> You said that users can put the DH params in the cert file and that they'll > be loaded along with the cert. From what I understand, the params you > generate are produced as alternatives for the cases where they're not > provided with the cert (please correct me if I'm wrong, this is still > obscure to me).
You are absolutely right. > Do you think that openssl only tries to load these DH params from a cert > when DHE is enabled ? If so, maybe we can register a callback there. Unfortunately no, haproxy explicitly tries to load the DH params from a cert by calling PEM_read_bio_DHparams() in ssl_sock_load_dh_params(), which is called every time an X.509 server certificate is loaded, except if OPENSSL_NO_DH is defined. > Shouldn't we simply look for "DHE" in the cipher string if that's the way > people use to declare the algorithms (as a full match, not substring) ? We could do that, but then we would rely on the fact that OpenSSL will always include "DHE" in the text representation of cipher suites using a DHE key exchange. While I am not a big fan of the OpenSSL bashing happening these days, I have to admit they have not the best consistency record, especially regarding the DHE naming, as the OpenSSL source states in ssl/tls1.h: /* XXX * Inconsistency alert: * The OpenSSL names of ciphers with ephemeral DH here include the string * "DHE", while elsewhere it has always been "EDH". * (The alias for the list of all such ciphers also is "EDH".) * The specifications speak of "EDH"; maybe we should allow both forms * for everything. */ So, I am not sure of what to do. Maybe a slightly different warning message mentioning that DHE might not in use? But I am afraid it may only confuse users a bit more. -- Rémi Gacogne Aqua Ray SAS au capital de 105.720 Euros RCS Créteil 447 997 099 www.aquaray.fr 14, rue Jules Vanzuppe 94854 IVRY-SUR-SEINE CEDEX (France) Tel : (+33) (0)1 84 04 04 05 Fax : (+33) (0)1 77 65 60 42
signature.asc
Description: OpenPGP digital signature
