Commit Graph

135 Commits

Author SHA1 Message Date
Glenn Strauss 4d5405f0a1 [mod_openssl] update LIBRESSL_VERSION_NUMBER check 2021-01-16 15:58:25 -05:00
Glenn Strauss 14f8f9b21c [mod_openssl] set Ciphersuites once API available
set Ciphersuites once API is available (SSL_CTX_set_ciphersuites())
in LibreSSL.

  "Add support for TLS 1.3"
2021-01-11 14:37:00 -05:00
Glenn Strauss cb24e1c70b [multiple] fix: honor CipherString for alt TLS lib
fix typo: honor user-defined CipherString for alternative TLS libraries
(LibreSSL, BoringSSL, wolfSSL)
2021-01-11 14:36:41 -05:00
Glenn Strauss 3adbb3e3fa [mod_openssl] update LIBRESSL_VERSION_NUMBER check 2021-01-11 12:40:41 -05:00
Glenn Strauss bdb58c245a [mod_openssl] extend ssl.openssl.ssl-conf-cmd
extend ssl.openssl.ssl-conf-cmd to accept "SecurityLevel"
(lighttpd extension) and use the (string) value to call the
openssl-specific SSL_CTX_set_security_level()
2021-01-05 15:03:22 -05:00
Glenn Strauss 1212f60991 buffer_append_path_len() to join paths
use buffer_append_path_len() to join path segments
2020-12-24 16:13:20 -05:00
Glenn Strauss a0b615acd9 [core] http_date_timegm() (portable timegm())
move from mod_openssl.c
2020-12-24 16:13:20 -05:00
Glenn Strauss 76faed9145 [multiple] replace fall through comment with attr
replace /* fall through */ comment with __attribute_fallthrough__ macro

Note: not adding attribute to code with external origins:
  xxhash.h (algo_xxhash.h)
so to avoid warnings, may need to compile with -Wno-implicit-fallthrough
2020-12-16 05:16:25 -05:00
Glenn Strauss aa3cabae3b [mod_openssl] remove ancient preprocessor logic
remove ancient preprocessor logic which might define OPENSSL_NO_TLSEXT

The logic was added to base.h in
some 13 years ago, and today might cause more harm than good with other
TLS libraries which provide some level of openssl-compatiblity layer,
e.g. BoringSSL and LibreSSL

If building with an ancient version of openssl and building without
support for TLS extensions, then be sure that OPENSSL_NO_TLSEXT is
defined.  (Alternatively, please consider using modern versions of
security libraries for better security.)
2020-12-06 02:08:06 -05:00
Glenn Strauss 2a3fac7653 [mod_openssl] adjust LIBRESSL_VERSION_NUMBER check
libressl >= 0x3000000fL has SSL_set1_chain(), but not some other APIs
2020-11-05 01:17:30 -05:00
Glenn Strauss 57f450f199 [mod_openssl] add LIBRESSL_VERSION_NUMBER checks
add some additional LIBRESSL_VERSION_NUMBER checks for feature support
2020-11-04 22:47:36 -05:00
Glenn Strauss 8187e98897 [multiple] include wolfssl/options.h after select
include wolfssl/options.h crypto lib config
after selecting crypto lib to use

wolfSSL does not prefix its defines with a wolfSSL-specific namespace
(so we would like to avoid unnecessarily polluting preproc namespace)

This commit further isolates wolfSSL after split from mod_openssl.
Cleans up some preprocessor logic that was put in place when using
the wolfSSL compatibility layer for openssl, before creating a
dedicated mod_wolfssl.
2020-10-29 16:42:55 -04:00
Glenn Strauss 31fc3a0773 [TLS] server.feature-flags "ssl.session-cache"
disabled by default, but can be enabled
(session tickets should be preferred)

applies to mod_openssl, mod_wolfssl, mod_nss

session cache is not currently implemented in mod_mbedtls or mod_gnutls
2020-10-29 01:05:55 -04:00
Glenn Strauss 949662d27e [multiple] add some missing config cleanup
(thx stbuehler)
2020-10-24 16:08:21 -04:00
Glenn Strauss 3d8dcbdd43 [mod_openssl] use newer openssl 3.0.0 func
replace X509_STORE_load_locations() with X509_STORE_load_file()
2020-10-19 21:40:14 -04:00
Glenn Strauss d865d8c330 [TLS] ignore empty "CipherString" in ssl-conf-cmd
e.g. ssl.openssl.ssl-conf-cmd = ("CipherString" => "")
2020-10-19 21:40:14 -04:00
Glenn Strauss e6a87a894d [mod_openssl] merge ssl_tlsext_ticket_key_cb impls 2020-10-19 21:40:14 -04:00
Glenn Strauss cc6a76be12 [mod_openssl] construct OSSL_PARAM on stack 2020-10-19 21:40:14 -04:00
Glenn Strauss ebafd914e7 [mod_openssl] migrate ticket cb to openssl 3.0.0
migrate ticket cb to openssl 3.0.0 interface
2020-10-19 21:40:14 -04:00
Glenn Strauss e1bcdb5e9f [multiple] ignore openssl 3.0.0 deprecation warns
quiet openssl 3.0.0 deprecation warnings for
low-level digest algorithm interfaces

future: migrate to openssl interfaces:
  EVP_DigestInit_ex(3), EVP_DigestUpdate(3), and EVP_DigestFinal_ex(3)

2020-10-19 21:40:14 -04:00
Glenn Strauss 874707cd66 [TLS] use fdevent_load_file_bytes() for STEK file
remove direct dependency on <unistd.h> from lighttpd TLS modules
2020-10-11 12:19:27 -04:00
Glenn Strauss 16a70b9253 [multiple] TLS modules use chunkqueue_peek_data() 2020-10-11 12:19:27 -04:00
Glenn Strauss a330746f06 [TLS] error if inherit empty TLS cfg from globals
error if $SERVER["socket"] inherits empty TLS config from global scope
and ssl.engine = "enable" in the $SERVER["socket"]
2020-10-11 12:19:26 -04:00
Glenn Strauss c3a85c9bf5 [mod_wolfssl] standalone module
standalone module forked from mod_openssl
2020-10-11 12:19:26 -04:00
Glenn Strauss f52a10545a [mod_openssl] clarify trace w/ deprecated options 2020-10-11 12:19:26 -04:00
Glenn Strauss bbcc2f229a [multiple] allow TLS ALPN "h2" if "server.h2proto" 2020-10-03 09:05:38 -04:00
Glenn Strauss dbd438cca0 [mod_openssl] read secret data w/ BIO_new_mem_buf
Using BIO_new_mem_buf() allows lighttpd to control file reads and
securely wiping memory, avoiding the use of BIO_s_file(), which
employs stdio and BIO internal copying without securely wiping memory.

BIO_new_mem_buf() is also much more performant than BIO_s_file()
or BIO_new_fd() without a buffering BIO, which might make many
syscalls reading a single character at a time.

BIO_new_mem_buf() appears to be supported by older OpenSSL versions
as well as by numerous OpenSSL-compatible APIs, e.g. in BoringSSL,
LibreSSL, WolfSSL
2020-08-02 07:47:42 -04:00
Glenn Strauss 33c8cf41db [multiple] rename connection_reset hook to request
rename connection_reset to handle_request_reset
2020-08-02 07:47:41 -04:00
Glenn Strauss 164f7600b7 [multiple] con hooks store ctx in con->plugin_ctx
modules with connection level hooks now store ctx in con->plugin_ctx
2020-08-02 07:47:41 -04:00
Glenn Strauss c3dd167dd9 [mod_openssl] fix build warnings on MacOS X
need undef OPENSSL_NO_STDIO for a few funcs which access filesystem
2020-07-13 17:39:30 -04:00
Glenn Strauss 3057b63ea2 [multiple] address coverity warnings 2020-07-10 22:18:26 -04:00
Glenn Strauss 2781a3be6d [multiple] address coverity warnings 2020-07-10 21:34:28 -04:00
Glenn Strauss 28f1867c11 quiet clang analyzer scan-build warnings
(expansion of buffer_string_lenth() inline function and CONST_BUF_LEN()
 macro, which always check for NULL, appears to cause the analyzer to
 believe that a pointer might be NULL in cases where it otherwise can
 not be NULL)

2020-07-08 22:51:32 -04:00
Glenn Strauss 98a224a4a2 [mod_openssl] prefer some WolfSSL native APIs
Prefer some WolfSSL native APIs when building with WolfSSL.

However, some functionality in WolfSSL is available only through the
WolfSSL compatibility layer for OpenSSL, so the effort to create a
native mod_wolfssl halted here.
2020-07-08 22:51:32 -04:00
Glenn Strauss 0ad57da55b [mod_openssl,mbedtls,gnutls,nss] fdevent_load_file
employ fdevent_load_file() to load CRL, X509 cert, and private key files
into memory
2020-07-08 22:51:32 -04:00
Glenn Strauss 8a1ddce0c2 [mod_openssl] default to set MinProtocol TLSv1.2
(behavior change)

TLSv1.0 and TLSv1.1 are deprecated and no longer supported by major

MinProtocol is configurable, if required:
e.g. ssl.openssl.ssl-conf-cmd = ("MinProtocol" => "TLSv1.1")

2020-07-08 22:51:32 -04:00
Glenn Strauss f56c8e58e4 [mod_openssl] detect certs marked OCSP Must-Staple 2020-07-08 22:51:32 -04:00
Glenn Strauss 5bbf0d34ca [mod_openssl] compat with BoringSSL 2020-07-08 22:51:31 -04:00
Glenn Strauss b2b6257c7a [mod_openssl] OCSP stapling (fixes #2469)
Define ssl.stapling-file in lighttpd.conf in same scope as ssl.pemfile

  "OCSP Stapling"
2020-07-08 22:51:31 -04:00
Glenn Strauss 60ddaf26c4 [mod_openssl] basic SSL_CONF_cmd for alt TLS libs
provide *basic* (limited) parsing of ssl.openssl.ssl-conf-cmd
for BoringSSL, LibreSSL, WolfSSL
2020-07-08 22:51:31 -04:00
Glenn Strauss 1ba36fda93 [mod_openssl] move SSL_CTX curve conf to new func 2020-07-08 22:51:31 -04:00
Glenn Strauss 3fbedbced2 [mod_openssl] set SSL_OP_PRIORITIZE_CHACHA
set SSL_OP_PRIORITIZE_CHACHA, if available, when
  ssl.honor-cipher-order = "enable"
2020-07-08 22:51:31 -04:00
Glenn Strauss 7d9052c059 [mod_openssl] compat with WolfSSL 2020-07-08 22:51:31 -04:00
Glenn Strauss b4036938de [mod_openssl] compat with LibreSSL 2020-07-08 22:51:31 -04:00
Glenn Strauss c93ecb32a5 [mod_openssl] disable session cache; prefer ticket
reduce memory usage and overhead

many TLSv1.2 implementations support TLSv1.2 session ticket extension
2020-07-08 22:51:31 -04:00
Glenn Strauss 32a2145f67 [mod_openssl] ssl.stek-file to specify encrypt key
ssl.stek-file to specify session ticket encryption key (STEK)
If ssl.stek-file is specified, it overrides builtin STEK rotation.
STEK file is checked for changes (stat()) once every 64 seconds.

STEK file should be stored in non-persistent storage,
  e.g. /dev/shm/lighttpd/stek-file  (in memory)
with appropriate permissions set to keep stek-file from being
read by other users.  Where possible, systems should also be
configured without swap.

Admin should schedule an independent job to periodically
generate a new STEK up to 3 times during key lifetime
(lighttpd stores up to 3 keys)

format of binary file is:
   4-byte - format version (always 0; for use if format changes)
   4-byte - activation timestamp
   4-byte - expiration timestamp
  16-byte - session ticket key name
  32-byte - session ticket HMAC encrpytion key
  32-byte - session ticket AES encrpytion key

STEK file can be created with a command such as:
  dd if=/dev/random bs=1 count=80 status=none | \
    perl -e 'print pack("iii",0,time()+300,time()+86400),<>' \
    > STEK-file.$$ && mv STEK-file.$$ STEK-file

The above delays activation time by 5 mins (+300 sec) to allow file to
be propagated to other machines.  (admin must handle this independently)
If STEK generation is performed immediately prior to starting lighttpd,
admin should activate keys immediately (without +300).
2020-07-08 22:51:31 -04:00
Glenn Strauss 953fa4ba4d [mod_openssl] rotate session ticket encryption key
server ticket encryption key (STEK) rotation occurs every 28800 seconds
(8 hours) and upon lighttpd server restart.  While lighttpd is running,
(3) encryption keys are preserved, so tickets expire after 1 day.

If using lighttpd with multiple lighttpd workers, then restarting
lighttpd keeps the STEK in sync between lighttpd workers, though
restarting lighttpd three times a day might not be palatable.
Work is in progress to allow admin to supply new encryption keys.
2020-07-08 22:51:31 -04:00
Glenn Strauss 10c65e88f7 [mod_openssl] update default DH params
update default DH params to use RFC 7919 FFDHE2048 2048-bit group
if ssl.dh-file is not specified
2020-07-08 22:51:31 -04:00
Glenn Strauss 27dbac34a8 [mod_openssl] use openssl feature define for ALPN
use #ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
rather than checking OPENSSL_VERSION_NUMBER >= 0x10002000 (1.0.2)
2020-07-08 22:51:31 -04:00
Glenn Strauss bdb3040f14 [mod_openssl] use SSL_OP_NO_RENEGOTIATION if avail
use [mod_openssl] SSL_OP_NO_RENEGOTIATION if available
(openssl 1.1.0 and later)
2020-07-08 22:51:31 -04:00