contrib/subversion/subversion/libsvn_subr/ssl_server_trust_providers.c

   1 /*
   2  * ssl_server_trust_providers.c: providers for
   3  * SVN_AUTH_CRED_SSL_SERVER_TRUST
   4  *
   5  * ====================================================================
   6  *    Licensed to the Apache Software Foundation (ASF) under one
   7  *    or more contributor license agreements.  See the NOTICE file
   8  *    distributed with this work for additional information
   9  *    regarding copyright ownership.  The ASF licenses this file
  10  *    to you under the Apache License, Version 2.0 (the
  11  *    "License"); you may not use this file except in compliance
  12  *    with the License.  You may obtain a copy of the License at
  13  *
  14  *      http://www.apache.org/licenses/LICENSE-2.0
  15  *
  16  *    Unless required by applicable law or agreed to in writing,
  17  *    software distributed under the License is distributed on an
  18  *    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  19  *    KIND, either express or implied.  See the License for the
  20  *    specific language governing permissions and limitations
  21  *    under the License.
  22  * ====================================================================
  23  */
  24
  25 #include <apr_pools.h>
  26
  27 #include "svn_hash.h"
  28 #include "svn_auth.h"
  29 #include "svn_error.h"
  30 #include "svn_config.h"
  31 #include "svn_string.h"
  32
  33 \f
  34 /*-----------------------------------------------------------------------*/
  35 /* File provider                                                         */
  36 /*-----------------------------------------------------------------------*/
  37
  38 /* The keys that will be stored on disk.  These serve the same role as
  39    similar constants in other providers. */
  40 #define AUTHN_ASCII_CERT_KEY            "ascii_cert"
  41 #define AUTHN_FAILURES_KEY              "failures"
  42
  43
  44 /* retrieve ssl server CA failure overrides (if any) from servers
  45    config */
  46 static svn_error_t *
  47 ssl_server_trust_file_first_credentials(void **credentials,
  48                                         void **iter_baton,
  49                                         void *provider_baton,
  50                                         apr_hash_t *parameters,
  51                                         const char *realmstring,
  52                                         apr_pool_t *pool)
  53 {
  54   apr_uint32_t *failures = svn_hash_gets(parameters,
  55                                          SVN_AUTH_PARAM_SSL_SERVER_FAILURES);
  56   const svn_auth_ssl_server_cert_info_t *cert_info =
  57     svn_hash_gets(parameters, SVN_AUTH_PARAM_SSL_SERVER_CERT_INFO);
  58   apr_hash_t *creds_hash = NULL;
  59   const char *config_dir;
  60   svn_error_t *error = SVN_NO_ERROR;
  61
  62   *credentials = NULL;
  63   *iter_baton = NULL;
  64
  65   /* Check if this is a permanently accepted certificate */
  66   config_dir = svn_hash_gets(parameters, SVN_AUTH_PARAM_CONFIG_DIR);
  67   error =
  68     svn_config_read_auth_data(&creds_hash, SVN_AUTH_CRED_SSL_SERVER_TRUST,
  69                               realmstring, config_dir, pool);
  70   svn_error_clear(error);
  71   if (! error && creds_hash)
  72     {
  73       svn_string_t *trusted_cert, *this_cert, *failstr;
  74       apr_uint32_t last_failures = 0;
  75
  76       trusted_cert = svn_hash_gets(creds_hash, AUTHN_ASCII_CERT_KEY);
  77       this_cert = svn_string_create(cert_info->ascii_cert, pool);
  78       failstr = svn_hash_gets(creds_hash, AUTHN_FAILURES_KEY);
  79
  80       if (failstr)
  81         {
  82           char *endptr;
  83           unsigned long tmp_ulong = strtoul(failstr->data, &endptr, 10);
  84
  85           if (*endptr == '\0')
  86             last_failures = (apr_uint32_t) tmp_ulong;
  87         }
  88
  89       /* If the cert is trusted and there are no new failures, we
  90        * accept it by clearing all failures. */
  91       if (trusted_cert &&
  92           svn_string_compare(this_cert, trusted_cert) &&
  93           (*failures & ~last_failures) == 0)
  94         {
  95           *failures = 0;
  96         }
  97     }
  98
  99   /* If all failures are cleared now, we return the creds */
 100   if (! *failures)
 101     {
 102       svn_auth_cred_ssl_server_trust_t *creds =
 103         apr_pcalloc(pool, sizeof(*creds));
 104       creds->may_save = FALSE; /* No need to save it again... */
 105       *credentials = creds;
 106     }
 107
 108   return SVN_NO_ERROR;
 109 }
 110
 111
 112 static svn_error_t *
 113 ssl_server_trust_file_save_credentials(svn_boolean_t *saved,
 114                                        void *credentials,
 115                                        void *provider_baton,
 116                                        apr_hash_t *parameters,
 117                                        const char *realmstring,
 118                                        apr_pool_t *pool)
 119 {
 120   svn_auth_cred_ssl_server_trust_t *creds = credentials;
 121   const svn_auth_ssl_server_cert_info_t *cert_info;
 122   apr_hash_t *creds_hash = NULL;
 123   const char *config_dir;
 124
 125   if (! creds->may_save)
 126     return SVN_NO_ERROR;
 127
 128   config_dir = svn_hash_gets(parameters, SVN_AUTH_PARAM_CONFIG_DIR);
 129
 130   cert_info = svn_hash_gets(parameters, SVN_AUTH_PARAM_SSL_SERVER_CERT_INFO);
 131
 132   creds_hash = apr_hash_make(pool);
 133   svn_hash_sets(creds_hash, AUTHN_ASCII_CERT_KEY,
 134                 svn_string_create(cert_info->ascii_cert, pool));
 135   svn_hash_sets(creds_hash,
 136                 AUTHN_FAILURES_KEY,
 137                 svn_string_createf(pool, "%lu",
 138                                    (unsigned long)creds->accepted_failures));
 139
 140   SVN_ERR(svn_config_write_auth_data(creds_hash,
 141                                      SVN_AUTH_CRED_SSL_SERVER_TRUST,
 142                                      realmstring,
 143                                      config_dir,
 144                                      pool));
 145   *saved = TRUE;
 146   return SVN_NO_ERROR;
 147 }
 148
 149
 150 static const svn_auth_provider_t ssl_server_trust_file_provider = {
 151   SVN_AUTH_CRED_SSL_SERVER_TRUST,
 152   &ssl_server_trust_file_first_credentials,
 153   NULL,
 154   &ssl_server_trust_file_save_credentials,
 155 };
 156
 157
 158 /*** Public API to SSL file providers. ***/
 159 void
 160 svn_auth_get_ssl_server_trust_file_provider
 161   (svn_auth_provider_object_t **provider, apr_pool_t *pool)
 162 {
 163   svn_auth_provider_object_t *po = apr_pcalloc(pool, sizeof(*po));
 164
 165   po->vtable = &ssl_server_trust_file_provider;
 166   *provider = po;
 167 }
 168
 169 \f
 170 /*-----------------------------------------------------------------------*/
 171 /* Prompt provider                                                       */
 172 /*-----------------------------------------------------------------------*/
 173
 174 /* Baton type for prompting to verify server ssl creds.
 175    There is no iteration baton type. */
 176 typedef struct ssl_server_trust_prompt_provider_baton_t
 177 {
 178   svn_auth_ssl_server_trust_prompt_func_t prompt_func;
 179   void *prompt_baton;
 180 } ssl_server_trust_prompt_provider_baton_t;
 181
 182
 183 static svn_error_t *
 184 ssl_server_trust_prompt_first_cred(void **credentials_p,
 185                                    void **iter_baton,
 186                                    void *provider_baton,
 187                                    apr_hash_t *parameters,
 188                                    const char *realmstring,
 189                                    apr_pool_t *pool)
 190 {
 191   ssl_server_trust_prompt_provider_baton_t *pb = provider_baton;
 192   apr_uint32_t *failures = svn_hash_gets(parameters,
 193                                          SVN_AUTH_PARAM_SSL_SERVER_FAILURES);
 194   const char *no_auth_cache = svn_hash_gets(parameters,
 195                                             SVN_AUTH_PARAM_NO_AUTH_CACHE);
 196   const svn_auth_ssl_server_cert_info_t *cert_info =
 197     svn_hash_gets(parameters, SVN_AUTH_PARAM_SSL_SERVER_CERT_INFO);
 198   svn_boolean_t may_save = (!no_auth_cache
 199                             && !(*failures & SVN_AUTH_SSL_OTHER));
 200
 201   SVN_ERR(pb->prompt_func((svn_auth_cred_ssl_server_trust_t **)credentials_p,
 202                           pb->prompt_baton, realmstring, *failures, cert_info,
 203                           may_save, pool));
 204
 205   *iter_baton = NULL;
 206   return SVN_NO_ERROR;
 207 }
 208
 209
 210 static const svn_auth_provider_t ssl_server_trust_prompt_provider = {
 211   SVN_AUTH_CRED_SSL_SERVER_TRUST,
 212   ssl_server_trust_prompt_first_cred,
 213   NULL,
 214   NULL
 215 };
 216
 217
 218 /*** Public API to SSL prompting providers. ***/
 219 void
 220 svn_auth_get_ssl_server_trust_prompt_provider
 221   (svn_auth_provider_object_t **provider,
 222    svn_auth_ssl_server_trust_prompt_func_t prompt_func,
 223    void *prompt_baton,
 224    apr_pool_t *pool)
 225 {
 226   svn_auth_provider_object_t *po = apr_pcalloc(pool, sizeof(*po));
 227   ssl_server_trust_prompt_provider_baton_t *pb =
 228     apr_palloc(pool, sizeof(*pb));
 229   pb->prompt_func = prompt_func;
 230   pb->prompt_baton = prompt_baton;
 231   po->vtable = &ssl_server_trust_prompt_provider;
 232   po->provider_baton = pb;
 233   *provider = po;
 234 }