Author: rjung
Date: Fri May 22 19:54:09 2015
New Revision: 1681218
URL: http://svn.apache.org/r1681218
Log:
Port mod_ssl improvements to tcnative/ssl:
r1605827 | jorton | 2014-06-26 17:49:49 +0200 (Thu, 26 Jun 2014) | 6 lines
* modules/ssl/ssl_engine_init.c: Make DH handling a bit more generic,
and adjust selection logic to prefer use of larger not smaller keys.
(init_dh_params, free_dh_params, modssl_get_dh_params): Use array of
structs to store and initialize DH parameters up to 8192-bit.
r1603915 | jorton | 2014-06-19 17:09:15 +0200 (Thu, 19 Jun 2014) | 6 lines
* modules/ssl/ssl_engine_init.c (make_dh_params): Remove redundant
temporary variable; no functional change.
(free_dh_params): Add comment.
Submitted by: rpluem, jorton
r1598107 | jorton | 2014-05-28 21:14:28 +0200 (Wed, 28 May 2014) | 12 lines
Create DH parameters from OpenSSL at module init, avoiding (very
minor) race and leaks:
* modules/ssl/ssl_engine_init.c (make_dh_params): Moved/rejigged
variant of make_get_dh() macro.
(init_dh_params, free_dh_params): New functions.
(modssl_get_dh_params): Split out from ssl_callback_TmpDH.
(ssl_init_Module, ssl_init_ModuleKill): Use new init_/free_.
* modules/ssl/ssl_engine_kernel.c: Moved out DH parameter handling.
(ssl_callback_TmpDH): Use modssl_get_dh_params.
r1597349 | rpluem | 2014-05-24 22:28:56 +0200 (Sat, 24 May 2014) | 12 lines
* Hand out the same DH structure in ssl_callback_TmpDH set by
SSL_CTX_set_tmp_dh_callback though once generated as we leak
memory otherwise and freeing the structure up after use would be
hard to track and in fact is not needed at all as it is safe to
use the same parameters over and over again security wise (in
contrast to the keys itself) and code safe as the returned structure
is duplicated by OpenSSL anyway. Hence no modification happens
to our copy.
Observed by: rjung
Reviewed by: kbrand
Modified:
tomcat/native/trunk/native/include/ssl_private.h
tomcat/native/trunk/native/src/ssl.c
tomcat/native/trunk/native/src/sslutils.c
Modified: tomcat/native/trunk/native/include/ssl_private.h
URL:
http://svn.apache.org/viewvc/tomcat/native/trunk/native/include/ssl_private.h?rev=1681218&r1=1681217&r2=1681218&view=diff
==============================================================================
--- tomcat/native/trunk/native/include/ssl_private.h (original)
+++ tomcat/native/trunk/native/include/ssl_private.h Fri May 22 19:54:09 2015
@@ -333,6 +333,7 @@ int SSL_password_prompt(tcn_pass
int SSL_password_callback(char *, int, int, void *);
void SSL_BIO_close(BIO *);
void SSL_BIO_doref(BIO *);
+DH *SSL_get_dh_params(unsigned keylen);
DH *SSL_dh_GetParamFromFile(const char *);
#ifdef HAVE_ECC
EC_GROUP *SSL_ec_GetParamFromFile(const char *);
Modified: tomcat/native/trunk/native/src/ssl.c
URL:
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/ssl.c?rev=1681218&r1=1681217&r2=1681218&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/ssl.c (original)
+++ tomcat/native/trunk/native/src/ssl.c Fri May 22 19:54:09 2015
@@ -193,6 +193,79 @@ static const jint supported_ssl_opts = 0
#endif
| 0;
+/*
+ * Grab well-defined DH parameters from OpenSSL, see the get_rfc*
+ * functions in <openssl/bn.h> for all available primes.
+ */
+static DH *make_dh_params(BIGNUM *(*prime)(BIGNUM *), const char *gen)
+{
+ DH *dh = DH_new();
+
+ if (!dh) {
+ return NULL;
+ }
+ dh->p = prime(NULL);
+ BN_dec2bn(&dh->g, gen);
+ if (!dh->p || !dh->g) {
+ DH_free(dh);
+ return NULL;
+ }
+ return dh;
+}
+
+/* Storage and initialization for DH parameters. */
+static struct dhparam {
+ BIGNUM *(*const prime)(BIGNUM *); /* function to generate... */
+ DH *dh; /* ...this, used for keys.... */
+ const unsigned int min; /* ...of length >= this. */
+} dhparams[] = {
+ { get_rfc3526_prime_8192, NULL, 6145 },
+ { get_rfc3526_prime_6144, NULL, 4097 },
+ { get_rfc3526_prime_4096, NULL, 3073 },
+ { get_rfc3526_prime_3072, NULL, 2049 },
+ { get_rfc3526_prime_2048, NULL, 1025 },
+ { get_rfc2409_prime_1024, NULL, 0 }
+};
+
+static void init_dh_params(void)
+{
+ unsigned n;
+
+ for (n = 0; n < sizeof(dhparams)/sizeof(dhparams[0]); n++)
+ dhparams[n].dh = make_dh_params(dhparams[n].prime, "2");
+}
+
+static void free_dh_params(void)
+{
+ unsigned n;
+
+ /* DH_free() is a noop for a NULL parameter, so these are harmless
+ * in the (unexpected) case where these variables are already
+ * NULL. */
+ for (n = 0; n < sizeof(dhparams)/sizeof(dhparams[0]); n++) {
+ DH_free(dhparams[n].dh);
+ dhparams[n].dh = NULL;
+ }
+}
+
+/* Hand out the same DH structure though once generated as we leak
+ * memory otherwise and freeing the structure up after use would be
+ * hard to track and in fact is not needed at all as it is safe to
+ * use the same parameters over and over again security wise (in
+ * contrast to the keys itself) and code safe as the returned structure
+ * is duplicated by OpenSSL anyway. Hence no modification happens
+ * to our copy. */
+DH *SSL_get_dh_params(unsigned keylen)
+{
+ unsigned n;
+
+ for (n = 0; n < sizeof(dhparams)/sizeof(dhparams[0]); n++)
+ if (keylen >= dhparams[n].min)
+ return dhparams[n].dh;
+
+ return NULL; /* impossible to reach. */
+}
+
TCN_IMPLEMENT_CALL(jint, SSL, version)(TCN_STDARGS)
{
UNREFERENCED_STDARGS;
@@ -223,6 +296,8 @@ static apr_status_t ssl_init_cleanup(voi
tcn_password_callback.cb.obj);
}
+ free_dh_params();
+
/*
* Try to kill the internals of the SSL library.
*/
@@ -643,6 +718,8 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize
/* For SSL_get_app_data2() at request time */
SSL_init_app_data2_idx();
+ init_dh_params();
+
/*
* Let us cleanup the ssl library when the library is unloaded
*/
Modified: tomcat/native/trunk/native/src/sslutils.c
URL:
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslutils.c?rev=1681218&r1=1681217&r2=1681218&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/sslutils.c (original)
+++ tomcat/native/trunk/native/src/sslutils.c Fri May 22 19:54:09 2015
@@ -189,34 +189,6 @@ EC_GROUP *SSL_ec_GetParamFromFile(const
#endif
/*
- * Grab well-defined DH parameters from OpenSSL, see <openssl/bn.h>
- * (get_rfc*) for all available primes.
- */
-#define make_get_dh(rfc,size,gen) \
-static DH *get_dh##size(void) \
-{ \
- DH *dh; \
- if (!(dh = DH_new())) { \
- return NULL; \
- } \
- dh->p = get_##rfc##_prime_##size(NULL); \
- BN_dec2bn(&dh->g, #gen); \
- if (!dh->p || !dh->g) { \
- DH_free(dh); \
- return NULL; \
- } \
- return dh; \
-}
-
-/*
- * Prepare DH parameters from 1024 to 4096 bits, in 1024-bit increments
- */
-make_get_dh(rfc2409, 1024, 2)
-make_get_dh(rfc3526, 2048, 2)
-make_get_dh(rfc3526, 3072, 2)
-make_get_dh(rfc3526, 4096, 2)
-
-/*
* Hand out standard DH parameters, based on the authentication strength
*/
DH *SSL_callback_tmp_DH(SSL *ssl, int export, int keylen)
@@ -239,14 +211,7 @@ DH *SSL_callback_tmp_DH(SSL *ssl, int ex
if ((type == EVP_PKEY_RSA) || (type == EVP_PKEY_DSA)) {
keylen = EVP_PKEY_bits(pkey);
}
- if (keylen >= 4096)
- return get_dh4096();
- else if (keylen >= 3072)
- return get_dh3072();
- else if (keylen >= 2048)
- return get_dh2048();
- else
- return get_dh1024();
+ return SSL_get_dh_params(keylen);
}
/*
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
