Browse Source

[mod_openssl,mbedtls,gnutls,nss] fdevent_load_file

employ fdevent_load_file() to load CRL, X509 cert, and private key files
into memory
personal/stbuehler/ci-build
Glenn Strauss 1 year ago
parent
commit
0ad57da55b
  1. 53
      src/mod_gnutls.c
  2. 79
      src/mod_mbedtls.c
  3. 55
      src/mod_nss.c
  4. 60
      src/mod_openssl.c

53
src/mod_gnutls.c

@ -214,10 +214,6 @@ static void elogf(log_error_st * const errh,
* https://gitlab.com/gnutls/gnutls/-/issues/1002
* https://gitlab.com/gnutls/gnutls/-/merge_requests/1270
*/
#include <sys/stat.h>
#include <fcntl.h>
#include <limits.h>
#include "fdevent.h"
static int
mod_gnutls_load_file (const char * const fn, gnutls_datum_t * const d, log_error_st *errh)
{
@ -227,49 +223,12 @@ mod_gnutls_load_file (const char * const fn, gnutls_datum_t * const d, log_error
elogf(errh, __FILE__, __LINE__, rc, "%s() %s", __func__, fn);
return rc;
#else
int fd = -1;
unsigned int sz = 0;
char *buf = NULL;
do {
fd = fdevent_open_cloexec(fn, 1, O_RDONLY, 0); /*(1: follows symlinks)*/
if (fd < 0) break;
struct stat st;
if (0 != fstat(fd, &st)) break;
if (st.st_size >= UINT_MAX) { /*(file too large for gnutls_datum_t)*/
errno = EOVERFLOW;
break;
}
sz = (unsigned int)st.st_size;
buf = gnutls_malloc(sz+1); /*(+1 trailing '\0' for gnutls_load_file())*/
if (NULL == buf) break;
ssize_t rd = 0;
unsigned int off = 0;
do {
rd = read(fd, buf+off, sz-off);
} while (rd > 0 ? (off += (unsigned int)rd) != sz : errno == EINTR);
if (off != sz) { /*(file truncated?)*/
if (rd >= 0) errno = EIO;
break;
}
buf[sz] = '\0';
d->data = (unsigned char *)buf;
d->size = sz;
close(fd);
return 0;
} while (0);
int errnum = errno;
log_perror(errh, __FILE__, __LINE__, "%s() %s", __func__, fn);
if (fd >= 0) close(fd);
if (buf) {
gnutls_memset(buf, 0, sz);
gnutls_free(buf);
}
errno = errnum;
return GNUTLS_E_FILE_ERROR;
off_t dlen = 512*1024*1024;/*(arbitrary limit: 512 MB file; expect < 1 MB)*/
char *data = fdevent_load_file(fn, &dlen, errh, gnutls_malloc, gnutls_free);
if (NULL == data) return GNUTLS_E_FILE_ERROR;
d->data = (unsigned char *)data;
d->size = (unsigned int)dlen;
return 0;
#endif
}

79
src/mod_mbedtls.c

@ -87,6 +87,7 @@
#include "http_header.h"
#include "log.h"
#include "plugin.h"
#include "safe_memclear.h"
typedef struct {
/* SNI per host: with COMP_SERVER_SOCKET, COMP_HTTP_SCHEME, COMP_HTTP_HOST */
@ -753,6 +754,70 @@ mod_mbedtls_conf_verify (handler_ctx *hctx, mbedtls_ssl_config *ssl_ctx)
}
/* mbedTLS interfaces are generally excellent. mbedTLS convenience interfaces
* to read CRLs, X509 certs, and private keys are uniformly paranoid about
* clearing memory. At the moment, stdio routines fopen(), fread(), fclose()
* are used for portability, but without setvbuf(stream, NULL, _IOLBF, 0),
* again for portability, since setvbuf() is not necessarily available. Since
* stdio buffers by default, use our own funcs to read files without buffering.
* mbedtls_pk_load_file() includes trailing '\0' in size when contents in PEM
* format, so do the same with the value returned from fdevent_load_file().
*/
static int
mod_mbedtls_x509_crl_parse_file (mbedtls_x509_crl *chain, const char *fn)
{
int rc = MBEDTLS_ERR_X509_FILE_IO_ERROR;
off_t dlen = 512*1024*1024;/*(arbitrary limit: 512 MB file; expect < 1 MB)*/
char *data = fdevent_load_file(fn, &dlen, NULL, malloc, free);
if (NULL == data) return rc;
rc = mbedtls_x509_crl_parse(chain, (unsigned char *)data, (size_t)dlen+1);
if (dlen) safe_memclear(data, (size_t)dlen);
free(data);
return rc;
}
static int
mod_mbedtls_x509_crt_parse_file (mbedtls_x509_crt *chain, const char *fn)
{
int rc = MBEDTLS_ERR_X509_FILE_IO_ERROR;
off_t dlen = 512*1024*1024;/*(arbitrary limit: 512 MB file; expect < 1 MB)*/
char *data = fdevent_load_file(fn, &dlen, NULL, malloc, free);
if (NULL == data) return rc;
rc = mbedtls_x509_crt_parse(chain, (unsigned char *)data, (size_t)dlen+1);
if (dlen) safe_memclear(data, (size_t)dlen);
free(data);
return rc;
}
static int
mod_mbedtls_pk_parse_keyfile (mbedtls_pk_context *ctx, const char *fn, const char *pwd)
{
int rc = MBEDTLS_ERR_PK_FILE_IO_ERROR;
off_t dlen = 512*1024*1024;/*(arbitrary limit: 512 MB file; expect < 1 MB)*/
char *data = fdevent_load_file(fn, &dlen, NULL, malloc, free);
if (NULL == data) return rc;
rc = mbedtls_pk_parse_key(ctx, (unsigned char *)data, (size_t)dlen+1,
(const unsigned char *)pwd,
pwd ? strlen(pwd) : 0);
if (dlen) safe_memclear(data, (size_t)dlen);
free(data);
return rc;
}
static void *
network_mbedtls_load_pemfile (server *srv, const buffer *pemfile, const buffer *privkey)
{
@ -761,7 +826,7 @@ network_mbedtls_load_pemfile (server *srv, const buffer *pemfile, const buffer *
int rc;
mbedtls_x509_crt_init(&ssl_pemfile_x509); /* init cert structure */
rc = mbedtls_x509_crt_parse_file(&ssl_pemfile_x509, pemfile->ptr);
rc = mod_mbedtls_x509_crt_parse_file(&ssl_pemfile_x509, pemfile->ptr);
if (0 != rc) {
elogf(srv->errh, __FILE__, __LINE__, rc,
"PEM file cert read failed (%s)", pemfile->ptr);
@ -769,7 +834,7 @@ network_mbedtls_load_pemfile (server *srv, const buffer *pemfile, const buffer *
}
mbedtls_pk_init(&ssl_pemfile_pkey); /* init private key context */
rc = mbedtls_pk_parse_keyfile(&ssl_pemfile_pkey, privkey->ptr, NULL);
rc = mod_mbedtls_pk_parse_keyfile(&ssl_pemfile_pkey, privkey->ptr, NULL);
if (0 != rc) {
elogf(srv->errh, __FILE__, __LINE__, rc,
"PEM file private key read failed %s", privkey->ptr);
@ -837,7 +902,7 @@ mod_mbedtls_acme_tls_1 (handler_ctx *hctx)
ssl_pemfile_x509 = malloc(sizeof(*ssl_pemfile_x509));
force_assert(ssl_pemfile_x509);
mbedtls_x509_crt_init(ssl_pemfile_x509); /* init cert structure */
rc = mbedtls_x509_crt_parse_file(ssl_pemfile_x509, b->ptr);
rc = mod_mbedtls_x509_crt_parse_file(ssl_pemfile_x509, b->ptr);
if (0 != rc) {
elogf(errh, __FILE__, __LINE__, rc,
"Failed to load acme-tls/1 pemfile: %s", b->ptr);
@ -849,7 +914,7 @@ mod_mbedtls_acme_tls_1 (handler_ctx *hctx)
ssl_pemfile_pkey = malloc(sizeof(*ssl_pemfile_pkey));
force_assert(ssl_pemfile_pkey);
mbedtls_pk_init(ssl_pemfile_pkey); /* init private key context */
rc = mbedtls_pk_parse_keyfile(ssl_pemfile_pkey, b->ptr, NULL);
rc = mod_mbedtls_pk_parse_keyfile(ssl_pemfile_pkey, b->ptr, NULL);
if (0 != rc) {
elogf(errh, __FILE__, __LINE__, rc,
"Failed to load acme-tls/1 pemfile: %s", b->ptr);
@ -1533,7 +1598,8 @@ SETDEFAULTS_FUNC(mod_mbedtls_set_defaults)
mbedtls_x509_crt *cacert = calloc(1, sizeof(*cacert));
force_assert(cacert);
mbedtls_x509_crt_init(cacert);
int rc = mbedtls_x509_crt_parse_file(cacert, cpv->v.b->ptr);
int rc =
mod_mbedtls_x509_crt_parse_file(cacert, cpv->v.b->ptr);
if (0 == rc) {
cpv->vtype = T_CONFIG_LOCAL;
cpv->v.v = cacert;
@ -1552,7 +1618,8 @@ SETDEFAULTS_FUNC(mod_mbedtls_set_defaults)
mbedtls_x509_crl *crl = malloc(sizeof(*crl));
force_assert(crl);
mbedtls_x509_crl_init(crl);
int rc = mbedtls_x509_crl_parse_file(crl, cpv->v.b->ptr);
int rc =
mod_mbedtls_x509_crl_parse_file(crl, cpv->v.b->ptr);
if (0 == rc) {
cpv->vtype = T_CONFIG_LOCAL;
cpv->v.v = crl;

55
src/mod_nss.c

@ -330,57 +330,16 @@ mod_nss_io_dtor (PRFileDesc *ssl)
}
#include <sys/stat.h>
#include <fcntl.h>
#include <limits.h>
#include "fdevent.h"
static int
mod_nss_load_file (const char * const fn, SECItem * const d, log_error_st *errh)
{
int fd = -1;
unsigned int sz = 0;
char *buf = NULL;
do {
fd = fdevent_open_cloexec(fn, 1, O_RDONLY, 0); /*(1: follows symlinks)*/
if (fd < 0) break;
struct stat st;
if (0 != fstat(fd, &st)) break;
if (st.st_size >= UINT_MAX) { /*(file too large for SECItem)*/
errno = EOVERFLOW;
break;
}
sz = (unsigned int)st.st_size;
buf = PORT_Alloc(sz+1); /*(+1 trailing '\0' for str funcs on PEM)*/
if (NULL == buf) break;
ssize_t rd = 0;
unsigned int off = 0;
do {
rd = read(fd, buf+off, sz-off);
} while (rd > 0 ? (off += (unsigned int)rd) != sz : errno == EINTR);
if (off != sz) { /*(file truncated?)*/
if (rd >= 0) errno = EIO;
break;
}
buf[sz] = '\0';
d->type = siBuffer;
d->data = (unsigned char *)buf;
d->len = sz;
close(fd);
return 0;
} while (0);
int errnum = errno;
log_perror(errh, __FILE__, __LINE__, "%s() %s", __func__, fn);
if (fd >= 0) close(fd);
if (buf) {
safe_memclear(buf, sz);
PORT_Free(buf); /* safe_memclear() is safer than PORT_ZFree() */
}
errno = errnum;
return -1;
off_t dlen = 512*1024*1024;/*(arbitrary limit: 512 MB file; expect < 1 MB)*/
char *data = fdevent_load_file(fn, &dlen, errh, PORT_Alloc, PORT_Free);
if (NULL == data) return -1;
d->type = siBuffer;
d->data = (unsigned char *)data;
d->len = (unsigned int)dlen;
return 0;
}

60
src/mod_openssl.c

@ -1403,55 +1403,21 @@ mod_openssl_load_stapling_file (const char *file, log_error_st *errh, buffer *b)
* typically the same size with the signature and dates refreshed.
*/
#ifdef BORINGSSL_API_VERSION
#if defined(BORINGSSL_API_VERSION) \
|| defined(WOLFSSL_VERSION)
/* load raw .der file */
/* (similar to mod_gnutls.c:mod_gnutls_load_file(), but some differences) */
int fd = -1;
uint32_t sz = 0;
char *buf = NULL;
do {
fd = fdevent_open_cloexec(file,1,O_RDONLY,0); /*(1: follows symlinks)*/
if (fd < 0) break;
struct stat st;
if (0 != fstat(fd, &st)) break;
if (st.st_size == 0) break;
if (st.st_size >= UINT32_MAX) { /*(file too large for buffer uint32_t)*/
errno = EOVERFLOW;
break;
}
sz = (uint32_t)st.st_size;
buf = malloc(sz+1); /*(+1 trailing '\0')*/
if (NULL == buf) break;
ssize_t rd = 0;
unsigned int off = 0;
do {
rd = read(fd, buf+off, sz-off);
} while (rd > 0 ? (off += (unsigned int)rd) != sz : errno == EINTR);
if (off != sz) { /*(file truncated?)*/
if (rd >= 0) errno = EIO;
break;
}
if (NULL == b) b = buffer_init();
buffer_copy_string_len(b, buf, sz);
memset(buf, 0, sz);
free(buf);
close(fd);
return b;
} while (0);
int errnum = errno;
log_perror(errh, __FILE__, __LINE__, "%s() %s", __func__, file);
if (fd >= 0) close(fd);
if (buf) {
memset(buf, 0, sz);
free(buf);
}
errno = errnum;
return NULL;;
off_t dlen = 1*1024*1024;/*(arbitrary limit: 1 MB file; expect < 1 KB)*/
char *data = fdevent_load_file(file, &dlen, errh, malloc, free);
if (NULL == data) return NULL;
if (NULL == b)
b = buffer_init();
else if (b->ptr)
free(b->ptr);
b->ptr = data;
b->used = (uint32_t)dlen;
b->size = (uint32_t)dlen+1;
return b;
#else

Loading…
Cancel
Save