Return-Path: X-Original-To: apmail-httpd-dev-archive@www.apache.org Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 47334177AD for ; Tue, 5 May 2015 18:03:32 +0000 (UTC) Received: (qmail 5881 invoked by uid 500); 5 May 2015 18:03:31 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 5808 invoked by uid 500); 5 May 2015 18:03:31 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 5798 invoked by uid 99); 5 May 2015 18:03:31 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 05 May 2015 18:03:31 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: message received from 54.76.25.247 which is an MX secondary for dev@httpd.apache.org) Received: from [54.76.25.247] (HELO mx1-eu-west.apache.org) (54.76.25.247) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 05 May 2015 18:03:04 +0000 Received: from mail-ie0-f177.google.com (mail-ie0-f177.google.com [209.85.223.177]) by mx1-eu-west.apache.org (ASF Mail Server at mx1-eu-west.apache.org) with ESMTPS id CBFFE2156C for ; Tue, 5 May 2015 18:03:02 +0000 (UTC) Received: by iecrt8 with SMTP id rt8so151743613iec.0 for ; Tue, 05 May 2015 11:03:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=aaD2zGM4WSrzMjvX71lHeNIfKkCcDn0Ym9ck5GLcXgA=; b=bHmu46elWBqo+iX0Tg6RggVb3/GczpeOmDu5kBwbfHB8OVtWYcDSgO8JWLx4tBKWYg H7L6XalRWCWd+KueH7QXrADvJLl28msCZR3kbfIPodQDpIU/aCO13lk2sJaPZePSXNqy dIrBJer7C9/T5sCmn7sYjVJXGy/GNp0paB65WRsEf5fRbgBlj/9f5p/8tmuIGKL5Lf/P tPp2o1Q+4OyLulOmyTLWHpFCi043KW5eyHMiJrfYUibFyDkA/LQAWwPYnXUlblqjqnqR RJTvoWEdhls8g1KN4rkFRZ5PoojCLu8SPbR+SVayROloEw4JFXJngorp8Vz9m2uxqBox vCzw== MIME-Version: 1.0 X-Received: by 10.50.85.113 with SMTP id g17mr1783333igz.46.1430848981774; Tue, 05 May 2015 11:03:01 -0700 (PDT) Received: by 10.79.71.4 with HTTP; Tue, 5 May 2015 11:03:01 -0700 (PDT) In-Reply-To: References: Date: Tue, 5 May 2015 20:03:01 +0200 Message-ID: Subject: Re: Possible mod_ssl's backports to 2.2.x? (was: Looking ahead to 2.4.13 / 2.2.30) From: Yann Ylavic To: httpd Content-Type: multipart/mixed; boundary=089e014954e04965d90515597db2 X-Virus-Checked: Checked by ClamAV on apache.org --089e014954e04965d90515597db2 Content-Type: text/plain; charset=UTF-8 Please note that the primes constants in modules/ssl/ssl_engine_dh.c are from openssl/crypto/bn/bn_const.c. FWIW, attached is a (stripped) diff between the two files that shows constants are the same... On Tue, May 5, 2015 at 7:12 PM, Yann Ylavic wrote: > Possible backport patch attached. > > On Tue, May 5, 2015 at 3:14 PM, Yann Ylavic wrote: >> I'd like to propose those 2.4.x CHANGES (r1542327+r1569005+r1542327) >> for backport to 2.2.x (in reverse order): >> >> *) mod_ssl: Fix tmp DH parameter leak, adjust selection to prefer >> larger keys and support up to 8192-bit keys. [Ruediger Pluem, >> Joe Orton] >> >> *) mod_ssl: Improve handling of ephemeral DH and ECDH keys by >> allowing custom parameters to be configured via SSLCertificateFile, >> and by adding standardized DH parameters for 1024/2048/3072/4096 bits. >> Unless custom parameters are configured, the standardized parameters >> are applied based on the certificate's RSA/DSA key size. [Kaspar Brand] >> >> *) mod_ssl, configure: Require OpenSSL 0.9.8a or later. [Kaspar Brand] >> >> *) mod_ssl: drop support for export-grade ciphers with ephemeral RSA >> keys, and unconditionally disable aNULL, eNULL and EXP ciphers >> (not overridable via SSLCipherSuite). [Kaspar Brand] >> >> or at least partly. >> >> Beyond the (problematic?) requirement on OpenSSL 0.9.8a (discussed >> below), and what may look like an improvement only (first one), there >> are also security considerations: >> - ephemeral DH keys (for EDH ciphers) are currently limited to 1024 >> bits in 2.2.x, so with 2048 bits or more certificates (quite >> recommended today), one should use its own dhparams for (E)DH ciphers, >> - ecparams loadable from certificate allow to configure the curve/key >> (plus SSL_CTX_set_ecdh_auto() when openssl >= 1.0.2), >> - export grade ciphers (removed from openssl's maintained versions) >> are still in use with default/general configurations (FREAK, ...). >> >> Regarding requirement on OpenSSL 0.9.8a (what's the actual requirement >> in 2.2.x?), if that's really a stopper, it only concerns the use of >> get_rfc{2409,3526}_prime_{1024,2048,..}() introduced in 0.9.8a >> (AFAICT), and we could eventually include (statically) that primes in >> the code for versions < 0.9.8a. >> But is there real 2.2.x user with OpenSSL < 0.9.8a? >> >> Also, those changes are effective since 2.4.7, and hence are quite >> largely tested already. >> >> Any pros/cons/comments before I try to resolve (hopefully) small conflicts? >> >> Regards, >> Yann. --089e014954e04965d90515597db2 Content-Type: text/plain; charset=US-ASCII; name="ssl_engine_dh-vs-bn_const.diff" Content-Disposition: attachment; filename="ssl_engine_dh-vs-bn_const.diff" Content-Transfer-Encoding: base64 X-Attachment-Id: f_i9bmjapo0 LS0tIG9wZW5zc2wtMS4wLjFtL2NyeXB0by9ibi9ibl9jb25zdC5jCTIwMTUtMDMtMTkgMTQ6MTk6 MDAuMDAwMDAwMDAwICswMTAwCisrKyBtb2R1bGVzL3NzbC9zc2xfZW5naW5lX2RoLmMJMjAxNS0w NS0wNSAxOToyNzowMy42ODkyNjIwMDYgKzAyMDAKQEAgLTEsNDggKzEsMTE2IEBACltdCi0vKi0K Ky8qIC0tLS1FTkQgR0VORVJBVEVEIFNFQ1RJT04tLS0tLS0tLS0tICovCisKKy8qCiAgKiAiU2Vj b25kIE9ha2xleSBEZWZhdWx0IEdyb3VwIiBmcm9tIFJGQzI0MDksIHNlY3Rpb24gNi4yLgogICoK ICAqIFRoZSBwcmltZSBpczogMl4xMDI0IC0gMl45NjAgLSAxICsgMl42NCAqIHsgWzJeODk0IHBp XSArIDEyOTA5MyB9LgogICoKICAqIFJGQzI0MDkgc3BlY2lmaWVzIGEgZ2VuZXJhdG9yIG9mIDIu Ci0gKiBSRkMyNDEyIHNwZWNpZmllcyBhIGdlbmVyYXRvciBvZiAyMi4KICAqLwotCi1CSUdOVU0g KmdldF9yZmMyNDA5X3ByaW1lXzEwMjQoQklHTlVNICpibikKLXsKLSAgICBzdGF0aWMgY29uc3Qg dW5zaWduZWQgY2hhciBSRkMyNDA5X1BSSU1FXzEwMjRbXSA9IHsKK3N0YXRpYyBjb25zdCB1bnNp Z25lZCBjaGFyIGRoMTAyNF9wW10gPSB7CiAgICAgICAgIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYs IDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsCiAgICAgICAgIDB4QzksIDB4MEYsIDB4REEsIDB4QTIs IDB4MjEsIDB4NjgsIDB4QzIsIDB4MzQsCiAgICAgICAgIDB4QzQsIDB4QzYsIDB4NjIsIDB4OEIs IDB4ODAsIDB4REMsIDB4MUMsIDB4RDEsCkBAIC02MCw2MCArMTI4LDI0IEBACiAgICAgICAgIDB4 NDksIDB4MjgsIDB4NjYsIDB4NTEsIDB4RUMsIDB4RTYsIDB4NTMsIDB4ODEsCiAgICAgICAgIDB4 RkYsIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsCiAgICAgfTsKLSAg ICByZXR1cm4gQk5fYmluMmJuKFJGQzI0MDlfUFJJTUVfMTAyNCwgc2l6ZW9mKFJGQzI0MDlfUFJJ TUVfMTAyNCksIGJuKTsKK3N0YXRpYyBjb25zdCB1bnNpZ25lZCBjaGFyIGRoMTAyNF9nW10gPSB7 CisgICAgMHgwMiwKK307CltdCi0vKi0KKy8qCiAgKiAiMjA0OC1iaXQgTU9EUCBHcm91cCIgZnJv bSBSRkMzNTI2LCBTZWN0aW9uIDMuCiAgKgogICogVGhlIHByaW1lIGlzOiAyXjIwNDggLSAyXjE5 ODQgLSAxICsgMl42NCAqIHsgWzJeMTkxOCBwaV0gKyAxMjQ0NzYgfQogICoKICAqIFJGQzM1MjYg c3BlY2lmaWVzIGEgZ2VuZXJhdG9yIG9mIDIuCiAgKi8KLQotQklHTlVNICpnZXRfcmZjMzUyNl9w cmltZV8yMDQ4KEJJR05VTSAqYm4pCi17Ci0gICAgc3RhdGljIGNvbnN0IHVuc2lnbmVkIGNoYXIg UkZDMzUyNl9QUklNRV8yMDQ4W10gPSB7CitzdGF0aWMgY29uc3QgdW5zaWduZWQgY2hhciBkaDIw NDhfcFtdID0gewogICAgICAgICAweEZGLCAweEZGLCAweEZGLCAweEZGLCAweEZGLCAweEZGLCAw eEZGLCAweEZGLAogICAgICAgICAweEM5LCAweDBGLCAweERBLCAweEEyLCAweDIxLCAweDY4LCAw eEMyLCAweDM0LAogICAgICAgICAweEM0LCAweEM2LCAweDYyLCAweDhCLCAweDgwLCAweERDLCAw eDFDLCAweEQxLApAQCAtMTQ3LDIwICsxNzksMjQgQEAKICAgICAgICAgMHgxNSwgMHg3MiwgMHg4 RSwgMHg1QSwgMHg4QSwgMHhBQywgMHhBQSwgMHg2OCwKICAgICAgICAgMHhGRiwgMHhGRiwgMHhG RiwgMHhGRiwgMHhGRiwgMHhGRiwgMHhGRiwgMHhGRiwKICAgICB9OwotICAgIHJldHVybiBCTl9i aW4yYm4oUkZDMzUyNl9QUklNRV8yMDQ4LCBzaXplb2YoUkZDMzUyNl9QUklNRV8yMDQ4KSwgYm4p Oworc3RhdGljIGNvbnN0IHVuc2lnbmVkIGNoYXIgZGgyMDQ4X2dbXSA9IHsKKyAgICAweDAyLAor fTsKW10KLS8qLQorLyoKICAqICIzMDcyLWJpdCBNT0RQIEdyb3VwIiBmcm9tIFJGQzM1MjYsIFNl Y3Rpb24gNC4KICAqCiAgKiBUaGUgcHJpbWUgaXM6IDJeMzA3MiAtIDJeMzAwOCAtIDEgKyAyXjY0 ICogeyBbMl4yOTQyIHBpXSArIDE2OTAzMTQgfQogICoKICAqIFJGQzM1MjYgc3BlY2lmaWVzIGEg Z2VuZXJhdG9yIG9mIDIuCiAgKi8KLQotQklHTlVNICpnZXRfcmZjMzUyNl9wcmltZV8zMDcyKEJJ R05VTSAqYm4pCi17Ci0gICAgc3RhdGljIGNvbnN0IHVuc2lnbmVkIGNoYXIgUkZDMzUyNl9QUklN RV8zMDcyW10gPSB7CitzdGF0aWMgY29uc3QgdW5zaWduZWQgY2hhciBkaDMwNzJfcFtdID0gewog ICAgICAgICAweEZGLCAweEZGLCAweEZGLCAweEZGLCAweEZGLCAweEZGLCAweEZGLCAweEZGLAog ICAgICAgICAweEM5LCAweDBGLCAweERBLCAweEEyLCAweDIxLCAweDY4LCAweEMyLCAweDM0LAog ICAgICAgICAweEM0LCAweEM2LCAweDYyLCAweDhCLCAweDgwLCAweERDLCAweDFDLCAweEQxLApA QCAtMjEwLDIwICsyNDYsMjQgQEAKICAgICAgICAgMHg0QiwgMHg4MiwgMHhEMSwgMHgyMCwgMHhB OSwgMHgzQSwgMHhEMiwgMHhDQSwKICAgICAgICAgMHhGRiwgMHhGRiwgMHhGRiwgMHhGRiwgMHhG RiwgMHhGRiwgMHhGRiwgMHhGRiwKICAgICB9OwotICAgIHJldHVybiBCTl9iaW4yYm4oUkZDMzUy Nl9QUklNRV8zMDcyLCBzaXplb2YoUkZDMzUyNl9QUklNRV8zMDcyKSwgYm4pOworc3RhdGljIGNv bnN0IHVuc2lnbmVkIGNoYXIgZGgzMDcyX2dbXSA9IHsKKyAgICAweDAyLAorfTsKW10KLS8qLQor LyoKICAqICI0MDk2LWJpdCBNT0RQIEdyb3VwIiBmcm9tIFJGQzM1MjYsIFNlY3Rpb24gNS4KICAq CiAgKiBUaGUgcHJpbWUgaXM6IDJeNDA5NiAtIDJeNDAzMiAtIDEgKyAyXjY0ICogeyBbMl4zOTY2 IHBpXSArIDI0MDkwNCB9CiAgKgogICogUkZDMzUyNiBzcGVjaWZpZXMgYSBnZW5lcmF0b3Igb2Yg Mi4KICAqLwotCi1CSUdOVU0gKmdldF9yZmMzNTI2X3ByaW1lXzQwOTYoQklHTlVNICpibikKLXsK LSAgICBzdGF0aWMgY29uc3QgdW5zaWduZWQgY2hhciBSRkMzNTI2X1BSSU1FXzQwOTZbXSA9IHsK K3N0YXRpYyBjb25zdCB1bnNpZ25lZCBjaGFyIGRoNDA5Nl9wW10gPSB7CiAgICAgICAgIDB4RkYs IDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsCiAgICAgICAgIDB4Qzks IDB4MEYsIDB4REEsIDB4QTIsIDB4MjEsIDB4NjgsIDB4QzIsIDB4MzQsCiAgICAgICAgIDB4QzQs IDB4QzYsIDB4NjIsIDB4OEIsIDB4ODAsIDB4REMsIDB4MUMsIDB4RDEsCkBAIC0yODksMjAgKzMy OSwyNCBAQAogICAgICAgICAweDRELCAweEY0LCAweDM1LCAweEM5LCAweDM0LCAweDA2LCAweDMx LCAweDk5LAogICAgICAgICAweEZGLCAweEZGLCAweEZGLCAweEZGLCAweEZGLCAweEZGLCAweEZG LCAweEZGLAogICAgIH07Ci0gICAgcmV0dXJuIEJOX2JpbjJibihSRkMzNTI2X1BSSU1FXzQwOTYs IHNpemVvZihSRkMzNTI2X1BSSU1FXzQwOTYpLCBibik7CitzdGF0aWMgY29uc3QgdW5zaWduZWQg Y2hhciBkaDQwOTZfZ1tdID0geworICAgIDB4MDIsCit9OwpbXQotLyotCisvKgogICogIjYxNDQt Yml0IE1PRFAgR3JvdXAiIGZyb20gUkZDMzUyNiwgU2VjdGlvbiA2LgogICoKICAqIFRoZSBwcmlt ZSBpczogMl42MTQ0IC0gMl42MDgwIC0gMSArIDJeNjQgKiB7IFsyXjYwMTQgcGldICsgOTI5NDg0 IH0KICAqCiAgKiBSRkMzNTI2IHNwZWNpZmllcyBhIGdlbmVyYXRvciBvZiAyLgogICovCi0KLUJJ R05VTSAqZ2V0X3JmYzM1MjZfcHJpbWVfNjE0NChCSUdOVU0gKmJuKQotewotICAgIHN0YXRpYyBj b25zdCB1bnNpZ25lZCBjaGFyIFJGQzM1MjZfUFJJTUVfNjE0NFtdID0geworc3RhdGljIGNvbnN0 IHVuc2lnbmVkIGNoYXIgZGg2MTQ0X3BbXSA9IHsKICAgICAgICAgMHhGRiwgMHhGRiwgMHhGRiwg MHhGRiwgMHhGRiwgMHhGRiwgMHhGRiwgMHhGRiwKICAgICAgICAgMHhDOSwgMHgwRiwgMHhEQSwg MHhBMiwgMHgyMSwgMHg2OCwgMHhDMiwgMHgzNCwKICAgICAgICAgMHhDNCwgMHhDNiwgMHg2Miwg MHg4QiwgMHg4MCwgMHhEQywgMHgxQywgMHhEMSwKQEAgLTQwMCwyMCArNDQ0LDI0IEBACiAgICAg ICAgIDB4RTYsIDB4OTQsIDB4RjksIDB4MUUsIDB4NkQsIDB4Q0MsIDB4NDAsIDB4MjQsCiAgICAg ICAgIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsCiAgICAg fTsKLSAgICByZXR1cm4gQk5fYmluMmJuKFJGQzM1MjZfUFJJTUVfNjE0NCwgc2l6ZW9mKFJGQzM1 MjZfUFJJTUVfNjE0NCksIGJuKTsKK3N0YXRpYyBjb25zdCB1bnNpZ25lZCBjaGFyIGRoNjE0NF9n W10gPSB7CisgICAgMHgwMiwKK307CltdCi0vKi0KKy8qCiAgKiAiODE5Mi1iaXQgTU9EUCBHcm91 cCIgZnJvbSBSRkMzNTI2LCBTZWN0aW9uIDcuCiAgKgogICogVGhlIHByaW1lIGlzOiAyXjgxOTIg LSAyXjgxMjggLSAxICsgMl42NCAqIHsgWzJeODA2MiBwaV0gKyA0NzQzMTU4IH0KICAqCiAgKiBS RkMzNTI2IHNwZWNpZmllcyBhIGdlbmVyYXRvciBvZiAyLgogICovCi0KLUJJR05VTSAqZ2V0X3Jm YzM1MjZfcHJpbWVfODE5MihCSUdOVU0gKmJuKQotewotICAgIHN0YXRpYyBjb25zdCB1bnNpZ25l ZCBjaGFyIFJGQzM1MjZfUFJJTUVfODE5MltdID0geworc3RhdGljIGNvbnN0IHVuc2lnbmVkIGNo YXIgZGg4MTkyX3BbXSA9IHsKICAgICAgICAgMHhGRiwgMHhGRiwgMHhGRiwgMHhGRiwgMHhGRiwg MHhGRiwgMHhGRiwgMHhGRiwKICAgICAgICAgMHhDOSwgMHgwRiwgMHhEQSwgMHhBMiwgMHgyMSwg MHg2OCwgMHhDMiwgMHgzNCwKICAgICAgICAgMHhDNCwgMHhDNiwgMHg2MiwgMHg4QiwgMHg4MCwg MHhEQywgMHgxQywgMHhEMSwKQEAgLTU0Myw1ICs1OTEsMTk2IEBACiAgICAgICAgIDB4NjAsIDB4 QzksIDB4ODAsIDB4REQsIDB4OTgsIDB4RUQsIDB4RDMsIDB4REYsCiAgICAgICAgIDB4RkYsIDB4 RkYsIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsIDB4RkYsCiAgICAgfTsKLSAgICByZXR1 cm4gQk5fYmluMmJuKFJGQzM1MjZfUFJJTUVfODE5Miwgc2l6ZW9mKFJGQzM1MjZfUFJJTUVfODE5 MiksIGJuKTsKK3N0YXRpYyBjb25zdCB1bnNpZ25lZCBjaGFyIGRoODE5Ml9nW10gPSB7CisgICAg MHgwMiwKK307CltdCgo= --089e014954e04965d90515597db2--