httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dr Stephen Henson <>
Subject Re: [PATCH] mod_ssl: improving session caching for SNI configurations
Date Sat, 07 Nov 2009 17:35:39 GMT
Kaspar Brand wrote:
> Dr Stephen Henson wrote:
>> A few comments about that:
> Thanks for the review!
>> These are cryptographic keys (or at least the HMAC and AES keys are) so you
>> should use RAND_bytes(), not RAND_pseudo_bytes().
> Ok - when looking at ssl_lib.c:SSL_CTX_new(), I didn't realize that
> RAND_pseudo_bytes() is only used for tlsext_tick_key_name. Changed
> accordingly.
>> Don't dereference the structures directly as at some point the sizes might
>> change, the structure made opaque or a different mechanism used for storing keys
>> (e.g. HSM support).
> I was looking at a way to determine the size at compile time, but if you
> think that's an unsafe method (note: it's only expected to work for
> 0.9.8f through 0.9.8l), then let's change it.

These things have a habit of persisting far longer than their expected lifetime ;-)

>> The approved way is to call:
>> SSL_CTX_set_tlsext_ticket_keys(sc->server->ssl_ctx, NULL, -1)
>> which will return the combined length of all keys.
> Did that - does v3 of the patch (attached) look better? Is it ok to use
> apr_palloc here?

Yes that looks better. There is an alternative technique if it is easier to find
a "base" SSL_CTX, you can retrieve the auto generated keys using
SSL_CTX_get_tlsext_ticket_keys() and then copy to the new context as above.

Dr Stephen N. Henson. Senior Technical/Cryptography Advisor,
Open Source Software Institute:
OpenSSL Core team:

View raw message