From 9205812071bcd7bcf098efd80b82ec2bc1a62da4 Mon Sep 17 00:00:00 2001 From: Christian Heimes Date: Mon, 8 Feb 2016 15:52:25 +0100 Subject: Add server support for DHE ciphers Similar patch was provided by Vitezslav Cizek Heavily modified by Rob Crittenden https://fedorahosted.org/mod_nss/ticket/15 --- configure.ac | 9 +++++++++ docs/mod_nss.html | 40 +++++++++++++++++++++++++++++++++++++++- mod_nss.h | 3 +++ nss_engine_cipher.c | 20 +++++++++++++++++++- nss_engine_cipher.h | 2 ++ nss_engine_init.c | 15 +++++++++++++++ 6 files changed, 87 insertions(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac index ceb3f1d..17d1103 100644 --- a/configure.ac +++ b/configure.ac @@ -259,6 +259,15 @@ else echo "ENABLE_SHA384=0" >> test/variable.py fi +CPPFLAGS="$CPPFLAGS $nspr_inc" +AX_CHECK_DEFINE(nss3/ssl.h, SSL_ENABLE_SERVER_DHE, server_dhe=yes, server_dhe=no) +if test "$server_dhe" = yes; then + extra_cppflags="$extra_cppflags -DENABLE_SERVER_DHE" + echo "ENABLE_SERVER_DHE=1" >> test/variable.py +else + echo "ENABLE_SERVER_DHE=0" >> test/variable.py +fi + # Substitute values AC_SUBST(APXS) AC_SUBST(apr_inc) diff --git a/docs/mod_nss.html b/docs/mod_nss.html index 37588e8..c84f938 100644 --- a/docs/mod_nss.html +++ b/docs/mod_nss.html @@ -522,7 +522,7 @@ If it contains neither then mod_nss first tries to apply OpenSSL ciphers then NS
All ciphers are disabled by default.

-Available ciphers are:
+Available RSA ciphers are:

@@ -675,6 +675,43 @@ Available ciphers are:
+
The available server-side DHE ciphers are:
+
+ + + + + + + + + + + + +
Cipher Name
+ 		NSS Cipher definition
+ 		Protocol
+
dhe_rsa_des_sha
+ 		TLS_DHE_RSA_WITH_DES_CBC_SHA
+		SSLv3/TLSv1.0/TLSv1.1/TLSv1.2
+
dhe_rsa_3des_sha
+ 		TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ 		TLSv1.0/TLSv1.1/TLSv1.2
dhe_rsa_aes_128_sha
+ 		TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ 		TLSv1.0/TLSv1.1/TLSv1.2
dhe_rsa_aes_256_sha
+ 		TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+ 		TLSv1.0/TLSv1.1/TLSv1.2
dhe_rsa_camellia_128_sha
+		TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+ 		TLSv1.0/TLSv1.1/TLSv1.2
dhe_rsa_camellia_256_sha
+		TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+ 		TLSv1.0/TLSv1.1/TLSv1.2
dhe_rsa_aes_128_sha256
+		TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+ 		TLSv1.2
dhe_rsa_aes_256_sha256
+ 		TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+ 		TLSv1.2
dhe_rsa_aes_128_gcm_sha_256
+ 		TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+ 		TLSv1.2

Additionally there are a number of ECC ciphers:

@@ -979,6 +1016,7 @@ The default is off.
Example

NSSSessionTickets on
+
NSSUserName

diff --git a/mod_nss.h b/mod_nss.h index 06710e4..ac56ddb 100644 --- a/mod_nss.h +++ b/mod_nss.h @@ -419,6 +419,9 @@ const char *nss_cmd_NSSPassPhraseDialog(cmd_parms *cmd, void *dcfg, const char * const char *nss_cmd_NSSPassPhraseHelper(cmd_parms *cmd, void *dcfg, const char *arg); const char *nss_cmd_NSSRandomSeed(cmd_parms *, void *, const char *, const char *, const char *); const char *nss_cmd_NSSSessionTickets(cmd_parms *cmd, void *dcfg, int flag); +#ifdef ENABLE_SERVER_DHE +const char *nss_cmd_NSSServerDHE(cmd_parms *cmd, void *dcfg, int flag); +#endif const char *nss_cmd_NSSUserName(cmd_parms *cmd, void *dcfg, const char *arg); const char *nss_cmd_NSSOptions(cmd_parms *, void *, const char *); const char *nss_cmd_NSSRequireSSL(cmd_parms *cmd, void *dcfg); diff --git a/nss_engine_cipher.c b/nss_engine_cipher.c index b0b51e4..ffa537e 100644 --- a/nss_engine_cipher.c +++ b/nss_engine_cipher.c @@ -32,6 +32,9 @@ cipher_properties ciphers_def[] = /* TLS_RSA_EXPORT_WITH_DES40_CBC_SHA not implemented 0x0008 */ {"rsa_des_sha", TLS_RSA_WITH_DES_CBC_SHA, "DES-CBC-SHA", SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1, SSLV3, SSL_LOW, 56, 56}, {"rsa_3des_sha", TLS_RSA_WITH_3DES_EDE_CBC_SHA, "DES-CBC3-SHA", SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_SHA1, SSLV3, SSL_HIGH, 168, 168}, +#ifdef ENABLE_SERVER_DHE + {"dhe_rsa_des_sha", TLS_DHE_RSA_WITH_DES_CBC_SHA, "EDH-RSA-DES-CBC-SHA", SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1, SSLV3, SSL_LOW, 56, 56}, +#endif {"rsa_aes_128_sha", TLS_RSA_WITH_AES_128_CBC_SHA, "AES128-SHA", SSL_kRSA|SSL_aRSA|SSL_AES128|SSL_SHA1, TLSV1, SSL_HIGH, 128, 128}, {"rsa_aes_256_sha", TLS_RSA_WITH_AES_256_CBC_SHA, "AES256-SHA", SSL_kRSA|SSL_aRSA|SSL_AES256|SSL_SHA1, TLSV1, SSL_HIGH, 256, 256}, {"null_sha_256", TLS_RSA_WITH_NULL_SHA256, "NULL-SHA256", SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_SHA256, TLSV1_2, SSL_STRONG_NONE, 0, 0}, @@ -49,6 +52,21 @@ cipher_properties ciphers_def[] = #endif {"fips_3des_sha", SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, "FIPS-DES-CBC3-SHA", SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_SHA1, SSLV3, SSL_HIGH, 112, 168}, {"fips_des_sha", SSL_RSA_FIPS_WITH_DES_CBC_SHA, "FIPS-DES-CBC-SHA", SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1, SSLV3, SSL_LOW, 56, 56}, +#ifdef ENABLE_SERVER_DHE + {"dhe_rsa_3des_sha", TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "EDH-RSA-DES-CBC3-SHA", SSL_kEDH|SSL_aRSA|SSL_3DES|SSL_SHA1, TLSV1, SSL_HIGH, 112, 168}, + {"dhe_rsa_aes_128_sha", TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "DHE-RSA-AES128-SHA", SSL_kEDH|SSL_aRSA|SSL_AES128|SSL_SHA1, TLSV1, SSL_HIGH, 128, 128}, + {"dhe_rsa_aes_256_sha", TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "DHE-RSA-AES256-SHA", SSL_kEDH|SSL_aRSA|SSL_AES256|SSL_SHA1, TLSV1, SSL_HIGH, 256, 256}, + {"dhe_rsa_camellia_128_sha", TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "DHE-RSA-CAMELLIA128-SHA", SSL_kEDH|SSL_aRSA|SSL_CAMELLIA128|SSL_SHA1, TLSV1, SSL_HIGH, 128, 128}, + {"dhe_rsa_camellia_256_sha", TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "DHE-RSA-CAMELLIA256-SHA", SSL_kEDH|SSL_aRSA|SSL_CAMELLIA256|SSL_SHA1, TLSV1, SSL_HIGH, 256, 256}, + {"dhe_rsa_aes_128_sha256", TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "DHE-RSA-AES128-SHA256", SSL_kEDH|SSL_aRSA|SSL_AES128|SSL_SHA256, TLSV1_2, SSL_HIGH, 128, 128}, + {"dhe_rsa_aes_256_sha256", TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "DHE-RSA-AES256-SHA256", SSL_kEDH|SSL_aRSA|SSL_AES256|SSL_SHA256, TLSV1_2, SSL_HIGH, 256, 256}, +#ifdef ENABLE_GCM + {"dhe_rsa_aes_128_gcm_sha_256", TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "DHE-RSA-AES128-GCM-SHA256", SSL_kEDH|SSL_aRSA|SSL_AES128GCM|SSL_AEAD, TLSV1_2, SSL_HIGH, 128, 128}, +#endif +#ifdef ENABLE_SHA384 + {"dhe_rsa_aes_256_gcm_sha_384", TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "DHE-RSA-AES256-GCM-SHA384", SSL_kEDH|SSL_aRSA|SSL_AES256GCM|SSL_AEAD, TLSV1_2, SSL_HIGH, 256, 256}, +#endif +#endif /* ENABLE_SERVER_DHE */ #ifdef NSS_ENABLE_ECC {"ecdh_ecdsa_null_sha", TLS_ECDH_ECDSA_WITH_NULL_SHA, "ECDH-ECDSA-NULL-SHA", SSL_kECDHe|SSL_aECDH|SSL_eNULL|SSL_SHA1, TLSV1, SSL_STRONG_NONE, 0, 0}, {"ecdh_ecdsa_rc4_128_sha", TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "ECDH-ECDSA-RC4-SHA", SSL_kECDHe|SSL_aECDH|SSL_RC4|SSL_SHA1, TLSV1, SSL_MEDIUM, 128, 128}, @@ -289,7 +307,7 @@ static int parse_openssl_ciphers(server_rec *s, char *ciphers, PRBool cipher_lis } else if (!strcmp(cipher, "aRSA")) { mask |= SSL_aRSA; } else if (!strcmp(cipher, "EDH")) { - mask |= SSL_EDH; + mask |= SSL_kEDH; #if 0 } else if (!strcmp(cipher, "ADH")) { mask |= SSL_ADH; diff --git a/nss_engine_cipher.h b/nss_engine_cipher.h index 80aac0e..f76099f 100644 --- a/nss_engine_cipher.h +++ b/nss_engine_cipher.h @@ -53,6 +53,8 @@ typedef struct #define SSL_ECDH (SSL_kECDHe|SSL_kECDHr|SSL_kEECDH) #define SSL_EECDH (SSL_kEECDH) #define SSL_ADH (SSL_kEDH) +#define SSL_kDHE 0x00040000L +#define SSL_DHE (SSL_kDHE) /* cipher strength */ #define SSL_STRONG_NONE 0x00000001L diff --git a/nss_engine_init.c b/nss_engine_init.c index 4460f53..44b5b88 100644 --- a/nss_engine_init.c +++ b/nss_engine_init.c @@ -829,6 +829,17 @@ static void nss_init_ctx_protocol(server_rec *s, nss_log_nss_error(APLOG_MARK, APLOG_ERR, s); nss_die(); } +#ifdef ENABLE_SERVER_DHE + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, + "Enabling DHE key exchange"); + if (SSL_OptionSet(mctx->model, SSL_ENABLE_SERVER_DHE, + PR_TRUE) != SECSuccess) { + ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, + "Unable to enable DHE key exchange"); + nss_log_nss_error(APLOG_MARK, APLOG_ERR, s); + nss_die(); + } +#endif } static void nss_init_ctx_session_cache(server_rec *s, @@ -1043,6 +1054,10 @@ static void nss_init_ctx_cipher_suite(server_rec *s, /* Finally actually enable the selected ciphers */ for (i=0; imodel, ciphers_def[i].num, cipher_state[i] == 1 ? PR_TRUE : PR_FALSE); } } -- cgit