From: Jeff Trawick Date: Mon, 19 Aug 2013 18:07:32 +0000 (+0000) Subject: revert unintentional commit r1515537 X-Git-Tag: 2.2.26~26 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5e8071e88bc4ab2c2787c66339859aed8132cc75;p=thirdparty%2Fapache%2Fhttpd.git revert unintentional commit r1515537 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1515539 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index cbe1d10ccb9..05bba12d88c 100644 --- a/CHANGES +++ b/CHANGES @@ -5,10 +5,6 @@ Changes with Apache 2.2.26 causes security issues in most setups. (The so called "CRIME" attack). [Stefan Fritsch] - *) mod_ssl: enable support for ECC keys and ECDH ciphers. Tested against - OpenSSL 1.0.0b3. [Vipul Gupta vipul.gupta sun.com, Sander Temme, - Stefan Fritsch] - *) mod_ssl: Fix compilation error when OpenSSL does not contain support for SSLv2. Problem was introduced in 2.2.25. PR 55194. [Rainer Jung, Kaspar Brand] diff --git a/STATUS b/STATUS index dfb7356836c..f470a7e8f50 100644 --- a/STATUS +++ b/STATUS @@ -101,16 +101,16 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK: trunk: http://svn.apache.org/r1506714 +1: gstein, wrowe, rpluem +PATCHES PROPOSED TO BACKPORT FROM TRUNK: + [ New proposals should be added at the end of the list ] + * mod_ssl: Compare SNI hostname against Host header case-insensitively. PR: 49491 Trunk version of patch: http://svn.apache.org/r1082189 Backport version for 2.2.x of patch: Trunk version of patch works - +1: rpluem, trawick, covener - -PATCHES PROPOSED TO BACKPORT FROM TRUNK: - [ New proposals should be added at the end of the list ] + +1: rpluem, trawick * mod_ssl: Support ECC keys trunk patch: http://svn.apache.org/r834378 @@ -124,7 +124,15 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: http://svn.apache.org/r1308862 http://svn.apache.org/r1509875 2.2.x patch: http://people.apache.org/~sf/ECC-2.2-v2.diff - +1: sf, trawick + +1: sf + trawick: Is there any particular reason that the patch doesn't + define OPENSSL_NO_EC for older OpenSSL levels and use + that as the feature check, as is done in the 2.4.x + branch? I guess I can help out with that if it is just + a matter of labor. + sf: It does (in ssl_toolkit_compat.h where these things are in 2.2). + But v1 of the patch lacked one commit to properly use OPENSSL_NO_EC + everywhere. Fixed in v2. * mod_ssl config: Fix range check bug with SSLRenegBufferSize trunk patch: http://svn.apache.org/r954641 @@ -134,6 +142,14 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: 2.2.x patch: trunk patch to ssl_engine_config.c (above) applies with offset +1: trawick + * mod_ssl: compare SNI hostname to Host header case insensitively + + trunk patch: http://svn.apache.org/viewvc?rev=1082189&view=rev + 2.4.x patch: n/a, fixed before 2.4 branched. + 2.2.x patch: trunk works + +1 covener + + PATCHES/ISSUES THAT ARE STALLED * mod_cache: Realign the cache_quick_handler() to behave identically diff --git a/docs/conf/extra/httpd-ssl.conf.in b/docs/conf/extra/httpd-ssl.conf.in index ccd0770b03c..7172d8cb541 100644 --- a/docs/conf/extra/httpd-ssl.conf.in +++ b/docs/conf/extra/httpd-ssl.conf.in @@ -114,22 +114,16 @@ SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 # in mind that if you have both an RSA and a DSA certificate you # can configure both in parallel (to also allow the use of DSA # ciphers, etc.) -# Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt) -# require an ECC certificate which can also be configured in -# parallel. SSLCertificateFile "@exp_sysconfdir@/server.crt" #SSLCertificateFile "@exp_sysconfdir@/server-dsa.crt" -#SSLCertificateFile "@exp_sysconfdir@/server-ecc.crt" # Server Private Key: # If the key is not combined with the certificate, use this # directive to point at the key file. Keep in mind that if # you've both a RSA and a DSA private key you can configure # both in parallel (to also allow the use of DSA ciphers, etc.) -# ECC keys, when in use, can also be configured in parallel SSLCertificateKeyFile "@exp_sysconfdir@/server.key" #SSLCertificateKeyFile "@exp_sysconfdir@/server-dsa.key" -#SSLCertificateKeyFile "@exp_sysconfdir@/server-ecc.key" # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the diff --git a/docs/manual/mod/mod_ssl.xml b/docs/manual/mod/mod_ssl.xml index 600b6a2c4df..f4b00b7aaa3 100644 --- a/docs/manual/mod/mod_ssl.xml +++ b/docs/manual/mod/mod_ssl.xml @@ -188,12 +188,12 @@ query can be done in two ways which can be configured by Here an external program is configured which is called at startup for each encrypted Private Key file. It is called with two arguments (the first is of the form ``servername:portnumber'', the second is either - ``RSA'', ``DSA'', or ``ECC''), which - indicate for which server and algorithm it has to print the corresponding - Pass Phrase to stdout. The intent is that this external - program first runs security checks to make sure that the system is not - compromised by an attacker, and only when these checks were passed - successfully it provides the Pass Phrase.

+ ``RSA'' or ``DSA''), which indicate for which + server and algorithm it has to print the corresponding Pass Phrase to + stdout. The intent is that this external program first runs + security checks to make sure that the system is not compromised by an + attacker, and only when these checks were passed successfully it provides + the Pass Phrase.

Both these security checks, and the way the Pass Phrase is determined, can be as complex as you like. Mod_ssl just defines the interface: an @@ -761,7 +761,6 @@ SSLCipherSuite RSA:!EXP:!NULL:+HIGH:+MEDIUM:-LOW SSLCertificateFile file-path server config virtual host -ECC support is available in Apache 2.2.26 and later

@@ -769,8 +768,8 @@ This directive points to the PEM-encoded Certificate file for the server and optionally also to the corresponding RSA or DSA Private Key file for it (contained in the same file). If the contained Private Key is encrypted the Pass Phrase dialog is forced at startup time. This directive can be used up to -three times (referencing different filenames) when both a RSA, a DSA, and an -ECC based server certificate is used in parallel.

+two times (referencing different filenames) when both a RSA and a DSA based +server certificate is used in parallel.

Example SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt @@ -783,7 +782,6 @@ SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt SSLCertificateKeyFile file-path server config virtual host -ECC support is available in Apache 2.2.26 and later

@@ -796,8 +794,8 @@ contains both the Certificate and the Private Key this directive need not be used. But we strongly discourage this practice. Instead we recommend you to separate the Certificate and the Private Key. If the contained Private Key is encrypted, the Pass Phrase dialog is forced -at startup time. This directive can be used up to three times -(referencing different filenames) when both a RSA, a DSA, and an ECC based +at startup time. This directive can be used up to two times +(referencing different filenames) when both a RSA and a DSA based private key is used in parallel.

Example SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c index 19794f07de4..b9e3f939280 100644 --- a/modules/ssl/mod_ssl.c +++ b/modules/ssl/mod_ssl.c @@ -441,9 +441,6 @@ int ssl_init_ssl_connection(conn_rec *c) */ SSL_set_tmp_rsa_callback(ssl, ssl_callback_TmpRSA); SSL_set_tmp_dh_callback(ssl, ssl_callback_TmpDH); -#ifndef OPENSSL_NO_EC - SSL_set_tmp_ecdh_callback(ssl, ssl_callback_TmpECDH); -#endif SSL_set_verify_result(ssl, X509_V_OK); diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c index b201196ab3d..dcae945cf96 100644 --- a/modules/ssl/ssl_engine_init.c +++ b/modules/ssl/ssl_engine_init.c @@ -72,9 +72,6 @@ static void ssl_tmp_keys_free(server_rec *s) MODSSL_TMP_KEYS_FREE(mc, RSA); MODSSL_TMP_KEYS_FREE(mc, DH); -#ifndef OPENSSL_NO_EC - MODSSL_TMP_KEY_FREE(mc, EC_KEY, SSL_TMP_KEY_EC_256); -#endif } static int ssl_tmp_key_init_rsa(server_rec *s, @@ -136,40 +133,6 @@ static int ssl_tmp_key_init_dh(server_rec *s, return OK; } -#ifndef OPENSSL_NO_EC -static int ssl_tmp_key_init_ec(server_rec *s, - int bits, int idx) -{ - SSLModConfigRec *mc = myModConfig(s); - EC_KEY *ecdh = NULL; - - /* XXX: Are there any FIPS constraints we should enforce? */ - - if (bits != 256) { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, - "Init: Failed to generate temporary " - "%d bit EC parameters, only 256 bits supported", bits); - return !OK; - } - - if ((ecdh = EC_KEY_new()) == NULL || - EC_KEY_set_group(ecdh, EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)) != 1) - { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, - "Init: Failed to generate temporary " - "%d bit EC parameters", bits); - return !OK; - } - - mc->pTmpKeys[idx] = ecdh; - return OK; -} - -#define MODSSL_TMP_KEY_INIT_EC(s, bits) \ - ssl_tmp_key_init_ec(s, bits, SSL_TMP_KEY_EC_##bits) - -#endif - #define MODSSL_TMP_KEY_INIT_RSA(s, bits) \ ssl_tmp_key_init_rsa(s, bits, SSL_TMP_KEY_RSA_##bits) @@ -194,15 +157,6 @@ static int ssl_tmp_keys_init(server_rec *s) return !OK; } -#ifndef OPENSSL_NO_EC - ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, - "Init: Generating temporary EC parameters (256 bits)"); - - if (MODSSL_TMP_KEY_INIT_EC(s, 256)) { - return !OK; - } -#endif - return OK; } @@ -445,11 +399,7 @@ static void ssl_init_server_check(server_rec *s, * Check for problematic re-initializations */ if (mctx->pks->certs[SSL_AIDX_RSA] || - mctx->pks->certs[SSL_AIDX_DSA] -#ifndef OPENSSL_NO_EC - || mctx->pks->certs[SSL_AIDX_ECC] -#endif - ) + mctx->pks->certs[SSL_AIDX_DSA]) { ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, "Illegal attempt to re-initialise SSL for server " @@ -649,9 +599,6 @@ static void ssl_init_ctx_callbacks(server_rec *s, SSL_CTX_set_tmp_rsa_callback(ctx, ssl_callback_TmpRSA); SSL_CTX_set_tmp_dh_callback(ctx, ssl_callback_TmpDH); -#ifndef OPENSSL_NO_EC - SSL_CTX_set_tmp_ecdh_callback(ctx,ssl_callback_TmpECDH); -#endif SSL_CTX_set_info_callback(ctx, ssl_callback_Info); } @@ -919,16 +866,9 @@ static int ssl_server_import_key(server_rec *s, ssl_asn1_t *asn1; MODSSL_D2I_PrivateKey_CONST unsigned char *ptr; const char *type = ssl_asn1_keystr(idx); - int pkey_type; + int pkey_type = (idx == SSL_AIDX_RSA) ? EVP_PKEY_RSA : EVP_PKEY_DSA; EVP_PKEY *pkey; -#ifndef OPENSSL_NO_EC - if (idx == SSL_AIDX_ECC) - pkey_type = EVP_PKEY_EC; - else -#endif /* SSL_LIBRARY_VERSION */ - pkey_type = (idx == SSL_AIDX_RSA) ? EVP_PKEY_RSA : EVP_PKEY_DSA; - if (!(asn1 = ssl_asn1_table_get(mc->tPrivateKey, id))) { return FALSE; } @@ -1038,34 +978,20 @@ static void ssl_init_server_certs(server_rec *s, apr_pool_t *ptemp, modssl_ctx_t *mctx) { - const char *rsa_id, *dsa_id, *ecc_id; + const char *rsa_id, *dsa_id; const char *vhost_id = mctx->sc->vhost_id; int i; - int have_rsa, have_dsa, have_ecc; + int have_rsa, have_dsa; rsa_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_RSA); dsa_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_DSA); -#ifndef OPENSSL_NO_EC - ecc_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_ECC); -#endif have_rsa = ssl_server_import_cert(s, mctx, rsa_id, SSL_AIDX_RSA); have_dsa = ssl_server_import_cert(s, mctx, dsa_id, SSL_AIDX_DSA); -#ifndef OPENSSL_NO_EC - have_ecc = ssl_server_import_cert(s, mctx, ecc_id, SSL_AIDX_ECC); -#endif - if (!(have_rsa || have_dsa -#ifndef OPENSSL_NO_EC - || have_ecc -#endif -)) { + if (!(have_rsa || have_dsa)) { ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, -#ifndef OPENSSL_NO_EC - "Oops, no RSA, DSA or ECC server certificate found " -#else "Oops, no RSA or DSA server certificate found " -#endif "for '%s:%d'?!", s->server_hostname, s->port); ssl_die(); } @@ -1076,21 +1002,10 @@ static void ssl_init_server_certs(server_rec *s, have_rsa = ssl_server_import_key(s, mctx, rsa_id, SSL_AIDX_RSA); have_dsa = ssl_server_import_key(s, mctx, dsa_id, SSL_AIDX_DSA); -#if SSL_LIBRARY_VERSION >= 0x00908000 - have_ecc = ssl_server_import_key(s, mctx, ecc_id, SSL_AIDX_ECC); -#endif - if (!(have_rsa || have_dsa -#if SSL_LIBRARY_VERSION >= 0x00908000 - || have_ecc -#endif - )) { + if (!(have_rsa || have_dsa)) { ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, -#if SSL_LIBRARY_VERSION >= 0x00908000 - "Oops, no RSA, DSA or ECC server private key found?!"); -#else "Oops, no RSA or DSA server private key found?!"); -#endif ssl_die(); } } diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c index 6e7addec339..efe8c5a7526 100644 --- a/modules/ssl/ssl_engine_kernel.c +++ b/modules/ssl/ssl_engine_kernel.c @@ -1267,27 +1267,6 @@ DH *ssl_callback_TmpDH(SSL *ssl, int export, int keylen) return (DH *)mc->pTmpKeys[idx]; } -#ifndef OPENSSL_NO_EC -EC_KEY *ssl_callback_TmpECDH(SSL *ssl, int export, int keylen) -{ - conn_rec *c = (conn_rec *)SSL_get_app_data(ssl); - SSLModConfigRec *mc = myModConfigFromConn(c); - int idx; - - /* XXX Uses 256-bit key for now. TODO: support other sizes. */ - ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, - "handing out temporary 256 bit ECC key"); - - switch (keylen) { - case 256: - default: - idx = SSL_TMP_KEY_EC_256; - } - - return (EC_KEY *)mc->pTmpKeys[idx]; -} -#endif - /* * This OpenSSL callback function is called when OpenSSL * does client authentication and verifies the certificate chain. diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h index c617ccb5683..650043dfa9b 100644 --- a/modules/ssl/ssl_private.h +++ b/modules/ssl/ssl_private.h @@ -191,21 +191,11 @@ typedef int ssl_algo_t; #define SSL_ALGO_UNKNOWN (0) #define SSL_ALGO_RSA (1<<0) #define SSL_ALGO_DSA (1<<1) -#ifndef OPENSSL_NO_EC -#define SSL_ALGO_ECC (1<<2) -#define SSL_ALGO_ALL (SSL_ALGO_RSA|SSL_ALGO_DSA|SSL_ALGO_ECC) -#else #define SSL_ALGO_ALL (SSL_ALGO_RSA|SSL_ALGO_DSA) -#endif /* SSL_LIBRARY_VERSION */ #define SSL_AIDX_RSA (0) #define SSL_AIDX_DSA (1) -#ifndef OPENSSL_NO_EC -#define SSL_AIDX_ECC (2) -#define SSL_AIDX_MAX (3) -#else #define SSL_AIDX_MAX (2) -#endif /* SSL_LIBRARY_VERSION */ /** @@ -216,12 +206,7 @@ typedef int ssl_algo_t; #define SSL_TMP_KEY_RSA_1024 (1) #define SSL_TMP_KEY_DH_512 (2) #define SSL_TMP_KEY_DH_1024 (3) -#ifndef OPENSSL_NO_EC -#define SSL_TMP_KEY_EC_256 (4) -#define SSL_TMP_KEY_MAX (5) -#else #define SSL_TMP_KEY_MAX (4) -#endif /** * Define the SSL options @@ -640,9 +625,6 @@ void ssl_hook_ConfigTest(apr_pool_t *pconf, server_rec *s); /** OpenSSL callbacks */ RSA *ssl_callback_TmpRSA(SSL *, int, int); DH *ssl_callback_TmpDH(SSL *, int, int); -#ifndef OPENSSL_NO_EC -EC_KEY *ssl_callback_TmpECDH(SSL *, int, int); -#endif /* SSL_LIBRARY_VERSION */ int ssl_callback_SSLVerify(int, X509_STORE_CTX *); int ssl_callback_SSLVerify_CRL(int, X509_STORE_CTX *, conn_rec *); int ssl_callback_proxy_cert(SSL *ssl, MODSSL_CLIENT_CERT_CB_ARG_TYPE **x509, EVP_PKEY **pkey); diff --git a/modules/ssl/ssl_toolkit_compat.h b/modules/ssl/ssl_toolkit_compat.h index 6f49f30162b..bd57a17ae6f 100644 --- a/modules/ssl/ssl_toolkit_compat.h +++ b/modules/ssl/ssl_toolkit_compat.h @@ -38,12 +38,6 @@ #include #include #include - -/* ECC support came along in OpenSSL 1.0.0 */ -#if (OPENSSL_VERSION_NUMBER < 0x10000000) -#define OPENSSL_NO_EC -#endif - /** Avoid tripping over an engine build installed globally and detected * when the user points at an explicit non-engine flavor of OpenSSL */ diff --git a/modules/ssl/ssl_util.c b/modules/ssl/ssl_util.c index efac3105f91..e4387e6181f 100644 --- a/modules/ssl/ssl_util.c +++ b/modules/ssl/ssl_util.c @@ -150,11 +150,6 @@ ssl_algo_t ssl_util_algotypeof(X509 *pCert, EVP_PKEY *pKey) case EVP_PKEY_DSA: t = SSL_ALGO_DSA; break; -#ifndef OPENSSL_NO_EC - case EVP_PKEY_EC: - t = SSL_ALGO_ECC; - break; -#endif default: break; } @@ -179,11 +174,6 @@ char *ssl_util_algotypestr(ssl_algo_t t) case SSL_ALGO_DSA: cp = "DSA"; break; -#ifndef OPENSSL_NO_EC - case SSL_ALGO_ECC: - cp = "ECC"; - break; -#endif default: break; } @@ -255,11 +245,7 @@ void ssl_asn1_table_unset(apr_hash_t *table, apr_hash_set(table, key, klen, NULL); } -#ifndef OPENSSL_NO_EC -static const char *ssl_asn1_key_types[] = {"RSA", "DSA", "ECC"}; -#else static const char *ssl_asn1_key_types[] = {"RSA", "DSA"}; -#endif const char *ssl_asn1_keystr(int keytype) {