Add tls and http apis for post handshake #713
Conversation
|
I think we should preserve the standard naming scheme for call back function of re/baresip: struct tls_conn_d {
int (*verifyh) (int ok, void *arg);
void *arg;int tls_set_verify_client_handler(struct tls_conn *tc, int depth,
int (*verifyh) (int ok, void *arg), void *arg); |
| int tls_set_verify_client_handler(struct tls_conn *tc, int depth, | ||
| int (*cb) (int ok, void *d), void *d) | ||
| { | ||
| #if !defined(LIBRESSL_VERSION_NUMBER) |
There was a problem hiding this comment.
I just upgraded LibreSSL for CI tests, can you try to enable these parts. At first quick look all required APIs are available now.
|
Is TLS 1.2 renegotiation support needed? Maybe better only support secure TLS 1.3 handling for this use case? |
Indeed, we need it for HTTPS clients against MS Azure. And they are very lazy with security updates. |
As far as I known renegotiation in TLSv1.2 has only security flaws, if it is initiated by the client. In the test added in this PR the server initiates renegotiation. |
I wonder if this opens client side attacks: Since OpenSSL does not prevent this. |
|
I assume our only chance to get #712 to main branch is by making it configurable like in boring ssl? A http client could then enable it only for certain http connections. |
fAuernigg
force-pushed
the
add_tls_and_http_apis_for_renegotiation
branch
from
5db194e to
1b8f3ee
Compare
fAuernigg
force-pushed
the
add_tls_and_http_apis_for_renegotiation
branch
2 times, most recently
from
deb2220 to
f63c397
Compare
fAuernigg
force-pushed
the
add_tls_and_http_apis_for_renegotiation
branch
2 times, most recently
from
4a81e04 to
2dbcfbf
Compare
TLS v1.2 renegotiation was removed from this PR. (Preparing another PR with TLSv1.2 enable api per connection) |
src/tls/openssl/tls.c
Outdated
| } | ||
| else { | ||
| tc->cd.verifyh = cb; | ||
| tc->cd.verify_d = arg; |
There was a problem hiding this comment.
Rename please!
tc->cd.arg = arg;
include/re_tls.h
Outdated
| @@ -46,6 +50,10 @@ int tls_set_certificate_der(struct tls *tls, enum tls_keytype keytype, | |||
| const uint8_t *key, size_t len_key); | |||
| int tls_set_certificate(struct tls *tls, const char *cert, size_t len); | |||
| void tls_set_verify_client(struct tls *tls); | |||
| void tls_set_verify_client_trust_all(struct tls *tls); | |||
| int tls_set_verify_client_handler(struct tls_conn *tc, int depth, | |||
| int (*cb) (int ok, void *arg), void *arg); | |||
include/re_tls.h
Outdated
| @@ -28,6 +28,10 @@ enum tls_keytype { | |||
| TLS_KEYTYPE_EC, | |||
| }; | |||
|
|
|||
| struct tls_conn_d { | |||
| int (*verifyh) (int ok, void *arg); | |||
| void *verify_d; | |||
src/http/server.c
Outdated
| @@ -29,6 +30,7 @@ struct http_sock { | |||
| struct tcp_sock *ts; | |||
| struct tls *tls; | |||
| http_req_h *reqh; | |||
| https_verify_msg_h *verify_msg_h; | |||
There was a problem hiding this comment.
rename to:
verify_msg_h --> verifyh
src/http/server.c
Outdated
| * @return 0 if success, otherwise errorcode | ||
| */ | ||
| int https_set_verify_msgh(struct http_sock *sock, | ||
| https_verify_msg_h *verify_msg_h) |
There was a problem hiding this comment.
rename
verify_msg_h --> verifyh
src/http/server.c
Outdated
| if (!sock || !verify_msg_h) | ||
| return EINVAL; | ||
|
|
||
| sock->verify_msg_h = verify_msg_h; |
There was a problem hiding this comment.
rename to
sock->verifyh = verifyh;
include/re_http.h
Outdated
|
|
||
| int http_listen_fd(struct http_sock **sockp, re_sock_t fd, http_req_h *reqh, | ||
| void *arg); | ||
| int http_listen(struct http_sock **sockp, const struct sa *laddr, | ||
| http_req_h *reqh, void *arg); | ||
| int https_listen(struct http_sock **sockp, const struct sa *laddr, | ||
| const char *cert, http_req_h *reqh, void *arg); | ||
| int https_set_verify_msgh(struct http_sock *sock, | ||
| https_verify_msg_h *verify_msg_h); |
There was a problem hiding this comment.
rename to
int https_set_verify_msgh(struct http_sock *sock,
https_verify_msg_h *verifyh);
|
I have some more comments, please take them with a grain of salt :) There are changes to HTTP and TLS modules, and the re-negotiation feature belongs to TLS. Is it possible to add the feature to TLS module so that all users of TLS gets For example in retest this means changes to tls.c only, not http.c If this is possible, we could split this patch in two parts, where the first part |
src/http/server.c
Outdated
| * | ||
| * @return TLS struct | ||
| */ | ||
| struct tls *http_sock_tls(struct http_sock *sock) |
There was a problem hiding this comment.
can the input param be const ?
| @@ -205,6 +207,19 @@ int tls_verify_handler(int ok, X509_STORE_CTX *ctx) | |||
| #endif | |||
|
|
|||
|
|
|||
| static int tls_verify_idx = -1; | |||
| static once_flag oflag = ONCE_FLAG_INIT; | |||
There was a problem hiding this comment.
is it possible to avoid this global data and use the TLS context instead ?
There was a problem hiding this comment.
I was trying to do that but it is not possible. It is not nice but openssl requires global indices initialized once. in tls_alloc call_once(&oflag, tls_init_verify_idx) is called.
Code examples are taken from openssl and apache2/httpd implementation to get application inside the openssl verify handlers, which are not supporting application data (so no tls context is present). So the only way to get application data is to use global openssl indices initialized once. (SSL_set_ex_data, SSL_get_ex_data(..., tls_verify_idx))
src/tls/openssl/tls.c
Outdated
| * | ||
| * @return 0 if success, otherwise errorcode | ||
| */ | ||
| int tls_set_posthandshake_auth(struct tls *tls, int value) |
| err = EIO; | ||
| DEBUG_WARNING("%s: error: %m, ssl_err=%d\n", __func__, err, | ||
| SSL_get_error(tc->ssl, ret)); | ||
| } |
There was a problem hiding this comment.
global openssl error queue must be cleared in both error cases
src/tls/openssl/tls.c
Outdated
|
|
||
| if (!(ret=SSL_verify_client_post_handshake(tc->ssl))) { | ||
| err = EFAULT; | ||
| DEBUG_WARNING("%s: error: %m, ssl_err=%d\n", __func__, err, |
There was a problem hiding this comment.
please avoid func as it makes it harder to grep the code
I'm afraid but there is no transparent tls post handshake on server side. For example a http server requests a post handshake (using SSL_verify_client_post_handshake) after it received http data. (Typically a specific http path, which requires more authentication data from the client). Clients can support tls posthandshake transparently by setting for example a client certificate before a https request and enabling post handshake support using SSL_CTX_set_post_handshake_auth. Anyhow of course I can split up the tls and http commit to make it easier to implement posthandshake in for example sip: A sip server side implementation would need to support what "https_set_verify_msgh" of this PR does:
|
fAuernigg
force-pushed
the
add_tls_and_http_apis_for_renegotiation
branch
2 times, most recently
from
4ea5112 to
0f5e885
Compare
fAuernigg
changed the title
fAuernigg
force-pushed
the
add_tls_and_http_apis_for_renegotiation
branch
from
0f5e885 to
5ecf983
Compare
fAuernigg
force-pushed
the
add_tls_and_http_apis_for_renegotiation
branch
from
5ecf983 to
54ff0e1
Compare
Add tls_set_conn_verify_client_handler, tls_set_posthandshake_auth, tls_conn_verify_client_post_handshake available in tls >= v1.3
Support post handshake using https_set_verify_msgh and http_sock_tls. Allow decide to request certificate authorisation from client based on content of first http msg.
fAuernigg
force-pushed
the
add_tls_and_http_apis_for_renegotiation
branch
from
54ff0e1 to
51013cb
Compare
No description provided.