1
0
mirror of https://git.sr.ht/~sircmpwn/gmni synced 2024-11-22 20:32:03 +01:00

all: rewrite with BearSSL rather than OpenSSL

This commit is contained in:
Drew DeVault 2021-03-04 10:59:19 -05:00
parent 863c41dba6
commit 57064dd01f
11 changed files with 320 additions and 278 deletions

@ -8,7 +8,7 @@ This is a [Gemini](https://gemini.circumlunar.space/) client. Included are:
Dependencies: Dependencies:
- A POSIX-like system and a C11 compiler - A POSIX-like system and a C11 compiler
- OpenSSL - [BearSSL](https://www.bearssl.org/index.html)
- [scdoc](https://sr.ht/~sircmpwn/scdoc/) (optional) - [scdoc](https://sr.ht/~sircmpwn/scdoc/) (optional)
Features: Features:

@ -117,8 +117,8 @@ run_configure() {
fi fi
done done
find_library OpenSSL libssl # XXX: Asked the maintainer to provide a .pc file
find_library OpenSSL libcrypto LIBS="$LIBS -lbearssl"
printf "Checking for scdoc... " printf "Checking for scdoc... "
if scdoc -v >/dev/null 2>&1 if scdoc -v >/dev/null 2>&1

@ -1,7 +1,7 @@
#ifndef GEMINI_CLIENT_H #ifndef GEMINI_CLIENT_H
#define GEMINI_CLIENT_H #define GEMINI_CLIENT_H
#include <bearssl_ssl.h>
#include <netdb.h> #include <netdb.h>
#include <openssl/ssl.h>
#include <stdbool.h> #include <stdbool.h>
#include <sys/socket.h> #include <sys/socket.h>
@ -52,20 +52,16 @@ struct gemini_response {
enum gemini_status status; enum gemini_status status;
char *meta; char *meta;
// TODO: Make these private
// Response body may be read from here if appropriate: // Response body may be read from here if appropriate:
BIO *bio; br_sslio_context body;
// Connection state // Connection state
SSL_CTX *ssl_ctx; br_ssl_client_context *sc;
SSL *ssl;
int fd; int fd;
}; };
struct gemini_options { struct gemini_options {
// If NULL, an SSL context will be created. If unset, the ssl field
// must also be NULL.
SSL_CTX *ssl_ctx;
// If ai_family != AF_UNSPEC (the default value on most systems), the // If ai_family != AF_UNSPEC (the default value on most systems), the
// client will connect to this address and skip name resolution. // client will connect to this address and skip name resolution.
struct addrinfo *addr; struct addrinfo *addr;
@ -75,6 +71,8 @@ struct gemini_options {
struct addrinfo *hints; struct addrinfo *hints;
}; };
struct gemini_tofu;
// Requests the specified URL via the gemini protocol. If options is non-NULL, // Requests the specified URL via the gemini protocol. If options is non-NULL,
// it may specify some additional configuration to adjust client behavior. // it may specify some additional configuration to adjust client behavior.
// //
@ -84,6 +82,7 @@ struct gemini_options {
// before exiting or re-using it for another request. // before exiting or re-using it for another request.
enum gemini_result gemini_request(const char *url, enum gemini_result gemini_request(const char *url,
struct gemini_options *options, struct gemini_options *options,
struct gemini_tofu *tofu,
struct gemini_response *resp); struct gemini_response *resp);
// Must be called after gemini_request in order to free up the resources // Must be called after gemini_request in order to free up the resources
@ -137,15 +136,20 @@ struct gemini_token {
}; };
struct gemini_parser { struct gemini_parser {
BIO *f; int (*read)(void *state, void *buf, size_t nbyte);
void *state;
char *buf; char *buf;
size_t bufsz; size_t bufsz;
size_t bufln; size_t bufln;
bool preformatted; bool preformatted;
}; };
// Initializes a text/gemini parser which reads from the specified BIO. // Initializes a text/gemini parser. The provided "read" function will be called
void gemini_parser_init(struct gemini_parser *p, BIO *f); // with the provided "state" value in order to obtain more gemtext data. The
// read function should behave like read(3).
void gemini_parser_init(struct gemini_parser *p,
int (*read)(void *state, void *buf, size_t nbyte),
void *state);
// Finishes this text/gemini parser and frees up its resources. // Finishes this text/gemini parser and frees up its resources.
void gemini_parser_finish(struct gemini_parser *p); void gemini_parser_finish(struct gemini_parser *p);

@ -1,9 +1,7 @@
#ifndef GEMINI_TOFU_H #ifndef GEMINI_TOFU_H
#define GEMINI_TOFU_H #define GEMINI_TOFU_H
#include <bearssl_x509.h>
#include <limits.h> #include <limits.h>
#include <openssl/ssl.h>
#include <openssl/x509.h>
#include <time.h>
enum tofu_error { enum tofu_error {
TOFU_VALID, TOFU_VALID,
@ -24,7 +22,6 @@ enum tofu_action {
struct known_host { struct known_host {
char *host, *fingerprint; char *host, *fingerprint;
time_t expires;
int lineno; int lineno;
struct known_host *next; struct known_host *next;
}; };
@ -34,7 +31,23 @@ struct known_host {
typedef enum tofu_action (tofu_callback_t)(enum tofu_error error, typedef enum tofu_action (tofu_callback_t)(enum tofu_error error,
const char *fingerprint, struct known_host *host, void *data); const char *fingerprint, struct known_host *host, void *data);
struct gemini_tofu;
struct x509_tofu_context {
const br_x509_class *vtable;
br_x509_decoder_context decoder;
br_x509_pkey *pkey;
br_sha512_context sha512;
unsigned char hash[64];
struct gemini_tofu *store;
const char *server_name;
int err;
};
struct gemini_tofu { struct gemini_tofu {
struct x509_tofu_context x509_ctx;
br_ssl_client_context sc;
unsigned char iobuf[BR_SSL_BUFSIZE_BIDI];
char known_hosts_path[PATH_MAX+1]; char known_hosts_path[PATH_MAX+1];
struct known_host *known_hosts; struct known_host *known_hosts;
int lineno; int lineno;
@ -42,8 +55,7 @@ struct gemini_tofu {
void *cb_data; void *cb_data;
}; };
void gemini_tofu_init(struct gemini_tofu *tofu, void gemini_tofu_init(struct gemini_tofu *tofu, tofu_callback_t *cb, void *data);
SSL_CTX *ssl_ctx, tofu_callback_t *cb, void *data);
void gemini_tofu_finish(struct gemini_tofu *tofu); void gemini_tofu_finish(struct gemini_tofu *tofu);
#endif #endif

@ -1,5 +1,7 @@
#ifndef GEMINI_UTIL_H #ifndef GEMINI_UTIL_H
#define GEMINI_UTIL_H #define GEMINI_UTIL_H
#include <stdio.h>
#include <sys/types.h>
struct pathspec { struct pathspec {
const char *var; const char *var;

@ -1,15 +1,15 @@
#include <assert.h> #include <assert.h>
#include <errno.h> #include <errno.h>
#include <netdb.h> #include <netdb.h>
#include <openssl/bio.h> #include <bearssl_ssl.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h>
#include <string.h> #include <string.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <sys/types.h> #include <sys/types.h>
#include <unistd.h> #include <unistd.h>
#include <gmni/gmni.h> #include <gmni/gmni.h>
#include <gmni/tofu.h>
#include <gmni/url.h> #include <gmni/url.h>
static enum gemini_result static enum gemini_result
@ -88,9 +88,41 @@ gemini_connect(struct Curl_URL *uri, struct gemini_options *options,
#define GEMINI_META_MAXLEN 1024 #define GEMINI_META_MAXLEN 1024
#define GEMINI_STATUS_MAXLEN 2 #define GEMINI_STATUS_MAXLEN 2
static int
sock_read(void *ctx, unsigned char *buf, size_t len)
{
for (;;) {
ssize_t rlen;
rlen = read(*(int *)ctx, buf, len);
if (rlen <= 0) {
if (rlen < 0 && errno == EINTR) {
continue;
}
return -1;
}
return (int)rlen;
}
}
static int
sock_write(void *ctx, const unsigned char *buf, size_t len)
{
for (;;) {
ssize_t wlen;
wlen = write(*(int *)ctx, buf, len);
if (wlen <= 0) {
if (wlen < 0 && errno == EINTR) {
continue;
}
return -1;
}
return (int)wlen;
}
}
enum gemini_result enum gemini_result
gemini_request(const char *url, struct gemini_options *options, gemini_request(const char *url, struct gemini_options *options,
struct gemini_response *resp) struct gemini_tofu *tofu, struct gemini_response *resp)
{ {
assert(url); assert(url);
assert(resp); assert(resp);
@ -128,84 +160,50 @@ gemini_request(const char *url, struct gemini_options *options,
goto cleanup; goto cleanup;
} }
if (options && options->ssl_ctx) {
resp->ssl_ctx = options->ssl_ctx;
SSL_CTX_up_ref(options->ssl_ctx);
} else {
resp->ssl_ctx = SSL_CTX_new(TLS_method());
assert(resp->ssl_ctx);
SSL_CTX_set_verify(resp->ssl_ctx, SSL_VERIFY_PEER, NULL);
}
int r; int r;
BIO *sbio = BIO_new(BIO_f_ssl());
res = gemini_connect(uri, options, resp, &resp->fd); res = gemini_connect(uri, options, resp, &resp->fd);
if (res != GEMINI_OK) { if (res != GEMINI_OK) {
free(host); free(host);
goto cleanup; goto cleanup;
} }
resp->ssl = SSL_new(resp->ssl_ctx); // TODO: session reuse
assert(resp->ssl); resp->sc = &tofu->sc;
SSL_set_connect_state(resp->ssl); br_ssl_client_reset(resp->sc, host, 0);
if ((r = SSL_set1_host(resp->ssl, host)) != 1) { br_sslio_init(&resp->body, &resp->sc->eng,
free(host); sock_read, &resp->fd, sock_write, &resp->fd);
goto ssl_error;
}
if ((r = SSL_set_tlsext_host_name(resp->ssl, host)) != 1) {
free(host);
goto ssl_error;
}
free(host);
if ((r = SSL_set_fd(resp->ssl, resp->fd)) != 1) {
goto ssl_error;
}
if ((r = SSL_connect(resp->ssl)) != 1) {
goto ssl_error;
}
X509 *cert = SSL_get_peer_certificate(resp->ssl);
if (!cert) {
resp->status = X509_V_ERR_UNSPECIFIED;
res = GEMINI_ERR_SSL_VERIFY;
goto cleanup;
}
X509_free(cert);
long vr = SSL_get_verify_result(resp->ssl);
if (vr != X509_V_OK) {
resp->status = vr;
res = GEMINI_ERR_SSL_VERIFY;
goto cleanup;
}
BIO_set_ssl(sbio, resp->ssl, 0);
resp->bio = BIO_new(BIO_f_buffer());
BIO_push(resp->bio, sbio);
char req[1024 + 3]; char req[1024 + 3];
r = snprintf(req, sizeof(req), "%s\r\n", url); r = snprintf(req, sizeof(req), "%s\r\n", url);
assert(r > 0); assert(r > 0);
r = BIO_puts(sbio, req); br_sslio_write_all(&resp->body, req, r);
if (r == -1) { br_sslio_flush(&resp->body);
res = GEMINI_ERR_IO;
goto cleanup;
}
assert(r == (int)strlen(req));
// The SSL engine maintains an internal buffer, so this shouldn't be as
// inefficient as it looks. It's necessary to do this one byte at a time
// to avoid consuming any of the response body buffer.
char buf[GEMINI_META_MAXLEN char buf[GEMINI_META_MAXLEN
+ GEMINI_STATUS_MAXLEN + GEMINI_STATUS_MAXLEN
+ 2 /* CRLF */ + 1 /* NUL */]; + 2 /* CRLF */ + 1 /* NUL */];
r = BIO_gets(resp->bio, buf, sizeof(buf)); memset(buf, 0, sizeof(buf));
if (r == -1) { size_t l;
res = GEMINI_ERR_IO; for (l = 0; l < 2 || memcmp(&buf[l-2], "\r\n", 2) != 0; ++l) {
goto cleanup; r = br_sslio_read(&resp->body, &buf[l], 1);
if (r < 0) {
break;
}
} }
if (r < 3 || strcmp(&buf[r - 2], "\r\n") != 0) { int err = br_ssl_engine_last_error(&resp->sc->eng);
fprintf(stderr, "invalid line %d '%s'\n", r, buf); if (err != 0) {
// TODO: Bubble this up properly
fprintf(stderr, "SSL error %d\n", err);
goto ssl_error;
}
if (l < 3 || strcmp(&buf[l-2], "\r\n") != 0) {
fprintf(stderr, "invalid line '%s'\n", buf);
res = GEMINI_ERR_PROTOCOL; res = GEMINI_ERR_PROTOCOL;
goto cleanup; goto cleanup;
} }
@ -217,9 +215,9 @@ gemini_request(const char *url, struct gemini_options *options,
res = GEMINI_ERR_PROTOCOL; res = GEMINI_ERR_PROTOCOL;
goto cleanup; goto cleanup;
} }
resp->meta = calloc(r - 5 /* 2 digits, space, and CRLF */ + 1 /* NUL */, 1); resp->meta = calloc(l - 5 /* 2 digits, space, and CRLF */ + 1 /* NUL */, 1);
strncpy(resp->meta, &endptr[1], r - 5); strncpy(resp->meta, &endptr[1], l - 5);
resp->meta[r - 5] = '\0'; resp->meta[l - 5] = '\0';
cleanup: cleanup:
curl_url_cleanup(uri); curl_url_cleanup(uri);
@ -237,26 +235,18 @@ gemini_response_finish(struct gemini_response *resp)
return; return;
} }
if (resp->bio) {
BIO_free_all(resp->bio);
resp->bio = NULL;
}
if (resp->ssl) {
SSL_free(resp->ssl);
}
if (resp->ssl_ctx) {
SSL_CTX_free(resp->ssl_ctx);
}
free(resp->meta);
if (resp->fd != -1) { if (resp->fd != -1) {
close(resp->fd); close(resp->fd);
resp->fd = -1; resp->fd = -1;
} }
resp->ssl = NULL; free(resp->meta);
resp->ssl_ctx = NULL;
if (resp->sc) {
br_sslio_close(&resp->body);
}
resp->sc = NULL;
resp->meta = NULL; resp->meta = NULL;
} }
@ -277,11 +267,11 @@ gemini_strerr(enum gemini_result r, struct gemini_response *resp)
case GEMINI_ERR_CONNECT: case GEMINI_ERR_CONNECT:
return strerror(errno); return strerror(errno);
case GEMINI_ERR_SSL: case GEMINI_ERR_SSL:
return ERR_error_string( // TODO: more specific
SSL_get_error(resp->ssl, resp->status), return "SSL error";
NULL);
case GEMINI_ERR_SSL_VERIFY: case GEMINI_ERR_SSL_VERIFY:
return X509_verify_cert_error_string(resp->status); // TODO: more specific
return "X.509 certificate not trusted";
case GEMINI_ERR_IO: case GEMINI_ERR_IO:
return "I/O error"; return "I/O error";
case GEMINI_ERR_PROTOCOL: case GEMINI_ERR_PROTOCOL:

@ -1,9 +1,8 @@
#include <assert.h> #include <assert.h>
#include <bearssl_ssl.h>
#include <errno.h> #include <errno.h>
#include <getopt.h> #include <getopt.h>
#include <netdb.h> #include <netdb.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <stdbool.h> #include <stdbool.h>
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
@ -222,10 +221,7 @@ main(int argc, char *argv[])
return 1; return 1;
} }
SSL_load_error_strings(); gemini_tofu_init(&cfg.tofu, &tofu_callback, &cfg);
ERR_load_crypto_strings();
opts.ssl_ctx = SSL_CTX_new(TLS_method());
gemini_tofu_init(&cfg.tofu, opts.ssl_ctx, &tofu_callback, &cfg);
bool exit = false; bool exit = false;
struct Curl_URL *url = curl_url(); struct Curl_URL *url = curl_url();
@ -242,7 +238,8 @@ main(int argc, char *argv[])
curl_url_get(url, CURLUPART_URL, &buf, 0); curl_url_get(url, CURLUPART_URL, &buf, 0);
struct gemini_response resp; struct gemini_response resp;
enum gemini_result r = gemini_request(buf, &opts, &resp); enum gemini_result r = gemini_request(
buf, &opts, &cfg.tofu, &resp);
free(buf); free(buf);
@ -340,11 +337,8 @@ main(int argc, char *argv[])
char last = 0; char last = 0;
char buf[BUFSIZ]; char buf[BUFSIZ];
for (int n = 1; n > 0;) { for (int n = 1; n > 0;) {
n = BIO_read(resp.bio, buf, BUFSIZ); n = br_sslio_read(&resp.body, buf, BUFSIZ);
if (n == -1) { if (n > 0) {
fprintf(stderr, "Error: read\n");
return 1;
} else if (n != 0) {
last = buf[n - 1]; last = buf[n - 1];
} }
ssize_t w = 0; ssize_t w = 0;
@ -370,7 +364,6 @@ next:
gemini_response_finish(&resp); gemini_response_finish(&resp);
} }
SSL_CTX_free(opts.ssl_ctx);
curl_url_cleanup(url); curl_url_cleanup(url);
gemini_tofu_finish(&cfg.tofu); gemini_tofu_finish(&cfg.tofu);
return ret; return ret;

@ -1,22 +1,25 @@
#include <assert.h> #include <assert.h>
#include <bearssl_ssl.h>
#include <ctype.h> #include <ctype.h>
#include <errno.h>
#include <fcntl.h>
#include <getopt.h> #include <getopt.h>
#include <libgen.h>
#include <limits.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <regex.h>
#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <sys/ioctl.h>
#include <sys/stat.h>
#include <sys/wait.h>
#include <termios.h>
#include <unistd.h>
#include <gmni/gmni.h> #include <gmni/gmni.h>
#include <gmni/tofu.h> #include <gmni/tofu.h>
#include <gmni/url.h> #include <gmni/url.h>
#include <libgen.h>
#include <limits.h>
#include <regex.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/ioctl.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <termios.h>
#include <unistd.h>
#include "util.h" #include "util.h"
struct link { struct link {
@ -346,10 +349,13 @@ pipe_resp(FILE *out, struct gemini_response resp, char *cmd) {
FILE *f = fdopen(pfd[1], "w"); FILE *f = fdopen(pfd[1], "w");
// XXX: may affect history, do we care? // XXX: may affect history, do we care?
for (int n = 1; n > 0;) { for (int n = 1; n > 0;) {
n = BIO_read(resp.bio, buf, BUFSIZ); if (resp.sc) {
if (n == -1) { n = br_sslio_read(&resp.body, buf, BUFSIZ);
fprintf(stderr, "Error: read\n"); } else {
return; n = read(resp.fd, buf, BUFSIZ);
}
if (n < 0) {
n = 0;
} }
ssize_t w = 0; ssize_t w = 0;
while (w < (ssize_t)n) { while (w < (ssize_t)n) {
@ -393,23 +399,19 @@ do_requests(struct browser *browser, struct gemini_response *resp)
break; break;
} }
FILE *fp = fopen(path, "r"); int fd = open(path, O_RDONLY);
if (!fp) { if (fd < 0) {
resp->status = GEMINI_STATUS_NOT_FOUND; resp->status = GEMINI_STATUS_NOT_FOUND;
/* Make sure members of resp evaluate to false, so that // Make sure members of resp evaluate to false,
gemini_response_finish does not try to free them. */ // so that gemini_response_finish does not try
resp->bio = NULL; // to free them.
resp->ssl = NULL; resp->sc = NULL;
resp->ssl_ctx = NULL;
resp->meta = NULL; resp->meta = NULL;
resp->fd = -1; resp->fd = -1;
free(path); free(path);
break; break;
} }
BIO *file = BIO_new_fp(fp, BIO_CLOSE);
resp->bio = BIO_new(BIO_f_buffer());
BIO_push(resp->bio, file);
if (has_suffix(path, ".gmi") || has_suffix(path, ".gemini")) { if (has_suffix(path, ".gmi") || has_suffix(path, ".gemini")) {
resp->meta = strdup("text/gemini"); resp->meta = strdup("text/gemini");
} else if (has_suffix(path, ".txt")) { } else if (has_suffix(path, ".txt")) {
@ -419,14 +421,14 @@ do_requests(struct browser *browser, struct gemini_response *resp)
} }
free(path); free(path);
resp->status = GEMINI_STATUS_SUCCESS; resp->status = GEMINI_STATUS_SUCCESS;
resp->fd = -1; resp->fd = fd;
resp->ssl = NULL; resp->sc = NULL;
resp->ssl_ctx = NULL;
return GEMINI_OK; return GEMINI_OK;
} }
free(scheme); free(scheme);
res = gemini_request(browser->plain_url, &browser->opts, resp); res = gemini_request(browser->plain_url, &browser->opts,
&browser->tofu, resp);
if (res != GEMINI_OK) { if (res != GEMINI_OK) {
fprintf(stderr, "Error: %s\n", gemini_strerr(res, resp)); fprintf(stderr, "Error: %s\n", gemini_strerr(res, resp));
requesting = false; requesting = false;
@ -752,12 +754,23 @@ wrap(FILE *f, char *s, struct winsize *ws, int *row, int *col)
return fprintf(f, "%s\n", s) - 1; return fprintf(f, "%s\n", s) - 1;
} }
static int
resp_read(void *state, void *buf, size_t nbyte)
{
struct gemini_response *resp = state;
if (resp->sc) {
return br_sslio_read(&resp->body, buf, nbyte);
} else {
return read(resp->fd, buf, nbyte);
}
}
static bool static bool
display_gemini(struct browser *browser, struct gemini_response *resp) display_gemini(struct browser *browser, struct gemini_response *resp)
{ {
int nlinks = 0; int nlinks = 0;
struct gemini_parser p; struct gemini_parser p;
gemini_parser_init(&p, resp->bio); gemini_parser_init(&p, &resp_read, resp);
free(browser->page_title); free(browser->page_title);
browser->page_title = NULL; browser->page_title = NULL;
@ -945,10 +958,13 @@ display_plaintext(struct browser *browser, struct gemini_response *resp)
char buf[BUFSIZ]; char buf[BUFSIZ];
for (int n = 1; n > 0;) { for (int n = 1; n > 0;) {
n = BIO_read(resp->bio, buf, BUFSIZ); if (resp->sc) {
if (n == -1) { n = br_sslio_read(&resp->body, buf, BUFSIZ);
fprintf(stderr, "Error: read\n"); } else {
return 1; n = read(resp->fd, buf, BUFSIZ);
}
if (n < 0) {
n = 0;
} }
ssize_t w = 0; ssize_t w = 0;
while (w < (ssize_t)n) { while (w < (ssize_t)n) {
@ -1123,11 +1139,7 @@ main(int argc, char *argv[])
open_bookmarks(&browser); open_bookmarks(&browser);
} }
SSL_load_error_strings(); gemini_tofu_init(&browser.tofu, &tofu_callback, &browser);
ERR_load_crypto_strings();
browser.opts.ssl_ctx = SSL_CTX_new(TLS_method());
gemini_tofu_init(&browser.tofu, browser.opts.ssl_ctx,
&tofu_callback, &browser);
struct gemini_response resp; struct gemini_response resp;
browser.running = true; browser.running = true;
@ -1189,7 +1201,6 @@ main(int argc, char *argv[])
hist = hist->prev; hist = hist->prev;
} }
history_free(hist); history_free(hist);
SSL_CTX_free(browser.opts.ssl_ctx);
curl_url_cleanup(browser.url); curl_url_cleanup(browser.url);
free(browser.page_title); free(browser.page_title);
free(browser.plain_url); free(browser.plain_url);

@ -1,21 +1,23 @@
#include <assert.h> #include <assert.h>
#include <ctype.h> #include <ctype.h>
#include <openssl/bio.h>
#include <stdbool.h> #include <stdbool.h>
#include <stddef.h> #include <stddef.h>
#include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <gmni/gmni.h> #include <gmni/gmni.h>
void void
gemini_parser_init(struct gemini_parser *p, BIO *f) gemini_parser_init(struct gemini_parser *p,
int (*read)(void *state, void *buf, size_t nbyte),
void *state)
{ {
p->f = f; p->read = read;
p->state = state;
p->bufln = 0; p->bufln = 0;
p->bufsz = BUFSIZ; p->bufsz = BUFSIZ;
p->buf = malloc(p->bufsz + 1); p->buf = malloc(p->bufsz + 1);
p->buf[0] = 0; p->buf[0] = 0;
BIO_up_ref(p->f);
p->preformatted = false; p->preformatted = false;
} }
@ -25,7 +27,6 @@ gemini_parser_finish(struct gemini_parser *p)
if (!p) { if (!p) {
return; return;
} }
BIO_free(p->f);
free(p->buf); free(p->buf);
} }
@ -42,7 +43,7 @@ gemini_parser_next(struct gemini_parser *p, struct gemini_token *tok)
assert(p->buf); assert(p->buf);
} }
ssize_t n = BIO_read(p->f, &p->buf[p->bufln], p->bufsz - p->bufln - 1); int n = p->read(p->state, &p->buf[p->bufln], p->bufsz - p->bufln - 1);
if (n == -1) { if (n == -1) {
return -1; return -1;
} else if (n == 0) { } else if (n == 0) {

@ -1,95 +1,97 @@
#include <assert.h> #include <assert.h>
#include <bearssl_hash.h>
#include <bearssl_x509.h>
#include <errno.h> #include <errno.h>
#include <libgen.h>
#include <limits.h>
#include <openssl/asn1.h>
#include <openssl/evp.h>
#include <openssl/ssl.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <stdio.h>
#include <string.h>
#include <time.h>
#include <gmni/gmni.h> #include <gmni/gmni.h>
#include <gmni/tofu.h> #include <gmni/tofu.h>
#include <libgen.h>
#include <limits.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "util.h" #include "util.h"
static int static void
verify_callback(X509_STORE_CTX *ctx, void *data) xt_start_chain(const br_x509_class **ctx, const char *server_name)
{ {
// Gemini clients handle TLS verification differently from the rest of struct x509_tofu_context *cc = (struct x509_tofu_context *)(void *)ctx;
// the internet. We use a TOFU system, so trust is based on two factors: cc->server_name = server_name;
// cc->err = 0;
// - Is the certificate valid at the time of the request? cc->pkey = NULL;
// - Has the user trusted this certificate yet? }
//
// If the answer to the latter is "no", then we give the user an
// opportunity to explicitly agree to trust the certificate before
// rejecting it.
//
// If you're reading this code with the intent to re-use it for
// something unrelated to Gemini, think twice.
struct gemini_tofu *tofu = (struct gemini_tofu *)data;
X509 *cert = X509_STORE_CTX_get0_cert(ctx);
struct known_host *host = NULL;
int rc; static void
int day, sec; xt_start_cert(const br_x509_class **ctx, uint32_t length)
const ASN1_TIME *notBefore = X509_get0_notBefore(cert); {
const ASN1_TIME *notAfter = X509_get0_notAfter(cert); struct x509_tofu_context *cc = (struct x509_tofu_context *)(void *)ctx;
if (!ASN1_TIME_diff(&day, &sec, NULL, notBefore)) { if (cc->err != 0) {
rc = X509_V_ERR_UNSPECIFIED; return;
goto invalid_cert;
} }
if (day > 0 || sec > 0) { if (length == 0) {
rc = X509_V_ERR_CERT_NOT_YET_VALID; cc->err = BR_ERR_X509_TRUNCATED;
goto invalid_cert; return;
}
if (!ASN1_TIME_diff(&day, &sec, NULL, notAfter)) {
rc = X509_V_ERR_UNSPECIFIED;
goto invalid_cert;
}
if (day < 0 || sec < 0) {
rc = X509_V_ERR_CERT_HAS_EXPIRED;
goto invalid_cert;
} }
br_x509_decoder_init(&cc->decoder, NULL, NULL);
br_sha512_init(&cc->sha512);
}
unsigned char md[512 / 8]; static void
const EVP_MD *sha512 = EVP_sha512(); xt_append(const br_x509_class **ctx, const unsigned char *buf, size_t len)
unsigned int len = sizeof(md); {
rc = X509_digest(cert, sha512, md, &len); struct x509_tofu_context *cc = (struct x509_tofu_context *)(void *)ctx;
assert(rc == 1); if (cc->err != 0) {
return;
}
br_x509_decoder_push(&cc->decoder, buf, len);
int err = br_x509_decoder_last_error(&cc->decoder);
if (err != 0 && err != BR_ERR_X509_TRUNCATED) {
cc->err = err;
}
br_sha512_update(&cc->sha512, buf, len);
}
static void
xt_end_cert(const br_x509_class **ctx)
{
struct x509_tofu_context *cc = (struct x509_tofu_context *)(void *)ctx;
if (cc->err != 0) {
return;
}
int err = br_x509_decoder_last_error(&cc->decoder);
if (err != 0 && err != BR_ERR_X509_TRUNCATED) {
cc->err = err;
return;
}
if (br_x509_decoder_isCA(&cc->decoder)) {
return;
}
cc->pkey = br_x509_decoder_get_pkey(&cc->decoder);
br_sha512_out(&cc->sha512, &cc->hash);
}
static unsigned
xt_end_chain(const br_x509_class **ctx)
{
struct x509_tofu_context *cc = (struct x509_tofu_context *)(void *)ctx;
if (cc->err != 0) {
return (unsigned)cc->err;
}
if (!cc->pkey) {
return BR_ERR_X509_EMPTY_CHAIN;
}
char fingerprint[512 / 8 * 3]; char fingerprint[512 / 8 * 3];
for (size_t i = 0; i < sizeof(md); ++i) { for (size_t i = 0; i < sizeof(cc->hash); ++i) {
snprintf(&fingerprint[i * 3], 4, "%02X%s", snprintf(&fingerprint[i * 3], 4, "%02X%s",
md[i], i + 1 == sizeof(md) ? "" : ":"); cc->hash[i], i + 1 == sizeof(cc->hash) ? "" : ":");
} }
SSL *ssl = X509_STORE_CTX_get_ex_data(ctx,
SSL_get_ex_data_X509_STORE_CTX_idx());
const char *servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
if (!servername) {
rc = X509_V_ERR_HOSTNAME_MISMATCH;
goto invalid_cert;
}
rc = X509_check_host(cert, servername, strlen(servername), 0, NULL);
if (rc != 1) {
rc = X509_V_ERR_HOSTNAME_MISMATCH;
goto invalid_cert;
}
time_t now;
time(&now);
enum tofu_error error = TOFU_UNTRUSTED_CERT; enum tofu_error error = TOFU_UNTRUSTED_CERT;
host = tofu->known_hosts; (void)error;
struct known_host *host = cc->store->known_hosts;
while (host) { while (host) {
if (host->expires < now) { if (strcmp(host->host, cc->server_name) != 0) {
goto next;
}
if (strcmp(host->host, servername) != 0) {
goto next; goto next;
} }
if (strcmp(host->fingerprint, fingerprint) == 0) { if (strcmp(host->fingerprint, fingerprint) == 0) {
@ -102,66 +104,84 @@ next:
host = host->next; host = host->next;
} }
rc = X509_V_ERR_CERT_UNTRUSTED; switch (cc->store->callback(error, fingerprint,
host, cc->store->cb_data)) {
callback:
switch (tofu->callback(error, fingerprint, host, tofu->cb_data)) {
case TOFU_ASK: case TOFU_ASK:
assert(0); // Invariant assert(0); // Invariant
case TOFU_FAIL: case TOFU_FAIL:
X509_STORE_CTX_set_error(ctx, rc); return BR_ERR_X509_NOT_TRUSTED;
break;
case TOFU_TRUST_ONCE: case TOFU_TRUST_ONCE:
// No further action necessary // No further action necessary
return 0; return 0;
case TOFU_TRUST_ALWAYS:; case TOFU_TRUST_ALWAYS:;
FILE *f = fopen(tofu->known_hosts_path, "a"); FILE *f = fopen(cc->store->known_hosts_path, "a");
if (!f) { if (!f) {
fprintf(stderr, "Error opening %s for writing: %s\n", fprintf(stderr, "Error opening %s for writing: %s\n",
tofu->known_hosts_path, strerror(errno)); cc->store->known_hosts_path, strerror(errno));
break; break;
}; };
struct tm expires_tm; fprintf(f, "%s %s %s\n", cc->server_name,
ASN1_TIME_to_tm(notAfter, &expires_tm); "SHA-512", fingerprint);
time_t expires = mktime(&expires_tm);
fprintf(f, "%s %s %s %jd\n", servername,
"SHA-512", fingerprint, (intmax_t)expires);
fclose(f); fclose(f);
host = calloc(1, sizeof(struct known_host)); host = calloc(1, sizeof(struct known_host));
host->host = strdup(servername); host->host = strdup(cc->server_name);
host->fingerprint = strdup(fingerprint); host->fingerprint = strdup(fingerprint);
host->expires = expires; host->lineno = ++cc->store->lineno;
host->lineno = ++tofu->lineno; host->next = cc->store->known_hosts;
host->next = tofu->known_hosts; cc->store->known_hosts = host;
tofu->known_hosts = host;
return 0; return 0;
} }
X509_STORE_CTX_set_error(ctx, rc); assert(0); // Unreachable
return 0;
invalid_cert:
error = TOFU_INVALID_CERT;
goto callback;
} }
static const br_x509_pkey *
xt_get_pkey(const br_x509_class *const *ctx, unsigned *usages)
{
struct x509_tofu_context *cc = (struct x509_tofu_context *)(void *)ctx;
if (cc->err != 0) {
return NULL;
}
if (usages) {
// XXX: BearSSL doesn't pull the usages out of the X.509 for us
*usages = BR_KEYTYPE_KEYX | BR_KEYTYPE_SIGN;
}
return cc->pkey;
}
const br_x509_class xt_vtable = {
sizeof(struct x509_tofu_context),
xt_start_chain,
xt_start_cert,
xt_append,
xt_end_cert,
xt_end_chain,
xt_get_pkey,
};
static void
x509_init_tofu(struct x509_tofu_context *ctx, struct gemini_tofu *store)
{
ctx->vtable = &xt_vtable;
ctx->store = store;
}
void void
gemini_tofu_init(struct gemini_tofu *tofu, gemini_tofu_init(struct gemini_tofu *tofu, tofu_callback_t *cb, void *cb_data)
SSL_CTX *ssl_ctx, tofu_callback_t *cb, void *cb_data)
{ {
const struct pathspec paths[] = { const struct pathspec paths[] = {
{.var = "GMNIDATA", .path = "/%s"}, {.var = "GMNIDATA", .path = "/%s"},
{.var = "XDG_DATA_HOME", .path = "/gemini/%s"}, {.var = "XDG_DATA_HOME", .path = "/gmni/%s"},
{.var = "HOME", .path = "/.local/share/gemini/%s"} {.var = "HOME", .path = "/.local/share/gmni/%s"}
}; };
char *path_fmt = getpath(paths, sizeof(paths) / sizeof(paths[0])); char *path_fmt = getpath(paths, sizeof(paths) / sizeof(paths[0]));
char dname[PATH_MAX+1]; char dname[PATH_MAX+1];
size_t n = 0; size_t n = 0;
n = snprintf(tofu->known_hosts_path, sizeof(tofu->known_hosts_path), n = snprintf(tofu->known_hosts_path,
path_fmt, "known_hosts"); sizeof(tofu->known_hosts_path),
path_fmt, "known_hosts");
assert(n < sizeof(tofu->known_hosts_path)); assert(n < sizeof(tofu->known_hosts_path));
strncpy(dname, dirname(tofu->known_hosts_path), sizeof(dname)-1); strncpy(dname, dirname(tofu->known_hosts_path), sizeof(dname)-1);
@ -179,10 +199,17 @@ gemini_tofu_init(struct gemini_tofu *tofu,
tofu->callback = cb; tofu->callback = cb;
tofu->cb_data = cb_data; tofu->cb_data = cb_data;
SSL_CTX_set_cert_verify_callback(ssl_ctx, verify_callback, tofu);
tofu->known_hosts = NULL; tofu->known_hosts = NULL;
x509_init_tofu(&tofu->x509_ctx, tofu);
br_x509_minimal_context _; // Discarded
br_ssl_client_init_full(&tofu->sc, &_, NULL, 0);
br_ssl_engine_set_x509(&tofu->sc.eng, &tofu->x509_ctx.vtable);
br_ssl_engine_set_buffer(&tofu->sc.eng,
&tofu->iobuf, sizeof(tofu->iobuf), 1);
FILE *f = fopen(tofu->known_hosts_path, "r"); FILE *f = fopen(tofu->known_hosts_path, "r");
if (!f) { if (!f) {
return; return;
@ -191,6 +218,11 @@ gemini_tofu_init(struct gemini_tofu *tofu,
int lineno = 1; int lineno = 1;
char *line = NULL; char *line = NULL;
while (getline(&line, &n, f) != -1) { while (getline(&line, &n, f) != -1) {
int ln = strlen(line);
if (line[ln-1] == '\n') {
line[ln-1] = 0;
}
struct known_host *host = calloc(1, sizeof(struct known_host)); struct known_host *host = calloc(1, sizeof(struct known_host));
char *tok = strtok(line, " "); char *tok = strtok(line, " ");
assert(tok); assert(tok);
@ -208,10 +240,6 @@ gemini_tofu_init(struct gemini_tofu *tofu,
assert(tok); assert(tok);
host->fingerprint = strdup(tok); host->fingerprint = strdup(tok);
tok = strtok(NULL, " ");
assert(tok);
host->expires = strtoul(tok, NULL, 10);
host->lineno = lineno++; host->lineno = lineno++;
host->next = tofu->known_hosts; host->next = tofu->known_hosts;

@ -1,5 +1,7 @@
#include <assert.h> #include <assert.h>
#include <bearssl_ssl.h>
#include <errno.h> #include <errno.h>
#include <gmni/gmni.h>
#include <libgen.h> #include <libgen.h>
#include <limits.h> #include <limits.h>
#include <stdint.h> #include <stdint.h>
@ -7,7 +9,6 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <gmni/gmni.h>
#include "util.h" #include "util.h"
static void static void
@ -82,7 +83,7 @@ download_resp(FILE *out, struct gemini_response resp, const char *path,
fprintf(out, "Downloading %s to %s\n", url, path); fprintf(out, "Downloading %s to %s\n", url, path);
char buf[BUFSIZ]; char buf[BUFSIZ];
for (int n = 1; n > 0;) { for (int n = 1; n > 0;) {
n = BIO_read(resp.bio, buf, sizeof(buf)); n = br_sslio_read(&resp.body, buf, sizeof(buf));
if (n == -1) { if (n == -1) {
fprintf(stderr, "Error: read\n"); fprintf(stderr, "Error: read\n");
return 1; return 1;