daemon/tls: disable session resumption with shared secret for now

There is no GnuTLS version which would make this safe.
See https://gitlab.com/gnutls/gnutls/issues/477

diff --git a/daemon/README.rst b/daemon/README.rst
index 195191d232e3812dd34e90a8e94c66b528953296..1244b69b0df5b1100155bf1bc7db7e32b7c6a251 100644 (file)
--- a/daemon/README.rst
+++ b/daemon/README.rst
@@ -515,7 +515,8 @@ TLS server configuration
 
    .. warning:: **Setting the secret is probably too risky with TLS <= 1.2**.
       At this moment no GnuTLS stable release even supports TLS 1.3.
-      Therefore setting the secrets should be considered experimental for now.
+      Therefore setting the secrets should be considered experimental for now
+      and might not be available on your system.
 
 .. function:: net.tls_sticket_secret_file([string with path to a file containing pre-shared secret])
 

diff --git a/daemon/tls_session_ticket-srv.c b/daemon/tls_session_ticket-srv.c
index f2e02881ab8991fd60ed7cf00918fab3999d561b..11a7e31964f13dae7483fd0dd5fa7e5f4ca677ee 100644 (file)
--- a/daemon/tls_session_ticket-srv.c
+++ b/daemon/tls_session_ticket-srv.c
@@ -37,10 +37,12 @@
 #define SESSION_KEY_SIZE 64
 
 /** Compile-time support for setting the secret. */
+/* This is not secure with TLS <= 1.2 but TLS 1.3 and secure configuration
+ * is not available in GnuTLS yet. See https://gitlab.com/gnutls/gnutls/issues/477
 #ifndef TLS_SESSION_RESUMPTION_SYNC
-       /* Probably not much sense having it with gnutls < 3.6. */
-       #define TLS_SESSION_RESUMPTION_SYNC (GNUTLS_VERSION_NUMBER >= 0x030600)
+       #define TLS_SESSION_RESUMPTION_SYNC (GNUTLS_VERSION_NUMBER >= 0x030603)
 #endif
+*/
 
 #if GNUTLS_VERSION_NUMBER < 0x030400
        /* It's of little use anyway.  We may get the secret through lua,
@@ -48,7 +50,7 @@
        #define gnutls_memset memset
 #endif
 
-#if GNUTLS_VERSION_NUMBER >= 0x030407
+#ifdef GNUTLS_DIG_SHA3_512
        #define TST_HASH GNUTLS_DIG_SHA3_512
 #else
        #define TST_HASH abort()
@@ -99,7 +101,7 @@ static tst_ctx_t * tst_key_create(const char *secret, size_t secret_len, uv_loop
        }
        #if !TLS_SESSION_RESUMPTION_SYNC
                if (secret_len) {
-                       kr_log_error("[tls] session ticket: secrets not enabled (compile-time)\n");
+                       kr_log_error("[tls] session ticket: secrets were not enabled at compile-time (your GnuTLS version is not supported)\n");
                        return NULL; /* ENOTSUP */
                }
        #endif

diff --git a/tests/config/tls.test.lua b/tests/config/tls.test.lua
index 96934df2e731fca3e0d04103e13cd6633a7a7645..d02d55f5adeada5ad54c32254b8dfeee3efbfa3c 100644 (file)
--- a/tests/config/tls.test.lua
+++ b/tests/config/tls.test.lua
@@ -1,8 +1,9 @@
 local function test_session_config()
        ok(net.tls_sticket_secret(),
           'net.tls_sticket_secret() to trigger key regeneration')
-       ok(net.tls_sticket_secret('0123456789ABCDEF0123456789ABCDEF'),
-          'net.tls_sticket_secret with valid key')
+       -- There is no sufficiently new stable release of GnuTLS.
+       -- ok(net.tls_sticket_secret('0123456789ABCDEF0123456789ABCDEF'),
+       --    'net.tls_sticket_secret with valid key')
        boom(net.tls_sticket_secret, {{}},
             'net.tls_sticket_secret({}) is invalid')
        boom(net.tls_sticket_secret, {'0123456789ABCDEF0123456789ABCDE'},