| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
| 6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
| 7 | 7 |
| 8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
| 9 | 9 |
| 10 #include <openssl/err.h> | 10 #include <openssl/err.h> |
| 11 #include <openssl/opensslv.h> | 11 #include <openssl/opensslv.h> |
| 12 #include <openssl/ssl.h> | 12 #include <openssl/ssl.h> |
| 13 | 13 |
| 14 #include "base/bind.h" | 14 #include "base/bind.h" |
| 15 #include "base/callback_helpers.h" | 15 #include "base/callback_helpers.h" |
| 16 #include "base/debug/alias.h" | 16 #include "base/debug/alias.h" |
| 17 #include "base/memory/singleton.h" | 17 #include "base/memory/singleton.h" |
| 18 #include "base/metrics/histogram.h" | 18 #include "base/metrics/histogram.h" |
| 19 #include "base/synchronization/lock.h" | 19 #include "base/synchronization/lock.h" |
| 20 #include "crypto/ec_private_key.h" | 20 #include "crypto/ec_private_key.h" |
| 21 #include "crypto/openssl_util.h" | 21 #include "crypto/openssl_util.h" |
| 22 #include "net/base/net_errors.h" | 22 #include "net/base/net_errors.h" |
| 23 #include "net/cert/cert_verifier.h" | 23 #include "net/cert/cert_verifier.h" |
| 24 #include "net/cert/single_request_cert_verifier.h" | 24 #include "net/cert/single_request_cert_verifier.h" |
| 25 #include "net/cert/x509_certificate_net_log_param.h" | 25 #include "net/cert/x509_certificate_net_log_param.h" |
| 26 #include "net/socket/openssl_util.h" |
| 26 #include "net/socket/ssl_error_params.h" | 27 #include "net/socket/ssl_error_params.h" |
| 27 #include "net/socket/ssl_session_cache_openssl.h" | 28 #include "net/socket/ssl_session_cache_openssl.h" |
| 28 #include "net/ssl/openssl_client_key_store.h" | 29 #include "net/ssl/openssl_client_key_store.h" |
| 29 #include "net/ssl/ssl_cert_request_info.h" | 30 #include "net/ssl/ssl_cert_request_info.h" |
| 30 #include "net/ssl/ssl_connection_status_flags.h" | 31 #include "net/ssl/ssl_connection_status_flags.h" |
| 31 #include "net/ssl/ssl_info.h" | 32 #include "net/ssl/ssl_info.h" |
| 32 | 33 |
| 33 namespace net { | 34 namespace net { |
| 34 | 35 |
| 35 namespace { | 36 namespace { |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 80 return SSL_CONNECTION_VERSION_TLS1; | 81 return SSL_CONNECTION_VERSION_TLS1; |
| 81 case 0x0302: | 82 case 0x0302: |
| 82 return SSL_CONNECTION_VERSION_TLS1_1; | 83 return SSL_CONNECTION_VERSION_TLS1_1; |
| 83 case 0x0303: | 84 case 0x0303: |
| 84 return SSL_CONNECTION_VERSION_TLS1_2; | 85 return SSL_CONNECTION_VERSION_TLS1_2; |
| 85 default: | 86 default: |
| 86 return SSL_CONNECTION_VERSION_UNKNOWN; | 87 return SSL_CONNECTION_VERSION_UNKNOWN; |
| 87 } | 88 } |
| 88 } | 89 } |
| 89 | 90 |
| 90 int MapOpenSSLErrorSSL() { | |
| 91 // Walk down the error stack to find the SSLerr generated reason. | |
| 92 unsigned long error_code; | |
| 93 do { | |
| 94 error_code = ERR_get_error(); | |
| 95 if (error_code == 0) | |
| 96 return ERR_SSL_PROTOCOL_ERROR; | |
| 97 } while (ERR_GET_LIB(error_code) != ERR_LIB_SSL); | |
| 98 | |
| 99 DVLOG(1) << "OpenSSL SSL error, reason: " << ERR_GET_REASON(error_code) | |
| 100 << ", name: " << ERR_error_string(error_code, NULL); | |
| 101 switch (ERR_GET_REASON(error_code)) { | |
| 102 case SSL_R_READ_TIMEOUT_EXPIRED: | |
| 103 return ERR_TIMED_OUT; | |
| 104 case SSL_R_BAD_RESPONSE_ARGUMENT: | |
| 105 return ERR_INVALID_ARGUMENT; | |
| 106 case SSL_R_UNKNOWN_CERTIFICATE_TYPE: | |
| 107 case SSL_R_UNKNOWN_CIPHER_TYPE: | |
| 108 case SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE: | |
| 109 case SSL_R_UNKNOWN_PKEY_TYPE: | |
| 110 case SSL_R_UNKNOWN_REMOTE_ERROR_TYPE: | |
| 111 case SSL_R_UNKNOWN_SSL_VERSION: | |
| 112 return ERR_NOT_IMPLEMENTED; | |
| 113 case SSL_R_UNSUPPORTED_SSL_VERSION: | |
| 114 case SSL_R_NO_CIPHER_MATCH: | |
| 115 case SSL_R_NO_SHARED_CIPHER: | |
| 116 case SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY: | |
| 117 case SSL_R_TLSV1_ALERT_PROTOCOL_VERSION: | |
| 118 case SSL_R_UNSUPPORTED_PROTOCOL: | |
| 119 return ERR_SSL_VERSION_OR_CIPHER_MISMATCH; | |
| 120 case SSL_R_SSLV3_ALERT_BAD_CERTIFICATE: | |
| 121 case SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE: | |
| 122 case SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED: | |
| 123 case SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED: | |
| 124 case SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN: | |
| 125 case SSL_R_TLSV1_ALERT_ACCESS_DENIED: | |
| 126 case SSL_R_TLSV1_ALERT_UNKNOWN_CA: | |
| 127 return ERR_BAD_SSL_CLIENT_AUTH_CERT; | |
| 128 case SSL_R_BAD_DECOMPRESSION: | |
| 129 case SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE: | |
| 130 return ERR_SSL_DECOMPRESSION_FAILURE_ALERT; | |
| 131 case SSL_R_SSLV3_ALERT_BAD_RECORD_MAC: | |
| 132 return ERR_SSL_BAD_RECORD_MAC_ALERT; | |
| 133 case SSL_R_TLSV1_ALERT_DECRYPT_ERROR: | |
| 134 return ERR_SSL_DECRYPT_ERROR_ALERT; | |
| 135 case SSL_R_TLSV1_UNRECOGNIZED_NAME: | |
| 136 return ERR_SSL_UNRECOGNIZED_NAME_ALERT; | |
| 137 case SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED: | |
| 138 return ERR_SSL_UNSAFE_NEGOTIATION; | |
| 139 case SSL_R_WRONG_NUMBER_OF_KEY_BITS: | |
| 140 return ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY; | |
| 141 // SSL_R_UNKNOWN_PROTOCOL is reported if premature application data is | |
| 142 // received (see http://crbug.com/42538), and also if all the protocol | |
| 143 // versions supported by the server were disabled in this socket instance. | |
| 144 // Mapped to ERR_SSL_PROTOCOL_ERROR for compatibility with other SSL sockets | |
| 145 // in the former scenario. | |
| 146 case SSL_R_UNKNOWN_PROTOCOL: | |
| 147 case SSL_R_SSL_HANDSHAKE_FAILURE: | |
| 148 case SSL_R_DECRYPTION_FAILED: | |
| 149 case SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC: | |
| 150 case SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG: | |
| 151 case SSL_R_DIGEST_CHECK_FAILED: | |
| 152 case SSL_R_DUPLICATE_COMPRESSION_ID: | |
| 153 case SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER: | |
| 154 case SSL_R_ENCRYPTED_LENGTH_TOO_LONG: | |
| 155 case SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST: | |
| 156 case SSL_R_EXCESSIVE_MESSAGE_SIZE: | |
| 157 case SSL_R_EXTRA_DATA_IN_MESSAGE: | |
| 158 case SSL_R_GOT_A_FIN_BEFORE_A_CCS: | |
| 159 case SSL_R_ILLEGAL_PADDING: | |
| 160 case SSL_R_INVALID_CHALLENGE_LENGTH: | |
| 161 case SSL_R_INVALID_COMMAND: | |
| 162 case SSL_R_INVALID_PURPOSE: | |
| 163 case SSL_R_INVALID_STATUS_RESPONSE: | |
| 164 case SSL_R_INVALID_TICKET_KEYS_LENGTH: | |
| 165 case SSL_R_KEY_ARG_TOO_LONG: | |
| 166 case SSL_R_READ_WRONG_PACKET_TYPE: | |
| 167 // SSL_do_handshake reports this error when the server responds to a | |
| 168 // ClientHello with a fatal close_notify alert. | |
| 169 case SSL_AD_REASON_OFFSET + SSL_AD_CLOSE_NOTIFY: | |
| 170 case SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE: | |
| 171 // TODO(joth): SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE may be returned from the | |
| 172 // server after receiving ClientHello if there's no common supported cipher. | |
| 173 // Ideally we'd map that specific case to ERR_SSL_VERSION_OR_CIPHER_MISMATCH | |
| 174 // to match the NSS implementation. See also http://goo.gl/oMtZW | |
| 175 case SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE: | |
| 176 case SSL_R_SSLV3_ALERT_NO_CERTIFICATE: | |
| 177 case SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER: | |
| 178 case SSL_R_TLSV1_ALERT_DECODE_ERROR: | |
| 179 case SSL_R_TLSV1_ALERT_DECRYPTION_FAILED: | |
| 180 case SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION: | |
| 181 case SSL_R_TLSV1_ALERT_INTERNAL_ERROR: | |
| 182 case SSL_R_TLSV1_ALERT_NO_RENEGOTIATION: | |
| 183 case SSL_R_TLSV1_ALERT_RECORD_OVERFLOW: | |
| 184 case SSL_R_TLSV1_ALERT_USER_CANCELLED: | |
| 185 return ERR_SSL_PROTOCOL_ERROR; | |
| 186 case SSL_R_CERTIFICATE_VERIFY_FAILED: | |
| 187 // The only way that the certificate verify callback can fail is if | |
| 188 // the leaf certificate changed during a renegotiation. | |
| 189 return ERR_SSL_SERVER_CERT_CHANGED; | |
| 190 default: | |
| 191 LOG(WARNING) << "Unmapped error reason: " << ERR_GET_REASON(error_code); | |
| 192 return ERR_FAILED; | |
| 193 } | |
| 194 } | |
| 195 | |
| 196 // Converts an OpenSSL error code into a net error code, walking the OpenSSL | |
| 197 // error stack if needed. Note that |tracer| is not currently used in the | |
| 198 // implementation, but is passed in anyway as this ensures the caller will clear | |
| 199 // any residual codes left on the error stack. | |
| 200 int MapOpenSSLError(int err, const crypto::OpenSSLErrStackTracer& tracer) { | |
| 201 switch (err) { | |
| 202 case SSL_ERROR_WANT_READ: | |
| 203 case SSL_ERROR_WANT_WRITE: | |
| 204 return ERR_IO_PENDING; | |
| 205 case SSL_ERROR_SYSCALL: | |
| 206 LOG(ERROR) << "OpenSSL SYSCALL error, earliest error code in " | |
| 207 "error queue: " << ERR_peek_error() << ", errno: " | |
| 208 << errno; | |
| 209 return ERR_SSL_PROTOCOL_ERROR; | |
| 210 case SSL_ERROR_SSL: | |
| 211 return MapOpenSSLErrorSSL(); | |
| 212 default: | |
| 213 // TODO(joth): Implement full mapping. | |
| 214 LOG(WARNING) << "Unknown OpenSSL error " << err; | |
| 215 return ERR_SSL_PROTOCOL_ERROR; | |
| 216 } | |
| 217 } | |
| 218 | |
| 219 // Utility to construct the appropriate set & clear masks for use the OpenSSL | |
| 220 // options and mode configuration functions. (SSL_set_options etc) | |
| 221 struct SslSetClearMask { | |
| 222 SslSetClearMask() : set_mask(0), clear_mask(0) {} | |
| 223 void ConfigureFlag(long flag, bool state) { | |
| 224 (state ? set_mask : clear_mask) |= flag; | |
| 225 // Make sure we haven't got any intersection in the set & clear options. | |
| 226 DCHECK_EQ(0, set_mask & clear_mask) << flag << ":" << state; | |
| 227 } | |
| 228 long set_mask; | |
| 229 long clear_mask; | |
| 230 }; | |
| 231 | |
| 232 // Compute a unique key string for the SSL session cache. |socket| is an | 91 // Compute a unique key string for the SSL session cache. |socket| is an |
| 233 // input socket object. Return a string. | 92 // input socket object. Return a string. |
| 234 std::string GetSocketSessionCacheKey(const SSLClientSocketOpenSSL& socket) { | 93 std::string GetSocketSessionCacheKey(const SSLClientSocketOpenSSL& socket) { |
| 235 std::string result = socket.host_and_port().ToString(); | 94 std::string result = socket.host_and_port().ToString(); |
| 236 result.append("/"); | 95 result.append("/"); |
| 237 result.append(socket.ssl_session_cache_shard()); | 96 result.append(socket.ssl_session_cache_shard()); |
| 238 return result; | 97 return result; |
| 239 } | 98 } |
| 240 | 99 |
| 241 } // namespace | 100 } // namespace |
| (...skipping 1323 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1565 DVLOG(2) << "next protocol: '" << npn_proto_ << "' status: " << npn_status_; | 1424 DVLOG(2) << "next protocol: '" << npn_proto_ << "' status: " << npn_status_; |
| 1566 return SSL_TLSEXT_ERR_OK; | 1425 return SSL_TLSEXT_ERR_OK; |
| 1567 } | 1426 } |
| 1568 | 1427 |
| 1569 scoped_refptr<X509Certificate> | 1428 scoped_refptr<X509Certificate> |
| 1570 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { | 1429 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { |
| 1571 return server_cert_; | 1430 return server_cert_; |
| 1572 } | 1431 } |
| 1573 | 1432 |
| 1574 } // namespace net | 1433 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 274783002:
Implement SSL server socket over OpenSSL. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master