From: Howard Chu Date: Thu, 20 Aug 2020 14:07:55 +0000 (+0100) Subject: ITS#9054 Add support for multiple EECDH curves X-Git-Tag: OPENLDAP_REL_ENG_2_4_52~19 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aacec4c8109da45cc28becdf010cfdccfe564b57;p=thirdparty%2Fopenldap.git ITS#9054 Add support for multiple EECDH curves Requires OpenSSL 1.0.2 or newer --- diff --git a/doc/man/man3/ldap_get_option.3 b/doc/man/man3/ldap_get_option.3 index 47bddde84b..253fe57c76 100644 --- a/doc/man/man3/ldap_get_option.3 +++ b/doc/man/man3/ldap_get_option.3 @@ -711,7 +711,7 @@ and its contents need to be freed by the caller using Ignored by GnuTLS and Mozilla NSS. .TP .B LDAP_OPT_X_TLS_ECNAME -Gets/sets the name of the curve used for +Gets/sets the name of the curve(s) used for elliptic curve key exchanges. .BR invalue must be diff --git a/doc/man/man5/ldap.conf.5 b/doc/man/man5/ldap.conf.5 index 52e7df8dee..1cf78cd4ca 100644 --- a/doc/man/man5/ldap.conf.5 +++ b/doc/man/man5/ldap.conf.5 @@ -345,6 +345,12 @@ Use certutil \-L to list the certificates by name: certutil \-d /path/to/certdbdir \-L .fi .TP +.B TLS_ECNAME +Specify the name of the curve(s) to use for Elliptic curve Diffie-Hellman +ephemeral key exchange. This option is only used for OpenSSL. +This option is not used with GnuTLS; the curves may be +chosen in the GnuTLS ciphersuite specification. +.TP .B TLS_KEY Specifies the file that contains the private key that matches the certificate stored in the diff --git a/doc/man/man5/slapd-config.5 b/doc/man/man5/slapd-config.5 index 96f7946692..3a621b35cb 100644 --- a/doc/man/man5/slapd-config.5 +++ b/doc/man/man5/slapd-config.5 @@ -923,9 +923,9 @@ When using Mozilla NSS these parameters are always generated randomly so this directive is ignored. .TP .B olcTLSECName: -Specify the name of a curve to use for Elliptic curve Diffie-Hellman -ephemeral key exchange. This is required to enable ECDHE algorithms in -OpenSSL. This option is not used with GnuTLS; the curves may be +Specify the name of the curve(s) to use for Elliptic curve Diffie-Hellman +ephemeral key exchange. This option is only used for OpenSSL. +This option is not used with GnuTLS; the curves may be chosen in the GnuTLS ciphersuite specification. This option is also ignored for Mozilla NSS. .TP diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5 index ca89c4d778..585cd2cb76 100644 --- a/doc/man/man5/slapd.conf.5 +++ b/doc/man/man5/slapd.conf.5 @@ -1154,9 +1154,9 @@ When using Mozilla NSS these parameters are always generated randomly so this directive is ignored. .TP .B TLSECName -Specify the name of a curve to use for Elliptic curve Diffie-Hellman -ephemeral key exchange. This is required to enable ECDHE algorithms in -OpenSSL. This option is not used with GnuTLS; the curves may be +Specify the name of the curve(s) to use for Elliptic curve Diffie-Hellman +ephemeral key exchange. This option is only used for OpenSSL. +This option is not used with GnuTLS; the curves may be chosen in the GnuTLS ciphersuite specification. This option is also ignored for Mozilla NSS. .TP diff --git a/libraries/libldap/init.c b/libraries/libldap/init.c index 8067fd1c92..0ebfff5e02 100644 --- a/libraries/libldap/init.c +++ b/libraries/libldap/init.c @@ -130,6 +130,7 @@ static const struct ol_attribute { {0, ATTR_TLS, "TLS_RANDFILE", NULL, LDAP_OPT_X_TLS_RANDOM_FILE}, {0, ATTR_TLS, "TLS_CIPHER_SUITE", NULL, LDAP_OPT_X_TLS_CIPHER_SUITE}, {0, ATTR_TLS, "TLS_PROTOCOL_MIN", NULL, LDAP_OPT_X_TLS_PROTOCOL_MIN}, + {0, ATTR_TLS, "TLS_ECNAME", NULL, LDAP_OPT_X_TLS_ECNAME}, #ifdef HAVE_OPENSSL_CRL {0, ATTR_TLS, "TLS_CRLCHECK", NULL, LDAP_OPT_X_TLS_CRLCHECK}, diff --git a/libraries/libldap/tls2.c b/libraries/libldap/tls2.c index ebe5bf125d..dc5c7f124a 100644 --- a/libraries/libldap/tls2.c +++ b/libraries/libldap/tls2.c @@ -532,6 +532,7 @@ ldap_int_tls_config( LDAP *ld, int option, const char *arg ) case LDAP_OPT_X_TLS_RANDOM_FILE: case LDAP_OPT_X_TLS_CIPHER_SUITE: case LDAP_OPT_X_TLS_DHFILE: + case LDAP_OPT_X_TLS_ECNAME: case LDAP_OPT_X_TLS_CRLFILE: /* GnuTLS only */ return ldap_pvt_tls_set_option( ld, option, (void *) arg ); diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c index 4152cd9fd7..3295ebf5cf 100644 --- a/libraries/libldap/tls_o.c +++ b/libraries/libldap/tls_o.c @@ -407,34 +407,30 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server ) DH_free( dh ); } - if ( is_server && lo->ldo_tls_ecname ) { + if ( lo->ldo_tls_ecname ) { #ifdef OPENSSL_NO_EC Debug( LDAP_DEBUG_ANY, "TLS: Elliptic Curves not supported.\n", 0,0,0 ); return -1; #else - EC_KEY *ecdh; - - int nid = OBJ_sn2nid( lt->lt_ecname ); - if ( nid == NID_undef ) { + if ( SSL_CTX_set1_curves_list( ctx, lt->lt_ecname )) { Debug( LDAP_DEBUG_ANY, - "TLS: could not use EC name `%s'.\n", + "TLS: could not set EC name `%s'.\n", lo->ldo_tls_ecname,0,0); tlso_report_error(); return -1; } - ecdh = EC_KEY_new_by_curve_name( nid ); - if ( ecdh == NULL ) { + /* + * This is a NOP in OpenSSL 1.1.0 and later, where curves are always + * auto-negotiated. + */ +#if OPENSSL_VERSION_NUMBER < 0x10100000UL + if ( SSL_CTX_set_ecdh_auto( ctx, 1 ) <= 0 ) { Debug( LDAP_DEBUG_ANY, - "TLS: could not generate key for EC name `%s'.\n", - lo->ldo_tls_ecname,0,0); - tlso_report_error(); - return -1; + "TLS: could not enable automatic EC negotiation.\n", 0, 0, 0 ); } - SSL_CTX_set_tmp_ecdh( ctx, ecdh ); - SSL_CTX_set_options( ctx, SSL_OP_SINGLE_ECDH_USE ); - EC_KEY_free( ecdh ); #endif +#endif /* OPENSSL_NO_EC */ } if ( tlso_opt_trace ) {