xref: /netbsd-src/external/ibm-public/postfix/dist/src/tls/tls.h (revision c48c605c14fd8622b523d1d6a3f0c0bad133ea89)
1 /*	$NetBSD: tls.h,v 1.5 2023/12/23 20:30:45 christos Exp $	*/
2 
3 #ifndef _TLS_H_INCLUDED_
4 #define _TLS_H_INCLUDED_
5 
6 /*++
7 /* NAME
8 /*	tls 3h
9 /* SUMMARY
10 /*	libtls internal interfaces
11 /* SYNOPSIS
12 /*	#include <tls.h>
13 /* DESCRIPTION
14 /* .nf
15 
16  /*
17   * Utility library.
18   */
19 #include <name_code.h>
20 #include <argv.h>
21 
22  /*
23   * TLS enforcement levels. Non-sentinel values may also be used to indicate
24   * the actual security level of a session.
25   *
26   * XXX TLS_LEV_NOTFOUND no longer belongs in this list. The SMTP client will
27   * have to use something else to report that policy table lookup failed.
28   *
29   * The order of levels matters, but we hide most of the details in macros.
30   *
31   * "dane" vs. "fingerprint", both must lie between "encrypt" and "verify".
32   *
33   * - With "may" and higher, TLS is enabled.
34   *
35   * - With "encrypt" and higher, TLS encryption must be applied.
36   *
37   * - Strictly above "encrypt", the peer certificate must match.
38   *
39   * - At "dane" and higher, the peer certificate must also be trusted. With
40   * "dane" the trust may be self-asserted, so we only log trust verification
41   * errors when TA associations are involved.
42   */
43 #define TLS_LEV_INVALID		-2	/* sentinel */
44 #define TLS_LEV_NOTFOUND	-1	/* XXX not in policy table */
45 #define TLS_LEV_NONE		0	/* plain-text only */
46 #define TLS_LEV_MAY		1	/* wildcard */
47 #define TLS_LEV_ENCRYPT		2	/* encrypted connection */
48 #define TLS_LEV_FPRINT		3	/* "peer" CA-less verification */
49 #define TLS_LEV_HALF_DANE	4	/* DANE TLSA MX host, insecure MX RR */
50 #define TLS_LEV_DANE		5	/* Opportunistic TLSA policy */
51 #define TLS_LEV_DANE_ONLY	6	/* Required TLSA policy */
52 #define TLS_LEV_VERIFY		7	/* certificate verified */
53 #define TLS_LEV_SECURE		8	/* "secure" verification */
54 
55 #define TLS_REQUIRED(l)		((l) > TLS_LEV_MAY)
56 #define TLS_MUST_MATCH(l)	((l) > TLS_LEV_ENCRYPT)
57 #define TLS_MUST_PKIX(l)	((l) >= TLS_LEV_VERIFY)
58 #define TLS_OPPORTUNISTIC(l)	((l) == TLS_LEV_MAY || (l) == TLS_LEV_DANE)
59 #define TLS_DANE_BASED(l)	\
60 	((l) >= TLS_LEV_HALF_DANE && (l) <= TLS_LEV_DANE_ONLY)
61 #define TLS_NEVER_SECURED(l)	((l) == TLS_LEV_HALF_DANE)
62 
63 extern int tls_level_lookup(const char *);
64 extern const char *str_tls_level(int);
65 
66 #ifdef USE_TLS
67 
68  /*
69   * OpenSSL library.
70   */
71 #include <openssl/lhash.h>
72 #include <openssl/bn.h>
73 #include <openssl/err.h>
74 #include <openssl/pem.h>
75 #include <openssl/x509.h>
76 #include <openssl/x509v3.h>
77 #include <openssl/rand.h>
78 #include <openssl/crypto.h>		/* Legacy SSLEAY_VERSION_NUMBER */
79 #include <openssl/evp.h>		/* New OpenSSL 3.0 EVP_PKEY APIs */
80 #include <openssl/opensslv.h>		/* OPENSSL_VERSION_NUMBER */
81 #include <openssl/ssl.h>
82 #include <openssl/conf.h>
83 
84  /* Appease indent(1) */
85 #define x509_stack_t STACK_OF(X509)
86 #define general_name_stack_t STACK_OF(GENERAL_NAME)
87 #define ssl_cipher_stack_t STACK_OF(SSL_CIPHER)
88 #define ssl_comp_stack_t STACK_OF(SSL_COMP)
89 
90 /*-
91  * Official way to check minimum OpenSSL API version from 3.0 onward.
92  * We simply define it false for all prior versions, where we typically also
93  * need the patch level to determine API compatibility.
94  */
95 #ifndef OPENSSL_VERSION_PREREQ
96 #define OPENSSL_VERSION_PREREQ(m,n) 0
97 #endif
98 
99 #if (OPENSSL_VERSION_NUMBER < 0x1010100fUL)
100 #error "OpenSSL releases prior to 1.1.1 are no longer supported"
101 #endif
102 
103  /*-
104   * Backwards compatibility with OpenSSL < 1.1.1a.
105   *
106   * In OpenSSL 1.1.1a the client-only interface SSL_get_server_tmp_key() was
107   * updated to work on both the client and the server, and was renamed to
108   * SSL_get_peer_tmp_key(), with the original name left behind as an alias.  We
109   * use the new name when available.
110   */
111 #if OPENSSL_VERSION_NUMBER < 0x1010101fUL
112 #undef SSL_get_signature_nid
113 #define SSL_get_signature_nid(ssl, pnid) (NID_undef)
114 #define tls_get_peer_dh_pubkey SSL_get_server_tmp_key
115 #else
116 #define tls_get_peer_dh_pubkey SSL_get_peer_tmp_key
117 #endif
118 
119 #if OPENSSL_VERSION_PREREQ(3,0)
120 #define TLS_PEEK_PEER_CERT(ssl) SSL_get0_peer_certificate(ssl)
121 #define TLS_FREE_PEER_CERT(x)   ((void) 0)
122 #define tls_set_bio_callback    BIO_set_callback_ex
123 #else
124 #define TLS_PEEK_PEER_CERT(ssl) SSL_get_peer_certificate(ssl)
125 #define TLS_FREE_PEER_CERT(x)   X509_free(x)
126 #define tls_set_bio_callback    BIO_set_callback
127 #endif
128 
129  /*
130   * Utility library.
131   */
132 #include <vstream.h>
133 #include <name_mask.h>
134 #include <name_code.h>
135 
136  /*
137   * TLS library.
138   */
139 #include <dns.h>
140 
141  /*
142   * TLS role, presently for logging.
143   */
144 typedef enum {
145     TLS_ROLE_CLIENT, TLS_ROLE_SERVER,
146 } TLS_ROLE;
147 
148 typedef enum {
149     TLS_USAGE_NEW, TLS_USAGE_USED,
150 } TLS_USAGE;
151 
152  /*
153   * Names of valid tlsmgr(8) session caches.
154   */
155 #define TLS_MGR_SCACHE_SMTPD	"smtpd"
156 #define TLS_MGR_SCACHE_SMTP	"smtp"
157 #define TLS_MGR_SCACHE_LMTP	"lmtp"
158 
159  /*
160   * RFC 6698, 7671, 7672 DANE
161   */
162 #define TLS_DANE_TA	0		/* Match trust-anchor digests */
163 #define TLS_DANE_EE	1		/* Match end-entity digests */
164 
165 #define TLS_DANE_CERT	0		/* Match the certificate digest */
166 #define TLS_DANE_PKEY	1		/* Match the public key digest */
167 
168 #define TLS_DANE_FLAG_NORRS	(1<<0)	/* Nothing found in DNS */
169 #define TLS_DANE_FLAG_EMPTY	(1<<1)	/* Nothing usable found in DNS */
170 #define TLS_DANE_FLAG_ERROR	(1<<2)	/* TLSA record lookup error */
171 
172 #define tls_dane_unusable(dane)	((dane)->flags & TLS_DANE_FLAG_EMPTY)
173 #define tls_dane_notfound(dane)	((dane)->flags & TLS_DANE_FLAG_NORRS)
174 
175 #define TLS_DANE_CACHE_TTL_MIN 1	/* A lot can happen in ~2 seconds */
176 #define TLS_DANE_CACHE_TTL_MAX 100	/* Comparable to max_idle */
177 
178  /*
179   * Certificate and public key digests (typically from TLSA RRs), grouped by
180   * algorithm.
181   */
182 typedef struct TLS_TLSA {
183     uint8_t usage;			/* DANE certificate usage */
184     uint8_t selector;			/* DANE selector */
185     uint8_t mtype;			/* Algorithm for this digest list */
186     uint16_t length;			/* Length of associated data */
187     unsigned char *data;		/* Associated data */
188     struct TLS_TLSA *next;		/* Chain to next algorithm */
189 } TLS_TLSA;
190 
191 typedef struct TLS_DANE {
192     TLS_TLSA *tlsa;			/* TLSA records */
193     char   *base_domain;		/* Base domain of TLSA RRset */
194     int     flags;			/* Lookup status */
195     time_t  expires;			/* Expiration time of this record */
196     int     refs;			/* Reference count */
197 } TLS_DANE;
198 
199  /*
200   * tls_dane.c
201   */
202 extern int tls_dane_avail(void);
203 extern void tls_dane_loglevel(const char *, const char *);
204 extern void tls_dane_flush(void);
205 extern TLS_DANE *tls_dane_alloc(void);
206 extern void tls_tlsa_free(TLS_TLSA *);
207 extern void tls_dane_free(TLS_DANE *);
208 extern void tls_dane_add_fpt_digests(TLS_DANE *, const char *, const char *,
209 				             int);
210 extern TLS_DANE *tls_dane_resolve(unsigned, const char *, DNS_RR *, int);
211 extern int tls_dane_load_trustfile(TLS_DANE *, const char *);
212 
213  /*
214   * TLS session context, also used by the VSTREAM call-back routines for SMTP
215   * input/output, and by OpenSSL call-back routines for key verification.
216   *
217   * Only some members are (read-only) accessible by the public.
218   */
219 #define CCERT_BUFSIZ	256
220 
221 typedef struct {
222     /* Public, read-only. */
223     char   *peer_CN;			/* Peer Common Name */
224     char   *issuer_CN;			/* Issuer Common Name */
225     char   *peer_sni;			/* SNI sent to or by the peer */
226     char   *peer_cert_fprint;		/* ASCII certificate fingerprint */
227     char   *peer_pkey_fprint;		/* ASCII public key fingerprint */
228     int     level;			/* Effective security level */
229     int     peer_status;		/* Certificate and match status */
230     const char *protocol;
231     const char *cipher_name;
232     int     cipher_usebits;
233     int     cipher_algbits;
234     const char *kex_name;		/* shared key-exchange algorithm */
235     const char *kex_curve;		/* shared key-exchange ECDHE curve */
236     int     kex_bits;			/* shared FFDHE key exchange bits */
237     const char *clnt_sig_name;		/* client's signature key algorithm */
238     const char *clnt_sig_curve;		/* client's ECDSA curve name */
239     int     clnt_sig_bits;		/* client's RSA signature key bits */
240     const char *clnt_sig_dgst;		/* client's signature digest */
241     const char *srvr_sig_name;		/* server's signature key algorithm */
242     const char *srvr_sig_curve;		/* server's ECDSA curve name */
243     int     srvr_sig_bits;		/* server's RSA signature key bits */
244     const char *srvr_sig_dgst;		/* server's signature digest */
245     /* Private. */
246     SSL    *con;
247     char   *cache_type;			/* tlsmgr(8) cache type if enabled */
248     int     ticketed;			/* Session ticket issued */
249     char   *serverid;			/* unique server identifier */
250     char   *namaddr;			/* nam[addr] for logging */
251     int     log_mask;			/* What to log */
252     int     session_reused;		/* this session was reused */
253     int     am_server;			/* Are we an SSL server or client? */
254     const char *mdalg;			/* default message digest algorithm */
255     /* Built-in vs external SSL_accept/read/write/shutdown support. */
256     VSTREAM *stream;			/* Blocking-mode SMTP session */
257     /* DANE TLSA trust input and verification state */
258     const TLS_DANE *dane;		/* DANE TLSA digests */
259     X509   *errorcert;			/* Error certificate closest to leaf */
260     int     errordepth;			/* Chain depth of error cert */
261     int     errorcode;			/* First error at error depth */
262     int     must_fail;			/* Failed to load trust settings */
263 } TLS_SESS_STATE;
264 
265  /*
266   * Peer status bits. TLS_CERT_FLAG_MATCHED implies TLS_CERT_FLAG_TRUSTED
267   * only in the case of a hostname match.
268   */
269 #define TLS_CERT_FLAG_PRESENT		(1<<0)
270 #define TLS_CERT_FLAG_ALTNAME		(1<<1)
271 #define TLS_CERT_FLAG_TRUSTED		(1<<2)
272 #define TLS_CERT_FLAG_MATCHED		(1<<3)
273 #define TLS_CERT_FLAG_SECURED		(1<<4)
274 
275 #define TLS_CERT_IS_PRESENT(c) ((c) && ((c)->peer_status&TLS_CERT_FLAG_PRESENT))
276 #define TLS_CERT_IS_ALTNAME(c) ((c) && ((c)->peer_status&TLS_CERT_FLAG_ALTNAME))
277 #define TLS_CERT_IS_TRUSTED(c) ((c) && ((c)->peer_status&TLS_CERT_FLAG_TRUSTED))
278 #define TLS_CERT_IS_MATCHED(c) ((c) && ((c)->peer_status&TLS_CERT_FLAG_MATCHED))
279 #define TLS_CERT_IS_SECURED(c) ((c) && ((c)->peer_status&TLS_CERT_FLAG_SECURED))
280 
281  /*
282   * Opaque client context handle.
283   */
284 typedef struct TLS_APPL_STATE TLS_APPL_STATE;
285 
286 #ifdef TLS_INTERNAL
287 
288  /*
289   * Log mask details are internal to the library.
290   */
291 extern int tls_log_mask(const char *, const char *);
292 
293  /*
294   * What to log.
295   */
296 #define TLS_LOG_NONE			(1<<0)
297 #define TLS_LOG_SUMMARY			(1<<1)
298 #define TLS_LOG_UNTRUSTED		(1<<2)
299 #define TLS_LOG_PEERCERT		(1<<3)
300 #define TLS_LOG_CERTMATCH		(1<<4)
301 #define TLS_LOG_VERBOSE			(1<<5)
302 #define TLS_LOG_CACHE			(1<<6)
303 #define TLS_LOG_DEBUG			(1<<7)
304 #define TLS_LOG_TLSPKTS			(1<<8)
305 #define TLS_LOG_ALLPKTS			(1<<9)
306 #define TLS_LOG_DANE			(1<<10)
307 
308  /*
309   * Client and Server application contexts
310   */
311 struct TLS_APPL_STATE {
312     SSL_CTX *ssl_ctx;
313     SSL_CTX *sni_ctx;
314     int     log_mask;
315     char   *cache_type;
316 };
317 
318  /*
319   * tls_misc.c Application-context update and disposal.
320   */
321 extern void tls_update_app_logmask(TLS_APPL_STATE *, int);
322 extern void tls_free_app_context(TLS_APPL_STATE *);
323 
324  /*
325   * tls_misc.c
326   */
327 extern void tls_param_init(void);
328 extern int tls_library_init(void);
329 
330  /*
331   * Protocol selection.
332   */
333 #define TLS_PROTOCOL_INVALID	(~0)	/* All protocol bits masked */
334 
335 #ifdef SSL_TXT_SSLV2
336 #define TLS_PROTOCOL_SSLv2	(1<<0)	/* SSLv2 */
337 #else
338 #define SSL_TXT_SSLV2		"SSLv2"
339 #define TLS_PROTOCOL_SSLv2	0	/* Unknown */
340 #undef  SSL_OP_NO_SSLv2
341 #define SSL_OP_NO_SSLv2		0L	/* Noop */
342 #endif
343 
344 #ifdef SSL_TXT_SSLV3
345 #define TLS_PROTOCOL_SSLv3	(1<<1)	/* SSLv3 */
346 #else
347 #define SSL_TXT_SSLV3		"SSLv3"
348 #define TLS_PROTOCOL_SSLv3	0	/* Unknown */
349 #undef  SSL_OP_NO_SSLv3
350 #define SSL_OP_NO_SSLv3		0L	/* Noop */
351 #endif
352 
353 #ifdef SSL_TXT_TLSV1
354 #define TLS_PROTOCOL_TLSv1	(1<<2)	/* TLSv1 */
355 #else
356 #define SSL_TXT_TLSV1		"TLSv1"
357 #define TLS_PROTOCOL_TLSv1	0	/* Unknown */
358 #undef  SSL_OP_NO_TLSv1
359 #define SSL_OP_NO_TLSv1		0L	/* Noop */
360 #endif
361 
362 #ifdef SSL_TXT_TLSV1_1
363 #define TLS_PROTOCOL_TLSv1_1	(1<<3)	/* TLSv1_1 */
364 #else
365 #define SSL_TXT_TLSV1_1		"TLSv1.1"
366 #define TLS_PROTOCOL_TLSv1_1	0	/* Unknown */
367 #undef  SSL_OP_NO_TLSv1_1
368 #define SSL_OP_NO_TLSv1_1	0L	/* Noop */
369 #endif
370 
371 #ifdef SSL_TXT_TLSV1_2
372 #define TLS_PROTOCOL_TLSv1_2	(1<<4)	/* TLSv1_2 */
373 #else
374 #define SSL_TXT_TLSV1_2		"TLSv1.2"
375 #define TLS_PROTOCOL_TLSv1_2	0	/* Unknown */
376 #undef  SSL_OP_NO_TLSv1_2
377 #define SSL_OP_NO_TLSv1_2	0L	/* Noop */
378 #endif
379 
380  /*
381   * OpenSSL 1.1.1 does not define a TXT macro for TLS 1.3, so we roll our
382   * own.
383   */
384 #define TLS_PROTOCOL_TXT_TLSV1_3	"TLSv1.3"
385 
386 #if defined(TLS1_3_VERSION) && defined(SSL_OP_NO_TLSv1_3)
387 #define TLS_PROTOCOL_TLSv1_3	(1<<5)	/* TLSv1_3 */
388 #else
389 #define TLS_PROTOCOL_TLSv1_3	0	/* Unknown */
390 #undef  SSL_OP_NO_TLSv1_3
391 #define SSL_OP_NO_TLSv1_3	0L	/* Noop */
392 #endif
393 
394 /*
395  * Always used when defined, SMTP has no truncation attacks.
396  */
397 #ifndef SSL_OP_IGNORE_UNEXPECTED_EOF
398 #define SSL_OP_IGNORE_UNEXPECTED_EOF    0L
399 #endif
400 
401 #define TLS_KNOWN_PROTOCOLS \
402 	( TLS_PROTOCOL_SSLv2 | TLS_PROTOCOL_SSLv3 | TLS_PROTOCOL_TLSv1 \
403 	   | TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3 )
404 #define TLS_SSL_OP_PROTOMASK(m) \
405 	    ((((m) & TLS_PROTOCOL_SSLv2) ? SSL_OP_NO_SSLv2 : 0L) \
406 	     | (((m) & TLS_PROTOCOL_SSLv3) ? SSL_OP_NO_SSLv3 : 0L) \
407 	     | (((m) & TLS_PROTOCOL_TLSv1) ? SSL_OP_NO_TLSv1 : 0L) \
408 	     | (((m) & TLS_PROTOCOL_TLSv1_1) ? SSL_OP_NO_TLSv1_1 : 0L) \
409 	     | (((m) & TLS_PROTOCOL_TLSv1_2) ? SSL_OP_NO_TLSv1_2 : 0L) \
410 	     | (((m) & TLS_PROTOCOL_TLSv1_3) ? SSL_OP_NO_TLSv1_3 : 0L))
411 
412 /*
413  * SSL options that are managed via dedicated Postfix features, rather than
414  * just exposed via hex codes or named elements of tls_ssl_options.
415  */
416 #define TLS_SSL_OP_MANAGED_BITS \
417 	(SSL_OP_CIPHER_SERVER_PREFERENCE | SSL_OP_IGNORE_UNEXPECTED_EOF | \
418 	 TLS_SSL_OP_PROTOMASK(~0))
419 
420 extern int tls_proto_mask_lims(const char *, int *, int *);
421 
422  /*
423   * Cipher grade selection.
424   */
425 #define TLS_CIPHER_NONE		0
426 #define TLS_CIPHER_NULL		1
427 #define TLS_CIPHER_EXPORT	2
428 #define TLS_CIPHER_LOW		3
429 #define TLS_CIPHER_MEDIUM	4
430 #define TLS_CIPHER_HIGH		5
431 
432 extern const NAME_CODE tls_cipher_grade_table[];
433 
434 #define tls_cipher_grade(str) \
435     name_code(tls_cipher_grade_table, NAME_CODE_FLAG_NONE, (str))
436 #define str_tls_cipher_grade(gr) \
437     str_name_code(tls_cipher_grade_table, (gr))
438 
439  /*
440   * Cipher lists with exclusions.
441   */
442 extern const char *tls_set_ciphers(TLS_SESS_STATE *, const char *,
443 				           const char *);
444 
445  /*
446   * Populate TLS context with TLS 1.3-related signature parameters.
447   */
448 extern void tls_get_signature_params(TLS_SESS_STATE *);
449 
450 #endif					/* TLS_INTERNAL */
451 
452  /*
453   * tls_client.c
454   */
455 typedef struct {
456     const char *log_param;
457     const char *log_level;
458     int     verifydepth;
459     const char *cache_type;
460     const char *chain_files;
461     const char *cert_file;
462     const char *key_file;
463     const char *dcert_file;
464     const char *dkey_file;
465     const char *eccert_file;
466     const char *eckey_file;
467     const char *CAfile;
468     const char *CApath;
469     const char *mdalg;			/* default message digest algorithm */
470 } TLS_CLIENT_INIT_PROPS;
471 
472 typedef struct {
473     TLS_APPL_STATE *ctx;
474     VSTREAM *stream;
475     int     fd;				/* Event-driven file descriptor */
476     int     timeout;
477     int     tls_level;			/* Security level */
478     const char *nexthop;		/* destination domain */
479     const char *host;			/* MX hostname */
480     const char *namaddr;		/* nam[addr] for logging */
481     const char *sni;			/* optional SNI name when not DANE */
482     const char *serverid;		/* Session cache key */
483     const char *helo;			/* Server name from EHLO response */
484     const char *protocols;		/* Enabled protocols */
485     const char *cipher_grade;		/* Minimum cipher grade */
486     const char *cipher_exclusions;	/* Ciphers to exclude */
487     const ARGV *matchargv;		/* Cert match patterns */
488     const char *mdalg;			/* default message digest algorithm */
489     const TLS_DANE *dane;		/* DANE TLSA verification */
490 } TLS_CLIENT_START_PROPS;
491 
492 extern TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_PROPS *);
493 extern TLS_SESS_STATE *tls_client_start(const TLS_CLIENT_START_PROPS *);
494 extern TLS_SESS_STATE *tls_client_post_connect(TLS_SESS_STATE *,
495 				            const TLS_CLIENT_START_PROPS *);
496 
497 #define tls_client_stop(ctx, stream, timeout, failure, TLScontext) \
498 	tls_session_stop(ctx, (stream), (timeout), (failure), (TLScontext))
499 
500 #define TLS_CLIENT_INIT_ARGS(props, a1, a2, a3, a4, a5, a6, a7, a8, a9, \
501     a10, a11, a12, a13, a14) \
502     (((props)->a1), ((props)->a2), ((props)->a3), \
503     ((props)->a4), ((props)->a5), ((props)->a6), ((props)->a7), \
504     ((props)->a8), ((props)->a9), ((props)->a10), ((props)->a11), \
505     ((props)->a12), ((props)->a13), ((props)->a14), (props))
506 
507 #define TLS_CLIENT_INIT(props, a1, a2, a3, a4, a5, a6, a7, a8, a9, \
508     a10, a11, a12, a13, a14) \
509     tls_client_init(TLS_CLIENT_INIT_ARGS(props, a1, a2, a3, a4, a5, \
510     a6, a7, a8, a9, a10, a11, a12, a13, a14))
511 
512 #define TLS_CLIENT_START(props, a1, a2, a3, a4, a5, a6, a7, a8, a9, \
513     a10, a11, a12, a13, a14, a15, a16, a17) \
514     tls_client_start((((props)->a1), ((props)->a2), ((props)->a3), \
515     ((props)->a4), ((props)->a5), ((props)->a6), ((props)->a7), \
516     ((props)->a8), ((props)->a9), ((props)->a10), ((props)->a11), \
517     ((props)->a12), ((props)->a13), ((props)->a14), ((props)->a15), \
518     ((props)->a16), ((props)->a17), (props)))
519 
520  /*
521   * tls_server.c
522   */
523 typedef struct {
524     const char *log_param;
525     const char *log_level;
526     int     verifydepth;
527     const char *cache_type;
528     int     set_sessid;
529     const char *chain_files;
530     const char *cert_file;
531     const char *key_file;
532     const char *dcert_file;
533     const char *dkey_file;
534     const char *eccert_file;
535     const char *eckey_file;
536     const char *CAfile;
537     const char *CApath;
538     const char *protocols;
539     const char *eecdh_grade;
540     const char *dh1024_param_file;
541     const char *dh512_param_file;
542     int     ask_ccert;
543     const char *mdalg;			/* default message digest algorithm */
544 } TLS_SERVER_INIT_PROPS;
545 
546 typedef struct {
547     TLS_APPL_STATE *ctx;		/* TLS application context */
548     VSTREAM *stream;			/* Client stream */
549     int     fd;				/* Event-driven file descriptor */
550     int     timeout;			/* TLS handshake timeout */
551     int     requirecert;		/* Insist on client cert? */
552     const char *serverid;		/* Server instance (salt cache key) */
553     const char *namaddr;		/* Client nam[addr] for logging */
554     const char *cipher_grade;
555     const char *cipher_exclusions;
556     const char *mdalg;			/* default message digest algorithm */
557 } TLS_SERVER_START_PROPS;
558 
559 extern TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_PROPS *);
560 extern TLS_SESS_STATE *tls_server_start(const TLS_SERVER_START_PROPS *props);
561 extern TLS_SESS_STATE *tls_server_post_accept(TLS_SESS_STATE *);
562 
563 #define tls_server_stop(ctx, stream, timeout, failure, TLScontext) \
564 	tls_session_stop(ctx, (stream), (timeout), (failure), (TLScontext))
565 
566 #define TLS_SERVER_INIT(props, a1, a2, a3, a4, a5, a6, a7, a8, a9, \
567     a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20) \
568     tls_server_init((((props)->a1), ((props)->a2), ((props)->a3), \
569     ((props)->a4), ((props)->a5), ((props)->a6), ((props)->a7), \
570     ((props)->a8), ((props)->a9), ((props)->a10), ((props)->a11), \
571     ((props)->a12), ((props)->a13), ((props)->a14), ((props)->a15), \
572     ((props)->a16), ((props)->a17), ((props)->a18), ((props)->a19), \
573     ((props)->a20), (props)))
574 
575 #define TLS_SERVER_START(props, a1, a2, a3, a4, a5, a6, a7, a8, a9, a10) \
576     tls_server_start((((props)->a1), ((props)->a2), ((props)->a3), \
577     ((props)->a4), ((props)->a5), ((props)->a6), ((props)->a7), \
578     ((props)->a8), ((props)->a9), ((props)->a10), (props)))
579 
580  /*
581   * tls_session.c
582   */
583 extern void tls_session_stop(TLS_APPL_STATE *, VSTREAM *, int, int, TLS_SESS_STATE *);
584 
585  /*
586   * tls_misc.c
587   */
588 extern const char *tls_compile_version(void);
589 extern const char *tls_run_version(void);
590 extern const char **tls_pkey_algorithms(void);
591 extern void tls_log_summary(TLS_ROLE, TLS_USAGE, TLS_SESS_STATE *);
592 extern void tls_pre_jail_init(TLS_ROLE);
593 
594 #ifdef TLS_INTERNAL
595 
596 #include <vstring.h>
597 
598 extern VSTRING *tls_session_passivate(SSL_SESSION *);
599 extern SSL_SESSION *tls_session_activate(const char *, int);
600 
601  /*
602   * tls_stream.c.
603   */
604 extern void tls_stream_start(VSTREAM *, TLS_SESS_STATE *);
605 extern void tls_stream_stop(VSTREAM *);
606 
607  /*
608   * tls_bio_ops.c: a generic multi-personality driver that retries SSL
609   * operations until they are satisfied or until a hard error happens.
610   * Because of its ugly multi-personality user interface we invoke it via
611   * not-so-ugly single-personality wrappers.
612   */
613 extern int tls_bio(int, int, TLS_SESS_STATE *,
614 		           int (*) (SSL *),	/* handshake */
615 		           int (*) (SSL *, void *, int),	/* read */
616 		           int (*) (SSL *, const void *, int),	/* write */
617 		           void *, int);
618 
619 #define tls_bio_connect(fd, timeout, context) \
620         tls_bio((fd), (timeout), (context), SSL_connect, \
621 		NULL, NULL, NULL, 0)
622 #define tls_bio_accept(fd, timeout, context) \
623         tls_bio((fd), (timeout), (context), SSL_accept, \
624 		NULL, NULL, NULL, 0)
625 #define tls_bio_shutdown(fd, timeout, context) \
626 	tls_bio((fd), (timeout), (context), SSL_shutdown, \
627 		NULL, NULL, NULL, 0)
628 #define tls_bio_read(fd, buf, len, timeout, context) \
629 	tls_bio((fd), (timeout), (context), NULL, \
630 		SSL_read, NULL, (buf), (len))
631 #define tls_bio_write(fd, buf, len, timeout, context) \
632 	tls_bio((fd), (timeout), (context), NULL, \
633 		NULL, SSL_write, (buf), (len))
634 
635  /*
636   * tls_dh.c
637   */
638 extern void tls_set_dh_from_file(const char *);
639 extern void tls_tmp_dh(SSL_CTX *, int);
640 extern void tls_auto_groups(SSL_CTX *, const char *, const char *);
641 
642  /*
643   * tls_verify.c
644   */
645 extern char *tls_peer_CN(X509 *, const TLS_SESS_STATE *);
646 extern char *tls_issuer_CN(X509 *, const TLS_SESS_STATE *);
647 extern int tls_verify_certificate_callback(int, X509_STORE_CTX *);
648 extern void tls_log_verify_error(TLS_SESS_STATE *);
649 
650  /*
651   * tls_dane.c
652   */
653 extern void tls_dane_log(TLS_SESS_STATE *);
654 extern void tls_dane_digest_init(SSL_CTX *, const EVP_MD *);
655 extern int tls_dane_enable(TLS_SESS_STATE *);
656 extern TLS_TLSA *tlsa_prepend(TLS_TLSA *, uint8_t, uint8_t, uint8_t,
657 			              const unsigned char *, uint16_t);
658 
659  /*
660   * tls_fprint.c
661   */
662 extern const EVP_MD *tls_digest_byname(const char *, EVP_MD_CTX **);
663 extern char *tls_digest_encode(const unsigned char *, int);
664 extern char *tls_cert_fprint(X509 *, const char *);
665 extern char *tls_pkey_fprint(X509 *, const char *);
666 extern char *tls_serverid_digest(TLS_SESS_STATE *,
667 		              const TLS_CLIENT_START_PROPS *, const char *);
668 
669  /*
670   * tls_certkey.c
671   */
672 extern int tls_set_ca_certificate_info(SSL_CTX *, const char *, const char *);
673 extern int tls_load_pem_chain(SSL *, const char *, const char *);
674 extern int tls_set_my_certificate_key_info(SSL_CTX *, /* All */ const char *,
675 				       /* RSA */ const char *, const char *,
676 				       /* DSA */ const char *, const char *,
677 				    /* ECDSA */ const char *, const char *);
678 
679  /*
680   * tls_misc.c
681   */
682 extern int TLScontext_index;
683 
684 extern TLS_APPL_STATE *tls_alloc_app_context(SSL_CTX *, SSL_CTX *, int);
685 extern TLS_SESS_STATE *tls_alloc_sess_context(int, const char *);
686 extern void tls_free_context(TLS_SESS_STATE *);
687 extern void tls_check_version(void);
688 extern long tls_bug_bits(void);
689 extern void tls_print_errors(void);
690 extern void tls_info_callback(const SSL *, int, int);
691 
692 #if OPENSSL_VERSION_PREREQ(3,0)
693 extern long tls_bio_dump_cb(BIO *, int, const char *, size_t, int, long,
694 			            int, size_t *);
695 
696 #else
697 extern long tls_bio_dump_cb(BIO *, int, const char *, int, long, long);
698 
699 #endif
700 extern const EVP_MD *tls_validate_digest(const char *);
701 
702  /*
703   * tls_seed.c
704   */
705 extern void tls_int_seed(void);
706 extern int tls_ext_seed(int);
707 
708 #endif					/* TLS_INTERNAL */
709 
710 /* LICENSE
711 /* .ad
712 /* .fi
713 /*	The Secure Mailer license must be distributed with this software.
714 /* AUTHOR(S)
715 /*	Wietse Venema
716 /*	IBM T.J. Watson Research
717 /*	P.O. Box 704
718 /*	Yorktown Heights, NY 10598, USA
719 /*
720 /*	Wietse Venema
721 /*	Google, Inc.
722 /*	111 8th Avenue
723 /*	New York, NY 10011, USA
724 /*
725 /*	Victor Duchovni
726 /*	Morgan Stanley
727 /*--*/
728 
729 #endif					/* USE_TLS */
730 #endif					/* _TLS_H_INCLUDED_ */
731