* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2014 */
+/* Copyright (c) University of Cambridge 1995 - 2015 */
/* See the file NOTICE for conditions of use and distribution. */
/* Copyright (c) Phil Pennock 2012 */
The code herein is a revamp of GnuTLS integration using the current APIs; the
original tls-gnu.c was based on a patch which was contributed by Nikos
-Mavroyanopoulos. The revamp is partially a rewrite, partially cut&paste as
+Mavrogiannopoulos. The revamp is partially a rewrite, partially cut&paste as
appropriate.
APIs current as of GnuTLS 2.12.18; note that the GnuTLS manual is for GnuTLS 3,
/* needed to disable PKCS11 autoload unless requested */
#if GNUTLS_VERSION_NUMBER >= 0x020c00
# include <gnutls/pkcs11.h>
+# define SUPPORT_PARAM_TO_PK_BITS
#endif
#if GNUTLS_VERSION_NUMBER < 0x030103 && !defined(DISABLE_OCSP)
# warning "GnuTLS library version too old; define DISABLE_OCSP in Makefile"
# define DISABLE_OCSP
#endif
-#if GNUTLS_VERSION_NUMBER < 0x020a00 && defined(EXPERIMENTAL_EVENT)
+#if GNUTLS_VERSION_NUMBER < 0x020a00 && !defined(DISABLE_EVENT)
# warning "GnuTLS library version too old; tls:cert event unsupported"
-# undef EXPERIMENTAL_EVENT
+# define DISABLE_EVENT
#endif
#if GNUTLS_VERSION_NUMBER >= 0x030306
# define SUPPORT_CA_DIR
#else
# undef SUPPORT_CA_DIR
#endif
-#if GNUTLS_VERSION_NUMBER >= 0x030314
+#if GNUTLS_VERSION_NUMBER >= 0x030014
# define SUPPORT_SYSDEFAULT_CABUNDLE
#endif
+#if GNUTLS_VERSION_NUMBER >= 0x030109
+# define SUPPORT_CORK
+#endif
#ifndef DISABLE_OCSP
# include <gnutls/ocsp.h>
uschar *exp_tls_crl;
uschar *exp_tls_require_ciphers;
uschar *exp_tls_ocsp_file;
- uschar *exp_tls_verify_cert_hostnames;
-#ifdef EXPERIMENTAL_EVENT
+ const uschar *exp_tls_verify_cert_hostnames;
+#ifndef DISABLE_EVENT
uschar *event_action;
#endif
} exim_gnutls_state_st;
static const exim_gnutls_state_st exim_gnutls_state_init = {
- NULL, NULL, NULL, VERIFY_NONE, -1, -1, FALSE, FALSE, FALSE,
- NULL, NULL, NULL, NULL,
- NULL, NULL, NULL, NULL, NULL, NULL,
- NULL, NULL, NULL, NULL, NULL, NULL, NULL,
- NULL,
-#ifdef EXPERIMENTAL_EVENT
- NULL,
+ .session = NULL,
+ .x509_cred = NULL,
+ .priority_cache = NULL,
+ .verify_requirement = VERIFY_NONE,
+ .fd_in = -1,
+ .fd_out = -1,
+ .peer_cert_verified = FALSE,
+ .trigger_sni_changes =FALSE,
+ .have_set_peerdn = FALSE,
+ .host = NULL,
+ .peercert = NULL,
+ .peerdn = NULL,
+ .ciphersuite = NULL,
+ .received_sni = NULL,
+
+ .tls_certificate = NULL,
+ .tls_privatekey = NULL,
+ .tls_sni = NULL,
+ .tls_verify_certificates = NULL,
+ .tls_crl = NULL,
+ .tls_require_ciphers =NULL,
+
+ .exp_tls_certificate = NULL,
+ .exp_tls_privatekey = NULL,
+ .exp_tls_verify_certificates = NULL,
+ .exp_tls_crl = NULL,
+ .exp_tls_require_ciphers = NULL,
+ .exp_tls_ocsp_file = NULL,
+ .exp_tls_verify_cert_hostnames = NULL,
+#ifndef DISABLE_EVENT
+ .event_action = NULL,
#endif
- NULL,
- NULL, 0, 0, 0, 0,
+ .tlsp = NULL,
+
+ .xfer_buffer = NULL,
+ .xfer_buffer_lwm = 0,
+ .xfer_buffer_hwm = 0,
+ .xfer_eof = 0,
+ .xfer_error = 0,
};
/* Not only do we have our own APIs which don't pass around state, assuming
static BOOL exim_gnutls_base_init_done = FALSE;
+#ifndef DISABLE_OCSP
+static BOOL gnutls_buggy_ocsp = FALSE;
+#endif
+
/* ------------------------------------------------------------------------ */
/* macros */
#endif
#define exim_gnutls_err_check(Label) do { \
- if (rc != GNUTLS_E_SUCCESS) { return tls_error((Label), gnutls_strerror(rc), host); } } while (0)
+ if (rc != GNUTLS_E_SUCCESS) \
+ return tls_error((Label), gnutls_strerror(rc), host, errstr); \
+ } while (0)
-#define expand_check_tlsvar(Varname) expand_check(state->Varname, US #Varname, &state->exp_##Varname)
+#define expand_check_tlsvar(Varname, errstr) \
+ expand_check(state->Varname, US #Varname, &state->exp_##Varname, errstr)
#if GNUTLS_VERSION_NUMBER >= 0x020c00
# define HAVE_GNUTLS_SESSION_CHANNEL_BINDING
usually obtained from gnutls_strerror()
host NULL if setting up a server;
the connected host if setting up a client
+ errstr pointer to returned error string
Returns: OK/DEFER/FAIL
*/
static int
-tls_error(const uschar *prefix, const char *msg, const host_item *host)
+tls_error(const uschar *prefix, const char *msg, const host_item *host,
+ uschar ** errstr)
{
-if (host)
- {
- log_write(0, LOG_MAIN, "H=%s [%s] TLS error on connection (%s)%s%s",
- host->name, host->address, prefix, msg ? ": " : "", msg ? msg : "");
- return FAIL;
- }
-else
- {
- uschar *conn_info = smtp_get_connection_info();
- if (Ustrncmp(conn_info, US"SMTP ", 5) == 0)
- conn_info += 5;
- /* I'd like to get separated H= here, but too hard for now */
- log_write(0, LOG_MAIN, "TLS error on %s (%s)%s%s",
- conn_info, prefix, msg ? ": " : "", msg ? msg : "");
- return DEFER;
- }
+if (errstr)
+ *errstr = string_sprintf("(%s)%s%s", prefix, msg ? ": " : "", msg ? msg : "");
+return host ? FAIL : DEFER;
}
static void
record_io_error(exim_gnutls_state_st *state, int rc, uschar *when, uschar *text)
{
-const char *msg;
+const char * msg;
+uschar * errstr;
if (rc == GNUTLS_E_FATAL_ALERT_RECEIVED)
msg = CS string_sprintf("%s: %s", US gnutls_strerror(rc),
else
msg = gnutls_strerror(rc);
-tls_error(when, msg, state->host);
+(void) tls_error(when, msg, state->host, &errstr);
+
+if (state->host)
+ log_write(0, LOG_MAIN, "H=%s [%s] TLS error on connection %s",
+ state->host->name, state->host->address, errstr);
+else
+ {
+ uschar * conn_info = smtp_get_connection_info();
+ if (Ustrncmp(conn_info, US"SMTP ", 5) == 0) conn_info += 5;
+ /* I'd like to get separated H= here, but too hard for now */
+ log_write(0, LOG_MAIN, "TLS error on %s %s", conn_info, errstr);
+ }
}
} while (0)
static int
-import_cert(const gnutls_datum * cert, gnutls_x509_crt_t * crtp)
+import_cert(const gnutls_datum_t * cert, gnutls_x509_crt_t * crtp)
{
int rc;
} else {
old_pool = store_pool;
store_pool = POOL_PERM;
- tls_channelbinding_b64 = auth_b64encode(channel.data, (int)channel.size);
+ tls_channelbinding_b64 = b64encode(channel.data, (int)channel.size);
store_pool = old_pool;
DEBUG(D_tls) debug_printf("Have channel bindings cached for possible auth usage.\n");
}
/* record our certificate */
{
- const gnutls_datum * cert = gnutls_certificate_get_ours(state->session);
+ const gnutls_datum_t * cert = gnutls_certificate_get_ours(state->session);
gnutls_x509_crt_t crt;
tlsp->ourcert = cert && import_cert(cert, &crt)==0 ? crt : NULL;
*/
static int
-init_server_dh(void)
+init_server_dh(uschar ** errstr)
{
int fd, rc;
unsigned int dh_bits;
-gnutls_datum m;
+gnutls_datum_t m;
uschar filename_buf[PATH_MAX];
uschar *filename = NULL;
size_t sz;
m.data = NULL;
m.size = 0;
-if (!expand_check(tls_dhparam, US"tls_dhparam", &exp_tls_dhparam))
+if (!expand_check(tls_dhparam, US"tls_dhparam", &exp_tls_dhparam, errstr))
return DEFER;
if (!exp_tls_dhparam)
}
else if (exp_tls_dhparam[0] != '/')
{
- m.data = US std_dh_prime_named(exp_tls_dhparam);
- if (m.data == NULL)
- return tls_error(US"No standard prime named", CS exp_tls_dhparam, NULL);
+ if (!(m.data = US std_dh_prime_named(exp_tls_dhparam)))
+ return tls_error(US"No standard prime named", CS exp_tls_dhparam, NULL, errstr);
m.size = Ustrlen(m.data);
}
else
different filename and ensure we have sufficient bits. */
dh_bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_NORMAL);
if (!dh_bits)
- return tls_error(US"gnutls_sec_param_to_pk_bits() failed", NULL, NULL);
+ return tls_error(US"gnutls_sec_param_to_pk_bits() failed", NULL, NULL, errstr);
DEBUG(D_tls)
debug_printf("GnuTLS tells us that for D-H PK, NORMAL is %d bits.\n",
dh_bits);
{
if (!string_format(filename_buf, sizeof(filename_buf),
"%s/gnutls-params-%d", spool_directory, dh_bits))
- return tls_error(US"overlong filename", NULL, NULL);
+ return tls_error(US"overlong filename", NULL, NULL, errstr);
filename = filename_buf;
}
/* Open the cache file for reading and if successful, read it and set up the
parameters. */
-fd = Uopen(filename, O_RDONLY, 0);
-if (fd >= 0)
+if ((fd = Uopen(filename, O_RDONLY, 0)) >= 0)
{
struct stat statbuf;
FILE *fp;
{
saved_errno = errno;
(void)close(fd);
- return tls_error(US"TLS cache stat failed", strerror(saved_errno), NULL);
+ return tls_error(US"TLS cache stat failed", strerror(saved_errno), NULL, errstr);
}
if (!S_ISREG(statbuf.st_mode))
{
(void)close(fd);
- return tls_error(US"TLS cache not a file", NULL, NULL);
+ return tls_error(US"TLS cache not a file", NULL, NULL, errstr);
}
- fp = fdopen(fd, "rb");
- if (!fp)
+ if (!(fp = fdopen(fd, "rb")))
{
saved_errno = errno;
(void)close(fd);
return tls_error(US"fdopen(TLS cache stat fd) failed",
- strerror(saved_errno), NULL);
+ strerror(saved_errno), NULL, errstr);
}
m.size = statbuf.st_size;
- m.data = malloc(m.size);
- if (m.data == NULL)
+ if (!(m.data = malloc(m.size)))
{
fclose(fp);
- return tls_error(US"malloc failed", strerror(errno), NULL);
+ return tls_error(US"malloc failed", strerror(errno), NULL, errstr);
}
- sz = fread(m.data, m.size, 1, fp);
- if (!sz)
+ if (!(sz = fread(m.data, m.size, 1, fp)))
{
saved_errno = errno;
fclose(fp);
free(m.data);
- return tls_error(US"fread failed", strerror(saved_errno), NULL);
+ return tls_error(US"fread failed", strerror(saved_errno), NULL, errstr);
}
fclose(fp);
}
else
return tls_error(string_open_failed(errno, "\"%s\" for reading", filename),
- NULL, NULL);
+ NULL, NULL, errstr);
/* If ret < 0, either the cache file does not exist, or the data it contains
is not useful. One particular case of this is when upgrading from an older
if ((PATH_MAX - Ustrlen(filename)) < 10)
return tls_error(US"Filename too long to generate replacement",
- CS filename, NULL);
+ CS filename, NULL, errstr);
temp_fn = string_copy(US "%s.XXXXXXX");
- fd = mkstemp(CS temp_fn); /* modifies temp_fn */
- if (fd < 0)
- return tls_error(US"Unable to open temp file", strerror(errno), NULL);
+ if ((fd = mkstemp(CS temp_fn)) < 0) /* modifies temp_fn */
+ return tls_error(US"Unable to open temp file", strerror(errno), NULL, errstr);
(void)fchown(fd, exim_uid, exim_gid); /* Probably not necessary */
/* GnuTLS overshoots!
if (rc != GNUTLS_E_SHORT_MEMORY_BUFFER)
exim_gnutls_err_check(US"gnutls_dh_params_export_pkcs3(NULL) sizing");
m.size = sz;
- m.data = malloc(m.size);
- if (m.data == NULL)
- return tls_error(US"memory allocation failed", strerror(errno), NULL);
+ if (!(m.data = malloc(m.size)))
+ return tls_error(US"memory allocation failed", strerror(errno), NULL, errstr);
+
/* this will return a size 1 less than the allocation size above */
rc = gnutls_dh_params_export_pkcs3(dh_server_params, GNUTLS_X509_FMT_PEM,
m.data, &sz);
}
m.size = sz; /* shrink by 1, probably */
- sz = write_to_fd_buf(fd, m.data, (size_t) m.size);
- if (sz != m.size)
+ if ((sz = write_to_fd_buf(fd, m.data, (size_t) m.size)) != m.size)
{
free(m.data);
return tls_error(US"TLS cache write D-H params failed",
- strerror(errno), NULL);
+ strerror(errno), NULL, errstr);
}
free(m.data);
- sz = write_to_fd_buf(fd, US"\n", 1);
- if (sz != 1)
+ if ((sz = write_to_fd_buf(fd, US"\n", 1)) != 1)
return tls_error(US"TLS cache write D-H params final newline failed",
- strerror(errno), NULL);
+ strerror(errno), NULL, errstr);
- rc = close(fd);
- if (rc)
- return tls_error(US"TLS cache write close() failed",
- strerror(errno), NULL);
+ if ((rc = close(fd)))
+ return tls_error(US"TLS cache write close() failed", strerror(errno), NULL, errstr);
if (Urename(temp_fn, filename) < 0)
return tls_error(string_sprintf("failed to rename \"%s\" as \"%s\"",
- temp_fn, filename), strerror(errno), NULL);
+ temp_fn, filename), strerror(errno), NULL, errstr);
DEBUG(D_tls) debug_printf("wrote D-H parameters to file \"%s\"\n", filename);
}
+/* Create and install a selfsigned certificate, for use in server mode */
+
+static int
+tls_install_selfsign(exim_gnutls_state_st * state, uschar ** errstr)
+{
+gnutls_x509_crt_t cert = NULL;
+time_t now;
+gnutls_x509_privkey_t pkey = NULL;
+const uschar * where;
+int rc;
+
+where = US"initialising pkey";
+if ((rc = gnutls_x509_privkey_init(&pkey))) goto err;
+
+where = US"initialising cert";
+if ((rc = gnutls_x509_crt_init(&cert))) goto err;
+
+where = US"generating pkey";
+if ((rc = gnutls_x509_privkey_generate(pkey, GNUTLS_PK_RSA,
+#ifdef SUPPORT_PARAM_TO_PK_BITS
+ gnutls_sec_param_to_pk_bits(GNUTLS_PK_RSA, GNUTLS_SEC_PARAM_LOW),
+#else
+ 1024,
+#endif
+ 0)))
+ goto err;
+
+where = US"configuring cert";
+now = 0;
+if ( (rc = gnutls_x509_crt_set_version(cert, 3))
+ || (rc = gnutls_x509_crt_set_serial(cert, &now, sizeof(now)))
+ || (rc = gnutls_x509_crt_set_activation_time(cert, now = time(NULL)))
+ || (rc = gnutls_x509_crt_set_expiration_time(cert, now + 60 * 60)) /* 1 hr */
+ || (rc = gnutls_x509_crt_set_key(cert, pkey))
+
+ || (rc = gnutls_x509_crt_set_dn_by_oid(cert,
+ GNUTLS_OID_X520_COUNTRY_NAME, 0, "UK", 2))
+ || (rc = gnutls_x509_crt_set_dn_by_oid(cert,
+ GNUTLS_OID_X520_ORGANIZATION_NAME, 0, "Exim Developers", 15))
+ || (rc = gnutls_x509_crt_set_dn_by_oid(cert,
+ GNUTLS_OID_X520_COMMON_NAME, 0,
+ smtp_active_hostname, Ustrlen(smtp_active_hostname)))
+ )
+ goto err;
+
+where = US"signing cert";
+if ((rc = gnutls_x509_crt_sign(cert, cert, pkey))) goto err;
+
+where = US"installing selfsign cert";
+ /* Since: 2.4.0 */
+if ((rc = gnutls_certificate_set_x509_key(state->x509_cred, &cert, 1, pkey)))
+ goto err;
+
+rc = OK;
+
+out:
+ if (cert) gnutls_x509_crt_deinit(cert);
+ if (pkey) gnutls_x509_privkey_deinit(pkey);
+ return rc;
+
+err:
+ rc = tls_error(where, gnutls_strerror(rc), NULL, errstr);
+ goto out;
+}
+
+
+
+
/*************************************************
* Variables re-expanded post-SNI *
*************************************************/
Arguments:
state exim_gnutls_state_st *
+ errstr error string pointer
Returns: OK/DEFER/FAIL
*/
static int
-tls_expand_session_files(exim_gnutls_state_st *state)
+tls_expand_session_files(exim_gnutls_state_st *state, uschar ** errstr)
{
struct stat statbuf;
int rc;
/* We check for tls_sni *before* expansion. */
if (!host) /* server */
- {
if (!state->received_sni)
{
if (state->tls_certificate &&
saved_tls_verify_certificates = state->exp_tls_verify_certificates;
saved_tls_crl = state->exp_tls_crl;
}
- }
rc = gnutls_certificate_allocate_credentials(&state->x509_cred);
exim_gnutls_err_check(US"gnutls_certificate_allocate_credentials");
/* check if we at least have a certificate, before doing expensive
D-H generation. */
-if (!expand_check_tlsvar(tls_certificate))
+if (!expand_check_tlsvar(tls_certificate, errstr))
return DEFER;
/* certificate is mandatory in server, optional in client */
-if ((state->exp_tls_certificate == NULL) ||
- (*state->exp_tls_certificate == '\0'))
- {
+if ( !state->exp_tls_certificate
+ || !*state->exp_tls_certificate
+ )
if (!host)
- return tls_error(US"no TLS server certificate is specified", NULL, NULL);
+ return tls_install_selfsign(state, errstr);
else
DEBUG(D_tls) debug_printf("TLS: no client certificate specified; okay\n");
- }
-if (state->tls_privatekey && !expand_check_tlsvar(tls_privatekey))
+if (state->tls_privatekey && !expand_check_tlsvar(tls_privatekey, errstr))
return DEFER;
/* tls_privatekey is optional, defaulting to same file as certificate */
state->exp_tls_certificate, state->exp_tls_privatekey);
if (state->received_sni)
- {
- if ((Ustrcmp(state->exp_tls_certificate, saved_tls_certificate) == 0) &&
- (Ustrcmp(state->exp_tls_privatekey, saved_tls_privatekey) == 0))
+ if ( Ustrcmp(state->exp_tls_certificate, saved_tls_certificate) == 0
+ && Ustrcmp(state->exp_tls_privatekey, saved_tls_privatekey) == 0
+ )
{
DEBUG(D_tls) debug_printf("TLS SNI: cert and key unchanged\n");
}
{
DEBUG(D_tls) debug_printf("TLS SNI: have a changed cert/key pair.\n");
}
- }
rc = gnutls_certificate_set_x509_key_file(state->x509_cred,
CS state->exp_tls_certificate, CS state->exp_tls_privatekey,
&& tls_ocsp_file
)
{
- if (!expand_check(tls_ocsp_file, US"tls_ocsp_file",
- &state->exp_tls_ocsp_file))
- return DEFER;
+ if (gnutls_buggy_ocsp)
+ {
+ DEBUG(D_tls) debug_printf("GnuTLS library is buggy for OCSP; avoiding\n");
+ }
+ else
+ {
+ if (!expand_check(tls_ocsp_file, US"tls_ocsp_file",
+ &state->exp_tls_ocsp_file, errstr))
+ return DEFER;
- /* Use the full callback method for stapling just to get observability.
- More efficient would be to read the file once only, if it never changed
- (due to SNI). Would need restart on file update, or watch datestamp. */
+ /* Use the full callback method for stapling just to get observability.
+ More efficient would be to read the file once only, if it never changed
+ (due to SNI). Would need restart on file update, or watch datestamp. */
- gnutls_certificate_set_ocsp_status_request_function(state->x509_cred,
- server_ocsp_stapling_cb, state->exp_tls_ocsp_file);
+ gnutls_certificate_set_ocsp_status_request_function(state->x509_cred,
+ server_ocsp_stapling_cb, state->exp_tls_ocsp_file);
- DEBUG(D_tls) debug_printf("Set OCSP response file %s\n", &state->exp_tls_ocsp_file);
+ DEBUG(D_tls) debug_printf("OCSP response file = %s\n", state->exp_tls_ocsp_file);
+ }
}
#endif
if (state->tls_verify_certificates && *state->tls_verify_certificates)
{
- if (!expand_check_tlsvar(tls_verify_certificates))
+ if (!expand_check_tlsvar(tls_verify_certificates, errstr))
return DEFER;
+#ifndef SUPPORT_SYSDEFAULT_CABUNDLE
+ if (Ustrcmp(state->exp_tls_verify_certificates, "system") == 0)
+ state->exp_tls_verify_certificates = NULL;
+#endif
if (state->tls_crl && *state->tls_crl)
- if (!expand_check_tlsvar(tls_crl))
+ if (!expand_check_tlsvar(tls_crl, errstr))
return DEFER;
if (!(state->exp_tls_verify_certificates &&
but who knows if someone has some weird FIFO which always dumps some certs, or
other weirdness. The thing we really want to check is that it's not a
directory, since while OpenSSL supports that, GnuTLS does not.
- So s/!S_ISREG/S_ISDIR/ and change some messsaging ... */
+ So s/!S_ISREG/S_ISDIR/ and change some messaging ... */
if (S_ISDIR(statbuf.st_mode))
{
DEBUG(D_tls)
Arguments:
state exim_gnutls_state_st *
+ errstr error string pointer
Returns: OK/DEFER/FAIL
*/
static int
-tls_set_remaining_x509(exim_gnutls_state_st *state)
+tls_set_remaining_x509(exim_gnutls_state_st *state, uschar ** errstr)
{
int rc;
const host_item *host = state->host; /* macro should be reconsidered? */
{
if (!dh_server_params)
{
- rc = init_server_dh();
+ rc = init_server_dh(errstr);
if (rc != OK) return rc;
}
gnutls_certificate_set_dh_params(state->x509_cred, dh_server_params);
* Initialize for GnuTLS *
*************************************************/
+
+#ifndef DISABLE_OCSP
+
+static BOOL
+tls_is_buggy_ocsp(void)
+{
+const uschar * s;
+uschar maj, mid, mic;
+
+s = CUS gnutls_check_version(NULL);
+maj = atoi(CCS s);
+if (maj == 3)
+ {
+ while (*s && *s != '.') s++;
+ mid = atoi(CCS ++s);
+ if (mid <= 2)
+ return TRUE;
+ else if (mid >= 5)
+ return FALSE;
+ else
+ {
+ while (*s && *s != '.') s++;
+ mic = atoi(CCS ++s);
+ return mic <= (mid == 3 ? 16 : 3);
+ }
+ }
+return FALSE;
+}
+
+#endif
+
+
/* Called from both server and client code. In the case of a server, errors
before actual TLS negotiation return DEFER.
crl CRL file
require_ciphers tls_require_ciphers setting
caller_state returned state-info structure
+ errstr error string pointer
Returns: OK/DEFER/FAIL
*/
const uschar *cas,
const uschar *crl,
const uschar *require_ciphers,
- exim_gnutls_state_st **caller_state)
+ exim_gnutls_state_st **caller_state,
+ uschar ** errstr)
{
exim_gnutls_state_st *state;
int rc;
}
#endif
+#ifndef DISABLE_OCSP
+ if (tls_ocsp_file && (gnutls_buggy_ocsp = tls_is_buggy_ocsp()))
+ log_write(0, LOG_MAIN, "OCSP unusable with this GnuTLS library version");
+#endif
+
exim_gnutls_base_init_done = TRUE;
}
DEBUG(D_tls)
debug_printf("Expanding various TLS configuration options for session credentials.\n");
-rc = tls_expand_session_files(state);
-if (rc != OK) return rc;
+if ((rc = tls_expand_session_files(state, errstr)) != OK) return rc;
/* These are all other parts of the x509_cred handling, since SNI in GnuTLS
requires a new structure afterwards. */
-rc = tls_set_remaining_x509(state);
-if (rc != OK) return rc;
+if ((rc = tls_set_remaining_x509(state, errstr)) != OK) return rc;
/* set SNI in client, only */
if (host)
{
- if (!expand_check(sni, US"tls_out_sni", &state->tlsp->sni))
+ if (!expand_check(sni, US"tls_out_sni", &state->tlsp->sni, errstr))
return DEFER;
if (state->tlsp->sni && *state->tlsp->sni)
{
if (state->tls_require_ciphers && *state->tls_require_ciphers)
{
- if (!expand_check_tlsvar(tls_require_ciphers))
+ if (!expand_check_tlsvar(tls_require_ciphers, errstr))
return DEFER;
if (state->exp_tls_require_ciphers && *state->exp_tls_require_ciphers)
{
Arguments:
state exim_gnutls_state_st *
+ errstr pointer to error string
Returns: OK/DEFER/FAIL
*/
static int
-peer_status(exim_gnutls_state_st *state)
+peer_status(exim_gnutls_state_st *state, uschar ** errstr)
{
uschar cipherbuf[256];
-const gnutls_datum *cert_list;
+const gnutls_datum_t *cert_list;
int old_pool, rc;
unsigned int cert_list_size = 0;
gnutls_protocol_t protocol;
cert_list, cert_list_size);
if (state->verify_requirement >= VERIFY_REQUIRED)
return tls_error(US"certificate verification failed",
- "no certificate received from peer", state->host);
+ "no certificate received from peer", state->host, errstr);
return OK;
}
debug_printf("TLS: peer cert not X.509 but instead \"%s\"\n", ctn);
if (state->verify_requirement >= VERIFY_REQUIRED)
return tls_error(US"certificate verification not possible, unhandled type",
- ctn, state->host);
+ ctn, state->host, errstr);
return OK;
}
DEBUG(D_tls) debug_printf("TLS: peer cert problem: %s: %s\n", \
(Label), gnutls_strerror(rc)); \
if (state->verify_requirement >= VERIFY_REQUIRED) \
- return tls_error((Label), gnutls_strerror(rc), state->host); \
+ return tls_error((Label), gnutls_strerror(rc), state->host, errstr); \
return OK; \
} \
} while (0)
Arguments:
state exim_gnutls_state_st *
- error where to put an error message
+ errstr where to put an error message
Returns:
FALSE if the session should be rejected
*/
static BOOL
-verify_certificate(exim_gnutls_state_st *state, const char **error)
+verify_certificate(exim_gnutls_state_st *state, uschar ** errstr)
{
int rc;
unsigned int verify;
-*error = NULL;
+*errstr = NULL;
-if ((rc = peer_status(state)) != OK)
+if ((rc = peer_status(state, errstr)) != OK)
{
verify = GNUTLS_CERT_INVALID;
- *error = "certificate not supplied";
+ *errstr = US"certificate not supplied";
}
else
rc = gnutls_certificate_verify_peers2(state->session, &verify);
)
{
state->peer_cert_verified = FALSE;
- if (!*error)
- *error = verify & GNUTLS_CERT_REVOKED
- ? "certificate revoked" : "certificate invalid";
+ if (!*errstr)
+ *errstr = verify & GNUTLS_CERT_REVOKED
+ ? US"certificate revoked" : US"certificate invalid";
DEBUG(D_tls)
debug_printf("TLS certificate verification failed (%s): peerdn=\"%s\"\n",
- *error, state->peerdn ? state->peerdn : US"<unset>");
+ *errstr, state->peerdn ? state->peerdn : US"<unset>");
if (state->verify_requirement >= VERIFY_REQUIRED)
{
if (state->exp_tls_verify_cert_hostnames)
{
int sep = 0;
- uschar * list = state->exp_tls_verify_cert_hostnames;
+ const uschar * list = state->exp_tls_verify_cert_hostnames;
uschar * name;
- while (name = string_nextinlist(&list, &sep, NULL, 0))
+ while ((name = string_nextinlist(&list, &sep, NULL, 0)))
if (gnutls_x509_crt_check_hostname(state->tlsp->peercert, CS name))
break;
if (!name)
exim_gnutls_state_st *state = &state_server;
unsigned int sni_type;
int rc, old_pool;
+uschar * dummy_errstr;
rc = gnutls_server_name_get(session, sni_name, &data_len, &sni_type, 0);
if (rc != GNUTLS_E_SUCCESS)
else
debug_printf("TLS failure: gnutls_server_name_get(): %s [%d]\n",
gnutls_strerror(rc), rc);
- };
+ }
return 0;
}
if (!state->trigger_sni_changes)
return 0;
-rc = tls_expand_session_files(state);
-if (rc != OK)
+if ((rc = tls_expand_session_files(state, &dummy_errstr)) != OK)
{
/* If the setup of certs/etc failed before handshake, TLS would not have
been offered. The best we can do now is abort. */
return GNUTLS_E_APPLICATION_ERROR_MIN;
}
-rc = tls_set_remaining_x509(state);
+rc = tls_set_remaining_x509(state, &dummy_errstr);
if (rc != OK) return GNUTLS_E_APPLICATION_ERROR_MIN;
return 0;
if ((ret = gnutls_load_file(ptr, ocsp_response)) < 0)
{
DEBUG(D_tls) debug_printf("Failed to load ocsp stapling file %s\n",
- (char *)ptr);
+ CS ptr);
tls_in.ocsp = OCSP_NOT_RESP;
return GNUTLS_E_NO_CERTIFICATE_STATUS;
}
#endif
-#ifdef EXPERIMENTAL_EVENT
+#ifndef DISABLE_EVENT
/*
We use this callback to get observability and detail-level control
for an exim TLS connection (either direction), raising a tls:cert event
static int
verify_cb(gnutls_session_t session)
{
-const gnutls_datum * cert_list;
+const gnutls_datum_t * cert_list;
unsigned int cert_list_size = 0;
gnutls_x509_crt_t crt;
int rc;
Arguments:
require_ciphers list of allowed ciphers or NULL
+ errstr pointer to error string
Returns: OK on success
DEFER for errors before the start of the negotiation
- FAIL for errors during the negotation; the server can't
+ FAIL for errors during the negotiation; the server can't
continue running.
*/
int
-tls_server_start(const uschar *require_ciphers)
+tls_server_start(const uschar * require_ciphers, uschar ** errstr)
{
int rc;
-const char *error;
-exim_gnutls_state_st *state = NULL;
+exim_gnutls_state_st * state = NULL;
/* Check for previous activation */
if (tls_in.active >= 0)
{
- tls_error(US"STARTTLS received after TLS started", "", NULL);
- smtp_printf("554 Already in TLS\r\n");
+ tls_error(US"STARTTLS received after TLS started", "", NULL, errstr);
+ smtp_printf("554 Already in TLS\r\n", FALSE);
return FAIL;
}
DEBUG(D_tls) debug_printf("initialising GnuTLS as a server\n");
-rc = tls_init(NULL, tls_certificate, tls_privatekey,
+if ((rc = tls_init(NULL, tls_certificate, tls_privatekey,
NULL, tls_verify_certificates, tls_crl,
- require_ciphers, &state);
-if (rc != OK) return rc;
+ require_ciphers, &state, errstr)) != OK) return rc;
/* If this is a host for which certificate verification is mandatory or
optional, set up appropriately. */
gnutls_certificate_server_set_request(state->session, GNUTLS_CERT_IGNORE);
}
-#ifdef EXPERIMENTAL_EVENT
+#ifndef DISABLE_EVENT
if (event_action)
{
state->event_action = event_action;
if (!state->tlsp->on_connect)
{
- smtp_printf("220 TLS go ahead\r\n");
+ smtp_printf("220 TLS go ahead\r\n", FALSE);
fflush(smtp_out);
}
that the GnuTLS library doesn't. */
gnutls_transport_set_ptr2(state->session,
- (gnutls_transport_ptr)(long) fileno(smtp_in),
- (gnutls_transport_ptr)(long) fileno(smtp_out));
+ (gnutls_transport_ptr_t)(long) fileno(smtp_in),
+ (gnutls_transport_ptr_t)(long) fileno(smtp_out));
state->fd_in = fileno(smtp_in);
state->fd_out = fileno(smtp_out);
sigalrm_seen = FALSE;
if (smtp_receive_timeout > 0) alarm(smtp_receive_timeout);
do
- {
rc = gnutls_handshake(state->session);
- } while ((rc == GNUTLS_E_AGAIN) ||
- (rc == GNUTLS_E_INTERRUPTED && !sigalrm_seen));
+while (rc == GNUTLS_E_AGAIN || rc == GNUTLS_E_INTERRUPTED && !sigalrm_seen);
alarm(0);
if (rc != GNUTLS_E_SUCCESS)
{
- tls_error(US"gnutls_handshake",
- sigalrm_seen ? "timed out" : gnutls_strerror(rc), NULL);
/* It seems that, except in the case of a timeout, we have to close the
connection right here; otherwise if the other end is running OpenSSL it hangs
until the server times out. */
- if (!sigalrm_seen)
+ if (sigalrm_seen)
{
+ tls_error(US"gnutls_handshake", "timed out", NULL, errstr);
+ gnutls_db_remove_session(state->session);
+ }
+ else
+ {
+ tls_error(US"gnutls_handshake", gnutls_strerror(rc), NULL, errstr);
+ (void) gnutls_alert_send_appropriate(state->session, rc);
+ gnutls_deinit(state->session);
+ gnutls_certificate_free_credentials(state->x509_cred);
+ millisleep(500);
+ shutdown(state->fd_out, SHUT_WR);
+ for (rc = 1024; fgetc(smtp_in) != EOF && rc > 0; ) rc--; /* drain skt */
(void)fclose(smtp_out);
(void)fclose(smtp_in);
+ smtp_out = smtp_in = NULL;
}
return FAIL;
/* Verify after the fact */
if ( state->verify_requirement != VERIFY_NONE
- && !verify_certificate(state, &error))
+ && !verify_certificate(state, errstr))
{
if (state->verify_requirement != VERIFY_OPTIONAL)
{
- tls_error(US"certificate verification failed", error, NULL);
+ (void) tls_error(US"certificate verification failed", *errstr, NULL, errstr);
return FAIL;
}
DEBUG(D_tls)
debug_printf("TLS: continuing on only because verification was optional, after: %s\n",
- error);
+ *errstr);
}
/* Figure out peer DN, and if authenticated, etc. */
-rc = peer_status(state);
-if (rc != OK) return rc;
+if ((rc = peer_status(state, NULL)) != OK) return rc;
/* Sets various Exim expansion variables; always safe within server */
state->xfer_buffer = store_malloc(ssl_xfer_buffer_size);
receive_getc = tls_getc;
+receive_getbuf = tls_getbuf;
+receive_get_cache = tls_get_cache;
receive_ungetc = tls_ungetc;
receive_feof = tls_feof;
receive_ferror = tls_ferror;
{
if (verify_check_given_host(&ob->tls_verify_cert_hostnames, host) == OK)
{
- state->exp_tls_verify_cert_hostnames = host->name;
+ state->exp_tls_verify_cert_hostnames =
+#ifdef SUPPORT_I18N
+ string_domain_utf8_to_alabel(host->name, NULL);
+#else
+ host->name;
+#endif
DEBUG(D_tls)
debug_printf("TLS: server cert verification includes hostname: \"%s\".\n",
state->exp_tls_verify_cert_hostnames);
addr the first address (not used)
tb transport (always smtp)
+ errstr error string pointer
+
Returns: OK/DEFER/FAIL (because using common functions),
but for a client, DEFER and FAIL have the same meaning
*/
int
tls_client_start(int fd, host_item *host,
address_item *addr ARG_UNUSED,
- transport_instance *tb
+ transport_instance * tb,
#ifdef EXPERIMENTAL_DANE
- , dne_answer * unused_tlsa_dnsa
+ dns_answer * tlsa_dnsa ARG_UNUSED,
#endif
- )
+ uschar ** errstr)
{
smtp_transport_options_block *ob =
(smtp_transport_options_block *)tb->options_block;
int rc;
-const char *error;
exim_gnutls_state_st *state = NULL;
#ifndef DISABLE_OCSP
BOOL require_ocsp =
if ((rc = tls_init(host, ob->tls_certificate, ob->tls_privatekey,
ob->tls_sni, ob->tls_verify_certificates, ob->tls_crl,
- ob->tls_require_ciphers, &state)) != OK)
+ ob->tls_require_ciphers, &state, errstr)) != OK)
return rc;
{
gnutls_dh_set_prime_bits(state->session, dh_min_bits);
}
-/* Stick to the old behaviour for compatibility if tls_verify_certificates is
+/* Stick to the old behaviour for compatibility if tls_verify_certificates is
set but both tls_verify_hosts and tls_try_verify_hosts are unset. Check only
the specified host patterns if one of them is defined */
if ( ( state->exp_tls_verify_certificates
&& !ob->tls_verify_hosts
- && !ob->tls_try_verify_hosts
+ && (!ob->tls_try_verify_hosts || !*ob->tls_try_verify_hosts)
)
|| verify_check_given_host(&ob->tls_verify_hosts, host) == OK
)
if ((rc = gnutls_ocsp_status_request_enable_client(state->session,
NULL, 0, NULL)) != OK)
return tls_error(US"cert-status-req",
- gnutls_strerror(rc), state->host);
+ gnutls_strerror(rc), state->host, errstr);
tls_out.ocsp = OCSP_NOT_RESP;
}
#endif
-#ifdef EXPERIMENTAL_EVENT
+#ifndef DISABLE_EVENT
if (tb->event_action)
{
state->event_action = tb->event_action;
}
#endif
-gnutls_transport_set_ptr(state->session, (gnutls_transport_ptr)(long) fd);
+gnutls_transport_set_ptr(state->session, (gnutls_transport_ptr_t)(long) fd);
state->fd_in = fd;
state->fd_out = fd;
alarm(0);
if (rc != GNUTLS_E_SUCCESS)
- return tls_error(US"gnutls_handshake",
- sigalrm_seen ? "timed out" : gnutls_strerror(rc), state->host);
+ if (sigalrm_seen)
+ {
+ gnutls_alert_send(state->session, GNUTLS_AL_FATAL, GNUTLS_A_USER_CANCELED);
+ return tls_error(US"gnutls_handshake", "timed out", state->host, errstr);
+ }
+ else
+ return tls_error(US"gnutls_handshake", gnutls_strerror(rc), state->host, errstr);
DEBUG(D_tls) debug_printf("gnutls_handshake was successful\n");
/* Verify late */
if (state->verify_requirement != VERIFY_NONE &&
- !verify_certificate(state, &error))
- return tls_error(US"certificate verification failed", error, state->host);
+ !verify_certificate(state, errstr))
+ return tls_error(US"certificate verification failed", *errstr, state->host, errstr);
#ifndef DISABLE_OCSP
if (require_ocsp)
gnutls_free(printed.data);
}
else
- (void) tls_error(US"ocsp decode", gnutls_strerror(rc), state->host);
+ (void) tls_error(US"ocsp decode", gnutls_strerror(rc), state->host, errstr);
}
if (gnutls_ocsp_status_request_is_checked(state->session, 0) == 0)
{
tls_out.ocsp = OCSP_FAILED;
- return tls_error(US"certificate status check failed", NULL, state->host);
+ return tls_error(US"certificate status check failed", NULL, state->host, errstr);
}
DEBUG(D_tls) debug_printf("Passed OCSP checking\n");
tls_out.ocsp = OCSP_VFIED;
/* Figure out peer DN, and if authenticated, etc. */
-if ((rc = peer_status(state)) != OK)
+if ((rc = peer_status(state, errstr)) != OK)
return rc;
/* Sets various Exim expansion variables; may need to adjust for ACL callouts */
}
gnutls_deinit(state->session);
+gnutls_certificate_free_credentials(state->x509_cred);
+
state->tlsp->active = -1;
memcpy(state, &exim_gnutls_state_init, sizeof(exim_gnutls_state_init));
gnutls_global_deinit();
exim_gnutls_base_init_done = FALSE;
}
-
}
+static BOOL
+tls_refill(unsigned lim)
+{
+exim_gnutls_state_st * state = &state_server;
+ssize_t inbytes;
+
+DEBUG(D_tls) debug_printf("Calling gnutls_record_recv(%p, %p, %u)\n",
+ state->session, state->xfer_buffer, ssl_xfer_buffer_size);
+
+if (smtp_receive_timeout > 0) alarm(smtp_receive_timeout);
+inbytes = gnutls_record_recv(state->session, state->xfer_buffer,
+ MIN(ssl_xfer_buffer_size, lim));
+alarm(0);
+
+/* Timeouts do not get this far; see command_timeout_handler().
+ A zero-byte return appears to mean that the TLS session has been
+ closed down, not that the socket itself has been closed down. Revert to
+ non-TLS handling. */
+
+if (sigalrm_seen)
+ {
+ DEBUG(D_tls) debug_printf("Got tls read timeout\n");
+ state->xfer_error = 1;
+ return FALSE;
+ }
+
+else if (inbytes == 0)
+ {
+ DEBUG(D_tls) debug_printf("Got TLS_EOF\n");
+
+ receive_getc = smtp_getc;
+ receive_getbuf = smtp_getbuf;
+ receive_get_cache = smtp_get_cache;
+ receive_ungetc = smtp_ungetc;
+ receive_feof = smtp_feof;
+ receive_ferror = smtp_ferror;
+ receive_smtp_buffered = smtp_buffered;
+
+ gnutls_deinit(state->session);
+ gnutls_certificate_free_credentials(state->x509_cred);
+
+ state->session = NULL;
+ state->tlsp->active = -1;
+ state->tlsp->bits = 0;
+ state->tlsp->certificate_verified = FALSE;
+ tls_channelbinding_b64 = NULL;
+ state->tlsp->cipher = NULL;
+ state->tlsp->peercert = NULL;
+ state->tlsp->peerdn = NULL;
+
+ return FALSE;
+ }
+
+/* Handle genuine errors */
+
+else if (inbytes < 0)
+ {
+ record_io_error(state, (int) inbytes, US"recv", NULL);
+ state->xfer_error = 1;
+ return FALSE;
+ }
+#ifndef DISABLE_DKIM
+dkim_exim_verify_feed(state->xfer_buffer, inbytes);
+#endif
+state->xfer_buffer_hwm = (int) inbytes;
+state->xfer_buffer_lwm = 0;
+return TRUE;
+}
+
/*************************************************
* TLS version of getc *
*************************************************/
This feeds DKIM and should be used for all message-body reads.
-Arguments: none
+Arguments: lim Maximum amount to read/bufffer
Returns: the next character or EOF
*/
int
-tls_getc(void)
+tls_getc(unsigned lim)
{
-exim_gnutls_state_st *state = &state_server;
+exim_gnutls_state_st * state = &state_server;
+
if (state->xfer_buffer_lwm >= state->xfer_buffer_hwm)
- {
- ssize_t inbytes;
+ if (!tls_refill(lim))
+ return state->xfer_error ? EOF : smtp_getc(lim);
- DEBUG(D_tls) debug_printf("Calling gnutls_record_recv(%p, %p, %u)\n",
- state->session, state->xfer_buffer, ssl_xfer_buffer_size);
+/* Something in the buffer; return next uschar */
- if (smtp_receive_timeout > 0) alarm(smtp_receive_timeout);
- inbytes = gnutls_record_recv(state->session, state->xfer_buffer,
- ssl_xfer_buffer_size);
- alarm(0);
+return state->xfer_buffer[state->xfer_buffer_lwm++];
+}
- /* A zero-byte return appears to mean that the TLS session has been
- closed down, not that the socket itself has been closed down. Revert to
- non-TLS handling. */
+uschar *
+tls_getbuf(unsigned * len)
+{
+exim_gnutls_state_st * state = &state_server;
+unsigned size;
+uschar * buf;
- if (inbytes == 0)
+if (state->xfer_buffer_lwm >= state->xfer_buffer_hwm)
+ if (!tls_refill(*len))
{
- DEBUG(D_tls) debug_printf("Got TLS_EOF\n");
-
- receive_getc = smtp_getc;
- receive_ungetc = smtp_ungetc;
- receive_feof = smtp_feof;
- receive_ferror = smtp_ferror;
- receive_smtp_buffered = smtp_buffered;
-
- gnutls_deinit(state->session);
- state->session = NULL;
- state->tlsp->active = -1;
- state->tlsp->bits = 0;
- state->tlsp->certificate_verified = FALSE;
- tls_channelbinding_b64 = NULL;
- state->tlsp->cipher = NULL;
- state->tlsp->peercert = NULL;
- state->tlsp->peerdn = NULL;
-
- return smtp_getc();
+ if (!state->xfer_error) return smtp_getbuf(len);
+ *len = 0;
+ return NULL;
}
- /* Handle genuine errors */
+if ((size = state->xfer_buffer_hwm - state->xfer_buffer_lwm) > *len)
+ size = *len;
+buf = &state->xfer_buffer[state->xfer_buffer_lwm];
+state->xfer_buffer_lwm += size;
+*len = size;
+return buf;
+}
- else if (inbytes < 0)
- {
- record_io_error(state, (int) inbytes, US"recv", NULL);
- state->xfer_error = 1;
- return EOF;
- }
+
+void
+tls_get_cache()
+{
#ifndef DISABLE_DKIM
- dkim_exim_verify_feed(state->xfer_buffer, inbytes);
+exim_gnutls_state_st * state = &state_server;
+int n = state->xfer_buffer_hwm - state->xfer_buffer_lwm;
+if (n > 0)
+ dkim_exim_verify_feed(state->xfer_buffer+state->xfer_buffer_lwm, n);
#endif
- state->xfer_buffer_hwm = (int) inbytes;
- state->xfer_buffer_lwm = 0;
- }
+}
-/* Something in the buffer; return next uschar */
-return state->xfer_buffer[state->xfer_buffer_lwm++];
+BOOL
+tls_could_read(void)
+{
+return state_server.xfer_buffer_lwm < state_server.xfer_buffer_hwm
+ || gnutls_record_check_pending(state_server.session) > 0;
}
is_server channel specifier
buff buffer of data
len number of bytes
+ more more data expected soon
Returns: the number of bytes after a successful write,
-1 after a failed write
*/
int
-tls_write(BOOL is_server, const uschar *buff, size_t len)
+tls_write(BOOL is_server, const uschar *buff, size_t len, BOOL more)
{
ssize_t outbytes;
size_t left = len;
exim_gnutls_state_st *state = is_server ? &state_server : &state_client;
+#ifdef SUPPORT_CORK
+static BOOL corked = FALSE;
+
+if (more && !corked) gnutls_record_cork(state->session);
+#endif
+
+DEBUG(D_tls) debug_printf("%s(%p, " SIZE_T_FMT "%s)\n", __FUNCTION__,
+ buff, left, more ? ", more" : "");
-DEBUG(D_tls) debug_printf("tls_do_write(%p, " SIZE_T_FMT ")\n", buff, left);
while (left > 0)
{
DEBUG(D_tls) debug_printf("gnutls_record_send(SSL, %p, " SIZE_T_FMT ")\n",
len = INT_MAX;
}
+#ifdef SUPPORT_CORK
+if (more != corked)
+ {
+ if (!more) (void) gnutls_record_uncork(state->session, 0);
+ corked = more;
+ }
+#endif
+
return (int) len;
}
uschar *expciphers = NULL;
gnutls_priority_t priority_cache;
const char *errpos;
+uschar * dummy_errstr;
#define validate_check_rc(Label) do { \
if (rc != GNUTLS_E_SUCCESS) { if (exim_gnutls_base_init_done) gnutls_global_deinit(); \
if (!(tls_require_ciphers && *tls_require_ciphers))
return_deinit(NULL);
-if (!expand_check(tls_require_ciphers, US"tls_require_ciphers", &expciphers))
+if (!expand_check(tls_require_ciphers, US"tls_require_ciphers", &expciphers,
+ &dummy_errstr))
return_deinit(US"failed to expand tls_require_ciphers");
if (!(expciphers && *expciphers))