Dillo v3.1.1-119-g140d9ebd
|
#include "config.h"
#include "../msg.h"
#include <assert.h>
#include <errno.h>
#include "../../dlib/dlib.h"
#include "../dialog.hh"
#include "../klist.h"
#include "iowatch.hh"
#include "tls.h"
#include "Url.h"
#include <mbedtls/platform.h>
#include <mbedtls/ssl.h>
#include <mbedtls/ctr_drbg.h>
#include <mbedtls/entropy.h>
#include <mbedtls/error.h>
#include <mbedtls/oid.h>
#include <mbedtls/x509.h>
#include <mbedtls/version.h>
#include <mbedtls/net.h>
Go to the source code of this file.
Macros | |
#define | CERT_STATUS_NONE 0 |
#define | CERT_STATUS_RECEIVING 1 |
#define | CERT_STATUS_CLEAN 2 |
#define | CERT_STATUS_BAD 3 |
#define | CERT_STATUS_USER_ACCEPTED 4 |
Functions | |
static void | Tls_handshake_cb (int fd, void *vconnkey) |
static int | Tls_fd_map_cmp (const void *v1, const void *v2) |
static void | Tls_fd_map_add_entry (int fd, int connkey) |
static void | Tls_fd_map_remove_entry (int fd) |
void * | a_Tls_mbedtls_connection (int fd) |
static Conn_t * | Tls_conn_new (int fd, const DilloUrl *url, mbedtls_ssl_context *ssl) |
static int | Tls_make_conn_key (Conn_t *conn) |
static void | Tls_load_certificates_from_file (const char *const filename) |
static void | Tls_load_certificates_from_path (const char *const pathname) |
static void | Tls_remove_duplicate_certificates () |
static void | Tls_load_certificates () |
static void | Tls_remove_psk_ciphersuites () |
const char * | a_Tls_mbedtls_version (char *buf, int n) |
void | a_Tls_mbedtls_init (void) |
static int | Tls_servers_cmp (const void *v1, const void *v2) |
static int | Tls_servers_by_url_cmp (const void *v1, const void *v2) |
int | a_Tls_mbedtls_connect_ready (const DilloUrl *url) |
static int | Tls_cert_status (const DilloUrl *url) |
static int | Tls_user_said_no (const DilloUrl *url) |
int | a_Tls_mbedtls_certificate_is_clean (const DilloUrl *url) |
static void | Tls_cert_expired (const mbedtls_x509_crt *cert, Dstr *ds) |
static void | Tls_cert_cn_mismatch (const mbedtls_x509_crt *cert, Dstr *ds) |
static void | Tls_cert_trust_chain_failed (const mbedtls_x509_crt *cert, Dstr *ds) |
static void | Tls_cert_not_valid_yet (const mbedtls_x509_crt *cert, Dstr *ds) |
static void | Tls_cert_bad_hash (const mbedtls_x509_crt *cert, Dstr *ds) |
static void | Tls_cert_bad_pk_alg (const mbedtls_x509_crt *cert, Dstr *ds) |
static void | Tls_cert_bad_key (const mbedtls_x509_crt *cert, Dstr *ds) |
static char * | Tls_make_bad_cert_msg (const mbedtls_x509_crt *cert, uint32_t flags) |
static int | Tls_cert_auth_cmp (const void *v1, const void *v2) |
static int | Tls_cert_auth_cmp_by_name (const void *v1, const void *v2) |
static void | Tls_update_cert_authorities_data (const mbedtls_x509_crt *cert, Server_t *srv) |
static int | Tls_examine_certificate (mbedtls_ssl_context *ssl, Server_t *srv) |
void | a_Tls_mbedtls_reset_server_state (const DilloUrl *url) |
static void | Tls_close_by_key (int connkey) |
static void | Tls_fatal_error_msg (int error_type) |
static void | Tls_handshake (int fd, int connkey) |
void | a_Tls_mbedtls_connect (int fd, const DilloUrl *url) |
int | a_Tls_mbedtls_read (void *conn, void *buf, size_t len) |
int | a_Tls_mbedtls_write (void *conn, void *buf, size_t len) |
void | a_Tls_mbedtls_close_by_fd (int fd) |
static void | Tls_cert_authorities_print_summary () |
static void | Tls_cert_authorities_freeall () |
static void | Tls_servers_freeall () |
static void | Tls_fd_map_remove_all () |
void | a_Tls_mbedtls_freeall (void) |
Variables | |
static Klist_t * | conn_list = NULL |
static bool_t | ssl_enabled = TRUE |
static mbedtls_ssl_config | ssl_conf |
static mbedtls_x509_crt | cacerts |
static mbedtls_ctr_drbg_context | ctr_drbg |
static mbedtls_entropy_context | entropy |
static Dlist * | servers |
static Dlist * | cert_authorities |
static Dlist * | fd_map |
#define CERT_STATUS_BAD 3 |
Definition at line 57 of file tls_mbedtls.c.
#define CERT_STATUS_CLEAN 2 |
Definition at line 56 of file tls_mbedtls.c.
#define CERT_STATUS_NONE 0 |
Definition at line 54 of file tls_mbedtls.c.
#define CERT_STATUS_RECEIVING 1 |
Definition at line 55 of file tls_mbedtls.c.
#define CERT_STATUS_USER_ACCEPTED 4 |
Definition at line 58 of file tls_mbedtls.c.
int a_Tls_mbedtls_certificate_is_clean | ( | const DilloUrl * | url | ) |
Definition at line 527 of file tls_mbedtls.c.
References CERT_STATUS_CLEAN, and Tls_cert_status().
Referenced by a_Tls_certificate_is_clean().
void a_Tls_mbedtls_close_by_fd | ( | int | fd | ) |
Definition at line 1151 of file tls_mbedtls.c.
References dList_find_custom(), fd_map, INT2VOIDP, Tls_close_by_key(), and Tls_fd_map_cmp().
Referenced by a_Tls_close_by_fd().
void a_Tls_mbedtls_connect | ( | int | fd, |
const DilloUrl * | url | ||
) |
Definition at line 1073 of file tls_mbedtls.c.
References a_Http_connect_done(), a_Tls_mbedtls_reset_server_state(), dNew0, FALSE, MSG, ssl_conf, ssl_enabled, Tls_conn_new(), Tls_handshake(), Tls_make_conn_key(), Tls_user_said_no(), TRUE, and URL_HOST.
Referenced by a_Tls_connect().
int a_Tls_mbedtls_connect_ready | ( | const DilloUrl * | url | ) |
Definition at line 481 of file tls_mbedtls.c.
References CERT_STATUS_BAD, CERT_STATUS_NONE, CERT_STATUS_RECEIVING, dList_find_sorted(), dList_insert_sorted(), dNew, dReturn_val_if_fail, dStrdup(), servers, ssl_enabled, TLS_CONNECT_NEVER, TLS_CONNECT_NOT_YET, TLS_CONNECT_READY, Tls_servers_by_url_cmp(), Tls_servers_cmp(), URL_HOST, and URL_PORT.
Referenced by a_Tls_connect_ready().
void * a_Tls_mbedtls_connection | ( | int | fd | ) |
Definition at line 153 of file tls_mbedtls.c.
References a_Klist_get_data(), conn_list, dList_find_custom(), fd_map, INT2VOIDP, and Tls_fd_map_cmp().
Referenced by a_Tls_connection().
void a_Tls_mbedtls_freeall | ( | void | ) |
Definition at line 1255 of file tls_mbedtls.c.
References prefs, DilloPrefs::show_msg, Tls_cert_authorities_freeall(), Tls_cert_authorities_print_summary(), Tls_fd_map_remove_all(), and Tls_servers_freeall().
Referenced by a_Tls_freeall().
void a_Tls_mbedtls_init | ( | void | ) |
Definition at line 372 of file tls_mbedtls.c.
References cacerts, cert_authorities, ctr_drbg, dList_new(), entropy, FALSE, fd_map, MSG, MSG_ERR, servers, ssl_conf, ssl_enabled, Tls_load_certificates(), and Tls_remove_psk_ciphersuites().
Referenced by a_Tls_init().
int a_Tls_mbedtls_read | ( | void * | conn, |
void * | buf, | ||
size_t | len | ||
) |
void a_Tls_mbedtls_reset_server_state | ( | const DilloUrl * | url | ) |
Definition at line 843 of file tls_mbedtls.c.
References CERT_STATUS_NONE, CERT_STATUS_RECEIVING, dList_find_sorted(), servers, and Tls_servers_by_url_cmp().
Referenced by a_Tls_mbedtls_connect(), a_Tls_reset_server_state(), and Tls_close_by_key().
const char * a_Tls_mbedtls_version | ( | char * | buf, |
int | n | ||
) |
Definition at line 358 of file tls_mbedtls.c.
Referenced by a_Tls_version().
int a_Tls_mbedtls_write | ( | void * | conn, |
void * | buf, | ||
size_t | len | ||
) |
|
static |
Definition at line 732 of file tls_mbedtls.c.
Referenced by Tls_update_cert_authorities_data().
|
static |
Definition at line 739 of file tls_mbedtls.c.
Referenced by Tls_update_cert_authorities_data().
|
static |
Definition at line 1203 of file tls_mbedtls.c.
References cacerts, cert_authorities, dFree(), dList_free(), dList_length(), and dList_nth_data().
Referenced by a_Tls_mbedtls_freeall().
|
static |
Definition at line 1161 of file tls_mbedtls.c.
References a_Url_host_type(), cert_authorities, dList_length(), dList_nth_data(), dStr_append(), dStr_append_c(), dStr_free(), dStr_new(), dStr_sprintfa(), MSG, Dstr::str, URL_HOST_IPV6, and URL_HTTPS_PORT.
Referenced by a_Tls_mbedtls_freeall().
|
static |
Definition at line 648 of file tls_mbedtls.c.
References dStr_sprintfa().
Referenced by Tls_make_bad_cert_msg().
|
static |
Definition at line 688 of file tls_mbedtls.c.
References dStr_sprintfa().
Referenced by Tls_make_bad_cert_msg().
|
static |
Definition at line 676 of file tls_mbedtls.c.
References dStr_sprintfa().
Referenced by Tls_make_bad_cert_msg().
|
static |
Definition at line 583 of file tls_mbedtls.c.
References dStr_append(), and dStr_sprintfa().
Referenced by Tls_make_bad_cert_msg().
|
static |
Definition at line 571 of file tls_mbedtls.c.
References dStr_sprintfa().
Referenced by Tls_make_bad_cert_msg().
|
static |
Definition at line 635 of file tls_mbedtls.c.
References dStr_sprintfa().
Referenced by Tls_make_bad_cert_msg().
|
static |
Definition at line 507 of file tls_mbedtls.c.
References CERT_STATUS_NONE, dList_find_sorted(), servers, and Tls_servers_by_url_cmp().
Referenced by a_Tls_mbedtls_certificate_is_clean(), and Tls_user_said_no().
|
static |
Definition at line 618 of file tls_mbedtls.c.
References dStr_sprintfa().
Referenced by Tls_make_bad_cert_msg().
|
static |
Definition at line 856 of file tls_mbedtls.c.
References a_IOwatch_remove_fd(), a_Klist_get_data(), a_Klist_remove(), a_Tls_mbedtls_reset_server_state(), a_Url_free(), conn_list, dClose(), dFree(), and Tls_fd_map_remove_entry().
Referenced by a_Tls_mbedtls_close_by_fd(), and Tls_handshake().
|
static |
Definition at line 170 of file tls_mbedtls.c.
References a_Url_dup(), dNew0, and TRUE.
Referenced by a_Tls_mbedtls_connect().
|
static |
Definition at line 778 of file tls_mbedtls.c.
References a_Dialog_choice(), CERT_STATUS_BAD, CERT_STATUS_CLEAN, CERT_STATUS_RECEIVING, CERT_STATUS_USER_ACCEPTED, dFree(), dStrconcat(), MSG_ERR, Tls_make_bad_cert_msg(), and Tls_update_cert_authorities_data().
Referenced by Tls_handshake().
|
static |
Definition at line 884 of file tls_mbedtls.c.
References errmsg(), and MSG_WARN.
Referenced by Tls_handshake().
|
static |
Definition at line 118 of file tls_mbedtls.c.
References dList_append(), dList_find_custom(), dNew0, fd_map, INT2VOIDP, MSG_ERR, and Tls_fd_map_cmp().
Referenced by Tls_make_conn_key().
|
static |
Definition at line 110 of file tls_mbedtls.c.
References VOIDP2INT.
Referenced by a_Tls_mbedtls_close_by_fd(), a_Tls_mbedtls_connection(), Tls_fd_map_add_entry(), and Tls_fd_map_remove_entry().
|
static |
Definition at line 1238 of file tls_mbedtls.c.
References dFree(), dList_free(), dList_length(), dList_nth_data(), and fd_map.
Referenced by a_Tls_mbedtls_freeall().
|
static |
Definition at line 136 of file tls_mbedtls.c.
References dFree(), dList_find_custom(), dList_remove_fast(), fd_map, INT2VOIDP, MSG, and Tls_fd_map_cmp().
Referenced by Tls_close_by_key().
|
static |
Definition at line 963 of file tls_mbedtls.c.
References _MSG, a_Http_connect_done(), a_IOwatch_add_fd(), a_IOwatch_remove_fd(), a_Klist_get_data(), CERT_STATUS_RECEIVING, CERT_STATUS_USER_ACCEPTED, conn_list, DIO_READ, DIO_WRITE, dList_find_sorted(), failed, FALSE, INT2VOIDP, MSG, servers, Tls_close_by_key(), Tls_examine_certificate(), Tls_fatal_error_msg(), Tls_handshake_cb(), Tls_servers_by_url_cmp(), TRUE, URL_AUTHORITY, URL_HTTPS_PORT, and URL_PORT.
Referenced by a_Tls_mbedtls_connect(), and Tls_handshake_cb().
|
static |
Definition at line 1065 of file tls_mbedtls.c.
References Tls_handshake(), and VOIDP2INT.
Referenced by Tls_handshake().
|
static |
Definition at line 260 of file tls_mbedtls.c.
References cacerts, dFree(), dGethomedir(), dStrconcat(), MSG, Tls_load_certificates_from_file(), Tls_load_certificates_from_path(), and Tls_remove_duplicate_certificates().
Referenced by a_Tls_mbedtls_init().
|
static |
Definition at line 193 of file tls_mbedtls.c.
Referenced by Tls_load_certificates().
|
static |
Definition at line 210 of file tls_mbedtls.c.
Referenced by Tls_load_certificates().
|
static |
Definition at line 699 of file tls_mbedtls.c.
References dStr_free(), dStr_new(), dStr_sprintfa(), Dstr::str, Tls_cert_bad_hash(), Tls_cert_bad_key(), Tls_cert_bad_pk_alg(), Tls_cert_cn_mismatch(), Tls_cert_expired(), Tls_cert_not_valid_yet(), and Tls_cert_trust_chain_failed().
Referenced by Tls_examine_certificate().
|
static |
Definition at line 181 of file tls_mbedtls.c.
References a_Klist_insert(), conn_list, and Tls_fd_map_add_entry().
Referenced by a_Tls_mbedtls_connect().
|
static |
Definition at line 227 of file tls_mbedtls.c.
References cacerts, and dFree().
Referenced by Tls_load_certificates().
|
static |
Definition at line 324 of file tls_mbedtls.c.
References dNew, and ssl_conf.
Referenced by a_Tls_mbedtls_init().
|
static |
Definition at line 462 of file tls_mbedtls.c.
References dStrAsciiCasecmp(), URL_HOST, and URL_PORT.
Referenced by a_Tls_mbedtls_connect_ready(), a_Tls_mbedtls_reset_server_state(), Tls_cert_status(), and Tls_handshake().
|
static |
Definition at line 450 of file tls_mbedtls.c.
References dStrAsciiCasecmp().
Referenced by a_Tls_mbedtls_connect_ready().
|
static |
Definition at line 1223 of file tls_mbedtls.c.
References dFree(), dList_free(), dList_length(), dList_nth_data(), and servers.
Referenced by a_Tls_mbedtls_freeall().
|
static |
Definition at line 750 of file tls_mbedtls.c.
References cert_authorities, dList_append(), dList_find_custom(), dList_insert_sorted(), dList_new(), dNew, dStrdup(), Tls_cert_auth_cmp(), and Tls_cert_auth_cmp_by_name().
Referenced by Tls_examine_certificate().
|
static |
Definition at line 518 of file tls_mbedtls.c.
References CERT_STATUS_BAD, and Tls_cert_status().
Referenced by a_Tls_mbedtls_connect().
|
static |
Definition at line 91 of file tls_mbedtls.c.
Referenced by a_Tls_mbedtls_init(), Tls_cert_authorities_freeall(), Tls_load_certificates(), Tls_load_certificates_from_file(), Tls_load_certificates_from_path(), and Tls_remove_duplicate_certificates().
|
static |
Definition at line 96 of file tls_mbedtls.c.
Referenced by a_Tls_mbedtls_init(), Tls_cert_authorities_freeall(), Tls_cert_authorities_print_summary(), and Tls_update_cert_authorities_data().
|
static |
Definition at line 87 of file tls_mbedtls.c.
Referenced by a_Tls_mbedtls_connection(), Tls_close_by_key(), Tls_handshake(), and Tls_make_conn_key().
|
static |
Definition at line 92 of file tls_mbedtls.c.
Referenced by a_Tls_mbedtls_init().
|
static |
Definition at line 93 of file tls_mbedtls.c.
Referenced by a_Tls_mbedtls_init().
|
static |
Definition at line 97 of file tls_mbedtls.c.
Referenced by a_Tls_mbedtls_close_by_fd(), a_Tls_mbedtls_connection(), a_Tls_mbedtls_init(), Tls_fd_map_add_entry(), Tls_fd_map_remove_all(), and Tls_fd_map_remove_entry().
|
static |
Definition at line 95 of file tls_mbedtls.c.
Referenced by a_Tls_mbedtls_connect_ready(), a_Tls_mbedtls_init(), a_Tls_mbedtls_reset_server_state(), Tls_cert_status(), Tls_handshake(), and Tls_servers_freeall().
|
static |
Definition at line 90 of file tls_mbedtls.c.
Referenced by a_Tls_mbedtls_connect(), a_Tls_mbedtls_init(), and Tls_remove_psk_ciphersuites().
Definition at line 89 of file tls_mbedtls.c.
Referenced by a_Tls_mbedtls_connect(), a_Tls_mbedtls_connect_ready(), and a_Tls_mbedtls_init().