2 * libwebsockets - small server side websockets and web server implementation
4 * Copyright (C) 2010-2016 Andy Green <andy@warmcat.com>
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation:
9 * version 2.1 of the License.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
22 #include "private-libwebsockets.h"
24 extern int openssl_websocket_private_data_index,
25 openssl_SSL_CTX_private_data_index;
28 lws_ssl_bind_passphrase(SSL_CTX *ssl_ctx, struct lws_context_creation_info *info);
30 extern int lws_ssl_get_error(struct lws *wsi, int n);
32 #if defined(LWS_USE_POLARSSL)
34 #if defined(LWS_USE_MBEDTLS)
40 OpenSSL_client_verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
46 /* keep old behaviour accepting self-signed server certs */
48 int err = X509_STORE_CTX_get_error(x509_ctx);
50 if (err != X509_V_OK) {
51 ssl = X509_STORE_CTX_get_ex_data(x509_ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
52 wsi = SSL_get_ex_data(ssl, openssl_websocket_private_data_index);
54 if ((err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT ||
55 err == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) &&
56 wsi->use_ssl & LCCSCF_ALLOW_SELFSIGNED) {
57 lwsl_notice("accepting self-signed certificate (verify_callback)\n");
58 X509_STORE_CTX_set_error(x509_ctx, X509_V_OK);
60 } else if ((err == X509_V_ERR_CERT_NOT_YET_VALID ||
61 err == X509_V_ERR_CERT_HAS_EXPIRED) &&
62 wsi->use_ssl & LCCSCF_ALLOW_EXPIRED) {
63 if (err == X509_V_ERR_CERT_NOT_YET_VALID)
64 lwsl_notice("accepting not yet valid certificate (verify_callback)\n");
65 else if (err == X509_V_ERR_CERT_HAS_EXPIRED)
66 lwsl_notice("accepting expired certificate (verify_callback)\n");
67 X509_STORE_CTX_set_error(x509_ctx, X509_V_OK);
73 ssl = X509_STORE_CTX_get_ex_data(x509_ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
74 wsi = SSL_get_ex_data(ssl, openssl_websocket_private_data_index);
76 n = lws_get_context_protocol(wsi->context, 0).callback(wsi, LWS_CALLBACK_OPENSSL_PERFORM_SERVER_CERT_VERIFICATION, x509_ctx, ssl, preverify_ok);
78 /* keep old behaviour if something wrong with server certs */
79 /* if ssl error is overruled in callback and cert is ok,
80 * X509_STORE_CTX_set_error(x509_ctx, X509_V_OK); must be set and
81 * return value is 0 from callback */
83 int err = X509_STORE_CTX_get_error(x509_ctx);
85 if (err != X509_V_OK) { /* cert validation error was not handled in callback */
86 int depth = X509_STORE_CTX_get_error_depth(x509_ctx);
87 const char* msg = X509_verify_cert_error_string(err);
88 lwsl_err("SSL error: %s (preverify_ok=%d;err=%d;depth=%d)\n", msg, preverify_ok, err, depth);
89 return preverify_ok; // not ok
92 /* convert callback return code from 0 = OK to verify callback return value 1 = OK */
100 lws_ssl_client_bio_create(struct lws *wsi)
102 #if defined(LWS_USE_POLARSSL)
105 #if defined(LWS_USE_MBEDTLS)
107 char hostname[128], *p;
109 if (lws_hdr_copy(wsi, hostname, sizeof(hostname),
110 _WSI_TOKEN_CLIENT_HOST) <= 0) {
111 lwsl_err("%s: Unable to get hostname\n", __func__);
117 * remove any :port part on the hostname... necessary for network
118 * connection but typical certificates do not contain it
129 wsi->ssl = SSL_new(wsi->vhost->ssl_client_ctx);
131 lwsl_err("SSL_new failed: %s\n",
132 ERR_error_string(lws_ssl_get_error(wsi, 0), NULL));
133 lws_decode_ssl_error();
137 #if defined LWS_HAVE_X509_VERIFY_PARAM_set1_host
138 X509_VERIFY_PARAM *param;
141 if (!(wsi->use_ssl & LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK)) {
142 param = SSL_get0_param(wsi->ssl);
143 /* Enable automatic hostname checks */
144 X509_VERIFY_PARAM_set_hostflags(param,
145 X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
146 X509_VERIFY_PARAM_set1_host(param, hostname, 0);
152 #ifndef USE_OLD_CYASSL
153 /* OpenSSL_client_verify_callback will be called @ SSL_connect() */
154 SSL_set_verify(wsi->ssl, SSL_VERIFY_PEER, OpenSSL_client_verify_callback);
159 SSL_set_mode(wsi->ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
162 * use server name indication (SNI), if supported,
163 * when establishing connection
166 #ifdef USE_OLD_CYASSL
167 #ifdef CYASSL_SNI_HOST_NAME
168 CyaSSL_UseSNI(wsi->ssl, CYASSL_SNI_HOST_NAME, hostname, strlen(hostname));
171 #ifdef WOLFSSL_SNI_HOST_NAME
172 wolfSSL_UseSNI(wsi->ssl, WOLFSSL_SNI_HOST_NAME, hostname, strlen(hostname));
176 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
177 SSL_set_tlsext_host_name(wsi->ssl, hostname);
183 * wolfSSL/CyaSSL does certificate verification differently
185 * If we should ignore the certificate, we need to set
186 * this before SSL_new and SSL_connect is called.
187 * Otherwise the connect will simply fail with error code -155
189 #ifdef USE_OLD_CYASSL
190 if (wsi->use_ssl == 2)
191 CyaSSL_set_verify(wsi->ssl, SSL_VERIFY_NONE, NULL);
193 if (wsi->use_ssl == 2)
194 wolfSSL_set_verify(wsi->ssl, SSL_VERIFY_NONE, NULL);
196 #endif /* USE_WOLFSSL */
198 wsi->client_bio = BIO_new_socket(wsi->sock, BIO_NOCLOSE);
199 SSL_set_bio(wsi->ssl, wsi->client_bio, wsi->client_bio);
202 #ifdef USE_OLD_CYASSL
203 CyaSSL_set_using_nonblock(wsi->ssl, 1);
205 wolfSSL_set_using_nonblock(wsi->ssl, 1);
208 BIO_set_nbio(wsi->client_bio, 1); /* nonblocking */
211 SSL_set_ex_data(wsi->ssl, openssl_websocket_private_data_index,
220 lws_ssl_client_connect1(struct lws *wsi)
222 struct lws_context *context = wsi->context;
225 lws_latency_pre(context, wsi);
226 #if defined(LWS_USE_POLARSSL)
228 #if defined(LWS_USE_MBEDTLS)
230 n = SSL_connect(wsi->ssl);
234 lws_latency(context, wsi,
235 "SSL_connect LWSCM_WSCL_ISSUE_HANDSHAKE", n, n > 0);
238 n = lws_ssl_get_error(wsi, n);
240 if (n == SSL_ERROR_WANT_READ)
243 if (n == SSL_ERROR_WANT_WRITE) {
245 * wants us to retry connect due to
246 * state of the underlying ssl layer...
247 * but since it may be stalled on
248 * blocked write, no incoming data may
249 * arrive to trigger the retry.
250 * Force (possibly many times if the SSL
251 * state persists in returning the
252 * condition code, but other sockets
253 * are getting serviced inbetweentimes)
254 * us to get called back when writable.
256 lwsl_info("%s: WANT_WRITE... retrying\n", __func__);
257 lws_callback_on_writable(wsi);
259 wsi->mode = LWSCM_WSCL_WAITING_SSL;
261 return 0; /* no error */
265 struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
266 char *p = (char *)&pt->serv_buf[0];
269 lwsl_err("ssl hs1 error, X509_V_ERR = %d: %s\n",
270 n, ERR_error_string(n, sb));
271 lws_ssl_elaborate_error();
279 * retry if new data comes until we
280 * run into the connection timeout or win
282 #if defined(LWS_USE_POLARSSL)
284 #if defined(LWS_USE_MBEDTLS)
286 unsigned long error = ERR_get_error();
288 if (error != SSL_ERROR_NONE) {
289 struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
290 char *p = (char *)&pt->serv_buf[0];
292 lwsl_err("SSL connect error %lu: %s\n",
293 error, ERR_error_string(error, sb));
304 lws_ssl_client_connect2(struct lws *wsi)
306 struct lws_context *context = wsi->context;
307 #if defined(LWS_USE_POLARSSL)
309 #if defined(LWS_USE_MBEDTLS)
311 struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
312 char *p = (char *)&pt->serv_buf[0];
318 if (wsi->mode == LWSCM_WSCL_WAITING_SSL) {
319 lws_latency_pre(context, wsi);
320 #if defined(LWS_USE_POLARSSL)
322 #if defined(LWS_USE_MBEDTLS)
324 n = SSL_connect(wsi->ssl);
327 lwsl_notice("%s: SSL_connect says %d\n", __func__, n);
329 lws_latency(context, wsi,
330 "SSL_connect LWSCM_WSCL_WAITING_SSL", n, n > 0);
333 n = lws_ssl_get_error(wsi, n);
335 if (n == SSL_ERROR_WANT_READ) {
336 lwsl_info("SSL_connect WANT_READ... retrying\n");
338 wsi->mode = LWSCM_WSCL_WAITING_SSL;
340 return 0; /* no error */
343 if (n == SSL_ERROR_WANT_WRITE) {
345 * wants us to retry connect due to
346 * state of the underlying ssl layer...
347 * but since it may be stalled on
348 * blocked write, no incoming data may
349 * arrive to trigger the retry.
350 * Force (possibly many times if the SSL
351 * state persists in returning the
352 * condition code, but other sockets
353 * are getting serviced inbetweentimes)
354 * us to get called back when writable.
356 lwsl_info("SSL_connect WANT_WRITE... retrying\n");
357 lws_callback_on_writable(wsi);
359 wsi->mode = LWSCM_WSCL_WAITING_SSL;
361 return 0; /* no error */
369 * retry if new data comes until we
370 * run into the connection timeout or win
372 #if defined(LWS_USE_POLARSSL)
374 #if defined(LWS_USE_MBEDTLS)
376 unsigned long error = ERR_get_error();
377 if (error != SSL_ERROR_NONE) {
378 lwsl_err("SSL connect error %lu: %s\n",
379 error, ERR_error_string(error, sb));
387 #if defined(LWS_USE_POLARSSL)
389 #if defined(LWS_USE_MBEDTLS)
393 * See comment above about wolfSSL certificate
396 lws_latency_pre(context, wsi);
397 n = SSL_get_verify_result(wsi->ssl);
398 lws_latency(context, wsi,
399 "SSL_get_verify_result LWS_CONNMODE..HANDSHAKE", n, n > 0);
401 if (n != X509_V_OK) {
402 if ((n == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT ||
403 n == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) &&
404 (wsi->use_ssl & LCCSCF_ALLOW_SELFSIGNED)) {
405 lwsl_notice("accepting self-signed certificate\n");
406 } else if ((n == X509_V_ERR_CERT_NOT_YET_VALID ||
407 n == X509_V_ERR_CERT_HAS_EXPIRED) &&
408 (wsi->use_ssl & LCCSCF_ALLOW_EXPIRED)) {
409 lwsl_notice("accepting expired certificate\n");
410 } else if (n == X509_V_ERR_CERT_NOT_YET_VALID) {
411 lwsl_notice("Cert is from the future... "
412 "probably our clock... accepting...\n");
414 lwsl_err("server's cert didn't look good, X509_V_ERR = %d: %s\n",
415 n, ERR_error_string(n, sb));
416 lws_ssl_elaborate_error();
421 #endif /* USE_WOLFSSL */
429 int lws_context_init_client_ssl(struct lws_context_creation_info *info,
430 struct lws_vhost *vhost)
432 #if defined(LWS_USE_POLARSSL)
435 #if defined(LWS_USE_MBEDTLS)
442 if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT))
445 if (info->provided_client_ssl_ctx) {
446 /* use the provided OpenSSL context if given one */
447 vhost->ssl_client_ctx = info->provided_client_ssl_ctx;
448 /* nothing for lib to delete */
449 vhost->user_supplied_ssl_ctx = 1;
454 if (info->port != CONTEXT_PORT_NO_LISTEN)
457 /* basic openssl init already happened in context init */
459 method = (SSL_METHOD *)SSLv23_client_method();
461 error = ERR_get_error();
462 lwsl_err("problem creating ssl method %lu: %s\n",
463 error, ERR_error_string(error,
464 (char *)vhost->context->pt[0].serv_buf));
468 vhost->ssl_client_ctx = SSL_CTX_new(method);
469 if (!vhost->ssl_client_ctx) {
470 error = ERR_get_error();
471 lwsl_err("problem creating ssl context %lu: %s\n",
472 error, ERR_error_string(error,
473 (char *)vhost->context->pt[0].serv_buf));
477 #ifdef SSL_OP_NO_COMPRESSION
478 SSL_CTX_set_options(vhost->ssl_client_ctx, SSL_OP_NO_COMPRESSION);
480 SSL_CTX_set_options(vhost->ssl_client_ctx,
481 SSL_OP_CIPHER_SERVER_PREFERENCE);
482 if (info->ssl_cipher_list)
483 SSL_CTX_set_cipher_list(vhost->ssl_client_ctx,
484 info->ssl_cipher_list);
486 #ifdef LWS_SSL_CLIENT_USE_OS_CA_CERTS
487 if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS))
488 /* loads OS default CA certs */
489 SSL_CTX_set_default_verify_paths(vhost->ssl_client_ctx);
492 /* openssl init for cert verification (for client sockets) */
493 if (!info->ssl_ca_filepath) {
494 if (!SSL_CTX_load_verify_locations(
495 vhost->ssl_client_ctx, NULL,
496 LWS_OPENSSL_CLIENT_CERTS))
498 "Unable to load SSL Client certs from %s "
499 "(set by --with-client-cert-dir= "
500 "in configure) -- client ssl isn't "
501 "going to work", LWS_OPENSSL_CLIENT_CERTS);
503 if (!SSL_CTX_load_verify_locations(
504 vhost->ssl_client_ctx, info->ssl_ca_filepath,
507 "Unable to load SSL Client certs "
508 "file from %s -- client ssl isn't "
509 "going to work", info->ssl_ca_filepath);
510 lws_ssl_elaborate_error();
513 lwsl_info("loaded ssl_ca_filepath\n");
516 * callback allowing user code to load extra verification certs
517 * helping the client to verify server identity
520 /* support for client-side certificate authentication */
521 if (info->ssl_cert_filepath) {
522 lwsl_notice("%s: doing cert filepath\n", __func__);
523 n = SSL_CTX_use_certificate_chain_file(vhost->ssl_client_ctx,
524 info->ssl_cert_filepath);
526 lwsl_err("problem %d getting cert '%s'\n", n,
527 info->ssl_cert_filepath);
528 lws_ssl_elaborate_error();
531 lwsl_notice("Loaded client cert %s\n", info->ssl_cert_filepath);
534 if (info->ssl_private_key_filepath) {
535 lwsl_notice("%s: doing private key filepath\n", __func__);
536 lws_ssl_bind_passphrase(vhost->ssl_client_ctx, info);
537 /* set the private key from KeyFile */
538 if (SSL_CTX_use_PrivateKey_file(vhost->ssl_client_ctx,
539 info->ssl_private_key_filepath, SSL_FILETYPE_PEM) != 1) {
540 lwsl_err("use_PrivateKey_file '%s'\n",
541 info->ssl_private_key_filepath);
542 lws_ssl_elaborate_error();
545 lwsl_notice("Loaded client cert private key %s\n",
546 info->ssl_private_key_filepath);
548 /* verify private key */
549 if (!SSL_CTX_check_private_key(vhost->ssl_client_ctx)) {
550 lwsl_err("Private SSL key doesn't match cert\n");
556 * give him a fake wsi with context set, so he can use
557 * lws_get_context() in the callback
559 memset(&wsi, 0, sizeof(wsi));
561 wsi.context = vhost->context;
563 vhost->protocols[0].callback(&wsi,
564 LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS,
565 vhost->ssl_client_ctx, NULL, 0);