xref: /dflybsd-src/crypto/libressl/tls/tls_client.c (revision 961e30ea7dc61d1112b778ea4981eac68129fb86) 
1*de0e0e4dSAntonio Huete Jimenez /* $OpenBSD: tls_client.c,v 1.48 2021/10/21 08:38:11 tb Exp $ */
2f5b1c8a1SJohn Marino /*
3f5b1c8a1SJohn Marino  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
4f5b1c8a1SJohn Marino  *
5f5b1c8a1SJohn Marino  * Permission to use, copy, modify, and distribute this software for any
6f5b1c8a1SJohn Marino  * purpose with or without fee is hereby granted, provided that the above
7f5b1c8a1SJohn Marino  * copyright notice and this permission notice appear in all copies.
8f5b1c8a1SJohn Marino  *
9f5b1c8a1SJohn Marino  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10f5b1c8a1SJohn Marino  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11f5b1c8a1SJohn Marino  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12f5b1c8a1SJohn Marino  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13f5b1c8a1SJohn Marino  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14f5b1c8a1SJohn Marino  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15f5b1c8a1SJohn Marino  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16f5b1c8a1SJohn Marino  */
17f5b1c8a1SJohn Marino 
18f5b1c8a1SJohn Marino #include <sys/types.h>
19f5b1c8a1SJohn Marino #include <sys/socket.h>
2072c33676SMaxim Ag #include <sys/stat.h>
21f5b1c8a1SJohn Marino 
22f5b1c8a1SJohn Marino #include <arpa/inet.h>
23f5b1c8a1SJohn Marino #include <netinet/in.h>
24f5b1c8a1SJohn Marino 
2572c33676SMaxim Ag #include <limits.h>
26f5b1c8a1SJohn Marino #include <netdb.h>
27f5b1c8a1SJohn Marino #include <stdlib.h>
28f5b1c8a1SJohn Marino #include <unistd.h>
29f5b1c8a1SJohn Marino 
30f5b1c8a1SJohn Marino #include <openssl/err.h>
31f5b1c8a1SJohn Marino #include <openssl/x509.h>
32f5b1c8a1SJohn Marino 
33f5b1c8a1SJohn Marino #include <tls.h>
34f5b1c8a1SJohn Marino #include "tls_internal.h"
35f5b1c8a1SJohn Marino 
36f5b1c8a1SJohn Marino struct tls *
tls_client(void)37f5b1c8a1SJohn Marino tls_client(void)
38f5b1c8a1SJohn Marino {
39f5b1c8a1SJohn Marino 	struct tls *ctx;
40f5b1c8a1SJohn Marino 
4172c33676SMaxim Ag 	if (tls_init() == -1)
4272c33676SMaxim Ag 		return (NULL);
4372c33676SMaxim Ag 
44f5b1c8a1SJohn Marino 	if ((ctx = tls_new()) == NULL)
45f5b1c8a1SJohn Marino 		return (NULL);
46f5b1c8a1SJohn Marino 
47f5b1c8a1SJohn Marino 	ctx->flags |= TLS_CLIENT;
48f5b1c8a1SJohn Marino 
49f5b1c8a1SJohn Marino 	return (ctx);
50f5b1c8a1SJohn Marino }
51f5b1c8a1SJohn Marino 
52f5b1c8a1SJohn Marino int
tls_connect(struct tls * ctx,const char * host,const char * port)53f5b1c8a1SJohn Marino tls_connect(struct tls *ctx, const char *host, const char *port)
54f5b1c8a1SJohn Marino {
55f5b1c8a1SJohn Marino 	return tls_connect_servername(ctx, host, port, NULL);
56f5b1c8a1SJohn Marino }
57f5b1c8a1SJohn Marino 
58f5b1c8a1SJohn Marino int
tls_connect_servername(struct tls * ctx,const char * host,const char * port,const char * servername)59f5b1c8a1SJohn Marino tls_connect_servername(struct tls *ctx, const char *host, const char *port,
60f5b1c8a1SJohn Marino     const char *servername)
61f5b1c8a1SJohn Marino {
62f5b1c8a1SJohn Marino 	struct addrinfo hints, *res, *res0;
63f5b1c8a1SJohn Marino 	const char *h = NULL, *p = NULL;
64f5b1c8a1SJohn Marino 	char *hs = NULL, *ps = NULL;
65f5b1c8a1SJohn Marino 	int rv = -1, s = -1, ret;
66f5b1c8a1SJohn Marino 
67f5b1c8a1SJohn Marino 	if ((ctx->flags & TLS_CLIENT) == 0) {
68f5b1c8a1SJohn Marino 		tls_set_errorx(ctx, "not a client context");
69f5b1c8a1SJohn Marino 		goto err;
70f5b1c8a1SJohn Marino 	}
71f5b1c8a1SJohn Marino 
72f5b1c8a1SJohn Marino 	if (host == NULL) {
73f5b1c8a1SJohn Marino 		tls_set_errorx(ctx, "host not specified");
74f5b1c8a1SJohn Marino 		goto err;
75f5b1c8a1SJohn Marino 	}
76f5b1c8a1SJohn Marino 
77*de0e0e4dSAntonio Huete Jimenez 	/* If port is NULL, try to extract a port from the specified host. */
78*de0e0e4dSAntonio Huete Jimenez 	if (port == NULL) {
79f5b1c8a1SJohn Marino 		ret = tls_host_port(host, &hs, &ps);
80f5b1c8a1SJohn Marino 		if (ret == -1) {
81f5b1c8a1SJohn Marino 			tls_set_errorx(ctx, "memory allocation failure");
82f5b1c8a1SJohn Marino 			goto err;
83f5b1c8a1SJohn Marino 		}
84f5b1c8a1SJohn Marino 		if (ret != 0) {
85f5b1c8a1SJohn Marino 			tls_set_errorx(ctx, "no port provided");
86f5b1c8a1SJohn Marino 			goto err;
87f5b1c8a1SJohn Marino 		}
88f5b1c8a1SJohn Marino 	}
89f5b1c8a1SJohn Marino 
90f5b1c8a1SJohn Marino 	h = (hs != NULL) ? hs : host;
91f5b1c8a1SJohn Marino 	p = (ps != NULL) ? ps : port;
92f5b1c8a1SJohn Marino 
93f5b1c8a1SJohn Marino 	/*
94f5b1c8a1SJohn Marino 	 * First check if the host is specified as a numeric IP address,
95f5b1c8a1SJohn Marino 	 * either IPv4 or IPv6, before trying to resolve the host.
96f5b1c8a1SJohn Marino 	 * The AI_ADDRCONFIG resolver option will not return IPv4 or IPv6
97f5b1c8a1SJohn Marino 	 * records if it is not configured on an interface;  not considering
98f5b1c8a1SJohn Marino 	 * loopback addresses.  Checking the numeric addresses first makes
99f5b1c8a1SJohn Marino 	 * sure that connection attempts to numeric addresses and especially
100f5b1c8a1SJohn Marino 	 * 127.0.0.1 or ::1 loopback addresses are always possible.
101f5b1c8a1SJohn Marino 	 */
102f5b1c8a1SJohn Marino 	memset(&hints, 0, sizeof(hints));
103f5b1c8a1SJohn Marino 	hints.ai_socktype = SOCK_STREAM;
104f5b1c8a1SJohn Marino 
105f5b1c8a1SJohn Marino 	/* try as an IPv4 literal */
106f5b1c8a1SJohn Marino 	hints.ai_family = AF_INET;
107f5b1c8a1SJohn Marino 	hints.ai_flags = AI_NUMERICHOST;
108f5b1c8a1SJohn Marino 	if (getaddrinfo(h, p, &hints, &res0) != 0) {
109f5b1c8a1SJohn Marino 		/* try again as an IPv6 literal */
110f5b1c8a1SJohn Marino 		hints.ai_family = AF_INET6;
111f5b1c8a1SJohn Marino 		if (getaddrinfo(h, p, &hints, &res0) != 0) {
112f5b1c8a1SJohn Marino 			/* last try, with name resolution and save the error */
113f5b1c8a1SJohn Marino 			hints.ai_family = AF_UNSPEC;
114f5b1c8a1SJohn Marino 			hints.ai_flags = AI_ADDRCONFIG;
115f5b1c8a1SJohn Marino 			if ((s = getaddrinfo(h, p, &hints, &res0)) != 0) {
116f5b1c8a1SJohn Marino 				tls_set_error(ctx, "%s", gai_strerror(s));
117f5b1c8a1SJohn Marino 				goto err;
118f5b1c8a1SJohn Marino 			}
119f5b1c8a1SJohn Marino 		}
120f5b1c8a1SJohn Marino 	}
121f5b1c8a1SJohn Marino 
122f5b1c8a1SJohn Marino 	/* It was resolved somehow; now try connecting to what we got */
123f5b1c8a1SJohn Marino 	s = -1;
124f5b1c8a1SJohn Marino 	for (res = res0; res; res = res->ai_next) {
125f5b1c8a1SJohn Marino 		s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
126f5b1c8a1SJohn Marino 		if (s == -1) {
127f5b1c8a1SJohn Marino 			tls_set_error(ctx, "socket");
128f5b1c8a1SJohn Marino 			continue;
129f5b1c8a1SJohn Marino 		}
130f5b1c8a1SJohn Marino 		if (connect(s, res->ai_addr, res->ai_addrlen) == -1) {
131f5b1c8a1SJohn Marino 			tls_set_error(ctx, "connect");
132f5b1c8a1SJohn Marino 			close(s);
133f5b1c8a1SJohn Marino 			s = -1;
134f5b1c8a1SJohn Marino 			continue;
135f5b1c8a1SJohn Marino 		}
136f5b1c8a1SJohn Marino 
137f5b1c8a1SJohn Marino 		break;  /* Connected. */
138f5b1c8a1SJohn Marino 	}
139f5b1c8a1SJohn Marino 	freeaddrinfo(res0);
140f5b1c8a1SJohn Marino 
141f5b1c8a1SJohn Marino 	if (s == -1)
142f5b1c8a1SJohn Marino 		goto err;
143f5b1c8a1SJohn Marino 
144f5b1c8a1SJohn Marino 	if (servername == NULL)
145f5b1c8a1SJohn Marino 		servername = h;
146f5b1c8a1SJohn Marino 
147f5b1c8a1SJohn Marino 	if (tls_connect_socket(ctx, s, servername) != 0) {
148f5b1c8a1SJohn Marino 		close(s);
149f5b1c8a1SJohn Marino 		goto err;
150f5b1c8a1SJohn Marino 	}
151f5b1c8a1SJohn Marino 
152f5b1c8a1SJohn Marino 	ctx->socket = s;
153f5b1c8a1SJohn Marino 
154f5b1c8a1SJohn Marino 	rv = 0;
155f5b1c8a1SJohn Marino 
156f5b1c8a1SJohn Marino  err:
157f5b1c8a1SJohn Marino 	free(hs);
158f5b1c8a1SJohn Marino 	free(ps);
159f5b1c8a1SJohn Marino 
160f5b1c8a1SJohn Marino 	return (rv);
161f5b1c8a1SJohn Marino }
162f5b1c8a1SJohn Marino 
16372c33676SMaxim Ag static int
tls_client_read_session(struct tls * ctx)16472c33676SMaxim Ag tls_client_read_session(struct tls *ctx)
165f5b1c8a1SJohn Marino {
16672c33676SMaxim Ag 	int sfd = ctx->config->session_fd;
16772c33676SMaxim Ag 	uint8_t *session = NULL;
16872c33676SMaxim Ag 	size_t session_len = 0;
16972c33676SMaxim Ag 	SSL_SESSION *ss = NULL;
17072c33676SMaxim Ag 	BIO *bio = NULL;
17172c33676SMaxim Ag 	struct stat sb;
17272c33676SMaxim Ag 	ssize_t n;
17372c33676SMaxim Ag 	int rv = -1;
17472c33676SMaxim Ag 
17572c33676SMaxim Ag 	if (fstat(sfd, &sb) == -1) {
17672c33676SMaxim Ag 		tls_set_error(ctx, "failed to stat session file");
17772c33676SMaxim Ag 		goto err;
17872c33676SMaxim Ag 	}
17972c33676SMaxim Ag 	if (sb.st_size < 0 || sb.st_size > INT_MAX) {
18072c33676SMaxim Ag 		tls_set_errorx(ctx, "invalid session file size");
18172c33676SMaxim Ag 		goto err;
18272c33676SMaxim Ag 	}
18372c33676SMaxim Ag 	session_len = (size_t)sb.st_size;
18472c33676SMaxim Ag 
18572c33676SMaxim Ag 	/* A zero size file means that we do not yet have a valid session. */
18672c33676SMaxim Ag 	if (session_len == 0)
18772c33676SMaxim Ag 		goto done;
18872c33676SMaxim Ag 
18972c33676SMaxim Ag 	if ((session = malloc(session_len)) == NULL)
19072c33676SMaxim Ag 		goto err;
19172c33676SMaxim Ag 
19272c33676SMaxim Ag 	n = pread(sfd, session, session_len, 0);
19372c33676SMaxim Ag 	if (n < 0 || (size_t)n != session_len) {
19472c33676SMaxim Ag 		tls_set_error(ctx, "failed to read session file");
19572c33676SMaxim Ag 		goto err;
19672c33676SMaxim Ag 	}
19772c33676SMaxim Ag 	if ((bio = BIO_new_mem_buf(session, session_len)) == NULL)
19872c33676SMaxim Ag 		goto err;
19972c33676SMaxim Ag 	if ((ss = PEM_read_bio_SSL_SESSION(bio, NULL, tls_password_cb,
20072c33676SMaxim Ag 	    NULL)) == NULL) {
20172c33676SMaxim Ag 		tls_set_errorx(ctx, "failed to parse session");
20272c33676SMaxim Ag 		goto err;
203f5b1c8a1SJohn Marino 	}
204f5b1c8a1SJohn Marino 
20572c33676SMaxim Ag 	if (SSL_set_session(ctx->ssl_conn, ss) != 1) {
20672c33676SMaxim Ag 		tls_set_errorx(ctx, "failed to set session");
20772c33676SMaxim Ag 		goto err;
20872c33676SMaxim Ag 	}
20972c33676SMaxim Ag 
21072c33676SMaxim Ag  done:
21172c33676SMaxim Ag 	rv = 0;
21272c33676SMaxim Ag 
21372c33676SMaxim Ag  err:
21472c33676SMaxim Ag 	freezero(session, session_len);
21572c33676SMaxim Ag 	SSL_SESSION_free(ss);
21672c33676SMaxim Ag 	BIO_free(bio);
21772c33676SMaxim Ag 
21872c33676SMaxim Ag 	return rv;
21972c33676SMaxim Ag }
22072c33676SMaxim Ag 
22172c33676SMaxim Ag static int
tls_client_write_session(struct tls * ctx)22272c33676SMaxim Ag tls_client_write_session(struct tls *ctx)
22372c33676SMaxim Ag {
22472c33676SMaxim Ag 	int sfd = ctx->config->session_fd;
22572c33676SMaxim Ag 	SSL_SESSION *ss = NULL;
22672c33676SMaxim Ag 	BIO *bio = NULL;
22772c33676SMaxim Ag 	long data_len;
22872c33676SMaxim Ag 	char *data;
22972c33676SMaxim Ag 	off_t offset;
23072c33676SMaxim Ag 	size_t len;
23172c33676SMaxim Ag 	ssize_t n;
23272c33676SMaxim Ag 	int rv = -1;
23372c33676SMaxim Ag 
23472c33676SMaxim Ag 	if ((ss = SSL_get1_session(ctx->ssl_conn)) == NULL) {
23572c33676SMaxim Ag 		if (ftruncate(sfd, 0) == -1) {
23672c33676SMaxim Ag 			tls_set_error(ctx, "failed to truncate session file");
23772c33676SMaxim Ag 			goto err;
23872c33676SMaxim Ag 		}
23972c33676SMaxim Ag 		goto done;
24072c33676SMaxim Ag 	}
24172c33676SMaxim Ag 
24272c33676SMaxim Ag 	if ((bio = BIO_new(BIO_s_mem())) == NULL)
24372c33676SMaxim Ag 		goto err;
24472c33676SMaxim Ag 	if (PEM_write_bio_SSL_SESSION(bio, ss) == 0)
24572c33676SMaxim Ag 		goto err;
24672c33676SMaxim Ag 	if ((data_len = BIO_get_mem_data(bio, &data)) <= 0)
24772c33676SMaxim Ag 		goto err;
24872c33676SMaxim Ag 
24972c33676SMaxim Ag 	len = (size_t)data_len;
25072c33676SMaxim Ag 	offset = 0;
25172c33676SMaxim Ag 
25272c33676SMaxim Ag 	if (ftruncate(sfd, len) == -1) {
25372c33676SMaxim Ag 		tls_set_error(ctx, "failed to truncate session file");
25472c33676SMaxim Ag 		goto err;
25572c33676SMaxim Ag 	}
25672c33676SMaxim Ag 	while (len > 0) {
25772c33676SMaxim Ag 		if ((n = pwrite(sfd, data + offset, len, offset)) == -1) {
25872c33676SMaxim Ag 			tls_set_error(ctx, "failed to write session file");
25972c33676SMaxim Ag 			goto err;
26072c33676SMaxim Ag 		}
26172c33676SMaxim Ag 		offset += n;
26272c33676SMaxim Ag 		len -= n;
26372c33676SMaxim Ag 	}
26472c33676SMaxim Ag 
26572c33676SMaxim Ag  done:
26672c33676SMaxim Ag 	rv = 0;
26772c33676SMaxim Ag 
26872c33676SMaxim Ag  err:
26972c33676SMaxim Ag 	SSL_SESSION_free(ss);
27072c33676SMaxim Ag 	BIO_free_all(bio);
27172c33676SMaxim Ag 
27272c33676SMaxim Ag 	return (rv);
27372c33676SMaxim Ag }
27472c33676SMaxim Ag 
27572c33676SMaxim Ag static int
tls_connect_common(struct tls * ctx,const char * servername)27672c33676SMaxim Ag tls_connect_common(struct tls *ctx, const char *servername)
277f5b1c8a1SJohn Marino {
278f5b1c8a1SJohn Marino 	union tls_addr addrbuf;
279*de0e0e4dSAntonio Huete Jimenez 	size_t servername_len;
280f5b1c8a1SJohn Marino 	int rv = -1;
281f5b1c8a1SJohn Marino 
282f5b1c8a1SJohn Marino 	if ((ctx->flags & TLS_CLIENT) == 0) {
283f5b1c8a1SJohn Marino 		tls_set_errorx(ctx, "not a client context");
284f5b1c8a1SJohn Marino 		goto err;
285f5b1c8a1SJohn Marino 	}
286f5b1c8a1SJohn Marino 
287f5b1c8a1SJohn Marino 	if (servername != NULL) {
288f5b1c8a1SJohn Marino 		if ((ctx->servername = strdup(servername)) == NULL) {
289f5b1c8a1SJohn Marino 			tls_set_errorx(ctx, "out of memory");
290f5b1c8a1SJohn Marino 			goto err;
291f5b1c8a1SJohn Marino 		}
292*de0e0e4dSAntonio Huete Jimenez 
293*de0e0e4dSAntonio Huete Jimenez 		/*
294*de0e0e4dSAntonio Huete Jimenez 		 * If there's a trailing dot, remove it. While an FQDN includes
295*de0e0e4dSAntonio Huete Jimenez 		 * the terminating dot representing the zero-length label of
296*de0e0e4dSAntonio Huete Jimenez 		 * the root (RFC 8499, section 2), the SNI explicitly does not
297*de0e0e4dSAntonio Huete Jimenez 		 * include it (RFC 6066, section 3).
298*de0e0e4dSAntonio Huete Jimenez 		 */
299*de0e0e4dSAntonio Huete Jimenez 		servername_len = strlen(ctx->servername);
300*de0e0e4dSAntonio Huete Jimenez 		if (servername_len > 0 &&
301*de0e0e4dSAntonio Huete Jimenez 		    ctx->servername[servername_len - 1] == '.')
302*de0e0e4dSAntonio Huete Jimenez 			ctx->servername[servername_len - 1] = '\0';
303f5b1c8a1SJohn Marino 	}
304f5b1c8a1SJohn Marino 
305f5b1c8a1SJohn Marino 	if ((ctx->ssl_ctx = SSL_CTX_new(SSLv23_client_method())) == NULL) {
306f5b1c8a1SJohn Marino 		tls_set_errorx(ctx, "ssl context failure");
307f5b1c8a1SJohn Marino 		goto err;
308f5b1c8a1SJohn Marino 	}
309f5b1c8a1SJohn Marino 
31072c33676SMaxim Ag 	if (tls_configure_ssl(ctx, ctx->ssl_ctx) != 0)
311f5b1c8a1SJohn Marino 		goto err;
31272c33676SMaxim Ag 
31372c33676SMaxim Ag 	if (tls_configure_ssl_keypair(ctx, ctx->ssl_ctx,
31472c33676SMaxim Ag 	    ctx->config->keypair, 0) != 0)
315f5b1c8a1SJohn Marino 		goto err;
316f5b1c8a1SJohn Marino 
317f5b1c8a1SJohn Marino 	if (ctx->config->verify_name) {
318*de0e0e4dSAntonio Huete Jimenez 		if (ctx->servername == NULL) {
319f5b1c8a1SJohn Marino 			tls_set_errorx(ctx, "server name not specified");
320f5b1c8a1SJohn Marino 			goto err;
321f5b1c8a1SJohn Marino 		}
322f5b1c8a1SJohn Marino 	}
323f5b1c8a1SJohn Marino 
32472c33676SMaxim Ag 	if (tls_configure_ssl_verify(ctx, ctx->ssl_ctx, SSL_VERIFY_PEER) == -1)
325f5b1c8a1SJohn Marino 		goto err;
326f5b1c8a1SJohn Marino 
32772c33676SMaxim Ag 	if (ctx->config->ecdhecurves != NULL) {
32872c33676SMaxim Ag 		if (SSL_CTX_set1_groups(ctx->ssl_ctx, ctx->config->ecdhecurves,
32972c33676SMaxim Ag 		    ctx->config->ecdhecurves_len) != 1) {
33072c33676SMaxim Ag 			tls_set_errorx(ctx, "failed to set ecdhe curves");
33172c33676SMaxim Ag 			goto err;
33272c33676SMaxim Ag 		}
33372c33676SMaxim Ag 	}
33472c33676SMaxim Ag 
33572c33676SMaxim Ag 	if (SSL_CTX_set_tlsext_status_cb(ctx->ssl_ctx, tls_ocsp_verify_cb) != 1) {
33672c33676SMaxim Ag 		tls_set_errorx(ctx, "ssl OCSP verification setup failure");
33772c33676SMaxim Ag 		goto err;
33872c33676SMaxim Ag 	}
33972c33676SMaxim Ag 
340f5b1c8a1SJohn Marino 	if ((ctx->ssl_conn = SSL_new(ctx->ssl_ctx)) == NULL) {
341f5b1c8a1SJohn Marino 		tls_set_errorx(ctx, "ssl connection failure");
342f5b1c8a1SJohn Marino 		goto err;
343f5b1c8a1SJohn Marino 	}
34472c33676SMaxim Ag 
345f5b1c8a1SJohn Marino 	if (SSL_set_app_data(ctx->ssl_conn, ctx) != 1) {
346f5b1c8a1SJohn Marino 		tls_set_errorx(ctx, "ssl application data failure");
347f5b1c8a1SJohn Marino 		goto err;
348f5b1c8a1SJohn Marino 	}
34972c33676SMaxim Ag 
35072c33676SMaxim Ag 	if (ctx->config->session_fd != -1) {
35172c33676SMaxim Ag 		SSL_clear_options(ctx->ssl_conn, SSL_OP_NO_TICKET);
35272c33676SMaxim Ag 		if (tls_client_read_session(ctx) == -1)
35372c33676SMaxim Ag 			goto err;
35472c33676SMaxim Ag 	}
35572c33676SMaxim Ag 
35672c33676SMaxim Ag 	if (SSL_set_tlsext_status_type(ctx->ssl_conn, TLSEXT_STATUSTYPE_ocsp) != 1) {
35772c33676SMaxim Ag 		tls_set_errorx(ctx, "ssl OCSP extension setup failure");
358f5b1c8a1SJohn Marino 		goto err;
359f5b1c8a1SJohn Marino 	}
360f5b1c8a1SJohn Marino 
361f5b1c8a1SJohn Marino 	/*
362*de0e0e4dSAntonio Huete Jimenez 	 * RFC 6066 (SNI): Literal IPv4 and IPv6 addresses are not
363f5b1c8a1SJohn Marino 	 * permitted in "HostName".
364f5b1c8a1SJohn Marino 	 */
365*de0e0e4dSAntonio Huete Jimenez 	if (ctx->servername != NULL &&
366*de0e0e4dSAntonio Huete Jimenez 	    inet_pton(AF_INET, ctx->servername, &addrbuf) != 1 &&
367*de0e0e4dSAntonio Huete Jimenez 	    inet_pton(AF_INET6, ctx->servername, &addrbuf) != 1) {
368*de0e0e4dSAntonio Huete Jimenez 		if (SSL_set_tlsext_host_name(ctx->ssl_conn,
369*de0e0e4dSAntonio Huete Jimenez 		    ctx->servername) == 0) {
370f5b1c8a1SJohn Marino 			tls_set_errorx(ctx, "server name indication failure");
371f5b1c8a1SJohn Marino 			goto err;
372f5b1c8a1SJohn Marino 		}
373f5b1c8a1SJohn Marino 	}
374f5b1c8a1SJohn Marino 
37572c33676SMaxim Ag 	ctx->state |= TLS_CONNECTED;
37672c33676SMaxim Ag 	rv = 0;
37772c33676SMaxim Ag 
37872c33676SMaxim Ag  err:
37972c33676SMaxim Ag 	return (rv);
38072c33676SMaxim Ag }
38172c33676SMaxim Ag 
38272c33676SMaxim Ag int
tls_connect_socket(struct tls * ctx,int s,const char * servername)38372c33676SMaxim Ag tls_connect_socket(struct tls *ctx, int s, const char *servername)
38472c33676SMaxim Ag {
38572c33676SMaxim Ag 	return tls_connect_fds(ctx, s, s, servername);
38672c33676SMaxim Ag }
38772c33676SMaxim Ag 
38872c33676SMaxim Ag int
tls_connect_fds(struct tls * ctx,int fd_read,int fd_write,const char * servername)38972c33676SMaxim Ag tls_connect_fds(struct tls *ctx, int fd_read, int fd_write,
39072c33676SMaxim Ag     const char *servername)
39172c33676SMaxim Ag {
39272c33676SMaxim Ag 	int rv = -1;
39372c33676SMaxim Ag 
39472c33676SMaxim Ag 	if (fd_read < 0 || fd_write < 0) {
39572c33676SMaxim Ag 		tls_set_errorx(ctx, "invalid file descriptors");
39672c33676SMaxim Ag 		goto err;
39772c33676SMaxim Ag 	}
39872c33676SMaxim Ag 
39972c33676SMaxim Ag 	if (tls_connect_common(ctx, servername) != 0)
40072c33676SMaxim Ag 		goto err;
40172c33676SMaxim Ag 
40272c33676SMaxim Ag 	if (SSL_set_rfd(ctx->ssl_conn, fd_read) != 1 ||
40372c33676SMaxim Ag 	    SSL_set_wfd(ctx->ssl_conn, fd_write) != 1) {
40472c33676SMaxim Ag 		tls_set_errorx(ctx, "ssl file descriptor failure");
40572c33676SMaxim Ag 		goto err;
40672c33676SMaxim Ag 	}
40772c33676SMaxim Ag 
40872c33676SMaxim Ag 	rv = 0;
40972c33676SMaxim Ag  err:
41072c33676SMaxim Ag 	return (rv);
41172c33676SMaxim Ag }
41272c33676SMaxim Ag 
41372c33676SMaxim Ag int
tls_connect_cbs(struct tls * ctx,tls_read_cb read_cb,tls_write_cb write_cb,void * cb_arg,const char * servername)41472c33676SMaxim Ag tls_connect_cbs(struct tls *ctx, tls_read_cb read_cb,
41572c33676SMaxim Ag     tls_write_cb write_cb, void *cb_arg, const char *servername)
41672c33676SMaxim Ag {
41772c33676SMaxim Ag 	int rv = -1;
41872c33676SMaxim Ag 
41972c33676SMaxim Ag 	if (tls_connect_common(ctx, servername) != 0)
42072c33676SMaxim Ag 		goto err;
42172c33676SMaxim Ag 
42272c33676SMaxim Ag 	if (tls_set_cbs(ctx, read_cb, write_cb, cb_arg) != 0)
42372c33676SMaxim Ag 		goto err;
42472c33676SMaxim Ag 
425f5b1c8a1SJohn Marino 	rv = 0;
426f5b1c8a1SJohn Marino 
427f5b1c8a1SJohn Marino  err:
428f5b1c8a1SJohn Marino 	return (rv);
429f5b1c8a1SJohn Marino }
430f5b1c8a1SJohn Marino 
431f5b1c8a1SJohn Marino int
tls_handshake_client(struct tls * ctx)432f5b1c8a1SJohn Marino tls_handshake_client(struct tls *ctx)
433f5b1c8a1SJohn Marino {
434f5b1c8a1SJohn Marino 	X509 *cert = NULL;
43572c33676SMaxim Ag 	int match, ssl_ret;
436f5b1c8a1SJohn Marino 	int rv = -1;
437f5b1c8a1SJohn Marino 
438f5b1c8a1SJohn Marino 	if ((ctx->flags & TLS_CLIENT) == 0) {
439f5b1c8a1SJohn Marino 		tls_set_errorx(ctx, "not a client context");
440f5b1c8a1SJohn Marino 		goto err;
441f5b1c8a1SJohn Marino 	}
442f5b1c8a1SJohn Marino 
44372c33676SMaxim Ag 	if ((ctx->state & TLS_CONNECTED) == 0) {
44472c33676SMaxim Ag 		tls_set_errorx(ctx, "context not connected");
44572c33676SMaxim Ag 		goto err;
44672c33676SMaxim Ag 	}
44772c33676SMaxim Ag 
44872c33676SMaxim Ag 	ctx->state |= TLS_SSL_NEEDS_SHUTDOWN;
44972c33676SMaxim Ag 
450f5b1c8a1SJohn Marino 	ERR_clear_error();
451f5b1c8a1SJohn Marino 	if ((ssl_ret = SSL_connect(ctx->ssl_conn)) != 1) {
452f5b1c8a1SJohn Marino 		rv = tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "handshake");
453f5b1c8a1SJohn Marino 		goto err;
454f5b1c8a1SJohn Marino 	}
455f5b1c8a1SJohn Marino 
456f5b1c8a1SJohn Marino 	if (ctx->config->verify_name) {
457f5b1c8a1SJohn Marino 		cert = SSL_get_peer_certificate(ctx->ssl_conn);
458f5b1c8a1SJohn Marino 		if (cert == NULL) {
459f5b1c8a1SJohn Marino 			tls_set_errorx(ctx, "no server certificate");
460f5b1c8a1SJohn Marino 			goto err;
461f5b1c8a1SJohn Marino 		}
46272c33676SMaxim Ag 		if (tls_check_name(ctx, cert, ctx->servername, &match) == -1)
46372c33676SMaxim Ag 			goto err;
46472c33676SMaxim Ag 		if (!match) {
465f5b1c8a1SJohn Marino 			tls_set_errorx(ctx, "name `%s' not present in"
466f5b1c8a1SJohn Marino 			    " server certificate", ctx->servername);
467f5b1c8a1SJohn Marino 			goto err;
468f5b1c8a1SJohn Marino 		}
469f5b1c8a1SJohn Marino 	}
470f5b1c8a1SJohn Marino 
471f5b1c8a1SJohn Marino 	ctx->state |= TLS_HANDSHAKE_COMPLETE;
47272c33676SMaxim Ag 
47372c33676SMaxim Ag 	if (ctx->config->session_fd != -1) {
47472c33676SMaxim Ag 		if (tls_client_write_session(ctx) == -1)
47572c33676SMaxim Ag 			goto err;
47672c33676SMaxim Ag 	}
47772c33676SMaxim Ag 
478f5b1c8a1SJohn Marino 	rv = 0;
479f5b1c8a1SJohn Marino 
480f5b1c8a1SJohn Marino  err:
481f5b1c8a1SJohn Marino 	X509_free(cert);
482f5b1c8a1SJohn Marino 
483f5b1c8a1SJohn Marino 	return (rv);
484f5b1c8a1SJohn Marino }
485