ssl_server_trust_providers.c revision 299742
1139799Simp/* 211397Sswallace * ssl_server_trust_providers.c: providers for 311397Sswallace * SVN_AUTH_CRED_SSL_SERVER_TRUST 43584Ssos * 53584Ssos * ==================================================================== 63584Ssos * Licensed to the Apache Software Foundation (ASF) under one 73584Ssos * or more contributor license agreements. See the NOTICE file 83584Ssos * distributed with this work for additional information 93584Ssos * regarding copyright ownership. The ASF licenses this file 1011397Sswallace * to you under the Apache License, Version 2.0 (the 1111397Sswallace * "License"); you may not use this file except in compliance 1211397Sswallace * with the License. You may obtain a copy of the License at 133584Ssos * 143584Ssos * http://www.apache.org/licenses/LICENSE-2.0 153584Ssos * 163584Ssos * Unless required by applicable law or agreed to in writing, 173584Ssos * software distributed under the License is distributed on an 183584Ssos * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 193584Ssos * KIND, either express or implied. See the License for the 203584Ssos * specific language governing permissions and limitations 213584Ssos * under the License. 223584Ssos * ==================================================================== 233584Ssos */ 243584Ssos 2513226Swollman#include <apr_pools.h> 26115684Sobrien 27115684Sobrien#include "svn_hash.h" 28115684Sobrien#include "svn_auth.h" 293584Ssos#include "svn_error.h" 303584Ssos#include "svn_config.h" 31194942Srwatson#include "svn_string.h" 3211397Sswallace 3311397Sswallace 3411397Sswallace/*-----------------------------------------------------------------------*/ 35160189Sjhb/* File provider */ 3611397Sswallace/*-----------------------------------------------------------------------*/ 373584Ssos 3811397Sswallace/* retrieve ssl server CA failure overrides (if any) from servers 3911397Sswallace config */ 4011397Sswallacestatic svn_error_t * 4111397Sswallacessl_server_trust_file_first_credentials(void **credentials, 4211397Sswallace void **iter_baton, 4311397Sswallace void *provider_baton, 4411397Sswallace apr_hash_t *parameters, 4511397Sswallace const char *realmstring, 4611397Sswallace apr_pool_t *pool) 4720601Sswallace{ 4811397Sswallace apr_uint32_t *failures = svn_hash_gets(parameters, 4911397Sswallace SVN_AUTH_PARAM_SSL_SERVER_FAILURES); 5020601Sswallace const svn_auth_ssl_server_cert_info_t *cert_info = 5192761Salfred svn_hash_gets(parameters, SVN_AUTH_PARAM_SSL_SERVER_CERT_INFO); 5292761Salfred apr_hash_t *creds_hash = NULL; 5316322Sgpalmer const char *config_dir; 5492761Salfred svn_error_t *error = SVN_NO_ERROR; 5592761Salfred 5616322Sgpalmer *credentials = NULL; 5792761Salfred *iter_baton = NULL; 5892761Salfred 5992761Salfred /* Check if this is a permanently accepted certificate */ 6092761Salfred config_dir = svn_hash_gets(parameters, SVN_AUTH_PARAM_CONFIG_DIR); 6192761Salfred error = 6292761Salfred svn_config_read_auth_data(&creds_hash, SVN_AUTH_CRED_SSL_SERVER_TRUST, 6311397Sswallace realmstring, config_dir, pool); 6411397Sswallace svn_error_clear(error); 6511397Sswallace if (! error && creds_hash) 6611397Sswallace { 6711397Sswallace svn_string_t *trusted_cert, *this_cert, *failstr; 6811397Sswallace apr_uint32_t last_failures = 0; 6911397Sswallace 7011397Sswallace trusted_cert = svn_hash_gets(creds_hash, SVN_CONFIG_AUTHN_ASCII_CERT_KEY); 7111397Sswallace this_cert = svn_string_create(cert_info->ascii_cert, pool); 7211397Sswallace failstr = svn_hash_gets(creds_hash, SVN_CONFIG_AUTHN_FAILURES_KEY); 7311397Sswallace 7443744Sguido if (failstr) 7511397Sswallace SVN_ERR(svn_cstring_atoui(&last_failures, failstr->data)); 7611397Sswallace 7711397Sswallace /* If the cert is trusted and there are no new failures, we 7811397Sswallace * accept it by clearing all failures. */ 7911397Sswallace if (trusted_cert && 8011397Sswallace svn_string_compare(this_cert, trusted_cert) && 8111397Sswallace (*failures & ~last_failures) == 0) 8211397Sswallace { 8311397Sswallace *failures = 0; 8411397Sswallace } 8511397Sswallace } 8611397Sswallace 8711397Sswallace /* If all failures are cleared now, we return the creds */ 8811397Sswallace if (! *failures) 8911397Sswallace { 9011397Sswallace svn_auth_cred_ssl_server_trust_t *creds = 9111397Sswallace apr_pcalloc(pool, sizeof(*creds)); 9211397Sswallace creds->may_save = FALSE; /* No need to save it again... */ 9343744Sguido *credentials = creds; 9411397Sswallace } 9511397Sswallace 9611397Sswallace return SVN_NO_ERROR; 9711397Sswallace} 9811397Sswallace 9911397Sswallace 10011397Sswallacestatic svn_error_t * 10111397Sswallacessl_server_trust_file_save_credentials(svn_boolean_t *saved, 10211397Sswallace void *credentials, 10311397Sswallace void *provider_baton, 10411397Sswallace apr_hash_t *parameters, 10511397Sswallace const char *realmstring, 10611397Sswallace apr_pool_t *pool) 107160189Sjhb{ 108160189Sjhb svn_auth_cred_ssl_server_trust_t *creds = credentials; 109160189Sjhb const svn_auth_ssl_server_cert_info_t *cert_info; 110160189Sjhb apr_hash_t *creds_hash = NULL; 111160189Sjhb const char *config_dir; 112160189Sjhb 113160189Sjhb if (! creds->may_save) 114160189Sjhb return SVN_NO_ERROR; 115160189Sjhb 116160189Sjhb config_dir = svn_hash_gets(parameters, SVN_AUTH_PARAM_CONFIG_DIR); 117160189Sjhb 118160189Sjhb cert_info = svn_hash_gets(parameters, SVN_AUTH_PARAM_SSL_SERVER_CERT_INFO); 119160189Sjhb 120160189Sjhb creds_hash = apr_hash_make(pool); 121225617Skmacy svn_hash_sets(creds_hash, SVN_CONFIG_AUTHN_ASCII_CERT_KEY, 122160189Sjhb svn_string_create(cert_info->ascii_cert, pool)); 123160189Sjhb svn_hash_sets(creds_hash, SVN_CONFIG_AUTHN_FAILURES_KEY, 124160189Sjhb svn_string_createf(pool, "%lu", 125160189Sjhb (unsigned long)creds->accepted_failures)); 126160189Sjhb 127160189Sjhb SVN_ERR(svn_config_write_auth_data(creds_hash, 128160189Sjhb SVN_AUTH_CRED_SSL_SERVER_TRUST, 129160189Sjhb realmstring, 130160189Sjhb config_dir, 131160189Sjhb pool)); 132160189Sjhb *saved = TRUE; 133160189Sjhb return SVN_NO_ERROR; 134160189Sjhb} 135160189Sjhb 136160189Sjhb 137160189Sjhbstatic const svn_auth_provider_t ssl_server_trust_file_provider = { 138160189Sjhb SVN_AUTH_CRED_SSL_SERVER_TRUST, 139160189Sjhb ssl_server_trust_file_first_credentials, 140160189Sjhb NULL, 141160189Sjhb ssl_server_trust_file_save_credentials, 142160189Sjhb}; 143160189Sjhb 144160189Sjhb 145160189Sjhb/*** Public API to SSL file providers. ***/ 146160189Sjhbvoid 147160189Sjhbsvn_auth_get_ssl_server_trust_file_provider 148160189Sjhb (svn_auth_provider_object_t **provider, apr_pool_t *pool) 149160189Sjhb{ 150160189Sjhb svn_auth_provider_object_t *po = apr_pcalloc(pool, sizeof(*po)); 151160189Sjhb 152160189Sjhb po->vtable = &ssl_server_trust_file_provider; 153160189Sjhb *provider = po; 154160189Sjhb} 155160189Sjhb 156160189Sjhb 157160189Sjhb/*-----------------------------------------------------------------------*/ 158160189Sjhb/* Prompt provider */ 159160189Sjhb/*-----------------------------------------------------------------------*/ 160160189Sjhb 161160189Sjhb/* Baton type for prompting to verify server ssl creds. 162160189Sjhb There is no iteration baton type. */ 163160189Sjhbtypedef struct ssl_server_trust_prompt_provider_baton_t 164160189Sjhb{ 165160189Sjhb svn_auth_ssl_server_trust_prompt_func_t prompt_func; 166160189Sjhb void *prompt_baton; 167160189Sjhb} ssl_server_trust_prompt_provider_baton_t; 168160189Sjhb 169160189Sjhb 170160189Sjhbstatic svn_error_t * 171160189Sjhbssl_server_trust_prompt_first_cred(void **credentials_p, 172160189Sjhb void **iter_baton, 173160189Sjhb void *provider_baton, 174160189Sjhb apr_hash_t *parameters, 175160189Sjhb const char *realmstring, 176160189Sjhb apr_pool_t *pool) 177160189Sjhb{ 178160189Sjhb ssl_server_trust_prompt_provider_baton_t *pb = provider_baton; 179225617Skmacy apr_uint32_t *failures = svn_hash_gets(parameters, 180160189Sjhb SVN_AUTH_PARAM_SSL_SERVER_FAILURES); 181160189Sjhb const char *no_auth_cache = svn_hash_gets(parameters, 182160189Sjhb SVN_AUTH_PARAM_NO_AUTH_CACHE); 183160189Sjhb const svn_auth_ssl_server_cert_info_t *cert_info = 184160189Sjhb svn_hash_gets(parameters, SVN_AUTH_PARAM_SSL_SERVER_CERT_INFO); 185160189Sjhb svn_boolean_t may_save = (!no_auth_cache 186160189Sjhb && !(*failures & SVN_AUTH_SSL_OTHER)); 187160189Sjhb 188160189Sjhb SVN_ERR(pb->prompt_func((svn_auth_cred_ssl_server_trust_t **)credentials_p, 189160189Sjhb pb->prompt_baton, realmstring, *failures, cert_info, 190160189Sjhb may_save, pool)); 191160189Sjhb 192160189Sjhb *iter_baton = NULL; 193160189Sjhb return SVN_NO_ERROR; 194160189Sjhb} 195160189Sjhb 196160189Sjhb 197160189Sjhbstatic const svn_auth_provider_t ssl_server_trust_prompt_provider = { 198160189Sjhb SVN_AUTH_CRED_SSL_SERVER_TRUST, 199160189Sjhb ssl_server_trust_prompt_first_cred, 200225617Skmacy NULL, 201160189Sjhb NULL 202160189Sjhb}; 2033584Ssos 20483366Sjulian 20583366Sjulian/*** Public API to SSL prompting providers. ***/ 20611397Sswallacevoid 2073584Ssossvn_auth_get_ssl_server_trust_prompt_provider 208107849Salfred (svn_auth_provider_object_t **provider, 209160189Sjhb svn_auth_ssl_server_trust_prompt_func_t prompt_func, 210160189Sjhb void *prompt_baton, 211160189Sjhb apr_pool_t *pool) 212160189Sjhb{ 213160189Sjhb svn_auth_provider_object_t *po = apr_pcalloc(pool, sizeof(*po)); 214160189Sjhb ssl_server_trust_prompt_provider_baton_t *pb = 215160189Sjhb apr_palloc(pool, sizeof(*pb)); 216160189Sjhb pb->prompt_func = prompt_func; 21711397Sswallace pb->prompt_baton = prompt_baton; 218160189Sjhb po->vtable = &ssl_server_trust_prompt_provider; 21911397Sswallace po->provider_baton = pb; 22011397Sswallace *provider = po; 22111397Sswallace} 22211397Sswallace