the SSL channel.
Security parameter state of a single session within a VPN tunnel.
#define VALGRIND_MAKE_READABLE(addr, len)
void tls_ctx_check_cert_time(const struct tls_root_ctx *ctx)
Check our certificate notBefore and notAfter fields, and warn if the cert is either not yet valid or ...
Wrapper structure for dynamically allocated memory.
int mydata_index
Allocate space in SSL objects in which to store a struct tls_session pointer back to parent...
static int SSL_CTX_get_min_proto_version(SSL_CTX *ctx)
Return the min SSL protocol version currently enabled in the context.
void tls_ctx_load_ca(struct tls_root_ctx *ctx, const char *ca_file, const char *ca_file_inline, const char *ca_path, bool tls_server)
Load certificate authority certificates from the given file or path.
static void info_callback(INFO_CALLBACK_SSL_CONST SSL *s, int where, int ret)
int key_state_write_ciphertext(struct key_state_ssl *ks_ssl, struct buffer *buf)
Insert a ciphertext buffer into the TLS module.
static int constrain_int(int x, int min, int max)
int tls_ctx_use_management_external_key(struct tls_root_ctx *ctx)
Tell the management interface to load the given certificate and the external private key matching the...
static int RSA_set0_key(RSA *rsa, BIGNUM *n, BIGNUM *e, BIGNUM *d)
Set the RSA parameters.
Garbage collection arena used to keep track of dynamically allocated memory.
void tls_ctx_load_dh_params(struct tls_root_ctx *ctx, const char *dh_file, const char *dh_file_inline)
Load Diffie Hellman Parameters, and load them into the library-specific TLS context.
const char * openssl_name
void tls_ctx_client_new(struct tls_root_ctx *ctx)
Initialises a library-specific TLS context for a client.
void key_state_ssl_init(struct key_state_ssl *ks_ssl, const struct tls_root_ctx *ssl_ctx, bool is_server, struct tls_session *session)
Initialise the SSL channel part of the given key state.
void tls_free_lib(void)
Free any global SSL library-specific data structures.
#define UP_TYPE_PRIVATE_KEY
static int openvpn_extkey_rsa_finish(RSA *rsa)
int key_state_read_ciphertext(struct key_state_ssl *ks_ssl, struct buffer *buf, int maxlen)
Extract ciphertext data from the TLS module.
#define SSLF_TLS_VERSION_MAX_MASK
static int RSA_meth_set_init(RSA_METHOD *meth, int(*init)(RSA *rsa))
Set the init function of an RSA_METHOD object.
#define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT
static int bio_write(BIO *bio, const uint8_t *data, int size, const char *desc)
#define SSLF_TLS_VERSION_MIN_SHIFT
void show_available_tls_ciphers_list(const char *cipher_list, const char *tls_cert_profile, const bool tls13)
const tls_cipher_name_pair * tls_get_cipher_name_pair(const char *cipher_name, size_t len)
static int EC_GROUP_order_bits(const EC_GROUP *group)
Gets the number of bits of the order of an EC_GROUP.
void tls_ctx_load_ecdh_params(struct tls_root_ctx *ctx, const char *curve_name)
Load Elliptic Curve Parameters, and load them into the library-specific TLS context.
static void RSA_set_flags(RSA *rsa, int flags)
Set the RSA flags.
void tls_ctx_load_extra_certs(struct tls_root_ctx *ctx, const char *extra_certs_file, const char *extra_certs_file_inline)
Load extra certificate authority certificates from the given file or path.
static int X509_OBJECT_get_type(const X509_OBJECT *obj)
Get the type of an X509 object.
Container for unidirectional cipher and HMAC key material.
static int RSA_meth_set_finish(RSA_METHOD *meth, int(*finish)(RSA *rsa))
Set the finish function of an RSA_METHOD object.
static bool tls_ctx_set_tls_versions(struct tls_root_ctx *ctx, unsigned int ssl_flags)
static int bio_read(BIO *bio, struct buffer *buf, int maxlen, const char *desc)