You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Dr Stephen Henson <sh...@opensslfoundation.com> on 2014/01/03 23:51:24 UTC
Re: Deprecating (and eventually removing) encrypted private key support
in mod_ssl?
On 28/12/2013 13:34, Kaspar Brand wrote:
> On 18.11.2013 18:42, Kaspar Brand wrote:
>> On 18.11.2013 15:38, Dr Stephen Henson wrote:
>>> For OpenSSL 1.0.2 this limitation is removed and you can have different chains
>>> for each certificate type (and for SSL structures too) and it just uses the
>>> right one. This uses the function SSL_CTX_add1_chain_cert which adds a
>>> certificate to the chain for the current certificate.
>>>
>>> I *could* change SSL_CTX_use_certificate_chain_file to use
>>> SSL_CTX_add1_chain_cert instead of SSL_CTX_add_extra_chain_cert or perhaps have
>>> a different function. I'm always cautious about changing the behaviour of
>>> existing functions though as the most innocent change will usually break
>>> *something*, though I can't see how it can in this case.
>>
>> I would be in favor this change for 1.0.2 - to me that would be more
>> like a "fix" of SSL_CTX_use_certificate_chain_file than a change in
>> behavior, actually.
>
> FYI: in r1553824 (which I just committed to trunk), I'm now manually
> shuffling things around to support per-cert chains - but would happily
> drop the "#if defined(SSL_CTX_set1_chain)"-enclosed code if you decide
> to adapt SSL_CTX_use_certificate_chain_file in 1.0.2.
>
Now done for OpenSSL master and 1.0.2 branches.
Steve.
--
Dr Stephen Henson. OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
+1 877-673-6775
shenson@opensslfoundation.com
Re: Deprecating (and eventually removing) encrypted private key support
in mod_ssl?
Posted by Kaspar Brand <ht...@velox.ch>.
On 05.01.2014 15:09, Dr Stephen Henson wrote:
> One the subject of 1.0.2 would it be appropriate to set auto ecdh parameter
> selection as the default in mod_ssl where supported? As things stand one single
> curve can be set (with default P-256) and it's an all or nothing choice, with
> auto parameter selection the highest priority curve supported by both sides is used.
For ephemeral keys, you mean? So something like the below in ssl_init_server_certs?
I think that would make sense if the admin did not explicitly configure a single
curve (together with the "Curves" SSL_CONF command, this should allow "to configure
a list of curve names [...] (from which OpenSSL would then pick the first which
intersects with the elliptic_curves extension from the ClientHello)", as mentioned
in [1], right?).
Kaspar
[1] https://mail-archives.apache.org/mod_mbox/httpd-dev/201309.mbox/%3C52369430.3050807@velox.ch%3E
--- modules/ssl/ssl_engine_init.c (revision 1555662)
+++ modules/ssl/ssl_engine_init.c (working copy)
@@ -1020,11 +1020,16 @@ static apr_status_t ssl_init_server_certs(server_r
OBJ_nid2sn(nid), vhost_id, certfile);
}
/*
- * ...otherwise, configure NIST P-256 (required to enable ECDHE)
+ * ...otherwise, enable auto curve selection (OpenSSL 1.0.2 and later)
+ * or configure NIST P-256 (required to enable ECDHE for earlier versions)
*/
else {
+#if defined(SSL_CTX_set_ecdh_auto)
+ SSL_CTX_set_ecdh_auto(mctx->ssl_ctx, 1);
+#else
SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx,
EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+#endif
}
#endif
Re: Deprecating (and eventually removing) encrypted private key support
in mod_ssl?
Posted by Dr Stephen Henson <sh...@opensslfoundation.com>.
On 05/01/2014 09:00, Kaspar Brand wrote:
> On 03.01.2014 23:51, Dr Stephen Henson wrote:
>> On 28/12/2013 13:34, Kaspar Brand wrote:
>>> FYI: in r1553824 (which I just committed to trunk), I'm now manually
>>> shuffling things around to support per-cert chains - but would happily
>>> drop the "#if defined(SSL_CTX_set1_chain)"-enclosed code if you decide
>>> to adapt SSL_CTX_use_certificate_chain_file in 1.0.2.
>>>
>>
>> Now done for OpenSSL master and 1.0.2 branches.
>
> Thanks, I have removed the code in r1555463 therefore. Assuming that the
> release of 1.0.2 isn't too far away by now, I have added a backport
> proposal for 2.4.x. Votes/reviews welcome. (And while I have your
> attention: could you perhaps have a look at OpenSSL's PRs #3178 and
> #3183? Both would help in improving SNI-based configurations.)
>
OK I'll have a look at those.
One the subject of 1.0.2 would it be appropriate to set auto ecdh parameter
selection as the default in mod_ssl where supported? As things stand one single
curve can be set (with default P-256) and it's an all or nothing choice, with
auto parameter selection the highest priority curve supported by both sides is used.
Steve.
--
Dr Stephen Henson. OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
+1 877-673-6775
shenson@opensslfoundation.com
Re: Deprecating (and eventually removing) encrypted private key support
in mod_ssl?
Posted by Kaspar Brand <ht...@velox.ch>.
On 03.01.2014 23:51, Dr Stephen Henson wrote:
> On 28/12/2013 13:34, Kaspar Brand wrote:
>> FYI: in r1553824 (which I just committed to trunk), I'm now manually
>> shuffling things around to support per-cert chains - but would happily
>> drop the "#if defined(SSL_CTX_set1_chain)"-enclosed code if you decide
>> to adapt SSL_CTX_use_certificate_chain_file in 1.0.2.
>>
>
> Now done for OpenSSL master and 1.0.2 branches.
Thanks, I have removed the code in r1555463 therefore. Assuming that the
release of 1.0.2 isn't too far away by now, I have added a backport
proposal for 2.4.x. Votes/reviews welcome. (And while I have your
attention: could you perhaps have a look at OpenSSL's PRs #3178 and
#3183? Both would help in improving SNI-based configurations.)
Kaspar