diff --git a/parseconf.c b/parseconf.c index 3729818..ee1b8b4 100644 --- a/parseconf.c +++ b/parseconf.c @@ -188,6 +188,7 @@ parseconf_str_array[] = { "rsa_private_key_file", &tunable_rsa_private_key_file }, { "dsa_private_key_file", &tunable_dsa_private_key_file }, { "ca_certs_file", &tunable_ca_certs_file }, + { "ssl_sni_hostname", &tunable_ssl_sni_hostname }, { "cmds_denied", &tunable_cmds_denied }, { 0, 0 } }; diff --git a/ssl.c b/ssl.c index 09ec96a..51345f8 100644 --- a/ssl.c +++ b/ssl.c @@ -41,6 +41,13 @@ static long bio_callback( BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval); static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx); static DH *ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength); +static int ssl_alpn_callback(SSL* p_ssl, + const unsigned char** p_out, + unsigned char* outlen, + const unsigned char* p_in, + unsigned int inlen, + void* p_arg); +static long ssl_sni_callback(SSL* p_ssl, int* p_al, void* p_arg); static int ssl_cert_digest( SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str); static void maybe_log_shutdown_state(struct vsf_session* p_sess); @@ -286,6 +293,12 @@ ssl_init(struct vsf_session* p_sess) } SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback); + /* Set up ALPN to check for FTP protocol intention of client. */ + SSL_CTX_set_alpn_select_cb(p_ctx, ssl_alpn_callback, p_sess); + /* Set up SNI callback for an optional hostname check. */ + SSL_CTX_set_tlsext_servername_callback(p_ctx, ssl_sni_callback); + SSL_CTX_set_tlsext_servername_arg(p_ctx, p_sess); + if (tunable_ecdh_param_file) { @@ -870,6 +883,132 @@ ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength) return DH_get_dh(keylength); } +static int +ssl_alpn_callback(SSL* p_ssl, + const unsigned char** p_out, + unsigned char* outlen, + const unsigned char* p_in, + unsigned int inlen, + void* p_arg) { + unsigned int i; + struct vsf_session* p_sess = (struct vsf_session*) p_arg; + int is_ok = 0; + + (void) p_ssl; + + /* Initialize just in case. */ + *p_out = p_in; + *outlen = 0; + + for (i = 0; i < inlen; ++i) { + unsigned int left = (inlen - i); + if (left < 4) { + continue; + } + if (p_in[i] == 3 && p_in[i + 1] == 'f' && p_in[i + 2] == 't' && + p_in[i + 3] == 'p') + { + is_ok = 1; + *p_out = &p_in[i + 1]; + *outlen = 3; + break; + } + } + + if (!is_ok) + { + str_alloc_text(&debug_str, "ALPN rejection"); + vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str); + } + if (!is_ok || tunable_debug_ssl) + { + str_alloc_text(&debug_str, "ALPN data: "); + for (i = 0; i < inlen; ++i) { + str_append_char(&debug_str, p_in[i]); + } + vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str); + } + + if (is_ok) + { + return SSL_TLSEXT_ERR_OK; + } + else + { + return SSL_TLSEXT_ERR_ALERT_FATAL; + } +} + +static long +ssl_sni_callback(SSL* p_ssl, int* p_al, void* p_arg) +{ + static struct mystr s_sni_expected_hostname; + static struct mystr s_sni_received_hostname; + + int servername_type; + const char* p_sni_servername; + struct vsf_session* p_sess = (struct vsf_session*) p_arg; + int is_ok = 0; + + (void) p_ssl; + (void) p_arg; + + if (tunable_ssl_sni_hostname) + { + str_alloc_text(&s_sni_expected_hostname, tunable_ssl_sni_hostname); + } + + /* The OpenSSL documentation says it is pre-initialized like this, but set + * it just in case. + */ + *p_al = SSL_AD_UNRECOGNIZED_NAME; + + servername_type = SSL_get_servername_type(p_ssl); + p_sni_servername = SSL_get_servername(p_ssl, TLSEXT_NAMETYPE_host_name); + if (p_sni_servername != NULL) { + str_alloc_text(&s_sni_received_hostname, p_sni_servername); + } + + if (str_isempty(&s_sni_expected_hostname)) + { + is_ok = 1; + } + else if (servername_type != TLSEXT_NAMETYPE_host_name) + { + /* Fail. */ + str_alloc_text(&debug_str, "SNI bad type: "); + str_append_ulong(&debug_str, servername_type); + vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str); + } + else + { + if (!str_strcmp(&s_sni_expected_hostname, &s_sni_received_hostname)) + { + is_ok = 1; + } + else + { + str_alloc_text(&debug_str, "SNI rejection"); + vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str); + } + } + + if (!is_ok || tunable_debug_ssl) + { + str_alloc_text(&debug_str, "SNI hostname: "); + str_append_str(&debug_str, &s_sni_received_hostname); + vsf_log_line(p_sess, kVSFLogEntryDebug, &debug_str); + } + + if (is_ok) + { + return SSL_TLSEXT_ERR_OK; + } + else + { + return SSL_TLSEXT_ERR_ALERT_FATAL; + } +} void ssl_add_entropy(struct vsf_session* p_sess) diff --git a/tunables.c b/tunables.c index c96c1ac..d8dfcde 100644 --- a/tunables.c +++ b/tunables.c @@ -152,6 +152,7 @@ const char* tunable_ssl_ciphers; const char* tunable_rsa_private_key_file; const char* tunable_dsa_private_key_file; const char* tunable_ca_certs_file; +const char* tunable_ssl_sni_hostname; static void install_str_setting(const char* p_value, const char** p_storage); @@ -309,6 +310,7 @@ tunables_load_defaults() install_str_setting(0, &tunable_rsa_private_key_file); install_str_setting(0, &tunable_dsa_private_key_file); install_str_setting(0, &tunable_ca_certs_file); + install_str_setting(0, &tunable_ssl_sni_hostname); } void diff --git a/tunables.h b/tunables.h index 8d50150..de6cab0 100644 --- a/tunables.h +++ b/tunables.h @@ -157,6 +157,7 @@ extern const char* tunable_ssl_ciphers; extern const char* tunable_rsa_private_key_file; extern const char* tunable_dsa_private_key_file; extern const char* tunable_ca_certs_file; +extern const char* tunable_ssl_sni_hostname; extern const char* tunable_cmds_denied; #endif /* VSF_TUNABLES_H */ diff --git a/vsftpd.conf.5 b/vsftpd.conf.5 index 815773f..7006287 100644 --- a/vsftpd.conf.5 +++ b/vsftpd.conf.5 @@ -1128,6 +1128,12 @@ for further details. Default: PROFILE=SYSTEM .TP +.B ssl_sni_hostname +If set, SSL connections will be rejected unless the SNI hostname in the +incoming handshakes matches this value. + +Default: (none) +.TP .B user_config_dir This powerful option allows the override of any config option specified in the manual page, on a per-user basis. Usage is simple, and is best illustrated