2 Copyright (C) 2000 Free Software Foundation, Inc.
3 Contributed by Christian Fraenkel.
5 This file is part of GNU Wget.
7 GNU Wget is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 GNU Wget is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with Wget; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
36 #include <openssl/bio.h>
37 #include <openssl/crypto.h>
38 #include <openssl/x509.h>
39 #include <openssl/ssl.h>
40 #include <openssl/err.h>
41 #include <openssl/pem.h>
42 #include <openssl/rand.h>
56 /* It is likely that older versions of OpenSSL will fail on
57 non-Linux machines because this code is unable to seed the PRNG
58 on older versions of the library. */
60 #if SSLEAY_VERSION_NUMBER >= 0x00905100
64 /* First, seed from a file specified by the user. This will be
65 $RANDFILE, if set, or ~/.rnd. */
66 RAND_file_name (rand_file, sizeof (rand_file));
68 /* Seed at most 16k (value borrowed from curl) from random file. */
69 RAND_load_file (rand_file, 16384);
74 /* Get random data from EGD if opt.sslegdsock was set. */
75 if (opt.sslegdsock && *opt.sslegdsock)
76 RAND_egd (opt.sslegdsock);
82 /* Under Windows, we can try to seed the PRNG using screen content.
83 This may or may not work, depending on whether we'll calling Wget
91 /* Still not enough randomness, presumably because neither random
92 file nor EGD have been available. Use the stupidest possible
93 method -- seed OpenSSL's PRNG with the system's PRNG. This is
94 insecure in the cryptographic sense, but people who care about
95 security will use /dev/random or their own source of randomness
98 while (RAND_status () == 0 && maxrand-- > 0)
100 unsigned char rnd = random_number (256);
101 RAND_seed (&rnd, sizeof (rnd));
104 if (RAND_status () == 0)
106 logprintf (LOG_NOTQUIET,
107 _("Could not seed OpenSSL PRNG; disabling SSL.\n"));
108 scheme_disable (SCHEME_HTTPS);
110 #endif /* SSLEAY_VERSION_NUMBER >= 0x00905100 */
114 verify_callback (int ok, X509_STORE_CTX *ctx)
117 s = X509_NAME_oneline (X509_get_subject_name (ctx->current_cert), buf, 256);
119 switch (ctx->error) {
120 case X509_V_ERR_CERT_NOT_YET_VALID:
121 case X509_V_ERR_CERT_HAS_EXPIRED:
122 /* This mean the CERT is not valid !!! */
125 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
126 /* Unsure if we should handle that this way */
134 /* pass all ssl errors to DEBUGP
135 returns the number of printed errors */
137 ssl_printerrors (void)
140 unsigned long curerr = 0;
142 memset(errbuff, 0, sizeof(errbuff));
143 while ( 0 != (curerr = ERR_get_error ()))
145 DEBUGP (("OpenSSL: %s\n", ERR_error_string (curerr, errbuff)));
151 /* Creates a SSL Context and sets some defaults for it */
153 init_ssl (SSL_CTX **ctx)
155 SSL_METHOD *meth = NULL;
159 SSL_load_error_strings ();
160 SSLeay_add_all_algorithms ();
161 SSLeay_add_ssl_algorithms ();
162 switch (opt.sslprotocol)
165 meth = SSLv23_client_method ();
168 meth = SSLv2_client_method ();
171 meth = SSLv3_client_method ();
174 meth = TLSv1_client_method ();
180 return SSLERRCTXCREATE;
183 *ctx = SSL_CTX_new (meth);
187 return SSLERRCTXCREATE;
189 /* Can we validate the server Cert ? */
190 if (opt.sslcadir != NULL || opt.sslcafile != NULL)
192 SSL_CTX_load_verify_locations (*ctx, opt.sslcafile, opt.sslcadir);
200 if (!opt.sslcheckcert)
202 /* check cert but ignore error, do not break handshake on error */
203 verify = SSL_VERIFY_NONE;
209 logprintf (LOG_NOTQUIET, "Warrining validation of Server Cert not possible!\n");
210 verify = SSL_VERIFY_NONE;
214 /* break handshake if server cert is not valid but allow NO-Cert mode */
215 verify = SSL_VERIFY_PEER;
219 SSL_CTX_set_verify (*ctx, verify, verify_callback);
221 if (opt.sslcertfile != NULL || opt.sslcertkey != NULL)
224 if (!opt.sslcerttype)
225 ssl_cert_type = SSL_FILETYPE_PEM;
227 ssl_cert_type = SSL_FILETYPE_ASN1;
229 if (opt.sslcertkey == NULL)
230 opt.sslcertkey = opt.sslcertfile;
231 if (opt.sslcertfile == NULL)
232 opt.sslcertfile = opt.sslcertkey;
234 if (SSL_CTX_use_certificate_file (*ctx, opt.sslcertfile, ssl_cert_type) <= 0)
237 return SSLERRCERTFILE;
239 if (SSL_CTX_use_PrivateKey_file (*ctx, opt.sslcertkey , ssl_cert_type) <= 0)
242 return SSLERRCERTKEY;
246 return 0; /* Succeded */
250 shutdown_ssl (SSL* con)
254 if (0==SSL_shutdown (con))
259 /* Sets up a SSL structure and performs the handshake on fd
260 Returns 0 if everything went right
261 Returns 1 if something went wrong ----- TODO: More exit codes
264 connect_ssl (SSL **con, SSL_CTX *ctx, int fd)
266 if (NULL == (*con = SSL_new (ctx)))
271 if (!SSL_set_fd (*con, fd))
276 SSL_set_connect_state (*con);
277 switch (SSL_connect (*con))
280 return (*con)->state != SSL_ST_OK;
296 free_ssl_ctx (SSL_CTX * ctx)
301 /* SSL version of iread. Only exchanged read for SSL_read Read at
302 most LEN bytes from FD, storing them to BUF. */
305 ssl_iread (SSL *con, char *buf, int len)
308 BIO_get_fd (con->rbio, &fd);
310 if (opt.timeout && !SSL_pending (con))
311 if (select_fd (fd, opt.timeout, 0) <= 0)
315 res = SSL_read (con, buf, len);
316 while (res == -1 && errno == EINTR);
321 /* SSL version of iwrite. Only exchanged write for SSL_write Write
322 LEN bytes from BUF to FD. */
325 ssl_iwrite (SSL *con, char *buf, int len)
328 BIO_get_fd (con->rbio, &fd);
329 /* `write' may write less than LEN bytes, thus the outward loop
330 keeps trying it until all was written, or an error occurred. The
331 inner loop is reserved for the usual EINTR f*kage, and the
332 innermost loop deals with the same during select(). */
337 if (select_fd (fd, opt.timeout, 1) <= 0)
341 res = SSL_write (con, buf, len);
342 while (res == -1 && errno == EINTR);
350 #endif /* HAVE_SSL */