Commit graph

291 commits

Author SHA1 Message Date
Aaron Jones
cc34e7543a
libratbox/src/mbedtls_ratbox.h: remove unnecessary inclusion 2018-08-26 18:50:08 +00:00
Aaron Jones
4f8ad92ab4
MbedTLS: Support ChaCha20-Poly1305 in TLSv1.2+ 2018-08-13 22:34:16 +00:00
Aaron Jones
6c00795284
libratbox/src/mbedtls.c: check public/private keys match 2018-01-06 15:58:30 +00:00
Aaron Jones
a6485efda0
libratbox/src/commio.c: misc cleanups for compiler warnings
commio.c:2244:11: warning: variable length array used [-Wvla]
commio.c:2253:29: warning: comparison of integers of different signs:
                  'unsigned int' and 'int' [-Wsign-compare]

This use of alloca(3) is okay-ish considering the corresponding function
`rb_recv_fd_buf()` already uses it too, for much the same purpose. Also
remove a redundant return statement.
2017-08-04 12:32:58 +00:00
Simon Arlott
55ae03aee1
libratbox/src/ratbox_lib.c: avoid clang static analysis warning 2017-08-04 12:32:58 +00:00
Simon Arlott
8fc0cea653
librb: rb_linebuf_copy_raw: remove unused assignment 2017-08-04 12:32:58 +00:00
Simon Arlott
ea3ca814f5
libratbox/src/commio.c: Must set addrlen before every call to accept()
If an IPv4 connection is dropped by the pre-callback, and there is a
pending IPv6 connection on the same listening socket then the retried
accept() will be unable to populate `st` because `addrlen` will be too
small. Also initialise `st` each time to avoid a clang static analysis
warning.
2017-08-04 12:32:58 +00:00
Aaron Jones
85f46bb59e
libratbox/src/crypt.c: misc cleanup for compiler warning
crypt.c:1979:7: warning: '_STRING_ARCH_unaligned' is not defined,
                evaluates to 0 [-Wundef]
2017-08-04 12:32:58 +00:00
Aaron Jones
f54e6c3558
libratbox/src/commio.c: misc cleanup for compiler warning
commio.c:1269:17: warning: possible misuse of comma operator here
                  [-Wcomma]

What an ugly way to use commas!
2017-08-04 12:32:57 +00:00
Aaron Jones
82e920102f
lots of misc cleanups for compiler warnings
ratbox_lib.c:159:1: warning: function 'rb_lib_restart' could be declared
                    with attribute 'noreturn' [-Wmissing-noreturn]

ratbox_lib.c:220:1: warning: function 'rb_lib_loop' could be declared
                    with attribute 'noreturn' [-Wmissing-noreturn]

restart.c:55:1: warning: function 'server_reboot' could be declared with
                attribute 'noreturn' [-Wmissing-noreturn]
2017-08-04 12:32:57 +00:00
Aaron Jones
9ca4bd7e0c
rb_helper: misc cleanups for compiler warning
helper.c:291:1: warning: function 'rb_helper_loop' could be declared
                with attribute 'noreturn' [-Wmissing-noreturn]
2017-08-04 12:32:57 +00:00
Aaron Jones
bd62a802f9
libratbox/src/balloc.c: misc cleanup for compiler warning
balloc.c:111:1: warning: function '_rb_bh_fail' could be declared with
                attribute 'noreturn' [-Wmissing-noreturn]
2017-08-04 12:32:57 +00:00
Aaron Jones
e52356b21e
libratbox/src/commio.c: misc cleanup for compiler warnings
commio.c:1368:3: warning: 'break' will never be executed
                 [-Wunreachable-code-break]

    (... and 2 more of the same)
2017-08-04 12:32:56 +00:00
Aaron Jones
fa2b7ab282
libratbox/src/openssl_ratbox.h: misc cleanup for compiler warning
openssl.c:459:47: warning: cast from 'const char *' to 'char *' drops
                  const qualifier [-Wcast-qual]

(I find it remarkable that SSL_CTX_set1_curves_list() does not accept a
 'const char *' argument...)
2017-08-04 12:32:56 +00:00
Aaron Jones
3f7ccca917
libratbox/src/crypt.c: misc cleanup for compiler warnings
crypt.c:49:4: warning: 'break' will never be executed
              [-Wunreachable-code-break]
    (... and 3 more of the same)

crypt.c:627:7: warning: variable 'f' may be uninitialized when used
               here [-Wconditional-uninitialized]

crypt.c:539:12: note: initialize the variable 'f' to silence this
                warning
2017-08-04 12:32:56 +00:00
Aaron Jones
167ca46a04
mbedtls.c: minor fixups
- Add (void) casts for unused function parameters
- Rearrange member in `struct rb_mbedtls_cfg_context' for data alignment
- Document a `clang-4.0 -Weverything' (-Wcast-qual) diagnostic
- Avoid pointless conversions between positive/negative error codes
- Use capital hexadecimals in error codes and properly cast to
  (unsigned int) for %x/%X
2017-07-03 00:21:43 +00:00
Aaron Jones
1b7c6aff1a
MbedTLS: Don't use a dummy CA certificate on new library (no longer required) 2017-06-22 11:12:21 +00:00
Aaron Jones
d8df3c90de
GNUTLS: Log why fingerprint generation fails
This is rudimentary but at least 1 other backend logs why too.
2017-03-01 01:06:57 +00:00
Aaron Jones
5d8a480305
GNUTLS: Don't use VERS-TLS-ALL
It causes problems with older versions of the library.
2017-02-28 22:51:51 +00:00
Antoine Beaupré
9f21f1b353
properly call gnutls_x509_crt_list_import
the [manpage][] says:

>  unsigned int * cert_max
>      Initially must hold the maximum number of certs. It will be updated
>      with the number of certs available.

ratbox doesn't actually initialize that variable, so gnutls naturally
fails. i would also recommend considering dynamically allocating the
cert list to deal with that error in other ways than failing to
configured SSL completely in GnuTLS. the apache gnutls module has a
similar problem and came up with a [patch][] to do exactly this which
you may want to consider.

but since our cert chain is only (!) 5 certs long, our itched is
scratch by this particular patch.

[manpage]: https://manpages.debian.org/jessie/gnutls-doc/gnutls_x509_crt_list_import.3.en.html
[patch]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511573#35
2017-02-28 17:36:56 -05:00
Aaron Jones
5633e89376
MbedTLS: Disable TLSv1.0 2016-12-30 18:00:45 +00:00
Aaron Jones
e140ba71d6
OpenSSL: Disable TLSv1.0 2016-12-30 18:00:43 +00:00
Aaron Jones
6bcfd29624
GNUTLS: Provide a default priority string, disable TLSv1.0 in it
The user can still override this choice with the ssl_cipher_list option
in ircd.conf -- this is the only backend that will allow you to do so.
2016-12-30 18:00:41 +00:00
Aaron Jones
2afd965b21
TLS: Partially backport the SubjectPublicKeyInfo digesting functionality
This backports the code responsible for SPKI digests from release/4.

It also adjusts doc/reference.conf to note that SPKI digests are now
supported, and how to generate them. It does NOT backport the mkfingerprint
program -- the instructions in reference.conf are sufficient. I am ofcourse
open to anyone else backporting the program, but I don't see the need.
2016-11-15 12:30:09 +00:00
Aaron Jones
0a9598655c
TLS backends: Move some library-dependent functions to the proper location
The comment incorrectly stated these were library-agnostic; infact, they
use library-dependent data types or macro names.
2016-11-15 12:11:12 +00:00
Aaron Jones
0508eea2ed
OpenSSL: Adjust ciphersuite order and update documentation 2016-10-18 11:14:47 +00:00
Aaron Jones
a3868e7141
MbedTLS: Adjust ciphersuite order and update documentation 2016-10-18 10:56:04 +00:00
Aaron Jones
ecfdcb08e8
GNUTLS: Reorder all functions to match the other backends
No code was changed in this commit; just entire lines moved up or down.
Ofcourse, most git diff tools won't see it that way.

The diff between the MbedTLS backend and this one is now fairly
minimal.

Note to auditors importing this series of patches for review and
integration: This means you can skip this patch if you don't trust me.
2016-09-17 00:56:54 +00:00
Aaron Jones
fe9fba46cf
GNUTLS: Add some more misc checks to the start of functions 2016-09-17 00:56:54 +00:00
Aaron Jones
70bb2e24e0
GNUTLS: Cosmetic preprocessor cleanliness 2016-09-17 00:56:54 +00:00
Aaron Jones
1a75461594
GNUTLS: Minor fix to rb_ssl_accept_common()/rb_ssl_connect_common()
Properly check whether the library was interrupted by the kernel
before assuming that a nonzero errno was caused by the kernel.

Otherwise, a memory allocation failure in the library for example
would incorrectly be interpreted as a syscall error instead of a
library error.
2016-09-17 00:56:54 +00:00
Aaron Jones
0071c423d5
GNUTLS: Improve rb_ssl_read_or_write()
* Set errno to 0 before attempting any read/write operations as it may
  affect our tests otherwise.

* Properly check whether the gnutls_record_recv()/gnutls_record_send()
  call failed and distinguish between kernel and library errors.
2016-09-17 00:56:54 +00:00
Aaron Jones
d4e71871c0
GNUTLS: rb_ssl_read_or_write(): Use macro to refer to session context 2016-09-17 00:56:54 +00:00
Aaron Jones
939d7ec7fe
GNUTLS: Apply whole-file const correctness 2016-09-17 00:56:54 +00:00
Aaron Jones
9c7dda22e8
GNUTLS: Improve rb_ssl_get_cipher()
* Add debugging assertions.

* Reduce the buffer size in line with the other backends.

* Ask for the cipher name directly instead of constructing it ourselves
  from the key exchange / authentication algorithm, symmetric encryption
  algorithm, and message authentication code algorithm.
2016-09-17 00:56:54 +00:00
Aaron Jones
dd59642de1
GNUTLS: Improve rb_get_ssl_info()
Explicitly ignore the snprintf return value and properly indent
the following line.

Also add a 'v' before the version strings so it reads as e.g.:
  library (v3.3.8), compiled (v3.3.8)
2016-09-17 00:56:54 +00:00
Aaron Jones
67d31a2755
GNUTLS: Improve rb_get_ssl_certfp()
* Give function parameters const correctness.

* Use similar variable names as the other backends -- this will reduce
  the diff between them.

* Check for more kinds of errors in retrieving the peer's certificate.

* Log failure to generate fingerprints, like the MbedTLS backend does.
2016-09-17 00:56:54 +00:00
Aaron Jones
9986455edc
GNUTLS: Log PRNG initialisation 2016-09-17 00:56:53 +00:00
Aaron Jones
2b5bf0bada
GNUTLS: Improve rb_connect_tcp_ssl() and rb_ssl_start_connected()
Use the variable name instead of its type as an argument to a sizeof
allocation. This will prevent possible future errors being introduced
when the type of the variable is changed, but the sizeof argument is
not updated.
2016-09-17 00:56:53 +00:00
Aaron Jones
f4726edf7a
GNUTLS: Fix up rb_ssl_listen()
Declare and assign variables at the same time; give function
parameters const correctness.
2016-09-17 00:56:53 +00:00
Aaron Jones
4369f1fa55
GNUTLS: Improve rb_ssl_connect_common()
This is the same as the previous commit for rb_ssl_accept_common().
2016-09-17 00:56:53 +00:00
Aaron Jones
8ebebff4b4
GNUTLS: Improve rb_ssl_accept_common()
* Add more debugging assertions

* Cancel timeouts and callbacks when handshake succeeds or hard fails

* Differentiate between kernel and library errors

* Increase F->handshake_count on handshake success

  I'm still not exactly sure what this is even used for. It may be
  removed from all backends at a later time if I find it's not being
  used for anything important, as right now it can only have the values
  0 or 1.
2016-09-17 00:56:53 +00:00
Aaron Jones
8099d352c9
GNUTLS: Store error codes properly
This is similar to commit db12df5c16 for
the MbedTLS backend.

The difference is, GNUTLS will not accept positive values as input to
gnutls_strerror(), so we invert the sign bit after retrieving the value
too, not just when storing it.

Also add a forgotten ssl_errno assignment to rb_ssl_connect_common().
2016-09-17 00:56:53 +00:00
Aaron Jones
c6600fe290
GNUTLS: Add rb_ssl_strerror() function in line with other backends 2016-09-17 00:56:53 +00:00
Aaron Jones
d70129a0d6
GNUTLS: Rework rb_init_ssl() and rb_setup_ssl_server()
I did my best to remove all possible memory leaks in the latter.
It's ugly.
2016-09-17 00:56:53 +00:00
Aaron Jones
2d01971d05
GNUTLS: Send do_ssl_handshake() to the depths from whence it came 2016-09-17 00:56:53 +00:00
Aaron Jones
4fc76590b9
GNUTLS: Rework datum loading code 2016-09-17 00:56:53 +00:00
Aaron Jones
25ecd3cc86
GNUTLS: Raise minimum group size for Diffie-Hellman-Merkle key exchange
A 2048-bit long P should really be the minimum these days.
2016-09-17 00:56:53 +00:00
Aaron Jones
5797027e9f
GNUTLS: Add dedicated socket send/recv functions
This avoids a compiler warning regarding casting a file descriptor to a
pointer (as input to gnutls_transport_set_ptr()), and also ensures that
the pointer is valid for the lifetime of the session.
2016-09-17 00:56:53 +00:00
Aaron Jones
3f32d48dab
GNUTLS: Break off TLS setup from callbacks to a dedicated function
This is in line with the other backends; eventually those callbacks
will be moved to a library-agnostic section.
2016-09-17 00:56:52 +00:00