From e8f4a800173e49cf7235faaf4c6df204f598df80 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Petr=20=C5=A0pa=C4=8Dek?= Date: Wed, 13 Jun 2018 17:54:56 +0200 Subject: [PATCH] daemon/tls: disable session resumption with shared secret for now There is no GnuTLS version which would make this safe. See https://gitlab.com/gnutls/gnutls/issues/477 --- daemon/README.rst | 3 ++- daemon/tls_session_ticket-srv.c | 10 ++++++---- tests/config/tls.test.lua | 5 +++-- 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/daemon/README.rst b/daemon/README.rst index 195191d23..1244b69b0 100644 --- a/daemon/README.rst +++ b/daemon/README.rst @@ -515,7 +515,8 @@ TLS server configuration .. warning:: **Setting the secret is probably too risky with TLS <= 1.2**. At this moment no GnuTLS stable release even supports TLS 1.3. - Therefore setting the secrets should be considered experimental for now. + Therefore setting the secrets should be considered experimental for now + and might not be available on your system. .. function:: net.tls_sticket_secret_file([string with path to a file containing pre-shared secret]) diff --git a/daemon/tls_session_ticket-srv.c b/daemon/tls_session_ticket-srv.c index f2e02881a..11a7e3196 100644 --- a/daemon/tls_session_ticket-srv.c +++ b/daemon/tls_session_ticket-srv.c @@ -37,10 +37,12 @@ #define SESSION_KEY_SIZE 64 /** Compile-time support for setting the secret. */ +/* This is not secure with TLS <= 1.2 but TLS 1.3 and secure configuration + * is not available in GnuTLS yet. See https://gitlab.com/gnutls/gnutls/issues/477 #ifndef TLS_SESSION_RESUMPTION_SYNC - /* Probably not much sense having it with gnutls < 3.6. */ - #define TLS_SESSION_RESUMPTION_SYNC (GNUTLS_VERSION_NUMBER >= 0x030600) + #define TLS_SESSION_RESUMPTION_SYNC (GNUTLS_VERSION_NUMBER >= 0x030603) #endif +*/ #if GNUTLS_VERSION_NUMBER < 0x030400 /* It's of little use anyway. We may get the secret through lua, @@ -48,7 +50,7 @@ #define gnutls_memset memset #endif -#if GNUTLS_VERSION_NUMBER >= 0x030407 +#ifdef GNUTLS_DIG_SHA3_512 #define TST_HASH GNUTLS_DIG_SHA3_512 #else #define TST_HASH abort() @@ -99,7 +101,7 @@ static tst_ctx_t * tst_key_create(const char *secret, size_t secret_len, uv_loop } #if !TLS_SESSION_RESUMPTION_SYNC if (secret_len) { - kr_log_error("[tls] session ticket: secrets not enabled (compile-time)\n"); + kr_log_error("[tls] session ticket: secrets were not enabled at compile-time (your GnuTLS version is not supported)\n"); return NULL; /* ENOTSUP */ } #endif diff --git a/tests/config/tls.test.lua b/tests/config/tls.test.lua index 96934df2e..d02d55f5a 100644 --- a/tests/config/tls.test.lua +++ b/tests/config/tls.test.lua @@ -1,8 +1,9 @@ local function test_session_config() ok(net.tls_sticket_secret(), 'net.tls_sticket_secret() to trigger key regeneration') - ok(net.tls_sticket_secret('0123456789ABCDEF0123456789ABCDEF'), - 'net.tls_sticket_secret with valid key') + -- There is no sufficiently new stable release of GnuTLS. + -- ok(net.tls_sticket_secret('0123456789ABCDEF0123456789ABCDEF'), + -- 'net.tls_sticket_secret with valid key') boom(net.tls_sticket_secret, {{}}, 'net.tls_sticket_secret({}) is invalid') boom(net.tls_sticket_secret, {'0123456789ABCDEF0123456789ABCDE'}, -- 2.47.2