зеркало из https://github.com/mozilla/gecko-dev.git
506 строки
14 KiB
C++
506 строки
14 KiB
C++
/* vim:set ts=2 sw=2 et cindent: */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#include "TLSServerSocket.h"
|
|
|
|
#include "mozilla/net/DNS.h"
|
|
#include "nsAutoPtr.h"
|
|
#include "nsComponentManagerUtils.h"
|
|
#include "nsDependentSubstring.h"
|
|
#include "nsIServerSocket.h"
|
|
#include "nsITimer.h"
|
|
#include "nsIX509Cert.h"
|
|
#include "nsIX509CertDB.h"
|
|
#include "nsNetCID.h"
|
|
#include "nsProxyRelease.h"
|
|
#include "nsServiceManagerUtils.h"
|
|
#include "nsSocketTransport2.h"
|
|
#include "nsThreadUtils.h"
|
|
#include "ScopedNSSTypes.h"
|
|
#include "ssl.h"
|
|
|
|
namespace mozilla {
|
|
namespace net {
|
|
|
|
//-----------------------------------------------------------------------------
|
|
// TLSServerSocket
|
|
//-----------------------------------------------------------------------------
|
|
|
|
TLSServerSocket::TLSServerSocket()
|
|
: mServerCert(nullptr)
|
|
{
|
|
}
|
|
|
|
NS_IMPL_ISUPPORTS_INHERITED(TLSServerSocket,
|
|
nsServerSocket,
|
|
nsITLSServerSocket)
|
|
|
|
nsresult
|
|
TLSServerSocket::SetSocketDefaults()
|
|
{
|
|
// Set TLS options on the listening socket
|
|
mFD = SSL_ImportFD(nullptr, mFD);
|
|
if (NS_WARN_IF(!mFD)) {
|
|
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
|
|
}
|
|
|
|
SSL_OptionSet(mFD, SSL_SECURITY, true);
|
|
SSL_OptionSet(mFD, SSL_HANDSHAKE_AS_CLIENT, false);
|
|
SSL_OptionSet(mFD, SSL_HANDSHAKE_AS_SERVER, true);
|
|
SSL_OptionSet(mFD, SSL_NO_CACHE, true);
|
|
|
|
// We don't currently notify the server API consumer of renegotiation events
|
|
// (to revalidate peer certs, etc.), so disable it for now.
|
|
SSL_OptionSet(mFD, SSL_ENABLE_RENEGOTIATION, SSL_RENEGOTIATE_NEVER);
|
|
|
|
SetSessionTickets(true);
|
|
SetRequestClientCertificate(REQUEST_NEVER);
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
void
|
|
TLSServerSocket::CreateClientTransport(PRFileDesc* aClientFD,
|
|
const NetAddr& aClientAddr)
|
|
{
|
|
MOZ_ASSERT(OnSocketThread(), "not on socket thread");
|
|
nsresult rv;
|
|
|
|
RefPtr<nsSocketTransport> trans = new nsSocketTransport;
|
|
if (NS_WARN_IF(!trans)) {
|
|
mCondition = NS_ERROR_OUT_OF_MEMORY;
|
|
return;
|
|
}
|
|
|
|
RefPtr<TLSServerConnectionInfo> info = new TLSServerConnectionInfo();
|
|
info->mServerSocket = this;
|
|
info->mTransport = trans;
|
|
nsCOMPtr<nsISupports> infoSupports =
|
|
NS_ISUPPORTS_CAST(nsITLSServerConnectionInfo*, info);
|
|
rv = trans->InitWithConnectedSocket(aClientFD, &aClientAddr, infoSupports);
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
mCondition = rv;
|
|
return;
|
|
}
|
|
|
|
// Override the default peer certificate validation, so that server consumers
|
|
// can make their own choice after the handshake completes.
|
|
SSL_AuthCertificateHook(aClientFD, AuthCertificateHook, nullptr);
|
|
// Once the TLS handshake has completed, the server consumer is notified and
|
|
// has access to various TLS state details.
|
|
// It's safe to pass info here because the socket transport holds it as
|
|
// |mSecInfo| which keeps it alive for the lifetime of the socket.
|
|
SSL_HandshakeCallback(aClientFD, TLSServerConnectionInfo::HandshakeCallback,
|
|
info);
|
|
|
|
// Notify the consumer of the new client so it can manage the streams.
|
|
// Security details aren't known yet. The security observer will be notified
|
|
// later when they are ready.
|
|
nsCOMPtr<nsIServerSocket> serverSocket =
|
|
do_QueryInterface(NS_ISUPPORTS_CAST(nsITLSServerSocket*, this));
|
|
mListener->OnSocketAccepted(serverSocket, trans);
|
|
}
|
|
|
|
nsresult
|
|
TLSServerSocket::OnSocketListen()
|
|
{
|
|
if (NS_WARN_IF(!mServerCert)) {
|
|
return NS_ERROR_NOT_INITIALIZED;
|
|
}
|
|
|
|
UniqueCERTCertificate cert(mServerCert->GetCert());
|
|
if (NS_WARN_IF(!cert)) {
|
|
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
|
|
}
|
|
|
|
UniqueSECKEYPrivateKey key(PK11_FindKeyByAnyCert(cert.get(), nullptr));
|
|
if (NS_WARN_IF(!key)) {
|
|
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
|
|
}
|
|
|
|
SSLKEAType certKEA = NSS_FindCertKEAType(cert.get());
|
|
|
|
nsresult rv = MapSECStatus(SSL_ConfigSecureServer(mFD, cert.get(), key.get(),
|
|
certKEA));
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
return rv;
|
|
}
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
// static
|
|
SECStatus
|
|
TLSServerSocket::AuthCertificateHook(void* arg, PRFileDesc* fd, PRBool checksig,
|
|
PRBool isServer)
|
|
{
|
|
// Allow any client cert here, server consumer code can decide whether it's
|
|
// okay after being notified of the new client socket.
|
|
return SECSuccess;
|
|
}
|
|
|
|
//-----------------------------------------------------------------------------
|
|
// TLSServerSocket::nsITLSServerSocket
|
|
//-----------------------------------------------------------------------------
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerSocket::GetServerCert(nsIX509Cert** aCert)
|
|
{
|
|
if (NS_WARN_IF(!aCert)) {
|
|
return NS_ERROR_INVALID_POINTER;
|
|
}
|
|
*aCert = mServerCert;
|
|
NS_IF_ADDREF(*aCert);
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerSocket::SetServerCert(nsIX509Cert* aCert)
|
|
{
|
|
// If AsyncListen was already called (and set mListener), it's too late to set
|
|
// this.
|
|
if (NS_WARN_IF(mListener)) {
|
|
return NS_ERROR_IN_PROGRESS;
|
|
}
|
|
mServerCert = aCert;
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerSocket::SetSessionTickets(bool aEnabled)
|
|
{
|
|
// If AsyncListen was already called (and set mListener), it's too late to set
|
|
// this.
|
|
if (NS_WARN_IF(mListener)) {
|
|
return NS_ERROR_IN_PROGRESS;
|
|
}
|
|
SSL_OptionSet(mFD, SSL_ENABLE_SESSION_TICKETS, aEnabled);
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerSocket::SetRequestClientCertificate(uint32_t aMode)
|
|
{
|
|
// If AsyncListen was already called (and set mListener), it's too late to set
|
|
// this.
|
|
if (NS_WARN_IF(mListener)) {
|
|
return NS_ERROR_IN_PROGRESS;
|
|
}
|
|
SSL_OptionSet(mFD, SSL_REQUEST_CERTIFICATE, aMode != REQUEST_NEVER);
|
|
|
|
switch (aMode) {
|
|
case REQUEST_ALWAYS:
|
|
SSL_OptionSet(mFD, SSL_REQUIRE_CERTIFICATE, SSL_REQUIRE_NO_ERROR);
|
|
break;
|
|
case REQUIRE_FIRST_HANDSHAKE:
|
|
SSL_OptionSet(mFD, SSL_REQUIRE_CERTIFICATE, SSL_REQUIRE_FIRST_HANDSHAKE);
|
|
break;
|
|
case REQUIRE_ALWAYS:
|
|
SSL_OptionSet(mFD, SSL_REQUIRE_CERTIFICATE, SSL_REQUIRE_ALWAYS);
|
|
break;
|
|
default:
|
|
SSL_OptionSet(mFD, SSL_REQUIRE_CERTIFICATE, SSL_REQUIRE_NEVER);
|
|
}
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerSocket::SetCipherSuites(uint16_t* aCipherSuites, uint32_t aLength)
|
|
{
|
|
// If AsyncListen was already called (and set mListener), it's too late to set
|
|
// this.
|
|
if (NS_WARN_IF(mListener)) {
|
|
return NS_ERROR_IN_PROGRESS;
|
|
}
|
|
|
|
for (uint16_t i = 0; i < SSL_NumImplementedCiphers; ++i) {
|
|
uint16_t cipher_id = SSL_ImplementedCiphers[i];
|
|
if (SSL_CipherPrefSet(mFD, cipher_id, false) != SECSuccess) {
|
|
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
|
|
}
|
|
}
|
|
|
|
for (uint32_t i = 0; i < aLength; ++i) {
|
|
if (SSL_CipherPrefSet(mFD, aCipherSuites[i], true) != SECSuccess) {
|
|
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
|
|
}
|
|
}
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerSocket::SetVersionRange(uint16_t aMinVersion, uint16_t aMaxVersion)
|
|
{
|
|
// If AsyncListen was already called (and set mListener), it's too late to set
|
|
// this.
|
|
if (NS_WARN_IF(mListener)) {
|
|
return NS_ERROR_IN_PROGRESS;
|
|
}
|
|
|
|
SSLVersionRange range = {aMinVersion, aMaxVersion};
|
|
if (SSL_VersionRangeSet(mFD, &range) != SECSuccess) {
|
|
return mozilla::psm::GetXPCOMFromNSSError(PR_GetError());
|
|
}
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
//-----------------------------------------------------------------------------
|
|
// TLSServerConnectionInfo
|
|
//-----------------------------------------------------------------------------
|
|
|
|
namespace {
|
|
|
|
class TLSServerSecurityObserverProxy final : public nsITLSServerSecurityObserver
|
|
{
|
|
~TLSServerSecurityObserverProxy() = default;
|
|
|
|
public:
|
|
explicit TLSServerSecurityObserverProxy(nsITLSServerSecurityObserver* aListener)
|
|
: mListener(new nsMainThreadPtrHolder<nsITLSServerSecurityObserver>(
|
|
"TLSServerSecurityObserverProxy::mListener", aListener))
|
|
{ }
|
|
|
|
NS_DECL_THREADSAFE_ISUPPORTS
|
|
NS_DECL_NSITLSSERVERSECURITYOBSERVER
|
|
|
|
class OnHandshakeDoneRunnable : public Runnable
|
|
{
|
|
public:
|
|
OnHandshakeDoneRunnable(
|
|
const nsMainThreadPtrHandle<nsITLSServerSecurityObserver>& aListener,
|
|
nsITLSServerSocket* aServer,
|
|
nsITLSClientStatus* aStatus)
|
|
: Runnable("net::TLSServerSecurityObserverProxy::OnHandshakeDoneRunnable")
|
|
, mListener(aListener)
|
|
, mServer(aServer)
|
|
, mStatus(aStatus)
|
|
{ }
|
|
|
|
NS_DECL_NSIRUNNABLE
|
|
|
|
private:
|
|
nsMainThreadPtrHandle<nsITLSServerSecurityObserver> mListener;
|
|
nsCOMPtr<nsITLSServerSocket> mServer;
|
|
nsCOMPtr<nsITLSClientStatus> mStatus;
|
|
};
|
|
|
|
private:
|
|
nsMainThreadPtrHandle<nsITLSServerSecurityObserver> mListener;
|
|
};
|
|
|
|
NS_IMPL_ISUPPORTS(TLSServerSecurityObserverProxy,
|
|
nsITLSServerSecurityObserver)
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerSecurityObserverProxy::OnHandshakeDone(nsITLSServerSocket* aServer,
|
|
nsITLSClientStatus* aStatus)
|
|
{
|
|
RefPtr<OnHandshakeDoneRunnable> r =
|
|
new OnHandshakeDoneRunnable(mListener, aServer, aStatus);
|
|
return NS_DispatchToMainThread(r);
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerSecurityObserverProxy::OnHandshakeDoneRunnable::Run()
|
|
{
|
|
mListener->OnHandshakeDone(mServer, mStatus);
|
|
return NS_OK;
|
|
}
|
|
|
|
} // namespace
|
|
|
|
NS_IMPL_ISUPPORTS(TLSServerConnectionInfo,
|
|
nsITLSServerConnectionInfo,
|
|
nsITLSClientStatus)
|
|
|
|
TLSServerConnectionInfo::TLSServerConnectionInfo()
|
|
: mServerSocket(nullptr)
|
|
, mTransport(nullptr)
|
|
, mPeerCert(nullptr)
|
|
, mTlsVersionUsed(TLS_VERSION_UNKNOWN)
|
|
, mKeyLength(0)
|
|
, mMacLength(0)
|
|
, mLock("TLSServerConnectionInfo.mLock")
|
|
, mSecurityObserver(nullptr)
|
|
{
|
|
}
|
|
|
|
TLSServerConnectionInfo::~TLSServerConnectionInfo()
|
|
{
|
|
if (!mSecurityObserver) {
|
|
return;
|
|
}
|
|
|
|
RefPtr<nsITLSServerSecurityObserver> observer;
|
|
{
|
|
MutexAutoLock lock(mLock);
|
|
observer = mSecurityObserver.forget();
|
|
}
|
|
|
|
if (observer) {
|
|
NS_ReleaseOnMainThreadSystemGroup(
|
|
"TLSServerConnectionInfo::mSecurityObserver", observer.forget());
|
|
}
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerConnectionInfo::SetSecurityObserver(nsITLSServerSecurityObserver* aObserver)
|
|
{
|
|
{
|
|
MutexAutoLock lock(mLock);
|
|
mSecurityObserver = new TLSServerSecurityObserverProxy(aObserver);
|
|
}
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerConnectionInfo::GetServerSocket(nsITLSServerSocket** aSocket)
|
|
{
|
|
if (NS_WARN_IF(!aSocket)) {
|
|
return NS_ERROR_INVALID_POINTER;
|
|
}
|
|
*aSocket = mServerSocket;
|
|
NS_IF_ADDREF(*aSocket);
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerConnectionInfo::GetStatus(nsITLSClientStatus** aStatus)
|
|
{
|
|
if (NS_WARN_IF(!aStatus)) {
|
|
return NS_ERROR_INVALID_POINTER;
|
|
}
|
|
*aStatus = this;
|
|
NS_IF_ADDREF(*aStatus);
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerConnectionInfo::GetPeerCert(nsIX509Cert** aCert)
|
|
{
|
|
if (NS_WARN_IF(!aCert)) {
|
|
return NS_ERROR_INVALID_POINTER;
|
|
}
|
|
*aCert = mPeerCert;
|
|
NS_IF_ADDREF(*aCert);
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerConnectionInfo::GetTlsVersionUsed(int16_t* aTlsVersionUsed)
|
|
{
|
|
if (NS_WARN_IF(!aTlsVersionUsed)) {
|
|
return NS_ERROR_INVALID_POINTER;
|
|
}
|
|
*aTlsVersionUsed = mTlsVersionUsed;
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerConnectionInfo::GetCipherName(nsACString& aCipherName)
|
|
{
|
|
aCipherName.Assign(mCipherName);
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerConnectionInfo::GetKeyLength(uint32_t* aKeyLength)
|
|
{
|
|
if (NS_WARN_IF(!aKeyLength)) {
|
|
return NS_ERROR_INVALID_POINTER;
|
|
}
|
|
*aKeyLength = mKeyLength;
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TLSServerConnectionInfo::GetMacLength(uint32_t* aMacLength)
|
|
{
|
|
if (NS_WARN_IF(!aMacLength)) {
|
|
return NS_ERROR_INVALID_POINTER;
|
|
}
|
|
*aMacLength = mMacLength;
|
|
return NS_OK;
|
|
}
|
|
|
|
// static
|
|
void
|
|
TLSServerConnectionInfo::HandshakeCallback(PRFileDesc* aFD, void* aArg)
|
|
{
|
|
RefPtr<TLSServerConnectionInfo> info =
|
|
static_cast<TLSServerConnectionInfo*>(aArg);
|
|
nsISocketTransport* transport = info->mTransport;
|
|
// No longer needed outside this function, so clear the weak ref
|
|
info->mTransport = nullptr;
|
|
nsresult rv = info->HandshakeCallback(aFD);
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
transport->Close(rv);
|
|
}
|
|
}
|
|
|
|
nsresult
|
|
TLSServerConnectionInfo::HandshakeCallback(PRFileDesc* aFD)
|
|
{
|
|
nsresult rv;
|
|
|
|
UniqueCERTCertificate clientCert(SSL_PeerCertificate(aFD));
|
|
if (clientCert) {
|
|
nsCOMPtr<nsIX509CertDB> certDB =
|
|
do_GetService(NS_X509CERTDB_CONTRACTID, &rv);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
|
|
nsCOMPtr<nsIX509Cert> clientCertPSM;
|
|
nsDependentCSubstring certDER(
|
|
reinterpret_cast<char*>(clientCert->derCert.data),
|
|
clientCert->derCert.len);
|
|
rv = certDB->ConstructX509(certDER, getter_AddRefs(clientCertPSM));
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
|
|
mPeerCert = clientCertPSM;
|
|
}
|
|
|
|
SSLChannelInfo channelInfo;
|
|
rv = MapSECStatus(SSL_GetChannelInfo(aFD, &channelInfo, sizeof(channelInfo)));
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
mTlsVersionUsed = channelInfo.protocolVersion;
|
|
|
|
SSLCipherSuiteInfo cipherInfo;
|
|
rv = MapSECStatus(SSL_GetCipherSuiteInfo(channelInfo.cipherSuite, &cipherInfo,
|
|
sizeof(cipherInfo)));
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
mCipherName.Assign(cipherInfo.cipherSuiteName);
|
|
mKeyLength = cipherInfo.effectiveKeyBits;
|
|
mMacLength = cipherInfo.macBits;
|
|
|
|
if (!mSecurityObserver) {
|
|
return NS_OK;
|
|
}
|
|
|
|
// Notify consumer code that handshake is complete
|
|
nsCOMPtr<nsITLSServerSecurityObserver> observer;
|
|
{
|
|
MutexAutoLock lock(mLock);
|
|
mSecurityObserver.swap(observer);
|
|
}
|
|
nsCOMPtr<nsITLSServerSocket> serverSocket;
|
|
GetServerSocket(getter_AddRefs(serverSocket));
|
|
observer->OnHandshakeDone(serverSocket, this);
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
} // namespace net
|
|
} // namespace mozilla
|