1 /*
2 * LibSylph -- E-Mail client library
3 * Copyright (C) 1999-2014 Hiroyuki Yamamoto
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
18 */
19
20 #ifdef HAVE_CONFIG_H
21 # include "config.h"
22 #endif
23
24 #if USE_SSL
25
26 #include "defs.h"
27
28 #include <glib.h>
29 #include <glib/gi18n.h>
30
31 #include "utils.h"
32 #include "ssl.h"
33 #include "ssl_hostname_validation.h"
34
35 static SSL_CTX *ssl_ctx_SSLv23 = NULL;
36 static SSL_CTX *ssl_ctx_TLSv1 = NULL;
37
38 static GSList *trust_list = NULL;
39 static GSList *tmp_trust_list = NULL;
40 static GSList *reject_list = NULL;
41
42 static SSLVerifyFunc verify_ui_func = NULL;
43
find_certs_file(const gchar * certs_dir)44 static gchar *find_certs_file(const gchar *certs_dir)
45 {
46 gchar *certs_file;
47
48 #define LOOK_FOR(crt) \
49 { \
50 certs_file = g_strconcat(certs_dir, G_DIR_SEPARATOR_S, crt, NULL); \
51 debug_print("looking for %s\n", certs_file); \
52 if (is_file_exist(certs_file)) \
53 return certs_file; \
54 g_free(certs_file); \
55 }
56
57 if (certs_dir) {
58 LOOK_FOR("ca-certificates.crt");
59 LOOK_FOR("ca-bundle.crt");
60 LOOK_FOR("ca-root.crt");
61 LOOK_FOR("certs.crt");
62 LOOK_FOR("cert.pem");
63 }
64
65 #undef LOOK_FOR
66
67 return NULL;
68 }
69
ssl_init(void)70 void ssl_init(void)
71 {
72 gchar *certs_file, *certs_dir;
73 FILE *fp;
74
75 SSL_library_init();
76 SSL_load_error_strings();
77
78 certs_dir = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S, "certs", NULL);
79 if (!is_dir_exist(certs_dir)) {
80 debug_print("ssl_init(): %s doesn't exist, or not a directory.\n",
81 certs_dir);
82 g_free(certs_dir);
83 #ifdef G_OS_WIN32
84 certs_dir = g_strconcat(get_startup_dir(), G_DIR_SEPARATOR_S
85 "etc" G_DIR_SEPARATOR_S
86 "ssl" G_DIR_SEPARATOR_S "certs", NULL);
87 #else
88 certs_dir = g_strdup("/etc/ssl/certs");
89 #endif
90 if (!is_dir_exist(certs_dir)) {
91 debug_print("ssl_init(): %s doesn't exist, or not a directory.\n",
92 certs_dir);
93 g_free(certs_dir);
94 certs_dir = NULL;
95 }
96 }
97 if (certs_dir)
98 debug_print("ssl_init(): certs dir %s found.\n", certs_dir);
99
100 certs_file = find_certs_file(get_rc_dir());
101
102 if (certs_dir && !certs_file)
103 certs_file = find_certs_file(certs_dir);
104
105 if (!certs_file) {
106 #ifdef G_OS_WIN32
107 certs_dir = g_strconcat(get_startup_dir(),
108 G_DIR_SEPARATOR_S "etc"
109 G_DIR_SEPARATOR_S "ssl", NULL);
110 certs_file = find_certs_file(certs_dir);
111 g_free(certs_dir);
112 certs_dir = NULL;
113 if (!certs_file) {
114 certs_dir = g_strconcat(get_startup_dir(),
115 G_DIR_SEPARATOR_S "etc", NULL);
116 certs_file = find_certs_file(certs_dir);
117 g_free(certs_dir);
118 certs_dir = NULL;
119 }
120 #else
121 certs_file = find_certs_file("/etc/ssl");
122 if (!certs_file)
123 certs_file = find_certs_file("/etc");
124 #endif
125 }
126
127 if (certs_file)
128 debug_print("ssl_init(): certs file %s found.\n", certs_file);
129
130 ssl_ctx_SSLv23 = SSL_CTX_new(SSLv23_client_method());
131 if (ssl_ctx_SSLv23 == NULL) {
132 debug_print(_("SSLv23 not available\n"));
133 } else {
134 debug_print(_("SSLv23 available\n"));
135 if ((certs_file || certs_dir) &&
136 !SSL_CTX_load_verify_locations(ssl_ctx_SSLv23, certs_file,
137 certs_dir))
138 g_warning("SSLv23 SSL_CTX_load_verify_locations failed.\n");
139 }
140
141 /* ssl_ctx_TLSv1 = SSL_CTX_new(TLSv1_client_method()); */
142 ssl_ctx_TLSv1 = SSL_CTX_new(SSLv23_client_method());
143 if (ssl_ctx_TLSv1 == NULL) {
144 debug_print(_("TLSv1 not available\n"));
145 } else {
146 debug_print(_("TLSv1 available\n"));
147 /* disable SSLv2/SSLv3 */
148 SSL_CTX_set_options(ssl_ctx_TLSv1,
149 SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3);
150 if ((certs_file || certs_dir) &&
151 !SSL_CTX_load_verify_locations(ssl_ctx_TLSv1, certs_file,
152 certs_dir))
153 g_warning("TLSv1 SSL_CTX_load_verify_locations failed.\n");
154 }
155
156 g_free(certs_dir);
157 g_free(certs_file);
158
159 certs_file = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S, "trust.crt",
160 NULL);
161 if ((fp = g_fopen(certs_file, "rb")) != NULL) {
162 X509 *cert;
163
164 debug_print("ssl_init(): reading trust.crt\n");
165
166 while ((cert = PEM_read_X509(fp, NULL, NULL, NULL)) != NULL)
167 trust_list = g_slist_append(trust_list, cert);
168 fclose(fp);
169 }
170 g_free(certs_file);
171 }
172
ssl_done(void)173 void ssl_done(void)
174 {
175 gchar *trust_file;
176 GSList *cur;
177 FILE *fp;
178
179 if (trust_list) {
180 trust_file = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S,
181 "trust.crt", NULL);
182 if ((fp = g_fopen(trust_file, "wb")) == NULL) {
183 FILE_OP_ERROR(trust_file, "fopen");
184 }
185 for (cur = trust_list; cur != NULL; cur = cur->next) {
186 if (fp && !PEM_write_X509(fp, (X509 *)cur->data))
187 g_warning("can't write X509 to PEM file: %s",
188 trust_file);
189 X509_free((X509 *)cur->data);
190 }
191 if (fp)
192 fclose(fp);
193 g_free(trust_file);
194 g_slist_free(trust_list);
195 trust_list = NULL;
196 }
197 for (cur = tmp_trust_list; cur != NULL; cur = cur->next)
198 X509_free((X509 *)cur->data);
199 g_slist_free(tmp_trust_list);
200 tmp_trust_list = NULL;
201 for (cur = reject_list; cur != NULL; cur = cur->next)
202 X509_free((X509 *)cur->data);
203 g_slist_free(reject_list);
204 reject_list = NULL;
205
206 if (ssl_ctx_SSLv23) {
207 SSL_CTX_free(ssl_ctx_SSLv23);
208 ssl_ctx_SSLv23 = NULL;
209 }
210
211 if (ssl_ctx_TLSv1) {
212 SSL_CTX_free(ssl_ctx_TLSv1);
213 ssl_ctx_TLSv1 = NULL;
214 }
215 }
216
ssl_init_socket(SockInfo * sockinfo)217 gboolean ssl_init_socket(SockInfo *sockinfo)
218 {
219 return ssl_init_socket_with_method(sockinfo, SSL_METHOD_SSLv23);
220 }
221
x509_cmp_func(gconstpointer a,gconstpointer b)222 static gint x509_cmp_func(gconstpointer a, gconstpointer b)
223 {
224 const X509 *xa = a;
225 const X509 *xb = b;
226
227 return X509_cmp(xa, xb);
228 }
229
ssl_init_socket_with_method(SockInfo * sockinfo,SSLMethod method)230 gboolean ssl_init_socket_with_method(SockInfo *sockinfo, SSLMethod method)
231 {
232 X509 *server_cert;
233 gint err, ret;
234
235 switch (method) {
236 case SSL_METHOD_SSLv23:
237 if (!ssl_ctx_SSLv23) {
238 g_warning(_("SSL method not available\n"));
239 return FALSE;
240 }
241 sockinfo->ssl = SSL_new(ssl_ctx_SSLv23);
242 break;
243 case SSL_METHOD_TLSv1:
244 if (!ssl_ctx_TLSv1) {
245 g_warning(_("SSL method not available\n"));
246 return FALSE;
247 }
248 sockinfo->ssl = SSL_new(ssl_ctx_TLSv1);
249 break;
250 default:
251 g_warning(_("Unknown SSL method *PROGRAM BUG*\n"));
252 return FALSE;
253 break;
254 }
255
256 if (sockinfo->ssl == NULL) {
257 g_warning(_("Error creating ssl context\n"));
258 return FALSE;
259 }
260
261 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
262 if (!SSL_set_tlsext_host_name(sockinfo->ssl, sockinfo->hostname)) {
263 g_warning("Error setting servername extension\n");
264 return FALSE;
265 }
266 #endif
267
268 SSL_set_fd(sockinfo->ssl, sockinfo->sock);
269 while ((ret = SSL_connect(sockinfo->ssl)) != 1) {
270 err = SSL_get_error(sockinfo->ssl, ret);
271 if (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) {
272 g_usleep(100000);
273 g_warning("SSL_connect(): try again\n");
274 continue;
275 }
276 g_warning("SSL_connect() failed with error %d, ret = %d (%s)\n",
277 err, ret, ERR_error_string(ERR_get_error(), NULL));
278 return FALSE;
279 }
280
281 /* Get the cipher */
282
283 debug_print(_("SSL connection using %s\n"),
284 SSL_get_cipher(sockinfo->ssl));
285 debug_print("SSL protocol version: %s\n",
286 SSL_get_version(sockinfo->ssl));
287
288 /* Get server's certificate (note: beware of dynamic allocation) */
289
290 if ((server_cert = SSL_get_peer_certificate(sockinfo->ssl)) != NULL) {
291 glong verify_result;
292 gboolean expired = FALSE;
293
294 if (get_debug_mode()) {
295 gchar *str;
296 guchar keyid[EVP_MAX_MD_SIZE];
297 gchar keyidstr[EVP_MAX_MD_SIZE * 3 + 1] = "";
298 guint keyidlen = 0;
299 gint i;
300
301 debug_print(_("Server certificate:\n"));
302
303 if ((str = X509_NAME_oneline(X509_get_subject_name(server_cert), 0, 0)) != NULL) {
304 debug_print(_(" Subject: %s\n"), str);
305 OPENSSL_free(str);
306 }
307
308 if ((str = X509_NAME_oneline(X509_get_issuer_name(server_cert), 0, 0)) != NULL) {
309 debug_print(_(" Issuer: %s\n"), str);
310 OPENSSL_free(str);
311 }
312 if (X509_digest(server_cert, EVP_sha1(), keyid, &keyidlen)) {
313 for (i = 0; i < keyidlen; i++)
314 g_snprintf(keyidstr + i * 3, 4, "%02x:", keyid[i]);
315 keyidstr[keyidlen * 3 - 1] = '\0';
316 debug_print(" SHA1 fingerprint: %s\n", keyidstr);
317 }
318 if (X509_digest(server_cert, EVP_md5(), keyid, &keyidlen)) {
319 for (i = 0; i < keyidlen; i++)
320 g_snprintf(keyidstr + i * 3, 4, "%02x:", keyid[i]);
321 keyidstr[keyidlen * 3 - 1] = '\0';
322 debug_print(" MD5 fingerprint: %s\n", keyidstr);
323 }
324 }
325
326 verify_result = SSL_get_verify_result(sockinfo->ssl);
327 if (verify_result == X509_V_OK) {
328 debug_print("SSL certificate verify OK\n");
329 if (ssl_validate_hostname(sockinfo->hostname, server_cert) == SSL_HOSTNAME_MATCH_FOUND) {
330 debug_print("SSL certificate hostname validation OK\n");
331 X509_free(server_cert);
332 return TRUE;
333 } else {
334 verify_result = X509_V_ERR_APPLICATION_VERIFICATION;
335 }
336 }
337
338 if (verify_result == X509_V_ERR_CERT_HAS_EXPIRED) {
339 log_message("SSL certificate of %s has expired\n", sockinfo->hostname);
340 expired = TRUE;
341 } else if (g_slist_find_custom(trust_list, server_cert,
342 x509_cmp_func) ||
343 g_slist_find_custom(tmp_trust_list, server_cert,
344 x509_cmp_func)) {
345 log_message("SSL certificate of %s previously accepted\n", sockinfo->hostname);
346 X509_free(server_cert);
347 return TRUE;
348 } else if (g_slist_find_custom(reject_list, server_cert,
349 x509_cmp_func)) {
350 log_message("SSL certificate of %s previously rejected\n", sockinfo->hostname);
351 X509_free(server_cert);
352 return FALSE;
353 }
354
355 if (verify_result == X509_V_ERR_APPLICATION_VERIFICATION) {
356 g_warning("%s: SSL hostname validation failed\n",
357 sockinfo->hostname);
358 } else {
359 g_warning("%s: SSL certificate verify failed (%ld: %s)\n",
360 sockinfo->hostname, verify_result,
361 X509_verify_cert_error_string(verify_result));
362 }
363
364 if (verify_ui_func) {
365 gint res;
366
367 res = verify_ui_func(sockinfo, sockinfo->hostname,
368 server_cert, verify_result);
369 /* 0: accept 1: temporarily accept -1: reject */
370 if (res < 0) {
371 debug_print("SSL certificate of %s rejected\n",
372 sockinfo->hostname);
373 #if 0
374 reject_list = g_slist_prepend
375 (reject_list, X509_dup(server_cert));
376 #endif
377 X509_free(server_cert);
378 return FALSE;
379 } else if (res > 0) {
380 debug_print("Temporarily accept SSL certificate of %s\n", sockinfo->hostname);
381 if (!expired)
382 tmp_trust_list = g_slist_prepend(tmp_trust_list, X509_dup(server_cert));
383 } else {
384 debug_print("Permanently accept SSL certificate of %s\n", sockinfo->hostname);
385 if (!expired)
386 trust_list = g_slist_prepend(trust_list, X509_dup(server_cert));
387 }
388 }
389
390 X509_free(server_cert);
391 } else {
392 g_warning("%s: couldn't get SSL certificate\n",
393 sockinfo->hostname);
394 return FALSE;
395 }
396
397 return TRUE;
398 }
399
ssl_done_socket(SockInfo * sockinfo)400 void ssl_done_socket(SockInfo *sockinfo)
401 {
402 if (sockinfo->ssl) {
403 SSL_free(sockinfo->ssl);
404 }
405 }
406
ssl_set_verify_func(SSLVerifyFunc func)407 void ssl_set_verify_func(SSLVerifyFunc func)
408 {
409 verify_ui_func = func;
410 }
411
412 #endif /* USE_SSL */
413