Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

mbedtls: add more informative logging #14444

Closed
wants to merge 1 commit into from

Conversation

jmaggard10
Copy link
Contributor

@jmaggard10 jmaggard10 commented Aug 7, 2024

After TLS handshare, indicate which TLS version was negotiated in addition to the cipher in the handshake completed log message.

Also use the verify callback for certificate logging and collection. This allows things to work even when
MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is disabled in the mbedtls library.

And lastly, catch certificate validation errors later so we can give the user more informative error messages that indicate what the failure was from certificate validation.

These changes also happen to fix an issue where setting CURLOPT_SSL_VERIFYHOST to 0 did not take effect on MbedTLS 3.6 when TLS 1.3 was enabled.

Tested on both current LTS versions (2.28 and 3.6).

@github-actions github-actions bot added the TLS label Aug 7, 2024
mbedtls_ssl_conf_verify(&backend->config, mbed_no_verify, cf);
}
#endif
mbedtls_ssl_conf_verify(&backend->config, mbed_verify, &cb_data);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change seems unrelated and possibly even wrong?

Copy link
Contributor Author

@jmaggard10 jmaggard10 Aug 7, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is related and correct. The verifypeer check is now done inside the callback function. If verifypeer is false then mbed_verify() will clear the flags the same way that mbed_no_verify did.

We log the cert info inside the callback function now; otherwise we can't log it if cert validation fails, or if MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is not enabled.

ret &= ~MBEDTLS_X509_BADCERT_CN_MISMATCH;

if(ret && conn_config->verifypeer) {
if(ret) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about the previous check for if(!conn_config->verifyhost). Can you just remove it? Also seems to be a change that's not about logging.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't need the verifyhost check here any more. verifyhost and verifypeer are both handled inside the callback function now.

@bagder
Copy link
Member

bagder commented Aug 7, 2024

About 44 TLS related tests fail.

@jmaggard10 jmaggard10 force-pushed the mbedtls-improved-logging branch 2 times, most recently from 091dbea to 241c98c Compare August 8, 2024 01:48
@jmaggard10
Copy link
Contributor Author

About 44 TLS related tests fail.

@bagder , should all be fixed now. Did a bunch of testing with ASan as well on both mbedtls 2.28 and 3.6 and both look good.

@jmaggard10 jmaggard10 force-pushed the mbedtls-improved-logging branch 2 times, most recently from abfc8bb to 57e8e1c Compare August 9, 2024 22:24
@jmaggard10 jmaggard10 requested a review from bagder August 10, 2024 00:42
{
#if !defined(CURL_DISABLE_VERBOSE_STRINGS) && \
!defined(MBEDTLS_X509_REMOVE_INFO)
const size_t bufsize = 16384;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any particular reason for this value? It would be good to add a note as to how/why you picked it.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I didn't actually pick 16384. I just kept this value from the original code which I moved from around line 1127. It just needs to be large enough to hold all the cert info in a format that looks like this:

 cert. version     : 3
 serial number     : 03:A0:74:D1:87:FE:21:A3:B0:79:06:B7:6C:63:83:59:DF:B1
 issuer name       : C=US, O=Let's Encrypt, CN=R10
 subject name      : CN=curl.se
 issued  on        : 2024-06-16 02:36:02
 expires on        : 2024-09-14 02:36:01
 signed using      : RSA with SHA-256
 RSA key size      : 2048 bits
 basic constraints : CA=false
 subject alt name  :
     dNSName : curl.se
 key usage         : Digital Signature, Key Encipherment
 ext key usage     : TLS Web Server Authentication, TLS Web Client Authentication
 certificate policies : ???

16KB does seem larger than necessary. I think we can reduce this if you'd prefer. mbedtls_x509_crt_info() should return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL (-0x2980) and leave the buffer with truncated info if the buffer is too small, so we can also just go ahead and print whatever we have instead of complaining that we're unable to get a dump. Let me know which route you'd prefer and I can make the changes.

After TLS handshare, indicate which TLS version was negotiated in
addition to the cipher in the handshake completed log message.

Also use the verify callback for certificate logging and collection.
This allows things to work even when
MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is disabled in the mbedtls library.

And lastly, catch certificate validation errors later so we can give the
user more informative error messages that indicate what the failure was
from certificate validation.

Tested on both current LTS versions (2.28 and 3.6).
@bagder
Copy link
Member

bagder commented Aug 17, 2024

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Development

Successfully merging this pull request may close these issues.

2 participants