On 05.01.2014 15:09, Dr Stephen Henson wrote: > One the subject of 1.0.2 would it be appropriate to set auto ecdh parameter > selection as the default in mod_ssl where supported? As things stand one > single > curve can be set (with default P-256) and it's an all or nothing choice, with > auto parameter selection the highest priority curve supported by both sides > is used.
For ephemeral keys, you mean? So something like the below in ssl_init_server_certs? I think that would make sense if the admin did not explicitly configure a single curve (together with the "Curves" SSL_CONF command, this should allow "to configure a list of curve names [...] (from which OpenSSL would then pick the first which intersects with the elliptic_curves extension from the ClientHello)", as mentioned in [1], right?). Kaspar [1] https://mail-archives.apache.org/mod_mbox/httpd-dev/201309.mbox/%[email protected]%3E --- modules/ssl/ssl_engine_init.c (revision 1555662) +++ modules/ssl/ssl_engine_init.c (working copy) @@ -1020,11 +1020,16 @@ static apr_status_t ssl_init_server_certs(server_r OBJ_nid2sn(nid), vhost_id, certfile); } /* - * ...otherwise, configure NIST P-256 (required to enable ECDHE) + * ...otherwise, enable auto curve selection (OpenSSL 1.0.2 and later) + * or configure NIST P-256 (required to enable ECDHE for earlier versions) */ else { +#if defined(SSL_CTX_set_ecdh_auto) + SSL_CTX_set_ecdh_auto(mctx->ssl_ctx, 1); +#else SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); +#endif } #endif
