2
0

mbedtls.c 38 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274
  1. /***************************************************************************
  2. * _ _ ____ _
  3. * Project ___| | | | _ \| |
  4. * / __| | | | |_) | |
  5. * | (__| |_| | _ <| |___
  6. * \___|\___/|_| \_\_____|
  7. *
  8. * Copyright (C) 2012 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
  9. * Copyright (C) 2010 - 2011, Hoi-Ho Chan, <hoiho.chan@gmail.com>
  10. *
  11. * This software is licensed as described in the file COPYING, which
  12. * you should have received as part of this distribution. The terms
  13. * are also available at https://curl.se/docs/copyright.html.
  14. *
  15. * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  16. * copies of the Software, and permit persons to whom the Software is
  17. * furnished to do so, under the terms of the COPYING file.
  18. *
  19. * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  20. * KIND, either express or implied.
  21. *
  22. * SPDX-License-Identifier: curl
  23. *
  24. ***************************************************************************/
  25. /*
  26. * Source file for all mbedTLS-specific code for the TLS/SSL layer. No code
  27. * but vtls.c should ever call or use these functions.
  28. *
  29. */
  30. #include "curl_setup.h"
  31. #ifdef USE_MBEDTLS
  32. /* Define this to enable lots of debugging for mbedTLS */
  33. /* #define MBEDTLS_DEBUG */
  34. #include <mbedtls/version.h>
  35. #if MBEDTLS_VERSION_NUMBER >= 0x02040000
  36. #include <mbedtls/net_sockets.h>
  37. #else
  38. #include <mbedtls/net.h>
  39. #endif
  40. #include <mbedtls/ssl.h>
  41. #include <mbedtls/x509.h>
  42. #include <mbedtls/error.h>
  43. #include <mbedtls/entropy.h>
  44. #include <mbedtls/ctr_drbg.h>
  45. #include <mbedtls/sha256.h>
  46. #if MBEDTLS_VERSION_MAJOR >= 2
  47. # ifdef MBEDTLS_DEBUG
  48. # include <mbedtls/debug.h>
  49. # endif
  50. #endif
  51. #include "urldata.h"
  52. #include "sendf.h"
  53. #include "inet_pton.h"
  54. #include "mbedtls.h"
  55. #include "vtls.h"
  56. #include "parsedate.h"
  57. #include "connect.h" /* for the connect timeout */
  58. #include "select.h"
  59. #include "multiif.h"
  60. #include "mbedtls_threadlock.h"
  61. /* The last 3 #include files should be in this order */
  62. #include "curl_printf.h"
  63. #include "curl_memory.h"
  64. #include "memdebug.h"
  65. /* ALPN for http2 */
  66. #ifdef USE_HTTP2
  67. # undef HAS_ALPN
  68. # ifdef MBEDTLS_SSL_ALPN
  69. # define HAS_ALPN
  70. # endif
  71. #endif
  72. struct ssl_backend_data {
  73. mbedtls_ctr_drbg_context ctr_drbg;
  74. mbedtls_entropy_context entropy;
  75. mbedtls_ssl_context ssl;
  76. mbedtls_x509_crt cacert;
  77. mbedtls_x509_crt clicert;
  78. #ifdef MBEDTLS_X509_CRL_PARSE_C
  79. mbedtls_x509_crl crl;
  80. #endif
  81. mbedtls_pk_context pk;
  82. mbedtls_ssl_config config;
  83. #ifdef HAS_ALPN
  84. const char *protocols[3];
  85. #endif
  86. };
  87. /* apply threading? */
  88. #if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32)
  89. #define THREADING_SUPPORT
  90. #endif
  91. #ifndef MBEDTLS_ERROR_C
  92. #define mbedtls_strerror(a,b,c) b[0] = 0
  93. #endif
  94. #if defined(THREADING_SUPPORT)
  95. static mbedtls_entropy_context ts_entropy;
  96. static int entropy_init_initialized = 0;
  97. /* start of entropy_init_mutex() */
  98. static void entropy_init_mutex(mbedtls_entropy_context *ctx)
  99. {
  100. /* lock 0 = entropy_init_mutex() */
  101. Curl_mbedtlsthreadlock_lock_function(0);
  102. if(entropy_init_initialized == 0) {
  103. mbedtls_entropy_init(ctx);
  104. entropy_init_initialized = 1;
  105. }
  106. Curl_mbedtlsthreadlock_unlock_function(0);
  107. }
  108. /* end of entropy_init_mutex() */
  109. /* start of entropy_func_mutex() */
  110. static int entropy_func_mutex(void *data, unsigned char *output, size_t len)
  111. {
  112. int ret;
  113. /* lock 1 = entropy_func_mutex() */
  114. Curl_mbedtlsthreadlock_lock_function(1);
  115. ret = mbedtls_entropy_func(data, output, len);
  116. Curl_mbedtlsthreadlock_unlock_function(1);
  117. return ret;
  118. }
  119. /* end of entropy_func_mutex() */
  120. #endif /* THREADING_SUPPORT */
  121. #ifdef MBEDTLS_DEBUG
  122. static void mbed_debug(void *context, int level, const char *f_name,
  123. int line_nb, const char *line)
  124. {
  125. struct Curl_easy *data = NULL;
  126. if(!context)
  127. return;
  128. data = (struct Curl_easy *)context;
  129. infof(data, "%s", line);
  130. (void) level;
  131. }
  132. #else
  133. #endif
  134. /*
  135. * profile
  136. */
  137. static const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_fr =
  138. {
  139. /* Hashes from SHA-1 and above */
  140. MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA1) |
  141. MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_RIPEMD160) |
  142. MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA224) |
  143. MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) |
  144. MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) |
  145. MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512),
  146. 0xFFFFFFF, /* Any PK alg */
  147. 0xFFFFFFF, /* Any curve */
  148. 1024, /* RSA min key len */
  149. };
  150. /* See https://tls.mbed.org/discussions/generic/
  151. howto-determine-exact-buffer-len-for-mbedtls_pk_write_pubkey_der
  152. */
  153. #define RSA_PUB_DER_MAX_BYTES (38 + 2 * MBEDTLS_MPI_MAX_SIZE)
  154. #define ECP_PUB_DER_MAX_BYTES (30 + 2 * MBEDTLS_ECP_MAX_BYTES)
  155. #define PUB_DER_MAX_BYTES (RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \
  156. RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES)
  157. static Curl_recv mbed_recv;
  158. static Curl_send mbed_send;
  159. static CURLcode mbedtls_version_from_curl(int *mbedver, long version)
  160. {
  161. #if MBEDTLS_VERSION_NUMBER >= 0x03000000
  162. switch(version) {
  163. case CURL_SSLVERSION_TLSv1_0:
  164. case CURL_SSLVERSION_TLSv1_1:
  165. case CURL_SSLVERSION_TLSv1_2:
  166. *mbedver = MBEDTLS_SSL_MINOR_VERSION_3;
  167. return CURLE_OK;
  168. case CURL_SSLVERSION_TLSv1_3:
  169. break;
  170. }
  171. #else
  172. switch(version) {
  173. case CURL_SSLVERSION_TLSv1_0:
  174. *mbedver = MBEDTLS_SSL_MINOR_VERSION_1;
  175. return CURLE_OK;
  176. case CURL_SSLVERSION_TLSv1_1:
  177. *mbedver = MBEDTLS_SSL_MINOR_VERSION_2;
  178. return CURLE_OK;
  179. case CURL_SSLVERSION_TLSv1_2:
  180. *mbedver = MBEDTLS_SSL_MINOR_VERSION_3;
  181. return CURLE_OK;
  182. case CURL_SSLVERSION_TLSv1_3:
  183. break;
  184. }
  185. #endif
  186. return CURLE_SSL_CONNECT_ERROR;
  187. }
  188. static CURLcode
  189. set_ssl_version_min_max(struct Curl_easy *data, struct connectdata *conn,
  190. int sockindex)
  191. {
  192. struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  193. struct ssl_backend_data *backend = connssl->backend;
  194. #if MBEDTLS_VERSION_NUMBER >= 0x03000000
  195. int mbedtls_ver_min = MBEDTLS_SSL_MINOR_VERSION_3;
  196. int mbedtls_ver_max = MBEDTLS_SSL_MINOR_VERSION_3;
  197. #else
  198. int mbedtls_ver_min = MBEDTLS_SSL_MINOR_VERSION_1;
  199. int mbedtls_ver_max = MBEDTLS_SSL_MINOR_VERSION_1;
  200. #endif
  201. long ssl_version = SSL_CONN_CONFIG(version);
  202. long ssl_version_max = SSL_CONN_CONFIG(version_max);
  203. CURLcode result = CURLE_OK;
  204. DEBUGASSERT(backend);
  205. switch(ssl_version) {
  206. case CURL_SSLVERSION_DEFAULT:
  207. case CURL_SSLVERSION_TLSv1:
  208. ssl_version = CURL_SSLVERSION_TLSv1_0;
  209. break;
  210. }
  211. switch(ssl_version_max) {
  212. case CURL_SSLVERSION_MAX_NONE:
  213. case CURL_SSLVERSION_MAX_DEFAULT:
  214. ssl_version_max = CURL_SSLVERSION_MAX_TLSv1_2;
  215. break;
  216. }
  217. result = mbedtls_version_from_curl(&mbedtls_ver_min, ssl_version);
  218. if(result) {
  219. failf(data, "unsupported min version passed via CURLOPT_SSLVERSION");
  220. return result;
  221. }
  222. result = mbedtls_version_from_curl(&mbedtls_ver_max, ssl_version_max >> 16);
  223. if(result) {
  224. failf(data, "unsupported max version passed via CURLOPT_SSLVERSION");
  225. return result;
  226. }
  227. mbedtls_ssl_conf_min_version(&backend->config, MBEDTLS_SSL_MAJOR_VERSION_3,
  228. mbedtls_ver_min);
  229. mbedtls_ssl_conf_max_version(&backend->config, MBEDTLS_SSL_MAJOR_VERSION_3,
  230. mbedtls_ver_max);
  231. return result;
  232. }
  233. static CURLcode
  234. mbed_connect_step1(struct Curl_easy *data, struct connectdata *conn,
  235. int sockindex)
  236. {
  237. struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  238. struct ssl_backend_data *backend = connssl->backend;
  239. const struct curl_blob *ca_info_blob = SSL_CONN_CONFIG(ca_info_blob);
  240. const char * const ssl_cafile =
  241. /* CURLOPT_CAINFO_BLOB overrides CURLOPT_CAINFO */
  242. (ca_info_blob ? NULL : SSL_CONN_CONFIG(CAfile));
  243. const bool verifypeer = SSL_CONN_CONFIG(verifypeer);
  244. const char * const ssl_capath = SSL_CONN_CONFIG(CApath);
  245. char * const ssl_cert = SSL_SET_OPTION(primary.clientcert);
  246. const struct curl_blob *ssl_cert_blob = SSL_SET_OPTION(primary.cert_blob);
  247. const char * const ssl_crlfile = SSL_SET_OPTION(primary.CRLfile);
  248. const char * const hostname = SSL_HOST_NAME();
  249. #ifndef CURL_DISABLE_VERBOSE_STRINGS
  250. const long int port = SSL_HOST_PORT();
  251. #endif
  252. int ret = -1;
  253. char errorbuf[128];
  254. DEBUGASSERT(backend);
  255. if((SSL_CONN_CONFIG(version) == CURL_SSLVERSION_SSLv2) ||
  256. (SSL_CONN_CONFIG(version) == CURL_SSLVERSION_SSLv3)) {
  257. failf(data, "Not supported SSL version");
  258. return CURLE_NOT_BUILT_IN;
  259. }
  260. #ifdef THREADING_SUPPORT
  261. entropy_init_mutex(&ts_entropy);
  262. mbedtls_ctr_drbg_init(&backend->ctr_drbg);
  263. ret = mbedtls_ctr_drbg_seed(&backend->ctr_drbg, entropy_func_mutex,
  264. &ts_entropy, NULL, 0);
  265. if(ret) {
  266. mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
  267. failf(data, "mbedtls_ctr_drbg_seed returned (-0x%04X) %s",
  268. -ret, errorbuf);
  269. return CURLE_FAILED_INIT;
  270. }
  271. #else
  272. mbedtls_entropy_init(&backend->entropy);
  273. mbedtls_ctr_drbg_init(&backend->ctr_drbg);
  274. ret = mbedtls_ctr_drbg_seed(&backend->ctr_drbg, mbedtls_entropy_func,
  275. &backend->entropy, NULL, 0);
  276. if(ret) {
  277. mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
  278. failf(data, "mbedtls_ctr_drbg_seed returned (-0x%04X) %s",
  279. -ret, errorbuf);
  280. return CURLE_FAILED_INIT;
  281. }
  282. #endif /* THREADING_SUPPORT */
  283. /* Load the trusted CA */
  284. mbedtls_x509_crt_init(&backend->cacert);
  285. if(ca_info_blob && verifypeer) {
  286. /* Unfortunately, mbedtls_x509_crt_parse() requires the data to be null
  287. terminated even when provided the exact length, forcing us to waste
  288. extra memory here. */
  289. unsigned char *newblob = malloc(ca_info_blob->len + 1);
  290. if(!newblob)
  291. return CURLE_OUT_OF_MEMORY;
  292. memcpy(newblob, ca_info_blob->data, ca_info_blob->len);
  293. newblob[ca_info_blob->len] = 0; /* null terminate */
  294. ret = mbedtls_x509_crt_parse(&backend->cacert, newblob,
  295. ca_info_blob->len + 1);
  296. free(newblob);
  297. if(ret<0) {
  298. mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
  299. failf(data, "Error importing ca cert blob - mbedTLS: (-0x%04X) %s",
  300. -ret, errorbuf);
  301. return CURLE_SSL_CERTPROBLEM;
  302. }
  303. }
  304. if(ssl_cafile && verifypeer) {
  305. #ifdef MBEDTLS_FS_IO
  306. ret = mbedtls_x509_crt_parse_file(&backend->cacert, ssl_cafile);
  307. if(ret<0) {
  308. mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
  309. failf(data, "Error reading ca cert file %s - mbedTLS: (-0x%04X) %s",
  310. ssl_cafile, -ret, errorbuf);
  311. return CURLE_SSL_CACERT_BADFILE;
  312. }
  313. #else
  314. failf(data, "mbedtls: functions that use the filesystem not built in");
  315. return CURLE_NOT_BUILT_IN;
  316. #endif
  317. }
  318. if(ssl_capath) {
  319. #ifdef MBEDTLS_FS_IO
  320. ret = mbedtls_x509_crt_parse_path(&backend->cacert, ssl_capath);
  321. if(ret<0) {
  322. mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
  323. failf(data, "Error reading ca cert path %s - mbedTLS: (-0x%04X) %s",
  324. ssl_capath, -ret, errorbuf);
  325. if(verifypeer)
  326. return CURLE_SSL_CACERT_BADFILE;
  327. }
  328. #else
  329. failf(data, "mbedtls: functions that use the filesystem not built in");
  330. return CURLE_NOT_BUILT_IN;
  331. #endif
  332. }
  333. /* Load the client certificate */
  334. mbedtls_x509_crt_init(&backend->clicert);
  335. if(ssl_cert) {
  336. #ifdef MBEDTLS_FS_IO
  337. ret = mbedtls_x509_crt_parse_file(&backend->clicert, ssl_cert);
  338. if(ret) {
  339. mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
  340. failf(data, "Error reading client cert file %s - mbedTLS: (-0x%04X) %s",
  341. ssl_cert, -ret, errorbuf);
  342. return CURLE_SSL_CERTPROBLEM;
  343. }
  344. #else
  345. failf(data, "mbedtls: functions that use the filesystem not built in");
  346. return CURLE_NOT_BUILT_IN;
  347. #endif
  348. }
  349. if(ssl_cert_blob) {
  350. /* Unfortunately, mbedtls_x509_crt_parse() requires the data to be null
  351. terminated even when provided the exact length, forcing us to waste
  352. extra memory here. */
  353. unsigned char *newblob = malloc(ssl_cert_blob->len + 1);
  354. if(!newblob)
  355. return CURLE_OUT_OF_MEMORY;
  356. memcpy(newblob, ssl_cert_blob->data, ssl_cert_blob->len);
  357. newblob[ssl_cert_blob->len] = 0; /* null terminate */
  358. ret = mbedtls_x509_crt_parse(&backend->clicert, newblob,
  359. ssl_cert_blob->len + 1);
  360. free(newblob);
  361. if(ret) {
  362. mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
  363. failf(data, "Error reading private key %s - mbedTLS: (-0x%04X) %s",
  364. SSL_SET_OPTION(key), -ret, errorbuf);
  365. return CURLE_SSL_CERTPROBLEM;
  366. }
  367. }
  368. /* Load the client private key */
  369. mbedtls_pk_init(&backend->pk);
  370. if(SSL_SET_OPTION(key) || SSL_SET_OPTION(key_blob)) {
  371. if(SSL_SET_OPTION(key)) {
  372. #ifdef MBEDTLS_FS_IO
  373. #if MBEDTLS_VERSION_NUMBER >= 0x03000000
  374. ret = mbedtls_pk_parse_keyfile(&backend->pk, SSL_SET_OPTION(key),
  375. SSL_SET_OPTION(key_passwd),
  376. mbedtls_ctr_drbg_random,
  377. &backend->ctr_drbg);
  378. #else
  379. ret = mbedtls_pk_parse_keyfile(&backend->pk, SSL_SET_OPTION(key),
  380. SSL_SET_OPTION(key_passwd));
  381. #endif
  382. if(ret) {
  383. mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
  384. failf(data, "Error reading private key %s - mbedTLS: (-0x%04X) %s",
  385. SSL_SET_OPTION(key), -ret, errorbuf);
  386. return CURLE_SSL_CERTPROBLEM;
  387. }
  388. #else
  389. failf(data, "mbedtls: functions that use the filesystem not built in");
  390. return CURLE_NOT_BUILT_IN;
  391. #endif
  392. }
  393. else {
  394. const struct curl_blob *ssl_key_blob = SSL_SET_OPTION(key_blob);
  395. const unsigned char *key_data =
  396. (const unsigned char *)ssl_key_blob->data;
  397. const char *passwd = SSL_SET_OPTION(key_passwd);
  398. #if MBEDTLS_VERSION_NUMBER >= 0x03000000
  399. ret = mbedtls_pk_parse_key(&backend->pk, key_data, ssl_key_blob->len,
  400. (const unsigned char *)passwd,
  401. passwd ? strlen(passwd) : 0,
  402. mbedtls_ctr_drbg_random,
  403. &backend->ctr_drbg);
  404. #else
  405. ret = mbedtls_pk_parse_key(&backend->pk, key_data, ssl_key_blob->len,
  406. (const unsigned char *)passwd,
  407. passwd ? strlen(passwd) : 0);
  408. #endif
  409. if(ret) {
  410. mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
  411. failf(data, "Error parsing private key - mbedTLS: (-0x%04X) %s",
  412. -ret, errorbuf);
  413. return CURLE_SSL_CERTPROBLEM;
  414. }
  415. }
  416. if(ret == 0 && !(mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_RSA) ||
  417. mbedtls_pk_can_do(&backend->pk, MBEDTLS_PK_ECKEY)))
  418. ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
  419. }
  420. /* Load the CRL */
  421. #ifdef MBEDTLS_X509_CRL_PARSE_C
  422. mbedtls_x509_crl_init(&backend->crl);
  423. if(ssl_crlfile) {
  424. #ifdef MBEDTLS_FS_IO
  425. ret = mbedtls_x509_crl_parse_file(&backend->crl, ssl_crlfile);
  426. if(ret) {
  427. mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
  428. failf(data, "Error reading CRL file %s - mbedTLS: (-0x%04X) %s",
  429. ssl_crlfile, -ret, errorbuf);
  430. return CURLE_SSL_CRL_BADFILE;
  431. }
  432. #else
  433. failf(data, "mbedtls: functions that use the filesystem not built in");
  434. return CURLE_NOT_BUILT_IN;
  435. #endif
  436. }
  437. #else
  438. if(ssl_crlfile) {
  439. failf(data, "mbedtls: crl support not built in");
  440. return CURLE_NOT_BUILT_IN;
  441. }
  442. #endif
  443. infof(data, "mbedTLS: Connecting to %s:%ld", hostname, port);
  444. mbedtls_ssl_config_init(&backend->config);
  445. ret = mbedtls_ssl_config_defaults(&backend->config,
  446. MBEDTLS_SSL_IS_CLIENT,
  447. MBEDTLS_SSL_TRANSPORT_STREAM,
  448. MBEDTLS_SSL_PRESET_DEFAULT);
  449. if(ret) {
  450. failf(data, "mbedTLS: ssl_config failed");
  451. return CURLE_SSL_CONNECT_ERROR;
  452. }
  453. mbedtls_ssl_init(&backend->ssl);
  454. if(mbedtls_ssl_setup(&backend->ssl, &backend->config)) {
  455. failf(data, "mbedTLS: ssl_init failed");
  456. return CURLE_SSL_CONNECT_ERROR;
  457. }
  458. /* new profile with RSA min key len = 1024 ... */
  459. mbedtls_ssl_conf_cert_profile(&backend->config,
  460. &mbedtls_x509_crt_profile_fr);
  461. switch(SSL_CONN_CONFIG(version)) {
  462. case CURL_SSLVERSION_DEFAULT:
  463. case CURL_SSLVERSION_TLSv1:
  464. #if MBEDTLS_VERSION_NUMBER < 0x03000000
  465. mbedtls_ssl_conf_min_version(&backend->config, MBEDTLS_SSL_MAJOR_VERSION_3,
  466. MBEDTLS_SSL_MINOR_VERSION_1);
  467. infof(data, "mbedTLS: Set min SSL version to TLS 1.0");
  468. break;
  469. #endif
  470. case CURL_SSLVERSION_TLSv1_0:
  471. case CURL_SSLVERSION_TLSv1_1:
  472. case CURL_SSLVERSION_TLSv1_2:
  473. case CURL_SSLVERSION_TLSv1_3:
  474. {
  475. CURLcode result = set_ssl_version_min_max(data, conn, sockindex);
  476. if(result != CURLE_OK)
  477. return result;
  478. break;
  479. }
  480. default:
  481. failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
  482. return CURLE_SSL_CONNECT_ERROR;
  483. }
  484. mbedtls_ssl_conf_authmode(&backend->config, MBEDTLS_SSL_VERIFY_OPTIONAL);
  485. mbedtls_ssl_conf_rng(&backend->config, mbedtls_ctr_drbg_random,
  486. &backend->ctr_drbg);
  487. mbedtls_ssl_set_bio(&backend->ssl, &conn->sock[sockindex],
  488. mbedtls_net_send,
  489. mbedtls_net_recv,
  490. NULL /* rev_timeout() */);
  491. mbedtls_ssl_conf_ciphersuites(&backend->config,
  492. mbedtls_ssl_list_ciphersuites());
  493. #if defined(MBEDTLS_SSL_RENEGOTIATION)
  494. mbedtls_ssl_conf_renegotiation(&backend->config,
  495. MBEDTLS_SSL_RENEGOTIATION_ENABLED);
  496. #endif
  497. #if defined(MBEDTLS_SSL_SESSION_TICKETS)
  498. mbedtls_ssl_conf_session_tickets(&backend->config,
  499. MBEDTLS_SSL_SESSION_TICKETS_DISABLED);
  500. #endif
  501. /* Check if there's a cached ID we can/should use here! */
  502. if(SSL_SET_OPTION(primary.sessionid)) {
  503. void *old_session = NULL;
  504. Curl_ssl_sessionid_lock(data);
  505. if(!Curl_ssl_getsessionid(data, conn,
  506. SSL_IS_PROXY() ? TRUE : FALSE,
  507. &old_session, NULL, sockindex)) {
  508. ret = mbedtls_ssl_set_session(&backend->ssl, old_session);
  509. if(ret) {
  510. Curl_ssl_sessionid_unlock(data);
  511. failf(data, "mbedtls_ssl_set_session returned -0x%x", -ret);
  512. return CURLE_SSL_CONNECT_ERROR;
  513. }
  514. infof(data, "mbedTLS re-using session");
  515. }
  516. Curl_ssl_sessionid_unlock(data);
  517. }
  518. mbedtls_ssl_conf_ca_chain(&backend->config,
  519. &backend->cacert,
  520. #ifdef MBEDTLS_X509_CRL_PARSE_C
  521. &backend->crl);
  522. #else
  523. NULL);
  524. #endif
  525. if(SSL_SET_OPTION(key) || SSL_SET_OPTION(key_blob)) {
  526. mbedtls_ssl_conf_own_cert(&backend->config,
  527. &backend->clicert, &backend->pk);
  528. }
  529. {
  530. char *snihost = Curl_ssl_snihost(data, hostname, NULL);
  531. if(!snihost || mbedtls_ssl_set_hostname(&backend->ssl, snihost)) {
  532. /* mbedtls_ssl_set_hostname() sets the name to use in CN/SAN checks and
  533. the name to set in the SNI extension. So even if curl connects to a
  534. host specified as an IP address, this function must be used. */
  535. failf(data, "Failed to set SNI");
  536. return CURLE_SSL_CONNECT_ERROR;
  537. }
  538. }
  539. #ifdef HAS_ALPN
  540. if(conn->bits.tls_enable_alpn) {
  541. const char **p = &backend->protocols[0];
  542. #ifdef USE_HTTP2
  543. if(data->state.httpwant >= CURL_HTTP_VERSION_2)
  544. *p++ = ALPN_H2;
  545. #endif
  546. *p++ = ALPN_HTTP_1_1;
  547. *p = NULL;
  548. /* this function doesn't clone the protocols array, which is why we need
  549. to keep it around */
  550. if(mbedtls_ssl_conf_alpn_protocols(&backend->config,
  551. &backend->protocols[0])) {
  552. failf(data, "Failed setting ALPN protocols");
  553. return CURLE_SSL_CONNECT_ERROR;
  554. }
  555. for(p = &backend->protocols[0]; *p; ++p)
  556. infof(data, VTLS_INFOF_ALPN_OFFER_1STR, *p);
  557. }
  558. #endif
  559. #ifdef MBEDTLS_DEBUG
  560. /* In order to make that work in mbedtls MBEDTLS_DEBUG_C must be defined. */
  561. mbedtls_ssl_conf_dbg(&backend->config, mbed_debug, data);
  562. /* - 0 No debug
  563. * - 1 Error
  564. * - 2 State change
  565. * - 3 Informational
  566. * - 4 Verbose
  567. */
  568. mbedtls_debug_set_threshold(4);
  569. #endif
  570. /* give application a chance to interfere with mbedTLS set up. */
  571. if(data->set.ssl.fsslctx) {
  572. ret = (*data->set.ssl.fsslctx)(data, &backend->config,
  573. data->set.ssl.fsslctxp);
  574. if(ret) {
  575. failf(data, "error signaled by ssl ctx callback");
  576. return ret;
  577. }
  578. }
  579. connssl->connecting_state = ssl_connect_2;
  580. return CURLE_OK;
  581. }
  582. static CURLcode
  583. mbed_connect_step2(struct Curl_easy *data, struct connectdata *conn,
  584. int sockindex)
  585. {
  586. int ret;
  587. struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  588. struct ssl_backend_data *backend = connssl->backend;
  589. const mbedtls_x509_crt *peercert;
  590. const char * const pinnedpubkey = SSL_PINNED_PUB_KEY();
  591. DEBUGASSERT(backend);
  592. conn->recv[sockindex] = mbed_recv;
  593. conn->send[sockindex] = mbed_send;
  594. ret = mbedtls_ssl_handshake(&backend->ssl);
  595. if(ret == MBEDTLS_ERR_SSL_WANT_READ) {
  596. connssl->connecting_state = ssl_connect_2_reading;
  597. return CURLE_OK;
  598. }
  599. else if(ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
  600. connssl->connecting_state = ssl_connect_2_writing;
  601. return CURLE_OK;
  602. }
  603. else if(ret) {
  604. char errorbuf[128];
  605. mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
  606. failf(data, "ssl_handshake returned - mbedTLS: (-0x%04X) %s",
  607. -ret, errorbuf);
  608. return CURLE_SSL_CONNECT_ERROR;
  609. }
  610. infof(data, "mbedTLS: Handshake complete, cipher is %s",
  611. mbedtls_ssl_get_ciphersuite(&backend->ssl));
  612. ret = mbedtls_ssl_get_verify_result(&backend->ssl);
  613. if(!SSL_CONN_CONFIG(verifyhost))
  614. /* Ignore hostname errors if verifyhost is disabled */
  615. ret &= ~MBEDTLS_X509_BADCERT_CN_MISMATCH;
  616. if(ret && SSL_CONN_CONFIG(verifypeer)) {
  617. if(ret & MBEDTLS_X509_BADCERT_EXPIRED)
  618. failf(data, "Cert verify failed: BADCERT_EXPIRED");
  619. else if(ret & MBEDTLS_X509_BADCERT_REVOKED)
  620. failf(data, "Cert verify failed: BADCERT_REVOKED");
  621. else if(ret & MBEDTLS_X509_BADCERT_CN_MISMATCH)
  622. failf(data, "Cert verify failed: BADCERT_CN_MISMATCH");
  623. else if(ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED)
  624. failf(data, "Cert verify failed: BADCERT_NOT_TRUSTED");
  625. else if(ret & MBEDTLS_X509_BADCERT_FUTURE)
  626. failf(data, "Cert verify failed: BADCERT_FUTURE");
  627. return CURLE_PEER_FAILED_VERIFICATION;
  628. }
  629. peercert = mbedtls_ssl_get_peer_cert(&backend->ssl);
  630. if(peercert && data->set.verbose) {
  631. const size_t bufsize = 16384;
  632. char *buffer = malloc(bufsize);
  633. if(!buffer)
  634. return CURLE_OUT_OF_MEMORY;
  635. if(mbedtls_x509_crt_info(buffer, bufsize, "* ", peercert) > 0)
  636. infof(data, "Dumping cert info: %s", buffer);
  637. else
  638. infof(data, "Unable to dump certificate information");
  639. free(buffer);
  640. }
  641. if(pinnedpubkey) {
  642. int size;
  643. CURLcode result;
  644. mbedtls_x509_crt *p = NULL;
  645. unsigned char *pubkey = NULL;
  646. #if MBEDTLS_VERSION_NUMBER == 0x03000000
  647. if(!peercert || !peercert->MBEDTLS_PRIVATE(raw).MBEDTLS_PRIVATE(p) ||
  648. !peercert->MBEDTLS_PRIVATE(raw).MBEDTLS_PRIVATE(len)) {
  649. #else
  650. if(!peercert || !peercert->raw.p || !peercert->raw.len) {
  651. #endif
  652. failf(data, "Failed due to missing peer certificate");
  653. return CURLE_SSL_PINNEDPUBKEYNOTMATCH;
  654. }
  655. p = calloc(1, sizeof(*p));
  656. if(!p)
  657. return CURLE_OUT_OF_MEMORY;
  658. pubkey = malloc(PUB_DER_MAX_BYTES);
  659. if(!pubkey) {
  660. result = CURLE_OUT_OF_MEMORY;
  661. goto pinnedpubkey_error;
  662. }
  663. mbedtls_x509_crt_init(p);
  664. /* Make a copy of our const peercert because mbedtls_pk_write_pubkey_der
  665. needs a non-const key, for now.
  666. https://github.com/ARMmbed/mbedtls/issues/396 */
  667. #if MBEDTLS_VERSION_NUMBER == 0x03000000
  668. if(mbedtls_x509_crt_parse_der(p,
  669. peercert->MBEDTLS_PRIVATE(raw).MBEDTLS_PRIVATE(p),
  670. peercert->MBEDTLS_PRIVATE(raw).MBEDTLS_PRIVATE(len))) {
  671. #else
  672. if(mbedtls_x509_crt_parse_der(p, peercert->raw.p, peercert->raw.len)) {
  673. #endif
  674. failf(data, "Failed copying peer certificate");
  675. result = CURLE_SSL_PINNEDPUBKEYNOTMATCH;
  676. goto pinnedpubkey_error;
  677. }
  678. #if MBEDTLS_VERSION_NUMBER == 0x03000000
  679. size = mbedtls_pk_write_pubkey_der(&p->MBEDTLS_PRIVATE(pk), pubkey,
  680. PUB_DER_MAX_BYTES);
  681. #else
  682. size = mbedtls_pk_write_pubkey_der(&p->pk, pubkey, PUB_DER_MAX_BYTES);
  683. #endif
  684. if(size <= 0) {
  685. failf(data, "Failed copying public key from peer certificate");
  686. result = CURLE_SSL_PINNEDPUBKEYNOTMATCH;
  687. goto pinnedpubkey_error;
  688. }
  689. /* mbedtls_pk_write_pubkey_der writes data at the end of the buffer. */
  690. result = Curl_pin_peer_pubkey(data,
  691. pinnedpubkey,
  692. &pubkey[PUB_DER_MAX_BYTES - size], size);
  693. pinnedpubkey_error:
  694. mbedtls_x509_crt_free(p);
  695. free(p);
  696. free(pubkey);
  697. if(result) {
  698. return result;
  699. }
  700. }
  701. #ifdef HAS_ALPN
  702. if(conn->bits.tls_enable_alpn) {
  703. const char *next_protocol = mbedtls_ssl_get_alpn_protocol(&backend->ssl);
  704. if(next_protocol) {
  705. infof(data, VTLS_INFOF_ALPN_ACCEPTED_1STR, next_protocol);
  706. #ifdef USE_HTTP2
  707. if(!strncmp(next_protocol, ALPN_H2, ALPN_H2_LENGTH) &&
  708. !next_protocol[ALPN_H2_LENGTH]) {
  709. conn->alpn = CURL_HTTP_VERSION_2;
  710. }
  711. else
  712. #endif
  713. if(!strncmp(next_protocol, ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH) &&
  714. !next_protocol[ALPN_HTTP_1_1_LENGTH]) {
  715. conn->alpn = CURL_HTTP_VERSION_1_1;
  716. }
  717. }
  718. else {
  719. infof(data, VTLS_INFOF_NO_ALPN);
  720. }
  721. Curl_multiuse_state(data, conn->alpn == CURL_HTTP_VERSION_2 ?
  722. BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE);
  723. }
  724. #endif
  725. connssl->connecting_state = ssl_connect_3;
  726. infof(data, "SSL connected");
  727. return CURLE_OK;
  728. }
  729. static CURLcode
  730. mbed_connect_step3(struct Curl_easy *data, struct connectdata *conn,
  731. int sockindex)
  732. {
  733. CURLcode retcode = CURLE_OK;
  734. struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  735. struct ssl_backend_data *backend = connssl->backend;
  736. DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
  737. DEBUGASSERT(backend);
  738. if(SSL_SET_OPTION(primary.sessionid)) {
  739. int ret;
  740. mbedtls_ssl_session *our_ssl_sessionid;
  741. void *old_ssl_sessionid = NULL;
  742. bool isproxy = SSL_IS_PROXY() ? TRUE : FALSE;
  743. bool added = FALSE;
  744. our_ssl_sessionid = malloc(sizeof(mbedtls_ssl_session));
  745. if(!our_ssl_sessionid)
  746. return CURLE_OUT_OF_MEMORY;
  747. mbedtls_ssl_session_init(our_ssl_sessionid);
  748. ret = mbedtls_ssl_get_session(&backend->ssl, our_ssl_sessionid);
  749. if(ret) {
  750. if(ret != MBEDTLS_ERR_SSL_ALLOC_FAILED)
  751. mbedtls_ssl_session_free(our_ssl_sessionid);
  752. free(our_ssl_sessionid);
  753. failf(data, "mbedtls_ssl_get_session returned -0x%x", -ret);
  754. return CURLE_SSL_CONNECT_ERROR;
  755. }
  756. /* If there's already a matching session in the cache, delete it */
  757. Curl_ssl_sessionid_lock(data);
  758. if(!Curl_ssl_getsessionid(data, conn, isproxy, &old_ssl_sessionid, NULL,
  759. sockindex))
  760. Curl_ssl_delsessionid(data, old_ssl_sessionid);
  761. retcode = Curl_ssl_addsessionid(data, conn, isproxy, our_ssl_sessionid,
  762. 0, sockindex, &added);
  763. Curl_ssl_sessionid_unlock(data);
  764. if(!added) {
  765. mbedtls_ssl_session_free(our_ssl_sessionid);
  766. free(our_ssl_sessionid);
  767. }
  768. if(retcode) {
  769. failf(data, "failed to store ssl session");
  770. return retcode;
  771. }
  772. }
  773. connssl->connecting_state = ssl_connect_done;
  774. return CURLE_OK;
  775. }
  776. static ssize_t mbed_send(struct Curl_easy *data, int sockindex,
  777. const void *mem, size_t len,
  778. CURLcode *curlcode)
  779. {
  780. struct connectdata *conn = data->conn;
  781. struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  782. struct ssl_backend_data *backend = connssl->backend;
  783. int ret = -1;
  784. DEBUGASSERT(backend);
  785. ret = mbedtls_ssl_write(&backend->ssl, (unsigned char *)mem, len);
  786. if(ret < 0) {
  787. *curlcode = (ret == MBEDTLS_ERR_SSL_WANT_WRITE) ?
  788. CURLE_AGAIN : CURLE_SEND_ERROR;
  789. ret = -1;
  790. }
  791. return ret;
  792. }
  793. static void mbedtls_close_all(struct Curl_easy *data)
  794. {
  795. (void)data;
  796. }
  797. static void mbedtls_close(struct Curl_easy *data,
  798. struct connectdata *conn, int sockindex)
  799. {
  800. struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  801. struct ssl_backend_data *backend = connssl->backend;
  802. char buf[32];
  803. (void) data;
  804. DEBUGASSERT(backend);
  805. /* Maybe the server has already sent a close notify alert.
  806. Read it to avoid an RST on the TCP connection. */
  807. (void)mbedtls_ssl_read(&backend->ssl, (unsigned char *)buf, sizeof(buf));
  808. mbedtls_pk_free(&backend->pk);
  809. mbedtls_x509_crt_free(&backend->clicert);
  810. mbedtls_x509_crt_free(&backend->cacert);
  811. #ifdef MBEDTLS_X509_CRL_PARSE_C
  812. mbedtls_x509_crl_free(&backend->crl);
  813. #endif
  814. mbedtls_ssl_config_free(&backend->config);
  815. mbedtls_ssl_free(&backend->ssl);
  816. mbedtls_ctr_drbg_free(&backend->ctr_drbg);
  817. #ifndef THREADING_SUPPORT
  818. mbedtls_entropy_free(&backend->entropy);
  819. #endif /* THREADING_SUPPORT */
  820. }
  821. static ssize_t mbed_recv(struct Curl_easy *data, int num,
  822. char *buf, size_t buffersize,
  823. CURLcode *curlcode)
  824. {
  825. struct connectdata *conn = data->conn;
  826. struct ssl_connect_data *connssl = &conn->ssl[num];
  827. struct ssl_backend_data *backend = connssl->backend;
  828. int ret = -1;
  829. ssize_t len = -1;
  830. DEBUGASSERT(backend);
  831. ret = mbedtls_ssl_read(&backend->ssl, (unsigned char *)buf,
  832. buffersize);
  833. if(ret <= 0) {
  834. if(ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY)
  835. return 0;
  836. *curlcode = (ret == MBEDTLS_ERR_SSL_WANT_READ) ?
  837. CURLE_AGAIN : CURLE_RECV_ERROR;
  838. return -1;
  839. }
  840. len = ret;
  841. return len;
  842. }
  843. static void mbedtls_session_free(void *ptr)
  844. {
  845. mbedtls_ssl_session_free(ptr);
  846. free(ptr);
  847. }
  848. static size_t mbedtls_version(char *buffer, size_t size)
  849. {
  850. #ifdef MBEDTLS_VERSION_C
  851. /* if mbedtls_version_get_number() is available it is better */
  852. unsigned int version = mbedtls_version_get_number();
  853. return msnprintf(buffer, size, "mbedTLS/%u.%u.%u", version>>24,
  854. (version>>16)&0xff, (version>>8)&0xff);
  855. #else
  856. return msnprintf(buffer, size, "mbedTLS/%s", MBEDTLS_VERSION_STRING);
  857. #endif
  858. }
  859. static CURLcode mbedtls_random(struct Curl_easy *data,
  860. unsigned char *entropy, size_t length)
  861. {
  862. #if defined(MBEDTLS_CTR_DRBG_C)
  863. int ret = -1;
  864. char errorbuf[128];
  865. mbedtls_entropy_context ctr_entropy;
  866. mbedtls_ctr_drbg_context ctr_drbg;
  867. mbedtls_entropy_init(&ctr_entropy);
  868. mbedtls_ctr_drbg_init(&ctr_drbg);
  869. ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
  870. &ctr_entropy, NULL, 0);
  871. if(ret) {
  872. mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
  873. failf(data, "mbedtls_ctr_drbg_seed returned (-0x%04X) %s",
  874. -ret, errorbuf);
  875. }
  876. else {
  877. ret = mbedtls_ctr_drbg_random(&ctr_drbg, entropy, length);
  878. if(ret) {
  879. mbedtls_strerror(ret, errorbuf, sizeof(errorbuf));
  880. failf(data, "mbedtls_ctr_drbg_random returned (-0x%04X) %s",
  881. -ret, errorbuf);
  882. }
  883. }
  884. mbedtls_ctr_drbg_free(&ctr_drbg);
  885. mbedtls_entropy_free(&ctr_entropy);
  886. return ret == 0 ? CURLE_OK : CURLE_FAILED_INIT;
  887. #elif defined(MBEDTLS_HAVEGE_C)
  888. mbedtls_havege_state hs;
  889. mbedtls_havege_init(&hs);
  890. mbedtls_havege_random(&hs, entropy, length);
  891. mbedtls_havege_free(&hs);
  892. return CURLE_OK;
  893. #else
  894. return CURLE_NOT_BUILT_IN;
  895. #endif
  896. }
  897. static CURLcode
  898. mbed_connect_common(struct Curl_easy *data,
  899. struct connectdata *conn,
  900. int sockindex,
  901. bool nonblocking,
  902. bool *done)
  903. {
  904. CURLcode retcode;
  905. struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  906. curl_socket_t sockfd = conn->sock[sockindex];
  907. timediff_t timeout_ms;
  908. int what;
  909. /* check if the connection has already been established */
  910. if(ssl_connection_complete == connssl->state) {
  911. *done = TRUE;
  912. return CURLE_OK;
  913. }
  914. if(ssl_connect_1 == connssl->connecting_state) {
  915. /* Find out how much more time we're allowed */
  916. timeout_ms = Curl_timeleft(data, NULL, TRUE);
  917. if(timeout_ms < 0) {
  918. /* no need to continue if time already is up */
  919. failf(data, "SSL connection timeout");
  920. return CURLE_OPERATION_TIMEDOUT;
  921. }
  922. retcode = mbed_connect_step1(data, conn, sockindex);
  923. if(retcode)
  924. return retcode;
  925. }
  926. while(ssl_connect_2 == connssl->connecting_state ||
  927. ssl_connect_2_reading == connssl->connecting_state ||
  928. ssl_connect_2_writing == connssl->connecting_state) {
  929. /* check allowed time left */
  930. timeout_ms = Curl_timeleft(data, NULL, TRUE);
  931. if(timeout_ms < 0) {
  932. /* no need to continue if time already is up */
  933. failf(data, "SSL connection timeout");
  934. return CURLE_OPERATION_TIMEDOUT;
  935. }
  936. /* if ssl is expecting something, check if it's available. */
  937. if(connssl->connecting_state == ssl_connect_2_reading
  938. || connssl->connecting_state == ssl_connect_2_writing) {
  939. curl_socket_t writefd = ssl_connect_2_writing ==
  940. connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
  941. curl_socket_t readfd = ssl_connect_2_reading ==
  942. connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
  943. what = Curl_socket_check(readfd, CURL_SOCKET_BAD, writefd,
  944. nonblocking ? 0 : timeout_ms);
  945. if(what < 0) {
  946. /* fatal error */
  947. failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
  948. return CURLE_SSL_CONNECT_ERROR;
  949. }
  950. else if(0 == what) {
  951. if(nonblocking) {
  952. *done = FALSE;
  953. return CURLE_OK;
  954. }
  955. else {
  956. /* timeout */
  957. failf(data, "SSL connection timeout");
  958. return CURLE_OPERATION_TIMEDOUT;
  959. }
  960. }
  961. /* socket is readable or writable */
  962. }
  963. /* Run transaction, and return to the caller if it failed or if
  964. * this connection is part of a multi handle and this loop would
  965. * execute again. This permits the owner of a multi handle to
  966. * abort a connection attempt before step2 has completed while
  967. * ensuring that a client using select() or epoll() will always
  968. * have a valid fdset to wait on.
  969. */
  970. retcode = mbed_connect_step2(data, conn, sockindex);
  971. if(retcode || (nonblocking &&
  972. (ssl_connect_2 == connssl->connecting_state ||
  973. ssl_connect_2_reading == connssl->connecting_state ||
  974. ssl_connect_2_writing == connssl->connecting_state)))
  975. return retcode;
  976. } /* repeat step2 until all transactions are done. */
  977. if(ssl_connect_3 == connssl->connecting_state) {
  978. retcode = mbed_connect_step3(data, conn, sockindex);
  979. if(retcode)
  980. return retcode;
  981. }
  982. if(ssl_connect_done == connssl->connecting_state) {
  983. connssl->state = ssl_connection_complete;
  984. conn->recv[sockindex] = mbed_recv;
  985. conn->send[sockindex] = mbed_send;
  986. *done = TRUE;
  987. }
  988. else
  989. *done = FALSE;
  990. /* Reset our connect state machine */
  991. connssl->connecting_state = ssl_connect_1;
  992. return CURLE_OK;
  993. }
  994. static CURLcode mbedtls_connect_nonblocking(struct Curl_easy *data,
  995. struct connectdata *conn,
  996. int sockindex, bool *done)
  997. {
  998. return mbed_connect_common(data, conn, sockindex, TRUE, done);
  999. }
  1000. static CURLcode mbedtls_connect(struct Curl_easy *data,
  1001. struct connectdata *conn, int sockindex)
  1002. {
  1003. CURLcode retcode;
  1004. bool done = FALSE;
  1005. retcode = mbed_connect_common(data, conn, sockindex, FALSE, &done);
  1006. if(retcode)
  1007. return retcode;
  1008. DEBUGASSERT(done);
  1009. return CURLE_OK;
  1010. }
  1011. /*
  1012. * return 0 error initializing SSL
  1013. * return 1 SSL initialized successfully
  1014. */
  1015. static int mbedtls_init(void)
  1016. {
  1017. return Curl_mbedtlsthreadlock_thread_setup();
  1018. }
  1019. static void mbedtls_cleanup(void)
  1020. {
  1021. (void)Curl_mbedtlsthreadlock_thread_cleanup();
  1022. }
  1023. static bool mbedtls_data_pending(const struct connectdata *conn,
  1024. int sockindex)
  1025. {
  1026. const struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  1027. struct ssl_backend_data *backend = connssl->backend;
  1028. DEBUGASSERT(backend);
  1029. return mbedtls_ssl_get_bytes_avail(&backend->ssl) != 0;
  1030. }
  1031. static CURLcode mbedtls_sha256sum(const unsigned char *input,
  1032. size_t inputlen,
  1033. unsigned char *sha256sum,
  1034. size_t sha256len UNUSED_PARAM)
  1035. {
  1036. /* TODO: explain this for different mbedtls 2.x vs 3 version */
  1037. (void)sha256len;
  1038. #if MBEDTLS_VERSION_NUMBER < 0x02070000
  1039. mbedtls_sha256(input, inputlen, sha256sum, 0);
  1040. #else
  1041. /* returns 0 on success, otherwise failure */
  1042. #if MBEDTLS_VERSION_NUMBER >= 0x03000000
  1043. if(mbedtls_sha256(input, inputlen, sha256sum, 0) != 0)
  1044. #else
  1045. if(mbedtls_sha256_ret(input, inputlen, sha256sum, 0) != 0)
  1046. #endif
  1047. return CURLE_BAD_FUNCTION_ARGUMENT;
  1048. #endif
  1049. return CURLE_OK;
  1050. }
  1051. static void *mbedtls_get_internals(struct ssl_connect_data *connssl,
  1052. CURLINFO info UNUSED_PARAM)
  1053. {
  1054. struct ssl_backend_data *backend = connssl->backend;
  1055. (void)info;
  1056. DEBUGASSERT(backend);
  1057. return &backend->ssl;
  1058. }
  1059. const struct Curl_ssl Curl_ssl_mbedtls = {
  1060. { CURLSSLBACKEND_MBEDTLS, "mbedtls" }, /* info */
  1061. SSLSUPP_CA_PATH |
  1062. SSLSUPP_CAINFO_BLOB |
  1063. SSLSUPP_PINNEDPUBKEY |
  1064. SSLSUPP_SSL_CTX,
  1065. sizeof(struct ssl_backend_data),
  1066. mbedtls_init, /* init */
  1067. mbedtls_cleanup, /* cleanup */
  1068. mbedtls_version, /* version */
  1069. Curl_none_check_cxn, /* check_cxn */
  1070. Curl_none_shutdown, /* shutdown */
  1071. mbedtls_data_pending, /* data_pending */
  1072. mbedtls_random, /* random */
  1073. Curl_none_cert_status_request, /* cert_status_request */
  1074. mbedtls_connect, /* connect */
  1075. mbedtls_connect_nonblocking, /* connect_nonblocking */
  1076. Curl_ssl_getsock, /* getsock */
  1077. mbedtls_get_internals, /* get_internals */
  1078. mbedtls_close, /* close_one */
  1079. mbedtls_close_all, /* close_all */
  1080. mbedtls_session_free, /* session_free */
  1081. Curl_none_set_engine, /* set_engine */
  1082. Curl_none_set_engine_default, /* set_engine_default */
  1083. Curl_none_engines_list, /* engines_list */
  1084. Curl_none_false_start, /* false_start */
  1085. mbedtls_sha256sum, /* sha256sum */
  1086. NULL, /* associate_connection */
  1087. NULL, /* disassociate_connection */
  1088. NULL /* free_multi_ssl_backend_data */
  1089. };
  1090. #endif /* USE_MBEDTLS */