This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
commit e1370e7bb3ef03b601b581e5a188e22eb1c9c967 Author: Mark Thomas <[email protected]> AuthorDate: Fri Dec 12 09:21:25 2025 +0000 Use new auto configuration of DH params rather than deprecated callback --- native/src/ssl.c | 81 ------------------------------------------------- native/src/sslcontext.c | 4 +-- native/src/sslutils.c | 26 ---------------- 3 files changed, 2 insertions(+), 109 deletions(-) diff --git a/native/src/ssl.c b/native/src/ssl.c index 838300c53..aabd6c8a6 100644 --- a/native/src/ssl.c +++ b/native/src/ssl.c @@ -43,67 +43,6 @@ static void ssl_keylog_callback(const SSL *ssl, const char *line) static jclass byteArrayClass; static jclass stringClass; -/* - * Grab well-defined DH parameters from OpenSSL, see the BN_get_rfc* - * functions in <openssl/bn.h> for all available primes. - */ -static DH *make_dh_params(BIGNUM *(*prime)(BIGNUM *)) -{ - DH *dh = DH_new(); - BIGNUM *p, *g; - - if (!dh) { - return NULL; - } - p = prime(NULL); - g = BN_new(); - if (g != NULL) { - BN_set_word(g, 2); - } - if (!p || !g || !DH_set0_pqg(dh, p, NULL, g)) { - DH_free(dh); - BN_free(p); - BN_free(g); - return NULL; - } - return dh; -} - -/* Storage and initialization for DH parameters. */ -static struct dhparam { - BIGNUM *(*const prime)(BIGNUM *); /* function to generate... */ - DH *dh; /* ...this, used for keys.... */ - const unsigned int min; /* ...of length >= this. */ -} dhparams[] = { - { BN_get_rfc3526_prime_8192, NULL, 6145 }, - { BN_get_rfc3526_prime_6144, NULL, 4097 }, - { BN_get_rfc3526_prime_4096, NULL, 3073 }, - { BN_get_rfc3526_prime_3072, NULL, 2049 }, - { BN_get_rfc3526_prime_2048, NULL, 1025 }, - { BN_get_rfc2409_prime_1024, NULL, 0 } -}; - -static void init_dh_params(void) -{ - unsigned n; - - for (n = 0; n < sizeof(dhparams)/sizeof(dhparams[0]); n++) - dhparams[n].dh = make_dh_params(dhparams[n].prime); -} - -static void free_dh_params(void) -{ - unsigned n; - - /* DH_free() is a noop for a NULL parameter, so these are harmless - * in the (unexpected) case where these variables are already - * NULL. */ - for (n = 0; n < sizeof(dhparams)/sizeof(dhparams[0]); n++) { - DH_free(dhparams[n].dh); - dhparams[n].dh = NULL; - } -} - void SSL_callback_add_keylog(SSL_CTX *ctx) { if (key_log_file) { @@ -111,24 +50,6 @@ void SSL_callback_add_keylog(SSL_CTX *ctx) } } -/* Hand out the same DH structure though once generated as we leak - * memory otherwise and freeing the structure up after use would be - * hard to track and in fact is not needed at all as it is safe to - * use the same parameters over and over again security wise (in - * contrast to the keys itself) and code safe as the returned structure - * is duplicated by OpenSSL anyway. Hence no modification happens - * to our copy. */ -DH *SSL_get_dh_params(unsigned keylen) -{ - unsigned n; - - for (n = 0; n < sizeof(dhparams)/sizeof(dhparams[0]); n++) - if (keylen >= dhparams[n].min) - return dhparams[n].dh; - - return NULL; /* impossible to reach. */ -} - static void init_bio_methods(void); static void free_bio_methods(void); @@ -156,7 +77,6 @@ static apr_status_t ssl_init_cleanup(void *data) ssl_initialized = 0; free_bio_methods(); - free_dh_params(); #ifndef OPENSSL_NO_ENGINE if (tcn_ssl_engine != NULL) { @@ -347,7 +267,6 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS, jstring engine) /* For SSL_get_app_data2(), SSL_get_app_data3() and SSL_get_app_data4() at request time */ SSL_init_app_data_idx(); - init_dh_params(); init_bio_methods(); /* diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c index f41305654..a04d0f04e 100644 --- a/native/src/sslcontext.c +++ b/native/src/sslcontext.c @@ -1118,7 +1118,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCertificate)(TCN_STDARGS, jlong ctx, EC_KEY_free(eckey); EC_GROUP_free(ecparams); #endif - SSL_CTX_set_tmp_dh_callback(c->ctx, SSL_callback_tmp_DH); + SSL_CTX_set_dh_auto(c->ctx, 1); cleanup: TCN_FREE_CSTRING(cert); @@ -1227,7 +1227,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCertificateRaw)(TCN_STDARGS, jlong c * TODO try to read the ECDH curve name from somewhere... */ #endif - SSL_CTX_set_tmp_dh_callback(c->ctx, SSL_callback_tmp_DH); + SSL_CTX_set_dh_auto(c->ctx, 1); cleanup: free(key); free(cert); diff --git a/native/src/sslutils.c b/native/src/sslutils.c index 79741d0ac..3878afa6b 100644 --- a/native/src/sslutils.c +++ b/native/src/sslutils.c @@ -207,32 +207,6 @@ EC_GROUP *SSL_ec_GetParamFromFile(const char *file) } #endif -/* - * Hand out standard DH parameters, based on the authentication strength - */ -DH *SSL_callback_tmp_DH(SSL *ssl, int export, int keylen) -{ - EVP_PKEY *pkey = SSL_get_privatekey(ssl); - int type = pkey != NULL ? EVP_PKEY_base_id(pkey) : EVP_PKEY_NONE; - - /* - * OpenSSL will call us with either keylen == 512 or keylen == 1024 - * (see the definition of SSL_EXPORT_PKEYLENGTH in ssl_locl.h). - * Adjust the DH parameter length according to the size of the - * RSA/DSA private key used for the current connection, and always - * use at least 1024-bit parameters. - * Note: This may cause interoperability issues with implementations - * which limit their DH support to 1024 bit - e.g. Java 7 and earlier. - * In this case, SSLCertificateFile can be used to specify fixed - * 1024-bit DH parameters (with the effect that OpenSSL skips this - * callback). - */ - if ((type == EVP_PKEY_RSA) || (type == EVP_PKEY_DSA)) { - keylen = EVP_PKEY_bits(pkey); - } - return SSL_get_dh_params(keylen); -} - /* * Read a file that optionally contains the server certificate in PEM * format, possibly followed by a sequence of CA certificates that --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
