of files, to match a list given for the &%tls_certificate%& option.
The ordering of the two lists must match.
-The file(s) should be in DER format
+.new
+The file(s) should be in DER format,
+except for GnuTLS 3.6.3 or later when an optional filetype prefix
+can be used. The prefix must be one of "DER" or "PEM", followed by
+a single space. If one is used it sets the format for subsequent
+files in the list; the initial format is DER.
+When a PEM format file is used it may contain multiple proofs,
+for multiple certificate chain element proofs under TLS1.3.
+.wen
.option tls_on_connect_ports main "string list" unset
.cindex SSMTP
11. Main options for DKIM verify to filter hash and key types.
+12. Under GnuTLS, with TLS1.3, support for full-chain OCSP stapling.
+
Version 4.92
--------------
# define SUPPORT_SRV_OCSP_STACK
#endif
#if GNUTLS_VERSION_NUMBER >= 0x030603
+# define EXIM_HAVE_TLS1_3
# define SUPPORT_GNUTLS_EXT_RAW_PARSE
+# define GNUTLS_OCSP_STATUS_REQUEST_GET2
#endif
#ifdef SUPPORT_DANE
# ifdef EXPERIMENTAL_TLS_RESUME
builtin_macro_create_var(US"_RESUME_DECODE", RESUME_DECODE_STRING );
# endif
+# ifdef EXIM_HAVE_TLS1_3
+builtin_macro_create(US"_HAVE_TLS1_3");
+# endif
}
#else
/* https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml */
if (tls_id == 5) /* status_request */
{
- DEBUG(D_tls) debug_printf("Seen status_request extension\n");
+ DEBUG(D_tls) debug_printf("Seen status_request extension from client\n");
tls_in.ocsp = OCSP_NOT_RESP;
}
return 0;
return gnutls_ext_raw_parse(NULL, tls_server_clienthello_ext, msg,
GNUTLS_EXT_RAW_FLAG_TLS_CLIENT_HELLO);
}
+
+
+/* Make a note that we saw a status-response */
+static int
+tls_server_servercerts_ext(void * ctx, unsigned tls_id,
+ const unsigned char *data, unsigned size)
+{
+/* debug_printf("%s %u\n", __FUNCTION__, tls_id); */
+/* https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml */
+if (FALSE && tls_id == 5) /* status_request */
+ {
+ DEBUG(D_tls) debug_printf("Seen status_request extension\n");
+ tls_in.ocsp = exim_testharness_disable_ocsp_validity_check
+ ? OCSP_VFY_NOT_TRIED : OCSP_VFIED; /* We know that GnuTLS verifies responses */
+ }
+return 0;
+}
+
+/* Callback for certificates packet, on server, if we think we might serve stapled-OCSP */
+static int
+tls_server_servercerts_cb(gnutls_session_t session, unsigned int htype,
+ unsigned when, unsigned int incoming, const gnutls_datum_t * msg)
+{
+/* Call fn for each extension seen. 3.6.3 onwards */
+#ifdef notdef
+/*XXX crashes */
+return gnutls_ext_raw_parse(NULL, tls_server_servercerts_ext, msg, 0);
+#endif
+}
#endif
+/*XXX in tls1.3 the cert-status travel as an extension next to the cert, in the
+ "Handshake Protocol: Certificate" record.
+So we need to spot the Certificate handshake message, parse it and spot any status_request extension(s)
+
+This is different to tls1.2 - where it is a separate record (wireshake term) / handshake message (gnutls term).
+*/
+
#if defined(EXPERIMENTAL_TLS_RESUME) || defined(SUPPORT_GNUTLS_EXT_RAW_PARSE)
/* Callback for certificate-status, on server. We sent stapled OCSP. */
static int
tls_server_certstatus_cb(gnutls_session_t session, unsigned int htype,
unsigned when, unsigned int incoming, const gnutls_datum_t * msg)
{
-DEBUG(D_tls) debug_printf("Sending certificate-status\n");
+DEBUG(D_tls) debug_printf("Sending certificate-status\n"); /*XXX we get this for tls1.2 but not for 1.3 */
#ifdef SUPPORT_SRV_OCSP_STACK
tls_in.ocsp = exim_testharness_disable_ocsp_validity_check
? OCSP_VFY_NOT_TRIED : OCSP_VFIED; /* We know that GnuTLS verifies responses */
tls_server_hook_cb(gnutls_session_t sess, u_int htype, unsigned when,
unsigned incoming, const gnutls_datum_t * msg)
{
+/* debug_printf("%s: htype %u\n", __FUNCTION__, htype); */
switch (htype)
{
# ifdef SUPPORT_GNUTLS_EXT_RAW_PARSE
case GNUTLS_HANDSHAKE_CLIENT_HELLO:
return tls_server_clienthello_cb(sess, htype, when, incoming, msg);
+ case GNUTLS_HANDSHAKE_CERTIFICATE_PKT:
+ return tls_server_servercerts_cb(sess, htype, when, incoming, msg);
# endif
case GNUTLS_HANDSHAKE_CERTIFICATE_STATUS:
return tls_server_certstatus_cb(sess, htype, when, incoming, msg);
#ifdef SUPPORT_SRV_OCSP_STACK
gnutls_certificate_set_flags(state->x509_cred, GNUTLS_CERTIFICATE_API_V2);
+
+# if !defined(DISABLE_OCSP) && defined(SUPPORT_GNUTLS_EXT_RAW_PARSE)
+if (!host && tls_ocsp_file)
+ {
+ if (f.running_in_test_harness)
+ tls_server_testharness_ocsp_fiddle();
+
+ if (exim_testharness_disable_ocsp_validity_check)
+ gnutls_certificate_set_flags(state->x509_cred,
+ GNUTLS_CERTIFICATE_API_V2 | GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK);
+ }
+# endif
#endif
/* remember: expand_check_tlsvar() is expand_check() but fiddling with
/* tls_privatekey is optional, defaulting to same file as certificate */
-if (state->tls_privatekey == NULL || *state->tls_privatekey == '\0')
+if (!state->tls_privatekey || !*state->tls_privatekey)
{
state->tls_privatekey = state->tls_certificate;
state->exp_tls_privatekey = state->exp_tls_certificate;
const uschar * olist;
int csep = 0, ksep = 0, osep = 0, cnt = 0;
uschar * cfile, * kfile, * ofile;
-
#ifndef DISABLE_OCSP
+# ifdef SUPPORT_GNUTLS_EXT_RAW_PARSE
+ gnutls_x509_crt_fmt_t ocsp_fmt = GNUTLS_X509_FMT_DER;
+# endif
+
if (!expand_check(tls_ocsp_file, US"tls_ocsp_file", &ofile, errstr))
return DEFER;
olist = ofile;
else
{
int gnutls_cert_index = -rc;
- DEBUG(D_tls) debug_printf("TLS: cert/key %d %s registered\n", gnutls_cert_index, cfile);
-
- /* Set the OCSP stapling server info */
+ DEBUG(D_tls) debug_printf("TLS: cert/key %d %s registered\n",
+ gnutls_cert_index, cfile);
#ifndef DISABLE_OCSP
if (tls_ocsp_file)
{
+ /* Set the OCSP stapling server info */
if (gnutls_buggy_ocsp)
{
DEBUG(D_tls)
}
else if ((ofile = string_nextinlist(&olist, &osep, NULL, 0)))
{
- DEBUG(D_tls) debug_printf("OCSP response file = %s\n", ofile);
-
+ DEBUG(D_tls) debug_printf("OCSP response file %d = %s\n",
+ gnutls_cert_index, ofile);
# ifdef SUPPORT_GNUTLS_EXT_RAW_PARSE
- if (f.running_in_test_harness) tls_server_testharness_ocsp_fiddle();
-
- if (!exim_testharness_disable_ocsp_validity_check)
+ if (Ustrncmp(ofile, US"PEM ", 4) == 0)
{
- if ((rc = gnutls_certificate_set_ocsp_status_request_file2(
- state->x509_cred, CCS ofile, gnutls_cert_index,
- GNUTLS_X509_FMT_DER)) < 0)
- return tls_error_gnu(
- US"gnutls_certificate_set_ocsp_status_request_file2",
- rc, host, errstr);
+ ocsp_fmt = GNUTLS_X509_FMT_PEM;
+ ofile += 4;
+ }
+ else if (Ustrncmp(ofile, US"DER ", 4) == 0)
+ {
+ ocsp_fmt = GNUTLS_X509_FMT_DER;
+ ofile += 4;
+ }
- /* Arrange callbacks for OCSP request observability */
+ if ((rc = gnutls_certificate_set_ocsp_status_request_file2(
+ state->x509_cred, CCS ofile, gnutls_cert_index,
+ ocsp_fmt)) < 0)
+ return tls_error_gnu(
+ US"gnutls_certificate_set_ocsp_status_request_file2",
+ rc, host, errstr);
+ DEBUG(D_tls)
+ debug_printf(" %d response%s loaded\n", rc, rc>1 ? "s":"");
- gnutls_handshake_set_hook_function(state->session,
- GNUTLS_HANDSHAKE_ANY, GNUTLS_HOOK_POST, tls_server_hook_cb);
- }
- else
-# elif defined(SUPPORT_SRV_OCSP_STACK)
+ /* Arrange callbacks for OCSP request observability */
+
+ gnutls_handshake_set_hook_function(state->session,
+ GNUTLS_HANDSHAKE_ANY, GNUTLS_HOOK_POST, tls_server_hook_cb);
+
+# else
+# if defined(SUPPORT_SRV_OCSP_STACK)
if ((rc = gnutls_certificate_set_ocsp_status_request_function2(
state->x509_cred, gnutls_cert_index,
server_ocsp_stapling_cb, ofile)))
US"gnutls_certificate_set_ocsp_status_request_function2",
rc, host, errstr);
else
-# endif
+# endif
{
if (cnt++ > 0)
{
gnutls_certificate_set_ocsp_status_request_function(
state->x509_cred, server_ocsp_stapling_cb, ofile);
}
+# endif /* SUPPORT_GNUTLS_EXT_RAW_PARSE */
}
else
DEBUG(D_tls) debug_printf("ran out of OCSP response files in list\n");
debug_printf("%s\n", gnutls_session_get_desc(state->session));
#endif
#ifdef SUPPORT_GNUTLS_KEYLOG
-# ifdef GNUTLS_TLS1_3
+
+# ifdef EXIM_HAVE_TLS1_3
if (gnutls_protocol_get_version(state->session) < GNUTLS_TLS1_3)
#else
if (TRUE)
" set environment variable SSLKEYLOGFILE to a filename writable by uid exim\n"
" add SSLKEYLOGFILE to keep_environment in the exim config\n"
" run exim as root\n"
- " if using sudo, add SSLKEYLOGFILE to env_keep in /etc/sudoers\n");
+ " if using sudo, add SSLKEYLOGFILE to env_keep in /etc/sudoers\n"
+ " (works for TLS1.2 also, and saves cut-paste into file)\n");
#endif
}
gnutls_datum_t stapling;
gnutls_ocsp_resp_t resp;
gnutls_datum_t printed;
- if ( (rc= gnutls_ocsp_status_request_get(state->session, &stapling)) == 0
- && (rc= gnutls_ocsp_resp_init(&resp)) == 0
- && (rc= gnutls_ocsp_resp_import(resp, &stapling)) == 0
- && (rc= gnutls_ocsp_resp_print(resp, GNUTLS_OCSP_PRINT_FULL, &printed)) == 0
- )
- {
- debug_printf("%.4096s", printed.data);
- gnutls_free(printed.data);
- }
- else
+ unsigned idx = 0;
+
+ for (;
+# ifdef GNUTLS_OCSP_STATUS_REQUEST_GET2
+ (rc = gnutls_ocsp_status_request_get2(state->session, idx, &stapling)) == 0;
+#else
+ (rc = gnutls_ocsp_status_request_get(state->session, &stapling)) == 0;
+#endif
+ idx++)
+ if ( (rc= gnutls_ocsp_resp_init(&resp)) == 0
+ && (rc= gnutls_ocsp_resp_import(resp, &stapling)) == 0
+ && (rc= gnutls_ocsp_resp_print(resp, GNUTLS_OCSP_PRINT_COMPACT, &printed)) == 0
+ )
+ {
+ debug_printf("%.4096s", printed.data);
+ gnutls_free(printed.data);
+ }
+ else
+ (void) tls_error_gnu(US"ocsp decode", rc, state->host, errstr);
+ if (idx == 0 && rc)
(void) tls_error_gnu(US"ocsp decode", rc, state->host, errstr);
}
# ifdef EXPERIMENTAL_TLS_RESUME
builtin_macro_create_var(US"_RESUME_DECODE", RESUME_DECODE_STRING );
# endif
+# ifdef SSL_OP_NO_TLSv1_3
+builtin_macro_create(US"_HAVE_TLS1_3");
+# endif
}
#else
--- /dev/null
+OCSP Response Information:
+ Response Status: Successful
+ Response Type: Basic OCSP Response
+ Version: 1
+ Responder ID: CN=clica CA rsa,O=example.com
+ Produced At: Thu Sep 26 12:14:05 UTC 2019
+ Responses:
+ Certificate ID:
+ Hash Algorithm: SHA256
+ Issuer Name Hash: bfa7275a566efd4be2df82dbd9d1290d470186f6ff2acd8c16659f342ab56109
+ Issuer Key Hash: 208f9d28c7c0bc914144dfa8c0be3d5b3bfcebb622c8a8dc27e865fc06ca0e12
+ Serial Number: 41
+ Certificate Status: good
+ This Update: Thu Sep 26 12:14:05 UTC 2019
+ Next Update: Tue Sep 25 12:14:05 UTC 2029
+ Extensions:
+ Signature Algorithm: RSA-SHA256
+
+-----BEGIN OCSP RESPONSE-----
+MIIB+goBAKCCAfMwggHvBgkrBgEFBQcwAQEEggHgMIIB3DCBxaEvMC0xFDASBgNV
+BAoTC2V4YW1wbGUuY29tMRUwEwYDVQQDEwxjbGljYSBDQSByc2EYDzIwMTkwOTI2
+MTIxNDA1WjCBgDB+MFYwDQYJYIZIAWUDBAIBBQAEIL+nJ1pWbv1L4t+C29nRKQ1H
+AYb2/yrNjBZlnzQqtWEJBCAgj50ox8C8kUFE36jAvj1bO/zrtiLIqNwn6GX8BsoO
+EgIBQYAAGA8yMDE5MDkyNjEyMTQwNVqgERgPMjAyOTA5MjUxMjE0MDVaMA0GCSqG
+SIb3DQEBCwUAA4IBAQAIVtY+mV3cbK0Z/itrRAJKrQGjWz4nUKK2t84KN/K/NxJd
+oDvgN9sp4qp8P0RDE/fwqDLTNp35/7vHPaSB5Bi+L6U2aUwz46LJsX0/q6DuprE+
+e6Z8rOrfycACBY18h8X3foCJwP3/Igon1B7ERbJHYKut77eXJh8EEpxQDxYaDdoj
+d0aFylyMjNH5Cm1nSkksC0islm5sk+ggEZjOnvM6y6ZzlPHl1nyI6TOWrTSoqm69
+mK2Gf9V59oHJPSM3OaVWL5OoUIZ57RrtDdxs3H3HO8QNPCSJY80Dk2uwpZICzYP3
+ko2KEu5rKChZ74PB59D6wAuUTEYdzF08s9waWL1m
+-----END OCSP RESPONSE-----
--- /dev/null
+OCSP Response Information:
+ Response Status: Successful
+ Response Type: Basic OCSP Response
+ Version: 1
+ Responder ID: CN=clica CA rsa,O=example.com
+ Produced At: Wed Sep 25 16:52:00 UTC 2019
+ Responses:
+ Certificate ID:
+ Hash Algorithm: SHA256
+ Issuer Name Hash: bfa7275a566efd4be2df82dbd9d1290d470186f6ff2acd8c16659f342ab56109
+ Issuer Key Hash: 208f9d28c7c0bc914144dfa8c0be3d5b3bfcebb622c8a8dc27e865fc06ca0e12
+ Serial Number: 42
+ Certificate Status: good
+ This Update: Wed Sep 25 16:52:00 UTC 2019
+ Next Update: Mon Sep 24 16:52:00 UTC 2029
+ Extensions:
+ Signature Algorithm: RSA-SHA256
+
+-----BEGIN OCSP RESPONSE-----
+MIIB+goBAKCCAfMwggHvBgkrBgEFBQcwAQEEggHgMIIB3DCBxaEvMC0xFDASBgNV
+BAoTC2V4YW1wbGUuY29tMRUwEwYDVQQDEwxjbGljYSBDQSByc2EYDzIwMTkwOTI1
+MTY1MjAwWjCBgDB+MFYwDQYJYIZIAWUDBAIBBQAEIL+nJ1pWbv1L4t+C29nRKQ1H
+AYb2/yrNjBZlnzQqtWEJBCAgj50ox8C8kUFE36jAvj1bO/zrtiLIqNwn6GX8BsoO
+EgIBQoAAGA8yMDE5MDkyNTE2NTIwMFqgERgPMjAyOTA5MjQxNjUyMDBaMA0GCSqG
+SIb3DQEBCwUAA4IBAQAD/6WpB4+oK4S81aIp48J0CPqqPkd2tMBaAHZQ+0FG2A9c
+8VPPjWfVhTYikeILbVukABNpcP5G3bWOiTrYK0bp2f+Wf3NQyiP+VXj0pGmnX4lI
+Jwwg0ZvejHddoU192DTYu+fjj80YVOv09VHoehLsnsYPe16nW+2Ul2eDJ5IQv1qo
+5PUjRqc1X8W0ixAR34zXnkO+tDbpkGtUo/WcGt0zVxmoqXwvWsEG65PN/OYS2rEu
+q5TkTweFZllPdNfRJAXHBlZf1ndA9XpTzp4U/RGlWHP4Mp92BH9Ry50admEvObCe
+ayhmuSWTc/8mrunDn+qidRFYccHtDTeoAy2XRnGA
+-----END OCSP RESPONSE-----
--- /dev/null
+OCSP Response Information:
+ Response Status: Successful
+ Response Type: Basic OCSP Response
+ Version: 1
+ Responder ID: CN=clica CA rsa,O=example.com
+ Produced At: Thu Sep 26 07:51:09 UTC 2019
+ Responses:
+ Certificate ID:
+ Hash Algorithm: SHA256
+ Issuer Name Hash: bfa7275a566efd4be2df82dbd9d1290d470186f6ff2acd8c16659f342ab56109
+ Issuer Key Hash: 208f9d28c7c0bc914144dfa8c0be3d5b3bfcebb622c8a8dc27e865fc06ca0e12
+ Serial Number: 42
+ Certificate Status: revoked
+ Revocation time: Mon Feb 01 14:27:09 UTC 2010
+ This Update: Thu Sep 26 07:51:09 UTC 2019
+ Next Update: Tue Sep 25 07:51:09 UTC 2029
+ Extensions:
+ Signature Algorithm: RSA-SHA256
+
+-----BEGIN OCSP RESPONSE-----
+MIICEQoBAKCCAgowggIGBgkrBgEFBQcwAQEEggH3MIIB8zCB3KEvMC0xFDASBgNV
+BAoTC2V4YW1wbGUuY29tMRUwEwYDVQQDEwxjbGljYSBDQSByc2EYDzIwMTkwOTI2
+MDc1MTA5WjCBlzCBlDBWMA0GCWCGSAFlAwQCAQUABCC/pydaVm79S+LfgtvZ0SkN
+RwGG9v8qzYwWZZ80KrVhCQQgII+dKMfAvJFBRN+owL49Wzv867YiyKjcJ+hl/AbK
+DhICAUKhFhgPMjAxMDAyMDExNDI3MDlaoAMKAQQYDzIwMTkwOTI2MDc1MTA5WqAR
+GA8yMDI5MDkyNTA3NTEwOVowDQYJKoZIhvcNAQELBQADggEBABxA6J6zKoEXgmgG
+/I1hZc08x4T8WibqkGhS/1hcq66STgqYY1m3GmaOHQiwHhxsZzAUfOp1wChNgRCI
+x2pFp5rsQCZPvSL244SaTRqSK6eFONnic+s7nND3b/DZuelx3Zq1y/vrg+WaNxxt
+HWC1sRk2c/jAMqdHbH5obXzWB88qN8dh9Xwi8VXYCFlKjlURa6q6z5b5jhPI1BDW
+oLK66ZIzSxryPGu/70EWUAAMub5NAMhGi0Vf1eoIl87PMKQRaGTkwgKe3KgqU+o9
+Oa15HFRL0iFaVBxdYEQyy/MW6iSA+1KiyqSpWEZxCvisKjUTVopx/BiVb9sEpvwE
+yRNnGe8=
+-----END OCSP RESPONSE-----
R 130110200751Z 100201142709Z,superseded c9 unknown CN=server2.example.com
R 130110200751Z 100201142709Z,superseded ca unknown CN=revoked2.example.com
R 130110200751Z 100201142709Z,superseded cb unknown CN=expired2.example.com
+R 130110200751Z 100201142709Z,superseded 42 unknown CN=clica Signing Cert rsa
V 130110200751Z c9 unknown CN=server2.example.com
V 130110200751Z ca unknown CN=revoked2.example.com
V 130110200751Z cb unknown CN=expired2.example.com
+V 130110200751Z 42 unknown CN=clica Signing Cert rsa
+V 130110200751Z 41 unknown CN=clica CA rsa
rm -fr "$idir"
# create CA cert + templates
+ # -D dir to work in
+ # -p passwd for cert
+ # -B keysize in bits
+ # -I create CA cert
+ # -N org name
+ # -F create sub-signing cert
+ # -C CRL
+ # -O create OCSP responder cert
clica $V -D "$idir" -p password -B 2048 -I -N $iname -F -C http://crl.$iname/latest.crl -O http://oscp.$iname/
# create server certs
####
+ # so, for full-chain OCSP we sill want an OCSP resp for the Signer cert and also (?) one for the
+ # CA cert itself. The existing bits below only create for the leaf certs, next layer down.
+ #
+ # First test will be just adding OCSP for the Signer cert. Presumably we could use the CA cert
+ # to sign that.
+
# create OCSP reqs & resps
CADIR=$idir/CA
+
#give ourselves an OSCP key to work with
pk12util -o $CADIR/OCSP.p12 -n 'OCSP Signer rsa' -d $CADIR -K password -W password
openssl pkcs12 -in $CADIR/OCSP.p12 -passin pass:password -passout pass:password -nodes -nocerts -out $CADIR/OCSP.key
pk12util -o $CADIR/Signer.p12 -n 'Signing Cert rsa' -d $CADIR -K password -W password
openssl pkcs12 -in $CADIR/Signer.p12 -passin pass:password -passout pass:password -nodes -nocerts -out $CADIR/Signer.key
+ # ditto for CA
+ # - the "-n names" here appear to be hardcoded in clica
+ pk12util -o $CADIR/CA.p12 -n 'Certificate Authority rsa' -d $CADIR -K password -W password
+ openssl pkcs12 -in $CADIR/CA.p12 -passin pass:password -passout pass:password -nodes -nocerts -out $CADIR/CA.key
+
# create some index files for the ocsp responder to work with
-# tab-sep
+# tab-sep, and fields can be empty
# 0: Revoked/Expired/Valid letter
# 1: Expiry date (ASN1_UTCTIME)
# 2: Revocation date
-# 3: Serial no. (unique)
+# 3: Serial no. (unique, in hex)
# 4: file
# 5: DN, index
V 130110200751Z c9 unknown CN=server2.$iname
V 130110200751Z ca unknown CN=revoked2.$iname
V 130110200751Z cb unknown CN=expired2.$iname
+V 130110200751Z 42 unknown CN=clica Signing Cert rsa
+V 130110200751Z 41 unknown CN=clica CA rsa
EOF
cat >$CADIR/index.revoked.txt <<EOF
R 130110200751Z 100201142709Z,superseded 65 unknown CN=server1.$iname
R 130110200751Z 100201142709Z,superseded c9 unknown CN=server2.$iname
R 130110200751Z 100201142709Z,superseded ca unknown CN=revoked2.$iname
R 130110200751Z 100201142709Z,superseded cb unknown CN=expired2.$iname
+R 130110200751Z 100201142709Z,superseded 42 unknown CN=clica Signing Cert rsa
EOF
- # Now create all the ocsp requests and responses
+ # Now create all the ocsp requests and responses for the leaf certs
IVALID="-index $CADIR/index.valid.txt"
IREVOKED="-index $CADIR/index.revoked.txt"
openssl ocsp -issuer $CADIR/Signer.pem -sha256 -cert $SPFX.pem -no_nonce -reqout $SPFX.ocsp.req
REQIN="-reqin $SPFX.ocsp.req"
+ # These ones get used by the "traditional" testcases. OCSP resp signed by a cert which is
+ # signed by the signer of the leaf-cert being attested to.
OGENCOMMON="-rsigner $CADIR/OCSP.pem -rkey $CADIR/OCSP.key -CA $CADIR/Signer.pem -noverify"
openssl ocsp $IVALID $OGENCOMMON -ndays 3652 $REQIN -respout $SPFX.ocsp.good.resp
openssl ocsp $IVALID $OGENCOMMON -ndays 30 $REQIN -respout $SPFX.ocsp.dated.resp
openssl ocsp $IVALID $OGENCOMMON -ndays 30 $REQIN -respout $SPFX.ocsp.signer.dated.resp
openssl ocsp $IREVOKED $OGENCOMMON -ndays 3652 $REQIN -respout $SPFX.ocsp.signer.revoked.resp
+ # These ones get used by the "LetsEncrypt mode" testcases. OCSP resp is signed directly by the
+ # signer of the leaf-cert being attested to.
OGENCOMMON="-rsigner $CADIR/Signer.pem -rkey $CADIR/Signer.key -CA $CADIR/Signer.pem -resp_no_certs -noverify"
openssl ocsp $IVALID $OGENCOMMON -ndays 3652 $REQIN -respout $SPFX.ocsp.signernocert.good.resp
openssl ocsp $IVALID $OGENCOMMON -ndays 30 $REQIN -respout $SPFX.ocsp.signernocert.dated.resp
openssl ocsp $IREVOKED $OGENCOMMON -ndays 3652 $REQIN -respout $SPFX.ocsp.signernocert.revoked.resp
done
+
+ # convert one good leaf-resp to PEM
+ $server=server1
+ RESP=$idir/$server.$iname/$server.$iname.ocsp.signernocert.good.resp
+ ocsptool -S $RESP -j > $RESP.pem
+
+ # Then, ocsp request and responses for the signer cert
+ REQ=$CADIR/Signer.ocsp.req
+ RESP=$CADIR/Signer.ocsp.signernocert.good.resp
+ openssl ocsp -issuer $CADIR/CA.pem -sha256 -cert $CADIR/Signer.pem -no_nonce -reqout $REQ
+ openssl ocsp $IVALID -rsigner $CADIR/CA.pem -rkey $CADIR/CA.key -CA $CADIR/CA.pem -resp_no_certs -noverify \
+ -ndays 3652 -reqin $REQ -respout $RESP
+ ocsptool -S $RESP -j > $RESP.pem
+
+ RESP=$CADIR/Signer.ocsp.signernocert.revoked.resp
+ openssl ocsp $IREVOKED -rsigner $CADIR/CA.pem -rkey $CADIR/CA.key -CA $CADIR/CA.pem -resp_no_certs -noverify \
+ -ndays 3652 -reqin $REQ -respout $RESP
+ ocsptool -S $RESP -j > $RESP.pem
+
+ # Then, ocsp request and response for the CA cert
+ REQ=$CADIR/CA.ocsp.req
+ RESP=$CADIR/CA.ocsp.signernocert.good.resp
+ openssl ocsp -issuer $CADIR/CA.pem -sha256 -cert $CADIR/CA.pem -no_nonce -reqout $REQ
+ openssl ocsp $IVALID -rsigner $CADIR/CA.pem -rkey $CADIR/CA.key -CA $CADIR/CA.pem -resp_no_certs -noverify \
+ -ndays 3652 -reqin $REQ -respout $RESP
+ ocsptool -S $RESP -j > $RESP.pem
+
####
done
-keep_environment = PATH:SSLKEYLOGFILE
+keep_environment = PATH:SSLKEYLOGFILE:EXIM_TESTHARNESS_DISABLE_OCSPVALIDITYCHECK
exim_path = EXIM_PATH
host_lookup_order = bydns
spool_directory = DIR/spool
+++ /dev/null
-# Exim test configuration 5652
-# OCSP stapling, server, multiple certs
-
-.include DIR/aux-var/tls_conf_prefix
-
-primary_hostname = server1.example.com
-
-# ----- Main settings -----
-
-acl_smtp_mail = check_mail
-acl_smtp_rcpt = check_recipient
-
-log_selector = +tls_peerdn
-
-queue_only
-queue_run_in_order
-
-tls_advertise_hosts = *
-
-CADIR = DIR/aux-fixed/exim-ca
-DRSA = CADIR/example.com
-DECDSA = CADIR/example_ec.com
-
-tls_certificate = DRSA/server1.example.com/server1.example.com.pem \
- : DECDSA/server1.example_ec.com/server1.example_ec.com.pem
-tls_privatekey = DRSA/server1.example.com/server1.example.com.unlocked.key \
- : DECDSA/server1.example_ec.com/server1.example_ec.com.unlocked.key
-tls_ocsp_file = DRSA/server1.example.com/server1.example.com.ocsp.good.resp \
- : DECDSA/server1.example_ec.com/server1.example_ec.com.ocsp.good.resp
-
-
-tls_require_ciphers = NORMAL:!VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.0
-
-# ------ ACL ------
-
-begin acl
-
-check_mail:
- accept logwrite = acl_mail: ocsp in status: $tls_in_ocsp \
- (${listextract {${eval:$tls_in_ocsp+1}} \
- {notreq:notresp:vfynotdone:failed:verified}})
-
-check_recipient:
- accept
-
-
-# ----- Routers -----
-
-begin routers
-
-client:
- driver = manualroute
- condition = ${if !eq {SERVER}{server}}
- route_list = * 127.0.0.1
- self = send
- transport = remote_delivery
- errors_to = ""
-
-srvr:
- driver = accept
- retry_use_local_part
- transport = local_delivery
-
-
-# ----- Transports -----
-
-begin transports
-
-remote_delivery:
- driver = smtp
- port = PORT_D
- hosts_require_tls = *
- tls_require_ciphers = OPT
- hosts_require_ocsp = *
- tls_verify_certificates = CERT
- tls_verify_cert_hostnames = :
-
-local_delivery:
- driver = appendfile
- file = DIR/test-mail/$local_part
- headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn
- user = CALLER
-
-# End
--- /dev/null
+# Exim test configuration 5655
+# OCSP stapling, server, multiple chain-element OCSP
+
+.include DIR/aux-var/tls_conf_prefix
+
+primary_hostname = server1.example.com
+
+# ----- Main settings -----
+
+acl_smtp_connect = accept logwrite = ${env {SSLKEYLOGFILE}}
+acl_smtp_mail = check_mail
+acl_smtp_rcpt = check_recipient
+
+log_selector = +tls_peerdn
+
+queue_only
+queue_run_in_order
+
+tls_advertise_hosts = *
+
+CADIR = DIR/aux-fixed/exim-ca
+DRSA = CADIR/example.com
+DECDSA = CADIR/example_ec.com
+
+tls_certificate = DRSA/server1.example.com/fullchain.pem \
+ : DECDSA/server1.example_ec.com/server1.example_ec.com.pem
+tls_privatekey = DRSA/server1.example.com/server1.example.com.unlocked.key \
+ : DECDSA/server1.example_ec.com/server1.example_ec.com.unlocked.key
+
+.ifndef CONTROL
+tls_ocsp_file = PEM DIR/tmp/ocsp/triple.ocsp.pem \
+ : DER DECDSA/server1.example_ec.com/server1.example_ec.com.ocsp.good.resp
+.else
+tls_ocsp_file = PEM DIR/tmp/ocsp/double_r.ocsp.pem \
+ : DER DECDSA/server1.example_ec.com/server1.example_ec.com.ocsp.good.resp
+.endif
+
+
+.ifdef _HAVE_GNUTLS
+tls_require_ciphers = ${if eq {LIMIT}{TLS1.2} {NORMAL:!VERS-ALL:+VERS-TLS1.2} {}}
+.endif
+
+# ------ ACL ------
+
+begin acl
+
+check_mail:
+ accept logwrite = acl_mail: ocsp in status: $tls_in_ocsp \
+ (${listextract {${eval:$tls_in_ocsp+1}} \
+ {notreq:notresp:vfynotdone:failed:verified}})
+
+check_recipient:
+ accept
+
+
+# ----- Routers -----
+
+begin routers
+
+client:
+ driver = manualroute
+ condition = ${if !eq {SERVER}{server}}
+ route_list = * 127.0.0.1
+ self = send
+ transport = remote_delivery
+ errors_to = ""
+
+srvr:
+ driver = accept
+ retry_use_local_part
+ transport = local_delivery
+
+
+# ----- Transports -----
+
+begin transports
+
+remote_delivery:
+ driver = smtp
+ port = PORT_D
+ hosts_require_tls = *
+.ifdef _HAVE_GNUTLS
+
+ tls_require_ciphers = ${if eq {LIMIT}{TLS1.2} \
+ {NONE:\
+ ${if eq {OPT}{rsa} \
+ {+SIGN-RSA-SHA256:+VERS-TLS-ALL:+ECDHE-RSA:+DHE-RSA:+RSA} \
+ {+SIGN-ECDSA-SHA512:+VERS-TLS-ALL:+KX-ALL}}\
+ :+CIPHER-ALL:+MAC-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509} \
+ {}}
+ tls_verify_certificates = CADIR/\
+ ${if eq {OPT}{rsa} \
+ {example.com/server1.example.com} \
+ {example_ec.com/server1.example_ec.com}}\
+ /ca_chain.pem
+.endif
+ hosts_require_ocsp = *
+ tls_verify_cert_hostnames = :
+
+local_delivery:
+ driver = appendfile
+ file = DIR/test-mail/$local_part
+ headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn
+ user = CALLER
+
+# End
+++ /dev/null
-1999-03-02 09:44:33 1: Server sends good staple on request, to client requiring RSA auth
-1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss
-1999-03-02 09:44:33 10HmaX-0005vi-00 => rsa.auth@test.ex R=client T=remote_delivery H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmaY-0005vi-00"
-1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
-
-******** SERVER ********
-1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
-1999-03-02 09:44:33 acl_mail: ocsp in status: 4 (verified)
-1999-03-02 09:44:33 10HmaY-0005vi-00 <= <> H=localhost (server1.example.com) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-0005vi-00@server1.example.com
--- /dev/null
+1999-03-02 09:44:33 1: TLS1.2 Server sends good leaf-staple on request, to client requiring RSA auth
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmaX-0005vi-00 => rsa.auth@test.ex R=client T=remote_delivery H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
+1999-03-02 09:44:33 2: TLS1.3 Server sends good 3-element staple on request, to client requiring RSA auth
+1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmaZ-0005vi-00 => rsa.auth@test.ex R=client T=remote_delivery H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00"
+1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
+1999-03-02 09:44:33 3: TLS1.3 Server sends bad nonleaf staple, client detects it
+1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmbB-0005vi-00 == rsa.auth@test.ex R=client T=remote_delivery defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (certificate status check failed)
+1999-03-02 09:44:33 10HmbB-0005vi-00 ** rsa.auth@test.ex: retry timeout exceeded
+1999-03-02 09:44:33 10HmbB-0005vi-00 rsa.auth@test.ex: error ignored
+1999-03-02 09:44:33 10HmbB-0005vi-00 Completed
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33
+1999-03-02 09:44:33 acl_mail: ocsp in status: 4 (verified)
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= <> H=localhost (server1.example.com) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-0005vi-00@server1.example.com
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33
+1999-03-02 09:44:33 acl_mail: ocsp in status: 1 (notresp)
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= <> H=localhost (server1.example.com) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-0005vi-00@server1.example.com
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33
+1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): The TLS connection was non-properly terminated.
--- /dev/null
+# OCSP stapling, server, multiple chain-element OCSP
+#
+#
+#
+mkdir -p DIR/tmp/ocsp
+sudo chown -R EXIMUSER:EXIMGROUP tmp
+sudo chmod -R a+rwx DIR/tmp/ocsp
+perl
+chdir 'aux-fixed/exim-ca/example.com';
+system 'cat server1.example.com/server1.example.com.ocsp.signernocert.good.resp.pem CA/Signer.ocsp.signernocert.good.resp.pem CA/CA.ocsp.signernocert.good.resp.pem > DIR/tmp/ocsp/triple.ocsp.pem';
+system 'cat server1.example.com/server1.example.com.ocsp.signernocert.good.resp.pem CA/Signer.ocsp.signernocert.revoked.resp.pem > DIR/tmp/ocsp/double_r.ocsp.pem';
+****
+#
+#
+exim -z '1: TLS1.2 Server sends good leaf-staple on request, to client requiring RSA auth'
+****
+#
+exim -bd -oX PORT_D -DSERVER=server -DLIMIT=TLS1.2
+****
+#
+exim -odf -DOPT=rsa -DLIMIT=TLS1.2 rsa.auth@test.ex
+Subject: test
+
+.
+****
+killdaemon
+#
+#
+exim -z '2: TLS1.3 Server sends good 3-element staple on request, to client requiring RSA auth'
+****
+#
+exim -bd -oX PORT_D -DSERVER=server -DLIMIT=TLS1.3
+****
+exim -odf -DOPT=rsa rsa.auth@test.ex
+Subject: test
+
+.
+****
+killdaemon
+#
+#
+#
+exim -z '3: TLS1.3 Server sends bad nonleaf staple, client detects it'
+****
+#
+EXIM_TESTHARNESS_DISABLE_OCSPVALIDITYCHECK=y exim -bd -oX PORT_D -DSERVER=server -DLIMIT=TLS1.3 -DCONTROL=bad
+****
+exim -odf -DOPT=rsa rsa.auth@test.ex
+Subject: test
+
+.
+****
+killdaemon
+#
+#
+#
+#
+sudo rm -fr tmp/
+no_msglog_check
--- /dev/null
+support GnuTLS
+support OCSP
+running IPv4
+feature _HAVE_TLS1_3
git://git.exim.org / exim.git / commitdiff