epee: add SSL support
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2018-06-14 18:44:48 -04:00
|
|
|
// Copyright (c) 2006-2013, Andrey N. Sabelnikov, www.sabelnikov.net
|
|
|
|
// All rights reserved.
|
|
|
|
//
|
|
|
|
// Redistribution and use in source and binary forms, with or without
|
|
|
|
// modification, are permitted provided that the following conditions are met:
|
|
|
|
// * Redistributions of source code must retain the above copyright
|
|
|
|
// notice, this list of conditions and the following disclaimer.
|
|
|
|
// * Redistributions in binary form must reproduce the above copyright
|
|
|
|
// notice, this list of conditions and the following disclaimer in the
|
|
|
|
// documentation and/or other materials provided with the distribution.
|
|
|
|
// * Neither the name of the Andrey N. Sabelnikov nor the
|
|
|
|
// names of its contributors may be used to endorse or promote products
|
|
|
|
// derived from this software without specific prior written permission.
|
|
|
|
//
|
|
|
|
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
|
|
|
// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
|
|
// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
|
|
// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER BE LIABLE FOR ANY
|
|
|
|
// DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
|
|
// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
|
|
// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
|
|
|
// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
|
|
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
|
|
|
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
//
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#ifndef _NET_SSL_H
|
|
|
|
#define _NET_SSL_H
|
|
|
|
|
2019-10-16 22:50:18 -04:00
|
|
|
#include <chrono>
|
epee: add SSL support
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2018-06-14 18:44:48 -04:00
|
|
|
#include <stdint.h>
|
|
|
|
#include <string>
|
2019-03-11 22:01:03 -04:00
|
|
|
#include <vector>
|
epee: add SSL support
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2018-06-14 18:44:48 -04:00
|
|
|
#include <boost/utility/string_ref.hpp>
|
|
|
|
#include <boost/asio/ip/tcp.hpp>
|
|
|
|
#include <boost/asio/ssl.hpp>
|
2021-02-09 17:06:12 -05:00
|
|
|
#include <boost/filesystem/path.hpp>
|
2019-03-11 22:01:03 -04:00
|
|
|
#include <boost/system/error_code.hpp>
|
epee: add SSL support
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2018-06-14 18:44:48 -04:00
|
|
|
|
2019-04-25 12:35:27 -04:00
|
|
|
#define SSL_FINGERPRINT_SIZE 32
|
|
|
|
|
epee: add SSL support
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2018-06-14 18:44:48 -04:00
|
|
|
namespace epee
|
|
|
|
{
|
|
|
|
namespace net_utils
|
|
|
|
{
|
|
|
|
enum class ssl_support_t: uint8_t {
|
|
|
|
e_ssl_support_disabled,
|
|
|
|
e_ssl_support_enabled,
|
|
|
|
e_ssl_support_autodetect,
|
|
|
|
};
|
2019-03-15 00:03:32 -04:00
|
|
|
|
|
|
|
enum class ssl_verification_t : uint8_t
|
|
|
|
{
|
|
|
|
none = 0, //!< Do not verify peer.
|
|
|
|
system_ca, //!< Verify peer via system ca only (do not inspect user certificates)
|
2019-04-04 13:35:33 -04:00
|
|
|
user_certificates,//!< Verify peer via specific (non-chain) certificate(s) only.
|
|
|
|
user_ca //!< Verify peer via specific (possibly chain) certificate(s) only.
|
2019-03-15 00:03:32 -04:00
|
|
|
};
|
|
|
|
|
|
|
|
struct ssl_authentication_t
|
|
|
|
{
|
|
|
|
std::string private_key_path; //!< Private key used for authentication
|
|
|
|
std::string certificate_path; //!< Certificate used for authentication to peer.
|
|
|
|
|
|
|
|
//! Load `private_key_path` and `certificate_path` into `ssl_context`.
|
|
|
|
void use_ssl_certificate(boost::asio::ssl::context &ssl_context) const;
|
|
|
|
};
|
|
|
|
|
|
|
|
/*!
|
|
|
|
\note `verification != disabled && support == disabled` is currently
|
|
|
|
"allowed" via public interface but obviously invalid configuation.
|
|
|
|
*/
|
|
|
|
class ssl_options_t
|
|
|
|
{
|
|
|
|
// force sorted behavior in private
|
|
|
|
std::vector<std::vector<std::uint8_t>> fingerprints_;
|
|
|
|
|
|
|
|
public:
|
|
|
|
std::string ca_path;
|
|
|
|
ssl_authentication_t auth;
|
|
|
|
ssl_support_t support;
|
|
|
|
ssl_verification_t verification;
|
|
|
|
|
|
|
|
//! Verification is set to system ca unless SSL is disabled.
|
|
|
|
ssl_options_t(ssl_support_t support)
|
|
|
|
: fingerprints_(),
|
|
|
|
ca_path(),
|
|
|
|
auth(),
|
|
|
|
support(support),
|
|
|
|
verification(support == ssl_support_t::e_ssl_support_disabled ? ssl_verification_t::none : ssl_verification_t::system_ca)
|
|
|
|
{}
|
|
|
|
|
|
|
|
//! Provide user fingerprints and/or ca path. Enables SSL and user_certificate verification
|
|
|
|
ssl_options_t(std::vector<std::vector<std::uint8_t>> fingerprints, std::string ca_path);
|
|
|
|
|
|
|
|
ssl_options_t(const ssl_options_t&) = default;
|
|
|
|
ssl_options_t(ssl_options_t&&) = default;
|
|
|
|
|
|
|
|
ssl_options_t& operator=(const ssl_options_t&) = default;
|
|
|
|
ssl_options_t& operator=(ssl_options_t&&) = default;
|
|
|
|
|
|
|
|
//! \return False iff ssl is disabled, otherwise true.
|
|
|
|
explicit operator bool() const noexcept { return support != ssl_support_t::e_ssl_support_disabled; }
|
|
|
|
|
2019-04-06 21:28:37 -04:00
|
|
|
//! \retrurn True if `host` can be verified using `this` configuration WITHOUT system "root" CAs.
|
|
|
|
bool has_strong_verification(boost::string_ref host) const noexcept;
|
|
|
|
|
2019-03-15 00:03:32 -04:00
|
|
|
//! Search against internal fingerprints. Always false if `behavior() != user_certificate_check`.
|
|
|
|
bool has_fingerprint(boost::asio::ssl::verify_context &ctx) const;
|
|
|
|
|
|
|
|
boost::asio::ssl::context create_context() const;
|
|
|
|
|
2019-03-17 22:06:36 -04:00
|
|
|
/*! \note If `this->support == autodetect && this->verification != none`,
|
|
|
|
then the handshake will not fail when peer verification fails. The
|
|
|
|
assumption is that a re-connect will be attempted, so a warning is
|
|
|
|
logged instead of failure.
|
2019-03-19 16:04:32 -04:00
|
|
|
|
|
|
|
\note It is strongly encouraged that clients using `system_ca`
|
|
|
|
verification provide a non-empty `host` for rfc2818 verification.
|
|
|
|
|
|
|
|
\param socket Used in SSL handshake and verification
|
|
|
|
\param type Client or server
|
|
|
|
\param host This parameter is only used when
|
|
|
|
`type == client && !host.empty()`. The value is sent to the server for
|
|
|
|
situations where multiple hostnames are being handled by a server. If
|
|
|
|
`verification == system_ca` the client also does a rfc2818 check to
|
|
|
|
ensure that the server certificate is to the provided hostname.
|
|
|
|
|
2019-03-17 22:06:36 -04:00
|
|
|
\return True if the SSL handshake completes with peer verification
|
|
|
|
settings. */
|
2019-09-17 18:19:48 -04:00
|
|
|
bool handshake(
|
|
|
|
boost::asio::ssl::stream<boost::asio::ip::tcp::socket> &socket,
|
|
|
|
boost::asio::ssl::stream_base::handshake_type type,
|
2020-12-26 20:55:12 -05:00
|
|
|
boost::asio::const_buffer buffer = {},
|
2019-09-17 18:19:48 -04:00
|
|
|
const std::string& host = {},
|
|
|
|
std::chrono::milliseconds timeout = std::chrono::seconds(15)) const;
|
2019-03-15 00:03:32 -04:00
|
|
|
};
|
epee: add SSL support
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2018-06-14 18:44:48 -04:00
|
|
|
|
|
|
|
// https://security.stackexchange.com/questions/34780/checking-client-hello-for-https-classification
|
|
|
|
constexpr size_t get_ssl_magic_size() { return 9; }
|
|
|
|
bool is_ssl(const unsigned char *data, size_t len);
|
2019-03-15 00:03:32 -04:00
|
|
|
bool ssl_support_from_string(ssl_support_t &ssl, boost::string_ref s);
|
2019-05-01 18:01:53 -04:00
|
|
|
|
|
|
|
bool create_ec_ssl_certificate(EVP_PKEY *&pkey, X509 *&cert);
|
|
|
|
bool create_rsa_ssl_certificate(EVP_PKEY *&pkey, X509 *&cert);
|
2021-02-09 17:06:12 -05:00
|
|
|
|
|
|
|
//! Store private key for `ssl` at `base + ".key"` unencrypted and certificate for `ssl` at `base + ".crt"`.
|
|
|
|
boost::system::error_code store_ssl_keys(boost::asio::ssl::context& ssl, const boost::filesystem::path& base);
|
epee: add SSL support
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2018-06-14 18:44:48 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
#endif //_NET_SSL_H
|