www.gitorious.org Git - gnutls:gnutls.git/blob

1 /*

3 *

4 * Author: Nikos Mavrogiannopoulos

5 *

6 * This file is part of GnuTLS.

7 *

8 * The GnuTLS is free software; you can redistribute it and/or

9 * modify it under the terms of the GNU Lesser General Public License

10 * as published by the Free Software Foundation; either version 3 of

11 * the License, or (at your option) any later version.

12 *

13 * This library is distributed in the hope that it will be useful, but

14 * WITHOUT ANY WARRANTY; without even the implied warranty of

15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

16 * Lesser General Public License for more details.

17 *

18 * You should have received a copy of the GNU Lesser General Public License

19 * along with this program. If not, see <http://www.gnu.org/licenses/>

20 *

21 */

23 #include <system.h>

24 #include <gnutls_int.h>

25 #include <gnutls_errors.h>

27 #include <errno.h>

28 #include <sys/stat.h>

29 #include <sys/types.h>

30 #include <c-ctype.h>

32 #ifdef _WIN32

33 # include <windows.h>

34 # include <wincrypt.h>

35 # if defined(__MINGW32__) && !defined(__MINGW64__) && __MINGW32_MAJOR_VERSION <= 3 && __MINGW32_MINOR_VERSION <= 20

36 typedef PCCRL_CONTEXT WINAPI (*Type_CertEnumCRLsInStore) (HCERTSTORE hCertStore, PCCRL_CONTEXT pPrevCrlContext);

37 static Type_CertEnumCRLsInStore Loaded_CertEnumCRLsInStore;

38 static HMODULE Crypt32_dll;

39 # else

40 # define Loaded_CertEnumCRLsInStore CertEnumCRLsInStore

41 # endif

42 #else

43 # ifdef HAVE_PTHREAD_LOCKS

44 # include <pthread.h>

45 # endif

47 # if defined(HAVE_GETPWUID_R)

48 # include <pwd.h>

49 # endif

50 #endif

52 /* We need to disable gnulib's replacement wrappers to get native

53 Windows interfaces. */

54 #undef recv

55 #undef send

56 #undef select

58 /* System specific function wrappers.

59 */

61 #ifdef _WIN32

62 int

63 system_errno (gnutls_transport_ptr p)

64 {

65 int tmperr = WSAGetLastError ();

66 int ret = 0;

67 switch (tmperr)

68 {

69 case WSAEWOULDBLOCK:

70 ret = EAGAIN;

71 break;

72 case NO_ERROR:

73 ret = 0;

74 break;

75 case WSAEINTR:

76 ret = EINTR;

77 break;

78 case WSAEMSGSIZE:

79 ret = EMSGSIZE;

80 break;

81 default:

82 ret = EIO;

83 break;

84 }

85 WSASetLastError (tmperr);

87 return ret;

88 }

90 ssize_t

91 system_write (gnutls_transport_ptr ptr, const void *data, size_t data_size)

92 {

93 return send (GNUTLS_POINTER_TO_INT (ptr), data, data_size, 0);

94 }

95 #else /* POSIX */

96 int

97 system_errno (gnutls_transport_ptr_t ptr)

98 {

99 #if defined(_AIX) || defined(AIX)

100 if (errno == 0) errno = EAGAIN;

101 #endif

102

103 return errno;

104 }

105

106 ssize_t

107 system_writev (gnutls_transport_ptr_t ptr, const giovec_t * iovec,

108 int iovec_cnt)

109 {

110 return writev (GNUTLS_POINTER_TO_INT (ptr), (struct iovec *) iovec,

111 iovec_cnt);

112

113 }

114 #endif

115

116 ssize_t

117 system_read (gnutls_transport_ptr_t ptr, void *data, size_t data_size)

118 {

119 return recv (GNUTLS_POINTER_TO_INT (ptr), data, data_size, 0);

120 }

121

122 /* Wait for data to be received within a timeout period in milliseconds.

123 * To catch a termination it will also try to receive 0 bytes from the

124 * socket if select reports to proceed.

125 *

126 * Returns -1 on error, 0 on timeout, positive value if data are available for reading.

127 */

128 int system_recv_timeout(gnutls_transport_ptr_t ptr, unsigned int ms)

129 {

130 fd_set rfds;

131 struct timeval tv;

132 int ret;

133 int fd = GNUTLS_POINTER_TO_INT(ptr);

134

135 FD_ZERO(&rfds);

136 FD_SET(fd, &rfds);

137

138 tv.tv_sec = 0;

139 tv.tv_usec = ms * 1000;

140

141 while(tv.tv_usec >= 1000000)

142 {

143 tv.tv_usec -= 1000000;

144 tv.tv_sec++;

145 }

146

147 ret = select(fd+1, &rfds, NULL, NULL, &tv);

148 if (ret <= 0)

149 return ret;

150

151 return ret;

152 }

153

154 /* Thread stuff */

155

156 #ifdef HAVE_WIN32_LOCKS

157 static int

158 gnutls_system_mutex_init (void **priv)

159 {

160 CRITICAL_SECTION *lock = malloc (sizeof (CRITICAL_SECTION));

161

162 if (lock == NULL)

163 return GNUTLS_E_MEMORY_ERROR;

164

165 InitializeCriticalSection (lock);

166

167 *priv = lock;

168

169 return 0;

170 }

171

172 static int

173 gnutls_system_mutex_deinit (void **priv)

174 {

175 DeleteCriticalSection ((CRITICAL_SECTION *) * priv);

176 free (*priv);

177

178 return 0;

179 }

180

181 static int

182 gnutls_system_mutex_lock (void **priv)

183 {

184 EnterCriticalSection ((CRITICAL_SECTION *) * priv);

185 return 0;

186 }

187

188 static int

189 gnutls_system_mutex_unlock (void **priv)

190 {

191 LeaveCriticalSection ((CRITICAL_SECTION *) * priv);

192 return 0;

193 }

194

195 #endif /* WIN32_LOCKS */

196

197 #ifdef HAVE_PTHREAD_LOCKS

198

199 static int

200 gnutls_system_mutex_init (void **priv)

201 {

202 pthread_mutex_t *lock = malloc (sizeof (pthread_mutex_t));

203 int ret;

204

205 if (lock == NULL)

206 return GNUTLS_E_MEMORY_ERROR;

207

208 ret = pthread_mutex_init (lock, NULL);

209 if (ret)

210 {

211 free (lock);

212 gnutls_assert ();

213 return GNUTLS_E_LOCKING_ERROR;

214 }

215

216 *priv = lock;

217

218 return 0;

219 }

220

221 static int

222 gnutls_system_mutex_deinit (void **priv)

223 {

224 pthread_mutex_destroy ((pthread_mutex_t *) * priv);

225 free (*priv);

226 return 0;

227 }

228

229 static int

230 gnutls_system_mutex_lock (void **priv)

231 {

232 if (pthread_mutex_lock ((pthread_mutex_t *) * priv))

233 {

234 gnutls_assert ();

235 return GNUTLS_E_LOCKING_ERROR;

236 }

237

238 return 0;

239 }

240

241 static int

242 gnutls_system_mutex_unlock (void **priv)

243 {

244 if (pthread_mutex_unlock ((pthread_mutex_t *) * priv))

245 {

246 gnutls_assert ();

247 return GNUTLS_E_LOCKING_ERROR;

248 }

249

250 return 0;

251 }

252

253 #endif /* PTHREAD_LOCKS */

254

255 #ifdef HAVE_NO_LOCKS

256

257 static int

258 gnutls_system_mutex_init (void **priv)

259 {

260 return 0;

261 }

262

263 static int

264 gnutls_system_mutex_deinit (void **priv)

265 {

266 return 0;

267 }

268

269 static int

270 gnutls_system_mutex_lock (void **priv)

271 {

272 return 0;

273 }

274

275 static int

276 gnutls_system_mutex_unlock (void **priv)

277 {

278 return 0;

279 }

280

281 #endif /* NO_LOCKS */

282

283 gnutls_time_func gnutls_time = time;

284 mutex_init_func gnutls_mutex_init = gnutls_system_mutex_init;

285 mutex_deinit_func gnutls_mutex_deinit = gnutls_system_mutex_deinit;

286 mutex_lock_func gnutls_mutex_lock = gnutls_system_mutex_lock;

287 mutex_unlock_func gnutls_mutex_unlock = gnutls_system_mutex_unlock;

288

289 int

290 gnutls_system_global_init ()

291 {

292 #ifdef _WIN32

293 # if defined(__MINGW32__) && !defined(__MINGW64__) && __MINGW32_MAJOR_VERSION <= 3 && __MINGW32_MINOR_VERSION <= 20

294 HMODULE crypto;

295 crypto = LoadLibraryA ("Crypt32.dll");

296

297 if (crypto == NULL)

298 return GNUTLS_E_CRYPTO_INIT_FAILED;

299

300 Loaded_CertEnumCRLsInStore = (Type_CertEnumCRLsInStore) GetProcAddress (crypto, "CertEnumCRLsInStore");

301 if (Loaded_CertEnumCRLsInStore == NULL)

302 {

303 FreeLibrary (crypto);

304 return GNUTLS_E_CRYPTO_INIT_FAILED;

305 }

306

307 Crypt32_dll = crypto;

308 # endif

309 #endif

310 return 0;

311 }

312

313 void

314 gnutls_system_global_deinit ()

315 {

316 #ifdef _WIN32

317 # if defined(__MINGW32__) && !defined(__MINGW64__) && __MINGW32_MAJOR_VERSION <= 3 && __MINGW32_MINOR_VERSION <= 20

318 FreeLibrary (Crypt32_dll);

319 # endif

320 #endif

321 }

322

323

324 #define CONFIG_PATH ".gnutls"

325

326 /* Returns a path to store user-specific configuration

327 * data.

328 */

329 int _gnutls_find_config_path(char* path, size_t max_size)

330 {

331 char tmp_home_dir[1024];

332 const char *home_dir = getenv ("HOME");

333

334 #ifdef _WIN32

335 if (home_dir == NULL || home_dir[0] == '\0')

336 {

337 const char *home_drive = getenv ("HOMEDRIVE");

338 const char *home_path = getenv ("HOMEPATH");

339

340 if (home_drive != NULL && home_path != NULL)

341 {

342 snprintf(tmp_home_dir, sizeof(tmp_home_dir), "%s%s", home_drive, home_path);

343 }

344 else

345 {

346 tmp_home_dir[0] = 0;

347 }

348

349 home_dir = tmp_home_dir;

350 }

351 #elif defined(HAVE_GETPWUID_R)

352 if (home_dir == NULL || home_dir[0] == '\0')

353 {

354 struct passwd *pwd;

355 struct passwd _pwd;

356 char buf[1024];

357

358 getpwuid_r(getuid(), &_pwd, buf, sizeof(buf), &pwd);

359 if (pwd != NULL)

360 {

361 snprintf(tmp_home_dir, sizeof(tmp_home_dir), "%s", pwd->pw_dir);

362 }

363 else

364 {

365 tmp_home_dir[0] = 0;

366 }

367

368 home_dir = tmp_home_dir;

369 }

370 #else

371 if (home_dir == NULL || home_dir[0] == '\0')

372 {

373 tmp_home_dir[0] = 0;

374 home_dir = tmp_home_dir;

375 }

376 #endif

377

378 if (home_dir == NULL || home_dir[0] == 0)

379 path[0] = 0;

380 else

381 snprintf(path, max_size, "%s/"CONFIG_PATH, home_dir);

382

383 return 0;

384 }

385

386 /**

387 * gnutls_x509_trust_list_add_system_trust:

388 * @list: The structure of the list

389 * @tl_flags: GNUTLS_TL_*

390 * @tl_vflags: gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL

391 *

392 * This function adds the system's default trusted certificate

393 * authorities to the trusted list. Note that on unsupported system

394 * this function returns %GNUTLS_E_UNIMPLEMENTED_FEATURE.

395 *

396 * Returns: The number of added elements or a negative error code on error.

397 *

398 * Since: 3.1

399 **/

400 int

401 gnutls_x509_trust_list_add_system_trust(gnutls_x509_trust_list_t list,

402 unsigned int tl_flags, unsigned int tl_vflags)

403 {

404 #if !defined(DEFAULT_TRUST_STORE_PKCS11) && !defined(DEFAULT_TRUST_STORE_FILE) && !defined(_WIN32)

405 return GNUTLS_E_UNIMPLEMENTED_FEATURE;

406 #else

407 int ret, r = 0;

408 const char* crl_file =

409 # ifdef DEFAULT_CRL_FILE

410 DEFAULT_CRL_FILE;

411 # else

412 NULL;

413 # endif

414

415 # ifdef _WIN32

416 unsigned int i;

417

418 for (i=0;i<2;i++)

419 {

420 HCERTSTORE store;

421 const CERT_CONTEXT *cert;

422 const CRL_CONTEXT *crl;

423 gnutls_datum_t data;

424

425 if (i==0) store = CertOpenSystemStore(0, "ROOT");

426 else store = CertOpenSystemStore(0, "CA");

427

428 if (store == NULL) return GNUTLS_E_FILE_ERROR;

429

430 cert = CertEnumCertificatesInStore(store, NULL);

431 crl = Loaded_CertEnumCRLsInStore(store, NULL);

432

433 while(cert != NULL)

434 {

435 if (cert->dwCertEncodingType == X509_ASN_ENCODING)

436 {

437 data.data = cert->pbCertEncoded;

438 data.size = cert->cbCertEncoded;

439 if (gnutls_x509_trust_list_add_trust_mem(list, &data, NULL, GNUTLS_X509_FMT_DER, tl_flags, tl_vflags) > 0)

440 r++;

441 }

442 cert = CertEnumCertificatesInStore(store, cert);

443 }

444

445 while(crl != NULL)

446 {

447 if (crl->dwCertEncodingType == X509_ASN_ENCODING)

448 {

449 data.data = crl->pbCrlEncoded;

450 data.size = crl->cbCrlEncoded;

451 gnutls_x509_trust_list_add_trust_mem(list, NULL, &data, GNUTLS_X509_FMT_DER, tl_flags, tl_vflags);

452 }

453 crl = Loaded_CertEnumCRLsInStore(store, crl);

454 }

455 CertCloseStore(store, 0);

456 }

457 # endif

458

459 # if defined(ENABLE_PKCS11) && defined(DEFAULT_TRUST_STORE_PKCS11)

460 ret = gnutls_x509_trust_list_add_trust_file(list, DEFAULT_TRUST_STORE_PKCS11, crl_file,

461 GNUTLS_X509_FMT_DER, tl_flags, tl_vflags);

462 if (ret > 0)

463 r += ret;

464 # endif

465

466 # ifdef DEFAULT_TRUST_STORE_FILE

467 ret = gnutls_x509_trust_list_add_trust_file(list, DEFAULT_TRUST_STORE_FILE, crl_file,

468 GNUTLS_X509_FMT_PEM, tl_flags, tl_vflags);

469 if (ret > 0)

470 r += ret;

471 # endif

472 return r;

473 #endif

474 }

475

476 #if defined(HAVE_ICONV)

477

478 # include <iconv.h>

479

480 int _gnutls_ucs2_to_utf8(const void* data, size_t size, gnutls_datum_t *output)

481 {

482 iconv_t conv;

483 int ret;

484 size_t orig, dstlen = size*2;

485 char* src = (void*)data;

486 char* dst, *pdst;

487

488 if (size == 0)

489 return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

490

491 conv = iconv_open("UTF-8", "UTF-16BE");

492 if (conv == (iconv_t)-1)

493 return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);

494

495 pdst = dst = gnutls_malloc(dstlen+1);

496 if (dst == NULL)

497 {

498 ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);

499 goto cleanup;

500 }

501

502 orig = dstlen;

503 ret = iconv(conv, &src, &size, &pdst, &dstlen);

504 if (ret == -1)

505 {

506 ret = gnutls_assert_val(GNUTLS_E_PARSING_ERROR);

507 goto cleanup;

508 }

509

510

511 output->data = (void*)dst;

512 output->size = orig-dstlen;

513 output->data[output->size] = 0;

514

515 ret = 0;

516

517 cleanup:

518 iconv_close(conv);

519

520 return ret;

521 }

522 #elif defined(_WIN32)

523 #include <winnls.h>

524

525 /* Can convert only english */

526 int _gnutls_ucs2_to_utf8(const void* data, size_t size, gnutls_datum_t *output)

527 {

528 int ret;

529 unsigned i;

530 int len = 0, src_len;

531 char* dst = NULL;

532 char* src = NULL;

533

534 src_len = size/2;

535

536 src = gnutls_malloc(size);

537 if (src == NULL)

538 return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);

539

540 /* convert to LE */

541 for (i=0;i<size;i+=2)

542 {

543 src[i] = ((char*)data)[1+i];

544 src[1+i] = ((char*)data)[i];

545 }

546

547 ret = WideCharToMultiByte(CP_UTF8, MB_ERR_INVALID_CHARS, (void*)src, src_len,

548 NULL, 0, NULL, NULL);

549 if (ret == 0)

550 {

551 ret = gnutls_assert_val(GNUTLS_E_PARSING_ERROR);

552 goto fail;

553 }

554

555 len = ret+1;

556 dst = gnutls_malloc(len);

557 if (dst == NULL)

558 {

559 ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);

560 goto fail;

561 }

562

563 ret = WideCharToMultiByte(CP_UTF8, MB_ERR_INVALID_CHARS, (void*)src, src_len,

564 dst, len, NULL, NULL);

565 if (ret == 0)

566 {

567 ret = gnutls_assert_val(GNUTLS_E_PARSING_ERROR);

568 goto fail;

569 }

570

571 output->data = dst;

572 output->size = ret;

573 ret = 0;

574 goto cleanup;

575

576 fail:

577 gnutls_free(dst);

578

579 cleanup:

580 gnutls_free(src);

581 return ret;

582 }

583

584 #else

585

586 /* Can convert only english (ASCII) */

587 int _gnutls_ucs2_to_utf8(const void* data, size_t size, gnutls_datum_t *output)

588 {

589 unsigned int i, j;

590 char* dst;

591 const char *src = data;

592

593 if (size == 0 || size % 2 != 0)

594 return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

595

596 dst = gnutls_malloc(size+1);

597 if (dst == NULL)

598 return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);

599

600 for (i=j=0;i<size;i+=2,j++)

601 {

602 if (src[i] != 0 || !isascii(src[i+1]))

603 return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);

604 dst[j] = src[i+1];

605 }

606

607 output->data = (void*)dst;

608 output->size = j;

609 output->data[output->size] = 0;

610

611 return 0;

612 }

613 #endif