The SSL/TLS session Id context is limited to 32 bytes. Instead of

using the name of relayd relay or smtpd pki, use a 32 byte arc4random
buffer that should be unique for the context.  This fixes an issue in
OpenSMTPD when a long pki name could break the configuration.

OK gilles@ benno@

diff --git a/lib/libtls/tls_server.c b/lib/libtls/tls_server.c
index 001f19d..514148b 100644 (file)
--- a/lib/libtls/tls_server.c
+++ b/lib/libtls/tls_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_server.c,v 1.1 2014/10/31 13:46:17 jsing Exp $ */
+/* $OpenBSD: tls_server.c,v 1.2 2015/01/16 14:34:51 reyk Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -51,6 +51,7 @@ int
 tls_configure_server(struct tls *ctx)
 {
        EC_KEY *ecdh_key;
+       unsigned char sid[SSL_MAX_SSL_SESSION_ID_LENGTH];
 
        if ((ctx->ssl_ctx = SSL_CTX_new(SSLv23_server_method())) == NULL) {
                tls_set_error(ctx, "ssl context failure");
@@ -75,6 +76,17 @@ tls_configure_server(struct tls *ctx)
                EC_KEY_free(ecdh_key);
        }
 
+       /*
+        * Set session ID context to a random value.  We don't support
+        * persistent caching of sessions so it is OK to set a temporary
+        * session ID context that is valid during run time.
+        */
+       arc4random_buf(sid, sizeof(sid));
+       if (!SSL_CTX_set_session_id_context(ctx->ssl_ctx, sid, sizeof(sid))) {
+               tls_set_error(ctx, "failed to set session id context");
+               goto err;
+       }
+
        return (0);
 
 err:

diff --git a/usr.sbin/relayd/relay.c b/usr.sbin/relayd/relay.c
index bb06519..894c26d 100644 (file)
--- a/usr.sbin/relayd/relay.c
+++ b/usr.sbin/relayd/relay.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: relay.c,v 1.184 2014/12/21 00:54:49 guenther Exp $    */
+/*     $OpenBSD: relay.c,v 1.185 2015/01/16 14:34:51 reyk Exp $        */
 
 /*
  * Copyright (c) 2006 - 2014 Reyk Floeter <reyk@openbsd.org>
@@ -1986,6 +1986,7 @@ relay_tls_ctx_create(struct relay *rlay)
        struct protocol *proto = rlay->rl_proto;
        SSL_CTX         *ctx;
        EC_KEY          *ecdhkey;
+       u_int8_t         sid[SSL_MAX_SID_CTX_LENGTH];
 
        ctx = SSL_CTX_new(SSLv23_method());
        if (ctx == NULL)
@@ -2081,9 +2082,13 @@ relay_tls_ctx_create(struct relay *rlay)
                        goto err;
        }
 
-       /* Set session context to the local relay name */
-       if (!SSL_CTX_set_session_id_context(ctx, rlay->rl_conf.name,
-           strlen(rlay->rl_conf.name)))
+       /*
+        * Set session ID context to a random value.  We don't support
+        * persistent caching of sessions so it is OK to set a temporary
+        * session ID context that is valid during run time.
+        */
+       arc4random_buf(sid, sizeof(sid));
+       if (!SSL_CTX_set_session_id_context(ctx, sid, sizeof(sid)))
                goto err;
 
        /* The text versions of the keys/certs are not needed anymore */

diff --git a/usr.sbin/smtpd/ssl.c b/usr.sbin/smtpd/ssl.c
index 981f2b0..156bfec 100644 (file)
--- a/usr.sbin/smtpd/ssl.c
+++ b/usr.sbin/smtpd/ssl.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ssl.c,v 1.72 2014/10/16 09:40:46 gilles Exp $ */
+/*     $OpenBSD: ssl.c,v 1.73 2015/01/16 14:34:51 reyk Exp $   */
 
 /*
  * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
@@ -69,12 +69,17 @@ ssl_setup(SSL_CTX **ctxp, struct pki *pki)
 {
        DH      *dh;
        SSL_CTX *ctx;
+       u_int8_t sid[SSL_MAX_SID_CTX_LENGTH];
 
        ctx = ssl_ctx_create(pki->pki_name, pki->pki_cert, pki->pki_cert_len);
 
-       if (!SSL_CTX_set_session_id_context(ctx,
-               (const unsigned char *)pki->pki_name,
-               strlen(pki->pki_name) + 1))
+       /*
+        * Set session ID context to a random value.  We don't support
+        * persistent caching of sessions so it is OK to set a temporary
+        * session ID context that is valid during run time.
+        */
+       arc4random_buf(sid, sizeof(sid));
+       if (!SSL_CTX_set_session_id_context(ctx, sid, sizeof(sid)))
                goto err;
 
        if (pki->pki_dhparams_len == 0)