Set SSL_OP_LEGACY_SERVER_CONNECT when peeking at servers (#2354)

Our TLS Server Hello parser does not treat legacy servers specially, but
enabling legacy server support in OpenSSL allows OpenSSL to advance
enough in its Server Hello processing to provide our SslBump code with
the server certificate (that we then validate). Successful certificate
validation, in turn, may result in Squid splicing the connection, even
if OpenSSL detected other errors:

    noteNegotiationError: hold TLS write on FD 15 despite
    SQUID_TLS_ERR_CONNECT+TLS_LIB_ERR=2000068+TLS_IO_ERR=1

A spliced connection allows the TLS client to handle a legacy server the
way the client needs to handle it, without unwanted Squid meddling.

This is a Measurement Factory project.

diff --git a/CONTRIBUTORS b/CONTRIBUTORS
index 1a784cca955503ffc8f87e35ec7c4e6ae9a2a7a8..d6abfdf5cb5d51089e0d12d30263538206aca682 100644 (file)
--- a/CONTRIBUTORS
+++ b/CONTRIBUTORS
@@ -440,6 +440,7 @@ Thank you!
     Reinhard Sojka <reinhard.sojka@parlament.gv.at>
     Rene Geile <rene.geile@t-online.de>
     Reuben Farrelly <reuben@reub.net>
+    Ricardo Ferreira Ribeiro <garb12@pm.me>
     Richard Huveneers <Richard.Huveneers@hekkihek.hacom.nl>
     Richard Huveneers <richard@hekkihek.hacom.nl>
     Richard Sharpe

diff --git a/src/ssl/PeekingPeerConnector.cc b/src/ssl/PeekingPeerConnector.cc
index bb5c1394e7173d52edebb1908f97a213b2c13056..08e2dc86d730ee6f4f111ec071e7e4a298ad8ad3 100644 (file)
--- a/src/ssl/PeekingPeerConnector.cc
+++ b/src/ssl/PeekingPeerConnector.cc
@@ -18,6 +18,7 @@
 #include "security/ErrorDetail.h"
 #include "security/NegotiationHistory.h"
 #include "SquidConfig.h"
+#include "src/base/IoManip.h"
 #include "ssl/bio.h"
 #include "ssl/PeekingPeerConnector.h"
 #include "ssl/ServerBump.h"
@@ -196,6 +197,22 @@ Ssl::PeekingPeerConnector::initialize(Security::SessionPointer &serverSession)
             srvBio->setClientFeatures(details, cltBio->rBufData());
             srvBio->recordInput(true);
             srvBio->mode(csd->sslBumpMode);
+
+#if defined(SSL_OP_LEGACY_SERVER_CONNECT)
+            // While peeking, Squid is not generating any TLS bytes, but we are
+            // still being driven by OpenSSL negotiation logic. We enable as
+            // many features and workarounds as possible to reduce cases where
+            // OpenSSL refuses to accept a valid TLS server response. This code
+            // assumes that an admin should not expect a peeking Squid to
+            // automatically enforce a particular set of TLS conditions (e.g.,
+            // "no legacy TLS servers"). When that assumption is invalidated, we
+            // will need to add a configuration directive to set peeking TLS
+            // options.
+            if (csd->sslBumpMode == Ssl::bumpPeek && SSL_OP_LEGACY_SERVER_CONNECT) {
+                const auto adjustedOptions = SSL_set_options(serverSession.get(), SSL_OP_LEGACY_SERVER_CONNECT);
+                debugs(83, 5, "post-SSL_OP_LEGACY_SERVER_CONNECT options for session=" << serverSession << ": " << asHex(adjustedOptions));
+            }
+#endif
         } else {
             const bool redirected = request->flags.redirected && ::Config.onoff.redir_rewrites_host;
             const char *sniServer = (!hostName || redirected) ?