Commit graph

274 commits

Author SHA1 Message Date
Aaron Jones
d8df3c90de
GNUTLS: Log why fingerprint generation fails
This is rudimentary but at least 1 other backend logs why too.
2017-03-01 01:06:57 +00:00
Aaron Jones
5d8a480305
GNUTLS: Don't use VERS-TLS-ALL
It causes problems with older versions of the library.
2017-02-28 22:51:51 +00:00
Antoine Beaupré
9f21f1b353
properly call gnutls_x509_crt_list_import
the [manpage][] says:

>  unsigned int * cert_max
>      Initially must hold the maximum number of certs. It will be updated
>      with the number of certs available.

ratbox doesn't actually initialize that variable, so gnutls naturally
fails. i would also recommend considering dynamically allocating the
cert list to deal with that error in other ways than failing to
configured SSL completely in GnuTLS. the apache gnutls module has a
similar problem and came up with a [patch][] to do exactly this which
you may want to consider.

but since our cert chain is only (!) 5 certs long, our itched is
scratch by this particular patch.

[manpage]: https://manpages.debian.org/jessie/gnutls-doc/gnutls_x509_crt_list_import.3.en.html
[patch]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511573#35
2017-02-28 17:36:56 -05:00
Aaron Jones
5633e89376
MbedTLS: Disable TLSv1.0 2016-12-30 18:00:45 +00:00
Aaron Jones
e140ba71d6
OpenSSL: Disable TLSv1.0 2016-12-30 18:00:43 +00:00
Aaron Jones
6bcfd29624
GNUTLS: Provide a default priority string, disable TLSv1.0 in it
The user can still override this choice with the ssl_cipher_list option
in ircd.conf -- this is the only backend that will allow you to do so.
2016-12-30 18:00:41 +00:00
Aaron Jones
2afd965b21
TLS: Partially backport the SubjectPublicKeyInfo digesting functionality
This backports the code responsible for SPKI digests from release/4.

It also adjusts doc/reference.conf to note that SPKI digests are now
supported, and how to generate them. It does NOT backport the mkfingerprint
program -- the instructions in reference.conf are sufficient. I am ofcourse
open to anyone else backporting the program, but I don't see the need.
2016-11-15 12:30:09 +00:00
Aaron Jones
0a9598655c
TLS backends: Move some library-dependent functions to the proper location
The comment incorrectly stated these were library-agnostic; infact, they
use library-dependent data types or macro names.
2016-11-15 12:11:12 +00:00
Aaron Jones
0508eea2ed
OpenSSL: Adjust ciphersuite order and update documentation 2016-10-18 11:14:47 +00:00
Aaron Jones
a3868e7141
MbedTLS: Adjust ciphersuite order and update documentation 2016-10-18 10:56:04 +00:00
Aaron Jones
ecfdcb08e8
GNUTLS: Reorder all functions to match the other backends
No code was changed in this commit; just entire lines moved up or down.
Ofcourse, most git diff tools won't see it that way.

The diff between the MbedTLS backend and this one is now fairly
minimal.

Note to auditors importing this series of patches for review and
integration: This means you can skip this patch if you don't trust me.
2016-09-17 00:56:54 +00:00
Aaron Jones
fe9fba46cf
GNUTLS: Add some more misc checks to the start of functions 2016-09-17 00:56:54 +00:00
Aaron Jones
70bb2e24e0
GNUTLS: Cosmetic preprocessor cleanliness 2016-09-17 00:56:54 +00:00
Aaron Jones
1a75461594
GNUTLS: Minor fix to rb_ssl_accept_common()/rb_ssl_connect_common()
Properly check whether the library was interrupted by the kernel
before assuming that a nonzero errno was caused by the kernel.

Otherwise, a memory allocation failure in the library for example
would incorrectly be interpreted as a syscall error instead of a
library error.
2016-09-17 00:56:54 +00:00
Aaron Jones
0071c423d5
GNUTLS: Improve rb_ssl_read_or_write()
* Set errno to 0 before attempting any read/write operations as it may
  affect our tests otherwise.

* Properly check whether the gnutls_record_recv()/gnutls_record_send()
  call failed and distinguish between kernel and library errors.
2016-09-17 00:56:54 +00:00
Aaron Jones
d4e71871c0
GNUTLS: rb_ssl_read_or_write(): Use macro to refer to session context 2016-09-17 00:56:54 +00:00
Aaron Jones
939d7ec7fe
GNUTLS: Apply whole-file const correctness 2016-09-17 00:56:54 +00:00
Aaron Jones
9c7dda22e8
GNUTLS: Improve rb_ssl_get_cipher()
* Add debugging assertions.

* Reduce the buffer size in line with the other backends.

* Ask for the cipher name directly instead of constructing it ourselves
  from the key exchange / authentication algorithm, symmetric encryption
  algorithm, and message authentication code algorithm.
2016-09-17 00:56:54 +00:00
Aaron Jones
dd59642de1
GNUTLS: Improve rb_get_ssl_info()
Explicitly ignore the snprintf return value and properly indent
the following line.

Also add a 'v' before the version strings so it reads as e.g.:
  library (v3.3.8), compiled (v3.3.8)
2016-09-17 00:56:54 +00:00
Aaron Jones
67d31a2755
GNUTLS: Improve rb_get_ssl_certfp()
* Give function parameters const correctness.

* Use similar variable names as the other backends -- this will reduce
  the diff between them.

* Check for more kinds of errors in retrieving the peer's certificate.

* Log failure to generate fingerprints, like the MbedTLS backend does.
2016-09-17 00:56:54 +00:00
Aaron Jones
9986455edc
GNUTLS: Log PRNG initialisation 2016-09-17 00:56:53 +00:00
Aaron Jones
2b5bf0bada
GNUTLS: Improve rb_connect_tcp_ssl() and rb_ssl_start_connected()
Use the variable name instead of its type as an argument to a sizeof
allocation. This will prevent possible future errors being introduced
when the type of the variable is changed, but the sizeof argument is
not updated.
2016-09-17 00:56:53 +00:00
Aaron Jones
f4726edf7a
GNUTLS: Fix up rb_ssl_listen()
Declare and assign variables at the same time; give function
parameters const correctness.
2016-09-17 00:56:53 +00:00
Aaron Jones
4369f1fa55
GNUTLS: Improve rb_ssl_connect_common()
This is the same as the previous commit for rb_ssl_accept_common().
2016-09-17 00:56:53 +00:00
Aaron Jones
8ebebff4b4
GNUTLS: Improve rb_ssl_accept_common()
* Add more debugging assertions

* Cancel timeouts and callbacks when handshake succeeds or hard fails

* Differentiate between kernel and library errors

* Increase F->handshake_count on handshake success

  I'm still not exactly sure what this is even used for. It may be
  removed from all backends at a later time if I find it's not being
  used for anything important, as right now it can only have the values
  0 or 1.
2016-09-17 00:56:53 +00:00
Aaron Jones
8099d352c9
GNUTLS: Store error codes properly
This is similar to commit db12df5c16 for
the MbedTLS backend.

The difference is, GNUTLS will not accept positive values as input to
gnutls_strerror(), so we invert the sign bit after retrieving the value
too, not just when storing it.

Also add a forgotten ssl_errno assignment to rb_ssl_connect_common().
2016-09-17 00:56:53 +00:00
Aaron Jones
c6600fe290
GNUTLS: Add rb_ssl_strerror() function in line with other backends 2016-09-17 00:56:53 +00:00
Aaron Jones
d70129a0d6
GNUTLS: Rework rb_init_ssl() and rb_setup_ssl_server()
I did my best to remove all possible memory leaks in the latter.
It's ugly.
2016-09-17 00:56:53 +00:00
Aaron Jones
2d01971d05
GNUTLS: Send do_ssl_handshake() to the depths from whence it came 2016-09-17 00:56:53 +00:00
Aaron Jones
4fc76590b9
GNUTLS: Rework datum loading code 2016-09-17 00:56:53 +00:00
Aaron Jones
25ecd3cc86
GNUTLS: Raise minimum group size for Diffie-Hellman-Merkle key exchange
A 2048-bit long P should really be the minimum these days.
2016-09-17 00:56:53 +00:00
Aaron Jones
5797027e9f
GNUTLS: Add dedicated socket send/recv functions
This avoids a compiler warning regarding casting a file descriptor to a
pointer (as input to gnutls_transport_set_ptr()), and also ensures that
the pointer is valid for the lifetime of the session.
2016-09-17 00:56:53 +00:00
Aaron Jones
3f32d48dab
GNUTLS: Break off TLS setup from callbacks to a dedicated function
This is in line with the other backends; eventually those callbacks
will be moved to a library-agnostic section.
2016-09-17 00:56:52 +00:00
Aaron Jones
4618ec248e
GNUTLS: Improve the connect callback logic 2016-09-17 00:56:52 +00:00
Aaron Jones
77119a5031
GNUTLS: Improve the accept callback logic 2016-09-17 00:56:52 +00:00
Aaron Jones
a41a1d20db
GNUTLS: Fix the SSL_P(x) macro
It previously assumed there was an "F" variable in the scope it was
used in. It now uses its input "x" variable.
2016-09-17 00:56:52 +00:00
Aaron Jones
5103d939d0
GNUTLS: Rename the timeout callback in line with the other backends 2016-09-17 00:56:52 +00:00
Aaron Jones
992aa93b80
GNUTLS: Tidy up rb_init_ssl() and improve its error logging 2016-09-17 00:56:52 +00:00
Aaron Jones
6cc08ecf90
GNUTLS: Move `struct ssl_connect' definition to the top of the file 2016-09-17 00:56:52 +00:00
Aaron Jones
fde101b9b2
GNUTLS: Tidy up the cert authentication callback 2016-09-17 00:56:52 +00:00
Aaron Jones
75d7d47a7e
GNUTLS: Tidy up headers 2016-09-17 00:56:52 +00:00
Aaron Jones
d9e6ff7349
GNUTLS: Tidy up unit-scope variables and give them clearer names 2016-09-17 00:56:11 +00:00
Aaron Jones
4d89c83c32
GNUTLS: Shut down sessions properly
If gnutls_bye() fails with a fatal error, we would reattempt it again
and again, even though this may then go on to e.g. cause a segmentation
fault.

Now we just keep retrying if it was interrupted, in line with the other
backends, up to a maximum of 3 retries.
2016-09-17 00:55:40 +00:00
Aaron Jones
a3a25a4c8a
MbedTLS: A few more minor changes
Yeah, I know, I said I was happy with it and wouldn't be changing it.
However, the new GNUTLS backend I'm working on has prompted this.

E.g. MbedTLS error codes and GNUTLS error codes are both negative ints,
     but GNUTLS will not tolerate positive input values. Let's treat
     both backends the same.
2016-09-17 00:11:46 +00:00
Aaron Jones
159d901e71
MbedTLS & OpenSSL: Purely cosmetic changes.
This further reduces the diff between the backends.
It does not change any of the logic in either backend.
2016-09-16 11:17:29 +00:00
William Pitcock
de78e5906a Merge pull request #219 from aaronmdjones/openssl219
Improve the OpenSSL backend
2016-09-15 21:50:48 -07:00
Aaron Jones
92c04c6b9d
OpenSSL: Final round of const correctness
I'm happy with the state of this backend now.
I don't anticipate making any further changes.
2016-09-15 20:14:01 +00:00
Aaron Jones
5feb292aa9
OpenSSL: Indicate successful RNG initialisation 2016-09-15 20:12:22 +00:00
Aaron Jones
5bb5226edc
OpenSSL: Simplify the RNG code 2016-09-15 20:12:22 +00:00
Aaron Jones
15e2cab1e5
OpenSSL: Add another debugging assert 2016-09-15 20:12:22 +00:00