All 3 backends (MbedTLS, OpenSSL, GNUTLS) are going to have the same
function name for returning error strings. This will help to reduce the
diffs between them.
* Add generic direction enum for negotiation setup.
* Rename a rather long wrapper function to a shorter one consistent with
what it does.
* Rework context setup function.
* Don't check for handshake state before beginning handshaking.
The old backend began a handshake and then stepped into the callback
function if it was interrupted; the current one just jumps right into
it, so there is no need to check if it has previously succeeded,
because it hasn't been attempted yet.
* Add missing errno assignment to one of the handshake wrappers.
* Don't bother checking if SSL_P(F) is NULL when we already checked if
F->ssl is NULL -- this should be impossible.
* Don't bother checking if SSL_C(F) is NULL -- this was a no-op.
* Change the socket send and recv functions to not peer into a foreign
ratbox structure -- use the correct function to get the socket fd.
* Rewrap some lines and function arguments.
Other backends will be brought into line with this backend soon.
This will enable easier maintenance of the backends, by reducing the
diffs between them, which should make different behaviour easier to
spot.
At the moment, if a link quits in just the right (wrong [1]) way,
the quit reason will resemble:
<-- foo (~bar@baz) has quit (Read error: (-0x0) )
This should resolve that.
[1] Peers should send a close_notify alert before abruptly shutting
down their socket. This will result in a sane quit message:
<-- foo (~bar@baz) has quit (Read error: (-0x7880) SSL -
The peer notified us that the connection is going to be closed)
[ci skip]
As a client, require all peers (i.e. other IRC servers) to support secure
renegotiation. Break handshakes with servers that don't. We do not
renegotiate our sessions, but this is the most secure option regardless.
As a client, disable TLS Session Tickets. The server side MbedTLS code
does not have any ticket callbacks configured, so an MbedTLS IRC Server
will not issue tickets -- however, others could. Server connections are
not expected to be short-lived enough to benefit from the usage of tickets,
and their issuance harms forward secrecy.
I have removed all non-MbedTLS-specific code from this backend and
copied the non-OpenSSL-specific portions of the OpenSSL backend code
over; as it seems to be more reliable.
* Move certificate, key, DH parameters and configuration to heap
(Documentation states that setting new configuration, e.g.
during a rehash, is unsupported while connections using that
configuration are active)
This is the same approach as the fix for #186
Refcount these structures so as to not introduce a memory leak
On rehash, it will use new structures only if there are no
errors in constructing them
* Add better error-reporting (strings in addition to numbers)
where possible
* Coalesce several connection memory allocations into one function
* Reduce boilerplate where possible (Charybdis targets C99)
* Support private key being in certificate file, and having no
DH parameters file
* Correct erroneous closing comment
openssl:
* Don't manually initialise libssl 1.1.0 -- it does this automatically
* SSL_library_init() should be called first otherwise
* Move SSL_CTX construction to rb_setup_ssl_server()
* Test for all required files (certificate & key) before doing anything
* Free the old CTX before constructing a new one (Fixes#186)
* Properly abort rb_setup_ssl_server() on CTX construction failures
* Support ECDHE on more than one curve on OpenSSL 1.0.2 and above
* Clean up ifdef indentation
* Fix DH parameters memory leak
mbedtls:
* Fix certificate fingerprint generation
* Fix library linking order
* Fix incorrect printf()-esque argument count
* Return digest length for fingerprints instead of 1, consistent
with the other backends
sslproc / ssld:
* Fingerprint methods have no assocated file descriptors
* Send TLS information (cipher, fingerprint) before data
* Use correct header length for fingerprint method
Authored-by: Aaron Jones <aaronmdjones@gmail.com>
Authored-by: William Pitcock <nenolod@dereferenced.org>
Authored-by: Simon Arlott <sa.me.uk>