curl_darwinssl.c 83 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477
  1. /***************************************************************************
  2. * _ _ ____ _
  3. * Project ___| | | | _ \| |
  4. * / __| | | | |_) | |
  5. * | (__| |_| | _ <| |___
  6. * \___|\___/|_| \_\_____|
  7. *
  8. * Copyright (C) 2012 - 2014, Nick Zitzmann, <nickzman@gmail.com>.
  9. * Copyright (C) 2012 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
  10. *
  11. * This software is licensed as described in the file COPYING, which
  12. * you should have received as part of this distribution. The terms
  13. * are also available at http://curl.haxx.se/docs/copyright.html.
  14. *
  15. * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  16. * copies of the Software, and permit persons to whom the Software is
  17. * furnished to do so, under the terms of the COPYING file.
  18. *
  19. * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  20. * KIND, either express or implied.
  21. *
  22. ***************************************************************************/
  23. /*
  24. * Source file for all iOS and Mac OS X SecureTransport-specific code for the
  25. * TLS/SSL layer. No code but vtls.c should ever call or use these functions.
  26. */
  27. #include "curl_setup.h"
  28. #include "urldata.h" /* for the SessionHandle definition */
  29. #include "curl_base64.h"
  30. #include "strtok.h"
  31. #ifdef USE_DARWINSSL
  32. #ifdef HAVE_LIMITS_H
  33. #include <limits.h>
  34. #endif
  35. #include <Security/Security.h>
  36. #include <Security/SecureTransport.h>
  37. #include <CoreFoundation/CoreFoundation.h>
  38. #include <CommonCrypto/CommonDigest.h>
  39. /* The Security framework has changed greatly between iOS and different OS X
  40. versions, and we will try to support as many of them as we can (back to
  41. Leopard and iOS 5) by using macros and weak-linking.
  42. IMPORTANT: If TLS 1.1 and 1.2 support are important for you on OS X, then
  43. you must build this project against the 10.8 SDK or later. */
  44. #if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE))
  45. #if MAC_OS_X_VERSION_MAX_ALLOWED < 1050
  46. #error "The darwinssl back-end requires Leopard or later."
  47. #endif /* MAC_OS_X_VERSION_MAX_ALLOWED < 1050 */
  48. #define CURL_BUILD_IOS 0
  49. #define CURL_BUILD_IOS_7 0
  50. #define CURL_BUILD_MAC 1
  51. /* This is the maximum API level we are allowed to use when building: */
  52. #define CURL_BUILD_MAC_10_5 MAC_OS_X_VERSION_MAX_ALLOWED >= 1050
  53. #define CURL_BUILD_MAC_10_6 MAC_OS_X_VERSION_MAX_ALLOWED >= 1060
  54. #define CURL_BUILD_MAC_10_7 MAC_OS_X_VERSION_MAX_ALLOWED >= 1070
  55. #define CURL_BUILD_MAC_10_8 MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
  56. #define CURL_BUILD_MAC_10_9 MAC_OS_X_VERSION_MAX_ALLOWED >= 1090
  57. /* These macros mean "the following code is present to allow runtime backward
  58. compatibility with at least this cat or earlier":
  59. (You set this at build-time by setting the MACOSX_DEPLOYMENT_TARGET
  60. environmental variable.) */
  61. #define CURL_SUPPORT_MAC_10_5 MAC_OS_X_VERSION_MIN_REQUIRED <= 1050
  62. #define CURL_SUPPORT_MAC_10_6 MAC_OS_X_VERSION_MIN_REQUIRED <= 1060
  63. #define CURL_SUPPORT_MAC_10_7 MAC_OS_X_VERSION_MIN_REQUIRED <= 1070
  64. #define CURL_SUPPORT_MAC_10_8 MAC_OS_X_VERSION_MIN_REQUIRED <= 1080
  65. #define CURL_SUPPORT_MAC_10_9 MAC_OS_X_VERSION_MIN_REQUIRED <= 1090
  66. #elif TARGET_OS_EMBEDDED || TARGET_OS_IPHONE
  67. #define CURL_BUILD_IOS 1
  68. #define CURL_BUILD_IOS_7 __IPHONE_OS_VERSION_MAX_ALLOWED >= 70000
  69. #define CURL_BUILD_MAC 0
  70. #define CURL_BUILD_MAC_10_5 0
  71. #define CURL_BUILD_MAC_10_6 0
  72. #define CURL_BUILD_MAC_10_7 0
  73. #define CURL_BUILD_MAC_10_8 0
  74. #define CURL_SUPPORT_MAC_10_5 0
  75. #define CURL_SUPPORT_MAC_10_6 0
  76. #define CURL_SUPPORT_MAC_10_7 0
  77. #define CURL_SUPPORT_MAC_10_8 0
  78. #define CURL_SUPPORT_MAC_10_9 0
  79. #else
  80. #error "The darwinssl back-end requires iOS or OS X."
  81. #endif /* (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE)) */
  82. #if CURL_BUILD_MAC
  83. #include <sys/sysctl.h>
  84. #endif /* CURL_BUILD_MAC */
  85. #include "urldata.h"
  86. #include "sendf.h"
  87. #include "inet_pton.h"
  88. #include "connect.h"
  89. #include "select.h"
  90. #include "vtls.h"
  91. #include "curl_darwinssl.h"
  92. #define _MPRINTF_REPLACE /* use our functions only */
  93. #include <curl/mprintf.h>
  94. #include "curl_memory.h"
  95. /* The last #include file should be: */
  96. #include "memdebug.h"
  97. /* From MacTypes.h (which we can't include because it isn't present in iOS: */
  98. #define ioErr -36
  99. #define paramErr -50
  100. /* The following two functions were ripped from Apple sample code,
  101. * with some modifications: */
  102. static OSStatus SocketRead(SSLConnectionRef connection,
  103. void *data, /* owned by
  104. * caller, data
  105. * RETURNED */
  106. size_t *dataLength) /* IN/OUT */
  107. {
  108. size_t bytesToGo = *dataLength;
  109. size_t initLen = bytesToGo;
  110. UInt8 *currData = (UInt8 *)data;
  111. /*int sock = *(int *)connection;*/
  112. struct ssl_connect_data *connssl = (struct ssl_connect_data *)connection;
  113. int sock = connssl->ssl_sockfd;
  114. OSStatus rtn = noErr;
  115. size_t bytesRead;
  116. ssize_t rrtn;
  117. int theErr;
  118. *dataLength = 0;
  119. for(;;) {
  120. bytesRead = 0;
  121. rrtn = read(sock, currData, bytesToGo);
  122. if(rrtn <= 0) {
  123. /* this is guesswork... */
  124. theErr = errno;
  125. if(rrtn == 0) { /* EOF = server hung up */
  126. /* the framework will turn this into errSSLClosedNoNotify */
  127. rtn = errSSLClosedGraceful;
  128. }
  129. else /* do the switch */
  130. switch(theErr) {
  131. case ENOENT:
  132. /* connection closed */
  133. rtn = errSSLClosedGraceful;
  134. break;
  135. case ECONNRESET:
  136. rtn = errSSLClosedAbort;
  137. break;
  138. case EAGAIN:
  139. rtn = errSSLWouldBlock;
  140. connssl->ssl_direction = false;
  141. break;
  142. default:
  143. rtn = ioErr;
  144. break;
  145. }
  146. break;
  147. }
  148. else {
  149. bytesRead = rrtn;
  150. }
  151. bytesToGo -= bytesRead;
  152. currData += bytesRead;
  153. if(bytesToGo == 0) {
  154. /* filled buffer with incoming data, done */
  155. break;
  156. }
  157. }
  158. *dataLength = initLen - bytesToGo;
  159. return rtn;
  160. }
  161. static OSStatus SocketWrite(SSLConnectionRef connection,
  162. const void *data,
  163. size_t *dataLength) /* IN/OUT */
  164. {
  165. size_t bytesSent = 0;
  166. /*int sock = *(int *)connection;*/
  167. struct ssl_connect_data *connssl = (struct ssl_connect_data *)connection;
  168. int sock = connssl->ssl_sockfd;
  169. ssize_t length;
  170. size_t dataLen = *dataLength;
  171. const UInt8 *dataPtr = (UInt8 *)data;
  172. OSStatus ortn;
  173. int theErr;
  174. *dataLength = 0;
  175. do {
  176. length = write(sock,
  177. (char*)dataPtr + bytesSent,
  178. dataLen - bytesSent);
  179. } while((length > 0) &&
  180. ( (bytesSent += length) < dataLen) );
  181. if(length <= 0) {
  182. theErr = errno;
  183. if(theErr == EAGAIN) {
  184. ortn = errSSLWouldBlock;
  185. connssl->ssl_direction = true;
  186. }
  187. else {
  188. ortn = ioErr;
  189. }
  190. }
  191. else {
  192. ortn = noErr;
  193. }
  194. *dataLength = bytesSent;
  195. return ortn;
  196. }
  197. CF_INLINE const char *SSLCipherNameForNumber(SSLCipherSuite cipher) {
  198. switch (cipher) {
  199. /* SSL version 3.0 */
  200. case SSL_RSA_WITH_NULL_MD5:
  201. return "SSL_RSA_WITH_NULL_MD5";
  202. break;
  203. case SSL_RSA_WITH_NULL_SHA:
  204. return "SSL_RSA_WITH_NULL_SHA";
  205. break;
  206. case SSL_RSA_EXPORT_WITH_RC4_40_MD5:
  207. return "SSL_RSA_EXPORT_WITH_RC4_40_MD5";
  208. break;
  209. case SSL_RSA_WITH_RC4_128_MD5:
  210. return "SSL_RSA_WITH_RC4_128_MD5";
  211. break;
  212. case SSL_RSA_WITH_RC4_128_SHA:
  213. return "SSL_RSA_WITH_RC4_128_SHA";
  214. break;
  215. case SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5:
  216. return "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5";
  217. break;
  218. case SSL_RSA_WITH_IDEA_CBC_SHA:
  219. return "SSL_RSA_WITH_IDEA_CBC_SHA";
  220. break;
  221. case SSL_RSA_EXPORT_WITH_DES40_CBC_SHA:
  222. return "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA";
  223. break;
  224. case SSL_RSA_WITH_DES_CBC_SHA:
  225. return "SSL_RSA_WITH_DES_CBC_SHA";
  226. break;
  227. case SSL_RSA_WITH_3DES_EDE_CBC_SHA:
  228. return "SSL_RSA_WITH_3DES_EDE_CBC_SHA";
  229. break;
  230. case SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA:
  231. return "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA";
  232. break;
  233. case SSL_DH_DSS_WITH_DES_CBC_SHA:
  234. return "SSL_DH_DSS_WITH_DES_CBC_SHA";
  235. break;
  236. case SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA:
  237. return "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA";
  238. break;
  239. case SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA:
  240. return "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA";
  241. break;
  242. case SSL_DH_RSA_WITH_DES_CBC_SHA:
  243. return "SSL_DH_RSA_WITH_DES_CBC_SHA";
  244. break;
  245. case SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA:
  246. return "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA";
  247. break;
  248. case SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA:
  249. return "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA";
  250. break;
  251. case SSL_DHE_DSS_WITH_DES_CBC_SHA:
  252. return "SSL_DHE_DSS_WITH_DES_CBC_SHA";
  253. break;
  254. case SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
  255. return "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA";
  256. break;
  257. case SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA:
  258. return "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA";
  259. break;
  260. case SSL_DHE_RSA_WITH_DES_CBC_SHA:
  261. return "SSL_DHE_RSA_WITH_DES_CBC_SHA";
  262. break;
  263. case SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
  264. return "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA";
  265. break;
  266. case SSL_DH_anon_EXPORT_WITH_RC4_40_MD5:
  267. return "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5";
  268. break;
  269. case SSL_DH_anon_WITH_RC4_128_MD5:
  270. return "SSL_DH_anon_WITH_RC4_128_MD5";
  271. break;
  272. case SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA:
  273. return "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA";
  274. break;
  275. case SSL_DH_anon_WITH_DES_CBC_SHA:
  276. return "SSL_DH_anon_WITH_DES_CBC_SHA";
  277. break;
  278. case SSL_DH_anon_WITH_3DES_EDE_CBC_SHA:
  279. return "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA";
  280. break;
  281. case SSL_FORTEZZA_DMS_WITH_NULL_SHA:
  282. return "SSL_FORTEZZA_DMS_WITH_NULL_SHA";
  283. break;
  284. case SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA:
  285. return "SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA";
  286. break;
  287. /* TLS 1.0 with AES (RFC 3268)
  288. (Apparently these are used in SSLv3 implementations as well.) */
  289. case TLS_RSA_WITH_AES_128_CBC_SHA:
  290. return "TLS_RSA_WITH_AES_128_CBC_SHA";
  291. break;
  292. case TLS_DH_DSS_WITH_AES_128_CBC_SHA:
  293. return "TLS_DH_DSS_WITH_AES_128_CBC_SHA";
  294. break;
  295. case TLS_DH_RSA_WITH_AES_128_CBC_SHA:
  296. return "TLS_DH_RSA_WITH_AES_128_CBC_SHA";
  297. break;
  298. case TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
  299. return "TLS_DHE_DSS_WITH_AES_128_CBC_SHA";
  300. break;
  301. case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
  302. return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA";
  303. break;
  304. case TLS_DH_anon_WITH_AES_128_CBC_SHA:
  305. return "TLS_DH_anon_WITH_AES_128_CBC_SHA";
  306. break;
  307. case TLS_RSA_WITH_AES_256_CBC_SHA:
  308. return "TLS_RSA_WITH_AES_256_CBC_SHA";
  309. break;
  310. case TLS_DH_DSS_WITH_AES_256_CBC_SHA:
  311. return "TLS_DH_DSS_WITH_AES_256_CBC_SHA";
  312. break;
  313. case TLS_DH_RSA_WITH_AES_256_CBC_SHA:
  314. return "TLS_DH_RSA_WITH_AES_256_CBC_SHA";
  315. break;
  316. case TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
  317. return "TLS_DHE_DSS_WITH_AES_256_CBC_SHA";
  318. break;
  319. case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
  320. return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA";
  321. break;
  322. case TLS_DH_anon_WITH_AES_256_CBC_SHA:
  323. return "TLS_DH_anon_WITH_AES_256_CBC_SHA";
  324. break;
  325. /* SSL version 2.0 */
  326. case SSL_RSA_WITH_RC2_CBC_MD5:
  327. return "SSL_RSA_WITH_RC2_CBC_MD5";
  328. break;
  329. case SSL_RSA_WITH_IDEA_CBC_MD5:
  330. return "SSL_RSA_WITH_IDEA_CBC_MD5";
  331. break;
  332. case SSL_RSA_WITH_DES_CBC_MD5:
  333. return "SSL_RSA_WITH_DES_CBC_MD5";
  334. break;
  335. case SSL_RSA_WITH_3DES_EDE_CBC_MD5:
  336. return "SSL_RSA_WITH_3DES_EDE_CBC_MD5";
  337. break;
  338. }
  339. return "SSL_NULL_WITH_NULL_NULL";
  340. }
  341. CF_INLINE const char *TLSCipherNameForNumber(SSLCipherSuite cipher) {
  342. switch(cipher) {
  343. /* TLS 1.0 with AES (RFC 3268) */
  344. case TLS_RSA_WITH_AES_128_CBC_SHA:
  345. return "TLS_RSA_WITH_AES_128_CBC_SHA";
  346. break;
  347. case TLS_DH_DSS_WITH_AES_128_CBC_SHA:
  348. return "TLS_DH_DSS_WITH_AES_128_CBC_SHA";
  349. break;
  350. case TLS_DH_RSA_WITH_AES_128_CBC_SHA:
  351. return "TLS_DH_RSA_WITH_AES_128_CBC_SHA";
  352. break;
  353. case TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
  354. return "TLS_DHE_DSS_WITH_AES_128_CBC_SHA";
  355. break;
  356. case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
  357. return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA";
  358. break;
  359. case TLS_DH_anon_WITH_AES_128_CBC_SHA:
  360. return "TLS_DH_anon_WITH_AES_128_CBC_SHA";
  361. break;
  362. case TLS_RSA_WITH_AES_256_CBC_SHA:
  363. return "TLS_RSA_WITH_AES_256_CBC_SHA";
  364. break;
  365. case TLS_DH_DSS_WITH_AES_256_CBC_SHA:
  366. return "TLS_DH_DSS_WITH_AES_256_CBC_SHA";
  367. break;
  368. case TLS_DH_RSA_WITH_AES_256_CBC_SHA:
  369. return "TLS_DH_RSA_WITH_AES_256_CBC_SHA";
  370. break;
  371. case TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
  372. return "TLS_DHE_DSS_WITH_AES_256_CBC_SHA";
  373. break;
  374. case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
  375. return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA";
  376. break;
  377. case TLS_DH_anon_WITH_AES_256_CBC_SHA:
  378. return "TLS_DH_anon_WITH_AES_256_CBC_SHA";
  379. break;
  380. #if CURL_BUILD_MAC_10_6 || CURL_BUILD_IOS
  381. /* TLS 1.0 with ECDSA (RFC 4492) */
  382. case TLS_ECDH_ECDSA_WITH_NULL_SHA:
  383. return "TLS_ECDH_ECDSA_WITH_NULL_SHA";
  384. break;
  385. case TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
  386. return "TLS_ECDH_ECDSA_WITH_RC4_128_SHA";
  387. break;
  388. case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
  389. return "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA";
  390. break;
  391. case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
  392. return "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA";
  393. break;
  394. case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
  395. return "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA";
  396. break;
  397. case TLS_ECDHE_ECDSA_WITH_NULL_SHA:
  398. return "TLS_ECDHE_ECDSA_WITH_NULL_SHA";
  399. break;
  400. case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
  401. return "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA";
  402. break;
  403. case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
  404. return "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA";
  405. break;
  406. case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
  407. return "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA";
  408. break;
  409. case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
  410. return "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA";
  411. break;
  412. case TLS_ECDH_RSA_WITH_NULL_SHA:
  413. return "TLS_ECDH_RSA_WITH_NULL_SHA";
  414. break;
  415. case TLS_ECDH_RSA_WITH_RC4_128_SHA:
  416. return "TLS_ECDH_RSA_WITH_RC4_128_SHA";
  417. break;
  418. case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
  419. return "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA";
  420. break;
  421. case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
  422. return "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA";
  423. break;
  424. case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
  425. return "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA";
  426. break;
  427. case TLS_ECDHE_RSA_WITH_NULL_SHA:
  428. return "TLS_ECDHE_RSA_WITH_NULL_SHA";
  429. break;
  430. case TLS_ECDHE_RSA_WITH_RC4_128_SHA:
  431. return "TLS_ECDHE_RSA_WITH_RC4_128_SHA";
  432. break;
  433. case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
  434. return "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA";
  435. break;
  436. case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
  437. return "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA";
  438. break;
  439. case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
  440. return "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA";
  441. break;
  442. case TLS_ECDH_anon_WITH_NULL_SHA:
  443. return "TLS_ECDH_anon_WITH_NULL_SHA";
  444. break;
  445. case TLS_ECDH_anon_WITH_RC4_128_SHA:
  446. return "TLS_ECDH_anon_WITH_RC4_128_SHA";
  447. break;
  448. case TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA:
  449. return "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA";
  450. break;
  451. case TLS_ECDH_anon_WITH_AES_128_CBC_SHA:
  452. return "TLS_ECDH_anon_WITH_AES_128_CBC_SHA";
  453. break;
  454. case TLS_ECDH_anon_WITH_AES_256_CBC_SHA:
  455. return "TLS_ECDH_anon_WITH_AES_256_CBC_SHA";
  456. break;
  457. #endif /* CURL_BUILD_MAC_10_6 || CURL_BUILD_IOS */
  458. #if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS
  459. /* TLS 1.2 (RFC 5246) */
  460. case TLS_RSA_WITH_NULL_MD5:
  461. return "TLS_RSA_WITH_NULL_MD5";
  462. break;
  463. case TLS_RSA_WITH_NULL_SHA:
  464. return "TLS_RSA_WITH_NULL_SHA";
  465. break;
  466. case TLS_RSA_WITH_RC4_128_MD5:
  467. return "TLS_RSA_WITH_RC4_128_MD5";
  468. break;
  469. case TLS_RSA_WITH_RC4_128_SHA:
  470. return "TLS_RSA_WITH_RC4_128_SHA";
  471. break;
  472. case TLS_RSA_WITH_3DES_EDE_CBC_SHA:
  473. return "TLS_RSA_WITH_3DES_EDE_CBC_SHA";
  474. break;
  475. case TLS_RSA_WITH_NULL_SHA256:
  476. return "TLS_RSA_WITH_NULL_SHA256";
  477. break;
  478. case TLS_RSA_WITH_AES_128_CBC_SHA256:
  479. return "TLS_RSA_WITH_AES_128_CBC_SHA256";
  480. break;
  481. case TLS_RSA_WITH_AES_256_CBC_SHA256:
  482. return "TLS_RSA_WITH_AES_256_CBC_SHA256";
  483. break;
  484. case TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:
  485. return "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA";
  486. break;
  487. case TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA:
  488. return "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA";
  489. break;
  490. case TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
  491. return "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA";
  492. break;
  493. case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
  494. return "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA";
  495. break;
  496. case TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
  497. return "TLS_DH_DSS_WITH_AES_128_CBC_SHA256";
  498. break;
  499. case TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
  500. return "TLS_DH_RSA_WITH_AES_128_CBC_SHA256";
  501. break;
  502. case TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
  503. return "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256";
  504. break;
  505. case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
  506. return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256";
  507. break;
  508. case TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
  509. return "TLS_DH_DSS_WITH_AES_256_CBC_SHA256";
  510. break;
  511. case TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
  512. return "TLS_DH_RSA_WITH_AES_256_CBC_SHA256";
  513. break;
  514. case TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
  515. return "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256";
  516. break;
  517. case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
  518. return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256";
  519. break;
  520. case TLS_DH_anon_WITH_RC4_128_MD5:
  521. return "TLS_DH_anon_WITH_RC4_128_MD5";
  522. break;
  523. case TLS_DH_anon_WITH_3DES_EDE_CBC_SHA:
  524. return "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA";
  525. break;
  526. case TLS_DH_anon_WITH_AES_128_CBC_SHA256:
  527. return "TLS_DH_anon_WITH_AES_128_CBC_SHA256";
  528. break;
  529. case TLS_DH_anon_WITH_AES_256_CBC_SHA256:
  530. return "TLS_DH_anon_WITH_AES_256_CBC_SHA256";
  531. break;
  532. /* TLS 1.2 with AES GCM (RFC 5288) */
  533. case TLS_RSA_WITH_AES_128_GCM_SHA256:
  534. return "TLS_RSA_WITH_AES_128_GCM_SHA256";
  535. break;
  536. case TLS_RSA_WITH_AES_256_GCM_SHA384:
  537. return "TLS_RSA_WITH_AES_256_GCM_SHA384";
  538. break;
  539. case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
  540. return "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256";
  541. break;
  542. case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
  543. return "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384";
  544. break;
  545. case TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
  546. return "TLS_DH_RSA_WITH_AES_128_GCM_SHA256";
  547. break;
  548. case TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
  549. return "TLS_DH_RSA_WITH_AES_256_GCM_SHA384";
  550. break;
  551. case TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
  552. return "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256";
  553. break;
  554. case TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
  555. return "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384";
  556. break;
  557. case TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
  558. return "TLS_DH_DSS_WITH_AES_128_GCM_SHA256";
  559. break;
  560. case TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
  561. return "TLS_DH_DSS_WITH_AES_256_GCM_SHA384";
  562. break;
  563. case TLS_DH_anon_WITH_AES_128_GCM_SHA256:
  564. return "TLS_DH_anon_WITH_AES_128_GCM_SHA256";
  565. break;
  566. case TLS_DH_anon_WITH_AES_256_GCM_SHA384:
  567. return "TLS_DH_anon_WITH_AES_256_GCM_SHA384";
  568. break;
  569. /* TLS 1.2 with elliptic curve ciphers (RFC 5289) */
  570. case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
  571. return "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256";
  572. break;
  573. case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
  574. return "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384";
  575. break;
  576. case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
  577. return "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256";
  578. break;
  579. case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
  580. return "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384";
  581. break;
  582. case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
  583. return "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256";
  584. break;
  585. case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
  586. return "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384";
  587. break;
  588. case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
  589. return "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256";
  590. break;
  591. case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
  592. return "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384";
  593. break;
  594. case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
  595. return "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256";
  596. break;
  597. case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
  598. return "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384";
  599. break;
  600. case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
  601. return "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256";
  602. break;
  603. case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
  604. return "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384";
  605. break;
  606. case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
  607. return "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256";
  608. break;
  609. case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
  610. return "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384";
  611. break;
  612. case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
  613. return "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256";
  614. break;
  615. case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
  616. return "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384";
  617. break;
  618. case TLS_EMPTY_RENEGOTIATION_INFO_SCSV:
  619. return "TLS_EMPTY_RENEGOTIATION_INFO_SCSV";
  620. break;
  621. #else
  622. case SSL_RSA_WITH_NULL_MD5:
  623. return "TLS_RSA_WITH_NULL_MD5";
  624. break;
  625. case SSL_RSA_WITH_NULL_SHA:
  626. return "TLS_RSA_WITH_NULL_SHA";
  627. break;
  628. case SSL_RSA_WITH_RC4_128_MD5:
  629. return "TLS_RSA_WITH_RC4_128_MD5";
  630. break;
  631. case SSL_RSA_WITH_RC4_128_SHA:
  632. return "TLS_RSA_WITH_RC4_128_SHA";
  633. break;
  634. case SSL_RSA_WITH_3DES_EDE_CBC_SHA:
  635. return "TLS_RSA_WITH_3DES_EDE_CBC_SHA";
  636. break;
  637. case SSL_DH_anon_WITH_RC4_128_MD5:
  638. return "TLS_DH_anon_WITH_RC4_128_MD5";
  639. break;
  640. case SSL_DH_anon_WITH_3DES_EDE_CBC_SHA:
  641. return "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA";
  642. break;
  643. #endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */
  644. #if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7
  645. /* TLS PSK (RFC 4279): */
  646. case TLS_PSK_WITH_RC4_128_SHA:
  647. return "TLS_PSK_WITH_RC4_128_SHA";
  648. break;
  649. case TLS_PSK_WITH_3DES_EDE_CBC_SHA:
  650. return "TLS_PSK_WITH_3DES_EDE_CBC_SHA";
  651. break;
  652. case TLS_PSK_WITH_AES_128_CBC_SHA:
  653. return "TLS_PSK_WITH_AES_128_CBC_SHA";
  654. break;
  655. case TLS_PSK_WITH_AES_256_CBC_SHA:
  656. return "TLS_PSK_WITH_AES_256_CBC_SHA";
  657. break;
  658. case TLS_DHE_PSK_WITH_RC4_128_SHA:
  659. return "TLS_DHE_PSK_WITH_RC4_128_SHA";
  660. break;
  661. case TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
  662. return "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA";
  663. break;
  664. case TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
  665. return "TLS_DHE_PSK_WITH_AES_128_CBC_SHA";
  666. break;
  667. case TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
  668. return "TLS_DHE_PSK_WITH_AES_256_CBC_SHA";
  669. break;
  670. case TLS_RSA_PSK_WITH_RC4_128_SHA:
  671. return "TLS_RSA_PSK_WITH_RC4_128_SHA";
  672. break;
  673. case TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA:
  674. return "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA";
  675. break;
  676. case TLS_RSA_PSK_WITH_AES_128_CBC_SHA:
  677. return "TLS_RSA_PSK_WITH_AES_128_CBC_SHA";
  678. break;
  679. case TLS_RSA_PSK_WITH_AES_256_CBC_SHA:
  680. return "TLS_RSA_PSK_WITH_AES_256_CBC_SHA";
  681. break;
  682. /* More TLS PSK (RFC 4785): */
  683. case TLS_PSK_WITH_NULL_SHA:
  684. return "TLS_PSK_WITH_NULL_SHA";
  685. break;
  686. case TLS_DHE_PSK_WITH_NULL_SHA:
  687. return "TLS_DHE_PSK_WITH_NULL_SHA";
  688. break;
  689. case TLS_RSA_PSK_WITH_NULL_SHA:
  690. return "TLS_RSA_PSK_WITH_NULL_SHA";
  691. break;
  692. /* Even more TLS PSK (RFC 5487): */
  693. case TLS_PSK_WITH_AES_128_GCM_SHA256:
  694. return "TLS_PSK_WITH_AES_128_GCM_SHA256";
  695. break;
  696. case TLS_PSK_WITH_AES_256_GCM_SHA384:
  697. return "TLS_PSK_WITH_AES_256_GCM_SHA384";
  698. break;
  699. case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
  700. return "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256";
  701. break;
  702. case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
  703. return "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384";
  704. break;
  705. case TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
  706. return "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256";
  707. break;
  708. case TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
  709. return "TLS_PSK_WITH_AES_256_GCM_SHA384";
  710. break;
  711. case TLS_PSK_WITH_AES_128_CBC_SHA256:
  712. return "TLS_PSK_WITH_AES_128_CBC_SHA256";
  713. break;
  714. case TLS_PSK_WITH_AES_256_CBC_SHA384:
  715. return "TLS_PSK_WITH_AES_256_CBC_SHA384";
  716. break;
  717. case TLS_PSK_WITH_NULL_SHA256:
  718. return "TLS_PSK_WITH_NULL_SHA256";
  719. break;
  720. case TLS_PSK_WITH_NULL_SHA384:
  721. return "TLS_PSK_WITH_NULL_SHA384";
  722. break;
  723. case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256:
  724. return "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256";
  725. break;
  726. case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
  727. return "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384";
  728. break;
  729. case TLS_DHE_PSK_WITH_NULL_SHA256:
  730. return "TLS_DHE_PSK_WITH_NULL_SHA256";
  731. break;
  732. case TLS_DHE_PSK_WITH_NULL_SHA384:
  733. return "TLS_RSA_PSK_WITH_NULL_SHA384";
  734. break;
  735. case TLS_RSA_PSK_WITH_AES_128_CBC_SHA256:
  736. return "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256";
  737. break;
  738. case TLS_RSA_PSK_WITH_AES_256_CBC_SHA384:
  739. return "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384";
  740. break;
  741. case TLS_RSA_PSK_WITH_NULL_SHA256:
  742. return "TLS_RSA_PSK_WITH_NULL_SHA256";
  743. break;
  744. case TLS_RSA_PSK_WITH_NULL_SHA384:
  745. return "TLS_RSA_PSK_WITH_NULL_SHA384";
  746. break;
  747. #endif /* CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 */
  748. }
  749. return "TLS_NULL_WITH_NULL_NULL";
  750. }
  751. #if CURL_BUILD_MAC
  752. CF_INLINE void GetDarwinVersionNumber(int *major, int *minor)
  753. {
  754. int mib[2];
  755. char *os_version;
  756. size_t os_version_len;
  757. char *os_version_major, *os_version_minor/*, *os_version_point*/;
  758. char *tok_buf;
  759. /* Get the Darwin kernel version from the kernel using sysctl(): */
  760. mib[0] = CTL_KERN;
  761. mib[1] = KERN_OSRELEASE;
  762. if(sysctl(mib, 2, NULL, &os_version_len, NULL, 0) == -1)
  763. return;
  764. os_version = malloc(os_version_len*sizeof(char));
  765. if(!os_version)
  766. return;
  767. if(sysctl(mib, 2, os_version, &os_version_len, NULL, 0) == -1) {
  768. free(os_version);
  769. return;
  770. }
  771. /* Parse the version: */
  772. os_version_major = strtok_r(os_version, ".", &tok_buf);
  773. os_version_minor = strtok_r(NULL, ".", &tok_buf);
  774. /*os_version_point = strtok_r(NULL, ".", &tok_buf);*/
  775. *major = atoi(os_version_major);
  776. *minor = atoi(os_version_minor);
  777. free(os_version);
  778. }
  779. #endif /* CURL_BUILD_MAC */
  780. /* Apple provides a myriad of ways of getting information about a certificate
  781. into a string. Some aren't available under iOS or newer cats. So here's
  782. a unified function for getting a string describing the certificate that
  783. ought to work in all cats starting with Leopard. */
  784. CF_INLINE CFStringRef CopyCertSubject(SecCertificateRef cert)
  785. {
  786. CFStringRef server_cert_summary = CFSTR("(null)");
  787. #if CURL_BUILD_IOS
  788. /* iOS: There's only one way to do this. */
  789. server_cert_summary = SecCertificateCopySubjectSummary(cert);
  790. #else
  791. #if CURL_BUILD_MAC_10_7
  792. /* Lion & later: Get the long description if we can. */
  793. if(SecCertificateCopyLongDescription != NULL)
  794. server_cert_summary =
  795. SecCertificateCopyLongDescription(NULL, cert, NULL);
  796. else
  797. #endif /* CURL_BUILD_MAC_10_7 */
  798. #if CURL_BUILD_MAC_10_6
  799. /* Snow Leopard: Get the certificate summary. */
  800. if(SecCertificateCopySubjectSummary != NULL)
  801. server_cert_summary = SecCertificateCopySubjectSummary(cert);
  802. else
  803. #endif /* CURL_BUILD_MAC_10_6 */
  804. /* Leopard is as far back as we go... */
  805. (void)SecCertificateCopyCommonName(cert, &server_cert_summary);
  806. #endif /* CURL_BUILD_IOS */
  807. return server_cert_summary;
  808. }
  809. #if CURL_SUPPORT_MAC_10_6
  810. /* The SecKeychainSearch API was deprecated in Lion, and using it will raise
  811. deprecation warnings, so let's not compile this unless it's necessary: */
  812. static OSStatus CopyIdentityWithLabelOldSchool(char *label,
  813. SecIdentityRef *out_c_a_k)
  814. {
  815. OSStatus status = errSecItemNotFound;
  816. SecKeychainAttributeList attr_list;
  817. SecKeychainAttribute attr;
  818. SecKeychainSearchRef search = NULL;
  819. SecCertificateRef cert = NULL;
  820. /* Set up the attribute list: */
  821. attr_list.count = 1L;
  822. attr_list.attr = &attr;
  823. /* Set up our lone search criterion: */
  824. attr.tag = kSecLabelItemAttr;
  825. attr.data = label;
  826. attr.length = (UInt32)strlen(label);
  827. /* Start searching: */
  828. status = SecKeychainSearchCreateFromAttributes(NULL,
  829. kSecCertificateItemClass,
  830. &attr_list,
  831. &search);
  832. if(status == noErr) {
  833. status = SecKeychainSearchCopyNext(search,
  834. (SecKeychainItemRef *)&cert);
  835. if(status == noErr && cert) {
  836. /* If we found a certificate, does it have a private key? */
  837. status = SecIdentityCreateWithCertificate(NULL, cert, out_c_a_k);
  838. CFRelease(cert);
  839. }
  840. }
  841. if(search)
  842. CFRelease(search);
  843. return status;
  844. }
  845. #endif /* CURL_SUPPORT_MAC_10_6 */
  846. static OSStatus CopyIdentityWithLabel(char *label,
  847. SecIdentityRef *out_cert_and_key)
  848. {
  849. OSStatus status = errSecItemNotFound;
  850. #if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS
  851. /* SecItemCopyMatching() was introduced in iOS and Snow Leopard.
  852. kSecClassIdentity was introduced in Lion. If both exist, let's use them
  853. to find the certificate. */
  854. if(SecItemCopyMatching != NULL && kSecClassIdentity != NULL) {
  855. CFTypeRef keys[4];
  856. CFTypeRef values[4];
  857. CFDictionaryRef query_dict;
  858. CFStringRef label_cf = CFStringCreateWithCString(NULL, label,
  859. kCFStringEncodingUTF8);
  860. /* Set up our search criteria and expected results: */
  861. values[0] = kSecClassIdentity; /* we want a certificate and a key */
  862. keys[0] = kSecClass;
  863. values[1] = kCFBooleanTrue; /* we want a reference */
  864. keys[1] = kSecReturnRef;
  865. values[2] = kSecMatchLimitOne; /* one is enough, thanks */
  866. keys[2] = kSecMatchLimit;
  867. /* identity searches need a SecPolicyRef in order to work */
  868. values[3] = SecPolicyCreateSSL(false, label_cf);
  869. keys[3] = kSecMatchPolicy;
  870. query_dict = CFDictionaryCreate(NULL, (const void **)keys,
  871. (const void **)values, 4L,
  872. &kCFCopyStringDictionaryKeyCallBacks,
  873. &kCFTypeDictionaryValueCallBacks);
  874. CFRelease(values[3]);
  875. CFRelease(label_cf);
  876. /* Do we have a match? */
  877. status = SecItemCopyMatching(query_dict, (CFTypeRef *)out_cert_and_key);
  878. CFRelease(query_dict);
  879. }
  880. else {
  881. #if CURL_SUPPORT_MAC_10_6
  882. /* On Leopard and Snow Leopard, fall back to SecKeychainSearch. */
  883. status = CopyIdentityWithLabelOldSchool(label, out_cert_and_key);
  884. #endif /* CURL_SUPPORT_MAC_10_7 */
  885. }
  886. #elif CURL_SUPPORT_MAC_10_6
  887. /* For developers building on older cats, we have no choice but to fall back
  888. to SecKeychainSearch. */
  889. status = CopyIdentityWithLabelOldSchool(label, out_cert_and_key);
  890. #endif /* CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS */
  891. return status;
  892. }
  893. static OSStatus CopyIdentityFromPKCS12File(const char *cPath,
  894. const char *cPassword,
  895. SecIdentityRef *out_cert_and_key)
  896. {
  897. OSStatus status = errSecItemNotFound;
  898. CFURLRef pkcs_url = CFURLCreateFromFileSystemRepresentation(NULL,
  899. (const UInt8 *)cPath, strlen(cPath), false);
  900. CFStringRef password = cPassword ? CFStringCreateWithCString(NULL,
  901. cPassword, kCFStringEncodingUTF8) : NULL;
  902. CFDataRef pkcs_data = NULL;
  903. /* We can import P12 files on iOS or OS X 10.7 or later: */
  904. /* These constants are documented as having first appeared in 10.6 but they
  905. raise linker errors when used on that cat for some reason. */
  906. #if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS
  907. if(CFURLCreateDataAndPropertiesFromResource(NULL, pkcs_url, &pkcs_data,
  908. NULL, NULL, &status)) {
  909. const void *cKeys[] = {kSecImportExportPassphrase};
  910. const void *cValues[] = {password};
  911. CFDictionaryRef options = CFDictionaryCreate(NULL, cKeys, cValues,
  912. password ? 1L : 0L, NULL, NULL);
  913. CFArrayRef items = NULL;
  914. /* Here we go: */
  915. status = SecPKCS12Import(pkcs_data, options, &items);
  916. if(status == noErr && items && CFArrayGetCount(items)) {
  917. CFDictionaryRef identity_and_trust = CFArrayGetValueAtIndex(items, 0L);
  918. const void *temp_identity = CFDictionaryGetValue(identity_and_trust,
  919. kSecImportItemIdentity);
  920. /* Retain the identity; we don't care about any other data... */
  921. CFRetain(temp_identity);
  922. *out_cert_and_key = (SecIdentityRef)temp_identity;
  923. }
  924. if(items)
  925. CFRelease(items);
  926. CFRelease(options);
  927. CFRelease(pkcs_data);
  928. }
  929. #endif /* CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS */
  930. if(password)
  931. CFRelease(password);
  932. CFRelease(pkcs_url);
  933. return status;
  934. }
  935. /* This code was borrowed from nss.c, with some modifications:
  936. * Determine whether the nickname passed in is a filename that needs to
  937. * be loaded as a PEM or a regular NSS nickname.
  938. *
  939. * returns 1 for a file
  940. * returns 0 for not a file
  941. */
  942. CF_INLINE bool is_file(const char *filename)
  943. {
  944. struct_stat st;
  945. if(filename == NULL)
  946. return false;
  947. if(stat(filename, &st) == 0)
  948. return S_ISREG(st.st_mode);
  949. return false;
  950. }
  951. static CURLcode darwinssl_connect_step1(struct connectdata *conn,
  952. int sockindex)
  953. {
  954. struct SessionHandle *data = conn->data;
  955. curl_socket_t sockfd = conn->sock[sockindex];
  956. struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  957. #ifdef ENABLE_IPV6
  958. struct in6_addr addr;
  959. #else
  960. struct in_addr addr;
  961. #endif /* ENABLE_IPV6 */
  962. size_t all_ciphers_count = 0UL, allowed_ciphers_count = 0UL, i;
  963. SSLCipherSuite *all_ciphers = NULL, *allowed_ciphers = NULL;
  964. char *ssl_sessionid;
  965. size_t ssl_sessionid_len;
  966. OSStatus err = noErr;
  967. #if CURL_BUILD_MAC
  968. int darwinver_maj = 0, darwinver_min = 0;
  969. GetDarwinVersionNumber(&darwinver_maj, &darwinver_min);
  970. #endif /* CURL_BUILD_MAC */
  971. #if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS
  972. if(SSLCreateContext != NULL) { /* use the newer API if avaialble */
  973. if(connssl->ssl_ctx)
  974. CFRelease(connssl->ssl_ctx);
  975. connssl->ssl_ctx = SSLCreateContext(NULL, kSSLClientSide, kSSLStreamType);
  976. if(!connssl->ssl_ctx) {
  977. failf(data, "SSL: couldn't create a context!");
  978. return CURLE_OUT_OF_MEMORY;
  979. }
  980. }
  981. else {
  982. /* The old ST API does not exist under iOS, so don't compile it: */
  983. #if CURL_SUPPORT_MAC_10_8
  984. if(connssl->ssl_ctx)
  985. (void)SSLDisposeContext(connssl->ssl_ctx);
  986. err = SSLNewContext(false, &(connssl->ssl_ctx));
  987. if(err != noErr) {
  988. failf(data, "SSL: couldn't create a context: OSStatus %d", err);
  989. return CURLE_OUT_OF_MEMORY;
  990. }
  991. #endif /* CURL_SUPPORT_MAC_10_8 */
  992. }
  993. #else
  994. if(connssl->ssl_ctx)
  995. (void)SSLDisposeContext(connssl->ssl_ctx);
  996. err = SSLNewContext(false, &(connssl->ssl_ctx));
  997. if(err != noErr) {
  998. failf(data, "SSL: couldn't create a context: OSStatus %d", err);
  999. return CURLE_OUT_OF_MEMORY;
  1000. }
  1001. #endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */
  1002. connssl->ssl_write_buffered_length = 0UL; /* reset buffered write length */
  1003. /* check to see if we've been told to use an explicit SSL/TLS version */
  1004. #if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS
  1005. if(SSLSetProtocolVersionMax != NULL) {
  1006. switch(data->set.ssl.version) {
  1007. default:
  1008. case CURL_SSLVERSION_DEFAULT:
  1009. case CURL_SSLVERSION_TLSv1:
  1010. (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol1);
  1011. (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol12);
  1012. break;
  1013. case CURL_SSLVERSION_TLSv1_0:
  1014. (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol1);
  1015. (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol1);
  1016. break;
  1017. case CURL_SSLVERSION_TLSv1_1:
  1018. (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol11);
  1019. (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol11);
  1020. break;
  1021. case CURL_SSLVERSION_TLSv1_2:
  1022. (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol12);
  1023. (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol12);
  1024. break;
  1025. case CURL_SSLVERSION_SSLv3:
  1026. err = SSLSetProtocolVersionMin(connssl->ssl_ctx, kSSLProtocol3);
  1027. if(err != noErr) {
  1028. failf(data, "Your version of the OS does not support SSLv3");
  1029. return CURLE_SSL_CONNECT_ERROR;
  1030. }
  1031. (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kSSLProtocol3);
  1032. break;
  1033. case CURL_SSLVERSION_SSLv2:
  1034. err = SSLSetProtocolVersionMin(connssl->ssl_ctx, kSSLProtocol2);
  1035. if(err != noErr) {
  1036. failf(data, "Your version of the OS does not support SSLv2");
  1037. return CURLE_SSL_CONNECT_ERROR;
  1038. }
  1039. (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kSSLProtocol2);
  1040. }
  1041. }
  1042. else {
  1043. #if CURL_SUPPORT_MAC_10_8
  1044. (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
  1045. kSSLProtocolAll,
  1046. false);
  1047. switch (data->set.ssl.version) {
  1048. default:
  1049. case CURL_SSLVERSION_DEFAULT:
  1050. case CURL_SSLVERSION_TLSv1:
  1051. (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
  1052. kTLSProtocol1,
  1053. true);
  1054. (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
  1055. kTLSProtocol11,
  1056. true);
  1057. (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
  1058. kTLSProtocol12,
  1059. true);
  1060. break;
  1061. case CURL_SSLVERSION_TLSv1_0:
  1062. (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
  1063. kTLSProtocol1,
  1064. true);
  1065. break;
  1066. case CURL_SSLVERSION_TLSv1_1:
  1067. (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
  1068. kTLSProtocol11,
  1069. true);
  1070. break;
  1071. case CURL_SSLVERSION_TLSv1_2:
  1072. (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
  1073. kTLSProtocol12,
  1074. true);
  1075. break;
  1076. case CURL_SSLVERSION_SSLv3:
  1077. err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
  1078. kSSLProtocol3,
  1079. true);
  1080. if(err != noErr) {
  1081. failf(data, "Your version of the OS does not support SSLv3");
  1082. return CURLE_SSL_CONNECT_ERROR;
  1083. }
  1084. break;
  1085. case CURL_SSLVERSION_SSLv2:
  1086. err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
  1087. kSSLProtocol2,
  1088. true);
  1089. if(err != noErr) {
  1090. failf(data, "Your version of the OS does not support SSLv2");
  1091. return CURLE_SSL_CONNECT_ERROR;
  1092. }
  1093. break;
  1094. }
  1095. #endif /* CURL_SUPPORT_MAC_10_8 */
  1096. }
  1097. #else
  1098. (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, kSSLProtocolAll, false);
  1099. switch(data->set.ssl.version) {
  1100. default:
  1101. case CURL_SSLVERSION_DEFAULT:
  1102. case CURL_SSLVERSION_TLSv1:
  1103. case CURL_SSLVERSION_TLSv1_0:
  1104. (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
  1105. kTLSProtocol1,
  1106. true);
  1107. break;
  1108. case CURL_SSLVERSION_TLSv1_1:
  1109. failf(data, "Your version of the OS does not support TLSv1.1");
  1110. return CURLE_SSL_CONNECT_ERROR;
  1111. case CURL_SSLVERSION_TLSv1_2:
  1112. failf(data, "Your version of the OS does not support TLSv1.2");
  1113. return CURLE_SSL_CONNECT_ERROR;
  1114. case CURL_SSLVERSION_SSLv2:
  1115. err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
  1116. kSSLProtocol2,
  1117. true);
  1118. if(err != noErr) {
  1119. failf(data, "Your version of the OS does not support SSLv2");
  1120. return CURLE_SSL_CONNECT_ERROR;
  1121. }
  1122. break;
  1123. case CURL_SSLVERSION_SSLv3:
  1124. err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
  1125. kSSLProtocol3,
  1126. true);
  1127. if(err != noErr) {
  1128. failf(data, "Your version of the OS does not support SSLv3");
  1129. return CURLE_SSL_CONNECT_ERROR;
  1130. }
  1131. break;
  1132. }
  1133. #endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */
  1134. if(data->set.str[STRING_KEY]) {
  1135. infof(data, "WARNING: SSL: CURLOPT_SSLKEY is ignored by Secure "
  1136. "Transport. The private key must be in the Keychain.\n");
  1137. }
  1138. if(data->set.str[STRING_CERT]) {
  1139. SecIdentityRef cert_and_key = NULL;
  1140. bool is_cert_file = is_file(data->set.str[STRING_CERT]);
  1141. /* User wants to authenticate with a client cert. Look for it:
  1142. If we detect that this is a file on disk, then let's load it.
  1143. Otherwise, assume that the user wants to use an identity loaded
  1144. from the Keychain. */
  1145. if(is_cert_file) {
  1146. if(!data->set.str[STRING_CERT_TYPE])
  1147. infof(data, "WARNING: SSL: Certificate type not set, assuming "
  1148. "PKCS#12 format.\n");
  1149. else if(strncmp(data->set.str[STRING_CERT_TYPE], "P12",
  1150. strlen(data->set.str[STRING_CERT_TYPE])) != 0)
  1151. infof(data, "WARNING: SSL: The Security framework only supports "
  1152. "loading identities that are in PKCS#12 format.\n");
  1153. err = CopyIdentityFromPKCS12File(data->set.str[STRING_CERT],
  1154. data->set.str[STRING_KEY_PASSWD], &cert_and_key);
  1155. }
  1156. else
  1157. err = CopyIdentityWithLabel(data->set.str[STRING_CERT], &cert_and_key);
  1158. if(err == noErr) {
  1159. SecCertificateRef cert = NULL;
  1160. CFTypeRef certs_c[1];
  1161. CFArrayRef certs;
  1162. /* If we found one, print it out: */
  1163. err = SecIdentityCopyCertificate(cert_and_key, &cert);
  1164. if(err == noErr) {
  1165. CFStringRef cert_summary = CopyCertSubject(cert);
  1166. char cert_summary_c[128];
  1167. if(cert_summary) {
  1168. memset(cert_summary_c, 0, 128);
  1169. if(CFStringGetCString(cert_summary,
  1170. cert_summary_c,
  1171. 128,
  1172. kCFStringEncodingUTF8)) {
  1173. infof(data, "Client certificate: %s\n", cert_summary_c);
  1174. }
  1175. CFRelease(cert_summary);
  1176. CFRelease(cert);
  1177. }
  1178. }
  1179. certs_c[0] = cert_and_key;
  1180. certs = CFArrayCreate(NULL, (const void **)certs_c, 1L,
  1181. &kCFTypeArrayCallBacks);
  1182. err = SSLSetCertificate(connssl->ssl_ctx, certs);
  1183. if(certs)
  1184. CFRelease(certs);
  1185. if(err != noErr) {
  1186. failf(data, "SSL: SSLSetCertificate() failed: OSStatus %d", err);
  1187. return CURLE_SSL_CERTPROBLEM;
  1188. }
  1189. CFRelease(cert_and_key);
  1190. }
  1191. else {
  1192. switch(err) {
  1193. case errSecAuthFailed: case -25264: /* errSecPkcs12VerifyFailure */
  1194. failf(data, "SSL: Incorrect password for the certificate \"%s\" "
  1195. "and its private key.", data->set.str[STRING_CERT]);
  1196. break;
  1197. case -26275: /* errSecDecode */ case -25257: /* errSecUnknownFormat */
  1198. failf(data, "SSL: Couldn't make sense of the data in the "
  1199. "certificate \"%s\" and its private key.",
  1200. data->set.str[STRING_CERT]);
  1201. break;
  1202. case -25260: /* errSecPassphraseRequired */
  1203. failf(data, "SSL The certificate \"%s\" requires a password.",
  1204. data->set.str[STRING_CERT]);
  1205. break;
  1206. case errSecItemNotFound:
  1207. failf(data, "SSL: Can't find the certificate \"%s\" and its private "
  1208. "key in the Keychain.", data->set.str[STRING_CERT]);
  1209. break;
  1210. default:
  1211. failf(data, "SSL: Can't load the certificate \"%s\" and its private "
  1212. "key: OSStatus %d", data->set.str[STRING_CERT], err);
  1213. break;
  1214. }
  1215. return CURLE_SSL_CERTPROBLEM;
  1216. }
  1217. }
  1218. /* SSL always tries to verify the peer, this only says whether it should
  1219. * fail to connect if the verification fails, or if it should continue
  1220. * anyway. In the latter case the result of the verification is checked with
  1221. * SSL_get_verify_result() below. */
  1222. #if CURL_BUILD_MAC_10_6 || CURL_BUILD_IOS
  1223. /* Snow Leopard introduced the SSLSetSessionOption() function, but due to
  1224. a library bug with the way the kSSLSessionOptionBreakOnServerAuth flag
  1225. works, it doesn't work as expected under Snow Leopard or Lion.
  1226. So we need to call SSLSetEnableCertVerify() on those older cats in order
  1227. to disable certificate validation if the user turned that off.
  1228. (SecureTransport will always validate the certificate chain by
  1229. default.) */
  1230. /* (Note: Darwin 12.x.x is Mountain Lion.) */
  1231. #if CURL_BUILD_MAC
  1232. if(SSLSetSessionOption != NULL && darwinver_maj >= 12) {
  1233. #else
  1234. if(SSLSetSessionOption != NULL) {
  1235. #endif /* CURL_BUILD_MAC */
  1236. bool break_on_auth = !data->set.ssl.verifypeer ||
  1237. data->set.str[STRING_SSL_CAFILE];
  1238. err = SSLSetSessionOption(connssl->ssl_ctx,
  1239. kSSLSessionOptionBreakOnServerAuth,
  1240. break_on_auth);
  1241. if(err != noErr) {
  1242. failf(data, "SSL: SSLSetSessionOption() failed: OSStatus %d", err);
  1243. return CURLE_SSL_CONNECT_ERROR;
  1244. }
  1245. }
  1246. else {
  1247. #if CURL_SUPPORT_MAC_10_8
  1248. err = SSLSetEnableCertVerify(connssl->ssl_ctx,
  1249. data->set.ssl.verifypeer?true:false);
  1250. if(err != noErr) {
  1251. failf(data, "SSL: SSLSetEnableCertVerify() failed: OSStatus %d", err);
  1252. return CURLE_SSL_CONNECT_ERROR;
  1253. }
  1254. #endif /* CURL_SUPPORT_MAC_10_8 */
  1255. }
  1256. #else
  1257. err = SSLSetEnableCertVerify(connssl->ssl_ctx,
  1258. data->set.ssl.verifypeer?true:false);
  1259. if(err != noErr) {
  1260. failf(data, "SSL: SSLSetEnableCertVerify() failed: OSStatus %d", err);
  1261. return CURLE_SSL_CONNECT_ERROR;
  1262. }
  1263. #endif /* CURL_BUILD_MAC_10_6 || CURL_BUILD_IOS */
  1264. if(data->set.str[STRING_SSL_CAFILE]) {
  1265. bool is_cert_file = is_file(data->set.str[STRING_SSL_CAFILE]);
  1266. if(!is_cert_file) {
  1267. failf(data, "SSL: can't load CA certificate file %s",
  1268. data->set.str[STRING_SSL_CAFILE]);
  1269. return CURLE_SSL_CACERT_BADFILE;
  1270. }
  1271. if(!data->set.ssl.verifypeer) {
  1272. failf(data, "SSL: CA certificate set, but certificate verification "
  1273. "is disabled");
  1274. return CURLE_SSL_CONNECT_ERROR;
  1275. }
  1276. }
  1277. /* Configure hostname check. SNI is used if available.
  1278. * Both hostname check and SNI require SSLSetPeerDomainName().
  1279. * Also: the verifyhost setting influences SNI usage */
  1280. if(data->set.ssl.verifyhost) {
  1281. err = SSLSetPeerDomainName(connssl->ssl_ctx, conn->host.name,
  1282. strlen(conn->host.name));
  1283. if(err != noErr) {
  1284. infof(data, "WARNING: SSL: SSLSetPeerDomainName() failed: OSStatus %d\n",
  1285. err);
  1286. }
  1287. if((Curl_inet_pton(AF_INET, conn->host.name, &addr))
  1288. #ifdef ENABLE_IPV6
  1289. || (Curl_inet_pton(AF_INET6, conn->host.name, &addr))
  1290. #endif
  1291. ) {
  1292. infof(data, "WARNING: using IP address, SNI is being disabled by "
  1293. "the OS.\n");
  1294. }
  1295. }
  1296. /* Disable cipher suites that ST supports but are not safe. These ciphers
  1297. are unlikely to be used in any case since ST gives other ciphers a much
  1298. higher priority, but it's probably better that we not connect at all than
  1299. to give the user a false sense of security if the server only supports
  1300. insecure ciphers. (Note: We don't care about SSLv2-only ciphers.) */
  1301. (void)SSLGetNumberSupportedCiphers(connssl->ssl_ctx, &all_ciphers_count);
  1302. all_ciphers = malloc(all_ciphers_count*sizeof(SSLCipherSuite));
  1303. allowed_ciphers = malloc(all_ciphers_count*sizeof(SSLCipherSuite));
  1304. if(all_ciphers && allowed_ciphers &&
  1305. SSLGetSupportedCiphers(connssl->ssl_ctx, all_ciphers,
  1306. &all_ciphers_count) == noErr) {
  1307. for(i = 0UL ; i < all_ciphers_count ; i++) {
  1308. #if CURL_BUILD_MAC
  1309. /* There's a known bug in early versions of Mountain Lion where ST's ECC
  1310. ciphers (cipher suite 0xC001 through 0xC032) simply do not work.
  1311. Work around the problem here by disabling those ciphers if we are
  1312. running in an affected version of OS X. */
  1313. if(darwinver_maj == 12 && darwinver_min <= 3 &&
  1314. all_ciphers[i] >= 0xC001 && all_ciphers[i] <= 0xC032) {
  1315. continue;
  1316. }
  1317. #endif /* CURL_BUILD_MAC */
  1318. switch(all_ciphers[i]) {
  1319. /* Disable NULL ciphersuites: */
  1320. case SSL_NULL_WITH_NULL_NULL:
  1321. case SSL_RSA_WITH_NULL_MD5:
  1322. case SSL_RSA_WITH_NULL_SHA:
  1323. case 0x003B: /* TLS_RSA_WITH_NULL_SHA256 */
  1324. case SSL_FORTEZZA_DMS_WITH_NULL_SHA:
  1325. case 0xC001: /* TLS_ECDH_ECDSA_WITH_NULL_SHA */
  1326. case 0xC006: /* TLS_ECDHE_ECDSA_WITH_NULL_SHA */
  1327. case 0xC00B: /* TLS_ECDH_RSA_WITH_NULL_SHA */
  1328. case 0xC010: /* TLS_ECDHE_RSA_WITH_NULL_SHA */
  1329. case 0x002C: /* TLS_PSK_WITH_NULL_SHA */
  1330. case 0x002D: /* TLS_DHE_PSK_WITH_NULL_SHA */
  1331. case 0x002E: /* TLS_RSA_PSK_WITH_NULL_SHA */
  1332. case 0x00B0: /* TLS_PSK_WITH_NULL_SHA256 */
  1333. case 0x00B1: /* TLS_PSK_WITH_NULL_SHA384 */
  1334. case 0x00B4: /* TLS_DHE_PSK_WITH_NULL_SHA256 */
  1335. case 0x00B5: /* TLS_DHE_PSK_WITH_NULL_SHA384 */
  1336. case 0x00B8: /* TLS_RSA_PSK_WITH_NULL_SHA256 */
  1337. case 0x00B9: /* TLS_RSA_PSK_WITH_NULL_SHA384 */
  1338. /* Disable anonymous ciphersuites: */
  1339. case SSL_DH_anon_EXPORT_WITH_RC4_40_MD5:
  1340. case SSL_DH_anon_WITH_RC4_128_MD5:
  1341. case SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA:
  1342. case SSL_DH_anon_WITH_DES_CBC_SHA:
  1343. case SSL_DH_anon_WITH_3DES_EDE_CBC_SHA:
  1344. case TLS_DH_anon_WITH_AES_128_CBC_SHA:
  1345. case TLS_DH_anon_WITH_AES_256_CBC_SHA:
  1346. case 0xC015: /* TLS_ECDH_anon_WITH_NULL_SHA */
  1347. case 0xC016: /* TLS_ECDH_anon_WITH_RC4_128_SHA */
  1348. case 0xC017: /* TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA */
  1349. case 0xC018: /* TLS_ECDH_anon_WITH_AES_128_CBC_SHA */
  1350. case 0xC019: /* TLS_ECDH_anon_WITH_AES_256_CBC_SHA */
  1351. case 0x006C: /* TLS_DH_anon_WITH_AES_128_CBC_SHA256 */
  1352. case 0x006D: /* TLS_DH_anon_WITH_AES_256_CBC_SHA256 */
  1353. case 0x00A6: /* TLS_DH_anon_WITH_AES_128_GCM_SHA256 */
  1354. case 0x00A7: /* TLS_DH_anon_WITH_AES_256_GCM_SHA384 */
  1355. /* Disable weak key ciphersuites: */
  1356. case SSL_RSA_EXPORT_WITH_RC4_40_MD5:
  1357. case SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5:
  1358. case SSL_RSA_EXPORT_WITH_DES40_CBC_SHA:
  1359. case SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA:
  1360. case SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA:
  1361. case SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA:
  1362. case SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA:
  1363. case SSL_RSA_WITH_DES_CBC_SHA:
  1364. case SSL_DH_DSS_WITH_DES_CBC_SHA:
  1365. case SSL_DH_RSA_WITH_DES_CBC_SHA:
  1366. case SSL_DHE_DSS_WITH_DES_CBC_SHA:
  1367. case SSL_DHE_RSA_WITH_DES_CBC_SHA:
  1368. /* Disable IDEA: */
  1369. case SSL_RSA_WITH_IDEA_CBC_SHA:
  1370. case SSL_RSA_WITH_IDEA_CBC_MD5:
  1371. break;
  1372. default: /* enable everything else */
  1373. allowed_ciphers[allowed_ciphers_count++] = all_ciphers[i];
  1374. break;
  1375. }
  1376. }
  1377. err = SSLSetEnabledCiphers(connssl->ssl_ctx, allowed_ciphers,
  1378. allowed_ciphers_count);
  1379. if(err != noErr) {
  1380. failf(data, "SSL: SSLSetEnabledCiphers() failed: OSStatus %d", err);
  1381. return CURLE_SSL_CONNECT_ERROR;
  1382. }
  1383. }
  1384. else {
  1385. Curl_safefree(all_ciphers);
  1386. Curl_safefree(allowed_ciphers);
  1387. failf(data, "SSL: Failed to allocate memory for allowed ciphers");
  1388. return CURLE_OUT_OF_MEMORY;
  1389. }
  1390. Curl_safefree(all_ciphers);
  1391. Curl_safefree(allowed_ciphers);
  1392. #if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7
  1393. /* We want to enable 1/n-1 when using a CBC cipher unless the user
  1394. specifically doesn't want us doing that: */
  1395. if(SSLSetSessionOption != NULL)
  1396. SSLSetSessionOption(connssl->ssl_ctx, kSSLSessionOptionSendOneByteRecord,
  1397. !data->set.ssl_enable_beast);
  1398. #endif /* CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 */
  1399. /* Check if there's a cached ID we can/should use here! */
  1400. if(!Curl_ssl_getsessionid(conn, (void **)&ssl_sessionid,
  1401. &ssl_sessionid_len)) {
  1402. /* we got a session id, use it! */
  1403. err = SSLSetPeerID(connssl->ssl_ctx, ssl_sessionid, ssl_sessionid_len);
  1404. if(err != noErr) {
  1405. failf(data, "SSL: SSLSetPeerID() failed: OSStatus %d", err);
  1406. return CURLE_SSL_CONNECT_ERROR;
  1407. }
  1408. /* Informational message */
  1409. infof(data, "SSL re-using session ID\n");
  1410. }
  1411. /* If there isn't one, then let's make one up! This has to be done prior
  1412. to starting the handshake. */
  1413. else {
  1414. CURLcode retcode;
  1415. ssl_sessionid = malloc(256*sizeof(char));
  1416. ssl_sessionid_len = snprintf(ssl_sessionid, 256, "curl:%s:%hu",
  1417. conn->host.name, conn->remote_port);
  1418. err = SSLSetPeerID(connssl->ssl_ctx, ssl_sessionid, ssl_sessionid_len);
  1419. if(err != noErr) {
  1420. failf(data, "SSL: SSLSetPeerID() failed: OSStatus %d", err);
  1421. return CURLE_SSL_CONNECT_ERROR;
  1422. }
  1423. retcode = Curl_ssl_addsessionid(conn, ssl_sessionid, ssl_sessionid_len);
  1424. if(retcode!= CURLE_OK) {
  1425. failf(data, "failed to store ssl session");
  1426. return retcode;
  1427. }
  1428. }
  1429. err = SSLSetIOFuncs(connssl->ssl_ctx, SocketRead, SocketWrite);
  1430. if(err != noErr) {
  1431. failf(data, "SSL: SSLSetIOFuncs() failed: OSStatus %d", err);
  1432. return CURLE_SSL_CONNECT_ERROR;
  1433. }
  1434. /* pass the raw socket into the SSL layers */
  1435. /* We need to store the FD in a constant memory address, because
  1436. * SSLSetConnection() will not copy that address. I've found that
  1437. * conn->sock[sockindex] may change on its own. */
  1438. connssl->ssl_sockfd = sockfd;
  1439. err = SSLSetConnection(connssl->ssl_ctx, connssl);
  1440. if(err != noErr) {
  1441. failf(data, "SSL: SSLSetConnection() failed: %d", err);
  1442. return CURLE_SSL_CONNECT_ERROR;
  1443. }
  1444. connssl->connecting_state = ssl_connect_2;
  1445. return CURLE_OK;
  1446. }
  1447. static long pem_to_der(const char *in, unsigned char **out, size_t *outlen)
  1448. {
  1449. char *sep_start, *sep_end, *cert_start, *cert_end;
  1450. size_t i, j, err;
  1451. size_t len;
  1452. unsigned char *b64;
  1453. /* Jump through the separators at the beginning of the certificate. */
  1454. sep_start = strstr(in, "-----");
  1455. if(sep_start == NULL)
  1456. return 0;
  1457. cert_start = strstr(sep_start + 1, "-----");
  1458. if(cert_start == NULL)
  1459. return -1;
  1460. cert_start += 5;
  1461. /* Find separator after the end of the certificate. */
  1462. cert_end = strstr(cert_start, "-----");
  1463. if(cert_end == NULL)
  1464. return -1;
  1465. sep_end = strstr(cert_end + 1, "-----");
  1466. if(sep_end == NULL)
  1467. return -1;
  1468. sep_end += 5;
  1469. len = cert_end - cert_start;
  1470. b64 = malloc(len + 1);
  1471. if(!b64)
  1472. return -1;
  1473. /* Create base64 string without linefeeds. */
  1474. for(i = 0, j = 0; i < len; i++) {
  1475. if(cert_start[i] != '\r' && cert_start[i] != '\n')
  1476. b64[j++] = cert_start[i];
  1477. }
  1478. b64[j] = '\0';
  1479. err = Curl_base64_decode((const char *)b64, out, outlen);
  1480. free(b64);
  1481. if(err) {
  1482. free(*out);
  1483. return -1;
  1484. }
  1485. return sep_end - in;
  1486. }
  1487. static int read_cert(const char *file, unsigned char **out, size_t *outlen)
  1488. {
  1489. int fd;
  1490. ssize_t n, len = 0, cap = 512;
  1491. unsigned char buf[cap], *data;
  1492. fd = open(file, 0);
  1493. if(fd < 0)
  1494. return -1;
  1495. data = malloc(cap);
  1496. if(!data) {
  1497. close(fd);
  1498. return -1;
  1499. }
  1500. for(;;) {
  1501. n = read(fd, buf, sizeof(buf));
  1502. if(n < 0) {
  1503. close(fd);
  1504. free(data);
  1505. return -1;
  1506. }
  1507. else if(n == 0) {
  1508. close(fd);
  1509. break;
  1510. }
  1511. if(len + n >= cap) {
  1512. cap *= 2;
  1513. data = realloc(data, cap);
  1514. if(!data) {
  1515. close(fd);
  1516. return -1;
  1517. }
  1518. }
  1519. memcpy(data + len, buf, n);
  1520. len += n;
  1521. }
  1522. data[len] = '\0';
  1523. *out = data;
  1524. *outlen = len;
  1525. return 0;
  1526. }
  1527. static int sslerr_to_curlerr(struct SessionHandle *data, int err)
  1528. {
  1529. switch(err) {
  1530. case errSSLXCertChainInvalid:
  1531. failf(data, "SSL certificate problem: Invalid certificate chain");
  1532. return CURLE_SSL_CACERT;
  1533. case errSSLUnknownRootCert:
  1534. failf(data, "SSL certificate problem: Untrusted root certificate");
  1535. return CURLE_SSL_CACERT;
  1536. case errSSLNoRootCert:
  1537. failf(data, "SSL certificate problem: No root certificate");
  1538. return CURLE_SSL_CACERT;
  1539. case errSSLCertExpired:
  1540. failf(data, "SSL certificate problem: Certificate chain had an "
  1541. "expired certificate");
  1542. return CURLE_SSL_CACERT;
  1543. case errSSLBadCert:
  1544. failf(data, "SSL certificate problem: Couldn't understand the server "
  1545. "certificate format");
  1546. return CURLE_SSL_CONNECT_ERROR;
  1547. case errSSLHostNameMismatch:
  1548. failf(data, "SSL certificate peer hostname mismatch");
  1549. return CURLE_PEER_FAILED_VERIFICATION;
  1550. default:
  1551. failf(data, "SSL unexpected certificate error %d", err);
  1552. return CURLE_SSL_CACERT;
  1553. }
  1554. }
  1555. static int append_cert_to_array(struct SessionHandle *data,
  1556. unsigned char *buf, size_t buflen,
  1557. CFMutableArrayRef array)
  1558. {
  1559. CFDataRef certdata = CFDataCreate(kCFAllocatorDefault, buf, buflen);
  1560. if(!certdata) {
  1561. failf(data, "SSL: failed to allocate array for CA certificate");
  1562. return CURLE_OUT_OF_MEMORY;
  1563. }
  1564. SecCertificateRef cacert =
  1565. SecCertificateCreateWithData(kCFAllocatorDefault, certdata);
  1566. CFRelease(certdata);
  1567. if(!cacert) {
  1568. failf(data, "SSL: failed to create SecCertificate from CA certificate");
  1569. return CURLE_SSL_CACERT;
  1570. }
  1571. /* Check if cacert is valid. */
  1572. CFStringRef subject = CopyCertSubject(cacert);
  1573. if(subject) {
  1574. char subject_cbuf[128];
  1575. memset(subject_cbuf, 0, 128);
  1576. if(!CFStringGetCString(subject,
  1577. subject_cbuf,
  1578. 128,
  1579. kCFStringEncodingUTF8)) {
  1580. CFRelease(cacert);
  1581. failf(data, "SSL: invalid CA certificate subject");
  1582. return CURLE_SSL_CACERT;
  1583. }
  1584. CFRelease(subject);
  1585. }
  1586. else {
  1587. CFRelease(cacert);
  1588. failf(data, "SSL: invalid CA certificate");
  1589. return CURLE_SSL_CACERT;
  1590. }
  1591. CFArrayAppendValue(array, cacert);
  1592. CFRelease(cacert);
  1593. return CURLE_OK;
  1594. }
  1595. static int verify_cert(const char *cafile, struct SessionHandle *data,
  1596. SSLContextRef ctx)
  1597. {
  1598. int n = 0, rc;
  1599. long res;
  1600. unsigned char *certbuf, *der;
  1601. size_t buflen, derlen, offset = 0;
  1602. if(read_cert(cafile, &certbuf, &buflen) < 0) {
  1603. failf(data, "SSL: failed to read or invalid CA certificate");
  1604. return CURLE_SSL_CACERT;
  1605. }
  1606. /*
  1607. * Certbuf now contains the contents of the certificate file, which can be
  1608. * - a single DER certificate,
  1609. * - a single PEM certificate or
  1610. * - a bunch of PEM certificates (certificate bundle).
  1611. *
  1612. * Go through certbuf, and convert any PEM certificate in it into DER
  1613. * format.
  1614. */
  1615. CFMutableArrayRef array = CFArrayCreateMutable(kCFAllocatorDefault, 0,
  1616. &kCFTypeArrayCallBacks);
  1617. if(array == NULL) {
  1618. free(certbuf);
  1619. failf(data, "SSL: out of memory creating CA certificate array");
  1620. return CURLE_OUT_OF_MEMORY;
  1621. }
  1622. while(offset < buflen) {
  1623. n++;
  1624. /*
  1625. * Check if the certificate is in PEM format, and convert it to DER. If
  1626. * this fails, we assume the certificate is in DER format.
  1627. */
  1628. res = pem_to_der((const char *)certbuf + offset, &der, &derlen);
  1629. if(res < 0) {
  1630. free(certbuf);
  1631. CFRelease(array);
  1632. failf(data, "SSL: invalid CA certificate #%d (offset %d) in bundle",
  1633. n, offset);
  1634. return CURLE_SSL_CACERT;
  1635. }
  1636. offset += res;
  1637. if(res == 0 && offset == 0) {
  1638. /* This is not a PEM file, probably a certificate in DER format. */
  1639. rc = append_cert_to_array(data, certbuf, buflen, array);
  1640. free(certbuf);
  1641. if(rc != CURLE_OK) {
  1642. CFRelease(array);
  1643. return rc;
  1644. }
  1645. break;
  1646. }
  1647. else if(res == 0) {
  1648. /* No more certificates in the bundle. */
  1649. free(certbuf);
  1650. break;
  1651. }
  1652. rc = append_cert_to_array(data, der, derlen, array);
  1653. free(der);
  1654. if(rc != CURLE_OK) {
  1655. free(certbuf);
  1656. CFRelease(array);
  1657. return rc;
  1658. }
  1659. }
  1660. SecTrustRef trust;
  1661. OSStatus ret = SSLCopyPeerTrust(ctx, &trust);
  1662. if(trust == NULL) {
  1663. failf(data, "SSL: error getting certificate chain");
  1664. CFRelease(array);
  1665. return CURLE_OUT_OF_MEMORY;
  1666. }
  1667. else if(ret != noErr) {
  1668. CFRelease(array);
  1669. return sslerr_to_curlerr(data, ret);
  1670. }
  1671. ret = SecTrustSetAnchorCertificates(trust, array);
  1672. if(ret != noErr) {
  1673. CFRelease(trust);
  1674. return sslerr_to_curlerr(data, ret);
  1675. }
  1676. ret = SecTrustSetAnchorCertificatesOnly(trust, true);
  1677. if(ret != noErr) {
  1678. CFRelease(trust);
  1679. return sslerr_to_curlerr(data, ret);
  1680. }
  1681. SecTrustResultType trust_eval = 0;
  1682. ret = SecTrustEvaluate(trust, &trust_eval);
  1683. CFRelease(array);
  1684. CFRelease(trust);
  1685. if(ret != noErr) {
  1686. return sslerr_to_curlerr(data, ret);
  1687. }
  1688. switch (trust_eval) {
  1689. case kSecTrustResultUnspecified:
  1690. case kSecTrustResultProceed:
  1691. return CURLE_OK;
  1692. case kSecTrustResultRecoverableTrustFailure:
  1693. case kSecTrustResultDeny:
  1694. default:
  1695. failf(data, "SSL: certificate verification failed (result: %d)",
  1696. trust_eval);
  1697. return CURLE_PEER_FAILED_VERIFICATION;
  1698. }
  1699. }
  1700. static CURLcode
  1701. darwinssl_connect_step2(struct connectdata *conn, int sockindex)
  1702. {
  1703. struct SessionHandle *data = conn->data;
  1704. struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  1705. OSStatus err;
  1706. SSLCipherSuite cipher;
  1707. SSLProtocol protocol = 0;
  1708. DEBUGASSERT(ssl_connect_2 == connssl->connecting_state
  1709. || ssl_connect_2_reading == connssl->connecting_state
  1710. || ssl_connect_2_writing == connssl->connecting_state);
  1711. /* Here goes nothing: */
  1712. err = SSLHandshake(connssl->ssl_ctx);
  1713. if(err != noErr) {
  1714. switch (err) {
  1715. case errSSLWouldBlock: /* they're not done with us yet */
  1716. connssl->connecting_state = connssl->ssl_direction ?
  1717. ssl_connect_2_writing : ssl_connect_2_reading;
  1718. return CURLE_OK;
  1719. /* The below is errSSLServerAuthCompleted; it's not defined in
  1720. Leopard's headers */
  1721. case -9841:
  1722. if(data->set.str[STRING_SSL_CAFILE]) {
  1723. int res = verify_cert(data->set.str[STRING_SSL_CAFILE], data,
  1724. connssl->ssl_ctx);
  1725. if(res != CURLE_OK)
  1726. return res;
  1727. }
  1728. /* the documentation says we need to call SSLHandshake() again */
  1729. return darwinssl_connect_step2(conn, sockindex);
  1730. /* These are all certificate problems with the server: */
  1731. case errSSLXCertChainInvalid:
  1732. failf(data, "SSL certificate problem: Invalid certificate chain");
  1733. return CURLE_SSL_CACERT;
  1734. case errSSLUnknownRootCert:
  1735. failf(data, "SSL certificate problem: Untrusted root certificate");
  1736. return CURLE_SSL_CACERT;
  1737. case errSSLNoRootCert:
  1738. failf(data, "SSL certificate problem: No root certificate");
  1739. return CURLE_SSL_CACERT;
  1740. case errSSLCertExpired:
  1741. failf(data, "SSL certificate problem: Certificate chain had an "
  1742. "expired certificate");
  1743. return CURLE_SSL_CACERT;
  1744. case errSSLBadCert:
  1745. failf(data, "SSL certificate problem: Couldn't understand the server "
  1746. "certificate format");
  1747. return CURLE_SSL_CONNECT_ERROR;
  1748. /* These are all certificate problems with the client: */
  1749. case errSecAuthFailed:
  1750. failf(data, "SSL authentication failed");
  1751. return CURLE_SSL_CONNECT_ERROR;
  1752. case errSSLPeerHandshakeFail:
  1753. failf(data, "SSL peer handshake failed, the server most likely "
  1754. "requires a client certificate to connect");
  1755. return CURLE_SSL_CONNECT_ERROR;
  1756. case errSSLPeerUnknownCA:
  1757. failf(data, "SSL server rejected the client certificate due to "
  1758. "the certificate being signed by an unknown certificate "
  1759. "authority");
  1760. return CURLE_SSL_CONNECT_ERROR;
  1761. /* This error is raised if the server's cert didn't match the server's
  1762. host name: */
  1763. case errSSLHostNameMismatch:
  1764. failf(data, "SSL certificate peer verification failed, the "
  1765. "certificate did not match \"%s\"\n", conn->host.dispname);
  1766. return CURLE_PEER_FAILED_VERIFICATION;
  1767. /* Generic handshake errors: */
  1768. case errSSLConnectionRefused:
  1769. failf(data, "Server dropped the connection during the SSL handshake");
  1770. return CURLE_SSL_CONNECT_ERROR;
  1771. case errSSLClosedAbort:
  1772. failf(data, "Server aborted the SSL handshake");
  1773. return CURLE_SSL_CONNECT_ERROR;
  1774. case errSSLNegotiation:
  1775. failf(data, "Could not negotiate an SSL cipher suite with the server");
  1776. return CURLE_SSL_CONNECT_ERROR;
  1777. /* Sometimes paramErr happens with buggy ciphers: */
  1778. case paramErr: case errSSLInternal:
  1779. failf(data, "Internal SSL engine error encountered during the "
  1780. "SSL handshake");
  1781. return CURLE_SSL_CONNECT_ERROR;
  1782. case errSSLFatalAlert:
  1783. failf(data, "Fatal SSL engine error encountered during the SSL "
  1784. "handshake");
  1785. return CURLE_SSL_CONNECT_ERROR;
  1786. default:
  1787. failf(data, "Unknown SSL protocol error in connection to %s:%d",
  1788. conn->host.name, err);
  1789. return CURLE_SSL_CONNECT_ERROR;
  1790. }
  1791. }
  1792. else {
  1793. /* we have been connected fine, we're not waiting for anything else. */
  1794. connssl->connecting_state = ssl_connect_3;
  1795. /* Informational message */
  1796. (void)SSLGetNegotiatedCipher(connssl->ssl_ctx, &cipher);
  1797. (void)SSLGetNegotiatedProtocolVersion(connssl->ssl_ctx, &protocol);
  1798. switch (protocol) {
  1799. case kSSLProtocol2:
  1800. infof(data, "SSL 2.0 connection using %s\n",
  1801. SSLCipherNameForNumber(cipher));
  1802. break;
  1803. case kSSLProtocol3:
  1804. infof(data, "SSL 3.0 connection using %s\n",
  1805. SSLCipherNameForNumber(cipher));
  1806. break;
  1807. case kTLSProtocol1:
  1808. infof(data, "TLS 1.0 connection using %s\n",
  1809. TLSCipherNameForNumber(cipher));
  1810. break;
  1811. #if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS
  1812. case kTLSProtocol11:
  1813. infof(data, "TLS 1.1 connection using %s\n",
  1814. TLSCipherNameForNumber(cipher));
  1815. break;
  1816. case kTLSProtocol12:
  1817. infof(data, "TLS 1.2 connection using %s\n",
  1818. TLSCipherNameForNumber(cipher));
  1819. break;
  1820. #endif
  1821. default:
  1822. infof(data, "Unknown protocol connection\n");
  1823. break;
  1824. }
  1825. return CURLE_OK;
  1826. }
  1827. }
  1828. static CURLcode
  1829. darwinssl_connect_step3(struct connectdata *conn,
  1830. int sockindex)
  1831. {
  1832. struct SessionHandle *data = conn->data;
  1833. struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  1834. CFStringRef server_cert_summary;
  1835. char server_cert_summary_c[128];
  1836. CFArrayRef server_certs = NULL;
  1837. SecCertificateRef server_cert;
  1838. OSStatus err;
  1839. CFIndex i, count;
  1840. SecTrustRef trust = NULL;
  1841. /* There is no step 3!
  1842. * Well, okay, if verbose mode is on, let's print the details of the
  1843. * server certificates. */
  1844. #if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS
  1845. #if CURL_BUILD_IOS
  1846. #pragma unused(server_certs)
  1847. err = SSLCopyPeerTrust(connssl->ssl_ctx, &trust);
  1848. /* For some reason, SSLCopyPeerTrust() can return noErr and yet return
  1849. a null trust, so be on guard for that: */
  1850. if(err == noErr && trust) {
  1851. count = SecTrustGetCertificateCount(trust);
  1852. for(i = 0L ; i < count ; i++) {
  1853. server_cert = SecTrustGetCertificateAtIndex(trust, i);
  1854. server_cert_summary = CopyCertSubject(server_cert);
  1855. memset(server_cert_summary_c, 0, 128);
  1856. if(CFStringGetCString(server_cert_summary,
  1857. server_cert_summary_c,
  1858. 128,
  1859. kCFStringEncodingUTF8)) {
  1860. infof(data, "Server certificate: %s\n", server_cert_summary_c);
  1861. }
  1862. CFRelease(server_cert_summary);
  1863. }
  1864. CFRelease(trust);
  1865. }
  1866. #else
  1867. /* SSLCopyPeerCertificates() is deprecated as of Mountain Lion.
  1868. The function SecTrustGetCertificateAtIndex() is officially present
  1869. in Lion, but it is unfortunately also present in Snow Leopard as
  1870. private API and doesn't work as expected. So we have to look for
  1871. a different symbol to make sure this code is only executed under
  1872. Lion or later. */
  1873. if(SecTrustEvaluateAsync != NULL) {
  1874. #pragma unused(server_certs)
  1875. err = SSLCopyPeerTrust(connssl->ssl_ctx, &trust);
  1876. /* For some reason, SSLCopyPeerTrust() can return noErr and yet return
  1877. a null trust, so be on guard for that: */
  1878. if(err == noErr && trust) {
  1879. count = SecTrustGetCertificateCount(trust);
  1880. for(i = 0L ; i < count ; i++) {
  1881. server_cert = SecTrustGetCertificateAtIndex(trust, i);
  1882. server_cert_summary = CopyCertSubject(server_cert);
  1883. memset(server_cert_summary_c, 0, 128);
  1884. if(CFStringGetCString(server_cert_summary,
  1885. server_cert_summary_c,
  1886. 128,
  1887. kCFStringEncodingUTF8)) {
  1888. infof(data, "Server certificate: %s\n", server_cert_summary_c);
  1889. }
  1890. CFRelease(server_cert_summary);
  1891. }
  1892. CFRelease(trust);
  1893. }
  1894. }
  1895. else {
  1896. #if CURL_SUPPORT_MAC_10_8
  1897. err = SSLCopyPeerCertificates(connssl->ssl_ctx, &server_certs);
  1898. /* Just in case SSLCopyPeerCertificates() returns null too... */
  1899. if(err == noErr && server_certs) {
  1900. count = CFArrayGetCount(server_certs);
  1901. for(i = 0L ; i < count ; i++) {
  1902. server_cert = (SecCertificateRef)CFArrayGetValueAtIndex(server_certs,
  1903. i);
  1904. server_cert_summary = CopyCertSubject(server_cert);
  1905. memset(server_cert_summary_c, 0, 128);
  1906. if(CFStringGetCString(server_cert_summary,
  1907. server_cert_summary_c,
  1908. 128,
  1909. kCFStringEncodingUTF8)) {
  1910. infof(data, "Server certificate: %s\n", server_cert_summary_c);
  1911. }
  1912. CFRelease(server_cert_summary);
  1913. }
  1914. CFRelease(server_certs);
  1915. }
  1916. #endif /* CURL_SUPPORT_MAC_10_8 */
  1917. }
  1918. #endif /* CURL_BUILD_IOS */
  1919. #else
  1920. #pragma unused(trust)
  1921. err = SSLCopyPeerCertificates(connssl->ssl_ctx, &server_certs);
  1922. if(err == noErr) {
  1923. count = CFArrayGetCount(server_certs);
  1924. for(i = 0L ; i < count ; i++) {
  1925. server_cert = (SecCertificateRef)CFArrayGetValueAtIndex(server_certs, i);
  1926. server_cert_summary = CopyCertSubject(server_cert);
  1927. memset(server_cert_summary_c, 0, 128);
  1928. if(CFStringGetCString(server_cert_summary,
  1929. server_cert_summary_c,
  1930. 128,
  1931. kCFStringEncodingUTF8)) {
  1932. infof(data, "Server certificate: %s\n", server_cert_summary_c);
  1933. }
  1934. CFRelease(server_cert_summary);
  1935. }
  1936. CFRelease(server_certs);
  1937. }
  1938. #endif /* CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS */
  1939. connssl->connecting_state = ssl_connect_done;
  1940. return CURLE_OK;
  1941. }
  1942. static Curl_recv darwinssl_recv;
  1943. static Curl_send darwinssl_send;
  1944. static CURLcode
  1945. darwinssl_connect_common(struct connectdata *conn,
  1946. int sockindex,
  1947. bool nonblocking,
  1948. bool *done)
  1949. {
  1950. CURLcode retcode;
  1951. struct SessionHandle *data = conn->data;
  1952. struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  1953. curl_socket_t sockfd = conn->sock[sockindex];
  1954. long timeout_ms;
  1955. int what;
  1956. /* check if the connection has already been established */
  1957. if(ssl_connection_complete == connssl->state) {
  1958. *done = TRUE;
  1959. return CURLE_OK;
  1960. }
  1961. if(ssl_connect_1==connssl->connecting_state) {
  1962. /* Find out how much more time we're allowed */
  1963. timeout_ms = Curl_timeleft(data, NULL, TRUE);
  1964. if(timeout_ms < 0) {
  1965. /* no need to continue if time already is up */
  1966. failf(data, "SSL connection timeout");
  1967. return CURLE_OPERATION_TIMEDOUT;
  1968. }
  1969. retcode = darwinssl_connect_step1(conn, sockindex);
  1970. if(retcode)
  1971. return retcode;
  1972. }
  1973. while(ssl_connect_2 == connssl->connecting_state ||
  1974. ssl_connect_2_reading == connssl->connecting_state ||
  1975. ssl_connect_2_writing == connssl->connecting_state) {
  1976. /* check allowed time left */
  1977. timeout_ms = Curl_timeleft(data, NULL, TRUE);
  1978. if(timeout_ms < 0) {
  1979. /* no need to continue if time already is up */
  1980. failf(data, "SSL connection timeout");
  1981. return CURLE_OPERATION_TIMEDOUT;
  1982. }
  1983. /* if ssl is expecting something, check if it's available. */
  1984. if(connssl->connecting_state == ssl_connect_2_reading
  1985. || connssl->connecting_state == ssl_connect_2_writing) {
  1986. curl_socket_t writefd = ssl_connect_2_writing ==
  1987. connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
  1988. curl_socket_t readfd = ssl_connect_2_reading ==
  1989. connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
  1990. what = Curl_socket_ready(readfd, writefd, nonblocking?0:timeout_ms);
  1991. if(what < 0) {
  1992. /* fatal error */
  1993. failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
  1994. return CURLE_SSL_CONNECT_ERROR;
  1995. }
  1996. else if(0 == what) {
  1997. if(nonblocking) {
  1998. *done = FALSE;
  1999. return CURLE_OK;
  2000. }
  2001. else {
  2002. /* timeout */
  2003. failf(data, "SSL connection timeout");
  2004. return CURLE_OPERATION_TIMEDOUT;
  2005. }
  2006. }
  2007. /* socket is readable or writable */
  2008. }
  2009. /* Run transaction, and return to the caller if it failed or if this
  2010. * connection is done nonblocking and this loop would execute again. This
  2011. * permits the owner of a multi handle to abort a connection attempt
  2012. * before step2 has completed while ensuring that a client using select()
  2013. * or epoll() will always have a valid fdset to wait on.
  2014. */
  2015. retcode = darwinssl_connect_step2(conn, sockindex);
  2016. if(retcode || (nonblocking &&
  2017. (ssl_connect_2 == connssl->connecting_state ||
  2018. ssl_connect_2_reading == connssl->connecting_state ||
  2019. ssl_connect_2_writing == connssl->connecting_state)))
  2020. return retcode;
  2021. } /* repeat step2 until all transactions are done. */
  2022. if(ssl_connect_3==connssl->connecting_state) {
  2023. retcode = darwinssl_connect_step3(conn, sockindex);
  2024. if(retcode)
  2025. return retcode;
  2026. }
  2027. if(ssl_connect_done==connssl->connecting_state) {
  2028. connssl->state = ssl_connection_complete;
  2029. conn->recv[sockindex] = darwinssl_recv;
  2030. conn->send[sockindex] = darwinssl_send;
  2031. *done = TRUE;
  2032. }
  2033. else
  2034. *done = FALSE;
  2035. /* Reset our connect state machine */
  2036. connssl->connecting_state = ssl_connect_1;
  2037. return CURLE_OK;
  2038. }
  2039. CURLcode
  2040. Curl_darwinssl_connect_nonblocking(struct connectdata *conn,
  2041. int sockindex,
  2042. bool *done)
  2043. {
  2044. return darwinssl_connect_common(conn, sockindex, TRUE, done);
  2045. }
  2046. CURLcode
  2047. Curl_darwinssl_connect(struct connectdata *conn,
  2048. int sockindex)
  2049. {
  2050. CURLcode retcode;
  2051. bool done = FALSE;
  2052. retcode = darwinssl_connect_common(conn, sockindex, FALSE, &done);
  2053. if(retcode)
  2054. return retcode;
  2055. DEBUGASSERT(done);
  2056. return CURLE_OK;
  2057. }
  2058. void Curl_darwinssl_close(struct connectdata *conn, int sockindex)
  2059. {
  2060. struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  2061. if(connssl->ssl_ctx) {
  2062. (void)SSLClose(connssl->ssl_ctx);
  2063. #if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS
  2064. if(SSLCreateContext != NULL)
  2065. CFRelease(connssl->ssl_ctx);
  2066. #if CURL_SUPPORT_MAC_10_8
  2067. else
  2068. (void)SSLDisposeContext(connssl->ssl_ctx);
  2069. #endif /* CURL_SUPPORT_MAC_10_8 */
  2070. #else
  2071. (void)SSLDisposeContext(connssl->ssl_ctx);
  2072. #endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */
  2073. connssl->ssl_ctx = NULL;
  2074. }
  2075. connssl->ssl_sockfd = 0;
  2076. }
  2077. void Curl_darwinssl_close_all(struct SessionHandle *data)
  2078. {
  2079. /* SecureTransport doesn't separate sessions from contexts, so... */
  2080. (void)data;
  2081. }
  2082. int Curl_darwinssl_shutdown(struct connectdata *conn, int sockindex)
  2083. {
  2084. struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  2085. struct SessionHandle *data = conn->data;
  2086. ssize_t nread;
  2087. int what;
  2088. int rc;
  2089. char buf[120];
  2090. if(!connssl->ssl_ctx)
  2091. return 0;
  2092. if(data->set.ftp_ccc != CURLFTPSSL_CCC_ACTIVE)
  2093. return 0;
  2094. Curl_darwinssl_close(conn, sockindex);
  2095. rc = 0;
  2096. what = Curl_socket_ready(conn->sock[sockindex],
  2097. CURL_SOCKET_BAD, SSL_SHUTDOWN_TIMEOUT);
  2098. for(;;) {
  2099. if(what < 0) {
  2100. /* anything that gets here is fatally bad */
  2101. failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
  2102. rc = -1;
  2103. break;
  2104. }
  2105. if(!what) { /* timeout */
  2106. failf(data, "SSL shutdown timeout");
  2107. break;
  2108. }
  2109. /* Something to read, let's do it and hope that it is the close
  2110. notify alert from the server. No way to SSL_Read now, so use read(). */
  2111. nread = read(conn->sock[sockindex], buf, sizeof(buf));
  2112. if(nread < 0) {
  2113. failf(data, "read: %s", strerror(errno));
  2114. rc = -1;
  2115. }
  2116. if(nread <= 0)
  2117. break;
  2118. what = Curl_socket_ready(conn->sock[sockindex], CURL_SOCKET_BAD, 0);
  2119. }
  2120. return rc;
  2121. }
  2122. void Curl_darwinssl_session_free(void *ptr)
  2123. {
  2124. /* ST, as of iOS 5 and Mountain Lion, has no public method of deleting a
  2125. cached session ID inside the Security framework. There is a private
  2126. function that does this, but I don't want to have to explain to you why I
  2127. got your application rejected from the App Store due to the use of a
  2128. private API, so the best we can do is free up our own char array that we
  2129. created way back in darwinssl_connect_step1... */
  2130. Curl_safefree(ptr);
  2131. }
  2132. size_t Curl_darwinssl_version(char *buffer, size_t size)
  2133. {
  2134. return snprintf(buffer, size, "SecureTransport");
  2135. }
  2136. /*
  2137. * This function uses SSLGetSessionState to determine connection status.
  2138. *
  2139. * Return codes:
  2140. * 1 means the connection is still in place
  2141. * 0 means the connection has been closed
  2142. * -1 means the connection status is unknown
  2143. */
  2144. int Curl_darwinssl_check_cxn(struct connectdata *conn)
  2145. {
  2146. struct ssl_connect_data *connssl = &conn->ssl[FIRSTSOCKET];
  2147. OSStatus err;
  2148. SSLSessionState state;
  2149. if(connssl->ssl_ctx) {
  2150. err = SSLGetSessionState(connssl->ssl_ctx, &state);
  2151. if(err == noErr)
  2152. return state == kSSLConnected || state == kSSLHandshake;
  2153. return -1;
  2154. }
  2155. return 0;
  2156. }
  2157. bool Curl_darwinssl_data_pending(const struct connectdata *conn,
  2158. int connindex)
  2159. {
  2160. const struct ssl_connect_data *connssl = &conn->ssl[connindex];
  2161. OSStatus err;
  2162. size_t buffer;
  2163. if(connssl->ssl_ctx) { /* SSL is in use */
  2164. err = SSLGetBufferedReadSize(connssl->ssl_ctx, &buffer);
  2165. if(err == noErr)
  2166. return buffer > 0UL;
  2167. return false;
  2168. }
  2169. else
  2170. return false;
  2171. }
  2172. int Curl_darwinssl_random(unsigned char *entropy,
  2173. size_t length)
  2174. {
  2175. /* arc4random_buf() isn't available on cats older than Lion, so let's
  2176. do this manually for the benefit of the older cats. */
  2177. size_t i;
  2178. u_int32_t random_number = 0;
  2179. for(i = 0 ; i < length ; i++) {
  2180. if(i % sizeof(u_int32_t) == 0)
  2181. random_number = arc4random();
  2182. entropy[i] = random_number & 0xFF;
  2183. random_number >>= 8;
  2184. }
  2185. i = random_number = 0;
  2186. return 0;
  2187. }
  2188. void Curl_darwinssl_md5sum(unsigned char *tmp, /* input */
  2189. size_t tmplen,
  2190. unsigned char *md5sum, /* output */
  2191. size_t md5len)
  2192. {
  2193. (void)md5len;
  2194. (void)CC_MD5(tmp, (CC_LONG)tmplen, md5sum);
  2195. }
  2196. static ssize_t darwinssl_send(struct connectdata *conn,
  2197. int sockindex,
  2198. const void *mem,
  2199. size_t len,
  2200. CURLcode *curlcode)
  2201. {
  2202. /*struct SessionHandle *data = conn->data;*/
  2203. struct ssl_connect_data *connssl = &conn->ssl[sockindex];
  2204. size_t processed = 0UL;
  2205. OSStatus err;
  2206. /* The SSLWrite() function works a little differently than expected. The
  2207. fourth argument (processed) is currently documented in Apple's
  2208. documentation as: "On return, the length, in bytes, of the data actually
  2209. written."
  2210. Now, one could interpret that as "written to the socket," but actually,
  2211. it returns the amount of data that was written to a buffer internal to
  2212. the SSLContextRef instead. So it's possible for SSLWrite() to return
  2213. errSSLWouldBlock and a number of bytes "written" because those bytes were
  2214. encrypted and written to a buffer, not to the socket.
  2215. So if this happens, then we need to keep calling SSLWrite() over and
  2216. over again with no new data until it quits returning errSSLWouldBlock. */
  2217. /* Do we have buffered data to write from the last time we were called? */
  2218. if(connssl->ssl_write_buffered_length) {
  2219. /* Write the buffered data: */
  2220. err = SSLWrite(connssl->ssl_ctx, NULL, 0UL, &processed);
  2221. switch (err) {
  2222. case noErr:
  2223. /* processed is always going to be 0 because we didn't write to
  2224. the buffer, so return how much was written to the socket */
  2225. processed = connssl->ssl_write_buffered_length;
  2226. connssl->ssl_write_buffered_length = 0UL;
  2227. break;
  2228. case errSSLWouldBlock: /* argh, try again */
  2229. *curlcode = CURLE_AGAIN;
  2230. return -1L;
  2231. default:
  2232. failf(conn->data, "SSLWrite() returned error %d", err);
  2233. *curlcode = CURLE_SEND_ERROR;
  2234. return -1L;
  2235. }
  2236. }
  2237. else {
  2238. /* We've got new data to write: */
  2239. err = SSLWrite(connssl->ssl_ctx, mem, len, &processed);
  2240. if(err != noErr) {
  2241. switch (err) {
  2242. case errSSLWouldBlock:
  2243. /* Data was buffered but not sent, we have to tell the caller
  2244. to try sending again, and remember how much was buffered */
  2245. connssl->ssl_write_buffered_length = len;
  2246. *curlcode = CURLE_AGAIN;
  2247. return -1L;
  2248. default:
  2249. failf(conn->data, "SSLWrite() returned error %d", err);
  2250. *curlcode = CURLE_SEND_ERROR;
  2251. return -1L;
  2252. }
  2253. }
  2254. }
  2255. return (ssize_t)processed;
  2256. }
  2257. static ssize_t darwinssl_recv(struct connectdata *conn,
  2258. int num,
  2259. char *buf,
  2260. size_t buffersize,
  2261. CURLcode *curlcode)
  2262. {
  2263. /*struct SessionHandle *data = conn->data;*/
  2264. struct ssl_connect_data *connssl = &conn->ssl[num];
  2265. size_t processed = 0UL;
  2266. OSStatus err = SSLRead(connssl->ssl_ctx, buf, buffersize, &processed);
  2267. if(err != noErr) {
  2268. switch (err) {
  2269. case errSSLWouldBlock: /* return how much we read (if anything) */
  2270. if(processed)
  2271. return (ssize_t)processed;
  2272. *curlcode = CURLE_AGAIN;
  2273. return -1L;
  2274. break;
  2275. /* errSSLClosedGraceful - server gracefully shut down the SSL session
  2276. errSSLClosedNoNotify - server hung up on us instead of sending a
  2277. closure alert notice, read() is returning 0
  2278. Either way, inform the caller that the server disconnected. */
  2279. case errSSLClosedGraceful:
  2280. case errSSLClosedNoNotify:
  2281. *curlcode = CURLE_OK;
  2282. return -1L;
  2283. break;
  2284. default:
  2285. failf(conn->data, "SSLRead() return error %d", err);
  2286. *curlcode = CURLE_RECV_ERROR;
  2287. return -1L;
  2288. break;
  2289. }
  2290. }
  2291. return (ssize_t)processed;
  2292. }
  2293. #endif /* USE_DARWINSSL */