You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2012/04/03 14:37:57 UTC

svn commit: r1308862 - in /httpd/httpd/branches/2.4.x: CHANGES STATUS modules/ssl/ssl_engine_init.c modules/ssl/ssl_engine_kernel.c modules/ssl/ssl_private.h

Author: jim
Date: Tue Apr  3 12:37:57 2012
New Revision: 1308862

URL: http://svn.apache.org/viewvc?rev=1308862&view=rev
Log:
Merge r1294306 from trunk:

Initialize EC temporary key on server startup, as for DH and
RSA. This fixes a race condition that could lead to a crash with threaded
MPMs.

Submitted by: sf
Reviewed/backported by: jim

Modified:
    httpd/httpd/branches/2.4.x/CHANGES
    httpd/httpd/branches/2.4.x/STATUS
    httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_init.c
    httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_kernel.c
    httpd/httpd/branches/2.4.x/modules/ssl/ssl_private.h

Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1308862&r1=1308861&r2=1308862&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Tue Apr  3 12:37:57 2012
@@ -6,6 +6,9 @@ Changes with Apache 2.4.2
      envvars: Fix insecure handling of LD_LIBRARY_PATH that could lead to the
      current working directory to be searched for DSOs. [Stefan Fritsch]
 
+  *) mod_ssl: Fix crash with threaded MPMs due to race condition when
+     initializing EC temporary keys. [Stefan Fritsch]
+
   *) mod_proxy: Add the forcerecovery balancer parameter that determines if
      recovery for balancer workers is enforced. [Ruediger Pluem]
 

Modified: httpd/httpd/branches/2.4.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1308862&r1=1308861&r2=1308862&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/STATUS (original)
+++ httpd/httpd/branches/2.4.x/STATUS Tue Apr  3 12:37:57 2012
@@ -88,17 +88,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-  * mod_ssl: Initialize EC temporary key on server startup, fixing a crash
-    with threaded MPMs.
-    Trunk patch: http://svn.apache.org/viewvc?rev=1294306&view=rev
-    2.4.x patch: Trunk patch works, skip docs/log-message-tags/next-number,
-                 add CHANGES:
-        mod_ssl: Fix crash with threaded MPMs due to race condition when
-        initializing EC temporary keys. [Stefan Fritsch]
-    NOTE: If you get strange openssl errors during server start, you may have
-          forgotten "make clean" before building.
-    +1: sf, minfrin, jim
-
   * core: Fix regexp substitution bug
     Trunk patch: http://svn.apache.org/viewvc?rev=1307067&view=rev
     2.4.x patch: Trunk patch works, add CHANGES:

Modified: httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_init.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_init.c?rev=1308862&r1=1308861&r2=1308862&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_init.c (original)
+++ httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_init.c Tue Apr  3 12:37:57 2012
@@ -77,6 +77,9 @@ static void ssl_tmp_keys_free(server_rec
 
     MODSSL_TMP_KEYS_FREE(mc, RSA);
     MODSSL_TMP_KEYS_FREE(mc, DH);
+#ifndef OPENSSL_NO_EC
+    MODSSL_TMP_KEY_FREE(mc, EC_KEY, SSL_TMP_KEY_EC_256);
+#endif
 }
 
 static int ssl_tmp_key_init_rsa(server_rec *s,
@@ -157,6 +160,40 @@ static int ssl_tmp_key_init_dh(server_re
     return OK;
 }
 
+#ifndef OPENSSL_NO_EC
+static int ssl_tmp_key_init_ec(server_rec *s,
+                               int bits, int idx)
+{
+    SSLModConfigRec *mc = myModConfig(s);
+    EC_KEY *ecdh = NULL;
+
+    /* XXX: Are there any FIPS constraints we should enforce? */
+
+    if (bits != 256) {
+        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02298)
+                     "Init: Failed to generate temporary "
+                     "%d bit EC parameters, only 256 bits supported", bits);
+        return !OK;
+    }
+
+    if ((ecdh = EC_KEY_new()) == NULL ||
+        EC_KEY_set_group(ecdh, EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)) != 1)
+    {
+        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02299)
+                     "Init: Failed to generate temporary "
+                     "%d bit EC parameters", bits);
+        return !OK;
+    }
+
+    mc->pTmpKeys[idx] = ecdh;
+    return OK;
+}
+
+#define MODSSL_TMP_KEY_INIT_EC(s, bits) \
+    ssl_tmp_key_init_ec(s, bits, SSL_TMP_KEY_EC_##bits)
+
+#endif
+
 #define MODSSL_TMP_KEY_INIT_RSA(s, bits) \
     ssl_tmp_key_init_rsa(s, bits, SSL_TMP_KEY_RSA_##bits)
 
@@ -181,6 +218,15 @@ static int ssl_tmp_keys_init(server_rec 
         return !OK;
     }
 
+#ifndef OPENSSL_NO_EC
+    ap_log_error(APLOG_MARK, APLOG_TRACE1, 0, s,
+                 "Init: Generating temporary EC parameters (256 bits)");
+
+    if (MODSSL_TMP_KEY_INIT_EC(s, 256)) {
+        return !OK;
+    }
+#endif
+
     return OK;
 }
 

Modified: httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_kernel.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_kernel.c?rev=1308862&r1=1308861&r2=1308862&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_kernel.c (original)
+++ httpd/httpd/branches/2.4.x/modules/ssl/ssl_engine_kernel.c Tue Apr  3 12:37:57 2012
@@ -1386,24 +1386,20 @@ DH *ssl_callback_TmpDH(SSL *ssl, int exp
 EC_KEY *ssl_callback_TmpECDH(SSL *ssl, int export, int keylen)
 {
     conn_rec *c = (conn_rec *)SSL_get_app_data(ssl);
-    static EC_KEY *ecdh = NULL;
-    static int init = 0;
+    SSLModConfigRec *mc = myModConfigFromConn(c);
+    int idx;
 
     /* XXX Uses 256-bit key for now. TODO: support other sizes. */
     ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c,
                   "handing out temporary 256 bit ECC key");
 
-    if (init == 0) {
-        ecdh = EC_KEY_new();
-        if (ecdh != NULL) {
-            /* ecdh->group = EC_GROUP_new_by_nid(NID_secp160r2); */
-            EC_KEY_set_group(ecdh,
-              EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
-        }
-        init = 1;
+    switch (keylen) {
+      case 256:
+      default:
+        idx = SSL_TMP_KEY_EC_256;
     }
 
-    return ecdh;
+    return (EC_KEY *)mc->pTmpKeys[idx];
 }
 #endif
 

Modified: httpd/httpd/branches/2.4.x/modules/ssl/ssl_private.h
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/ssl/ssl_private.h?rev=1308862&r1=1308861&r2=1308862&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/ssl/ssl_private.h (original)
+++ httpd/httpd/branches/2.4.x/modules/ssl/ssl_private.h Tue Apr  3 12:37:57 2012
@@ -298,7 +298,12 @@ typedef int ssl_algo_t;
 #define SSL_TMP_KEY_RSA_1024 (1)
 #define SSL_TMP_KEY_DH_512   (2)
 #define SSL_TMP_KEY_DH_1024  (3)
+#ifndef OPENSSL_NO_EC
+#define SSL_TMP_KEY_EC_256   (4)
+#define SSL_TMP_KEY_MAX      (5)
+#else
 #define SSL_TMP_KEY_MAX      (4)
+#endif
 
 /**
  * Define the SSL options