Repository: trafficserver Updated Branches: refs/heads/master b0d8e2a52 -> 5e60704dd
TS-2417 Add forward secrecy support with DHE Review: Susan H. & Leif Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/f1aec358 Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/f1aec358 Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/f1aec358 Branch: refs/heads/master Commit: f1aec358f45207d9e3f20ffb972e32aa087078b0 Parents: b0d8e2a Author: John Eaglesham <[email protected]> Authored: Tue Nov 18 15:37:49 2014 -0700 Committer: Leif Hedstrom <[email protected]> Committed: Tue Nov 18 15:44:59 2014 -0700 ---------------------------------------------------------------------- .../configuration/records.config.en.rst | 7 ++ iocore/net/P_SSLConfig.h | 1 + iocore/net/SSLConfig.cc | 3 + iocore/net/SSLUtils.cc | 97 ++++++++++++++++++++ lib/perl/lib/Apache/TS/AdminClient.pm | 1 + mgmt/RecordsConfig.cc | 2 + 6 files changed, 111 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/f1aec358/doc/reference/configuration/records.config.en.rst ---------------------------------------------------------------------- diff --git a/doc/reference/configuration/records.config.en.rst b/doc/reference/configuration/records.config.en.rst index ded0832..0fbdd2d 100644 --- a/doc/reference/configuration/records.config.en.rst +++ b/doc/reference/configuration/records.config.en.rst @@ -2152,6 +2152,13 @@ SSL Termination Unless this is an absolute path, it is loaded relative to the path specified by :ts:cv:`proxy.config.ssl.server.cert.path`. +.. ts:cv:: CONFIG proxy.config.ssl.server.dhparams_file STRING NULL + + The name of a file containing a set of Diffie-Hellman key exchange + parameters. If not specified, 2048-bit DH parameters from RFC 5114 are + used. These parameters are only used if a DHE (or EDH) cipher suite has + been selected. + .. ts:cv:: CONFIG proxy.config.ssl.CA.cert.path STRING NULL The location of the certificate authority file that client http://git-wip-us.apache.org/repos/asf/trafficserver/blob/f1aec358/iocore/net/P_SSLConfig.h ---------------------------------------------------------------------- diff --git a/iocore/net/P_SSLConfig.h b/iocore/net/P_SSLConfig.h index a3cb3ed..5388346 100644 --- a/iocore/net/P_SSLConfig.h +++ b/iocore/net/P_SSLConfig.h @@ -65,6 +65,7 @@ struct SSLConfigParams : public ConfigInfo char * serverCACertFilename; char * serverCACertPath; char * configFilePath; + char * dhparamsFile; char * cipherSuite; char * client_cipherSuite; int clientCertLevel; http://git-wip-us.apache.org/repos/asf/trafficserver/blob/f1aec358/iocore/net/SSLConfig.cc ---------------------------------------------------------------------- diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc index cbfee9c..64025f1 100644 --- a/iocore/net/SSLConfig.cc +++ b/iocore/net/SSLConfig.cc @@ -69,6 +69,7 @@ SSLConfigParams::SSLConfigParams() clientCACertPath = cipherSuite = client_cipherSuite = + dhparamsFile = serverKeyPathOnly = NULL; clientCertLevel = client_verify_depth = verify_depth = clientVerify = 0; @@ -103,6 +104,7 @@ SSLConfigParams::cleanup() ats_free_null(serverKeyPathOnly); ats_free_null(cipherSuite); ats_free_null(client_cipherSuite); + ats_free_null(dhparamsFile); clientCertLevel = client_verify_depth = verify_depth = clientVerify = 0; } @@ -156,6 +158,7 @@ SSLConfigParams::initialize() REC_ReadConfigInt32(clientCertLevel, "proxy.config.ssl.client.certification_level"); REC_ReadConfigStringAlloc(cipherSuite, "proxy.config.ssl.server.cipher_suite"); REC_ReadConfigStringAlloc(client_cipherSuite, "proxy.config.ssl.client.cipher_suite"); + REC_ReadConfigStringAlloc(dhparamsFile, "proxy.config.ssl.server.dhparams_file"); int options; int client_ssl_options; http://git-wip-us.apache.org/repos/asf/trafficserver/blob/f1aec358/iocore/net/SSLUtils.cc ---------------------------------------------------------------------- diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc index a6ef4b7..1755c0c 100644 --- a/iocore/net/SSLUtils.cc +++ b/iocore/net/SSLUtils.cc @@ -35,6 +35,8 @@ #include <openssl/x509.h> #include <openssl/asn1.h> #include <openssl/rand.h> +#include <openssl/dh.h> +#include <openssl/bn.h> #include <unistd.h> #include <termios.h> @@ -351,6 +353,98 @@ ssl_context_enable_sni(SSL_CTX * ctx, SSLCertLookup * /*lookup*/) return ctx; } +/* Build 2048-bit MODP Group with 256-bit Prime Order Subgroup from RFC 5114 */ +static DH *get_dh2048() +{ + static const unsigned char dh2048_p[] = { + 0x87, 0xA8, 0xE6, 0x1D, 0xB4, 0xB6, 0x66, 0x3C, 0xFF, 0xBB, 0xD1, 0x9C, + 0x65, 0x19, 0x59, 0x99, 0x8C, 0xEE, 0xF6, 0x08, 0x66, 0x0D, 0xD0, 0xF2, + 0x5D, 0x2C, 0xEE, 0xD4, 0x43, 0x5E, 0x3B, 0x00, 0xE0, 0x0D, 0xF8, 0xF1, + 0xD6, 0x19, 0x57, 0xD4, 0xFA, 0xF7, 0xDF, 0x45, 0x61, 0xB2, 0xAA, 0x30, + 0x16, 0xC3, 0xD9, 0x11, 0x34, 0x09, 0x6F, 0xAA, 0x3B, 0xF4, 0x29, 0x6D, + 0x83, 0x0E, 0x9A, 0x7C, 0x20, 0x9E, 0x0C, 0x64, 0x97, 0x51, 0x7A, 0xBD, + 0x5A, 0x8A, 0x9D, 0x30, 0x6B, 0xCF, 0x67, 0xED, 0x91, 0xF9, 0xE6, 0x72, + 0x5B, 0x47, 0x58, 0xC0, 0x22, 0xE0, 0xB1, 0xEF, 0x42, 0x75, 0xBF, 0x7B, + 0x6C, 0x5B, 0xFC, 0x11, 0xD4, 0x5F, 0x90, 0x88, 0xB9, 0x41, 0xF5, 0x4E, + 0xB1, 0xE5, 0x9B, 0xB8, 0xBC, 0x39, 0xA0, 0xBF, 0x12, 0x30, 0x7F, 0x5C, + 0x4F, 0xDB, 0x70, 0xC5, 0x81, 0xB2, 0x3F, 0x76, 0xB6, 0x3A, 0xCA, 0xE1, + 0xCA, 0xA6, 0xB7, 0x90, 0x2D, 0x52, 0x52, 0x67, 0x35, 0x48, 0x8A, 0x0E, + 0xF1, 0x3C, 0x6D, 0x9A, 0x51, 0xBF, 0xA4, 0xAB, 0x3A, 0xD8, 0x34, 0x77, + 0x96, 0x52, 0x4D, 0x8E, 0xF6, 0xA1, 0x67, 0xB5, 0xA4, 0x18, 0x25, 0xD9, + 0x67, 0xE1, 0x44, 0xE5, 0x14, 0x05, 0x64, 0x25, 0x1C, 0xCA, 0xCB, 0x83, + 0xE6, 0xB4, 0x86, 0xF6, 0xB3, 0xCA, 0x3F, 0x79, 0x71, 0x50, 0x60, 0x26, + 0xC0, 0xB8, 0x57, 0xF6, 0x89, 0x96, 0x28, 0x56, 0xDE, 0xD4, 0x01, 0x0A, + 0xBD, 0x0B, 0xE6, 0x21, 0xC3, 0xA3, 0x96, 0x0A, 0x54, 0xE7, 0x10, 0xC3, + 0x75, 0xF2, 0x63, 0x75, 0xD7, 0x01, 0x41, 0x03, 0xA4, 0xB5, 0x43, 0x30, + 0xC1, 0x98, 0xAF, 0x12, 0x61, 0x16, 0xD2, 0x27, 0x6E, 0x11, 0x71, 0x5F, + 0x69, 0x38, 0x77, 0xFA, 0xD7, 0xEF, 0x09, 0xCA, 0xDB, 0x09, 0x4A, 0xE9, + 0x1E, 0x1A, 0x15, 0x97 + }; + static const unsigned char dh2048_g[] = { + 0x3F, 0xB3, 0x2C, 0x9B, 0x73, 0x13, 0x4D, 0x0B, 0x2E, 0x77, 0x50, 0x66, + 0x60, 0xED, 0xBD, 0x48, 0x4C, 0xA7, 0xB1, 0x8F, 0x21, 0xEF, 0x20, 0x54, + 0x07, 0xF4, 0x79, 0x3A, 0x1A, 0x0B, 0xA1, 0x25, 0x10, 0xDB, 0xC1, 0x50, + 0x77, 0xBE, 0x46, 0x3F, 0xFF, 0x4F, 0xED, 0x4A, 0xAC, 0x0B, 0xB5, 0x55, + 0xBE, 0x3A, 0x6C, 0x1B, 0x0C, 0x6B, 0x47, 0xB1, 0xBC, 0x37, 0x73, 0xBF, + 0x7E, 0x8C, 0x6F, 0x62, 0x90, 0x12, 0x28, 0xF8, 0xC2, 0x8C, 0xBB, 0x18, + 0xA5, 0x5A, 0xE3, 0x13, 0x41, 0x00, 0x0A, 0x65, 0x01, 0x96, 0xF9, 0x31, + 0xC7, 0x7A, 0x57, 0xF2, 0xDD, 0xF4, 0x63, 0xE5, 0xE9, 0xEC, 0x14, 0x4B, + 0x77, 0x7D, 0xE6, 0x2A, 0xAA, 0xB8, 0xA8, 0x62, 0x8A, 0xC3, 0x76, 0xD2, + 0x82, 0xD6, 0xED, 0x38, 0x64, 0xE6, 0x79, 0x82, 0x42, 0x8E, 0xBC, 0x83, + 0x1D, 0x14, 0x34, 0x8F, 0x6F, 0x2F, 0x91, 0x93, 0xB5, 0x04, 0x5A, 0xF2, + 0x76, 0x71, 0x64, 0xE1, 0xDF, 0xC9, 0x67, 0xC1, 0xFB, 0x3F, 0x2E, 0x55, + 0xA4, 0xBD, 0x1B, 0xFF, 0xE8, 0x3B, 0x9C, 0x80, 0xD0, 0x52, 0xB9, 0x85, + 0xD1, 0x82, 0xEA, 0x0A, 0xDB, 0x2A, 0x3B, 0x73, 0x13, 0xD3, 0xFE, 0x14, + 0xC8, 0x48, 0x4B, 0x1E, 0x05, 0x25, 0x88, 0xB9, 0xB7, 0xD2, 0xBB, 0xD2, + 0xDF, 0x01, 0x61, 0x99, 0xEC, 0xD0, 0x6E, 0x15, 0x57, 0xCD, 0x09, 0x15, + 0xB3, 0x35, 0x3B, 0xBB, 0x64, 0xE0, 0xEC, 0x37, 0x7F, 0xD0, 0x28, 0x37, + 0x0D, 0xF9, 0x2B, 0x52, 0xC7, 0x89, 0x14, 0x28, 0xCD, 0xC6, 0x7E, 0xB6, + 0x18, 0x4B, 0x52, 0x3D, 0x1D, 0xB2, 0x46, 0xC3, 0x2F, 0x63, 0x07, 0x84, + 0x90, 0xF0, 0x0E, 0xF8, 0xD6, 0x47, 0xD1, 0x48, 0xD4, 0x79, 0x54, 0x51, + 0x5E, 0x23, 0x27, 0xCF, 0xEF, 0x98, 0xC5, 0x82, 0x66, 0x4B, 0x4C, 0x0F, + 0x6C, 0xC4, 0x16, 0x59 + }; + DH *dh; + + if ((dh = DH_new()) == NULL) return(NULL); + dh->p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL); + dh->g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL); + if ((dh->p == NULL) || (dh->g == NULL)) { + DH_free(dh); + return(NULL); + } + return(dh); +} + +static SSL_CTX * +ssl_context_enable_dhe(const char * dhparams_file, SSL_CTX * ctx) +{ + DH * server_dh; + + if (dhparams_file) { + scoped_BIO bio(BIO_new_file(dhparams_file, "r")); + server_dh = PEM_read_bio_DHparams(bio.get(), NULL, NULL, NULL); + } else { + server_dh = get_dh2048(); + } + + if (!server_dh) { + Error("SSL dhparams source returned invalid parameters"); + return NULL; + } + + if (!SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE) || + !SSL_CTX_set_tmp_dh(ctx, server_dh)) { + DH_free(server_dh); + Error("failed to configure SSL DH"); + return NULL; + } + + DH_free(server_dh); + + return ctx; +} + static SSL_CTX * ssl_context_enable_ecdh(SSL_CTX * ctx) { @@ -1290,6 +1384,9 @@ SSLInitServerContext( SSL_CTX_set_default_passwd_cb_userdata(CTX, NULL);\ } SSL_CLEAR_PW_REFERENCES(ud,ctx) + if (!ssl_context_enable_dhe(params->dhparamsFile, ctx)) { + goto fail; + } return ssl_context_enable_ecdh(ctx); fail: http://git-wip-us.apache.org/repos/asf/trafficserver/blob/f1aec358/lib/perl/lib/Apache/TS/AdminClient.pm ---------------------------------------------------------------------- diff --git a/lib/perl/lib/Apache/TS/AdminClient.pm b/lib/perl/lib/Apache/TS/AdminClient.pm index 0dc4a8a..676ad74 100644 --- a/lib/perl/lib/Apache/TS/AdminClient.pm +++ b/lib/perl/lib/Apache/TS/AdminClient.pm @@ -701,6 +701,7 @@ The Apache Traffic Server Administration Manual will explain what these strings proxy.config.ssl.server.cert.path proxy.config.ssl.server.cipher_suite proxy.config.ssl.server.honor_cipher_order + proxy.config.ssl.server.dhparams_file proxy.config.ssl.SSLv2 proxy.config.ssl.SSLv3 proxy.config.ssl.TLSv1 http://git-wip-us.apache.org/repos/asf/trafficserver/blob/f1aec358/mgmt/RecordsConfig.cc ---------------------------------------------------------------------- diff --git a/mgmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc index 3c659e5..3fbbfdd 100644 --- a/mgmt/RecordsConfig.cc +++ b/mgmt/RecordsConfig.cc @@ -1311,6 +1311,8 @@ static const RecordElement RecordsConfig[] = , {RECT_CONFIG, "proxy.config.ssl.allow_client_renegotiation", RECD_INT, "0", RECU_DYNAMIC, RR_NULL, RECC_INT, "[0-1]", RECA_NULL} , + {RECT_CONFIG, "proxy.config.ssl.server.dhparams_file", RECD_STRING, NULL, RECU_RESTART_TS, RR_NULL, RECC_NULL, NULL, RECA_NULL} + , //############################################################################## //# //# OCSP (Online Certificate Status Protocol) Stapling Configuration
