MEDIUM: ssl: add the possibility to use a global DH parameters file
This patch adds the ssl-dh-param-file global setting. It sets the
default DH parameters that will be used during the SSL/TLS handshake when
ephemeral Diffie-Hellman (DHE) key exchange is used, for all "bind" lines
which do not explicitely define theirs.
diff --git a/doc/configuration.txt b/doc/configuration.txt
index 9676643..655ede0 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -766,6 +766,20 @@
default ssl-options to force on all "server" lines. Please check the "server"
keyword to see available options.
+ssl-dh-param-file <file>
+ This setting is only available when support for OpenSSL was built in. It sets
+ the default DH parameters that are used during the SSL/TLS handshake when
+ ephemeral Diffie-Hellman (DHE) key exchange is used, for all "bind" lines
+ which do not explicitely define theirs. It will be overridden by custom DH
+ parameters found in a bind certificate file if any. If custom DH parameters
+ are not specified either by using ssl-dh-param-file or by setting them directly
+ in the certificate file, pre-generated DH parameters of the size specified
+ by tune.ssl.default-dh-param will be used. Custom parameters are known to be
+ more secure and therefore their use is recommended.
+ Custom DH parameters may be generated by using the OpenSSL command
+ "openssl dhparam <size>", where size should be at least 2048, as 1024-bit DH
+ parameters should not be considered secure anymore.
+
ssl-server-verify [none|required]
The default behavior for SSL verify on servers side. If specified to 'none',
servers certificates are not verified. The default is 'required' except if
@@ -1224,7 +1238,8 @@
this maximum value. Default value if 1024. Only 1024 or higher values are
allowed. Higher values will increase the CPU load, and values greater than
1024 bits are not supported by Java 7 and earlier clients. This value is not
- used if static Diffie-Hellman parameters are supplied via the certificate file.
+ used if static Diffie-Hellman parameters are supplied either directly
+ in the certificate file or by using the ssl-dh-param-file parameter.
tune.zlib.memlevel <number>
Sets the memLevel parameter in zlib initialization for each session. It
diff --git a/include/proto/ssl_sock.h b/include/proto/ssl_sock.h
index fa5eef5..4db516e 100644
--- a/include/proto/ssl_sock.h
+++ b/include/proto/ssl_sock.h
@@ -64,6 +64,9 @@
struct tls_keys_ref *tlskeys_ref_lookupid(int unique_id);
void tlskeys_finalize_config(void);
#endif
+#ifndef OPENSSL_NO_DH
+int ssl_sock_load_global_dh_param_from_file(const char *filename);
+#endif
#endif /* _PROTO_SSL_SOCK_H */
diff --git a/src/cfgparse.c b/src/cfgparse.c
index 6d89b3d..7ffc037 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -753,6 +753,7 @@
}
global.tune.ssl_max_record = atol(args[1]);
}
+#ifndef OPENSSL_NO_DH
else if (!strcmp(args[0], "tune.ssl.default-dh-param")) {
if (alertif_too_many_args(1, file, linenum, args, &err_code))
goto out;
@@ -769,6 +770,7 @@
}
}
#endif
+#endif
else if (!strcmp(args[0], "tune.buffers.limit")) {
if (alertif_too_many_args(1, file, linenum, args, &err_code))
goto out;
@@ -1187,6 +1189,22 @@
goto out;
#endif
}
+#ifdef USE_OPENSSL
+#ifndef OPENSSL_NO_DH
+ else if (!strcmp(args[0], "ssl-dh-param-file")) {
+ if (*(args[1]) == 0) {
+ Alert("parsing [%s:%d] : '%s' expects a file path as an argument.\n", file, linenum, args[0]);
+ err_code |= ERR_ALERT | ERR_FATAL;
+ goto out;
+ }
+ if (ssl_sock_load_global_dh_param_from_file(args[1])) {
+ Alert("parsing [%s:%d] : '%s': unable to load DH parameters from file <%s>.\n", file, linenum, args[0], args[1]);
+ err_code |= ERR_ALERT | ERR_FATAL;
+ goto out;
+ }
+ }
+#endif
+#endif
else if (!strcmp(args[0], "ssl-server-verify")) {
if (alertif_too_many_args(1, file, linenum, args, &err_code))
goto out;
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index e528db2..20a5324 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -124,6 +124,7 @@
#ifndef OPENSSL_NO_DH
static int ssl_dh_ptr_index = -1;
+static DH *global_dh = NULL;
static DH *local_dh_1024 = NULL;
static DH *local_dh_2048 = NULL;
static DH *local_dh_4096 = NULL;
@@ -1332,22 +1333,44 @@
return dh;
}
-/* Loads Diffie-Hellman parameter from a file. Returns 1 if loaded, else -1
- if an error occured, and 0 if parameter not found. */
-int ssl_sock_load_dh_params(SSL_CTX *ctx, const char *file)
+static DH * ssl_sock_get_dh_from_file(const char *filename)
{
- int ret = -1;
- BIO *in;
DH *dh = NULL;
+ BIO *in = BIO_new(BIO_s_file());
- in = BIO_new(BIO_s_file());
if (in == NULL)
goto end;
- if (BIO_read_filename(in, file) <= 0)
+ if (BIO_read_filename(in, filename) <= 0)
goto end;
+ dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
+
+end:
+ if (in)
+ BIO_free(in);
+
+ return dh;
+}
+
+int ssl_sock_load_global_dh_param_from_file(const char *filename)
+{
+ global_dh = ssl_sock_get_dh_from_file(filename);
+
+ if (global_dh) {
+ return 0;
+ }
+
- dh = PEM_read_bio_DHparams(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
+ return -1;
+}
+
+/* Loads Diffie-Hellman parameter from a file. Returns 1 if loaded, else -1
+ if an error occured, and 0 if parameter not found. */
+int ssl_sock_load_dh_params(SSL_CTX *ctx, const char *file)
+{
+ int ret = -1;
+ DH *dh = ssl_sock_get_dh_from_file(file);
+
if (dh) {
ret = 1;
SSL_CTX_set_tmp_dh(ctx, dh);
@@ -1358,6 +1381,10 @@
SSL_CTX_set_ex_data(ctx, ssl_dh_ptr_index, dh);
}
}
+ else if (global_dh) {
+ SSL_CTX_set_tmp_dh(ctx, global_dh);
+ ret = 0; /* DH params not found */
+ }
else {
/* Clear openssl global errors stack */
ERR_clear_error();
@@ -1381,9 +1408,6 @@
if (dh)
DH_free(dh);
- if (in)
- BIO_free(in);
-
return ret;
}
#endif
@@ -1901,9 +1925,11 @@
cfgerr++;
}
- /* If tune.ssl.default-dh-param has not been set and
- no static DH params were in the certificate file. */
+ /* If tune.ssl.default-dh-param has not been set,
+ neither has ssl-default-dh-file and no static DH
+ params were in the certificate file. */
if (global.tune.ssl_default_dh_param == 0 &&
+ global_dh == NULL &&
(ssl_dh_ptr_index == -1 ||
SSL_CTX_get_ex_data(ctx, ssl_dh_ptr_index) == NULL)) {
@@ -5083,6 +5109,11 @@
DH_free(local_dh_8192);
local_dh_8192 = NULL;
}
+
+ if (global_dh) {
+ DH_free(global_dh);
+ global_dh = NULL;
+ }
#endif
ERR_remove_state(0);