Fix error exits in GnuTLS load_certificate() function

Having separate 'err' for GnuTLS errno, and 'ret' for the return value, has
caused me to sometimes return without setting 'ret'. Make it uninitialised
to start with, and then the compiler should warn if I 'goto out' again
without setting 'ret'.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Implement certificate matching for TPM/PKCS#11 privkeys

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix GnuTLS PIN cache leak when only *key* is PKCS#11 and not certificate.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Remove redundancy in code which 'matches' cert to privkey

Yes, it doesn't *actually* do any matching... yet.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add TPM support for GnuTLS

Based on GnuTLS TPM code by Carolin Latze <latze@angry-red-pla.net>
and Tobias Soder.

Like the OpenSSL TPM ENGINE, this only supports a key 'blob' rather than
using keys by UUID. That shouldn't be hard to fix if someone wants it.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Clean up build options printout

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix DTLS fallback to OpenSSL for old GnuTLS

Due to a typo, it wasn't using OpenSSL for DTLS unless you specified
--without-openssl on the configure command line.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Explicitly check for gnutls_certificate_set_key(), separate it from p11-kit

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

OpenSSL: Fix leak of cert_x509

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

OpenSSL: Free BIO leak in reload_pem_cert()

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

OpenSSL: Clean up leaks in TPM ENGINE handling

The key, in the ctx, holds a reference on the engine. We should be dropping
our own.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

OpenSSL: Fix password memory leaks

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Make authentication valgrind-friendly

Not strictly needed to free stuff right before we exit, but it makes it
easier to find leaks in the library code.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix useragent leak

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

GnuTLS: Fix password memory leaks

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add openconnect_has_tss_blob_support()

Turns out this might not be entirely OpenSSL-specific; we should be able
to support it in GnuTLS too.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix const char * warnings in GnuTLS pin_helper on FreeBSD

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add --authenticate option

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add openconnect_has_pkcs11_support()

Theoretically, the OpenSSL side can (and should) gain PKCS#11 support at
some point. There *is* a PKCS#11 engine, although it seems somewhat unloved.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Return error from OpenSSL load_certificate() for PKCS#11 URLs

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Translate build option output

Oops. The whole point in doing it this way with full sentences instead of
crap like ("with%s TPM support", tpm?"":"out") was to ease translation...
and then I forgot to mark the strings translatable :)

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Make --disable-ipv6 really do it

Previously, it only made us stop *asking* the server for IPv6. If the server
gave us IPv6 addresses anyway on the basis that this is the 21st century and
there's no excuse for pretending otherwise (or, in practice, because my test
server is handing out hard-coded responses without looking at the request),
we were still actually using them.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Remove --cert-type option from command line

With the impending v4.00 release and the soname change, this is a good
time to obsolete the --cert-type option. We've been automatically
detecting key types for a *long* time.

Only remove it from the command line for now; the library never exposed
it, but if the GnuTLS cert-loading code ends up being contributed back
to GnuTLS then they might want something similar there. So leave it in
place but unused.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Print SSL build options on --version or usage()

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Allow building against GnuTLS (for TCP) and GnuTLS (for DTLS) simultaneously

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Remove stray openssl includes

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Update translations from Transifex

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix upload-pot make target for out-of-tree build

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix update-translations make target for out-of-tree build

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

OpenSSL: Print name of primary certificate

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

GnuTLS: Print name of primary certificate

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Update docs for GnuTLS and PKCS#11 support

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix non-interactive mode

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Portability fixes for Solaris, *BSD

OpenBSD needs <sys/types.h> to be included before <netinet/in.h>.
Use IPPROTO_TCP not SOL_TCP for getsockopt() level.
Don't attempt to use FreeBSD's TCP_INFO sockopt.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Remove obsolete GnuTLS FIXME comment

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

GnuTLS: Cache token PIN

Otherwise we get prompted for it about four times in the course of a single
connection, which is going to make users unhappy.

GnuTLS has been fixed not to do it on decent tokens that can have more than
one active session, but on the crap tokens it's still needed.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Set object-type on PKCS#11 URL for key and cert

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

GnuTLS: Fix build with GnuTLS 2.12 and PKCS#11

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

GnuTLS: Fix expiry check and CA chain addition for PKCS#11 certs

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Use gnutls_certificate_set_x509_system_trust() where available

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Cope with SSL key being PKCS#11 but cert from file

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix error handling when GnuTLS can't open key file

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Don't unregister p11-kit PIN callback until vpninfo is finished with

Unregistering in openconnect_close_https() meant that when we reconnect to
the server, we lose the PIN callback. And then when we connect again, if
GnuTLS is asking us for the PIN on every attempt to touch the key, we fail
because there's no PIN handler.

So add a 'final' flag to openconnect_close_https(). Use this to clean up
library.c::openconnect_close_https() a little, too.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Import updated gnutls_pkcs12_simple_parse() from GnuTLS

Changes corresponding to commit 6c82bf34 in GnuTLS master, imported with
permission from Nikos to use under LGPLv2.1.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Use X-DTLS-MTU response from server as well as X-CSTP-MTU

Currently we take a very naïve approach: we just use the higher of the
two. Normally the DTLS MTU will be larger. Theoretically, perhaps we
ought to actually change the MTU of the interface according to whether
DTLS is currently connected or not? That seems cumbersome, and is almost
impossible if we aren't running as root.

So what *should* we do with packets which are "too big" for the CSTP
MTU, if they arrive while DTLS is down? Drop them? And try to fake an
ICMP "too big" or "fragmentation needed" response? Fragment them? Please
$DEITY no. The sanest thing to do would seem to be just to send them
down the CSTP link even though they'll end up fragmented into more than
one TCP packet.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Update changelog

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add $CISCO_SPLIT_DNS environment variable for vpnc-script

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add gnutls.c and openssl.c to EXTRA_DIST too

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add gnutls_pkcs12 to dist

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Make 'make dist' work for out-of-tree build

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Set X-CSTP-Base-MTU: for new servers

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Don't hard-code cipher type in GnuTLS DTLS

Add an array with the two cipher labels (AES128-SHA and DES-CBC3-SHA) that
I've been able to test. The server doesn't seem to accept anything else
that we ask for.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix git-tree deps for version.c in out-of-tree build

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix generation of version.c for out-of-tree builds

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Change Requires: to Requires.private: in openconnect.pc

There's no need for users of the library to directly link with anything else
that we use.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix cbdata argument to process_auth_form()

I just introduced lots of bugs... oops.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Kill old openconnect_vpninfo_new()

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Bump library soname to libopenconnect.so.2

With this, the certificates are now an opaque type and callers are not
permitted to access them directly. Take the opportunity to also rename
openconnect_init_openssl() to openconnect_init_ssl().

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Remove last traces of special UI and PIN handling from main.c

Absolutely everything should now be proxied onto the ->process_auth_form()
function, so there's no need to handle anything directly.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Use p11-kit for directing PIN request to process_auth_form()

Set a 'pin-source' attribute which identifies the vpninfo structure, and
register a handler which converts it to an auth form for the GUI to process.

If the URI we are given already contains a pin_source then theoretically
we don't override it; we assume the caller knew what they were doing. In
practice, p11_kit_get_pin_source() seems to be returning NULL even when
the attribute *is* set, so we always override it.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix GnuTLS PKCS#11 PIN request function

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

GnuTLS now uses gnutls_session_set_premaster()

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Show correct path to vpnc-script in the man page

Insert the actual path to vpnc-script that is compiled into the
openconnect executable.

Signed-off-by: Mike Miller <mtmiller@ieee.org>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add UI handling for OpenSSL TPM keys

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Allow '--with-gnutls' in configure

No need to require '--with-gnutls=shibboleet' any more; we have some
confidence that the GnuTLS support is actually working so we can let
non-hackers discover it.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add DTLS support for GnuTLS

This requires the patches I just sent to Nikos...

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Split out OpenSSL_specific start_dtls_handshake() function

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Check for gnutls_pkcs12_simple_parse() in GnuTLS

Our modifications made it upstream...

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Use request_passphrase() for OpenSSL PEM files

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix config fetch

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix config_arg handling

The ->cert_password field must always be allocated, and it turns out I never
did fix the keep_config_arg() macro to do the right thing for options from
a file, despite deliberately introducing it for precisely that purpose.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Use request_passphrase() for OpenSSL PKCS#12

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Move request_passphrase() to ssl.c

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Update comment about gnutls_x509_privkey_import_pkcs8() password handling

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix FreeBSD tun handling with net.link.tun.devfs_cloning=0

Try to use SIOCIFCREATE to create an interface if it doesn't already exists.
Also try opening /dev/tun to get the next available device, before falling
back to the loop over tun0-tun255.

There is still strangeness here; sometimes the interface doesn't get an
IPv6 link-local address, and the IFDISABLED flag remains set.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Allow interface name to be specified on *BSD

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix FreeBSD compile

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

OpenSSL: Don't include root CA in the supporting evidence; only intermediates

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

GnuTLS: Don't include root CA in the supporting evidence; only intermediates

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

GnuTLS: Split logging of additional certs into a separate loop

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add completely untested PIN callback for GnuTLS

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Stop using OpenSSL UI for user interaction

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

openconnect_set_xmlsha1() takes a const char *

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix GnuTLS request_passphrase() if no UI callback function

If it's NULL, don't call it. Also change 'gnutls' to 'ssl' in the auth_id,
since we may end up using this on the OpenSSL side too.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Reduce priority of GnuTLS certificate verify failure message to PRG_INFO

We don't want to see it in the auth-dialog UI; it's handled explicitly.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Bump API version, advertise get_cert_DER() and get_cert_details() functions

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix GnuTLS select() during handshake

It was using vpninfo->ssl_fd even though that's not set yet.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Remove stray debug printf

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix build on systems without O_CLOEXEC

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Move openconnect_SSL_printf() to ssl.c

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix vpninfo->peer_cert handling for GnuTLS

Stash the peer cert in verify_peer() so we can refer to it later.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Remove duplicate socket connect code from gnutls.c

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add openssl.c and gnutls.c to POTFILES

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add GnuTLS to changelog

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

GnuTLS: Import more than one certificate from PEM file

If the PEM file has extra "supporting" CAs, then import those and use them
too.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

GnuTLS: Load trusted CAs before loading certificate

We'll need them present when we load the certificate, because that's when
we search through them for supporting certs.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Remove unused workaround_openssl_certchain_bug() function

For GnuTLS, this is done as we load the certificate.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

GnuTLS: Add supporting certificates from PKCS#12 file

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Make GnuTLS parse_pkcs12() return extra certificates from the PKCS#12 too

Create a separate list, return them for the caller to do with as it sees fit.

This also cleans up the error handling a little. When this was a purely
internal GnuTLS function, it was fine to leave things (like *key) allocated
and return an error. If my intention is to make this exportable, then it
ought to clean up after itself when returning an error.

I think this actually fixes a potential memory leak for the GnuTLS internal
caller of this function, too.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Import pkcs12_parse() function from GnuTLS to fix PKCS#12 handling

An immediate effect is that this fixes the checking of cert expiry for
PKCS#12 certificates.

But it also means we can include the full supporting chain of
intermediate CAs (which has to be pre-assembled before we ever call
gnutls_certificate_set_x509_key() and can't be appended later), and we
can use the extra certs from the PKCS#12 file too, which parse_pkcs12()
currently doesn't bother to give us.

The plan is to fix parse_pkcs12(), submit the changes back upstream and
make it an exported function there, then stick a version-conditional on
our local copy and look forward to the day when we can rip it out again.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>