2 * libwebsockets - small server side websockets and web server implementation
4 * Copyright (C) 2010-2014 Andy Green <andy@warmcat.com>
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation:
9 * version 2.1 of the License.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
22 #include "private-libwebsockets.h"
24 #include <openssl/err.h>
27 int openssl_websocket_private_data_index;
29 static int lws_context_init_ssl_pem_passwd_cb(char * buf, int size, int rwflag, void *userdata)
31 struct lws_context_creation_info * info = (struct lws_context_creation_info *)userdata;
33 strncpy(buf, info->ssl_private_key_password, size);
39 static void lws_ssl_bind_passphrase(SSL_CTX *ssl_ctx,
40 struct lws_context_creation_info *info)
42 if (!info->ssl_private_key_password)
45 * password provided, set ssl callback and user data
46 * for checking password which will be trigered during
47 * SSL_CTX_use_PrivateKey_file function
49 SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, (void *)info);
50 SSL_CTX_set_default_passwd_cb(ssl_ctx,
51 lws_context_init_ssl_pem_passwd_cb);
56 OpenSSL_verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
60 struct libwebsocket_context *context;
62 ssl = X509_STORE_CTX_get_ex_data(x509_ctx,
63 SSL_get_ex_data_X509_STORE_CTX_idx());
66 * !!! nasty openssl requires the index to come as a library-scope
69 context = SSL_get_ex_data(ssl, openssl_websocket_private_data_index);
71 n = context->protocols[0].callback(NULL, NULL,
72 LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION,
73 x509_ctx, ssl, preverify_ok);
75 /* convert return code from 0 = OK to 1 = OK */
80 lws_context_init_server_ssl(struct lws_context_creation_info *info,
81 struct libwebsocket_context *context)
87 if (info->port != CONTEXT_PORT_NO_LISTEN) {
89 context->use_ssl = info->ssl_cert_filepath != NULL;
92 lwsl_notice(" Compiled with WOLFSSL support\n");
94 lwsl_notice(" Compiled with OpenSSL support\n");
97 if (info->ssl_cipher_list)
98 lwsl_notice(" SSL ciphers: '%s'\n", info->ssl_cipher_list);
100 if (context->use_ssl)
101 lwsl_notice(" Using SSL mode\n");
103 lwsl_notice(" Using non-SSL mode\n");
106 /* basic openssl init */
110 OpenSSL_add_all_algorithms();
111 SSL_load_error_strings();
113 openssl_websocket_private_data_index =
114 SSL_get_ex_new_index(0, "libwebsockets", NULL, NULL, NULL);
117 * Firefox insists on SSLv23 not SSLv3
118 * Konq disables SSLv2 by default now, SSLv23 works
120 * SSLv23_server_method() is the openssl method for "allow all TLS
121 * versions", compared to e.g. TLSv1_2_server_method() which only allows
122 * tlsv1.2. Unwanted versions must be disabled using SSL_CTX_set_options()
125 method = (SSL_METHOD *)SSLv23_server_method();
127 error = ERR_get_error();
128 lwsl_err("problem creating ssl method %lu: %s\n",
129 error, ERR_error_string(error,
130 (char *)context->service_buffer));
133 context->ssl_ctx = SSL_CTX_new(method); /* create context */
134 if (!context->ssl_ctx) {
135 error = ERR_get_error();
136 lwsl_err("problem creating ssl context %lu: %s\n",
137 error, ERR_error_string(error,
138 (char *)context->service_buffer));
142 /* Disable SSLv2 and SSLv3 */
143 SSL_CTX_set_options(context->ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
144 #ifdef SSL_OP_NO_COMPRESSION
145 SSL_CTX_set_options(context->ssl_ctx, SSL_OP_NO_COMPRESSION);
147 SSL_CTX_set_options(context->ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
148 if (info->ssl_cipher_list)
149 SSL_CTX_set_cipher_list(context->ssl_ctx,
150 info->ssl_cipher_list);
152 /* as a server, are we requiring clients to identify themselves? */
155 LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT) {
157 /* absolutely require the client cert */
159 SSL_CTX_set_verify(context->ssl_ctx,
160 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
161 OpenSSL_verify_callback);
164 * give user code a chance to load certs into the server
165 * allowing it to verify incoming client certs
168 context->protocols[0].callback(context, NULL,
169 LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS,
170 context->ssl_ctx, NULL, 0);
173 if (info->options & LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT) {
174 /* Normally SSL listener rejects non-ssl, optionally allow */
175 context->allow_non_ssl_on_ssl_port = 1;
178 if (context->use_ssl) {
180 /* openssl init for server sockets */
182 /* set the local certificate from CertFile */
183 n = SSL_CTX_use_certificate_chain_file(context->ssl_ctx,
184 info->ssl_cert_filepath);
186 error = ERR_get_error();
187 lwsl_err("problem getting cert '%s' %lu: %s\n",
188 info->ssl_cert_filepath,
190 ERR_error_string(error,
191 (char *)context->service_buffer));
194 lws_ssl_bind_passphrase(context->ssl_ctx, info);
196 if (info->ssl_private_key_filepath != NULL) {
197 /* set the private key from KeyFile */
198 if (SSL_CTX_use_PrivateKey_file(context->ssl_ctx,
199 info->ssl_private_key_filepath,
200 SSL_FILETYPE_PEM) != 1) {
201 error = ERR_get_error();
202 lwsl_err("ssl problem getting key '%s' %lu: %s\n",
203 info->ssl_private_key_filepath,
205 ERR_error_string(error,
206 (char *)context->service_buffer));
211 if (context->protocols[0].callback(context, NULL,
212 LWS_CALLBACK_OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY,
213 context->ssl_ctx, NULL, 0)) {
214 lwsl_err("ssl private key not set\n");
219 /* verify private key */
220 if (!SSL_CTX_check_private_key(context->ssl_ctx)) {
221 lwsl_err("Private SSL key doesn't match cert\n");
226 * SSL is happy and has a cert it's content with
227 * If we're supporting HTTP2, initialize that
230 lws_context_init_http2_ssl(context);
238 lws_ssl_destroy(struct libwebsocket_context *context)
240 if (context->ssl_ctx)
241 SSL_CTX_free(context->ssl_ctx);
242 if (!context->user_supplied_ssl_ctx && context->ssl_client_ctx)
243 SSL_CTX_free(context->ssl_client_ctx);
245 #if (OPENSSL_VERSION_NUMBER < 0x01000000) || defined(USE_WOLFSSL)
248 ERR_remove_thread_state(NULL);
252 CRYPTO_cleanup_all_ex_data();
256 libwebsockets_decode_ssl_error(void)
261 while ((err = ERR_get_error()) != 0) {
262 ERR_error_string_n(err, buf, sizeof(buf));
263 lwsl_err("*** %lu %s\n", err, buf);
267 #ifndef LWS_NO_CLIENT
269 int lws_context_init_client_ssl(struct lws_context_creation_info *info,
270 struct libwebsocket_context *context)
276 if (info->provided_client_ssl_ctx) {
277 /* use the provided OpenSSL context if given one */
278 context->ssl_client_ctx = info->provided_client_ssl_ctx;
279 /* nothing for lib to delete */
280 context->user_supplied_ssl_ctx = 1;
284 if (info->port != CONTEXT_PORT_NO_LISTEN)
287 /* basic openssl init */
291 OpenSSL_add_all_algorithms();
292 SSL_load_error_strings();
294 method = (SSL_METHOD *)SSLv23_client_method();
296 error = ERR_get_error();
297 lwsl_err("problem creating ssl method %lu: %s\n",
298 error, ERR_error_string(error,
299 (char *)context->service_buffer));
303 context->ssl_client_ctx = SSL_CTX_new(method);
304 if (!context->ssl_client_ctx) {
305 error = ERR_get_error();
306 lwsl_err("problem creating ssl context %lu: %s\n",
307 error, ERR_error_string(error,
308 (char *)context->service_buffer));
312 #ifdef SSL_OP_NO_COMPRESSION
313 SSL_CTX_set_options(context->ssl_client_ctx,
314 SSL_OP_NO_COMPRESSION);
316 SSL_CTX_set_options(context->ssl_client_ctx,
317 SSL_OP_CIPHER_SERVER_PREFERENCE);
318 if (info->ssl_cipher_list)
319 SSL_CTX_set_cipher_list(context->ssl_client_ctx,
320 info->ssl_cipher_list);
322 #ifdef LWS_SSL_CLIENT_USE_OS_CA_CERTS
323 if (!(info->options & LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS))
324 /* loads OS default CA certs */
325 SSL_CTX_set_default_verify_paths(context->ssl_client_ctx);
328 /* openssl init for cert verification (for client sockets) */
329 if (!info->ssl_ca_filepath) {
330 if (!SSL_CTX_load_verify_locations(
331 context->ssl_client_ctx, NULL,
332 LWS_OPENSSL_CLIENT_CERTS))
334 "Unable to load SSL Client certs from %s "
335 "(set by --with-client-cert-dir= "
336 "in configure) -- client ssl isn't "
337 "going to work", LWS_OPENSSL_CLIENT_CERTS);
339 if (!SSL_CTX_load_verify_locations(
340 context->ssl_client_ctx, info->ssl_ca_filepath,
343 "Unable to load SSL Client certs "
344 "file from %s -- client ssl isn't "
345 "going to work", info->ssl_ca_filepath);
347 lwsl_info("loaded ssl_ca_filepath\n");
350 * callback allowing user code to load extra verification certs
351 * helping the client to verify server identity
354 /* support for client-side certificate authentication */
355 if (info->ssl_cert_filepath) {
356 n = SSL_CTX_use_certificate_chain_file(
357 context->ssl_client_ctx,
358 info->ssl_cert_filepath);
360 lwsl_err("problem getting cert '%s' %lu: %s\n",
361 info->ssl_cert_filepath,
363 ERR_error_string(ERR_get_error(),
364 (char *)context->service_buffer));
368 if (info->ssl_private_key_filepath) {
369 lws_ssl_bind_passphrase(context->ssl_client_ctx, info);
370 /* set the private key from KeyFile */
371 if (SSL_CTX_use_PrivateKey_file(context->ssl_client_ctx,
372 info->ssl_private_key_filepath, SSL_FILETYPE_PEM) != 1) {
373 lwsl_err("use_PrivateKey_file '%s' %lu: %s\n",
374 info->ssl_private_key_filepath,
376 ERR_error_string(ERR_get_error(),
377 (char *)context->service_buffer));
381 /* verify private key */
382 if (!SSL_CTX_check_private_key(
383 context->ssl_client_ctx)) {
384 lwsl_err("Private SSL key doesn't match cert\n");
389 context->protocols[0].callback(context, NULL,
390 LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS,
391 context->ssl_client_ctx, NULL, 0);
398 lws_ssl_remove_wsi_from_buffered_list(struct libwebsocket_context *context,
399 struct libwebsocket *wsi)
401 if (!wsi->pending_read_list_prev &&
402 !wsi->pending_read_list_next &&
403 context->pending_read_list != wsi)
404 /* we are not on the list */
407 /* point previous guy's next to our next */
408 if (!wsi->pending_read_list_prev)
409 context->pending_read_list = wsi->pending_read_list_next;
411 wsi->pending_read_list_prev->pending_read_list_next =
412 wsi->pending_read_list_next;
414 /* point next guy's previous to our previous */
415 if (wsi->pending_read_list_next)
416 wsi->pending_read_list_next->pending_read_list_prev =
417 wsi->pending_read_list_prev;
419 wsi->pending_read_list_prev = NULL;
420 wsi->pending_read_list_next = NULL;
424 lws_ssl_capable_read(struct libwebsocket_context *context,
425 struct libwebsocket *wsi, unsigned char *buf, int len)
430 return lws_ssl_capable_read_no_ssl(context, wsi, buf, len);
432 n = SSL_read(wsi->ssl, buf, len);
435 * if it was our buffer that limited what we read,
436 * check if SSL has additional data pending inside SSL buffers.
438 * Because these won't signal at the network layer with POLLIN
439 * and if we don't realize, this data will sit there forever
441 if (n == len && wsi->ssl && SSL_pending(wsi->ssl)) {
442 if (!wsi->pending_read_list_next && !wsi->pending_read_list_prev) {
443 /* add us to the linked list of guys with pending ssl */
444 if (context->pending_read_list)
445 context->pending_read_list->pending_read_list_prev = wsi;
446 wsi->pending_read_list_next = context->pending_read_list;
447 wsi->pending_read_list_prev = NULL;
448 context->pending_read_list = wsi;
451 lws_ssl_remove_wsi_from_buffered_list(context, wsi);
455 n = SSL_get_error(wsi->ssl, n);
456 if (n == SSL_ERROR_WANT_READ || n == SSL_ERROR_WANT_WRITE)
457 return LWS_SSL_CAPABLE_MORE_SERVICE;
459 return LWS_SSL_CAPABLE_ERROR;
463 lws_ssl_pending(struct libwebsocket *wsi)
468 return SSL_pending(wsi->ssl);
472 lws_ssl_capable_write(struct libwebsocket *wsi, unsigned char *buf, int len)
477 return lws_ssl_capable_write_no_ssl(wsi, buf, len);
479 n = SSL_write(wsi->ssl, buf, len);
483 n = SSL_get_error(wsi->ssl, n);
484 if (n == SSL_ERROR_WANT_READ || n == SSL_ERROR_WANT_WRITE) {
485 if (n == SSL_ERROR_WANT_WRITE)
486 lws_set_blocking_send(wsi);
487 return LWS_SSL_CAPABLE_MORE_SERVICE;
490 return LWS_SSL_CAPABLE_ERROR;
494 lws_ssl_close(struct libwebsocket *wsi)
499 return 0; /* not handled */
501 n = SSL_get_fd(wsi->ssl);
502 SSL_shutdown(wsi->ssl);
506 return 1; /* handled */
510 lws_server_socket_service_ssl(struct libwebsocket_context *context,
511 struct libwebsocket **pwsi, struct libwebsocket *new_wsi,
512 int accept_fd, struct libwebsocket_pollfd *pollfd)
515 struct libwebsocket *wsi = *pwsi;
520 if (!LWS_SSL_ENABLED(context))
524 case LWS_CONNMODE_SERVER_LISTENER:
527 lwsl_err("no new_wsi\n");
531 new_wsi->ssl = SSL_new(context->ssl_ctx);
532 if (new_wsi->ssl == NULL) {
533 lwsl_err("SSL_new failed: %s\n",
534 ERR_error_string(SSL_get_error(
535 new_wsi->ssl, 0), NULL));
536 libwebsockets_decode_ssl_error();
538 compatible_close(accept_fd);
542 SSL_set_ex_data(new_wsi->ssl,
543 openssl_websocket_private_data_index, context);
545 SSL_set_fd(new_wsi->ssl, accept_fd);
548 wolfSSL_set_using_nonblock(new_wsi->ssl, 1);
550 SSL_set_mode(new_wsi->ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
551 bio = SSL_get_rbio(new_wsi->ssl);
553 BIO_set_nbio(bio, 1); /* nonblocking */
555 lwsl_notice("NULL rbio\n");
556 bio = SSL_get_wbio(new_wsi->ssl);
558 BIO_set_nbio(bio, 1); /* nonblocking */
560 lwsl_notice("NULL rbio\n");
564 * we are not accepted yet, but we need to enter ourselves
565 * as a live connection. That way we can retry when more
566 * pieces come if we're not sorted yet
571 wsi->mode = LWS_CONNMODE_SSL_ACK_PENDING;
572 insert_wsi_socket_into_fds(context, wsi);
574 libwebsocket_set_timeout(wsi, PENDING_TIMEOUT_SSL_ACCEPT,
577 lwsl_info("inserted SSL accept into fds, trying SSL_accept\n");
581 case LWS_CONNMODE_SSL_ACK_PENDING:
583 if (lws_change_pollfd(wsi, LWS_POLLOUT, 0))
586 lws_libev_io(context, wsi, LWS_EV_STOP | LWS_EV_WRITE);
588 lws_latency_pre(context, wsi);
590 n = recv(wsi->sock, context->service_buffer,
591 sizeof(context->service_buffer), MSG_PEEK);
594 * optionally allow non-SSL connect on SSL listening socket
595 * This is disabled by default, if enabled it goes around any
596 * SSL-level access control (eg, client-side certs) so leave
597 * it disabled unless you know it's not a problem for you
600 if (context->allow_non_ssl_on_ssl_port && n >= 1 &&
601 context->service_buffer[0] >= ' ') {
603 * TLS content-type for Handshake is 0x16
604 * TLS content-type for ChangeCipherSpec Record is 0x14
606 * A non-ssl session will start with the HTTP method in
607 * ASCII. If we see it's not a legit SSL handshake
608 * kill the SSL for this connection and try to handle
609 * as a HTTP connection upgrade directly.
612 SSL_shutdown(wsi->ssl);
618 /* normal SSL connection processing path */
620 n = SSL_accept(wsi->ssl);
621 lws_latency(context, wsi,
622 "SSL_accept LWS_CONNMODE_SSL_ACK_PENDING\n", n, n == 1);
627 m = SSL_get_error(wsi->ssl, n);
628 lwsl_debug("SSL_accept failed %d / %s\n",
629 m, ERR_error_string(m, NULL));
631 if (m == SSL_ERROR_WANT_READ) {
632 if (lws_change_pollfd(wsi, 0, LWS_POLLIN))
635 lws_libev_io(context, wsi, LWS_EV_START | LWS_EV_READ);
637 lwsl_info("SSL_ERROR_WANT_READ\n");
640 if (m == SSL_ERROR_WANT_WRITE) {
641 if (lws_change_pollfd(wsi, 0, LWS_POLLOUT))
644 lws_libev_io(context, wsi, LWS_EV_START | LWS_EV_WRITE);
647 lwsl_debug("SSL_accept failed skt %u: %s\n",
648 pollfd->fd, ERR_error_string(m, NULL));
652 /* OK, we are accepted... give him some time to negotiate */
653 libwebsocket_set_timeout(wsi,
654 PENDING_TIMEOUT_ESTABLISH_WITH_SERVER,
657 wsi->mode = LWS_CONNMODE_HTTP_SERVING;
659 lws_http2_configure_if_upgraded(wsi);
661 lwsl_debug("accepted new SSL conn\n");
672 lws_ssl_context_destroy(struct libwebsocket_context *context)
674 if (context->ssl_ctx)
675 SSL_CTX_free(context->ssl_ctx);
676 if (!context->user_supplied_ssl_ctx && context->ssl_client_ctx)
677 SSL_CTX_free(context->ssl_client_ctx);
679 #if (OPENSSL_VERSION_NUMBER < 0x01000000) || defined(USE_WOLFSSL)
682 ERR_remove_thread_state(NULL);
686 CRYPTO_cleanup_all_ex_data();