Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 1 | /* Copyright (c) 2012, Jacob Appelbaum. |
| 2 | * Copyright (c) 2012, The Tor Project, Inc. */ |
| 3 | /* See LICENSE for licensing information */ |
| 4 | /* |
| 5 | This file contains the license for tlsdate, |
| 6 | a free software project to set your system clock securely. |
| 7 | |
| 8 | It also lists the licenses for other components used by tlsdate. |
| 9 | |
| 10 | For more information about tlsdate, see https://github.com/ioerror/tlsdate |
| 11 | |
| 12 | If you got this file as a part of a larger bundle, |
| 13 | there may be other license terms that you should be aware of. |
| 14 | |
| 15 | =============================================================================== |
| 16 | tlsdate is distributed under this license: |
| 17 | |
| 18 | Copyright (c) 2011-2012, Jacob Appelbaum <jacob@appelbaum.net> |
| 19 | Copyright (c) 2011-2012, The Tor Project, Inc. |
| 20 | |
| 21 | Redistribution and use in source and binary forms, with or without |
| 22 | modification, are permitted provided that the following conditions are |
| 23 | met: |
| 24 | |
| 25 | * Redistributions of source code must retain the above copyright |
| 26 | notice, this list of conditions and the following disclaimer. |
| 27 | |
| 28 | * Redistributions in binary form must reproduce the above |
| 29 | copyright notice, this list of conditions and the following disclaimer |
| 30 | in the documentation and/or other materials provided with the |
| 31 | distribution. |
| 32 | |
| 33 | * Neither the names of the copyright owners nor the names of its |
| 34 | contributors may be used to endorse or promote products derived from |
| 35 | this software without specific prior written permission. |
| 36 | |
| 37 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| 38 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| 39 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| 40 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| 41 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| 42 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| 43 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 44 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 45 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 46 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 47 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 48 | =============================================================================== |
| 49 | If you got tlsdate as a static binary with OpenSSL included, then you should |
| 50 | know: |
| 51 | |
| 52 | "This product includes software developed by the OpenSSL Project for use in |
| 53 | the OpenSSL Toolkit (http://www.openssl.org/)" |
| 54 | |
| 55 | =============================================================================== |
| 56 | */ |
| 57 | |
| 58 | /** |
Christian Grothoff | e267c35 | 2012-02-14 01:10:54 +0100 | [diff] [blame] | 59 | * \file tlsdate-helper.c |
| 60 | * \brief Helper program that does the actual work of setting the system clock. |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 61 | **/ |
| 62 | |
| 63 | /* |
| 64 | * tlsdate is a tool for setting the system clock by hand or by communication |
| 65 | * with the network. It does not set the RTC. It is designed to be as secure as |
| 66 | * TLS (RFC 2246) but of course the security of TLS is often reduced to |
| 67 | * whichever CA racket you believe is trustworthy. By default, tlsdate trusts |
| 68 | * your local CA root store - so any of these companies could assist in a MITM |
| 69 | * attack against you and you'd be screwed. |
| 70 | |
| 71 | * This tool is designed to be run by hand or as a system daemon. It must be |
| 72 | * run as root or otherwise have the proper caps; it will not be able to set |
| 73 | * the system time without running as root or another privileged user. |
| 74 | */ |
| 75 | |
Jacob Appelbaum | 9639003 | 2012-07-15 15:53:13 -0400 | [diff] [blame] | 76 | #include "../config/tlsdate-config.h" |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 77 | |
| 78 | #include <stdarg.h> |
| 79 | #include <stdint.h> |
Christian Grothoff | 191cd98 | 2012-02-14 00:48:45 +0100 | [diff] [blame] | 80 | #include <stdio.h> |
| 81 | #include <unistd.h> |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 82 | #include <sys/time.h> |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 83 | #include <sys/types.h> |
| 84 | #include <sys/wait.h> |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 85 | #include <sys/mman.h> |
Christian Grothoff | 191cd98 | 2012-02-14 00:48:45 +0100 | [diff] [blame] | 86 | #include <time.h> |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 87 | #include <pwd.h> |
Jacob Appelbaum | 2c385d2 | 2012-02-21 14:04:15 -0800 | [diff] [blame] | 88 | #include <grp.h> |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 89 | #include <arpa/inet.h> |
| 90 | |
| 91 | #include <openssl/bio.h> |
| 92 | #include <openssl/ssl.h> |
| 93 | #include <openssl/err.h> |
| 94 | #include <openssl/evp.h> |
| 95 | |
Christian Grothoff | 191cd98 | 2012-02-14 00:48:45 +0100 | [diff] [blame] | 96 | /** Name of user that we feel safe to run SSL handshake with. */ |
Elly Jones | 1cddca6 | 2012-06-20 15:00:33 -0400 | [diff] [blame] | 97 | #ifndef UNPRIV_USER |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 98 | #define UNPRIV_USER "nobody" |
Elly Jones | 1cddca6 | 2012-06-20 15:00:33 -0400 | [diff] [blame] | 99 | #endif |
| 100 | #ifndef UNPRIV_GROUP |
Jacob Appelbaum | 2c385d2 | 2012-02-21 14:04:15 -0800 | [diff] [blame] | 101 | #define UNPRIV_GROUP "nogroup" |
Elly Jones | 1cddca6 | 2012-06-20 15:00:33 -0400 | [diff] [blame] | 102 | #endif |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 103 | |
| 104 | // We should never accept a time before we were compiled |
| 105 | // We measure in seconds since the epoch - eg: echo `date '+%s'` |
| 106 | // We set this manually to ensure others can reproduce a build; |
| 107 | // automation of this will make every build different! |
Jacob Appelbaum | 64d1895 | 2012-07-15 18:28:07 -0400 | [diff] [blame] | 108 | #ifndef RECENT_COMPILE_DATE |
| 109 | #define RECENT_COMPILE_DATE (uint32_t) 1342323666 |
| 110 | #endif |
| 111 | |
| 112 | #ifndef MAX_REASONABLE_TIME |
dave bl | 30d8210 | 2012-02-08 01:39:24 +1100 | [diff] [blame] | 113 | #define MAX_REASONABLE_TIME (uint32_t) 1999991337 |
Jacob Appelbaum | 64d1895 | 2012-07-15 18:28:07 -0400 | [diff] [blame] | 114 | #endif |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 115 | |
Jacob Appelbaum | d84456c | 2012-02-15 16:02:31 -0800 | [diff] [blame] | 116 | // After the duration of the TLS handshake exceeds this threshold |
Philipp Winter | b3ca577 | 2012-02-16 11:56:11 +0100 | [diff] [blame] | 117 | // (in msec), a warning is printed. |
| 118 | #define TLS_RTT_THRESHOLD 2000 |
Jacob Appelbaum | d84456c | 2012-02-15 16:02:31 -0800 | [diff] [blame] | 119 | |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 120 | static int verbose; |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 121 | |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 122 | static int ca_racket; |
| 123 | |
| 124 | static const char *host; |
| 125 | |
| 126 | static const char *port; |
| 127 | |
| 128 | static const char *protocol; |
| 129 | |
Elly Jones | 9ae3aa6 | 2012-06-20 15:32:46 -0400 | [diff] [blame] | 130 | static const char *certdir; |
| 131 | |
Christian Grothoff | 191cd98 | 2012-02-14 00:48:45 +0100 | [diff] [blame] | 132 | /** helper function to print message and die */ |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 133 | static void |
| 134 | die(const char *fmt, ...) |
| 135 | { |
| 136 | va_list ap; |
| 137 | |
| 138 | va_start(ap, fmt); |
| 139 | vfprintf(stderr, fmt, ap); |
| 140 | va_end(ap); |
| 141 | exit(1); |
| 142 | } |
| 143 | |
| 144 | |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 145 | /** helper function for 'verbose' output */ |
| 146 | static void |
| 147 | verb (const char *fmt, ...) |
| 148 | { |
| 149 | va_list ap; |
| 150 | |
Christian Grothoff | afbae37 | 2012-02-07 14:17:53 +0100 | [diff] [blame] | 151 | if (! verbose) return; |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 152 | va_start(ap, fmt); |
| 153 | // FIXME: stdout or stderr for verbose messages? |
| 154 | vfprintf(stderr, fmt, ap); |
| 155 | va_end(ap); |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 156 | } |
| 157 | |
| 158 | |
Jacob Appelbaum | 123bb3e | 2012-07-16 17:25:34 -0700 | [diff] [blame] | 159 | void |
Jacob Appelbaum | 9f80729 | 2012-07-16 18:24:37 -0700 | [diff] [blame^] | 160 | openssl_time_callback(const SSL* ssl, int where, int ret) |
| 161 | { |
Jacob Appelbaum | 123bb3e | 2012-07-16 17:25:34 -0700 | [diff] [blame] | 162 | if (where == SSL_CB_CONNECT_LOOP && ssl->state == SSL3_ST_CR_CERT_A) |
| 163 | { |
Jacob Appelbaum | 9f80729 | 2012-07-16 18:24:37 -0700 | [diff] [blame^] | 164 | // XXX TODO: If we want to trust the remote system for time, |
| 165 | // can we just read that time out of the remote system and if the |
| 166 | // cert verifies, decide that the time is reasonable? |
| 167 | // Such a process seems to indicate that a once valid cert would be |
| 168 | // forever valid - we stopgap that by ensuring it isn't less than |
| 169 | // the latest compiled_time and isn't above max_reasonable_time... |
| 170 | // XXX TODO: Solve eternal question about the Chicken and the Egg... |
| 171 | uint32_t compiled_time = RECENT_COMPILE_DATE; |
| 172 | uint32_t max_reasonable_time = MAX_REASONABLE_TIME; |
Jacob Appelbaum | 123bb3e | 2012-07-16 17:25:34 -0700 | [diff] [blame] | 173 | uint32_t server_time; |
Jacob Appelbaum | 9f80729 | 2012-07-16 18:24:37 -0700 | [diff] [blame^] | 174 | verb("V: freezing time for x509 verification\n"); |
Jacob Appelbaum | 123bb3e | 2012-07-16 17:25:34 -0700 | [diff] [blame] | 175 | memcpy(&server_time, ssl->s3->server_random, sizeof(uint32_t)); |
Jacob Appelbaum | 9f80729 | 2012-07-16 18:24:37 -0700 | [diff] [blame^] | 176 | if (compiled_time < ntohl(server_time) |
| 177 | && |
| 178 | ntohl(server_time) < max_reasonable_time) |
| 179 | { |
| 180 | verb("V: remote peer provided: %d, prefered over compile time: %d\n", |
| 181 | ntohl(server_time), compiled_time); |
| 182 | verb("V: freezing time with X509_VERIFY_PARAM_set_time\n"); |
| 183 | X509_VERIFY_PARAM_set_time(ssl->ctx->param, (time_t) ntohl(server_time)); |
| 184 | } else { |
| 185 | die("V: the remote server is a false ticker! server: %d compile: %d\n", |
| 186 | ntohl(server_time), compiled_time); |
| 187 | } |
Jacob Appelbaum | 123bb3e | 2012-07-16 17:25:34 -0700 | [diff] [blame] | 188 | } |
| 189 | } |
| 190 | |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 191 | /** |
| 192 | * Run SSL handshake and store the resulting time value in the |
| 193 | * 'time_map'. |
| 194 | * |
| 195 | * @param time_map where to store the current time |
| 196 | */ |
| 197 | static void |
Jacob Appelbaum | c732f4e | 2012-07-15 22:38:46 -0400 | [diff] [blame] | 198 | run_ssl (uint32_t *time_map, int time_is_an_illusion) |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 199 | { |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 200 | BIO *s_bio; |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 201 | SSL_CTX *ctx; |
| 202 | SSL *ssl; |
| 203 | |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 204 | SSL_load_error_strings(); |
| 205 | SSL_library_init(); |
| 206 | |
| 207 | ctx = NULL; |
| 208 | if (0 == strcmp("sslv23", protocol)) |
| 209 | { |
| 210 | verb ("V: using SSLv23_client_method()\n"); |
| 211 | ctx = SSL_CTX_new(SSLv23_client_method()); |
| 212 | } else if (0 == strcmp("sslv3", protocol)) |
| 213 | { |
| 214 | verb ("V: using SSLv3_client_method()\n"); |
| 215 | ctx = SSL_CTX_new(SSLv3_client_method()); |
| 216 | } else if (0 == strcmp("tlsv1", protocol)) |
| 217 | { |
| 218 | verb ("V: using TLSv1_client_method()\n"); |
| 219 | ctx = SSL_CTX_new(TLSv1_client_method()); |
| 220 | } else |
| 221 | die("Unsupported protocol `%s'\n", protocol); |
| 222 | |
| 223 | if (ctx == NULL) |
| 224 | die("OpenSSL failed to support protocol `%s'\n", protocol); |
| 225 | |
| 226 | if (ca_racket) |
| 227 | { |
Elly Jones | 9ae3aa6 | 2012-06-20 15:32:46 -0400 | [diff] [blame] | 228 | if (1 != SSL_CTX_load_verify_locations(ctx, NULL, certdir)) |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 229 | fprintf(stderr, "SSL_CTX_load_verify_locations failed\n"); |
| 230 | } |
| 231 | |
| 232 | if (NULL == (s_bio = BIO_new_ssl_connect(ctx))) |
| 233 | die ("SSL BIO setup failed\n"); |
| 234 | BIO_get_ssl(s_bio, &ssl); |
| 235 | if (NULL == ssl) |
| 236 | die ("SSL setup failed\n"); |
Jacob Appelbaum | 9f80729 | 2012-07-16 18:24:37 -0700 | [diff] [blame^] | 237 | |
| 238 | if (time_is_an_illusion) |
| 239 | { |
| 240 | SSL_set_info_callback(ssl, openssl_time_callback); |
| 241 | } |
| 242 | |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 243 | SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); |
| 244 | if ( (1 != BIO_set_conn_hostname(s_bio, host)) || |
| 245 | (1 != BIO_set_conn_port(s_bio, port)) ) |
| 246 | die ("Failed to initialize connection to `%s:%s'\n", host, port); |
| 247 | |
Stewart Smith | 3aa3f38 | 2012-06-29 14:36:34 +1000 | [diff] [blame] | 248 | if (NULL == BIO_new_fp(stdout, BIO_NOCLOSE)) |
| 249 | die ("BIO_new_fp returned error, possibly: %s", strerror(errno)); |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 250 | |
Jacob Appelbaum | 405a793 | 2012-02-15 15:22:02 -0800 | [diff] [blame] | 251 | // This should run in seccomp |
| 252 | // eg: prctl(PR_SET_SECCOMP, 1); |
| 253 | if (1 != BIO_do_connect(s_bio)) // XXX TODO: BIO_should_retry() later? |
Jacob Appelbaum | 9a15957 | 2012-02-20 12:39:44 -0800 | [diff] [blame] | 254 | die ("SSL connection failed\n"); |
Philipp Winter | d96af62 | 2012-02-15 22:15:50 +0100 | [diff] [blame] | 255 | if (1 != BIO_do_handshake(s_bio)) |
| 256 | die ("SSL handshake failed\n"); |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 257 | // Verify the peer certificate against the CA certs on the local system |
| 258 | if (ca_racket) { |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 259 | long ssl_verify_result; |
| 260 | |
Stewart Smith | fc0171f | 2012-06-29 14:38:24 +1000 | [diff] [blame] | 261 | if (NULL == SSL_get_peer_certificate(ssl)) |
Jacob Appelbaum | c732f4e | 2012-07-15 22:38:46 -0400 | [diff] [blame] | 262 | { |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 263 | die ("Getting SSL certificate failed\n"); |
Jacob Appelbaum | c732f4e | 2012-07-15 22:38:46 -0400 | [diff] [blame] | 264 | } |
Jacob Appelbaum | 9f80729 | 2012-07-16 18:24:37 -0700 | [diff] [blame^] | 265 | /* |
Jacob Appelbaum | 64d1895 | 2012-07-15 18:28:07 -0400 | [diff] [blame] | 266 | if (time_is_an_illusion) |
| 267 | { |
| 268 | // XXX TODO: If we want to trust the remote system for time, |
| 269 | // can we just read that time out of the remote system and if the |
| 270 | // cert verifies, decide that the time is reasonable? |
| 271 | // Such a process seems to indicate that a once valid cert would be |
| 272 | // forever valid - we stopgap that by ensuring it isn't less than |
| 273 | // the latest compiled_time and isn't above max_reasonable_time... |
| 274 | // XXX TODO: Solve eternal question about the Chicken and the Egg... |
| 275 | verb("V: freezing time for x509 verification\n"); |
Jacob Appelbaum | 64d1895 | 2012-07-15 18:28:07 -0400 | [diff] [blame] | 276 | memcpy(time_map, ssl->s3->server_random, sizeof (uint32_t)); |
Jacob Appelbaum | 64d1895 | 2012-07-15 18:28:07 -0400 | [diff] [blame] | 277 | if (compiled_time < ntohl( * time_map) |
| 278 | && |
| 279 | ntohl(*time_map) < max_reasonable_time) |
| 280 | { |
Jacob Appelbaum | c732f4e | 2012-07-15 22:38:46 -0400 | [diff] [blame] | 281 | verb("V: remote peer provided: %d, prefered over compile time: %d\n", |
Jacob Appelbaum | 64d1895 | 2012-07-15 18:28:07 -0400 | [diff] [blame] | 282 | ntohl( *time_map), compiled_time); |
Jacob Appelbaum | 64d1895 | 2012-07-15 18:28:07 -0400 | [diff] [blame] | 283 | // In theory, we instruct verify to check if it _would be valid_ if the |
| 284 | // verification happened at ((time_t) ntohl(*time_map)) |
| 285 | X509_VERIFY_PARAM_set_time(ctx->param, (time_t) ntohl(*time_map)); |
| 286 | } else { |
Jacob Appelbaum | 64d1895 | 2012-07-15 18:28:07 -0400 | [diff] [blame] | 287 | die("V: the remote server is a false ticker! server: %d compile: %d\n", |
| 288 | ntohl(*time_map), compiled_time); |
| 289 | } |
| 290 | } |
Jacob Appelbaum | 9f80729 | 2012-07-16 18:24:37 -0700 | [diff] [blame^] | 291 | */ |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 292 | // In theory, we verify that the cert is valid |
| 293 | ssl_verify_result = SSL_get_verify_result(ssl); |
| 294 | switch (ssl_verify_result) |
| 295 | { |
| 296 | case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: |
| 297 | case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: |
Christian Grothoff | e267c35 | 2012-02-14 01:10:54 +0100 | [diff] [blame] | 298 | die ("SSL certificate is self signed\n"); |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 299 | case X509_V_OK: |
Christian Grothoff | e267c35 | 2012-02-14 01:10:54 +0100 | [diff] [blame] | 300 | verb ("V: SSL certificate verification passed\n"); |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 301 | break; |
| 302 | default: |
Jacob Appelbaum | 9a15957 | 2012-02-20 12:39:44 -0800 | [diff] [blame] | 303 | die ("SSL certification verification error: %ld\n", |
Jacob Appelbaum | d84456c | 2012-02-15 16:02:31 -0800 | [diff] [blame] | 304 | ssl_verify_result); |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 305 | } |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 306 | } else { |
| 307 | verb ("V: Certificate verification skipped!\n"); |
| 308 | } |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 309 | // from /usr/include/openssl/ssl3.h |
Jacob Appelbaum | ca64b50 | 2012-06-28 21:54:14 -0700 | [diff] [blame] | 310 | // ssl->s3->server_random is an unsigned char of 32 bits |
Jacob Appelbaum | 9a15957 | 2012-02-20 12:39:44 -0800 | [diff] [blame] | 311 | memcpy(time_map, ssl->s3->server_random, sizeof (uint32_t)); |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 312 | } |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 313 | |
| 314 | |
Christian Grothoff | 191cd98 | 2012-02-14 00:48:45 +0100 | [diff] [blame] | 315 | /** drop root rights and become 'nobody' */ |
Christian Grothoff | bd15a22 | 2012-02-14 00:40:57 +0100 | [diff] [blame] | 316 | static void |
| 317 | become_nobody () |
| 318 | { |
| 319 | uid_t uid; |
Jacob Appelbaum | 2c385d2 | 2012-02-21 14:04:15 -0800 | [diff] [blame] | 320 | gid_t gid; |
Christian Grothoff | bd15a22 | 2012-02-14 00:40:57 +0100 | [diff] [blame] | 321 | struct passwd *pw; |
Jacob Appelbaum | 2c385d2 | 2012-02-21 14:04:15 -0800 | [diff] [blame] | 322 | struct group *gr; |
Christian Grothoff | bd15a22 | 2012-02-14 00:40:57 +0100 | [diff] [blame] | 323 | |
Christian Grothoff | e267c35 | 2012-02-14 01:10:54 +0100 | [diff] [blame] | 324 | if (0 != getuid ()) |
| 325 | return; /* not running as root to begin with; should (!) be harmless to continue |
Jacob Appelbaum | d84456c | 2012-02-15 16:02:31 -0800 | [diff] [blame] | 326 | without dropping to 'nobody' (setting time will fail in the end) */ |
Christian Grothoff | bd15a22 | 2012-02-14 00:40:57 +0100 | [diff] [blame] | 327 | pw = getpwnam(UNPRIV_USER); |
Jacob Appelbaum | 2c385d2 | 2012-02-21 14:04:15 -0800 | [diff] [blame] | 328 | gr = getgrnam(UNPRIV_GROUP); |
Christian Grothoff | bd15a22 | 2012-02-14 00:40:57 +0100 | [diff] [blame] | 329 | if (NULL == pw) |
| 330 | die ("Failed to obtain UID for `%s'\n", UNPRIV_USER); |
Jacob Appelbaum | 2c385d2 | 2012-02-21 14:04:15 -0800 | [diff] [blame] | 331 | if (NULL == gr) |
| 332 | die ("Failed to obtain GID for `%s'\n", UNPRIV_GROUP); |
Christian Grothoff | bd15a22 | 2012-02-14 00:40:57 +0100 | [diff] [blame] | 333 | uid = pw->pw_uid; |
| 334 | if (0 == uid) |
| 335 | die ("UID for `%s' is 0, refusing to run SSL\n", UNPRIV_USER); |
Jacob Appelbaum | 2c385d2 | 2012-02-21 14:04:15 -0800 | [diff] [blame] | 336 | gid = pw->pw_gid; |
| 337 | if (0 == gid || 0 == gr->gr_gid) |
| 338 | die ("GID for `%s' is 0, refusing to run SSL\n", UNPRIV_USER); |
| 339 | if (pw->pw_gid != gr->gr_gid) |
Jacob Appelbaum | ad873f3 | 2012-02-21 14:36:10 -0800 | [diff] [blame] | 340 | die ("GID for `%s' is not `%s' as expected, refusing to run SSL\n", |
| 341 | UNPRIV_USER, UNPRIV_GROUP); |
| 342 | |
| 343 | if (0 != initgroups((const char *)UNPRIV_USER, gr->gr_gid)) |
| 344 | die ("Unable to initgroups for `%s' in group `%s' as expected\n", |
| 345 | UNPRIV_USER, UNPRIV_GROUP); |
Jacob Appelbaum | 2c385d2 | 2012-02-21 14:04:15 -0800 | [diff] [blame] | 346 | |
| 347 | #ifdef HAVE_SETRESGID |
| 348 | if (0 != setresgid (gid, gid, gid)) |
| 349 | die ("Failed to setresgid: %s\n", strerror (errno)); |
| 350 | #else |
| 351 | if (0 != (setgid (gid) | setegid (gid))) |
| 352 | die ("Failed to setgid: %s\n", strerror (errno)); |
| 353 | #endif |
Christian Grothoff | bd15a22 | 2012-02-14 00:40:57 +0100 | [diff] [blame] | 354 | #ifdef HAVE_SETRESUID |
| 355 | if (0 != setresuid (uid, uid, uid)) |
| 356 | die ("Failed to setresuid: %s\n", strerror (errno)); |
| 357 | #else |
| 358 | if (0 != (setuid (uid) | seteuid (uid))) |
| 359 | die ("Failed to setuid: %s\n", strerror (errno)); |
Jacob Appelbaum | 2c385d2 | 2012-02-21 14:04:15 -0800 | [diff] [blame] | 360 | #endif |
Christian Grothoff | bd15a22 | 2012-02-14 00:40:57 +0100 | [diff] [blame] | 361 | } |
| 362 | |
| 363 | |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 364 | int |
| 365 | main(int argc, char **argv) |
| 366 | { |
| 367 | uint32_t *time_map; |
| 368 | struct timeval start_timeval; |
| 369 | struct timeval end_timeval; |
Jacob Appelbaum | 894d527 | 2012-07-15 14:32:39 -0400 | [diff] [blame] | 370 | struct timeval warp_time; |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 371 | int status; |
| 372 | pid_t ssl_child; |
Christian Grothoff | e267c35 | 2012-02-14 01:10:54 +0100 | [diff] [blame] | 373 | long long rt_time_ms; |
| 374 | uint32_t server_time_s; |
Jeroen Massar | c27a92a | 2012-07-13 11:49:05 +0200 | [diff] [blame] | 375 | int setclock; |
| 376 | int showtime; |
Jacob Appelbaum | 894d527 | 2012-07-15 14:32:39 -0400 | [diff] [blame] | 377 | int timewarp; |
Jacob Appelbaum | c732f4e | 2012-07-15 22:38:46 -0400 | [diff] [blame] | 378 | int leap; |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 379 | |
Jacob Appelbaum | c732f4e | 2012-07-15 22:38:46 -0400 | [diff] [blame] | 380 | if (argc != 11) |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 381 | return 1; |
| 382 | host = argv[1]; |
| 383 | port = argv[2]; |
| 384 | protocol = argv[3]; |
Elly Jones | 9ae3aa6 | 2012-06-20 15:32:46 -0400 | [diff] [blame] | 385 | certdir = argv[6]; |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 386 | ca_racket = (0 != strcmp ("unchecked", argv[4])); |
| 387 | verbose = (0 != strcmp ("quiet", argv[5])); |
Jeroen Massar | c27a92a | 2012-07-13 11:49:05 +0200 | [diff] [blame] | 388 | setclock = (0 == strcmp ("setclock", argv[7])); |
| 389 | showtime = (0 == strcmp ("showtime", argv[8])); |
Jacob Appelbaum | 894d527 | 2012-07-15 14:32:39 -0400 | [diff] [blame] | 390 | timewarp = (0 == strcmp ("timewarp", argv[9])); |
Jacob Appelbaum | c732f4e | 2012-07-15 22:38:46 -0400 | [diff] [blame] | 391 | leap = (0 == strcmp ("leapaway", argv[10])); |
Jacob Appelbaum | 894d527 | 2012-07-15 14:32:39 -0400 | [diff] [blame] | 392 | |
| 393 | if (timewarp) |
| 394 | { |
| 395 | warp_time.tv_sec = RECENT_COMPILE_DATE; |
| 396 | warp_time.tv_usec = 0; |
Jacob Appelbaum | 9639003 | 2012-07-15 15:53:13 -0400 | [diff] [blame] | 397 | verb ("V: RECENT_COMPILE_DATE is %lu.%06lu\n", |
| 398 | (unsigned long)warp_time.tv_sec, |
| 399 | (unsigned long)warp_time.tv_usec); |
Jacob Appelbaum | 894d527 | 2012-07-15 14:32:39 -0400 | [diff] [blame] | 400 | } |
Jeroen Massar | c27a92a | 2012-07-13 11:49:05 +0200 | [diff] [blame] | 401 | |
| 402 | /* We are not going to set the clock, thus no need to stay root */ |
Jacob Appelbaum | 894d527 | 2012-07-15 14:32:39 -0400 | [diff] [blame] | 403 | if (0 == setclock && 0 == timewarp) |
| 404 | { |
Jeroen Massar | c27a92a | 2012-07-13 11:49:05 +0200 | [diff] [blame] | 405 | become_nobody (); |
Jacob Appelbaum | 894d527 | 2012-07-15 14:32:39 -0400 | [diff] [blame] | 406 | } |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 407 | |
| 408 | time_map = mmap (NULL, sizeof (uint32_t), |
Jacob Appelbaum | d84456c | 2012-02-15 16:02:31 -0800 | [diff] [blame] | 409 | PROT_READ | PROT_WRITE, |
| 410 | MAP_SHARED | MAP_ANONYMOUS, -1, 0); |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 411 | if (MAP_FAILED == time_map) |
| 412 | { |
| 413 | fprintf (stderr, "mmap failed: %s\n", |
Jacob Appelbaum | 894d527 | 2012-07-15 14:32:39 -0400 | [diff] [blame] | 414 | strerror (errno)); |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 415 | return 1; |
| 416 | } |
Christian Grothoff | 191cd98 | 2012-02-14 00:48:45 +0100 | [diff] [blame] | 417 | |
| 418 | /* Get the current time from the system clock. */ |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 419 | if (0 != gettimeofday(&start_timeval, NULL)) |
Jacob Appelbaum | 894d527 | 2012-07-15 14:32:39 -0400 | [diff] [blame] | 420 | { |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 421 | die ("Failed to read current time of day: %s\n", strerror (errno)); |
Jacob Appelbaum | 894d527 | 2012-07-15 14:32:39 -0400 | [diff] [blame] | 422 | } |
| 423 | |
Christian Grothoff | 191cd98 | 2012-02-14 00:48:45 +0100 | [diff] [blame] | 424 | verb ("V: time is currently %lu.%06lu\n", |
Jacob Appelbaum | 894d527 | 2012-07-15 14:32:39 -0400 | [diff] [blame] | 425 | (unsigned long)start_timeval.tv_sec, |
| 426 | (unsigned long)start_timeval.tv_usec); |
| 427 | |
| 428 | if (((unsigned long)start_timeval.tv_sec) < ((unsigned long)warp_time.tv_sec)) |
| 429 | { |
| 430 | verb ("V: local clock time is less than RECENT_COMPILE_DATE\n"); |
| 431 | if (timewarp) |
| 432 | { |
| 433 | verb ("V: Attempting to warp local clock into the future\n"); |
| 434 | if (0 != settimeofday(&warp_time, NULL)) |
| 435 | { |
| 436 | die ("setting time failed: %s (Attempted to set clock to %lu.%06lu)\n", |
| 437 | strerror (errno), |
| 438 | (unsigned long)warp_time.tv_sec, |
| 439 | (unsigned long)warp_time.tv_usec); |
| 440 | } |
| 441 | if (0 != gettimeofday(&start_timeval, NULL)) |
| 442 | { |
| 443 | die ("Failed to read current time of day: %s\n", strerror (errno)); |
| 444 | } |
| 445 | verb ("V: time is currently %lu.%06lu\n", |
| 446 | (unsigned long)start_timeval.tv_sec, |
| 447 | (unsigned long)start_timeval.tv_usec); |
| 448 | verb ("V: It's just a step to the left...\n"); |
| 449 | } |
| 450 | } else { |
| 451 | verb ("V: time is greater than RECENT_COMPILE_DATE\n"); |
| 452 | } |
Christian Grothoff | 191cd98 | 2012-02-14 00:48:45 +0100 | [diff] [blame] | 453 | |
| 454 | /* initialize to bogus value, just to be on the safe side */ |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 455 | *time_map = 0; |
Christian Grothoff | e267c35 | 2012-02-14 01:10:54 +0100 | [diff] [blame] | 456 | |
| 457 | /* Run SSL interaction in separate process (and not as 'root') */ |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 458 | ssl_child = fork (); |
| 459 | if (-1 == ssl_child) |
| 460 | die ("fork failed: %s\n", strerror (errno)); |
| 461 | if (0 == ssl_child) |
| 462 | { |
Christian Grothoff | bd15a22 | 2012-02-14 00:40:57 +0100 | [diff] [blame] | 463 | become_nobody (); |
Jacob Appelbaum | c732f4e | 2012-07-15 22:38:46 -0400 | [diff] [blame] | 464 | run_ssl (time_map, leap); |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 465 | (void) munmap (time_map, sizeof (uint32_t)); |
| 466 | _exit (0); |
| 467 | } |
| 468 | if (ssl_child != waitpid (ssl_child, &status, 0)) |
| 469 | die ("waitpid failed: %s\n", strerror (errno)); |
Christian Grothoff | 191cd98 | 2012-02-14 00:48:45 +0100 | [diff] [blame] | 470 | if (! (WIFEXITED (status) && (0 == WEXITSTATUS (status)) )) |
| 471 | die ("child process failed in SSL handshake\n"); |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 472 | |
| 473 | if (0 != gettimeofday(&end_timeval, NULL)) |
| 474 | die ("Failed to read current time of day: %s\n", strerror (errno)); |
Christian Grothoff | e267c35 | 2012-02-14 01:10:54 +0100 | [diff] [blame] | 475 | |
| 476 | /* calculate RTT */ |
| 477 | rt_time_ms = (end_timeval.tv_sec - start_timeval.tv_sec) * 1000 + (end_timeval.tv_usec - start_timeval.tv_usec) / 1000; |
| 478 | if (rt_time_ms < 0) |
| 479 | rt_time_ms = 0; /* non-linear time... */ |
| 480 | server_time_s = ntohl (*time_map); |
| 481 | munmap (time_map, sizeof (uint32_t)); |
Christian Grothoff | 88b422b | 2012-02-14 00:35:09 +0100 | [diff] [blame] | 482 | |
Jacob Appelbaum | 9a15957 | 2012-02-20 12:39:44 -0800 | [diff] [blame] | 483 | verb ("V: server time %u (difference is about %d s) was fetched in %lld ms\n", |
Jacob Appelbaum | d84456c | 2012-02-15 16:02:31 -0800 | [diff] [blame] | 484 | (unsigned int) server_time_s, |
| 485 | start_timeval.tv_sec - server_time_s, |
| 486 | rt_time_ms); |
Christian Grothoff | 191cd98 | 2012-02-14 00:48:45 +0100 | [diff] [blame] | 487 | |
Philipp Winter | b3ca577 | 2012-02-16 11:56:11 +0100 | [diff] [blame] | 488 | /* warning if the handshake took too long */ |
| 489 | if (rt_time_ms > TLS_RTT_THRESHOLD) { |
| 490 | verb ("V: the TLS handshake took more than %d msecs - consider using a different " \ |
| 491 | "server or run it again\n", TLS_RTT_THRESHOLD); |
| 492 | } |
| 493 | |
Jeroen Massar | c27a92a | 2012-07-13 11:49:05 +0200 | [diff] [blame] | 494 | if (showtime) |
| 495 | { |
Jacob Appelbaum | 699a276 | 2012-07-15 16:14:14 -0400 | [diff] [blame] | 496 | struct tm ltm; |
| 497 | time_t tim = server_time_s; |
Jeroen Massar | c27a92a | 2012-07-13 11:49:05 +0200 | [diff] [blame] | 498 | char buf[256]; |
| 499 | |
| 500 | localtime_r(&tim, <m); |
| 501 | (void) strftime(buf, sizeof buf, "%a %b %e %H:%M:%S %Z %Y", <m); |
| 502 | fprintf(stdout, "%s\n", buf); |
| 503 | } |
| 504 | |
Christian Grothoff | 191cd98 | 2012-02-14 00:48:45 +0100 | [diff] [blame] | 505 | /* finally, actually set the time */ |
Jeroen Massar | c27a92a | 2012-07-13 11:49:05 +0200 | [diff] [blame] | 506 | if (setclock) |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 507 | { |
| 508 | struct timeval server_time; |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 509 | |
Christian Grothoff | e267c35 | 2012-02-14 01:10:54 +0100 | [diff] [blame] | 510 | /* correct server time by half of RTT */ |
| 511 | server_time.tv_sec = server_time_s + (rt_time_ms / 2 / 1000); |
| 512 | server_time.tv_usec = (rt_time_ms / 2) % 1000; |
| 513 | |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 514 | // We should never receive a time that is before the time we were last |
| 515 | // compiled; we subscribe to the linear theory of time for this program |
| 516 | // and this program alone! |
Christian Grothoff | f5098b4 | 2012-02-07 12:20:33 +0100 | [diff] [blame] | 517 | if (server_time.tv_sec >= MAX_REASONABLE_TIME) |
Jacob Appelbaum | d84456c | 2012-02-15 16:02:31 -0800 | [diff] [blame] | 518 | die("remote server is a false ticker from the future!\n"); |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 519 | if (server_time.tv_sec <= RECENT_COMPILE_DATE) |
Jacob Appelbaum | d84456c | 2012-02-15 16:02:31 -0800 | [diff] [blame] | 520 | die ("remote server is a false ticker!\n"); |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 521 | if (0 != settimeofday(&server_time, NULL)) |
Stewart Smith | f478044 | 2012-06-29 14:31:49 +1000 | [diff] [blame] | 522 | die ("setting time failed: %s (Difference from server is about %d)\n", |
Jacob Appelbaum | 699a276 | 2012-07-15 16:14:14 -0400 | [diff] [blame] | 523 | strerror (errno), |
| 524 | start_timeval.tv_sec - server_time_s); |
Jeroen Massar | c27a92a | 2012-07-13 11:49:05 +0200 | [diff] [blame] | 525 | verb ("V: setting time succeeded\n"); |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 526 | } |
Christian Grothoff | 90e9f83 | 2012-02-07 11:16:47 +0100 | [diff] [blame] | 527 | return 0; |
| 528 | } |