lib-ssl-iostream: Make DH parameters optional

Since a lot of connections use elliptic curve
Diffie-Hellman these days, make it possible to
use dovecot without providing Diffie-Hellman
parameters. This reduces setup cost as the
parameters do not need to be generated, which
can be a time consuming task.

diff --git a/src/lib-master/master-service-ssl-settings.c b/src/lib-master/master-service-ssl-settings.c
index 2bc59b0f4d66c14887afd5dcf0c540457189384a..4c3398703bffb191089d8e5c5bc093db6b86a249 100644 (file)
--- a/src/lib-master/master-service-ssl-settings.c
+++ b/src/lib-master/master-service-ssl-settings.c
@@ -112,10 +112,6 @@ master_service_ssl_settings_check(void *_set, pool_t pool ATTR_UNUSED,
                *error_r = "ssl enabled, but ssl_key not set";
                return FALSE;
        }
-       if (*set->ssl_dh == '\0') {
-               *error_r = "ssl enabled, but ssl_dh not set";
-               return FALSE;
-       }
 #endif
        if (set->ssl_verify_client_cert && *set->ssl_ca == '\0') {
                *error_r = "ssl_verify_client_cert set, but ssl_ca not";

diff --git a/src/lib-ssl-iostream/iostream-openssl-context.c b/src/lib-ssl-iostream/iostream-openssl-context.c
index 7cdc680d8187815f892c254c8dabd4d89bc828ab..a34c0fd96382a0178d7aa883429dea28b2ce38d8 100644 (file)
--- a/src/lib-ssl-iostream/iostream-openssl-context.c
+++ b/src/lib-ssl-iostream/iostream-openssl-context.c
@@ -47,17 +47,11 @@ static RSA *ssl_gen_rsa_key(SSL *ssl ATTR_UNUSED,
 }
 
 static DH *ssl_tmp_dh_callback(SSL *ssl ATTR_UNUSED,
-                              int is_export, int keylength)
+                              int is_export ATTR_UNUSED, int keylength ATTR_UNUSED)
 {
-       struct ssl_iostream *ssl_io;
-
-       ssl_io = SSL_get_ex_data(ssl, dovecot_ssl_extdata_index);
-       /* Well, I'm not exactly sure why the logic in here is this.
-          It's the same as in Postfix, so it can't be too wrong. */
-       if (is_export != 0 && keylength == 512 && ssl_io->ctx->dh_512 != NULL)
-               return ssl_io->ctx->dh_512;
-       else
-               return ssl_io->ctx->dh_default;
+       i_error("Diffie-Hellman key exchange requested, "
+               "but no DH parameters provided. Set ssh_dh=</path/to/dh.pem");
+       return NULL;
 }
 
 static int
@@ -168,7 +162,9 @@ ssl_iostream_ctx_use_dh(struct ssl_iostream_context *ctx,
 {
        DH *dh;
        int ret = 0;
-
+       if (*set->dh == '\0') {
+               return 0;
+       }
        if (openssl_iostream_load_dh(set, &dh, error_r) < 0)
                return -1;
        if (SSL_CTX_set_tmp_dh(ctx->ssl_ctx, dh) == 0) {
@@ -512,7 +508,7 @@ ssl_proxy_ctx_get_pkey_ec_curve_name(const struct ssl_iostream_settings *set,
 
 static int
 ssl_proxy_ctx_set_crypto_params(SSL_CTX *ssl_ctx,
-                               const struct ssl_iostream_settings *set ATTR_UNUSED,
+                               const struct ssl_iostream_settings *set,
                                const char **error_r ATTR_UNUSED)
 {
 #if defined(HAVE_ECDH) && !defined(SSL_CTX_set_ecdh_auto)
@@ -522,7 +518,8 @@ ssl_proxy_ctx_set_crypto_params(SSL_CTX *ssl_ctx,
 #endif
        if (SSL_CTX_need_tmp_RSA(ssl_ctx) != 0)
                SSL_CTX_set_tmp_rsa_callback(ssl_ctx, ssl_gen_rsa_key);
-       SSL_CTX_set_tmp_dh_callback(ssl_ctx, ssl_tmp_dh_callback);
+       if (set->dh == NULL || *set->dh == '\0')
+               SSL_CTX_set_tmp_dh_callback(ssl_ctx, ssl_tmp_dh_callback);
 #ifdef HAVE_ECDH
        /* In the non-recommended situation where ECDH cipher suites are being
           used instead of ECDHE, do not reuse the same ECDH key pair for