OpenVPN
ssl_verify_openssl.c
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single TCP/UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2024 OpenVPN Inc <sales@openvpn.net>
9  * Copyright (C) 2010-2021 Fox Crypto B.V. <openvpn@foxcrypto.com>
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License version 2
13  * as published by the Free Software Foundation.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the GNU General Public License along
21  * with this program; if not, write to the Free Software Foundation, Inc.,
22  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23  */
24 
29 #ifdef HAVE_CONFIG_H
30 #include "config.h"
31 #endif
32 
33 #include "syshead.h"
34 
35 #if defined(ENABLE_CRYPTO_OPENSSL)
36 
37 #include "ssl_verify_openssl.h"
38 
39 #include "error.h"
40 #include "ssl_openssl.h"
41 #include "ssl_verify.h"
42 #include "ssl_verify_backend.h"
43 #include "openssl_compat.h"
44 
45 #include <openssl/bn.h>
46 #include <openssl/err.h>
47 #include <openssl/x509v3.h>
48 
49 int
50 verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
51 {
52  int ret = 0;
53  struct tls_session *session;
54  SSL *ssl;
55  struct gc_arena gc = gc_new();
56 
57  /* get the tls_session pointer */
58  ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
59  ASSERT(ssl);
60  session = (struct tls_session *) SSL_get_ex_data(ssl, mydata_index);
61  ASSERT(session);
62 
63  X509 *current_cert = X509_STORE_CTX_get_current_cert(ctx);
64  struct buffer cert_hash = x509_get_sha256_fingerprint(current_cert, &gc);
65  cert_hash_remember(session, X509_STORE_CTX_get_error_depth(ctx), &cert_hash);
66 
67  /* did peer present cert which was signed by our root cert? */
68  if (!preverify_ok && !session->opt->verify_hash_no_ca)
69  {
70  /* get the X509 name */
71  char *subject = x509_get_subject(current_cert, &gc);
72  char *serial = backend_x509_get_serial(current_cert, &gc);
73 
74  if (!subject)
75  {
76  subject = "(Failed to retrieve certificate subject)";
77  }
78 
79  /* Log and ignore missing CRL errors */
80  if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_UNABLE_TO_GET_CRL)
81  {
82  msg(D_TLS_DEBUG_LOW, "VERIFY WARNING: depth=%d, %s: %s",
83  X509_STORE_CTX_get_error_depth(ctx),
84  X509_verify_cert_error_string(X509_STORE_CTX_get_error(ctx)),
85  subject);
86  ret = 1;
87  goto cleanup;
88  }
89 
90  /* Remote site specified a certificate, but it's not correct */
91  msg(D_TLS_ERRORS, "VERIFY ERROR: depth=%d, error=%s: %s, serial=%s",
92  X509_STORE_CTX_get_error_depth(ctx),
93  X509_verify_cert_error_string(X509_STORE_CTX_get_error(ctx)),
94  subject, serial ? serial : "<not available>");
95 
96  ERR_clear_error();
97 
98  session->verified = false;
99  goto cleanup;
100  }
101 
102  if (SUCCESS != verify_cert(session, current_cert, X509_STORE_CTX_get_error_depth(ctx)))
103  {
104  goto cleanup;
105  }
106 
107  ret = 1;
108 
109 cleanup:
110  gc_free(&gc);
111 
112  return ret;
113 }
114 
115 #ifdef ENABLE_X509ALTUSERNAME
116 bool
117 x509_username_field_ext_supported(const char *fieldname)
118 {
119  int nid = OBJ_txt2nid(fieldname);
120  return nid == NID_subject_alt_name || nid == NID_issuer_alt_name;
121 }
122 
123 static
124 bool
125 extract_x509_extension(X509 *cert, char *fieldname, char *out, int size)
126 {
127  bool retval = false;
128  char *buf = 0;
129 
130  if (!x509_username_field_ext_supported(fieldname))
131  {
133  "ERROR: --x509-username-field 'ext:%s' not supported", fieldname);
134  return false;
135  }
136 
137  int nid = OBJ_txt2nid(fieldname);
138  GENERAL_NAMES *extensions = X509_get_ext_d2i(cert, nid, NULL, NULL);
139  if (extensions)
140  {
141  int numalts;
142  int i;
143  /* get amount of alternatives,
144  * RFC2459 claims there MUST be at least
145  * one, but we don't depend on it...
146  */
147 
148  numalts = sk_GENERAL_NAME_num(extensions);
149 
150  /* loop through all alternatives */
151  for (i = 0; i<numalts; i++)
152  {
153  /* get a handle to alternative name number i */
154  const GENERAL_NAME *name = sk_GENERAL_NAME_value(extensions, i );
155 
156  switch (name->type)
157  {
158  case GEN_EMAIL:
159  if (ASN1_STRING_to_UTF8((unsigned char **)&buf, name->d.ia5) < 0)
160  {
161  continue;
162  }
163  if (strlen(buf) != name->d.ia5->length)
164  {
165  msg(D_TLS_ERRORS, "ASN1 ERROR: string contained terminating zero");
166  OPENSSL_free(buf);
167  }
168  else
169  {
170  strncpynt(out, buf, size);
171  OPENSSL_free(buf);
172  retval = true;
173  }
174  break;
175 
176  default:
177  msg(D_TLS_DEBUG, "%s: ignoring general name field type %i",
178  __func__, name->type);
179  break;
180  }
181  }
182  GENERAL_NAMES_free(extensions);
183  }
184  return retval;
185 }
186 #endif /* ENABLE_X509ALTUSERNAME */
187 
188 /*
189  * Extract a field from an X509 subject name.
190  *
191  * Example:
192  *
193  * /C=US/ST=CO/L=Denver/O=ORG/CN=First-CN/CN=Test-CA/Email=jim@yonan.net
194  *
195  * The common name is 'Test-CA'
196  *
197  * Return true on success, false on error (insufficient buffer size in 'out'
198  * to contain result is grounds for error).
199  */
200 static result_t
201 extract_x509_field_ssl(X509_NAME *x509, const char *field_name, char *out,
202  int size)
203 {
204  int lastpos = -1;
205  int tmp = -1;
206  X509_NAME_ENTRY *x509ne = NULL;
207  ASN1_STRING *asn1 = NULL;
208  unsigned char *buf = NULL;
209  ASN1_OBJECT *field_name_obj = OBJ_txt2obj(field_name, 0);
210 
211  if (field_name_obj == NULL)
212  {
213  msg(D_TLS_ERRORS, "Invalid X509 attribute name '%s'", field_name);
214  return FAILURE;
215  }
216 
217  ASSERT(size > 0);
218  *out = '\0';
219  do
220  {
221  lastpos = tmp;
222  tmp = X509_NAME_get_index_by_OBJ(x509, field_name_obj, lastpos);
223  } while (tmp > -1);
224 
225  ASN1_OBJECT_free(field_name_obj);
226 
227  /* Nothing found */
228  if (lastpos == -1)
229  {
230  return FAILURE;
231  }
232 
233  x509ne = X509_NAME_get_entry(x509, lastpos);
234  if (!x509ne)
235  {
236  return FAILURE;
237  }
238 
239  asn1 = X509_NAME_ENTRY_get_data(x509ne);
240  if (!asn1)
241  {
242  return FAILURE;
243  }
244  if (ASN1_STRING_to_UTF8(&buf, asn1) < 0)
245  {
246  return FAILURE;
247  }
248 
249  strncpynt(out, (char *)buf, size);
250 
251  {
252  const result_t ret = (strlen((char *)buf) < size) ? SUCCESS : FAILURE;
253  OPENSSL_free(buf);
254  return ret;
255  }
256 }
257 
258 result_t
259 backend_x509_get_username(char *common_name, int cn_len,
260  char *x509_username_field, X509 *peer_cert)
261 {
262 #ifdef ENABLE_X509ALTUSERNAME
263  if (strncmp("ext:", x509_username_field, 4) == 0)
264  {
265  if (!extract_x509_extension(peer_cert, x509_username_field+4, common_name, cn_len))
266  {
267  return FAILURE;
268  }
269  }
270  else if (strcmp(LN_serialNumber, x509_username_field) == 0)
271  {
272  ASN1_INTEGER *asn1_i = X509_get_serialNumber(peer_cert);
273  struct gc_arena gc = gc_new();
274  char *serial = format_hex_ex(asn1_i->data, asn1_i->length,
275  0, 1 | FHE_CAPS, NULL, &gc);
276 
277  if (!serial || cn_len <= strlen(serial)+2)
278  {
279  gc_free(&gc);
280  return FAILURE;
281  }
282  snprintf(common_name, cn_len, "0x%s", serial);
283  gc_free(&gc);
284  }
285  else
286 #endif /* ifdef ENABLE_X509ALTUSERNAME */
287  if (FAILURE == extract_x509_field_ssl(X509_get_subject_name(peer_cert),
288  x509_username_field, common_name, cn_len))
289  {
290  return FAILURE;
291  }
292 
293  return SUCCESS;
294 }
295 
296 char *
298 {
299  ASN1_INTEGER *asn1_i;
300  BIGNUM *bignum;
301  char *openssl_serial, *serial;
302 
303  asn1_i = X509_get_serialNumber(cert);
304  bignum = ASN1_INTEGER_to_BN(asn1_i, NULL);
305  openssl_serial = BN_bn2dec(bignum);
306 
307  serial = string_alloc(openssl_serial, gc);
308 
309  BN_free(bignum);
310  OPENSSL_free(openssl_serial);
311 
312  return serial;
313 }
314 
315 char *
317 {
318  const ASN1_INTEGER *asn1_i = X509_get_serialNumber(cert);
319 
320  return format_hex_ex(asn1_i->data, asn1_i->length, 0, 1, ":", gc);
321 }
322 
323 result_t
324 backend_x509_write_pem(openvpn_x509_cert_t *cert, const char *filename)
325 {
326  BIO *out = BIO_new_file(filename, "w");
327  if (!out)
328  {
329  goto err;
330  }
331 
332  if (!PEM_write_bio_X509(out, cert))
333  {
334  goto err;
335  }
336  BIO_free(out);
337 
338  return SUCCESS;
339 err:
340  BIO_free(out);
341  crypto_msg(D_TLS_DEBUG_LOW, "Error writing X509 certificate to file %s",
342  filename);
343  return FAILURE;
344 }
345 
346 struct buffer
347 x509_get_sha1_fingerprint(X509 *cert, struct gc_arena *gc)
348 {
349  const EVP_MD *sha1 = EVP_sha1();
350  struct buffer hash = alloc_buf_gc(EVP_MD_size(sha1), gc);
351  X509_digest(cert, EVP_sha1(), BPTR(&hash), NULL);
352  ASSERT(buf_inc_len(&hash, EVP_MD_size(sha1)));
353  return hash;
354 }
355 
356 struct buffer
357 x509_get_sha256_fingerprint(X509 *cert, struct gc_arena *gc)
358 {
359  const EVP_MD *sha256 = EVP_sha256();
360  struct buffer hash = alloc_buf_gc(EVP_MD_size(sha256), gc);
361  X509_digest(cert, EVP_sha256(), BPTR(&hash), NULL);
362  ASSERT(buf_inc_len(&hash, EVP_MD_size(sha256)));
363  return hash;
364 }
365 
366 char *
367 x509_get_subject(X509 *cert, struct gc_arena *gc)
368 {
369  BIO *subject_bio = NULL;
370  BUF_MEM *subject_mem;
371  char *subject = NULL;
372 
373  subject_bio = BIO_new(BIO_s_mem());
374  if (subject_bio == NULL)
375  {
376  goto err;
377  }
378 
379  X509_NAME_print_ex(subject_bio, X509_get_subject_name(cert),
380  0, XN_FLAG_SEP_CPLUS_SPC | XN_FLAG_FN_SN
381  |ASN1_STRFLGS_UTF8_CONVERT | ASN1_STRFLGS_ESC_CTRL);
382 
383  if (BIO_eof(subject_bio))
384  {
385  goto err;
386  }
387 
388  BIO_get_mem_ptr(subject_bio, &subject_mem);
389 
390  subject = gc_malloc(subject_mem->length + 1, false, gc);
391 
392  memcpy(subject, subject_mem->data, subject_mem->length);
393  subject[subject_mem->length] = '\0';
394 
395 err:
396  BIO_free(subject_bio);
397  return subject;
398 }
399 
400 
401 /*
402  * x509-track implementation -- save X509 fields to environment,
403  * using the naming convention:
404  *
405  * X509_{cert_depth}_{name}={value}
406  *
407  * This function differs from x509_setenv below in the following ways:
408  *
409  * (1) Only explicitly named attributes in xt are saved, per usage
410  * of "x509-track" program options.
411  * (2) Only the level 0 cert info is saved unless the XT_FULL_CHAIN
412  * flag is set in xt->flags (corresponds with prepending a '+'
413  * to the name when specified by "x509-track" program option).
414  * (3) This function supports both X509 subject name fields as
415  * well as X509 V3 extensions.
416  * (4) This function can return the SHA1 fingerprint of a cert, e.g.
417  * x509-track "+SHA1"
418  * will return the SHA1 fingerprint for each certificate in the
419  * peer chain.
420  */
421 
422 void
423 x509_track_add(const struct x509_track **ll_head, const char *name, int msglevel, struct gc_arena *gc)
424 {
425  struct x509_track *xt;
426  ALLOC_OBJ_CLEAR_GC(xt, struct x509_track, gc);
427  if (*name == '+')
428  {
429  xt->flags |= XT_FULL_CHAIN;
430  ++name;
431  }
432  xt->name = name;
433  xt->nid = OBJ_txt2nid(name);
434  if (xt->nid != NID_undef)
435  {
436  xt->next = *ll_head;
437  *ll_head = xt;
438  }
439  else
440  {
441  msg(msglevel, "x509_track: no such attribute '%s'", name);
442  }
443 }
444 
445 /* worker method for setenv_x509_track */
446 static void
447 do_setenv_x509(struct env_set *es, const char *name, char *value, int depth)
448 {
449  char *name_expand;
450  size_t name_expand_size;
451 
452  string_mod(value, CC_ANY, CC_CRLF, '?');
453  msg(D_X509_ATTR, "X509 ATTRIBUTE name='%s' value='%s' depth=%d", name, value, depth);
454  name_expand_size = 64 + strlen(name);
455  name_expand = (char *) malloc(name_expand_size);
456  check_malloc_return(name_expand);
457  snprintf(name_expand, name_expand_size, "X509_%d_%s", depth, name);
458  setenv_str(es, name_expand, value);
459  free(name_expand);
460 }
461 
462 void
463 x509_setenv_track(const struct x509_track *xt, struct env_set *es, const int depth, X509 *x509)
464 {
465  struct gc_arena gc = gc_new();
466  X509_NAME *x509_name = X509_get_subject_name(x509);
467  const char nullc = '\0';
468 
469  while (xt)
470  {
471  if (depth == 0 || (xt->flags & XT_FULL_CHAIN))
472  {
473  switch (xt->nid)
474  {
475  case NID_sha1:
476  case NID_sha256:
477  {
478  struct buffer fp_buf;
479  char *fp_str = NULL;
480 
481  if (xt->nid == NID_sha1)
482  {
483  fp_buf = x509_get_sha1_fingerprint(x509, &gc);
484  }
485  else
486  {
487  fp_buf = x509_get_sha256_fingerprint(x509, &gc);
488  }
489 
490  fp_str = format_hex_ex(BPTR(&fp_buf), BLEN(&fp_buf), 0,
491  1 | FHE_CAPS, ":", &gc);
492  do_setenv_x509(es, xt->name, fp_str, depth);
493  }
494  break;
495 
496  default:
497  {
498  int i = X509_NAME_get_index_by_NID(x509_name, xt->nid, -1);
499  if (i >= 0)
500  {
501  X509_NAME_ENTRY *ent = X509_NAME_get_entry(x509_name, i);
502  if (ent)
503  {
504  ASN1_STRING *val = X509_NAME_ENTRY_get_data(ent);
505  unsigned char *buf = NULL;
506  if (ASN1_STRING_to_UTF8(&buf, val) >= 0)
507  {
508  do_setenv_x509(es, xt->name, (char *)buf, depth);
509  OPENSSL_free(buf);
510  }
511  }
512  }
513  else
514  {
515  i = X509_get_ext_by_NID(x509, xt->nid, -1);
516  if (i >= 0)
517  {
518  X509_EXTENSION *ext = X509_get_ext(x509, i);
519  if (ext)
520  {
521  BIO *bio = BIO_new(BIO_s_mem());
522  if (bio)
523  {
524  if (X509V3_EXT_print(bio, ext, 0, 0))
525  {
526  if (BIO_write(bio, &nullc, 1) == 1)
527  {
528  char *str;
529  BIO_get_mem_data(bio, &str);
530  do_setenv_x509(es, xt->name, str, depth);
531  }
532  }
533  BIO_free(bio);
534  }
535  }
536  }
537  }
538  }
539  }
540  }
541  xt = xt->next;
542  }
543  gc_free(&gc);
544 }
545 
546 /*
547  * Save X509 fields to environment, using the naming convention:
548  *
549  * X509_{cert_depth}_{name}={value}
550  */
551 void
552 x509_setenv(struct env_set *es, int cert_depth, openvpn_x509_cert_t *peer_cert)
553 {
554  int i, n;
555  int fn_nid;
556  ASN1_OBJECT *fn;
557  ASN1_STRING *val;
558  X509_NAME_ENTRY *ent;
559  const char *objbuf;
560  unsigned char *buf = NULL;
561  char *name_expand;
562  size_t name_expand_size;
563  X509_NAME *x509 = X509_get_subject_name(peer_cert);
564 
565  n = X509_NAME_entry_count(x509);
566  for (i = 0; i < n; ++i)
567  {
568  ent = X509_NAME_get_entry(x509, i);
569  if (!ent)
570  {
571  continue;
572  }
573  fn = X509_NAME_ENTRY_get_object(ent);
574  if (!fn)
575  {
576  continue;
577  }
578  val = X509_NAME_ENTRY_get_data(ent);
579  if (!val)
580  {
581  continue;
582  }
583  fn_nid = OBJ_obj2nid(fn);
584  if (fn_nid == NID_undef)
585  {
586  continue;
587  }
588  objbuf = OBJ_nid2sn(fn_nid);
589  if (!objbuf)
590  {
591  continue;
592  }
593  if (ASN1_STRING_to_UTF8(&buf, val) < 0)
594  {
595  continue;
596  }
597  name_expand_size = 64 + strlen(objbuf);
598  name_expand = (char *) malloc(name_expand_size);
599  check_malloc_return(name_expand);
600  snprintf(name_expand, name_expand_size, "X509_%d_%s", cert_depth,
601  objbuf);
602  string_mod(name_expand, CC_PRINT, CC_CRLF, '_');
603  string_mod((char *)buf, CC_PRINT, CC_CRLF, '_');
604  setenv_str_incr(es, name_expand, (char *)buf);
605  free(name_expand);
606  OPENSSL_free(buf);
607  }
608 }
609 
610 result_t
612 {
613  if (usage == NS_CERT_CHECK_NONE)
614  {
615  return SUCCESS;
616  }
618  {
619  /*
620  * Unfortunately, X509_check_purpose() does some weird thing that
621  * prevent it to take a const argument
622  */
623  result_t result = X509_check_purpose(peer_cert, X509_PURPOSE_SSL_CLIENT, 0) ?
624  SUCCESS : FAILURE;
625 
626  /*
627  * old versions of OpenSSL allow us to make the less strict check we used to
628  * do. If this less strict check pass, warn user that this might not be the
629  * case when its distribution will update to OpenSSL 1.1
630  */
631  if (result == FAILURE)
632  {
633  ASN1_BIT_STRING *ns;
634  ns = X509_get_ext_d2i(peer_cert, NID_netscape_cert_type, NULL, NULL);
635  result = (ns && ns->length > 0 && (ns->data[0] & NS_SSL_CLIENT)) ? SUCCESS : FAILURE;
636  if (result == SUCCESS)
637  {
638  msg(M_WARN, "X509: Certificate is a client certificate yet it's purpose "
639  "cannot be verified (check may fail in the future)");
640  }
641  ASN1_BIT_STRING_free(ns);
642  }
643  return result;
644  }
646  {
647  /*
648  * Unfortunately, X509_check_purpose() does some weird thing that
649  * prevent it to take a const argument
650  */
651  result_t result = X509_check_purpose(peer_cert, X509_PURPOSE_SSL_SERVER, 0) ?
652  SUCCESS : FAILURE;
653 
654  /*
655  * old versions of OpenSSL allow us to make the less strict check we used to
656  * do. If this less strict check pass, warn user that this might not be the
657  * case when its distribution will update to OpenSSL 1.1
658  */
659  if (result == FAILURE)
660  {
661  ASN1_BIT_STRING *ns;
662  ns = X509_get_ext_d2i(peer_cert, NID_netscape_cert_type, NULL, NULL);
663  result = (ns && ns->length > 0 && (ns->data[0] & NS_SSL_SERVER)) ? SUCCESS : FAILURE;
664  if (result == SUCCESS)
665  {
666  msg(M_WARN, "X509: Certificate is a server certificate yet it's purpose "
667  "cannot be verified (check may fail in the future)");
668  }
669  ASN1_BIT_STRING_free(ns);
670  }
671  return result;
672  }
673 
674  return FAILURE;
675 }
676 
677 result_t
678 x509_verify_cert_ku(X509 *x509, const unsigned *const expected_ku,
679  int expected_len)
680 {
681  ASN1_BIT_STRING *ku = X509_get_ext_d2i(x509, NID_key_usage, NULL, NULL);
682 
683  if (ku == NULL)
684  {
685  msg(D_TLS_ERRORS, "Certificate does not have key usage extension");
686  return FAILURE;
687  }
688 
689  if (expected_ku[0] == OPENVPN_KU_REQUIRED)
690  {
691  /* Extension required, value checked by TLS library */
692  ASN1_BIT_STRING_free(ku);
693  return SUCCESS;
694  }
695 
696  unsigned nku = 0;
697  for (size_t i = 0; i < 8; i++)
698  {
699  if (ASN1_BIT_STRING_get_bit(ku, i))
700  {
701  nku |= 1 << (7 - i);
702  }
703  }
704 
705  /*
706  * Fixup if no LSB bits
707  */
708  if ((nku & 0xff) == 0)
709  {
710  nku >>= 8;
711  }
712 
713  msg(D_HANDSHAKE, "Validating certificate key usage");
714  result_t fFound = FAILURE;
715  for (size_t i = 0; fFound != SUCCESS && i < expected_len; i++)
716  {
717  if (expected_ku[i] != 0 && (nku & expected_ku[i]) == expected_ku[i])
718  {
719  fFound = SUCCESS;
720  }
721  }
722 
723  if (fFound != SUCCESS)
724  {
726  "ERROR: Certificate has key usage %04x, expected one of:", nku);
727  for (size_t i = 0; i < expected_len && expected_ku[i]; i++)
728  {
729  msg(D_TLS_ERRORS, " * %04x", expected_ku[i]);
730  }
731  }
732 
733  ASN1_BIT_STRING_free(ku);
734 
735  return fFound;
736 }
737 
738 result_t
739 x509_verify_cert_eku(X509 *x509, const char *const expected_oid)
740 {
741  EXTENDED_KEY_USAGE *eku = NULL;
742  result_t fFound = FAILURE;
743 
744  if ((eku = (EXTENDED_KEY_USAGE *) X509_get_ext_d2i(x509, NID_ext_key_usage,
745  NULL, NULL)) == NULL)
746  {
747  msg(D_HANDSHAKE, "Certificate does not have extended key usage extension");
748  }
749  else
750  {
751  int i;
752 
753  msg(D_HANDSHAKE, "Validating certificate extended key usage");
754  for (i = 0; SUCCESS != fFound && i < sk_ASN1_OBJECT_num(eku); i++)
755  {
756  ASN1_OBJECT *oid = sk_ASN1_OBJECT_value(eku, i);
757  char szOid[1024];
758 
759  if (SUCCESS != fFound && OBJ_obj2txt(szOid, sizeof(szOid), oid, 0) != -1)
760  {
761  msg(D_HANDSHAKE, "++ Certificate has EKU (str) %s, expects %s",
762  szOid, expected_oid);
763  if (!strcmp(expected_oid, szOid))
764  {
765  fFound = SUCCESS;
766  }
767  }
768  if (SUCCESS != fFound && OBJ_obj2txt(szOid, sizeof(szOid), oid, 1) != -1)
769  {
770  msg(D_HANDSHAKE, "++ Certificate has EKU (oid) %s, expects %s",
771  szOid, expected_oid);
772  if (!strcmp(expected_oid, szOid))
773  {
774  fFound = SUCCESS;
775  }
776  }
777  }
778  }
779 
780  if (eku != NULL)
781  {
782  sk_ASN1_OBJECT_pop_free(eku, ASN1_OBJECT_free);
783  }
784 
785  return fFound;
786 }
787 
788 bool
790 {
791  if (!opt->crl_file || (opt->ssl_flags & SSLF_CRL_VERIFY_DIR))
792  {
793  return false;
794  }
795 
796  X509_STORE *store = SSL_CTX_get_cert_store(opt->ssl_ctx.ctx);
797  if (!store)
798  {
799  crypto_msg(M_FATAL, "Cannot get certificate store");
800  }
801 
802  STACK_OF(X509_OBJECT) *objs = X509_STORE_get0_objects(store);
803  for (int i = 0; i < sk_X509_OBJECT_num(objs); i++)
804  {
805  X509_OBJECT *obj = sk_X509_OBJECT_value(objs, i);
806  ASSERT(obj);
807  if (X509_OBJECT_get_type(obj) == X509_LU_CRL)
808  {
809  return false;
810  }
811  }
812  return true;
813 }
814 
815 #endif /* defined(ENABLE_CRYPTO_OPENSSL) */
D_TLS_DEBUG
#define D_TLS_DEBUG
Definition: errlevel.h:165
error.h
gc_new
static struct gc_arena gc_new(void)
Definition: buffer.h:1030
ssl_verify_backend.h
M_FATAL
#define M_FATAL
Definition: error.h:89
mydata_index
int mydata_index
Allocate space in SSL objects in which to store a struct tls_session pointer back to parent.
Definition: ssl_openssl.c:82
es
struct env_set * es
Definition: test_pkcs11.c:133
hash
Definition: list.h:56
D_TLS_DEBUG_LOW
#define D_TLS_DEBUG_LOW
Definition: errlevel.h:77
verify_cert
result_t verify_cert(struct tls_session *session, openvpn_x509_cert_t *cert, int cert_depth)
Definition: ssl_verify.c:598
D_HANDSHAKE
#define D_HANDSHAKE
Definition: errlevel.h:72
alloc_buf_gc
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
Definition: buffer.c:88
CC_CRLF
#define CC_CRLF
carriage return or newline
Definition: buffer.h:925
backend_x509_get_username
result_t backend_x509_get_username(char *common_name, int cn_len, char *x509_username_field, X509 *peer_cert)
Definition: ssl_verify_openssl.c:259
ssl_verify_openssl.h
x509_setenv
void x509_setenv(struct env_set *es, int cert_depth, openvpn_x509_cert_t *peer_cert)
Definition: ssl_verify_openssl.c:552
result_t
result_t
Result of verification function.
Definition: ssl_verify_backend.h:35
format_hex_ex
char * format_hex_ex(const uint8_t *data, int size, int maxoutput, unsigned int space_break_flags, const char *separator, struct gc_arena *gc)
Definition: buffer.c:501
tls_options::ssl_ctx
struct tls_root_ctx ssl_ctx
Definition: ssl_common.h:299
string_alloc
char * string_alloc(const char *str, struct gc_arena *gc)
Definition: buffer.c:667
ssl_verify.h
ASSERT
#define ASSERT(x)
Definition: error.h:195
x509_verify_cert_eku
result_t x509_verify_cert_eku(X509 *x509, const char *const expected_oid)
Definition: ssl_verify_openssl.c:739
buf_inc_len
static bool buf_inc_len(struct buffer *buf, int inc)
Definition: buffer.h:595
tls_options
Definition: ssl_common.h:296
BLEN
#define BLEN(buf)
Definition: buffer.h:127
CC_PRINT
#define CC_PRINT
printable (>= 32, != 127)
Definition: buffer.h:896
x509_track::nid
int nid
Definition: ssl_verify.h:220
SSLF_CRL_VERIFY_DIR
#define SSLF_CRL_VERIFY_DIR
Definition: ssl_common.h:412
string_mod
bool string_mod(char *str, const unsigned int inclusive, const unsigned int exclusive, const char replace)
Modifies a string in place by replacing certain classes of characters of it with a specified characte...
Definition: buffer.c:1059
tls_options::ssl_flags
unsigned int ssl_flags
Definition: ssl_common.h:418
M_WARN
#define M_WARN
Definition: error.h:91
x509_verify_cert_ku
result_t x509_verify_cert_ku(X509 *x509, const unsigned *const expected_ku, int expected_len)
Definition: ssl_verify_openssl.c:678
ALLOC_OBJ_CLEAR_GC
#define ALLOC_OBJ_CLEAR_GC(dptr, type, gc)
Definition: buffer.h:1102
FHE_CAPS
#define FHE_CAPS
Definition: buffer.h:503
x509_get_subject
char * x509_get_subject(X509 *cert, struct gc_arena *gc)
Definition: ssl_verify_openssl.c:367
cert_hash_remember
void cert_hash_remember(struct tls_session *session, const int error_depth, const struct buffer *cert_hash)
Definition: ssl_verify.c:199
x509_track::name
const char * name
Definition: ssl_verify.h:217
buffer
Wrapper structure for dynamically allocated memory.
Definition: buffer.h:60
setenv_str_incr
void setenv_str_incr(struct env_set *es, const char *name, const char *value)
Store the supplied name value pair in the env_set.
Definition: env_set.c:305
backend_x509_get_serial_hex
char * backend_x509_get_serial_hex(openvpn_x509_cert_t *cert, struct gc_arena *gc)
Definition: ssl_verify_openssl.c:316
SUCCESS
@ SUCCESS
Definition: ssl_verify_backend.h:35
D_TLS_ERRORS
#define D_TLS_ERRORS
Definition: errlevel.h:59
openssl_compat.h
x509_track::next
const struct x509_track * next
Definition: ssl_verify.h:216
CC_ANY
#define CC_ANY
any character
Definition: buffer.h:888
tls_session
Security parameter state of a single session within a VPN tunnel.
Definition: ssl_common.h:471
XT_FULL_CHAIN
#define XT_FULL_CHAIN
Definition: ssl_verify.h:218
syshead.h
BPTR
#define BPTR(buf)
Definition: buffer.h:124
gc_arena
Garbage collection arena used to keep track of dynamically allocated memory.
Definition: buffer.h:116
setenv_str
void setenv_str(struct env_set *es, const char *name, const char *value)
Definition: env_set.c:283
strncpynt
static void strncpynt(char *dest, const char *src, size_t maxlen)
Definition: buffer.h:361
env_set
Definition: env_set.h:42
openvpn_x509_cert_t
X509 openvpn_x509_cert_t
Definition: openvpn-plugin.h:40
x509_verify_ns_cert_type
result_t x509_verify_ns_cert_type(openvpn_x509_cert_t *peer_cert, const int usage)
Definition: ssl_verify_openssl.c:611
usage
static void usage(void)
Definition: options.c:4817
x509_get_sha256_fingerprint
struct buffer x509_get_sha256_fingerprint(X509 *cert, struct gc_arena *gc)
Retrieve the certificate's SHA256 fingerprint.
Definition: ssl_verify_openssl.c:357
crypto_msg
#define crypto_msg(flags,...)
Retrieve any OpenSSL errors, then print the supplied error message.
Definition: crypto_openssl.h:117
x509_track::flags
unsigned int flags
Definition: ssl_verify.h:219
backend_x509_write_pem
result_t backend_x509_write_pem(openvpn_x509_cert_t *cert, const char *filename)
Definition: ssl_verify_openssl.c:324
tls_options::crl_file
const char * crl_file
Definition: ssl_common.h:342
gc_malloc
void * gc_malloc(size_t size, bool clear, struct gc_arena *a)
Definition: buffer.c:354
x509_track_add
void x509_track_add(const struct x509_track **ll_head, const char *name, int msglevel, struct gc_arena *gc)
Definition: ssl_verify_openssl.c:423
gc_free
static void gc_free(struct gc_arena *a)
Definition: buffer.h:1038
backend_x509_get_serial
char * backend_x509_get_serial(openvpn_x509_cert_t *cert, struct gc_arena *gc)
Definition: ssl_verify_openssl.c:297
cert_hash
Structure containing the hash for a single certificate.
Definition: ssl_verify.h:54
do_setenv_x509
static void do_setenv_x509(struct env_set *es, const char *name, char *value, int depth)
Definition: ssl_verify_openssl.c:447
config.h
x509_setenv_track
void x509_setenv_track(const struct x509_track *xt, struct env_set *es, const int depth, X509 *x509)
Definition: ssl_verify_openssl.c:463
tls_root_ctx::ctx
SSL_CTX * ctx
Definition: ssl_openssl.h:40
check_malloc_return
static void check_malloc_return(void *p)
Definition: buffer.h:1108
session
Definition: keyingmaterialexporter.c:56
OPENVPN_KU_REQUIRED
#define OPENVPN_KU_REQUIRED
Require keyUsage to be present in cert (0xFFFF is an invalid KU value)
Definition: ssl_verify.h:234
x509_get_sha1_fingerprint
struct buffer x509_get_sha1_fingerprint(X509 *cert, struct gc_arena *gc)
Retrieve the certificate's SHA1 fingerprint.
Definition: ssl_verify_openssl.c:347
extract_x509_field_ssl
static result_t extract_x509_field_ssl(X509_NAME *x509, const char *field_name, char *out, int size)
Definition: ssl_verify_openssl.c:201
tls_verify_crl_missing
bool tls_verify_crl_missing(const struct tls_options *opt)
Return true iff a CRL is configured, but is not loaded.
Definition: ssl_verify_openssl.c:789
D_X509_ATTR
#define D_X509_ATTR
Definition: errlevel.h:103
msg
#define msg(flags,...)
Definition: error.h:144
verify_callback
int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
Verify that the remote OpenVPN peer's certificate allows setting up a VPN tunnel.
Definition: ssl_verify_openssl.c:50
x509_track
Definition: ssl_verify.h:214
NS_CERT_CHECK_SERVER
#define NS_CERT_CHECK_SERVER
Do not perform Netscape certificate type verification.
Definition: ssl_verify.h:229
NS_CERT_CHECK_NONE
#define NS_CERT_CHECK_NONE
Do not perform Netscape certificate type verification.
Definition: ssl_verify.h:227
NS_CERT_CHECK_CLIENT
#define NS_CERT_CHECK_CLIENT
Do not perform Netscape certificate type verification.
Definition: ssl_verify.h:231
ssl_openssl.h
FAILURE
@ FAILURE
Definition: ssl_verify_backend.h:35
cleanup
static int cleanup(void **state)
Definition: test_pkcs11.c:280