From 31413d7e14c4bb6e451ce431ebff2b807d8f72f8 Mon Sep 17 00:00:00 2001 From: reyk Date: Fri, 16 Jan 2015 14:34:51 +0000 Subject: [PATCH] The SSL/TLS session Id context is limited to 32 bytes. Instead of using the name of relayd relay or smtpd pki, use a 32 byte arc4random buffer that should be unique for the context. This fixes an issue in OpenSMTPD when a long pki name could break the configuration. OK gilles@ benno@ --- lib/libtls/tls_server.c | 14 +++++++++++++- usr.sbin/relayd/relay.c | 13 +++++++++---- usr.sbin/smtpd/ssl.c | 13 +++++++++---- 3 files changed, 31 insertions(+), 9 deletions(-) diff --git a/lib/libtls/tls_server.c b/lib/libtls/tls_server.c index 001f19ded4d..514148bd936 100644 --- a/lib/libtls/tls_server.c +++ b/lib/libtls/tls_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_server.c,v 1.1 2014/10/31 13:46:17 jsing Exp $ */ +/* $OpenBSD: tls_server.c,v 1.2 2015/01/16 14:34:51 reyk Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -51,6 +51,7 @@ int tls_configure_server(struct tls *ctx) { EC_KEY *ecdh_key; + unsigned char sid[SSL_MAX_SSL_SESSION_ID_LENGTH]; if ((ctx->ssl_ctx = SSL_CTX_new(SSLv23_server_method())) == NULL) { tls_set_error(ctx, "ssl context failure"); @@ -75,6 +76,17 @@ tls_configure_server(struct tls *ctx) EC_KEY_free(ecdh_key); } + /* + * Set session ID context to a random value. We don't support + * persistent caching of sessions so it is OK to set a temporary + * session ID context that is valid during run time. + */ + arc4random_buf(sid, sizeof(sid)); + if (!SSL_CTX_set_session_id_context(ctx->ssl_ctx, sid, sizeof(sid))) { + tls_set_error(ctx, "failed to set session id context"); + goto err; + } + return (0); err: diff --git a/usr.sbin/relayd/relay.c b/usr.sbin/relayd/relay.c index bb0651948c4..894c26dc06a 100644 --- a/usr.sbin/relayd/relay.c +++ b/usr.sbin/relayd/relay.c @@ -1,4 +1,4 @@ -/* $OpenBSD: relay.c,v 1.184 2014/12/21 00:54:49 guenther Exp $ */ +/* $OpenBSD: relay.c,v 1.185 2015/01/16 14:34:51 reyk Exp $ */ /* * Copyright (c) 2006 - 2014 Reyk Floeter @@ -1986,6 +1986,7 @@ relay_tls_ctx_create(struct relay *rlay) struct protocol *proto = rlay->rl_proto; SSL_CTX *ctx; EC_KEY *ecdhkey; + u_int8_t sid[SSL_MAX_SID_CTX_LENGTH]; ctx = SSL_CTX_new(SSLv23_method()); if (ctx == NULL) @@ -2081,9 +2082,13 @@ relay_tls_ctx_create(struct relay *rlay) goto err; } - /* Set session context to the local relay name */ - if (!SSL_CTX_set_session_id_context(ctx, rlay->rl_conf.name, - strlen(rlay->rl_conf.name))) + /* + * Set session ID context to a random value. We don't support + * persistent caching of sessions so it is OK to set a temporary + * session ID context that is valid during run time. + */ + arc4random_buf(sid, sizeof(sid)); + if (!SSL_CTX_set_session_id_context(ctx, sid, sizeof(sid))) goto err; /* The text versions of the keys/certs are not needed anymore */ diff --git a/usr.sbin/smtpd/ssl.c b/usr.sbin/smtpd/ssl.c index 981f2b0c21c..156bfec0654 100644 --- a/usr.sbin/smtpd/ssl.c +++ b/usr.sbin/smtpd/ssl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.c,v 1.72 2014/10/16 09:40:46 gilles Exp $ */ +/* $OpenBSD: ssl.c,v 1.73 2015/01/16 14:34:51 reyk Exp $ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard @@ -69,12 +69,17 @@ ssl_setup(SSL_CTX **ctxp, struct pki *pki) { DH *dh; SSL_CTX *ctx; + u_int8_t sid[SSL_MAX_SID_CTX_LENGTH]; ctx = ssl_ctx_create(pki->pki_name, pki->pki_cert, pki->pki_cert_len); - if (!SSL_CTX_set_session_id_context(ctx, - (const unsigned char *)pki->pki_name, - strlen(pki->pki_name) + 1)) + /* + * Set session ID context to a random value. We don't support + * persistent caching of sessions so it is OK to set a temporary + * session ID context that is valid during run time. + */ + arc4random_buf(sid, sizeof(sid)); + if (!SSL_CTX_set_session_id_context(ctx, sid, sizeof(sid))) goto err; if (pki->pki_dhparams_len == 0) -- 2.20.1