On 10.11.2011 00:37, [email protected] wrote: > Author: pquerna > Date: Wed Nov 9 23:37:37 2011 > New Revision: 1200040 > > URL: http://svn.apache.org/viewvc?rev=1200040&view=rev > Log: > Add support for RFC 5077 TLS Session tickets. This adds two new directives: > > * SSLTicketKeyFile: To store the private information for the encryption of > the ticket. > * SSLTicketKeyDefault To set the default, otherwise the first listed token is > used. This enables key rotation across servers.
It's not completely clear to me how these two directives interact - what does "first listed token" relate to? Can multiple SSLTicketKeyFile directives appear within a VirtualHost? > --- httpd/httpd/trunk/CHANGES [utf-8] (original) > +++ httpd/httpd/trunk/CHANGES [utf-8] Wed Nov 9 23:37:37 2011 > @@ -1,6 +1,9 @@ > -*- coding: utf-8 > -*- > Changes with Apache 2.3.16 > > + *) mod_ssl: Add support for RFC 5077 TLS Session tickets. > + [Paul Querna] This is somewhat misleading, I think. Session tickets are supported in mod_ssl as soon as you compile it against OpenSSL 0.9.8f or later (they default to on in OpenSSL, SSL_OP_NO_TICKET would have to be set otherwise). What your patch adds, OTOH, is allowing explicit control of the ticket encryption/decryption keys. > Modified: httpd/httpd/trunk/modules/ssl/mod_ssl.c > URL: > http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/mod_ssl.c?rev=1200040&r1=1200039&r2=1200040&view=diff > ============================================================================== > --- httpd/httpd/trunk/modules/ssl/mod_ssl.c (original) > +++ httpd/httpd/trunk/modules/ssl/mod_ssl.c Wed Nov 9 23:37:37 2011 > @@ -79,6 +79,14 @@ static const command_rec ssl_config_cmds > SSL_CMD_SRV(FIPS, FLAG, > "Enable FIPS-140 mode " > "(`on', `off')") > +#ifdef HAVE_TLSEXT_TICKETS > + SSL_CMD_SRV(TicketKeyFile, TAKE2, > + "Key file to use for encrypting and decrypting the client > ticket (RFC 5077) " > + "(keyname '/path/to/file')") I suggest to add some info about the contents of these files (like "48 random bytes in binary format"). Also, the documentation of this directive should encourage users to regularly change these keys. > Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_config.c > URL: > http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_config.c?rev=1200040&r1=1200039&r2=1200040&view=diff > ============================================================================== > --- httpd/httpd/trunk/modules/ssl/ssl_engine_config.c (original) > +++ httpd/httpd/trunk/modules/ssl/ssl_engine_config.c Wed Nov 9 23:37:37 2011 > @@ -200,6 +200,12 @@ static SSLSrvConfigRec *ssl_config_serve > sc->fips = UNSET; > #endif > > +#ifdef HAVE_TLSEXT_TICKETS > + sc->default_ticket_name = NULL; > + sc->default_ticket = NULL; > + sc->tickets = apr_array_make(p, 4, sizeof(modssl_ticket_t*)); Maybe a stupid question, but I don't (yet) see the reason for using an array with four elements... could you perhaps shed some more light on this? > Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c > URL: > http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?rev=1200040&r1=1200039&r2=1200040&view=diff > ============================================================================== > --- httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c (original) > +++ httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c Wed Nov 9 23:37:37 2011 > @@ -2067,3 +2067,94 @@ static int ssl_find_vhost(void *serverna > return 0; > } > #endif > + > +#ifdef HAVE_TLSEXT_TICKETS > + > +#ifndef tlsext_tick_md > +#ifdef OPENSSL_NO_SHA256 > +#define tlsext_tick_md EVP_sha1 > +#else > +#define tlsext_tick_md EVP_sha256 > +#endif > +#endif That's something which belongs into ssl_private.h, I think. As a general comment, I would like to see some guidelines in the documentation as to when an explicit configuration of TLS session ticket keys really makes sense - and how to create/maintain the key files, in this case. For a default standalone setup, people are still better off with using OpenSSL's default of randomly generated session keys, IMO (except that the lifetime of these keys might be too long, if httpd is run for longer periods without any reload/restart). Kaspar
