[tor-commits] [tlsdate/debian-master] Rudimentary support for HTTP Date headers
ioerror at torproject.org
ioerror at torproject.org
Thu Oct 31 10:51:32 UTC 2013
commit 16ee83468552bee9205d6de6b3c4633b160986d6
Author: Nick Mathewson <nickm at torproject.org>
Date: Wed Sep 18 14:26:05 2013 -0400
Rudimentary support for HTTP Date headers
Since I'm going on a personal crusade to kill off gmt_unix_time, I
should provide an alternative. That alternative can be the Date
header from HTTP -- unlike gmt_unix_time, the Date header is required
by the RFC to actually be an accurate clock-like clock, and nobody is
trying to get rid of it.
This code is pretty hack-ish and does some nonportable stuff, like
using memmem() and timegm(). It's not super-tolerant of
non-standards-compliant HTTP servers. I hope I didn't make any
pointer mistakes.
---
src/tlsdate-helper.c | 175 ++++++++++++++++++++++++++++++++++++++++++++++++--
src/tlsdate-helper.h | 2 +-
src/tlsdate.c | 10 ++-
src/util.c | 6 ++
4 files changed, 183 insertions(+), 10 deletions(-)
diff --git a/src/tlsdate-helper.c b/src/tlsdate-helper.c
index 4058f5e..2a92195 100644
--- a/src/tlsdate-helper.c
+++ b/src/tlsdate-helper.c
@@ -193,6 +193,129 @@ make_ssl_bio(SSL_CTX *ctx)
return ssl;
}
+
+static int
+write_all_to_bio(BIO *bio, const char *string)
+{
+ int n = (int) strlen(string);
+ int r;
+
+ while (n) {
+ r = BIO_write(bio, string, n);
+ if (r > 0) {
+ if (r > n)
+ return -1;
+ n -= r;
+ string += r;
+ } else {
+ return 0;
+ }
+ }
+
+ return 1;
+}
+
+static int
+handle_date_line(const char *dateline, uint32_t *result)
+{
+ int year,mon,day,hour,min,sec;
+ char month[4];
+ struct tm tm;
+ int i;
+ time_t t;
+
+ static const char *MONTHS[] =
+ { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
+ "Jul", "Aug", "Sep", "Oct", "Nov", "Dec", NULL };
+
+ if (strncmp("\r\nDate: ", dateline, 8))
+ return 0;
+
+ dateline += 8;
+ verb("V: The alleged date is <%s>\n", dateline);
+
+ while (*dateline == ' ')
+ ++dateline;
+ while (*dateline && *dateline != ' ')
+ ++dateline;
+ while (*dateline == ' ')
+ ++dateline;
+ /* We just skipped over the day of the week. Now we have:*/
+ if (sscanf(dateline, "%d %3s %d %d:%d:%d",
+ &day, month, &year, &hour, &min, &sec) == 6 ||
+ sscanf(dateline, "%d-%3s-%d %d:%d:%d",
+ &day, month, &year, &hour, &min, &sec) == 6 ||
+ sscanf(dateline, "%3s %d %d:%d:%d %d",
+ month, &day, &hour, &min, &sec, &year) == 6) {
+
+ if (year < 100)
+ year += 1900;
+
+ verb("V: Parsed the date: %04d-%s-%02d %02d:%02d:%02d\n",
+ year, month, day, hour, min, sec);
+ } else {
+ verb("V: Couldn't parse date.\n");
+ return -1;
+ }
+
+ for (i = 0; ; ++i) {
+ if (!MONTHS[i])
+ return -2;
+ if (!strcmp(month, MONTHS[i])) {
+ mon = i;
+ break;
+ }
+ }
+
+ memset(&tm, 0, sizeof(tm));
+ tm.tm_year = year - 1900;
+ tm.tm_mon = mon;
+ tm.tm_mday = day;
+ tm.tm_hour = hour;
+ tm.tm_min = min;
+ tm.tm_sec = sec;
+
+ t = timegm(&tm);
+ if (t > 0xffffffff || t < 0)
+ return -1;
+
+ *result = (uint32_t) t;
+
+ return 1;
+}
+
+#define MAX_HTTP_HEADERS_SIZE 8192
+
+static int
+read_http_date_from_bio(BIO *bio, uint32_t *result)
+{
+ int n;
+ char buf[MAX_HTTP_HEADERS_SIZE];
+ int buf_len=0;
+ char *dateline, *endofline;
+
+ while (buf_len < sizeof(buf)-1) {
+ n = BIO_read(bio, buf+buf_len, sizeof(buf)-buf_len-1);
+ if (n <= 0)
+ return 0;
+ buf_len += n;
+ buf[buf_len] = 0;
+ verb("V: read %d bytes.", n, buf);
+
+ dateline = memmem(buf, buf_len, "\r\nDate: ", 8);
+ if (NULL == dateline)
+ continue;
+
+ endofline = memmem(dateline+2, buf_len - (dateline-buf+2), "\r\n", 2);
+ if (NULL == endofline)
+ continue;
+
+ *endofline = 0;
+ return handle_date_line(dateline, result);
+ }
+ return -2;
+}
+
/** helper function for 'malloc' */
static void *
xmalloc (size_t size)
@@ -773,6 +896,13 @@ inspect_key (SSL *ssl, const char *hostname)
}
#endif
+#define HTTP_REQUEST \
+ "HEAD / HTTP/1.1\r\n" \
+ "User-Agent: %s\r\n" \
+ "Host: %s\r\n" \
+ "\r\n"
+#define HTTP_USER_AGENT "TLSDate/1.0"
+
#ifdef USE_POLARSSL
void
check_timestamp (uint32_t server_time)
@@ -819,9 +949,12 @@ static int ssl_do_handshake_part(ssl_context *ssl)
* 'time_map'.
*
* @param time_map where to store the current time
+ * @param time_is_an_illusion
+ * @param http whether to do an http request and take the date from that
+ * instead.
*/
static void
-run_ssl (uint32_t *time_map, int time_is_an_illusion)
+run_ssl (uint32_t *time_map, int time_is_an_illusion, int http)
{
entropy_context entropy;
ctr_drbg_context ctr_drbg;
@@ -958,14 +1091,18 @@ run_ssl (uint32_t *time_map, int time_is_an_illusion)
* 'time_map'.
*
* @param time_map where to store the current time
+ * @param time_is_an_illusion
+ * @param http whether to do an http request and take the date from that
+ * instead.
*/
static void
-run_ssl (uint32_t *time_map, int time_is_an_illusion)
+run_ssl (uint32_t *time_map, int time_is_an_illusion, int http)
{
BIO *s_bio;
SSL_CTX *ctx;
SSL *ssl;
struct stat statbuf;
+ uint32_t result_time;
SSL_load_error_strings();
SSL_library_init();
@@ -1044,6 +1181,28 @@ run_ssl (uint32_t *time_map, int time_is_an_illusion)
if (1 != BIO_do_handshake(s_bio))
die ("SSL handshake failed\n");
+ if (http) {
+ char buf[1024];
+ verb("V: Starting HTTP\n");
+ if (snprintf(buf, sizeof(buf),
+ HTTP_REQUEST, HTTP_USER_AGENT, hostname_to_verify) >= 1024)
+ die("hostname too long");
+ buf[1023]='\0'; /* Unneeded. */
+ verb("V: Writing HTTP request\n");
+ if (1 != write_all_to_bio(s_bio, buf))
+ die ("write all to bio failed.\n");
+ verb("V: Reading HTTP response\n");
+ if (1 != read_http_date_from_bio(s_bio, &result_time))
+ die ("read all from bio failed.\n");
+ verb("V: Got HTTP response. T=%lu\n", (unsigned long)result_time);
+
+ result_time = htonl(result_time);
+ } else {
+ // from /usr/include/openssl/ssl3.h
+ // ssl->s3->server_random is an unsigned char of 32 bits
+ memcpy(&result_time, ssl->s3->server_random, sizeof (uint32_t));
+ }
+
// Verify the peer certificate against the CA certs on the local system
if (ca_racket) {
inspect_key (ssl, hostname_to_verify);
@@ -1051,9 +1210,9 @@ run_ssl (uint32_t *time_map, int time_is_an_illusion)
verb ("V: Certificate verification skipped!\n");
}
check_key_length(ssl);
- // from /usr/include/openssl/ssl3.h
- // ssl->s3->server_random is an unsigned char of 32 bits
- memcpy(time_map, ssl->s3->server_random, sizeof (uint32_t));
+
+ memcpy(time_map, &result_time, sizeof (uint32_t));
+
SSL_free(ssl);
SSL_CTX_free(ctx);
}
@@ -1074,8 +1233,9 @@ main(int argc, char **argv)
int showtime_raw;
int timewarp;
int leap;
+ int http;
- if (argc != 12)
+ if (argc != 13)
return 1;
host = argv[1];
hostname_to_verify = argv[1];
@@ -1090,6 +1250,7 @@ main(int argc, char **argv)
timewarp = (0 == strcmp ("timewarp", argv[9]));
leap = (0 == strcmp ("leapaway", argv[10]));
proxy = (0 == strcmp ("none", argv[11]) ? NULL : argv[11]);
+ http = (0 == (strcmp("http", argv[12])));
/* Initalize warp_time with RECENT_COMPILE_DATE */
clock_init_time(&warp_time, RECENT_COMPILE_DATE, 0);
@@ -1169,7 +1330,7 @@ main(int argc, char **argv)
if (0 == ssl_child)
{
drop_privs_to (UNPRIV_USER, UNPRIV_GROUP);
- run_ssl (time_map, leap);
+ run_ssl (time_map, leap, http);
(void) munmap (time_map, sizeof (uint32_t));
_exit (0);
}
diff --git a/src/tlsdate-helper.h b/src/tlsdate-helper.h
index 2456efc..6890a88 100644
--- a/src/tlsdate-helper.h
+++ b/src/tlsdate-helper.h
@@ -118,6 +118,6 @@ void inspect_key (SSL *ssl, const char *hostname);
uint32_t dns_label_count (char *label, char *delim);
uint32_t check_wildcard_match_rfc2595 (const char *orig_hostname,
const char *orig_cert_wild_card);
-static void run_ssl (uint32_t *time_map, int time_is_an_illusion);
+static void run_ssl (uint32_t *time_map, int time_is_an_illusion, int http);
#endif
diff --git a/src/tlsdate.c b/src/tlsdate.c
index 26e9432..82dd217 100644
--- a/src/tlsdate.c
+++ b/src/tlsdate.c
@@ -94,7 +94,8 @@ usage(void)
" [-V|--showtime] [human|raw]\n"
" [-t|--timewarp]\n"
" [-l|--leap]\n"
- " [-x|--proxy] [url]\n");
+ " [-x|--proxy] [url]\n"
+ " [-w|--http]\n");
}
@@ -112,6 +113,7 @@ main(int argc, char **argv)
int timewarp;
int leap;
const char *proxy;
+ int http;
host = DEFAULT_HOST;
port = DEFAULT_PORT;
@@ -124,6 +126,7 @@ main(int argc, char **argv)
timewarp = 0;
leap = 0;
proxy = NULL;
+ http = 0;
while (1) {
int option_index = 0;
@@ -143,10 +146,11 @@ main(int argc, char **argv)
{"timewarp", 0, 0, 't'},
{"leap", 0, 0, 'l'},
{"proxy", 0, 0, 'x'},
+ {"http", 0, 0, 'w'},
{0, 0, 0, 0}
};
- c = getopt_long(argc, argv, "vV::shH:p:P:nC:tlx:",
+ c = getopt_long(argc, argv, "vV::shH:p:P:nC:tlx:w",
long_options, &option_index);
if (c == -1)
break;
@@ -164,6 +168,7 @@ main(int argc, char **argv)
case 't': timewarp = 1; break;
case 'l': leap = 1; break;
case 'x': proxy = optarg; break;
+ case 'w': http = 1; break;
case '?': break;
default : fprintf(stderr, "Unknown option!\n"); usage(); exit(1);
}
@@ -194,6 +199,7 @@ main(int argc, char **argv)
(timewarp ? "timewarp" : "no-fun"),
(leap ? "leapaway" : "holdfast"),
(proxy ? proxy : "none"),
+ (http ? "http" : "tls"),
NULL);
perror("Failed to run tlsdate-helper");
return 1;
diff --git a/src/util.c b/src/util.c
index fe5c370..129de8d 100644
--- a/src/util.c
+++ b/src/util.c
@@ -11,7 +11,9 @@
#include <fcntl.h>
#include <grp.h>
#include <limits.h>
+#ifdef __linux__
#include <linux/rtc.h>
+#endif
#include <pwd.h>
#include <signal.h>
#include <stdarg.h>
@@ -143,6 +145,7 @@ wait_with_timeout(int *status, int timeout_secs)
return exited;
}
+#ifdef __linux__
struct rtc_handle
{
int fd;
@@ -226,6 +229,7 @@ int rtc_close(void *handle)
free(h);
return 0;
}
+#endif
int file_write(const char *path, void *buf, size_t sz)
{
@@ -304,10 +308,12 @@ int pgrp_kill(void)
}
static struct platform default_platform = {
+#ifdef __linux__
.rtc_open = rtc_open,
.rtc_write = rtc_write,
.rtc_read = rtc_read,
.rtc_close = rtc_close,
+#endif
.file_write = file_write,
.file_read = file_read,
More information about the tor-commits
mailing list