# ifndef DISABLE_OCSP
# define EXIM_HAVE_OCSP
# endif
+# define EXIM_HAVE_ALPN /* fail ret from hshake-cb is ignored by LibreSSL */
# else
# define EXIM_NEED_OPENSSL_INIT
# endif
# endif
#endif
+#if LIBRESSL_VERSION_NUMBER >= 0x3040000fL
+# define EXIM_HAVE_OPENSSL_CIPHER_GET_ID
+#endif
+
#if !defined(LIBRESSL_VERSION_NUMBER) \
|| LIBRESSL_VERSION_NUMBER >= 0x20010000L
# if !defined(OPENSSL_NO_ECDH)
{ US"no_tlsv1", SSL_OP_NO_TLSv1 },
#endif
#ifdef SSL_OP_NO_TLSv1_1
-#if SSL_OP_NO_TLSv1_1 == 0x00000400L
+# if SSL_OP_NO_TLSv1_1 == 0x00000400L
/* Error in chosen value in 1.0.1a; see first item in CHANGES for 1.0.1b */
-#warning OpenSSL 1.0.1a uses a bad value for SSL_OP_NO_TLSv1_1, ignoring
-#else
+# warning OpenSSL 1.0.1a uses a bad value for SSL_OP_NO_TLSv1_1, ignoring
+# else
{ US"no_tlsv1_1", SSL_OP_NO_TLSv1_1 },
-#endif
+# endif
#endif
#ifdef SSL_OP_NO_TLSv1_2
{ US"no_tlsv1_2", SSL_OP_NO_TLSv1_2 },
builtin_macro_create(US"_HAVE_TLS_OCSP");
builtin_macro_create(US"_HAVE_TLS_OCSP_LIST");
# endif
+# ifdef EXIM_HAVE_ALPN
+builtin_macro_create(US"_HAVE_TLS_ALPN");
+# endif
}
#else
#ifdef EXIM_HAVE_OPENSSL_TLSEXT
static SSL_CTX *server_sni = NULL;
#endif
+#ifdef EXIM_HAVE_ALPN
+static BOOL server_seen_alpn = FALSE;
+#endif
static char ssl_errstring[256];
uschar ** errstr );
/* Callbacks */
-#ifdef EXIM_HAVE_OPENSSL_TLSEXT
-static int tls_servername_cb(SSL *s, int *ad ARG_UNUSED, void *arg);
-#endif
#ifndef DISABLE_OCSP
static int tls_server_stapling_cb(SSL *s, void *arg);
#endif
#else
# if defined SSL_CTRL_SET_ECDH_AUTO
DEBUG(D_tls) debug_printf(
- "ECDH OpenSSL 1.0.2+ temp key parameter settings: autoselection\n");
+ "ECDH OpenSSL 1.0.2+: temp key parameter settings: autoselection\n");
SSL_CTX_set_ecdh_auto(sctx, 1);
return TRUE;
# else
DEBUG(D_tls) debug_printf(
- "ECDH OpenSSL 1.1.0+ temp key parameter settings: default selection\n");
+ "ECDH OpenSSL 1.1.0+: temp key parameter settings: default selection\n");
return TRUE;
# endif
#endif
/* Create and install a selfsigned certificate, for use in server mode */
+/*XXX we could arrange to call this during prelo for a null tls_certificate option.
+The normal cache inval + relo will suffice.
+Just need a timer for inval. */
static int
tls_install_selfsign(SSL_CTX * sctx, uschar ** errstr)
X509_NAME * name;
uschar * where;
+DEBUG(D_tls) debug_printf("TLS: generating selfsigned server cert\n");
where = US"allocating pkey";
if (!(pkey = EVP_PKEY_new()))
goto err;
X509_set_version(x509, 2); /* N+1 - version 3 */
ASN1_INTEGER_set(X509_get_serialNumber(x509), 1);
X509_gmtime_adj(X509_get_notBefore(x509), 0);
-X509_gmtime_adj(X509_get_notAfter(x509), (long)60 * 60); /* 1 hour */
+X509_gmtime_adj(X509_get_notAfter(x509), (long)2 * 60 * 60); /* 2 hour */
X509_set_pubkey(x509, pkey);
name = X509_get_subject_name(x509);
str = where & SSL_CB_READ ? US"read" : US"write",
SSL_alert_type_string_long(ret), SSL_alert_desc_string_long(ret));
else if (where & SSL_CB_EXIT)
- if (ret == 0)
- debug_printf("%s: failed in %s\n", str, SSL_state_string_long(s));
- else if (ret < 0)
- debug_printf("%s: error in %s\n", str, SSL_state_string_long(s));
+ {
+ if (ret == 0)
+ debug_printf("%s: failed in %s\n", str, SSL_state_string_long(s));
+ else if (ret < 0)
+ debug_printf("%s: error in %s\n", str, SSL_state_string_long(s));
+ }
else if (where & SSL_CB_HANDSHAKE_START)
debug_printf("%s: hshake start: %s\n", str, SSL_state_string_long(s));
else if (where & SSL_CB_HANDSHAKE_DONE)
DEBUG(D_tls)
debug_printf("tls_ocsp_file (%s) '%s'\n", is_pem ? "PEM" : "DER", filename);
+if (!filename || !*filename) return;
+
+ERR_clear_error();
if (!(bio = BIO_new_file(CS filename, "rb")))
{
- DEBUG(D_tls) debug_printf("Failed to open OCSP response file \"%s\"\n",
- filename);
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "Failed to open OCSP response file \"%s\": %.100s",
+ filename, ERR_reason_error_string(ERR_get_error()));
return;
}
long len;
if (!PEM_read_bio(bio, &dummy, &dummy, &data, &len))
{
- DEBUG(D_tls) debug_printf("Failed to read PEM file \"%s\"\n",
- filename);
+ log_write(0, LOG_MAIN|LOG_PANIC, "Failed to read PEM file \"%s\": %.100s",
+ filename, ERR_reason_error_string(ERR_get_error()));
return;
}
freep = data;
if (!resp)
{
- DEBUG(D_tls) debug_printf("Error reading OCSP response.\n");
+ log_write(0, LOG_MAIN|LOG_PANIC, "Error reading OCSP response from \"%s\": %s",
+ filename, ERR_reason_error_string(ERR_get_error()));
return;
}
* One-time init credentials for server and client *
**************************************************/
-
-#ifdef gnutls
-static void
-creds_basic_init(gnutls_certificate_credentials_t x509_cred, BOOL server)
-{
-}
-#endif
-
-static int
-creds_load_server_certs(/*exim_gnutls_state_st * state,*/ const uschar * cert,
- const uschar * pkey, const uschar * ocsp, uschar ** errstr)
-{
-#ifdef gnutls
-const uschar * clist = cert;
-const uschar * klist = pkey;
-const uschar * olist;
-int csep = 0, ksep = 0, osep = 0, cnt = 0, rc;
-uschar * cfile, * kfile, * ofile;
-#ifndef DISABLE_OCSP
-# ifdef SUPPORT_GNUTLS_EXT_RAW_PARSE
-gnutls_x509_crt_fmt_t ocsp_fmt = GNUTLS_X509_FMT_DER;
-# endif
-
-if (!expand_check(ocsp, US"tls_ocsp_file", &ofile, errstr))
- return DEFER;
-olist = ofile;
-#endif
-
-while (cfile = string_nextinlist(&clist, &csep, NULL, 0))
-
- if (!(kfile = string_nextinlist(&klist, &ksep, NULL, 0)))
- return tls_error(US"cert/key setup: out of keys", NULL, NULL, errstr);
- else if ((rc = tls_add_certfile(state, NULL, cfile, kfile, errstr)) > 0)
- return rc;
- else
- {
- int gnutls_cert_index = -rc;
- DEBUG(D_tls) debug_printf("TLS: cert/key %d %s registered\n",
- gnutls_cert_index, cfile);
-
-#ifndef DISABLE_OCSP
- if (ocsp)
- {
- /* Set the OCSP stapling server info */
- if (gnutls_buggy_ocsp)
- {
- DEBUG(D_tls)
- debug_printf("GnuTLS library is buggy for OCSP; avoiding\n");
- }
- else if ((ofile = string_nextinlist(&olist, &osep, NULL, 0)))
- {
- DEBUG(D_tls) debug_printf("OCSP response file %d = %s\n",
- gnutls_cert_index, ofile);
-# ifdef SUPPORT_GNUTLS_EXT_RAW_PARSE
- if (Ustrncmp(ofile, US"PEM ", 4) == 0)
- {
- ocsp_fmt = GNUTLS_X509_FMT_PEM;
- ofile += 4;
- }
- else if (Ustrncmp(ofile, US"DER ", 4) == 0)
- {
- ocsp_fmt = GNUTLS_X509_FMT_DER;
- ofile += 4;
- }
-
- if ((rc = gnutls_certificate_set_ocsp_status_request_file2(
- state->lib_state.x509_cred, CCS ofile, gnutls_cert_index,
- ocsp_fmt)) < 0)
- return tls_error_gnu(
- US"gnutls_certificate_set_ocsp_status_request_file2",
- rc, NULL, errstr);
- DEBUG(D_tls)
- debug_printf(" %d response%s loaded\n", rc, rc>1 ? "s":"");
-
- /* Arrange callbacks for OCSP request observability */
-
- if (state->session)
- gnutls_handshake_set_hook_function(state->session,
- GNUTLS_HANDSHAKE_ANY, GNUTLS_HOOK_POST, tls_server_hook_cb);
- else
- state->lib_state.ocsp_hook = TRUE;
-
-
-# else
-# if defined(SUPPORT_SRV_OCSP_STACK)
- if ((rc = gnutls_certificate_set_ocsp_status_request_function2(
- state->lib_state.x509_cred, gnutls_cert_index,
- server_ocsp_stapling_cb, ofile)))
- return tls_error_gnu(
- US"gnutls_certificate_set_ocsp_status_request_function2",
- rc, NULL, errstr);
- else
-# endif
- {
- if (cnt++ > 0)
- {
- DEBUG(D_tls)
- debug_printf("oops; multiple OCSP files not supported\n");
- break;
- }
- gnutls_certificate_set_ocsp_status_request_function(
- state->lib_state.x509_cred, server_ocsp_stapling_cb, ofile);
- }
-# endif /* SUPPORT_GNUTLS_EXT_RAW_PARSE */
- }
- else
- DEBUG(D_tls) debug_printf("ran out of OCSP response files in list\n");
- }
-#endif /* DISABLE_OCSP */
- }
-return 0;
-#endif /*gnutls*/
-}
-
-static int
-creds_load_client_certs(/*exim_gnutls_state_st * state,*/ const host_item * host,
- const uschar * cert, const uschar * pkey, uschar ** errstr)
-{
-return 0;
-}
-
-static int
-creds_load_cabundle(/*exim_gnutls_state_st * state,*/ const uschar * bundle,
- const host_item * host, uschar ** errstr)
-{
-#ifdef gnutls
-int cert_count;
-struct stat statbuf;
-
-#ifdef SUPPORT_SYSDEFAULT_CABUNDLE
-if (Ustrcmp(bundle, "system") == 0 || Ustrncmp(bundle, "system,", 7) == 0)
- cert_count = gnutls_certificate_set_x509_system_trust(state->lib_state.x509_cred);
-else
-#endif
- {
- if (Ustat(bundle, &statbuf) < 0)
- {
- log_write(0, LOG_MAIN|LOG_PANIC, "could not stat '%s' "
- "(tls_verify_certificates): %s", bundle, strerror(errno));
- return DEFER;
- }
-
-#ifndef SUPPORT_CA_DIR
- /* The test suite passes in /dev/null; we could check for that path explicitly,
- but who knows if someone has some weird FIFO which always dumps some certs, or
- other weirdness. The thing we really want to check is that it's not a
- directory, since while OpenSSL supports that, GnuTLS does not.
- So s/!S_ISREG/S_ISDIR/ and change some messaging ... */
- if (S_ISDIR(statbuf.st_mode))
- {
- log_write(0, LOG_MAIN|LOG_PANIC,
- "tls_verify_certificates \"%s\" is a directory", bundle);
- return DEFER;
- }
-#endif
-
- DEBUG(D_tls) debug_printf("verify certificates = %s size=" OFF_T_FMT "\n",
- bundle, statbuf.st_size);
-
- if (statbuf.st_size == 0)
- {
- DEBUG(D_tls)
- debug_printf("cert file empty, no certs, no verification, ignoring any CRL\n");
- return OK;
- }
-
- cert_count =
-
-#ifdef SUPPORT_CA_DIR
- (statbuf.st_mode & S_IFMT) == S_IFDIR
- ?
- gnutls_certificate_set_x509_trust_dir(state->lib_state.x509_cred,
- CS bundle, GNUTLS_X509_FMT_PEM)
- :
-#endif
- gnutls_certificate_set_x509_trust_file(state->lib_state.x509_cred,
- CS bundle, GNUTLS_X509_FMT_PEM);
-
-#ifdef SUPPORT_CA_DIR
- /* Mimic the behaviour with OpenSSL of not advertising a usable-cert list
- when using the directory-of-certs config model. */
-
- if ((statbuf.st_mode & S_IFMT) == S_IFDIR)
- if (state->session)
- gnutls_certificate_send_x509_rdn_sequence(state->session, 1);
- else
- state->lib_state.ca_rdn_emulate = TRUE;
-#endif
- }
-
-if (cert_count < 0)
- return tls_error_gnu(US"setting certificate trust", cert_count, host, errstr);
-DEBUG(D_tls)
- debug_printf("Added %d certificate authorities\n", cert_count);
-
-#endif /*gnutls*/
-return OK;
-}
-
-
-static int
-creds_load_crl(/*exim_gnutls_state_st * state,*/ const uschar * crl, uschar ** errstr)
-{
-return FAIL;
-}
-
-
-static int
-creds_load_pristring(/*exim_gnutls_state_st * state,*/ const uschar * p,
- const char ** errpos)
-{
-return FAIL;
-}
-
static int
server_load_ciphers(SSL_CTX * ctx, exim_openssl_state_st * state,
uschar * ciphers, uschar ** errstr)
}
-static void
+static unsigned
tls_server_creds_init(void)
{
SSL_CTX * ctx;
uschar * dummy_errstr;
+unsigned lifetime = 0;
tls_openssl_init();
state_server.lib_state = null_tls_preload;
if (lib_ctx_new(&ctx, NULL, &dummy_errstr) != OK)
- return;
+ return 0;
state_server.lib_state.lib_ctx = ctx;
/* Preload DH params and EC curve */
state_server.lib_state.ecdh = TRUE;
}
-#ifdef EXIM_HAVE_INOTIFY
+#if defined(EXIM_HAVE_INOTIFY) || defined(EXIM_HAVE_KEVENT)
/* If we can, preload the server-side cert, key and ocsp */
if ( opt_set_and_noexpand(tls_certificate)
- && opt_unset_or_noexpand(tls_privatekey)
- && opt_unset_or_noexpand(tls_ocsp_file))
+# ifndef DISABLE_OCSP
+ && opt_unset_or_noexpand(tls_ocsp_file)
+#endif
+ && opt_unset_or_noexpand(tls_privatekey))
{
/* Set watches on the filenames. The implementation does de-duplication
- so we can just blindly do them all.
- */
+ so we can just blindly do them all. */
if ( tls_set_watch(tls_certificate, TRUE)
- && tls_set_watch(tls_privatekey, TRUE)
+# ifndef DISABLE_OCSP
&& tls_set_watch(tls_ocsp_file, TRUE)
- )
+#endif
+ && tls_set_watch(tls_privatekey, TRUE))
{
state_server.certificate = tls_certificate;
state_server.privatekey = tls_privatekey;
state_server.lib_state.conn_certs = TRUE;
}
}
+else if ( !tls_certificate && !tls_privatekey
+# ifndef DISABLE_OCSP
+ && !tls_ocsp_file
+#endif
+ )
+ { /* Generate & preload a selfsigned cert. No files to watch. */
+ if (tls_expand_session_files(ctx, &state_server, &dummy_errstr) == OK)
+ {
+ state_server.lib_state.conn_certs = TRUE;
+ lifetime = f.running_in_test_harness ? 2 : 60 * 60; /* 1 hour */
+ }
+ }
else
DEBUG(D_tls) debug_printf("TLS: not preloading server certs\n");
}
else
DEBUG(D_tls) debug_printf("TLS: not preloading cipher list for server\n");
+return lifetime;
}
ob->tls_preload.ecdh = TRUE;
}
-#ifdef EXIM_HAVE_INOTIFY
+#if defined(EXIM_HAVE_INOTIFY) || defined(EXIM_HAVE_KEVENT)
if ( opt_set_and_noexpand(ob->tls_certificate)
&& opt_unset_or_noexpand(ob->tls_privatekey))
{
}
-#ifdef EXIM_HAVE_INOTIFY
+#if defined(EXIM_HAVE_INOTIFY) || defined(EXIM_HAVE_KEVENT)
/* Invalidate the creds cached, by dropping the current ones.
Call when we notice one of the source files has changed. */
SSL_CTX_free(ob->tls_preload.lib_ctx);
ob->tls_preload = null_tls_preload;
}
+
+#else
+
+static void
+tls_server_creds_invalidate(void)
+{ return; }
+
+static void
+tls_client_creds_invalidate(transport_instance * t)
+{ return; }
+
#endif /*EXIM_HAVE_INOTIFY*/
+#ifdef EXIM_HAVE_ALPN
+/*************************************************
+* Callback to handle ALPN *
+*************************************************/
+
+/* Called on server if tls_alpn nonblank after expansion,
+when client offers ALPN, after the SNI callback.
+If set and not matching the list then we dump the connection */
+
+static int
+tls_server_alpn_cb(SSL *ssl, const uschar ** out, uschar * outlen,
+ const uschar * in, unsigned int inlen, void * arg)
+{
+server_seen_alpn = TRUE;
+DEBUG(D_tls)
+ {
+ debug_printf("Received TLS ALPN offer:");
+ for (int pos = 0, siz; pos < inlen; pos += siz+1)
+ {
+ siz = in[pos];
+ if (pos + 1 + siz > inlen) siz = inlen - pos - 1;
+ debug_printf(" '%.*s'", siz, in + pos + 1);
+ }
+ debug_printf(". Our list: '%s'\n", tls_alpn);
+ }
+
+/* Look for an acceptable ALPN */
+
+if ( inlen > 1 /* at least one name */
+ && in[0]+1 == inlen /* filling the vector, so exactly one name */
+ )
+ {
+ const uschar * list = tls_alpn;
+ int sep = 0;
+ for (uschar * name; name = string_nextinlist(&list, &sep, NULL, 0); )
+ if (Ustrncmp(in+1, name, in[0]) == 0)
+ {
+ *out = in; /* we checked for exactly one, so can just point to it */
+ *outlen = inlen;
+ return SSL_TLSEXT_ERR_OK; /* use ALPN */
+ }
+ }
+
+/* More than one name from clilent, or name did not match our list. */
+
+/* This will be fatal to the TLS conn; would be nice to kill TCP also.
+Maybe as an option in future; for now leave control to the config (must-tls). */
+
+DEBUG(D_tls) debug_printf("TLS ALPN rejected\n");
+return SSL_TLSEXT_ERR_ALERT_FATAL;
+}
+#endif /* EXIM_HAVE_ALPN */
+
+
+
#ifndef DISABLE_OCSP
/*************************************************
tls_certificate */
SSL_CTX_set_tlsext_servername_callback(ctx, tls_servername_cb);
SSL_CTX_set_tlsext_servername_arg(ctx, state);
+
+# ifdef EXIM_HAVE_ALPN
+ if (tls_alpn && *tls_alpn)
+ {
+ uschar * exp_alpn;
+ if ( expand_check(tls_alpn, US"tls_alpn", &exp_alpn, errstr)
+ && *exp_alpn && !isblank(*exp_alpn))
+ {
+ tls_alpn = exp_alpn; /* subprocess so ok to overwrite */
+ SSL_CTX_set_alpn_select_cb(ctx, tls_server_alpn_cb, state);
+ }
+ else
+ tls_alpn = NULL;
+ }
+# endif
}
# ifndef DISABLE_OCSP
else /* client */
/* Load certs from file, return TRUE on success */
static BOOL
-chain_from_pem_file(const uschar * file, STACK_OF(X509) * verify_stack)
+chain_from_pem_file(const uschar * file, STACK_OF(X509) ** vp)
{
BIO * bp;
-X509 * x;
+STACK_OF(X509) * verify_stack = *vp;
-while (sk_X509_num(verify_stack) > 0)
- X509_free(sk_X509_pop(verify_stack));
+if (verify_stack)
+ while (sk_X509_num(verify_stack) > 0)
+ X509_free(sk_X509_pop(verify_stack));
+else
+ verify_stack = sk_X509_new_null();
if (!(bp = BIO_new_file(CS file, "r"))) return FALSE;
-while ((x = PEM_read_bio_X509(bp, NULL, 0, NULL)))
+for (X509 * x; x = PEM_read_bio_X509(bp, NULL, 0, NULL); )
sk_X509_push(verify_stack, x);
BIO_free(bp);
+*vp = verify_stack;
return TRUE;
}
#endif
{ file = NULL; dir = expcerts; }
else
{
+ STACK_OF(X509) * verify_stack =
+#ifndef DISABLE_OCSP
+ !host ? state_server.verify_stack :
+#endif
+ NULL;
+ STACK_OF(X509) ** vp = &verify_stack;
+
file = expcerts; dir = NULL;
#ifndef DISABLE_OCSP
/* In the server if we will be offering an OCSP proof, load chain from
/*XXX Glitch! The file here is tls_verify_certs: the chain for verifying the client cert.
This is inconsistent with the need to verify the OCSP proof of the server cert.
*/
-
if ( !host
&& statbuf.st_size > 0
&& state_server.u_ocsp.server.file
- && !chain_from_pem_file(file, state_server.verify_stack)
+ && !chain_from_pem_file(file, vp)
)
{
log_write(0, LOG_MAIN|LOG_PANIC,
/* Handle genuine errors */
case SSL_ERROR_SSL:
{
- uschar * s = US"SSL_accept";
+ uschar * s = NULL;
int r = ERR_GET_REASON(ERR_peek_error());
if ( r == SSL_R_WRONG_VERSION_NUMBER
#ifdef SSL_R_VERSION_TOO_LOW
#endif
|| r == SSL_R_UNKNOWN_PROTOCOL || r == SSL_R_UNSUPPORTED_PROTOCOL)
s = string_sprintf("%s (%s)", s, SSL_get_version(ssl));
- (void) tls_error(s, NULL, sigalrm_seen ? US"timed out" : NULL, errstr);
+ (void) tls_error(US"SSL_accept", NULL, sigalrm_seen ? US"timed out" : s, errstr);
return FAIL;
}
}
#endif
+#ifdef EXIM_HAVE_ALPN
+/* If require-alpn, check server_seen_alpn here. Else abort TLS */
+if (!tls_alpn || !*tls_alpn)
+ { DEBUG(D_tls) debug_printf("TLS: was not watching for ALPN\n"); }
+else if (!server_seen_alpn)
+ if (verify_check_host(&hosts_require_alpn) == OK)
+ {
+ /* We'd like to send a definitive Alert but OpenSSL provides no facility */
+ SSL_shutdown(ssl);
+ tls_error(US"handshake", NULL, US"ALPN required but not negotiated", errstr);
+ return FAIL;
+ }
+ else
+ { DEBUG(D_tls) debug_printf("TLS: no ALPN presented in handshake\n"); }
+else DEBUG(D_tls)
+ {
+ const uschar * name;
+ unsigned len;
+ SSL_get0_alpn_selected(ssl, &name, &len);
+ if (len && name)
+ debug_printf("ALPN negotiated: '%.*s'\n", (int)*name, name+1);
+ else
+ debug_printf("ALPN: no protocol negotiated\n");
+ }
+#endif
+
+
/* TLS has been set up. Record data for the connection,
adjust the input functions to read via TLS, and initialize things. */
debug_printf("decoding session: %s\n", ssl_errstring);
}
}
-#ifdef EXIM_HAVE_SESSION_TICKET
- else if ( SSL_SESSION_get_ticket_lifetime_hint(ss) + dt->time_stamp
- < time(NULL))
+ else
{
- DEBUG(D_tls) debug_printf("session expired\n");
- dbfn_delete(dbm_file, key);
- }
+ unsigned long lifetime =
+#ifdef EXIM_HAVE_SESSION_TICKET
+ SSL_SESSION_get_ticket_lifetime_hint(ss);
+#else /* Use, fairly arbitrilarily, what we as server would */
+ f.running_in_test_harness ? 6 : ssl_session_timeout;
#endif
- else if (!SSL_set_session(ssl, ss))
- {
- DEBUG(D_tls)
+ if (lifetime + dt->time_stamp < time(NULL))
{
- ERR_error_string_n(ERR_get_error(),
- ssl_errstring, sizeof(ssl_errstring));
- debug_printf("applying session to ssl: %s\n", ssl_errstring);
+ DEBUG(D_tls) debug_printf("session expired\n");
+ dbfn_delete(dbm_file, key);
+ }
+ else if (!SSL_set_session(ssl, ss))
+ {
+ DEBUG(D_tls)
+ {
+ ERR_error_string_n(ERR_get_error(),
+ ssl_errstring, sizeof(ssl_errstring));
+ debug_printf("applying session to ssl: %s\n", ssl_errstring);
+ }
+ }
+ else
+ {
+ DEBUG(D_tls) debug_printf("good session\n");
+ tlsp->resumption |= RESUME_CLIENT_SUGGESTED;
+ tlsp->verify_override = dt->verify_override;
+ tlsp->ocsp = dt->ocsp;
}
- }
- else
- {
- DEBUG(D_tls) debug_printf("good session\n");
- tlsp->resumption |= RESUME_CLIENT_SUGGESTED;
- tlsp->verify_override = dt->verify_override;
- tlsp->ocsp = dt->ocsp;
}
}
else
#endif /* !DISABLE_TLS_RESUME */
+#ifdef EXIM_HAVE_ALPN
+/* Expand and convert an Exim list to an ALPN list. False return for fail.
+NULL plist return for silent no-ALPN.
+*/
+
+static BOOL
+tls_alpn_plist(const uschar * tls_alpn, const uschar ** plist, unsigned * plen,
+ uschar ** errstr)
+{
+uschar * exp_alpn;
+
+if (!expand_check(tls_alpn, US"tls_alpn", &exp_alpn, errstr))
+ return FALSE;
+
+if (!exp_alpn)
+ {
+ DEBUG(D_tls) debug_printf("Setting TLS ALPN forced to fail, not sending\n");
+ *plist = NULL;
+ }
+else
+ {
+ /* The server implementation only accepts exactly one protocol name
+ but it's little extra code complexity in the client. */
+
+ const uschar * list = exp_alpn;
+ uschar * p = store_get(Ustrlen(exp_alpn), is_tainted(exp_alpn)), * s, * t;
+ int sep = 0;
+ uschar len;
+
+ for (t = p; s = string_nextinlist(&list, &sep, NULL, 0); t += len)
+ {
+ *t++ = len = (uschar) Ustrlen(s);
+ memcpy(t, s, len);
+ }
+ *plist = (*plen = t - p) ? p : NULL;
+ }
+return TRUE;
+}
+#endif /* EXIM_HAVE_ALPN */
+
+
/*************************************************
* Start a TLS session in a client *
*************************************************/
}
}
+if (ob->tls_alpn)
+#ifdef EXIM_HAVE_ALPN
+ {
+ const uschar * plist;
+ unsigned plen;
+
+ if (!tls_alpn_plist(ob->tls_alpn, &plist, &plen, errstr))
+ return FALSE;
+ if (plist)
+ if (SSL_set_alpn_protos(exim_client_ctx->ssl, plist, plen) != 0)
+ {
+ tls_error(US"alpn init", host, NULL, errstr);
+ return FALSE;
+ }
+ else
+ DEBUG(D_tls) debug_printf("Setting TLS ALPN '%s'\n", ob->tls_alpn);
+ }
+#else
+ log_write(0, LOG_MAIN, "ALPN unusable with this OpenSSL library version; ignoring \"%s\"\n",
+ ob->tls_alpn);
+#endif
+
#ifdef SUPPORT_DANE
if (conn_args->dane)
if (dane_tlsa_load(exim_client_ctx->ssl, host, &conn_args->tlsa_dnsa, errstr) != OK)
tls_client_resume_posthandshake(exim_client_ctx, tlsp);
#endif
+#ifdef EXIM_HAVE_ALPN
+if (ob->tls_alpn) /* We requested. See what was negotiated. */
+ {
+ const uschar * name;
+ unsigned len;
+
+ SSL_get0_alpn_selected(exim_client_ctx->ssl, &name, &len);
+ if (len > 0)
+ { DEBUG(D_tls) debug_printf("ALPN negotiated %u: '%.*s'\n", len, (int)*name, name+1); }
+ else if (verify_check_given_host(CUSS &ob->hosts_require_alpn, host) == OK)
+ {
+ /* Would like to send a relevant fatal Alert, but OpenSSL has no API */
+ tls_error(US"handshake", host, US"ALPN required but not negotiated", errstr);
+ return FALSE;
+ }
+ }
+#endif
+
#ifdef SSL_get_extms_support
tlsp->ext_master_secret = SSL_get_extms_support(exim_client_ctx->ssl) == 1;
#endif
void
-tls_get_cache()
+tls_get_cache(void)
{
#ifndef DISABLE_DKIM
int n = ssl_xfer_buffer_hwm - ssl_xfer_buffer_lwm;
tls_could_read(void)
{
return ssl_xfer_buffer_lwm < ssl_xfer_buffer_hwm
- || SSL_pending(state_server.lib_state.lib_ssl) > 0;
+ || SSL_pending(state_server.lib_state.lib_ssl) > 0;
}
{
if (!len) buff = US &error; /* dummy just so that string_catn is ok */
-#ifndef DISABLE_PIPE_CONNECT
int save_pool = store_pool;
store_pool = POOL_PERM;
-#endif
corked = string_catn(corked, buff, len);
-#ifndef DISABLE_PIPE_CONNECT
store_pool = save_pool;
-#endif
if (more)
{
+/*
+Arguments:
+ ct_ctx client TLS context pointer, or NULL for the one global server context
+*/
+
+void
+tls_shutdown_wr(void * ct_ctx)
+{
+exim_openssl_client_tls_ctx * o_ctx = ct_ctx;
+SSL ** sslp = o_ctx ? &o_ctx->ssl : (SSL **) &state_server.lib_state.lib_ssl;
+int * fdp = o_ctx ? &tls_out.active.sock : &tls_in.active.sock;
+int rc;
+
+if (*fdp < 0) return; /* TLS was not active */
+
+tls_write(ct_ctx, NULL, 0, FALSE); /* flush write buffer */
+
+HDEBUG(D_transport|D_tls|D_acl|D_v) debug_printf_indent(" SMTP(TLS shutdown)>>\n");
+rc = SSL_shutdown(*sslp);
+if (rc < 0) DEBUG(D_tls)
+ {
+ ERR_error_string_n(ERR_get_error(), ssl_errstring, sizeof(ssl_errstring));
+ debug_printf("SSL_shutdown: %s\n", ssl_errstring);
+ }
+}
+
/*************************************************
* Close down a TLS session *
*************************************************/
Arguments:
ct_ctx client TLS context pointer, or NULL for the one global server context
- shutdown 1 if TLS close-alert is to be sent,
+ do_shutdown 0 no data-flush or TLS close-alert
+ 1 if TLS close-alert is to be sent,
2 if also response to be waited for
Returns: nothing
*/
void
-tls_close(void * ct_ctx, int shutdown)
+tls_close(void * ct_ctx, int do_shutdown)
{
exim_openssl_client_tls_ctx * o_ctx = ct_ctx;
-SSL **sslp = o_ctx ? &o_ctx->ssl : (SSL **) &state_server.lib_state.lib_ssl;
-int *fdp = o_ctx ? &tls_out.active.sock : &tls_in.active.sock;
+SSL ** sslp = o_ctx ? &o_ctx->ssl : (SSL **) &state_server.lib_state.lib_ssl;
+int * fdp = o_ctx ? &tls_out.active.sock : &tls_in.active.sock;
if (*fdp < 0) return; /* TLS was not active */
-if (shutdown)
+if (do_shutdown)
{
int rc;
DEBUG(D_tls) debug_printf("tls_close(): shutting down TLS%s\n",
- shutdown > 1 ? " (with response-wait)" : "");
+ do_shutdown > 1 ? " (with response-wait)" : "");
+
+ tls_write(ct_ctx, NULL, 0, FALSE); /* flush write buffer */
if ( (rc = SSL_shutdown(*sslp)) == 0 /* send "close notify" alert */
- && shutdown > 1)
+ && do_shutdown > 1)
{
ALARM(2);
rc = SSL_shutdown(*sslp); /* wait for response */
{
long result, item;
uschar * exp, * end;
-uschar keep_c;
BOOL adding, item_parsed;
/* Server: send no (<= TLS1.2) session tickets */
return FALSE;
}
adding = *s++ == '+';
- for (end = s; (*end != '\0') && !isspace(*end); ++end) /**/ ;
- keep_c = *end;
- *end = '\0';
- item_parsed = tls_openssl_one_option_parse(s, &item);
- *end = keep_c;
+ for (end = s; *end && !isspace(*end); ) end++;
+ item_parsed = tls_openssl_one_option_parse(string_copyn(s, end-s), &item);
if (!item_parsed)
{
DEBUG(D_tls) debug_printf("openssl option setting unrecognised: \"%s\"\n", s);
git://git.exim.org / exim.git / blobdiff