可以检测certificate pinning和mutual authentication。

2019-05-16 20:33:42 +08:00
parent ace7dd4379
commit 630a3dba60
9 changed files with 355 additions and 68 deletions
--- a/platform/src/ssl_stream.cpp
+++ b/platform/src/ssl_stream.cpp
@@ -39,9 +39,11 @@
 #include <ssl_sess_cache.h>
 #include <ssl_trusted_cert_storage.h>
 #include <ssl_utils.h>
+#include <ssl_service_cache.h>
 #include <platform.h>

-static int SSL_EX_DATA_IDX_SSLMGR;
+static int SSL_CTX_EX_DATA_IDX_SSLMGR;
+static int SSL_EX_DATA_IDX_SSLSTREAM;

 #define MAX_NET_RETRIES        50
 #define	LATENCY_WARNING_THRESHOLD_MS		1000
@@ -131,6 +133,7 @@ struct ssl_mgr

 	struct sess_cache * down_sess_cache;
 	struct sess_cache * up_sess_cache;
+	struct ssl_service_cache* svc_cache;
 	struct session_ticket_key ticket_key;

 	char default_ciphers[TFE_SYMBOL_MAX];
@@ -175,6 +178,7 @@ struct ssl_upstream_parts
 	struct cert_verify_param verify_param;
 	struct cert_verify_result verify_result;
 	char verify_failed_action;
+	struct ssl_service_status svc_status;
 	
 	struct ssl_bypass bypass_condition;
 	struct ssl_chello * client_hello;
@@ -182,7 +186,7 @@ struct ssl_upstream_parts
 };
 struct ssl_downstream_parts
 {
-	struct keyring * keyring;	
+	struct keyring * keyring;
 };
 struct ssl_stream
 {
@@ -195,6 +199,7 @@ struct ssl_stream
 		struct ssl_downstream_parts down_parts;
 	};
 	const unsigned char* alpn_selected;	//reference to SSL_ALPN_HTTP_2/SSL_ALPN_HTTP_1_1
+	struct ssl_stream* peer;
 	struct __ssl_stream_debug _do_not_use;
 };

@@ -588,7 +593,8 @@ struct ssl_mgr * ssl_manager_init(const char * ini_profile, const char * section
 	}
 	//tfe2a uses SSLv23_method, it was been deprecated and replaced with the TLS_method() in openssl 1.1.0.
 	mgr->sslmethod = TLS_method;
-    SSL_EX_DATA_IDX_SSLMGR   = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL);
+    SSL_CTX_EX_DATA_IDX_SSLMGR = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL);
+	SSL_EX_DATA_IDX_SSLSTREAM  = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL);
 	MESA_load_profile_uint_def(ini_profile, section, "ssl_compression", &(mgr->sslcomp), 1);
 	MESA_load_profile_uint_def(ini_profile, section, "no_ssl2", &(mgr->no_ssl2), 1);
 	MESA_load_profile_uint_def(ini_profile, section, "no_ssl3", &(mgr->no_ssl3), 1);
@@ -615,6 +621,7 @@ struct ssl_mgr * ssl_manager_init(const char * ini_profile, const char * section
 		mgr->up_sess_cache = ssl_sess_cache_create(mgr->cache_slots, mgr->sess_expire_seconds, CONN_DIR_UPSTREAM);
 		mgr->down_sess_cache = ssl_sess_cache_create(mgr->cache_slots, mgr->sess_expire_seconds, CONN_DIR_DOWNSTREAM);
 	}
+	mgr->svc_cache=ssl_service_cache_create(mgr->cache_slots, mgr->sess_expire_seconds);

 	//Reference to NGINX: http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_ticket_key
 	//Support key rotation in futher.
@@ -780,6 +787,14 @@ static void ssl_async_peek_client_hello(struct future * f, evutil_socket_t fd, i
 	event_add(ctx->ev, NULL);
 	return;
 }
+int ossl_client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
+{
+	struct ssl_stream* s_upstream=NULL;
+	s_upstream=(struct ssl_stream*)SSL_get_ex_data(ssl, SSL_EX_DATA_IDX_SSLSTREAM);
+	s_upstream->up_parts.svc_status.is_mutual_auth=1;
+	ssl_service_cache_write(s_upstream->mgr->svc_cache, s_upstream->up_parts.client_hello, &s_upstream->up_parts.svc_status);
+	return 0;
+}

 /*
 * Create new SSL context for outgoing connections to the original destination.
@@ -818,13 +833,14 @@ static SSL * upstream_ssl_create(struct ssl_mgr * mgr, struct ssl_stream* s_stre
 	}
 	
 	SSL_CTX_set_verify(sslctx, SSL_VERIFY_NONE, NULL);
+	SSL_CTX_set_client_cert_cb(sslctx, ossl_client_cert_cb);
 	ssl = SSL_new(sslctx);
 	SSL_CTX_free(sslctx);  /* SSL_new() increments refcount */
-
 	if (!ssl)
 	{
 		return NULL;
 	}
+	SSL_set_ex_data(ssl, SSL_EX_DATA_IDX_SSLSTREAM, s_stream);

 	if (chello->sni)
 	{
@@ -910,9 +926,9 @@ const char* ssl_stream_dump_info(struct ssl_stream *stream, char* buffer, size_t
 								stream->dir==CONN_DIR_UPSTREAM ? stream->up_parts.client_hello->sni:NULL);
 	return buffer;
 }
-void ssl_stream_log_error(struct bufferevent * bev, enum tfe_conn_dir dir, struct ssl_mgr* mgr)
+unsigned long ssl_stream_log_error(struct bufferevent * bev, enum tfe_conn_dir dir, struct ssl_mgr* mgr)
 {
-	unsigned long sslerr=0;
+	unsigned long sslerr=0, ret_sslerr=0;
 	int fd=bufferevent_getfd(bev);
 	char* addr_string=tfe_string_addr_create_by_fd(fd, dir);
 	void* logger=mgr->logger;
@@ -937,6 +953,7 @@ void ssl_stream_log_error(struct bufferevent * bev, enum tfe_conn_dir dir, struc
 		default:
 			fs_id=-1;
 	}
+	ret_sslerr=ERR_GET_REASON(sslerr);
 	if(fs_id>=0)
 	{
 		mgr->stat_val[fs_id]++;
@@ -946,7 +963,7 @@ void ssl_stream_log_error(struct bufferevent * bev, enum tfe_conn_dir dir, struc
 		/* We have disabled notification for unclean shutdowns
 		 * so this should not happen; log a warning. */
 		TFE_LOG_ERROR(logger,"Warning: Spurious error from "
-					   "bufferevent (errno=0,sslerr=0)\n");
+					   "bufferevent (errno=0, sslerr=0)\n");
 	}
 	else if (ERR_GET_REASON(sslerr) ==
 		SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE)
@@ -1015,7 +1032,7 @@ void ssl_stream_log_error(struct bufferevent * bev, enum tfe_conn_dir dir, struc
 		}
 	}
 	free(addr_string);
-
+	return ret_sslerr;
 }

 /*
@@ -1080,6 +1097,9 @@ static void ssl_server_connected_eventcb(struct bufferevent * bev, short events,
 				s_stream->up_parts.is_server_cert_verify_passed = ssl_trusted_cert_storage_verify_conn(s_stream->mgr->trust_CA_store, 
 													s_stream->ssl, s_stream->up_parts.client_hello->sni, &(s_stream->up_parts.verify_param),
 													error_str, sizeof(error_str), &(s_stream->up_parts.verify_result));
+				s_stream->up_parts.svc_status.is_ct=s_stream->up_parts.verify_result.is_ct;
+				s_stream->up_parts.svc_status.is_ev=s_stream->up_parts.verify_result.is_ev;
+				ssl_service_cache_write(mgr->svc_cache, s_stream->up_parts.client_hello, &(s_stream->up_parts.svc_status));
 				TFE_LOG_DEBUG(mgr->logger, "SNI: %s hostmatch:%d, ct:%d, ev:%d",
 											s_upstream->client_hello->sni,
 											s_stream->up_parts.verify_result.is_hostmatched,
@@ -1149,8 +1169,21 @@ static void peek_chello_on_succ(future_result_t * result, void * user)
 	{
 		ATOMIC_INC(&(ctx->mgr->stat_val[SSL_NO_SNI]));
 	}
+	int ret=0;
+	struct ssl_service_status* svc_status=NULL;
 	clock_gettime(CLOCK_MONOTONIC, &(ctx->start));
 	ctx->s_stream = ssl_stream_new(ctx->mgr, ctx->fd_upstream, CONN_DIR_UPSTREAM, chello, NULL, NULL);
+	svc_status=&ctx->s_stream->up_parts.svc_status;
+	ret=ssl_service_cache_read(ctx->mgr->svc_cache, chello, svc_status);
+	if(ret==1)
+	{
+		TFE_LOG_DEBUG(ctx->mgr->logger, "SNI: %s service status pinning:%d, mauth:%d, ct:%d, ev:%d",
+									chello->sni,
+									svc_status->pinning_status,
+									svc_status->is_mutual_auth,
+									svc_status->is_ct,
+									svc_status->is_ev);
+	}
 	ctx->bev = bufferevent_openssl_socket_new(evbase, ctx->fd_upstream,
 		ctx->s_stream->ssl, BUFFEREVENT_SSL_CONNECTING, BEV_OPT_DEFER_CALLBACKS | BEV_OPT_THREADSAFE );

@@ -1207,7 +1240,7 @@ static int ossl_session_ticket_key_callback(SSL *ssl_conn,
    const EVP_CIPHER *cipher=EVP_aes_256_cbc();
 	size_t size=32;
 	
-	struct ssl_mgr * mgr = (struct ssl_mgr *) SSL_get_ex_data(ssl_conn, SSL_EX_DATA_IDX_SSLMGR);
+	struct ssl_mgr * mgr = (struct ssl_mgr *) SSL_get_ex_data(ssl_conn, SSL_CTX_EX_DATA_IDX_SSLMGR);
 	assert(mgr!=NULL);
 	
 	struct session_ticket_key* key=&(mgr->ticket_key);
@@ -1285,7 +1318,7 @@ static int ossl_session_ticket_key_callback(SSL *ssl_conn,
 */
 static int ossl_sessnew_cb(SSL * ssl, SSL_SESSION * sess)
 {
-	struct ssl_mgr * mgr = (struct ssl_mgr *) SSL_get_ex_data(ssl, SSL_EX_DATA_IDX_SSLMGR);
+	struct ssl_mgr * mgr = (struct ssl_mgr *) SSL_get_ex_data(ssl, SSL_CTX_EX_DATA_IDX_SSLMGR);

 #ifdef HAVE_SSLV2

@@ -1312,7 +1345,7 @@ static int ossl_sessnew_cb(SSL * ssl, SSL_SESSION * sess)
 */
 static void ossl_sessremove_cb(SSL_CTX * sslctx, SSL_SESSION * sess)
 {
-	struct ssl_mgr * mgr = (struct ssl_mgr *) SSL_CTX_get_ex_data(sslctx, SSL_EX_DATA_IDX_SSLMGR);
+	struct ssl_mgr * mgr = (struct ssl_mgr *) SSL_CTX_get_ex_data(sslctx, SSL_CTX_EX_DATA_IDX_SSLMGR);
 	assert(mgr != NULL);

 	if (sess && !mgr->no_sesscache)
@@ -1329,7 +1362,7 @@ static void ossl_sessremove_cb(SSL_CTX * sslctx, SSL_SESSION * sess)
 */
 static SSL_SESSION * ossl_sessget_cb(SSL * ssl, const unsigned char * id, int idlen, int * copy)
 {
-	struct ssl_mgr * mgr = (struct ssl_mgr *) SSL_get_ex_data(ssl, SSL_EX_DATA_IDX_SSLMGR);
+	struct ssl_mgr * mgr = (struct ssl_mgr *) SSL_get_ex_data(ssl, SSL_CTX_EX_DATA_IDX_SSLMGR);
 	SSL_SESSION * sess=NULL;
 	if(!mgr->no_sesscache)
 	{
@@ -1447,7 +1480,7 @@ static SSL * downstream_ssl_create(struct ssl_mgr * mgr, struct keyring * crt, c
 	SSL_CTX_set_session_cache_mode(sslctx, SSL_SESS_CACHE_SERVER | SSL_SESS_CACHE_NO_INTERNAL);
 	SSL_CTX_set_session_id_context(sslctx, (const unsigned char *) mgr->ssl_session_context,
 		sizeof(mgr->ssl_session_context));
-	ret = SSL_CTX_set_ex_data(sslctx, SSL_EX_DATA_IDX_SSLMGR, mgr);
+	ret = SSL_CTX_set_ex_data(sslctx, SSL_CTX_EX_DATA_IDX_SSLMGR, mgr);
 	assert(ret == 1);
 	if (mgr->dh)
 	{
@@ -1488,7 +1521,7 @@ static SSL * downstream_ssl_create(struct ssl_mgr * mgr, struct keyring * crt, c
 	SSL_CTX_free(sslctx);            // SSL_new() increments refcount
 	sslctx = NULL;

-	ret = SSL_set_ex_data(ssl, SSL_EX_DATA_IDX_SSLMGR, mgr);
+	ret = SSL_set_ex_data(ssl, SSL_CTX_EX_DATA_IDX_SSLMGR, mgr);
 	assert(ret == 1);

 	if (mgr->ssl_mode_release_buffers == 1)
@@ -1554,17 +1587,25 @@ static void ssl_client_connected_eventcb(struct bufferevent * bev, short events,
 	char* addr_string=NULL;
 	const char* sni=s_upstream->client_hello->sni?s_upstream->client_hello->sni:"null";
 	char error_str[TFE_STRING_MAX]={0};
-	long jiffies_ms=0;
+	long jiffies_ms=0;	
+	unsigned long sslerr=0;
 	if (events & BEV_EVENT_ERROR)
 	{
 		ATOMIC_INC(&(mgr->stat_val[SSL_DOWN_ERR]));
-		ssl_stream_log_error(bev, CONN_DIR_DOWNSTREAM, mgr);
+		sslerr=ssl_stream_log_error(bev, CONN_DIR_DOWNSTREAM, mgr);
+		if(sslerr==SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN)
+		{
+			s_upstream->svc_status.pinning_status=PINNING_ST_PINNING;
+			ssl_service_cache_write(mgr->svc_cache, s_upstream->client_hello, &s_upstream->svc_status);
+		}
 		snprintf(error_str, sizeof(error_str), "connect to client failed : sni=%s", sni);
 		promise_failed(p, FUTURE_ERROR_EXCEPTION, error_str);
 	}
 	else if(events & BEV_EVENT_EOF)
 	{		
-		ATOMIC_INC(&(mgr->stat_val[SSL_DOWN_ERR]));		
+		ATOMIC_INC(&(mgr->stat_val[SSL_DOWN_ERR]));	
+		s_stream->peer->up_parts.svc_status.pinning_status=PINNING_ST_MAYBE_PINNING;
+		ssl_service_cache_write(mgr->svc_cache, s_stream->peer->up_parts.client_hello, &(s_stream->peer->up_parts.svc_status));
 		snprintf(error_str, sizeof(error_str), "client side closed : sni=%s", sni);
 		promise_failed(p, FUTURE_ERROR_EXCEPTION, error_str);
 	}
@@ -1613,6 +1654,7 @@ void ask_keyring_on_succ(void * result, void * user)
 	clock_gettime(CLOCK_MONOTONIC, &(ctx->start));
 	ctx->downstream = ssl_stream_new(mgr, ctx->fd_downstream, CONN_DIR_DOWNSTREAM, NULL, kyr,
 										ctx->origin_ssl?ctx->origin_ssl->alpn_selected:NULL);
+	ctx->downstream->peer=ctx->origin_ssl;
 	ctx->bev_down = bufferevent_openssl_socket_new(evbase, ctx->fd_downstream, ctx->downstream->ssl,
 		BUFFEREVENT_SSL_ACCEPTING, BEV_OPT_DEFER_CALLBACKS | BEV_OPT_THREADSAFE);
 	bufferevent_openssl_set_allow_dirty_shutdown(ctx->bev_down, 1);