]> git.proxmox.com Git - libgit2.git/blob - src/streams/mbedtls.c
projects / libgit2.git / blob
? search:


0cf5c8af1fbe502a231ed05aa8ed8029506005bc
[libgit2.git] / src / streams / mbedtls.c
1 /*
2 * Copyright (C) the libgit2 contributors. All rights reserved.
3 *
4 * This file is part of libgit2, distributed under the GNU GPL v2 with
5 * a Linking Exception. For full terms see the included COPYING file.
6 */
7
8 #include "streams/mbedtls.h"
9
10 #ifdef GIT_MBEDTLS
11
12 #include <ctype.h>
13
14 #include "runtime.h"
15 #include "stream.h"
16 #include "streams/socket.h"
17 #include "netops.h"
18 #include "git2/transport.h"
19 #include "util.h"
20
21 #ifndef GIT_DEFAULT_CERT_LOCATION
22 #define GIT_DEFAULT_CERT_LOCATION NULL
23 #endif
24
25 /* Work around C90-conformance issues */
26 #if !defined(__STDC_VERSION__) || (__STDC_VERSION__ < 199901L)
27 # if defined(_MSC_VER)
28 # define inline __inline
29 # elif defined(__GNUC__)
30 # define inline __inline__
31 # else
32 # define inline
33 # endif
34 #endif
35
36 #include <mbedtls/config.h>
37 #include <mbedtls/ssl.h>
38 #include <mbedtls/error.h>
39 #include <mbedtls/entropy.h>
40 #include <mbedtls/ctr_drbg.h>
41
42 #undef inline
43
44 #define GIT_SSL_DEFAULT_CIPHERS "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-DSS-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-DSS-WITH-AES-256-GCM-SHA384:TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256:TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA:TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA:TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384:TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384:TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA:TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-128-CBC-SHA256:TLS-DHE-DSS-WITH-AES-256-CBC-SHA256:TLS-DHE-DSS-WITH-AES-128-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-128-GCM-SHA256:TLS-RSA-WITH-AES-256-GCM-SHA384:TLS-RSA-WITH-AES-128-CBC-SHA256:TLS-RSA-WITH-AES-256-CBC-SHA256:TLS-RSA-WITH-AES-128-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA"
45 #define GIT_SSL_DEFAULT_CIPHERS_COUNT 30
46
47 static mbedtls_ssl_config *git__ssl_conf;
48 static int ciphers_list[GIT_SSL_DEFAULT_CIPHERS_COUNT];
49 static mbedtls_entropy_context *mbedtls_entropy;
50
51 /**
52 * This function aims to clean-up the SSL context which
53 * we allocated.
54 */
55 static void shutdown_ssl(void)
56 {
57 if (git__ssl_conf) {
58 mbedtls_x509_crt_free(git__ssl_conf->ca_chain);
59 git__free(git__ssl_conf->ca_chain);
60 mbedtls_ctr_drbg_free(git__ssl_conf->p_rng);
61 git__free(git__ssl_conf->p_rng);
62 mbedtls_ssl_config_free(git__ssl_conf);
63 git__free(git__ssl_conf);
64 git__ssl_conf = NULL;
65 }
66 if (mbedtls_entropy) {
67 mbedtls_entropy_free(mbedtls_entropy);
68 git__free(mbedtls_entropy);
69 mbedtls_entropy = NULL;
70 }
71 }
72
73 int git_mbedtls_stream_global_init(void)
74 {
75 int loaded = 0;
76 char *crtpath = GIT_DEFAULT_CERT_LOCATION;
77 struct stat statbuf;
78 mbedtls_ctr_drbg_context *ctr_drbg = NULL;
79
80 size_t ciphers_known = 0;
81 char *cipher_name = NULL;
82 char *cipher_string = NULL;
83 char *cipher_string_tmp = NULL;
84
85 git__ssl_conf = git__malloc(sizeof(mbedtls_ssl_config));
86 GIT_ERROR_CHECK_ALLOC(git__ssl_conf);
87
88 mbedtls_ssl_config_init(git__ssl_conf);
89 if (mbedtls_ssl_config_defaults(git__ssl_conf,
90 MBEDTLS_SSL_IS_CLIENT,
91 MBEDTLS_SSL_TRANSPORT_STREAM,
92 MBEDTLS_SSL_PRESET_DEFAULT) != 0) {
93 git_error_set(GIT_ERROR_SSL, "failed to initialize mbedTLS");
94 goto cleanup;
95 }
96
97 /* configure TLSv1 */
98 mbedtls_ssl_conf_min_version(git__ssl_conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0);
99
100 /* verify_server_cert is responsible for making the check.
101 * OPTIONAL because REQUIRED drops the certificate as soon as the check
102 * is made, so we can never see the certificate and override it. */
103 mbedtls_ssl_conf_authmode(git__ssl_conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
104
105 /* set the list of allowed ciphersuites */
106 ciphers_known = 0;
107 cipher_string = cipher_string_tmp = git__strdup(GIT_SSL_DEFAULT_CIPHERS);
108 GIT_ERROR_CHECK_ALLOC(cipher_string);
109
110 while ((cipher_name = git__strtok(&cipher_string_tmp, ":")) != NULL) {
111 int cipherid = mbedtls_ssl_get_ciphersuite_id(cipher_name);
112 if (cipherid == 0) continue;
113
114 if (ciphers_known >= ARRAY_SIZE(ciphers_list)) {
115 git_error_set(GIT_ERROR_SSL, "out of cipher list space");
116 goto cleanup;
117 }
118
119 ciphers_list[ciphers_known++] = cipherid;
120 }
121 git__free(cipher_string);
122
123 if (!ciphers_known) {
124 git_error_set(GIT_ERROR_SSL, "no cipher could be enabled");
125 goto cleanup;
126 }
127 mbedtls_ssl_conf_ciphersuites(git__ssl_conf, ciphers_list);
128
129 /* Seeding the random number generator */
130 mbedtls_entropy = git__malloc(sizeof(mbedtls_entropy_context));
131 GIT_ERROR_CHECK_ALLOC(mbedtls_entropy);
132
133 mbedtls_entropy_init(mbedtls_entropy);
134
135 ctr_drbg = git__malloc(sizeof(mbedtls_ctr_drbg_context));
136 GIT_ERROR_CHECK_ALLOC(ctr_drbg);
137
138 mbedtls_ctr_drbg_init(ctr_drbg);
139
140 if (mbedtls_ctr_drbg_seed(ctr_drbg,
141 mbedtls_entropy_func,
142 mbedtls_entropy, NULL, 0) != 0) {
143 git_error_set(GIT_ERROR_SSL, "failed to initialize mbedTLS entropy pool");
144 goto cleanup;
145 }
146
147 mbedtls_ssl_conf_rng(git__ssl_conf, mbedtls_ctr_drbg_random, ctr_drbg);
148
149 /* load default certificates */
150 if (crtpath != NULL && stat(crtpath, &statbuf) == 0 && S_ISREG(statbuf.st_mode))
151 loaded = (git_mbedtls__set_cert_location(crtpath, NULL) == 0);
152 if (!loaded && crtpath != NULL && stat(crtpath, &statbuf) == 0 && S_ISDIR(statbuf.st_mode))
153 loaded = (git_mbedtls__set_cert_location(NULL, crtpath) == 0);
154
155 return git_runtime_shutdown_register(shutdown_ssl);
156
157 cleanup:
158 mbedtls_ctr_drbg_free(ctr_drbg);
159 git__free(ctr_drbg);
160 mbedtls_ssl_config_free(git__ssl_conf);
161 git__free(git__ssl_conf);
162 git__ssl_conf = NULL;
163
164 return -1;
165 }
166
167 static int bio_read(void *b, unsigned char *buf, size_t len)
168 {
169 git_stream *io = (git_stream *) b;
170 return (int) git_stream_read(io, buf, min(len, INT_MAX));
171 }
172
173 static int bio_write(void *b, const unsigned char *buf, size_t len)
174 {
175 git_stream *io = (git_stream *) b;
176 return (int) git_stream_write(io, (const char *)buf, min(len, INT_MAX), 0);
177 }
178
179 static int ssl_set_error(mbedtls_ssl_context *ssl, int error)
180 {
181 char errbuf[512];
182 int ret = -1;
183
184 GIT_ASSERT(error != MBEDTLS_ERR_SSL_WANT_READ);
185 GIT_ASSERT(error != MBEDTLS_ERR_SSL_WANT_WRITE);
186
187 if (error != 0)
188 mbedtls_strerror( error, errbuf, 512 );
189
190 switch(error) {
191 case 0:
192 git_error_set(GIT_ERROR_SSL, "SSL error: unknown error");
193 break;
194
195 case MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:
196 git_error_set(GIT_ERROR_SSL, "SSL error: %#04x [%x] - %s", error, ssl->session_negotiate->verify_result, errbuf);
197 ret = GIT_ECERTIFICATE;
198 break;
199
200 default:
201 git_error_set(GIT_ERROR_SSL, "SSL error: %#04x - %s", error, errbuf);
202 }
203
204 return ret;
205 }
206
207 static int ssl_teardown(mbedtls_ssl_context *ssl)
208 {
209 int ret = 0;
210
211 ret = mbedtls_ssl_close_notify(ssl);
212 if (ret < 0)
213 ret = ssl_set_error(ssl, ret);
214
215 mbedtls_ssl_free(ssl);
216 return ret;
217 }
218
219 static int verify_server_cert(mbedtls_ssl_context *ssl)
220 {
221 int ret = -1;
222
223 if ((ret = mbedtls_ssl_get_verify_result(ssl)) != 0) {
224 char vrfy_buf[512];
225 int len = mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), "", ret);
226 if (len >= 1) vrfy_buf[len - 1] = '\0'; /* Remove trailing \n */
227 git_error_set(GIT_ERROR_SSL, "the SSL certificate is invalid: %#04x - %s", ret, vrfy_buf);
228 return GIT_ECERTIFICATE;
229 }
230
231 return 0;
232 }
233
234 typedef struct {
235 git_stream parent;
236 git_stream *io;
237 int owned;
238 bool connected;
239 char *host;
240 mbedtls_ssl_context *ssl;
241 git_cert_x509 cert_info;
242 } mbedtls_stream;
243
244
245 static int mbedtls_connect(git_stream *stream)
246 {
247 int ret;
248 mbedtls_stream *st = (mbedtls_stream *) stream;
249
250 if (st->owned && (ret = git_stream_connect(st->io)) < 0)
251 return ret;
252
253 st->connected = true;
254
255 mbedtls_ssl_set_hostname(st->ssl, st->host);
256
257 mbedtls_ssl_set_bio(st->ssl, st->io, bio_write, bio_read, NULL);
258
259 if ((ret = mbedtls_ssl_handshake(st->ssl)) != 0)
260 return ssl_set_error(st->ssl, ret);
261
262 return verify_server_cert(st->ssl);
263 }
264
265 static int mbedtls_certificate(git_cert **out, git_stream *stream)
266 {
267 unsigned char *encoded_cert;
268 mbedtls_stream *st = (mbedtls_stream *) stream;
269
270 const mbedtls_x509_crt *cert = mbedtls_ssl_get_peer_cert(st->ssl);
271 if (!cert) {
272 git_error_set(GIT_ERROR_SSL, "the server did not provide a certificate");
273 return -1;
274 }
275
276 /* Retrieve the length of the certificate first */
277 if (cert->raw.len == 0) {
278 git_error_set(GIT_ERROR_NET, "failed to retrieve certificate information");
279 return -1;
280 }
281
282 encoded_cert = git__malloc(cert->raw.len);
283 GIT_ERROR_CHECK_ALLOC(encoded_cert);
284 memcpy(encoded_cert, cert->raw.p, cert->raw.len);
285
286 st->cert_info.parent.cert_type = GIT_CERT_X509;
287 st->cert_info.data = encoded_cert;
288 st->cert_info.len = cert->raw.len;
289
290 *out = &st->cert_info.parent;
291
292 return 0;
293 }
294
295 static int mbedtls_set_proxy(git_stream *stream, const git_proxy_options *proxy_options)
296 {
297 mbedtls_stream *st = (mbedtls_stream *) stream;
298
299 return git_stream_set_proxy(st->io, proxy_options);
300 }
301
302 static ssize_t mbedtls_stream_write(git_stream *stream, const char *data, size_t len, int flags)
303 {
304 mbedtls_stream *st = (mbedtls_stream *) stream;
305 int written;
306
307 GIT_UNUSED(flags);
308
309 /*
310 * `mbedtls_ssl_write` can only represent INT_MAX bytes
311 * written via its return value. We thus need to clamp
312 * the maximum number of bytes written.
313 */
314 len = min(len, INT_MAX);
315
316 if ((written = mbedtls_ssl_write(st->ssl, (const unsigned char *)data, len)) <= 0)
317 return ssl_set_error(st->ssl, written);
318
319 return written;
320 }
321
322 static ssize_t mbedtls_stream_read(git_stream *stream, void *data, size_t len)
323 {
324 mbedtls_stream *st = (mbedtls_stream *) stream;
325 int ret;
326
327 if ((ret = mbedtls_ssl_read(st->ssl, (unsigned char *)data, len)) <= 0)
328 ssl_set_error(st->ssl, ret);
329
330 return ret;
331 }
332
333 static int mbedtls_stream_close(git_stream *stream)
334 {
335 mbedtls_stream *st = (mbedtls_stream *) stream;
336 int ret = 0;
337
338 if (st->connected && (ret = ssl_teardown(st->ssl)) != 0)
339 return -1;
340
341 st->connected = false;
342
343 return st->owned ? git_stream_close(st->io) : 0;
344 }
345
346 static void mbedtls_stream_free(git_stream *stream)
347 {
348 mbedtls_stream *st = (mbedtls_stream *) stream;
349
350 if (st->owned)
351 git_stream_free(st->io);
352
353 git__free(st->host);
354 git__free(st->cert_info.data);
355 mbedtls_ssl_free(st->ssl);
356 git__free(st->ssl);
357 git__free(st);
358 }
359
360 static int mbedtls_stream_wrap(
361 git_stream **out,
362 git_stream *in,
363 const char *host,
364 int owned)
365 {
366 mbedtls_stream *st;
367 int error;
368
369 st = git__calloc(1, sizeof(mbedtls_stream));
370 GIT_ERROR_CHECK_ALLOC(st);
371
372 st->io = in;
373 st->owned = owned;
374
375 st->ssl = git__malloc(sizeof(mbedtls_ssl_context));
376 GIT_ERROR_CHECK_ALLOC(st->ssl);
377 mbedtls_ssl_init(st->ssl);
378 if (mbedtls_ssl_setup(st->ssl, git__ssl_conf)) {
379 git_error_set(GIT_ERROR_SSL, "failed to create ssl object");
380 error = -1;
381 goto out_err;
382 }
383
384 st->host = git__strdup(host);
385 GIT_ERROR_CHECK_ALLOC(st->host);
386
387 st->parent.version = GIT_STREAM_VERSION;
388 st->parent.encrypted = 1;
389 st->parent.proxy_support = git_stream_supports_proxy(st->io);
390 st->parent.connect = mbedtls_connect;
391 st->parent.certificate = mbedtls_certificate;
392 st->parent.set_proxy = mbedtls_set_proxy;
393 st->parent.read = mbedtls_stream_read;
394 st->parent.write = mbedtls_stream_write;
395 st->parent.close = mbedtls_stream_close;
396 st->parent.free = mbedtls_stream_free;
397
398 *out = (git_stream *) st;
399 return 0;
400
401 out_err:
402 mbedtls_ssl_free(st->ssl);
403 git_stream_close(st->io);
404 git_stream_free(st->io);
405 git__free(st);
406
407 return error;
408 }
409
410 int git_mbedtls_stream_wrap(
411 git_stream **out,
412 git_stream *in,
413 const char *host)
414 {
415 return mbedtls_stream_wrap(out, in, host, 0);
416 }
417
418 int git_mbedtls_stream_new(
419 git_stream **out,
420 const char *host,
421 const char *port)
422 {
423 git_stream *stream;
424 int error;
425
426 GIT_ASSERT_ARG(out);
427 GIT_ASSERT_ARG(host);
428 GIT_ASSERT_ARG(port);
429
430 if ((error = git_socket_stream_new(&stream, host, port)) < 0)
431 return error;
432
433 if ((error = mbedtls_stream_wrap(out, stream, host, 1)) < 0) {
434 git_stream_close(stream);
435 git_stream_free(stream);
436 }
437
438 return error;
439 }
440
441 int git_mbedtls__set_cert_location(const char *file, const char *path)
442 {
443 int ret = 0;
444 char errbuf[512];
445 mbedtls_x509_crt *cacert;
446
447 GIT_ASSERT_ARG(file || path);
448
449 cacert = git__malloc(sizeof(mbedtls_x509_crt));
450 GIT_ERROR_CHECK_ALLOC(cacert);
451
452 mbedtls_x509_crt_init(cacert);
453 if (file)
454 ret = mbedtls_x509_crt_parse_file(cacert, file);
455 if (ret >= 0 && path)
456 ret = mbedtls_x509_crt_parse_path(cacert, path);
457 /* mbedtls_x509_crt_parse_path returns the number of invalid certs on success */
458 if (ret < 0) {
459 mbedtls_x509_crt_free(cacert);
460 git__free(cacert);
461 mbedtls_strerror( ret, errbuf, 512 );
462 git_error_set(GIT_ERROR_SSL, "failed to load CA certificates: %#04x - %s", ret, errbuf);
463 return -1;
464 }
465
466 mbedtls_x509_crt_free(git__ssl_conf->ca_chain);
467 git__free(git__ssl_conf->ca_chain);
468 mbedtls_ssl_conf_ca_chain(git__ssl_conf, cacert, NULL);
469
470 return 0;
471 }
472
473 #else
474
475 #include "stream.h"
476
477 int git_mbedtls_stream_global_init(void)
478 {
479 return 0;
480 }
481
482 #endif
The git library used in some Proxmox tool chains