From: Sukhbir Singh Date: Tue, 22 Sep 2020 14:52:00 +0000 (-0400) Subject: dnsdist: prioritize ChaCha20-Poly1305 when client does X-Git-Tag: auth-4.4.0-alpha1~15^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F9510%2Fhead;p=thirdparty%2Fpdns.git dnsdist: prioritize ChaCha20-Poly1305 when client does The OpenSSL option SSL_OP_PRIORITIZE_CHACHA prioritizes ChaCha20-Poly1305 if the client does by temporarily re-prioritizing it to the top of the server cipher list. Since dnsdist already sets SSL_OP_CIPHER_SERVER_PREFERENCE by default (preferServerCiphers is set to true), setting this option enables clients that prefer ChaCha20 due to a lack of AES-NI (such as mobile devices) to override the server specified list. This option requires SSL_OP_CIPHER_SERVER_PREFERENCE to be set and was introduced in OpenSSL 1.1.1. Note that this change neither affects clients that prefer AES or other ciphers, nor dnsdist's default options, unless the client explicitly prioritizes ChaCha20. --- diff --git a/.github/actions/spell-check/expect.txt b/.github/actions/spell-check/expect.txt index af9ce8f5d6..67f36f2c9b 100644 --- a/.github/actions/spell-check/expect.txt +++ b/.github/actions/spell-check/expect.txt @@ -1506,6 +1506,7 @@ presignedness PRId primetime princ +prioritization privatekey privs PRNG diff --git a/pdns/dnsdistdist/docs/reference/config.rst b/pdns/dnsdistdist/docs/reference/config.rst index 73114563da..359c50877e 100644 --- a/pdns/dnsdistdist/docs/reference/config.rst +++ b/pdns/dnsdistdist/docs/reference/config.rst @@ -145,7 +145,7 @@ Listen Sockets * ``sessionTimeout``: int - Set the TLS session lifetime in seconds, this is used both for TLS ticket lifetime and for sessions kept in memory. * ``sessionTickets``: bool - Whether session resumption via session tickets is enabled. Default is true, meaning tickets are enabled. * ``numberOfStoredSessions``: int - The maximum number of sessions kept in memory at the same time. Default is 20480. Setting this value to 0 disables stored session entirely. - * ``preferServerCiphers``: bool - Whether to prefer the order of ciphers set by the server instead of the one set by the client. Default is true, meaning that the order of the server is used. + * ``preferServerCiphers``: bool - Whether to prefer the order of ciphers set by the server instead of the one set by the client. Default is true, meaning that the order of the server is used. For OpenSSL >= 1.1.1, setting this option also enables the temporary re-prioritization of the ChaCha20-Poly1305 cipher if the client prioritizes it. * ``keyLogFile``: str - Write the TLS keys in the specified file so that an external program can decrypt TLS exchanges, in the format described in https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format. Note that this feature requires OpenSSL >= 1.1.1. * ``sendCacheControlHeaders``: bool - Whether to parse the response to find the lowest TTL and set a HTTP Cache-Control header accordingly. Default is true. * ``trustForwardedForHeader``: bool - Whether to parse any existing X-Forwarded-For header in the HTTP query and use the right-most value as the client source address and port, for ACL checks, rules, logging and so on. Default is false. @@ -190,7 +190,7 @@ Listen Sockets * ``numberOfStoredSessions``: int - The maximum number of sessions kept in memory at the same time. At this time this is only supported by the OpenSSL provider, as stored sessions are not supported with the GnuTLS one. Default is 20480. Setting this value to 0 disables stored session entirely. * ``ocspResponses``: list - List of files containing OCSP responses, in the same order than the certificates and keys, that will be used to provide OCSP stapling responses. * ``minTLSVersion``: str - Minimum version of the TLS protocol to support. Possible values are 'tls1.0', 'tls1.1', 'tls1.2' and 'tls1.3'. Default is to require at least TLS 1.0. Note that this value is ignored when the GnuTLS provider is in use, and the ``ciphers`` option should be set accordingly instead. For example, 'NORMAL:!VERS-TLS1.0:!VERS-TLS1.1' will disable TLS 1.0 and 1.1. - * ``preferServerCiphers``: bool - Whether to prefer the order of ciphers set by the server instead of the one set by the client. Default is true, meaning that the order of the server is used. + * ``preferServerCiphers``: bool - Whether to prefer the order of ciphers set by the server instead of the one set by the client. Default is true, meaning that the order of the server is used. For OpenSSL >= 1.1.1, setting this option also enables the temporary re-prioritization of the ChaCha20-Poly1305 cipher if the client prioritizes it. * ``keyLogFile``: str - Write the TLS keys in the specified file so that an external program can decrypt TLS exchanges, in the format described in https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format. Note that this feature requires OpenSSL >= 1.1.1. * ``tcpListenQueueSize=SOMAXCONN``: int - Set the size of the listen queue. Default is ``SOMAXCONN``. diff --git a/pdns/dnsdistdist/libssl.cc b/pdns/dnsdistdist/libssl.cc index fa58e39eec..26647cddc5 100644 --- a/pdns/dnsdistdist/libssl.cc +++ b/pdns/dnsdistdist/libssl.cc @@ -661,6 +661,9 @@ std::unique_ptr libssl_init_server_context(const TLS if (config.d_preferServerCiphers) { sslOptions |= SSL_OP_CIPHER_SERVER_PREFERENCE; +#ifdef SSL_OP_PRIORITIZE_CHACHA + sslOptions |= SSL_OP_PRIORITIZE_CHACHA; +#endif /* SSL_OP_PRIORITIZE_CHACHA */ } SSL_CTX_set_options(ctx.get(), sslOptions);