Seems like a very required patch. I was wondering about another semi-related issue from the past: Certificate DB directory become unusable, Was it resolved on 3.5 or 4?
Thanks, Eliezer ---- Eliezer Croitoru Linux System Administrator Mobile: +972-5-28704261 Email: [email protected] -----Original Message----- From: squid-dev [mailto:[email protected]] On Behalf Of Christos Tsantilas Sent: Friday, July 14, 2017 18:19 To: Squid Developers <[email protected]> Subject: [squid-dev] [PATCH] Fix SSL certificate cache refresh and collision handling. SslBump was ignoring origin server certificate changes and using the previously cached fake certificate (mimicking now-stale properties). Also, Squid was not detecting key collisions inside certificate caches. On-disk certificate cache fixes: - Use the original certificate signature instead of the certificate subject as part of the key. Using signatures reduces certificate key collisions to deliberate attacks and woefully misconfigured origins, and makes any mishandled attacks a lot less dangerous because the attacking origin server certificate cannot by trusted by a properly configured Squid and cannot be used for encryption by an attacker. We have considered using certificate digests instead of signatures. Digests would further reduce the attack surface to copies of public certificates (as if the origin server was woefully misconfigured). However, unlike the origin-supplied signatures, digests require (expensive) computation in Squid, and implemented collision handling should make any signature-based attacks unappealing. Signatures won on performance grounds. Other key components remain the same: NotValidAfter, NotValidBefore, forced common name, non-default signing algorithm, and signing hash. - Store the original server certificate in the cache (together with the generated certificate) for reliable key collision detection. - Upon detecting key collisions, ignore and replace the existing cache entry with a freshly computed one. This change is required to prevent an attacker from tricking Squid into hitting a cached impersonating certificate when talking to a legitimate origin. In-memory SSL context cache fixes: - Use the original server certificate (in ASN.1 form) as a part of the cache key, to completely eliminate cache key collisions. Other related improvements: - Make the LruMap keys template parameters. - Polish Ssl::CertificateDb class member names to match Squid coding style. Rename some functions parameters to better match their meaning. - Replace Ssl::CertificateProperties::dbKey() with: * Ssl::TxtKeyForCertificateProperties() in ssl/gadgets.cc for on-disk key generation by the ssl_crtd helper; * Ssl::UniqueKeyForCertificateProperties() in ssl/support.cc for in-memory binary keys generation by the SSL context memory cache. - Optimization: Added Ssl::BIO_new_SBuf(SBuf*) for OpenSSL to write directly into SBuf objects. This is a Measurement Factory project. _______________________________________________ squid-dev mailing list [email protected] http://lists.squid-cache.org/listinfo/squid-dev
