18355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum/* Copyright (c) 2012, Jacob Appelbaum 28355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum * Copyright (c) 2012, The Tor Project, Inc. */ 38355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum/* See LICENSE for licensing information */ 48355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 58355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum/** 68355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum * \file tlsdate-helper.h 78355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum * \brief The secondary header for our clock helper. 88355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum **/ 98355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 108355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#ifndef TLSDATEHELPER_H 118355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#define TLSDATEHELPER_H 128355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 138355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <stdarg.h> 148355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <stdint.h> 158355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <stdio.h> 16ad12a3ab71da4d02983b2b440561dea7c0d74c44Jacob Appelbaum#include <string.h> 17f0f17b98fa4c2a5a20a255be4b631d9e3d8bf704Jacob Appelbaum#ifdef TARGET_OS_HAIKU 18f0f17b98fa4c2a5a20a255be4b631d9e3d8bf704Jacob Appelbaum#include <posix/string.h> 19f0f17b98fa4c2a5a20a255be4b631d9e3d8bf704Jacob Appelbaum#include <bsd/string.h> 20f0f17b98fa4c2a5a20a255be4b631d9e3d8bf704Jacob Appelbaum#endif 218355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <unistd.h> 2212e15c91e002c0856b7b3572a33d7d93b30b8049Jacob Appelbaum#include <sys/stat.h> 238355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <sys/time.h> 248355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <sys/types.h> 258355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <sys/wait.h> 268355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <sys/mman.h> 278355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <time.h> 288355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <pwd.h> 298355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <grp.h> 308355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <arpa/inet.h> 315cc5ede6e2ef980880ade9a508e5d84498ba2f84Jacob Appelbaum#include <ctype.h> 32cdc2e2d2f9b1065c0d4c50a4166d16845d4519dcJacob Appelbaum#ifdef HAVE_PRCTL 33cdc2e2d2f9b1065c0d4c50a4166d16845d4519dcJacob Appelbaum#include <sys/prctl.h> 34cdc2e2d2f9b1065c0d4c50a4166d16845d4519dcJacob Appelbaum#endif 358355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 36385386d927176a47bc71b7efaf51fb7806f72d80Paul Bakker#ifndef USE_POLARSSL 378355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <openssl/bio.h> 388355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <openssl/ssl.h> 398355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <openssl/err.h> 408355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <openssl/evp.h> 418355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <openssl/x509.h> 428355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <openssl/conf.h> 438355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#include <openssl/x509v3.h> 44385386d927176a47bc71b7efaf51fb7806f72d80Paul Bakker#endif 458355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 46b24f342311f93ff61a73ba4628dc173d09c50413Jacob Appelbaumint verbose; 47232fa7e93cd02d176ba2501d8d0e6614b2563ac0Jacob Appelbaumint verbose_debug; 48b24f342311f93ff61a73ba4628dc173d09c50413Jacob Appelbaum 49c88a9f7f976f8495fcf27717a292bd1070828192Jacob Appelbaum#include "src/util.h" 50c88a9f7f976f8495fcf27717a292bd1070828192Jacob Appelbaum 518355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum/** Name of user that we feel safe to run SSL handshake with. */ 528355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#ifndef UNPRIV_USER 538355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#define UNPRIV_USER "nobody" 548355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#endif 558355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#ifndef UNPRIV_GROUP 568355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#define UNPRIV_GROUP "nogroup" 578355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#endif 588355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 598355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum// We should never accept a time before we were compiled 608355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum// We measure in seconds since the epoch - eg: echo `date '+%s'` 618355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum// We set this manually to ensure others can reproduce a build; 628355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum// automation of this will make every build different! 638355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#ifndef RECENT_COMPILE_DATE 64c45952f88c568046a02bc0aea793008d8bb37755Will Drewry#define RECENT_COMPILE_DATE 1342323666L 658355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#endif 668355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 678355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#ifndef MAX_REASONABLE_TIME 68c45952f88c568046a02bc0aea793008d8bb37755Will Drewry#define MAX_REASONABLE_TIME 1999991337L 698355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#endif 708355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 718355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#ifndef MIN_PUB_KEY_LEN 728355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#define MIN_PUB_KEY_LEN (uint32_t) 1023 738355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#endif 748355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 758355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#ifndef MIN_ECC_PUB_KEY_LEN 768355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#define MIN_ECC_PUB_KEY_LEN (uint32_t) 160 778355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#endif 788355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 798355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#ifndef MAX_ECC_PUB_KEY_LEN 808355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#define MAX_ECC_PUB_KEY_LEN (uint32_t) 521 818355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#endif 828355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum// After the duration of the TLS handshake exceeds this threshold 838355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum// (in msec), a warning is printed. 848355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#define TLS_RTT_THRESHOLD 2000 858355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 8683a0bb88ce96dceb8b1063ae93bc611fe7aa706fAvery Pennarun// After the duration of the TLS handshake exceeds this threshold 8783a0bb88ce96dceb8b1063ae93bc611fe7aa706fAvery Pennarun// (in msec), we consider the operation to have failed. 8883a0bb88ce96dceb8b1063ae93bc611fe7aa706fAvery Pennarun#define TLS_RTT_UNREASONABLE 30000 8983a0bb88ce96dceb8b1063ae93bc611fe7aa706fAvery Pennarun 906bb4b814c118f040b15b9d1764d872cedff80b6eJacob Appelbaum// RFC 5280 says... 916bb4b814c118f040b15b9d1764d872cedff80b6eJacob Appelbaum// ub-common-name-length INTEGER ::= 64 926bb4b814c118f040b15b9d1764d872cedff80b6eJacob Appelbaum#define MAX_CN_NAME_LENGTH 64 936bb4b814c118f040b15b9d1764d872cedff80b6eJacob Appelbaum 9453a1058d72a070670018b8ab9d4834274858eb5aJacob Appelbaum// RFC 1034 and posix say... 9595d9fd53d2ccf4b377fbdcd6178a730902d5bf80Brian Aker#define TLSDATE_HOST_NAME_MAX 255 9653a1058d72a070670018b8ab9d4834274858eb5aJacob Appelbaum 97ad12a3ab71da4d02983b2b440561dea7c0d74c44Jacob Appelbaum// To support our RFC 2595 wildcard verification 98ad12a3ab71da4d02983b2b440561dea7c0d74c44Jacob Appelbaum#define RFC2595_MIN_LABEL_COUNT 3 99ad12a3ab71da4d02983b2b440561dea7c0d74c44Jacob Appelbaum 100df8cbc962d330c692dc1bac3ce11e8507787131bIngy döt Net// Define a max length for the HTTP Date: header 101df8cbc962d330c692dc1bac3ce11e8507787131bIngy döt Net#define MAX_DATE_LINE_LEN 32 102df8cbc962d330c692dc1bac3ce11e8507787131bIngy döt Net 1037bee41df971fbb325d8eda6a4c4671aa4af9f44cJacob Appelbaum// Define a max length for HTTP headers 1047bee41df971fbb325d8eda6a4c4671aa4af9f44cJacob Appelbaum#define MAX_HTTP_HEADERS_SIZE 8192 1057bee41df971fbb325d8eda6a4c4671aa4af9f44cJacob Appelbaum 1067bee41df971fbb325d8eda6a4c4671aa4af9f44cJacob Appelbaum// Define our basic HTTP request 1077bee41df971fbb325d8eda6a4c4671aa4af9f44cJacob Appelbaum#define HTTP_REQUEST \ 1087bee41df971fbb325d8eda6a4c4671aa4af9f44cJacob Appelbaum "HEAD / HTTP/1.1\r\n" \ 1097bee41df971fbb325d8eda6a4c4671aa4af9f44cJacob Appelbaum "User-Agent: %s\r\n" \ 1107bee41df971fbb325d8eda6a4c4671aa4af9f44cJacob Appelbaum "Host: %s\r\n" \ 1117bee41df971fbb325d8eda6a4c4671aa4af9f44cJacob Appelbaum "\r\n" 1127bee41df971fbb325d8eda6a4c4671aa4af9f44cJacob Appelbaum 1138355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaumstatic int ca_racket; 1148355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 1158355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaumstatic const char *host; 1168355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 1175cc5ede6e2ef980880ade9a508e5d84498ba2f84Jacob Appelbaumstatic const char *hostname_to_verify; 1185cc5ede6e2ef980880ade9a508e5d84498ba2f84Jacob Appelbaum 1198355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaumstatic const char *port; 1208355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 1218355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaumstatic const char *protocol; 1228355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 1234687c5d2e6ba965d362568f9f56239e24d76966dElly Fong-Jonesstatic char *proxy; 1244687c5d2e6ba965d362568f9f56239e24d76966dElly Fong-Jones 12512e15c91e002c0856b7b3572a33d7d93b30b8049Jacob Appelbaumstatic const char *ca_cert_container; 126385386d927176a47bc71b7efaf51fb7806f72d80Paul Bakker#ifndef USE_POLARSSL 1278355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaumvoid openssl_time_callback (const SSL* ssl, int where, int ret); 1288355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaumuint32_t get_certificate_keybits (EVP_PKEY *public_key); 1298355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaumuint32_t check_cn (SSL *ssl, const char *hostname); 1308355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaumuint32_t check_san (SSL *ssl, const char *hostname); 1318355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaumlong openssl_check_against_host_and_verify (SSL *ssl); 1328355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaumuint32_t check_name (SSL *ssl, const char *hostname); 1338355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaumuint32_t verify_signature (SSL *ssl, const char *hostname); 1348355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaumvoid check_key_length (SSL *ssl); 1358355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaumvoid inspect_key (SSL *ssl, const char *hostname); 1368355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaumvoid check_key_length (SSL *ssl); 137385386d927176a47bc71b7efaf51fb7806f72d80Paul Bakkervoid inspect_key (SSL *ssl, const char *hostname); 138385386d927176a47bc71b7efaf51fb7806f72d80Paul Bakker#endif 139ad12a3ab71da4d02983b2b440561dea7c0d74c44Jacob Appelbaumuint32_t dns_label_count (char *label, char *delim); 140ad12a3ab71da4d02983b2b440561dea7c0d74c44Jacob Appelbaumuint32_t check_wildcard_match_rfc2595 (const char *orig_hostname, 141ad12a3ab71da4d02983b2b440561dea7c0d74c44Jacob Appelbaum const char *orig_cert_wild_card); 14216ee83468552bee9205d6de6b3c4633b160986d6Nick Mathewsonstatic void run_ssl (uint32_t *time_map, int time_is_an_illusion, int http); 1438355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum 1448355d738d32b7b0d3e38f1e39c2bd5025796f81bJacob Appelbaum#endif 145