On Mon, Apr 18, 2016 at 3:02 PM, Janusz Dziemidowicz
<rrapt...@nails.eu.org> wrote:
> 2016-04-15 16:50 GMT+02:00 David Martin <dmart...@gmail.com>:
>> I have tested the current patch with the HAProxy default, a list of curves,
>> a single curve and also an incorrect curve. All seem to behave correctly.
>> The conditional should only skip calling ecdh_auto() if curves_list()
>> returns 0 in which case HAProxy exits anyway.
>>
>> Maybe I'm missing something obvious, this has been a learning experience for
>> me.
>
> You are correct. I guess I shouldn't have been looking at patches
> during a break at a day work;)
> Seems ok for me now. Apart from the missing documentation changes;)
>
> --
> Janusz Dziemidowicz
Added doc changes :)
From f54632ab99e526ddb6d6acc26f6c1cb74b3c647d Mon Sep 17 00:00:00 2001
From: David Martin <dmart...@gmail.com>
Date: Mon, 18 Apr 2016 16:10:13 -0500
Subject: [PATCH] use SSL_CTX_set_ecdh_auto() for ecdh curve selection
Use SSL_CTX_set_ecdh_auto if the OpenSSL version supports it, this
allows the server to negotiate ECDH curves much like it does ciphers.
Prefered curves can be specified using the existing ecdhe bind options
(ecdhe secp384r1:prime256v1)
---
doc/configuration.txt | 6 ++++--
src/ssl_sock.c | 16 +++++++++++++++-
2 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/doc/configuration.txt b/doc/configuration.txt
index 6b80158..be1f06f 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -9625,8 +9625,10 @@ backlog <backlog>
ecdhe <named curve>
This setting is only available when support for OpenSSL was built in. It sets
- the named curve (RFC 4492) used to generate ECDH ephemeral keys. By default,
- used named curve is prime256v1.
+ the named curve (RFC 4492) used to generate ECDH ephemeral keys. OpenSSL
+ 1.0.2 and newer support a list of curves that are negotiated during SSL/TLS
+ handshake such as "prime256v1:secp384r1" (without quotes). By default, used
+ named curve is prime256v1.
ca-file <cafile>
This setting is only available when support for OpenSSL was built in. It
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 0d35c29..a5d9408 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -2756,7 +2756,20 @@ int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, SSL_CTX *ctx, struct proxy
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_cbk);
SSL_CTX_set_tlsext_servername_arg(ctx, bind_conf);
#endif
-#if defined(SSL_CTX_set_tmp_ecdh) && !defined(OPENSSL_NO_ECDH)
+#if !defined(OPENSSL_NO_ECDH)
+#if defined(SSL_CTX_set_ecdh_auto)
+ {
+ const char *ecdhe = (bind_conf->ecdhe ? bind_conf->ecdhe : ECDHE_DEFAULT_CURVE);
+ if (!SSL_CTX_set1_curves_list(ctx, ecdhe)) {
+ Alert("Proxy '%s': unable to set elliptic curve list to '%s' for bind '%s' at [%s:%d].\n",
+ curproxy->id, ecdhe, bind_conf->arg, bind_conf->file, bind_conf->line);
+ cfgerr++;
+ }
+ else {
+ SSL_CTX_set_ecdh_auto(ctx, 1);
+ }
+ }
+#elif defined(SSL_CTX_set_tmp_ecdh)
{
int i;
EC_KEY *ecdh;
@@ -2774,6 +2787,7 @@ int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, SSL_CTX *ctx, struct proxy
}
}
#endif
+#endif
return cfgerr;
}
--
1.9.1
