/home/stefan/src/qemu/qemu.org/qemu/ui/vnc-tls.c

Bug Summary

File:	ui/vnc-tls.c
Location:	line 148, column 10
Description:	Although the value stored to 'ret' is used in the enclosing expression, the value is never actually read from 'ret'

Annotated Source Code

1	/*
2	* QEMU VNC display driver: TLS helpers
3	*
4	* Copyright (C) 2006 Anthony Liguori <anthony@codemonkey.ws>
5	* Copyright (C) 2006 Fabrice Bellard
6	* Copyright (C) 2009 Red Hat, Inc
7	*
8	* Permission is hereby granted, free of charge, to any person obtaining a copy
9	* of this software and associated documentation files (the "Software"), to deal
10	* in the Software without restriction, including without limitation the rights
11	* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
12	* copies of the Software, and to permit persons to whom the Software is
13	* furnished to do so, subject to the following conditions:
14	*
15	* The above copyright notice and this permission notice shall be included in
16	* all copies or substantial portions of the Software.
17	*
18	* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19	* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20	* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
21	* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22	* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23	* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
24	* THE SOFTWARE.
25	*/
26
27	#include "qemu-x509.h"
28	#include "vnc.h"
29	#include "qemu_socket.h"
30
31	#if defined(_VNC_DEBUG) && _VNC_DEBUG >= 2
32	/* Very verbose, so only enabled for _VNC_DEBUG >= 2 */
33	static void vnc_debug_gnutls_log(int level, const char* str) {
34	VNC_DEBUG("%d %s", level, str)do { } while (0);
35	}
36	#endif /* defined(_VNC_DEBUG) && _VNC_DEBUG >= 2 */
37
38
39	#define DH_BITS1024 1024
40	static gnutls_dh_params_t dh_params;
41
42	static int vnc_tls_initialize(void)
43	{
44	static int tlsinitialized = 0;
45
46	if (tlsinitialized)
47	return 1;
48
49	if (gnutls_global_init () < 0)
50	return 0;
51
52	/* XXX ought to re-generate diffie-hellmen params periodically */
53	if (gnutls_dh_params_init (&dh_params) < 0)
54	return 0;
55	if (gnutls_dh_params_generate2 (dh_params, DH_BITS1024) < 0)
56	return 0;
57
58	#if defined(_VNC_DEBUG) && _VNC_DEBUG >= 2
59	gnutls_global_set_log_level(10);
60	gnutls_global_set_log_function(vnc_debug_gnutls_log);
61	#endif
62
63	tlsinitialized = 1;
64
65	return 1;
66	}
67
68	static ssize_t vnc_tls_push(gnutls_transport_ptr_t transport,
69	const void *data,
70	size_t len) {
71	struct VncState vs = (struct VncState )transport;
72	int ret;
73
74	retry:
75	ret = send(vs->csock, data, len, 0);
76	if (ret < 0) {
77	if (errno(*__errno_location ()) == EINTR4)
78	goto retry;
79	return -1;
80	}
81	return ret;
82	}
83
84
85	static ssize_t vnc_tls_pull(gnutls_transport_ptr_t transport,
86	void *data,
87	size_t len) {
88	struct VncState vs = (struct VncState )transport;
89	int ret;
90
91	retry:
92	ret = qemu_recv(vs->csock, data, len, 0)recv(vs->csock, data, len, 0);
93	if (ret < 0) {
94	if (errno(*__errno_location ()) == EINTR4)
95	goto retry;
96	return -1;
97	}
98	return ret;
99	}
100
101
102	static gnutls_anon_server_credentialsgnutls_anon_server_credentials_t vnc_tls_initialize_anon_cred(void)
103	{
104	gnutls_anon_server_credentialsgnutls_anon_server_credentials_t anon_cred;
105	int ret;
106
107	if ((ret = gnutls_anon_allocate_server_credentials(&anon_cred)) < 0) {
108	VNC_DEBUG("Cannot allocate credentials %s\n", gnutls_strerror(ret))do { } while (0);
109	return NULL((void*)0);
110	}
111
112	gnutls_anon_set_server_dh_params(anon_cred, dh_params);
113
114	return anon_cred;
115	}
116
117
118	static gnutls_certificate_credentials_t vnc_tls_initialize_x509_cred(VncDisplay *vd)
119	{
120	gnutls_certificate_credentials_t x509_cred;
121	int ret;
122
123	if (!vd->tls.x509cacert) {
124	VNC_DEBUG("No CA x509 certificate specified\n")do { } while (0);
125	return NULL((void*)0);
126	}
127	if (!vd->tls.x509cert) {
128	VNC_DEBUG("No server x509 certificate specified\n")do { } while (0);
129	return NULL((void*)0);
130	}
131	if (!vd->tls.x509key) {
132	VNC_DEBUG("No server private key specified\n")do { } while (0);
133	return NULL((void*)0);
134	}
135
136	if ((ret = gnutls_certificate_allocate_credentials(&x509_cred)) < 0) {
137	VNC_DEBUG("Cannot allocate credentials %s\n", gnutls_strerror(ret))do { } while (0);
138	return NULL((void*)0);
139	}
140	if ((ret = gnutls_certificate_set_x509_trust_file(x509_cred,
141	vd->tls.x509cacert,
142	GNUTLS_X509_FMT_PEM)) < 0) {
143	VNC_DEBUG("Cannot load CA certificate %s\n", gnutls_strerror(ret))do { } while (0);
144	gnutls_certificate_free_credentials(x509_cred);
145	return NULL((void*)0);
146	}
147
148	if ((ret = gnutls_certificate_set_x509_key_file (x509_cred,
	Although the value stored to 'ret' is used in the enclosing expression, the value is never actually read from 'ret'
149	vd->tls.x509cert,
150	vd->tls.x509key,
151	GNUTLS_X509_FMT_PEM)) < 0) {
152	VNC_DEBUG("Cannot load certificate & key %s\n", gnutls_strerror(ret))do { } while (0);
153	gnutls_certificate_free_credentials(x509_cred);
154	return NULL((void*)0);
155	}
156
157	if (vd->tls.x509cacrl) {
158	if ((ret = gnutls_certificate_set_x509_crl_file(x509_cred,
159	vd->tls.x509cacrl,
160	GNUTLS_X509_FMT_PEM)) < 0) {
161	VNC_DEBUG("Cannot load CRL %s\n", gnutls_strerror(ret))do { } while (0);
162	gnutls_certificate_free_credentials(x509_cred);
163	return NULL((void*)0);
164	}
165	}
166
167	gnutls_certificate_set_dh_params (x509_cred, dh_params);
168
169	return x509_cred;
170	}
171
172
173	int vnc_tls_validate_certificate(struct VncState *vs)
174	{
175	int ret;
176	unsigned int status;
177	const gnutls_datum_t *certs;
178	unsigned int nCerts, i;
179	time_t now;
180
181	VNC_DEBUG("Validating client certificate\n")do { } while (0);
182	if ((ret = gnutls_certificate_verify_peers2 (vs->tls.session, &status)) < 0) {
183	VNC_DEBUG("Verify failed %s\n", gnutls_strerror(ret))do { } while (0);
184	return -1;
185	}
186
187	if ((now = time(NULL((void*)0))) == ((time_t)-1)) {
188	return -1;
189	}
190
191	if (status != 0) {
192	if (status & GNUTLS_CERT_INVALID)
193	VNC_DEBUG("The certificate is not trusted.\n")do { } while (0);
194
195	if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
196	VNC_DEBUG("The certificate hasn't got a known issuer.\n")do { } while (0);
197
198	if (status & GNUTLS_CERT_REVOKED)
199	VNC_DEBUG("The certificate has been revoked.\n")do { } while (0);
200
201	if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
202	VNC_DEBUG("The certificate uses an insecure algorithm\n")do { } while (0);
203
204	return -1;
205	} else {
206	VNC_DEBUG("Certificate is valid!\n")do { } while (0);
207	}
208
209	/* Only support x509 for now */
210	if (gnutls_certificate_type_get(vs->tls.session) != GNUTLS_CRT_X509)
211	return -1;
212
213	if (!(certs = gnutls_certificate_get_peers(vs->tls.session, &nCerts)))
214	return -1;
215
216	for (i = 0 ; i < nCerts ; i++) {
217	gnutls_x509_crt_t cert;
218	VNC_DEBUG ("Checking certificate chain %d\n", i)do { } while (0);
219	if (gnutls_x509_crt_init (&cert) < 0)
220	return -1;
221
222	if (gnutls_x509_crt_import(cert, &certs[i], GNUTLS_X509_FMT_DER) < 0) {
223	gnutls_x509_crt_deinit (cert);
224	return -1;
225	}
226
227	if (gnutls_x509_crt_get_expiration_time (cert) < now) {
228	VNC_DEBUG("The certificate has expired\n")do { } while (0);
229	gnutls_x509_crt_deinit (cert);
230	return -1;
231	}
232
233	if (gnutls_x509_crt_get_activation_time (cert) > now) {
234	VNC_DEBUG("The certificate is not yet activated\n")do { } while (0);
235	gnutls_x509_crt_deinit (cert);
236	return -1;
237	}
238
239	if (gnutls_x509_crt_get_activation_time (cert) > now) {
240	VNC_DEBUG("The certificate is not yet activated\n")do { } while (0);
241	gnutls_x509_crt_deinit (cert);
242	return -1;
243	}
244
245	if (i == 0) {
246	size_t dnameSize = 1024;
247	vs->tls.dname = g_malloc(dnameSize);
248	requery:
249	if ((ret = gnutls_x509_crt_get_dn (cert, vs->tls.dname, &dnameSize)) != 0) {
250	if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER-51) {
251	vs->tls.dname = g_realloc(vs->tls.dname, dnameSize);
252	goto requery;
253	}
254	gnutls_x509_crt_deinit (cert);
255	VNC_DEBUG("Cannot get client distinguished name: %s",do { } while (0)
256	gnutls_strerror (ret))do { } while (0);
257	return -1;
258	}
259
260	if (vs->vd->tls.x509verify) {
261	int allow;
262	if (!vs->vd->tls.acl) {
263	VNC_DEBUG("no ACL activated, allowing access")do { } while (0);
264	gnutls_x509_crt_deinit (cert);
265	continue;
266	}
267
268	allow = qemu_acl_party_is_allowed(vs->vd->tls.acl,
269	vs->tls.dname);
270
271	VNC_DEBUG("TLS x509 ACL check for %s is %s\n",do { } while (0)
272	vs->tls.dname, allow ? "allowed" : "denied")do { } while (0);
273	if (!allow) {
274	gnutls_x509_crt_deinit (cert);
275	return -1;
276	}
277	}
278	}
279
280	gnutls_x509_crt_deinit (cert);
281	}
282
283	return 0;
284	}
285
286	#if defined(GNUTLS_VERSION_NUMBER0x020806) && \
287	GNUTLS_VERSION_NUMBER0x020806 >= 0x020200 /* 2.2.0 */
288
289	static int vnc_set_gnutls_priority(gnutls_session_t s, int x509)
290	{
291	const char *priority = x509 ? "NORMAL" : "NORMAL:+ANON-DH";
292	int rc;
293
294	rc = gnutls_priority_set_direct(s, priority, NULL((void*)0));
295	if (rc != GNUTLS_E_SUCCESS0) {
296	return -1;
297	}
298	return 0;
299	}
300
301	#else
302
303	static int vnc_set_gnutls_priority(gnutls_session_t s, int x509)
304	{
305	static const int cert_types[] = { GNUTLS_CRT_X509, 0 };
306	static const int protocols[] = {
307	GNUTLS_TLS1_1, GNUTLS_TLS1_0, GNUTLS_SSL3, 0
308	};
309	static const int kx_anon[] = { GNUTLS_KX_ANON_DH, 0 };
310	static const int kx_x509[] = {
311	GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA,
312	GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0
313	};
314	int rc;
315
316	rc = gnutls_kx_set_priority(s, x509 ? kx_x509 : kx_anon);
317	if (rc != GNUTLS_E_SUCCESS0) {
318	return -1;
319	}
320
321	rc = gnutls_certificate_type_set_priority(s, cert_types);
322	if (rc != GNUTLS_E_SUCCESS0) {
323	return -1;
324	}
325
326	rc = gnutls_protocol_set_priority(s, protocols);
327	if (rc != GNUTLS_E_SUCCESS0) {
328	return -1;
329	}
330	return 0;
331	}
332
333	#endif
334
335	int vnc_tls_client_setup(struct VncState *vs,
336	int needX509Creds) {
337
338	VNC_DEBUG("Do TLS setup\n")do { } while (0);
339	if (vnc_tls_initialize() < 0) {
340	VNC_DEBUG("Failed to init TLS\n")do { } while (0);
341	vnc_client_error(vs);
342	return -1;
343	}
344	if (vs->tls.session == NULL((void*)0)) {
345	if (gnutls_init(&vs->tls.session, GNUTLS_SERVER) < 0) {
346	vnc_client_error(vs);
347	return -1;
348	}
349
350	if (gnutls_set_default_priority(vs->tls.session) < 0) {
351	gnutls_deinit(vs->tls.session);
352	vs->tls.session = NULL((void*)0);
353	vnc_client_error(vs);
354	return -1;
355	}
356
357	if (vnc_set_gnutls_priority(vs->tls.session, needX509Creds) < 0) {
358	gnutls_deinit(vs->tls.session);
359	vs->tls.session = NULL((void*)0);
360	vnc_client_error(vs);
361	return -1;
362	}
363
364	if (needX509Creds) {
365	gnutls_certificate_server_credentials x509_cred = vnc_tls_initialize_x509_cred(vs->vd);
366	if (!x509_cred) {
367	gnutls_deinit(vs->tls.session);
368	vs->tls.session = NULL((void*)0);
369	vnc_client_error(vs);
370	return -1;
371	}
372	if (gnutls_credentials_set(vs->tls.session, GNUTLS_CRD_CERTIFICATE, x509_cred) < 0) {
373	gnutls_deinit(vs->tls.session);
374	vs->tls.session = NULL((void*)0);
375	gnutls_certificate_free_credentials(x509_cred);
376	vnc_client_error(vs);
377	return -1;
378	}
379	if (vs->vd->tls.x509verify) {
380	VNC_DEBUG("Requesting a client certificate\n")do { } while (0);
381	gnutls_certificate_server_set_request (vs->tls.session, GNUTLS_CERT_REQUEST);
382	}
383
384	} else {
385	gnutls_anon_server_credentialsgnutls_anon_server_credentials_t anon_cred = vnc_tls_initialize_anon_cred();
386	if (!anon_cred) {
387	gnutls_deinit(vs->tls.session);
388	vs->tls.session = NULL((void*)0);
389	vnc_client_error(vs);
390	return -1;
391	}
392	if (gnutls_credentials_set(vs->tls.session, GNUTLS_CRD_ANON, anon_cred) < 0) {
393	gnutls_deinit(vs->tls.session);
394	vs->tls.session = NULL((void*)0);
395	gnutls_anon_free_server_credentials(anon_cred);
396	vnc_client_error(vs);
397	return -1;
398	}
399	}
400
401	gnutls_transport_set_ptr(vs->tls.session, (gnutls_transport_ptr_t)vs);
402	gnutls_transport_set_push_function(vs->tls.session, vnc_tls_push);
403	gnutls_transport_set_pull_function(vs->tls.session, vnc_tls_pull);
404	}
405	return 0;
406	}
407
408
409	void vnc_tls_client_cleanup(struct VncState *vs)
410	{
411	if (vs->tls.session) {
412	gnutls_deinit(vs->tls.session);
413	vs->tls.session = NULL((void*)0);
414	}
415	vs->tls.wiremode = VNC_WIREMODE_CLEAR;
416	g_free(vs->tls.dname);
417	}
418
419
420
421	static int vnc_set_x509_credential(VncDisplay *vd,
422	const char *certdir,
423	const char *filename,
424	char **cred,
425	int ignoreMissing)
426	{
427	struct stat sb;
428
429	if (*cred) {
430	g_free(*cred);
431	cred = NULL((void)0);
432	}
433
434	*cred = g_malloc(strlen(certdir) + strlen(filename) + 2);
435
436	strcpy(*cred, certdir);
437	strcat(*cred, "/");
438	strcat(*cred, filename);
439
440	VNC_DEBUG("Check %s\n", *cred)do { } while (0);
441	if (stat(*cred, &sb) < 0) {
442	g_free(*cred);
443	cred = NULL((void)0);
444	if (ignoreMissing && errno(*__errno_location ()) == ENOENT2)
445	return 0;
446	return -1;
447	}
448
449	return 0;
450	}
451
452
453	int vnc_tls_set_x509_creds_dir(VncDisplay *vd,
454	const char *certdir)
455	{
456	if (vnc_set_x509_credential(vd, certdir, X509_CA_CERT_FILE"ca-cert.pem", &vd->tls.x509cacert, 0) < 0)
457	goto cleanup;
458	if (vnc_set_x509_credential(vd, certdir, X509_CA_CRL_FILE"ca-crl.pem", &vd->tls.x509cacrl, 1) < 0)
459	goto cleanup;
460	if (vnc_set_x509_credential(vd, certdir, X509_SERVER_CERT_FILE"server-cert.pem", &vd->tls.x509cert, 0) < 0)
461	goto cleanup;
462	if (vnc_set_x509_credential(vd, certdir, X509_SERVER_KEY_FILE"server-key.pem", &vd->tls.x509key, 0) < 0)
463	goto cleanup;
464
465	return 0;
466
467	cleanup:
468	g_free(vd->tls.x509cacert);
469	g_free(vd->tls.x509cacrl);
470	g_free(vd->tls.x509cert);
471	g_free(vd->tls.x509key);
472	vd->tls.x509cacert = vd->tls.x509cacrl = vd->tls.x509cert = vd->tls.x509key = NULL((void*)0);
473	return -1;
474	}
475