Commit 2386a116 authored by Howard Chu's avatar Howard Chu
Browse files

ITS#9054 Add support for multiple EECDH curves

Requires OpenSSL 1.0.2 or newer
parent 092d0a89
Pipeline #729 passed with stage
in 34 minutes and 17 seconds
...@@ -740,7 +740,7 @@ and its contents need to be freed by the caller using ...@@ -740,7 +740,7 @@ and its contents need to be freed by the caller using
.BR ldap_memfree (3). .BR ldap_memfree (3).
.TP .TP
.B LDAP_OPT_X_TLS_ECNAME .B LDAP_OPT_X_TLS_ECNAME
Gets/sets the name of the curve used for Gets/sets the name of the curve(s) used for
elliptic curve key exchanges. elliptic curve key exchanges.
.BR invalue .BR invalue
must be must be
......
...@@ -327,6 +327,12 @@ is always used before ...@@ -327,6 +327,12 @@ is always used before
Specifies the file that contains the client certificate. Specifies the file that contains the client certificate.
.B This is a user-only option. .B This is a user-only option.
.TP .TP
.B TLS_ECNAME <name>
Specify the name of the curve(s) to use for Elliptic curve Diffie-Hellman
ephemeral key exchange. This option is only used for OpenSSL.
This option is not used with GnuTLS; the curves may be
chosen in the GnuTLS ciphersuite specification.
.TP
.B TLS_KEY <filename> .B TLS_KEY <filename>
Specifies the file that contains the private key that matches the certificate Specifies the file that contains the private key that matches the certificate
stored in the stored in the
......
...@@ -908,9 +908,9 @@ You should append "!ADH" to your cipher suites to ensure that these suites ...@@ -908,9 +908,9 @@ You should append "!ADH" to your cipher suites to ensure that these suites
are not used. are not used.
.TP .TP
.B olcTLSECName: <name> .B olcTLSECName: <name>
Specify the name of a curve to use for Elliptic curve Diffie-Hellman Specify the name of the curve(s) to use for Elliptic curve Diffie-Hellman
ephemeral key exchange. This is required to enable ECDHE algorithms in ephemeral key exchange. This option is only used for OpenSSL.
OpenSSL. This option is not used with GnuTLS; the curves may be This option is not used with GnuTLS; the curves may be
chosen in the GnuTLS ciphersuite specification. chosen in the GnuTLS ciphersuite specification.
.TP .TP
.B olcTLSProtocolMin: <major>[.<minor>] .B olcTLSProtocolMin: <major>[.<minor>]
......
...@@ -1139,9 +1139,9 @@ You should append "!ADH" to your cipher suites to ensure that these suites ...@@ -1139,9 +1139,9 @@ You should append "!ADH" to your cipher suites to ensure that these suites
are not used. are not used.
.TP .TP
.B TLSECName <name> .B TLSECName <name>
Specify the name of a curve to use for Elliptic curve Diffie-Hellman Specify the name of the curve(s) to use for Elliptic curve Diffie-Hellman
ephemeral key exchange. This is required to enable ECDHE algorithms in ephemeral key exchange. This option is only used for OpenSSL.
OpenSSL. This option is not used with GnuTLS; the curves may be This option is not used with GnuTLS; the curves may be
chosen in the GnuTLS ciphersuite specification. chosen in the GnuTLS ciphersuite specification.
.TP .TP
.B TLSProtocolMin <major>[.<minor>] .B TLSProtocolMin <major>[.<minor>]
......
...@@ -123,6 +123,7 @@ static const struct ol_attribute { ...@@ -123,6 +123,7 @@ static const struct ol_attribute {
{0, ATTR_TLS, "TLS_CIPHER_SUITE", NULL, LDAP_OPT_X_TLS_CIPHER_SUITE}, {0, ATTR_TLS, "TLS_CIPHER_SUITE", NULL, LDAP_OPT_X_TLS_CIPHER_SUITE},
{0, ATTR_TLS, "TLS_PROTOCOL_MIN", NULL, LDAP_OPT_X_TLS_PROTOCOL_MIN}, {0, ATTR_TLS, "TLS_PROTOCOL_MIN", NULL, LDAP_OPT_X_TLS_PROTOCOL_MIN},
{0, ATTR_TLS, "TLS_PEERKEY_HASH", NULL, LDAP_OPT_X_TLS_PEERKEY_HASH}, {0, ATTR_TLS, "TLS_PEERKEY_HASH", NULL, LDAP_OPT_X_TLS_PEERKEY_HASH},
{0, ATTR_TLS, "TLS_ECNAME", NULL, LDAP_OPT_X_TLS_ECNAME},
#ifdef HAVE_OPENSSL_CRL #ifdef HAVE_OPENSSL_CRL
{0, ATTR_TLS, "TLS_CRLCHECK", NULL, LDAP_OPT_X_TLS_CRLCHECK}, {0, ATTR_TLS, "TLS_CRLCHECK", NULL, LDAP_OPT_X_TLS_CRLCHECK},
......
...@@ -342,7 +342,7 @@ ldap_int_tls_connect( LDAP *ld, LDAPConn *conn, const char *host ) ...@@ -342,7 +342,7 @@ ldap_int_tls_connect( LDAP *ld, LDAPConn *conn, const char *host )
Sockbuf *sb = conn->lconn_sb; Sockbuf *sb = conn->lconn_sb;
int err; int err;
tls_session *ssl = NULL; tls_session *ssl = NULL;
char *sni = host; char *sni = (char *)host;
if ( HAS_TLS( sb )) { if ( HAS_TLS( sb )) {
ber_sockbuf_ctrl( sb, LBER_SB_OPT_GET_SSL, (void *)&ssl ); ber_sockbuf_ctrl( sb, LBER_SB_OPT_GET_SSL, (void *)&ssl );
...@@ -580,6 +580,7 @@ ldap_pvt_tls_config( LDAP *ld, int option, const char *arg ) ...@@ -580,6 +580,7 @@ ldap_pvt_tls_config( LDAP *ld, int option, const char *arg )
case LDAP_OPT_X_TLS_CIPHER_SUITE: case LDAP_OPT_X_TLS_CIPHER_SUITE:
case LDAP_OPT_X_TLS_DHFILE: case LDAP_OPT_X_TLS_DHFILE:
case LDAP_OPT_X_TLS_PEERKEY_HASH: case LDAP_OPT_X_TLS_PEERKEY_HASH:
case LDAP_OPT_X_TLS_ECNAME:
case LDAP_OPT_X_TLS_CRLFILE: /* GnuTLS only */ case LDAP_OPT_X_TLS_CRLFILE: /* GnuTLS only */
return ldap_pvt_tls_set_option( ld, option, (void *) arg ); return ldap_pvt_tls_set_option( ld, option, (void *) arg );
......
...@@ -453,34 +453,30 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server ) ...@@ -453,34 +453,30 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
DH_free( dh ); DH_free( dh );
} }
if ( is_server && lo->ldo_tls_ecname ) { if ( lo->ldo_tls_ecname ) {
#ifdef OPENSSL_NO_EC #ifdef OPENSSL_NO_EC
Debug0( LDAP_DEBUG_ANY, Debug0( LDAP_DEBUG_ANY,
"TLS: Elliptic Curves not supported.\n" ); "TLS: Elliptic Curves not supported.\n" );
return -1; return -1;
#else #else
EC_KEY *ecdh; if ( SSL_CTX_set1_curves_list( ctx, lt->lt_ecname )) {
int nid = OBJ_sn2nid( lt->lt_ecname );
if ( nid == NID_undef ) {
Debug1( LDAP_DEBUG_ANY, Debug1( LDAP_DEBUG_ANY,
"TLS: could not use EC name `%s'.\n", "TLS: could not set EC name `%s'.\n",
lo->ldo_tls_ecname ); lo->ldo_tls_ecname );
tlso_report_error(); tlso_report_error();
return -1; return -1;
} }
ecdh = EC_KEY_new_by_curve_name( nid ); /*
if ( ecdh == NULL ) { * This is a NOP in OpenSSL 1.1.0 and later, where curves are always
Debug1( LDAP_DEBUG_ANY, * auto-negotiated.
"TLS: could not generate key for EC name `%s'.\n", */
lo->ldo_tls_ecname ); #if OPENSSL_VERSION_NUMBER < 0x10100000UL
tlso_report_error(); if ( SSL_CTX_set_ecdh_auto( ctx, 1 ) <= 0 ) {
return -1; Debug0( LDAP_DEBUG_ANY,
"TLS: could not enable automatic EC negotiation.\n" );
} }
SSL_CTX_set_tmp_ecdh( ctx, ecdh );
SSL_CTX_set_options( ctx, SSL_OP_SINGLE_ECDH_USE );
EC_KEY_free( ecdh );
#endif #endif
#endif /* OPENSSL_NO_EC */
} }
if ( tlso_opt_trace ) { if ( tlso_opt_trace ) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment